Commit graph

72 commits

Author SHA1 Message Date
Clinton Wolfe
1552dc0210 Merge branch 'cw/use-deprecation-everywhere-3-port' of github.com:inspec/inspec into cw/use-deprecation-everywhere-4-port 2019-04-16 17:42:45 -04:00
Jerry Aldrich
40031a9b83 Use deprecation facility throughout code
This converts all current deprecation warnings/TODOs to use the
`Inspec.deprecate()` deprecation facility.

This also modifies `Inspec.deprecate()` to only require 1 argument.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2019-04-11 19:15:01 -04:00
Aaron Lippold
1e9f8fd018 Merge branch 'master' of https://github.com/inspec/inspec into al-mitre/more-permissive-than
Signed-off-by: Aaron Lippold <lippold@gmail.com>
2019-03-28 15:50:16 -04:00
Aaron Lippold
e312b44563 Addressing review items.
Signed-off-by: Aaron Lippold <lippold@gmail.com>
2019-03-27 09:55:48 -04:00
Lynn Frank
2857d07151 Fixes resource examples
The opening and closing mechanic varied between all the various
resources. This changes them all to use a HEREDOC with a tilde
to remove leading whitespace. This removes the need for the
special method to trim the `#print_example` method from shell.

Signed-off-by: Franklin Webber <franklin.webber@gmail.com>
2019-03-19 11:25:41 -05:00
Aaron Lippold
a2a86860d6 This adds the more_permissive_than?(mode) matcher to the file resource.
Fixes #3893

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2019-03-18 18:10:13 -04:00
Colin Hebert
7deed13425 Add support for shallow link paths (#3168)
* Add support for shallow link paths
* Improve documentation of the

Signed-off-by: Colin Hebert <hebert.colin@gmail.com>
2018-06-26 07:47:00 -04:00
Miah Johnson
7b23fa479c Add correct supports platform to resources. (#2674)
* Add correct `supports platform` to resources.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Remove 'os_family' and update platforms to specify what they did.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add esx and cisco to generic resources.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-19 15:26:49 +01:00
David Alexander
3fd310a505 Adds Synchronize permission to windows ACL stuff (#2399)
Obvious fix

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2017-12-22 14:58:19 +01:00
David Alexander
71b90f1b22 file resource: fix NilClass error when using advanced windows permissions (#2344)
* Fixes #2343 (Windows file permissions regression)

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Updates docs with missing info on `be_allowed()` matcher

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2017-11-28 09:18:49 +01:00
David Alexander
6ed4068fd1 Extend Windows ACL matchers (#1744)
* Adds alias for 'ListDirectory' permission

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Works with Ruby array of permissions as long as possible

Converts to PowerShell array just before use.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Abstracts user-provided permissions to router method

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds FullControl as a specifiable permission

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds specific permission 'modify'

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Fixes #1743

Limits Windows' broad "read" permission to if it can read all of the
above, instead of just the first:

- File contents
- File attributes
- File extended attributes
- File permissions

This better aligns with how Windows names the permissions.

  'read' -> Read instead of 'read' -> ReadData

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* 'Execute' Windows ACL has alias of 'Traverse'

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds 'Delete' permission

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds `should allow('perm').by_user('me')` matcher

Provides hooks for later use with Windows ACL matching

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds remaining Windows ACL hooks

Skips ReadAndExecute on intentionally since it just aliases the combo of
2 permissions into one new one.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* [Rubocop] Reduces ABC / Cyclomatic complexity

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Reduces global scope with `allows()` -> `be_allowed()`

RSpec inferred matchers work nicely here. This changes the `by_user()`
and `by()` chained matchers to just be an options hash on the underlying
`allowed?()` method.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Fixes integration tests with rename `allows()` -> `be_allowed()`

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2017-10-17 15:01:51 +02:00
Clinton Wolfe
f284962450 File Resource: add be_setgid, be_setuid, be_sticky matchers (#2104)
* Provisioner script to setup resource tests for setgid/setuid/sticky bit tests.  This appears to be the correct mechanism per docker_run, but I don't see any other provisioner scripts, so I suspect there is a different Chef-internal mechanism at play here.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* TDD Red for setgid/setuid/sticky File matchers

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add documentation for file resource sgid, sticky, and suid matchers

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add matchers to File for setgid, setuid, and sticky by aliasing existing predicates; TDD green

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rubocop prefers alias to alias_method.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Lint before pushing, of course

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Correct spelling of setgid and setuid matchers in docs

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add be_setgid, be_setuid, be_sticky matcher integration tests for File.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Revert "Provisioner script to setup resource tests for setgid/setuid/sticky bit tests.  This appears to be the correct mechanism per docker_run, but I don't see any other provisioner scripts, so I suspect there is a different Chef-internal mechanism at play here."

This reverts commit 42e672f3b1.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Revert "TDD Red for setgid/setuid/sticky File matchers"

This reverts commit a4f891fc7e.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2017-09-03 20:43:13 +02:00
Adam Leff
a6582bea9b Remove any "All Rights Reserved" references (#1969)
* Remove any "All Rights Reserved" references

InSpec is licensed and released under the Apache 2.0 license. This
change removes all reference to legacy code files that still had
any Copyright or License lines referring to "All Rights Reserved".

Signed-off-by: Adam Leff <adam@leff.co>

* fix functional tests

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-06-28 04:14:19 -07:00
Joseph Benden
1fdecc6680 Add FreeBSD support for ZFS datasets and pools
The following new resources have been added; however, they
presently only support FreeBSD and similar.

* `zfs_dataset`: tests if a named ZFS dataset is present
  and/or has certain properties.
* `zfs_pool`: tests if a named ZFS pool is present and/or
  has certain properties.

Additionally, the `mount` resource has been reworked to
include support for FreeBSD; while the existing class
was renamed to LinuxMountParser.

Unit-tests were added for all of the above.

Signed-off-by: Joseph Benden <joe@benden.us>
2017-02-22 10:29:49 -07:00
Tom Duffield
1ea83f526c Address rubocop violations
Signed-off-by: Tom Duffield <tom@chef.io>
2017-02-08 16:49:16 -06:00
Christoph Hartmann
0eb9de0089 fix file permission check by mask
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-03 12:46:48 +01:00
Jeremy J. Miller
0a042eb360 added 'by_user' example to resource
Signed-off-by: Jeremy J. Miller <jm@chef.io>
2016-10-26 15:57:30 +02:00
Jeremy J. Miller
3db0deefb1 putting quotes around path in PS command
Signed-off-by: Jeremy J. Miller <jm@chef.io>
2016-10-26 15:57:30 +02:00
Jeremy J. Miller
fe18e3090d implementing changes requested in review
Signed-off-by: Jeremy J. Miller <jm@chef.io>
2016-10-26 15:57:30 +02:00
Jeremy J. Miller
1288f90247 changing module name
Signed-off-by: Jeremy J. Miller <jm@chef.io>
2016-10-26 15:57:30 +02:00
Jeremy J. Miller
5cd9cec0c0 adding by_user permissions support for windows
Signed-off-by: Jeremy J. Miller <jm@chef.io>
2016-10-26 15:57:30 +02:00
Dominik Richter
68cf88f701 add suid sgid and sticky support for file resource 2016-07-10 23:08:42 +02:00
Alex Pop
56d856531b support basename parameter and add tests 2016-04-29 13:40:32 -04:00
Dominik Richter
83b4dfbf4d use the source_path instead of path for file internal reporting 2016-04-28 20:11:21 -04:00
Dominik Richter
3e8974d243 update to new train interface 2016-04-28 19:55:34 -04:00
Alex Pop
3ab53e940d make file resource follow links and provide method to get to the original link object 2016-04-28 19:55:34 -04:00
Anirudh Gupta
1330e09df5 added file permission by user check for hp-ux 2016-04-26 14:53:28 +05:30
Alex Pop
9f156bb36b update file resource example to use cmd matcher for better failure output in octal 2016-04-20 11:57:34 -04:00
Dominik Richter
419b6a087c add file uid and gid accessors 2016-03-31 02:23:30 +02:00
Dominik Richter
387415859e rename internal File -> FileResource 2016-03-09 10:48:48 +01:00
Dominik Richter
c7312be8ec force encoding to utf-8 2016-02-22 05:18:41 +01:00
Dominik Richter
34bc94d13f mock resource operating systems for tests 2016-01-29 21:55:08 +01:00
Dominik Richter
4c1b6f7509 remove os check exposure in file resource 2016-01-29 21:55:08 +01:00
Christoph Hartmann
a5f526b368 use freebsd file permission checks for solaris 2016-01-28 18:30:38 +01:00
Jeremy W. Chalfant
2fc8ba1b83 fix lint complaint 2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
adbc5b8ef4 sanity check and AIX tests 2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
420aef7cb9 fix lint complaint 2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
f31a9f35b5 sanity check and AIX tests 2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
2aceba417c fix lint complaint 2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
55d7faec8a sanity check and AIX tests 2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
3a90ea3a74 fix lint complaint 2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
aef7f6de39 sanity check and AIX tests 2016-01-14 23:00:10 -05:00
Dominik Richter
26c0cd0871 lint 2016-01-03 09:49:40 +01:00
Christoph Hartmann
e1d7d30919 add deprecation warning for serverspec users 2016-01-03 00:03:24 +01:00
Christoph Hartmann
9930773f37 restrict mount functionality to linux 2016-01-03 00:03:24 +01:00
Christoph Hartmann
772df929f6 implement be_mounted.with for file resources 2016-01-03 00:03:24 +01:00
Adam Leff
c146a76679 File permission checks should return false unless file exists
Currently, #readable?, #writeable?, and #executable? will incorrectly
return true if the file does not exist.

In addition, I took the opportunity to refactor the File resource to
make it easier to write unit tests and supplied a full unit test
suite for this resource.
2015-12-08 19:57:34 +01:00
Christoph Hartmann
766fe47b87 add inline documentation 2015-12-01 10:56:47 +01:00
Christoph Hartmann
9d32bc7f81 improvement: fail properly if os is not supported 2015-11-02 22:58:20 +00:00
Dominik Richter
b58a4b3f43 rename vulcanosec -> inspec 2015-10-26 12:34:15 +01:00