mirror of
https://github.com/inspec/inspec
synced 2024-12-23 03:23:27 +00:00
224935e9cf
* Created pg_hba_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Created pg_hba_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Corrections * updated to parse auth-options Signed-off-by: Aaron Lippold <lippold@gmail.com> * updated `conf_path` instance var to `conf_file` for consistancy. Signed-off-by: Aaron Lippold <lippold@gmail.com> * pg_hba_conf - updated the parse_line method added test and doc files Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated few bugs on pg_hba_conf updated test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Made updates based on the reccomendations Signed-off-by: Rony Xavier <rx294@nyu.edu> * PR commit Signed-off-by: Rony Xavier <rx294@nyu.edu> * PR Commit Signed-off-by: Rony Xavier <rx294@nyu.edu> * Update Gemfile.lock * PR Commit Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated doc file for postgres_hba_conf resource to use 'cmp' matcher instead of 'eq' Signed-off-by: Rony Xavier <rx294@nyu.edu> * Made requested changes, except for SimpleConfig - will address that later. Signed-off-by: Aaron Lippold <lippold@gmail.com>
42 lines
2 KiB
Ruby
42 lines
2 KiB
Ruby
# encoding: utf-8
|
|
# copyright: 2017
|
|
# author: Aaron Lippold, lippold@gmail.com
|
|
# author: Rony Xavier, rx294@nyu.edu
|
|
|
|
require 'helper'
|
|
require 'inspec/resource'
|
|
|
|
describe 'Inspec::Resources::PGHbaConf' do
|
|
describe 'PGHbaConf Paramaters' do
|
|
resource = load_resource('postgres_hba_conf', '/test/path/to/postgres/pg_hba.conf')
|
|
|
|
it 'Verify postgres_hba_conf filtering by `type`' do
|
|
entries = resource.where { type == 'local' }
|
|
_(entries.database).must_include 'all'
|
|
_(entries.auth_method).must_equal ['peer']
|
|
end
|
|
it 'Verify postgres_hba_conf filtering by `database`' do
|
|
entries = resource.where { database == 'acme_test' }
|
|
_(entries.type).must_include 'host'
|
|
_(entries.user).must_include 'all'
|
|
end
|
|
it 'Verify postgres_hba_conf filtering by `auth_method`' do
|
|
entries = resource.where { auth_method == 'cert' }
|
|
_(entries.type).must_include 'hostssl'
|
|
_(entries.database).must_include 'acme_test'
|
|
end
|
|
it 'Verify postgres_hba_conf attributes' do
|
|
_(resource.auth_method).must_include 'cert'
|
|
_(resource.database).must_include 'acme_test'
|
|
_(resource.type).must_include 'hostssl'
|
|
end
|
|
it 'parses the pg_hba.conf file correctly' do
|
|
_(resource.type).must_equal ["local", "host", "host", "host", "host", "hostssl", "hostssl", "hostssl", "hostssl"]
|
|
_(resource.database).must_equal ["all", "acme_test_db", "acme_test_db", "acme_test", "acme_test", "acme_test_db", "acme_test_db", "acme_test", "acme_test"]
|
|
_(resource.user).must_equal ["all", "all", "all", "all", "all", "all", "all", "all", "all"]
|
|
_(resource.address).must_equal ["", "::1/0", "127.0.0.1/0", "::1/0", "127.0.0.1/0", "::/0", "0.0.0.0/0", "::/0", "0.0.0.0/0"]
|
|
_(resource.auth_method).must_equal ["peer", "md5", "md5", "md5", "md5", "cert", "cert", "cert", "cert"]
|
|
_(resource.auth_params).must_equal ["", "", "", "", "", "clientcert=1 map=ssl-test", "clientcert=1 map=ssl-test", "clientcert=1 map=ssl-test", "clientcert=1 map=ssl-test"]
|
|
end
|
|
end
|
|
end
|