From 1f11596349caf678a3fa09dbfcd9406d60936426 Mon Sep 17 00:00:00 2001 From: Jarl Stefansson Date: Mon, 28 Jul 2014 18:41:38 -0400 Subject: [PATCH 1/2] Validate user paswwords per run --- .../provider/rabbitmq_user/rabbitmqctl.rb | 18 ++++++++++++++++++ lib/puppet/type/rabbitmq_user.rb | 11 ++++++++--- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb index f6bb74b05..00a9e0d08 100644 --- a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb @@ -32,6 +32,24 @@ def create end end + def change_password + rabbitmqctl('change_password', resource[:name], resource[:password]) + end + + def password + nil + end + + + def check_password + responce = rabbitmqctl('eval', 'rabbit_auth_backend_internal:check_user_login(<<"' + resource[:name] + '">>, [{password, <<"' + resource[:password] +'">>}]).') + if responce.include? 'invalid credentials' + false + else + true + end + end + def destroy rabbitmqctl('delete_user', resource[:name]) end diff --git a/lib/puppet/type/rabbitmq_user.rb b/lib/puppet/type/rabbitmq_user.rb index be5219d5c..aae762333 100644 --- a/lib/puppet/type/rabbitmq_user.rb +++ b/lib/puppet/type/rabbitmq_user.rb @@ -18,9 +18,14 @@ newvalues(/^\S+$/) end - # newproperty(:password) do - newparam(:password) do - desc 'User password to be set *on creation*' + newproperty(:password) do + desc 'User password to be set *on creation* and validated each run' + def insync?(is) + provider.check_password + end + def set(value) + provider.change_password + end end newproperty(:admin) do From ecd41201b51460a1c9f818412795cac43776f470 Mon Sep 17 00:00:00 2001 From: Colleen Murphy Date: Mon, 15 Dec 2014 11:02:08 -0800 Subject: [PATCH 2/2] Fixes for #218 This commit hides the password when it is changed and fixes a misspelled variable. --- lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb | 4 ++-- lib/puppet/type/rabbitmq_user.rb | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb index 00a9e0d08..8a8e9f41c 100644 --- a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb @@ -42,8 +42,8 @@ def password def check_password - responce = rabbitmqctl('eval', 'rabbit_auth_backend_internal:check_user_login(<<"' + resource[:name] + '">>, [{password, <<"' + resource[:password] +'">>}]).') - if responce.include? 'invalid credentials' + response = rabbitmqctl('eval', 'rabbit_auth_backend_internal:check_user_login(<<"' + resource[:name] + '">>, [{password, <<"' + resource[:password] +'">>}]).') + if response.include? 'invalid credentials' false else true diff --git a/lib/puppet/type/rabbitmq_user.rb b/lib/puppet/type/rabbitmq_user.rb index aae762333..66eef92c2 100644 --- a/lib/puppet/type/rabbitmq_user.rb +++ b/lib/puppet/type/rabbitmq_user.rb @@ -26,6 +26,9 @@ def insync?(is) def set(value) provider.change_password end + def change_to_s(current, desired) + "password has been changed" + end end newproperty(:admin) do