From 1f11596349caf678a3fa09dbfcd9406d60936426 Mon Sep 17 00:00:00 2001
From: Jarl Stefansson <jarl.stefansson@gmail.com>
Date: Mon, 28 Jul 2014 18:41:38 -0400
Subject: [PATCH] Validate user paswwords per run

---
 .../provider/rabbitmq_user/rabbitmqctl.rb      | 18 ++++++++++++++++++
 lib/puppet/type/rabbitmq_user.rb               | 11 ++++++++---
 2 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb
index f6bb74b05..00a9e0d08 100644
--- a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb
+++ b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb
@@ -32,6 +32,24 @@ def create
     end
   end
 
+  def change_password
+    rabbitmqctl('change_password', resource[:name], resource[:password])
+  end
+
+  def password
+    nil
+  end
+
+
+  def check_password
+    responce = rabbitmqctl('eval', 'rabbit_auth_backend_internal:check_user_login(<<"' + resource[:name] + '">>, [{password, <<"' + resource[:password] +'">>}]).')
+    if responce.include? 'invalid credentials'
+        false
+    else
+        true
+    end
+  end
+
   def destroy
     rabbitmqctl('delete_user', resource[:name])
   end
diff --git a/lib/puppet/type/rabbitmq_user.rb b/lib/puppet/type/rabbitmq_user.rb
index be5219d5c..aae762333 100644
--- a/lib/puppet/type/rabbitmq_user.rb
+++ b/lib/puppet/type/rabbitmq_user.rb
@@ -18,9 +18,14 @@
     newvalues(/^\S+$/)
   end
 
-  # newproperty(:password) do
-  newparam(:password) do
-    desc 'User password to be set *on creation*'
+  newproperty(:password) do
+    desc 'User password to be set *on creation* and validated each run'
+    def insync?(is)
+      provider.check_password
+    end
+    def set(value)
+      provider.change_password
+    end
   end
 
   newproperty(:admin) do