3
require File.dirname(__FILE__) + '/../../../spec_helper'
5
require 'puppet/ssl/certificate_authority'
7
describe "a normal interface method", :shared => true do
8
it "should call the method on the CA for each host specified if an array was provided" do
9
@ca.expects(@method).with("host1")
10
@ca.expects(@method).with("host2")
12
@applier = Puppet::SSL::CertificateAuthority::Interface.new(@method, %w{host1 host2})
17
it "should call the method on the CA for all existing certificates if :all was provided" do
18
@ca.expects(:list).returns %w{host1 host2}
20
@ca.expects(@method).with("host1")
21
@ca.expects(@method).with("host2")
23
@applier = Puppet::SSL::CertificateAuthority::Interface.new(@method, :all)
29
describe Puppet::SSL::CertificateAuthority::Interface do
31
@class = Puppet::SSL::CertificateAuthority::Interface
33
describe "when initializing" do
34
it "should set its method using its settor" do
35
@class.any_instance.expects(:method=).with(:generate)
36
@class.new(:generate, :all)
39
it "should set its subjects using the settor" do
40
@class.any_instance.expects(:subjects=).with(:all)
41
@class.new(:generate, :all)
45
describe "when setting the method" do
46
it "should set the method" do
47
@class.new(:generate, :all).method.should == :generate
50
it "should fail if the method isn't a member of the INTERFACE_METHODS array" do
51
Puppet::SSL::CertificateAuthority::Interface::INTERFACE_METHODS.expects(:include?).with(:thing).returns false
53
lambda { @class.new(:thing, :all) }.should raise_error(ArgumentError)
57
describe "when setting the subjects" do
58
it "should set the subjects" do
59
@class.new(:generate, :all).subjects.should == :all
62
it "should fail if the subjects setting isn't :all or an array" do
63
lambda { @class.new(:generate, "other") }.should raise_error(ArgumentError)
67
it "should have a method for triggering the application" do
68
@class.new(:generate, :all).should respond_to(:apply)
71
describe "when applying" do
73
# We use a real object here, because :verify can't be stubbed, apparently.
77
it "should raise InterfaceErrors" do
78
@applier = @class.new(:revoke, :all)
80
@ca.expects(:list).raises Puppet::SSL::CertificateAuthority::Interface::InterfaceError
82
lambda { @applier.apply(@ca) }.should raise_error(Puppet::SSL::CertificateAuthority::Interface::InterfaceError)
85
it "should log non-Interface failures rather than failing" do
86
@applier = @class.new(:revoke, :all)
88
@ca.expects(:list).raises ArgumentError
92
lambda { @applier.apply(@ca) }.should_not raise_error
95
describe "with an empty array specified and the method is not list" do
97
@applier = @class.new(:sign, [])
98
lambda { @applier.apply(@ca) }.should raise_error(ArgumentError)
102
describe ":generate" do
103
it "should fail if :all was specified" do
104
@applier = @class.new(:generate, :all)
105
lambda { @applier.apply(@ca) }.should raise_error(ArgumentError)
108
it "should call :generate on the CA for each host specified" do
109
@applier = @class.new(:generate, %w{host1 host2})
111
@ca.expects(:generate).with("host1")
112
@ca.expects(:generate).with("host2")
118
describe ":verify" do
119
before { @method = :verify }
120
#it_should_behave_like "a normal interface method"
122
it "should call the method on the CA for each host specified if an array was provided" do
123
# LAK:NOTE Mocha apparently doesn't allow you to mock :verify, but I'm confident this works in real life.
126
it "should call the method on the CA for all existing certificates if :all was provided" do
127
# LAK:NOTE Mocha apparently doesn't allow you to mock :verify, but I'm confident this works in real life.
131
describe ":destroy" do
132
before { @method = :destroy }
133
it_should_behave_like "a normal interface method"
136
describe ":revoke" do
137
before { @method = :revoke }
138
it_should_behave_like "a normal interface method"
142
describe "and an array of names was provided" do
144
@applier = @class.new(:sign, %w{host1 host2})
147
it "should sign the specified waiting certificate requests" do
148
@ca.expects(:sign).with("host1")
149
@ca.expects(:sign).with("host2")
155
describe "and :all was provided" do
156
it "should sign all waiting certificate requests" do
157
@ca.stubs(:waiting?).returns(%w{cert1 cert2})
159
@ca.expects(:sign).with("cert1")
160
@ca.expects(:sign).with("cert2")
162
@applier = @class.new(:sign, :all)
166
it "should fail if there are no waiting certificate requests" do
167
@ca.stubs(:waiting?).returns([])
169
@applier = @class.new(:sign, :all)
170
lambda { @applier.apply(@ca) }.should raise_error(Puppet::SSL::CertificateAuthority::Interface::InterfaceError)
176
describe "and an empty array was provided" do
177
it "should print a string containing all certificate requests" do
178
@ca.expects(:waiting?).returns %w{host1 host2}
181
@applier = @class.new(:list, [])
183
@applier.expects(:puts).with "host1\nhost2"
189
describe "and :all was provided" do
190
it "should print a string containing all certificate requests and certificates" do
191
@ca.expects(:waiting?).returns %w{host1 host2}
192
@ca.expects(:list).returns %w{host3 host4}
194
@ca.expects(:verify).with("host3").raises(Puppet::SSL::CertificateAuthority::CertificateVerificationError.new(23), "certificate revoked")
196
@applier = @class.new(:list, :all)
198
@applier.expects(:puts).with "host1"
199
@applier.expects(:puts).with "host2"
200
@applier.expects(:puts).with "- host3 (certificate revoked)"
201
@applier.expects(:puts).with "+ host4"
207
describe "and an array of names was provided" do
208
it "should print a string of all named hosts that have a waiting request" do
209
@ca.expects(:waiting?).returns %w{host1 host2}
210
@ca.expects(:list).returns %w{host3 host4}
213
@applier = @class.new(:list, %w{host1 host2 host3 host4})
215
@applier.expects(:puts).with "host1"
216
@applier.expects(:puts).with "host2"
217
@applier.expects(:puts).with "+ host3"
218
@applier.expects(:puts).with "+ host4"
226
describe "and :all was provided" do
227
it "should print all certificates" do
228
@ca.expects(:list).returns %w{host1 host2}
230
@applier = @class.new(:print, :all)
232
@ca.expects(:print).with("host1").returns "h1"
233
@applier.expects(:puts).with "h1"
235
@ca.expects(:print).with("host2").returns "h2"
236
@applier.expects(:puts).with "h2"
242
describe "and an array of names was provided" do
243
it "should print each named certificate if found" do
244
@applier = @class.new(:print, %w{host1 host2})
246
@ca.expects(:print).with("host1").returns "h1"
247
@applier.expects(:puts).with "h1"
249
@ca.expects(:print).with("host2").returns "h2"
250
@applier.expects(:puts).with "h2"
255
it "should log any named but not found certificates" do
256
@applier = @class.new(:print, %w{host1 host2})
258
@ca.expects(:print).with("host1").returns "h1"
259
@applier.expects(:puts).with "h1"
261
@ca.expects(:print).with("host2").returns nil
262
Puppet.expects(:err).with { |msg| msg.include?("host2") }