From 4532fec37be9075dafcb20bc4105b477763d762b Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Sun, 6 May 2018 19:12:03 +0200 Subject: [PATCH] Address must not be quoted (#24) add validation for ip and hostname check --- .../parser/functions/bareos_settings.rb | 10 ++++++-- spec/functions/bareos_settings_spec.rb | 23 +++++++++++++++---- spec/settings_helper.rb | 4 +++- 3 files changed, 30 insertions(+), 7 deletions(-) diff --git a/lib/puppet/parser/functions/bareos_settings.rb b/lib/puppet/parser/functions/bareos_settings.rb index e56943a..b7355e6 100644 --- a/lib/puppet/parser/functions/bareos_settings.rb +++ b/lib/puppet/parser/functions/bareos_settings.rb @@ -1,3 +1,5 @@ +require 'resolv' + module Puppet::Parser::Functions newfunction(:bareos_settings, type: :rvalue, doc: <<-'ENDHEREDOC') do |args| Helper function to parse settings for bareos and return prepared lines for config file @@ -47,11 +49,10 @@ module Puppet::Parser::Functions when 'name', 'res', 'resource' quote = true regex = %r{^[a-z][a-z0-9\.\-_ \$]{0,126}$}i - # @todo validate net-address for domain name or ip when 'acl', 'messages', 'type', 'string_noquote', 'schedule_run_command' raise 'Value need to be an string' unless value.is_a?(String) # type md5password is missleading, it is an plain password and not md5 hashed - when 'audit_command', 'runscript_short', 'autopassword', 'md5password', 'directory', 'string', 'strname', 'address', 'device', 'plugin_names' + when 'audit_command', 'runscript_short', 'autopassword', 'md5password', 'directory', 'string', 'strname', 'device', 'plugin_names' # array quote = true raise 'Value need to be an string' unless value.is_a?(String) @@ -63,6 +64,11 @@ module Puppet::Parser::Functions regex = %r{^(\d+|(\d+\W+(seconds|sec|s|minutes|min|hours|h|days|d|weeks|w|months|m|quarters|q|years|y)\W*)+)$}i when 'boolean', 'bit' value_in_array = %w[yes no on off true false] + when 'address' + raise 'Value need to be an string' unless value.is_a?(String) + # validate net-address for domain name or ip + regex_hostname = %r{^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$}i + raise 'Value needs to be an ip or host address' unless value =~ Resolv::IPv4::Regex or value =~ Resolv::IPv6::Regex or value =~ Regexp.compile(regex_hostname) when 'addresses' hash_separator = ' = ' raise 'Please specify as Hash' unless value.is_a?(Hash) diff --git a/spec/functions/bareos_settings_spec.rb b/spec/functions/bareos_settings_spec.rb index 60d74c7..44b1582 100644 --- a/spec/functions/bareos_settings_spec.rb +++ b/spec/functions/bareos_settings_spec.rb @@ -17,7 +17,7 @@ end end - context 'type is an resource name' do + context 'type is a resource name' do %w[name res resource].each do |type| it 'runs with compatible values and is quoted' do ['This is an string', 'combatible Res_Name-7.9', 'a' * 127].each do |val| @@ -32,7 +32,7 @@ end end - context 'type is an string' do + context 'type is a string without quotes' do %w[acl messages type string_noquote schedule_run_command].each do |type| it 'runs with compatible values' do ['Not a number', 'MyString', '23 free usage of Text.!', 'Special ".-,= Chars'].each do |val| @@ -47,8 +47,8 @@ end end - context 'type is an string with quotes' do - %w[audit_command runscript_short autopassword md5password directory string strname address device plugin_names].each do |type| + context 'type is a string with quotes' do + %w[audit_command runscript_short autopassword md5password directory string strname device plugin_names].each do |type| it 'runs with compatible values' do ['Not a number', 'MyString', '23 free usage of Text.!', 'Special ".-,= Chars'].each do |val| is_expected.to run.with_params([val, 'Test', type, true]).and_return("#{indent_default}Test = \"#{val}\"") @@ -109,6 +109,21 @@ end end + context 'type is a address' do + %w[address].each do |type| + it 'runs with compatible values' do + ['10.0.0.1', '88.120.0.4', '2001:22::f4', 'fd00:0000:0000:0000::1', 'fancy.domain.com', 'my.host.name.de'].each do |val| + is_expected.to run.with_params([val, 'Test', type, true]).and_return("#{indent_default}Test = #{val}") + end + end + it 'not runs with incompatible values' do + [0, true, { 'hash' => 'val' }, 'ff01::1::2', 'my domain com', ' invalid,char.com'].each do |val| + is_expected.not_to run.with_params([val, 'Test', type, true]) + end + end + end + end + context 'type is an hashed addresses value' do %w[addresses].each do |type| it 'runs with compatible values' do diff --git a/spec/settings_helper.rb b/spec/settings_helper.rb index cd0a6f2..8305ae5 100644 --- a/spec/settings_helper.rb +++ b/spec/settings_helper.rb @@ -26,7 +26,7 @@ def param(attr, directive, type) # maybe check more than it is an int when 'int32', 'pint16', 'pint32', 'port', 'max_blocksize' val = 42 - when 'audit_command', 'runscript_short', 'autopassword', 'md5password', 'directory', 'string', 'strname', 'address', 'device', 'plugin_names' + when 'audit_command', 'runscript_short', 'autopassword', 'md5password', 'directory', 'string', 'strname', 'device', 'plugin_names' val = 'Example Value' result = '"Example Value"' when 'acl', 'messages', 'type', 'string_noquote', 'schedule_run_command' @@ -39,6 +39,8 @@ def param(attr, directive, type) val = '1337 sec' when 'boolean', 'bit' val = false + when 'address' + val = 'host.name.com' when 'addresses', 'include_exclude_item', 'runscript', 'hash' sep = ' ' unless type == 'addresses' val = {