Module: PuppetX::EnterpriseModules::Oracle::GrantValidator
- Defined in:
- lib/puppet_x/enterprisemodules/oracle/grant_validator.rb
Overview
Docs
Instance Method Summary collapse
- #check_for_conflicting_properties(pre = '', post = '') ⇒ Object
- #double_values(value) ⇒ Object
- #validate ⇒ Object
- #validate_double_values(property) ⇒ Object
Instance Method Details
#check_for_conflicting_properties(pre = '', post = '') ⇒ Object
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/puppet_x/enterprisemodules/oracle/grant_validator.rb', line 11 def check_for_conflicting_properties(pre = '', post = '') grants = self["#{pre}grants#{post}"] || [] granted = self["#{pre}granted#{post}"] || [] revoked = self["#{pre}revoked#{post}"] || [] # # Check if granted contains any properties that are not in grants. If so, issue a warning. # But in the end ensure all specified rights # granted_property_name = "#{pre}granted#{post}" grants_property_name = "#{pre}granted#{post}" extra_granted = granted - grants Puppet.warning "#{path}: Property '#{grants_property_name}' does not contain grants '#{extra_granted.join(',')}'; This however is specified in '#{granted_property_name}'; this might be a conflict" if extra_granted.any? # # Check if revoked contains any properties that are set in grants. If so, issue a warning. # But in the end ensure that the specified revoke is applied. Thus ensuring the most secure # configuration. # all_granted = grants + granted conflicting = revoked - (revoked - all_granted) property_name = "#{pre}revoked#{post}" Puppet.warning "#{path}: On '#{property_name}', the total granted properties '#{all_granted.join(',')}' conflicts with revoked properties '#{revoked.join(',')}'" if conflicting.any? end |
#double_values(value) ⇒ Object
34 35 36 |
# File 'lib/puppet_x/enterprisemodules/oracle/grant_validator.rb', line 34 def double_values(value) value.select { |e| value.count(e) > 1 }.uniq end |
#validate ⇒ Object
44 45 46 47 48 49 50 51 52 53 |
# File 'lib/puppet_x/enterprisemodules/oracle/grant_validator.rb', line 44 def validate [:common_grants, :common_revoked, :common_granted, :common_granted_with_admin, :common_grants_with_admin, :common_revoked_with_admin, :grants, :revoked, :granted, :grants_with_admin, :revoked_with_admin, :granted_with_admin].each do |property| validate_double_values(property) end check_for_conflicting_properties check_for_conflicting_properties('common_') check_for_conflicting_properties('', '_with_admin') check_for_conflicting_properties('common_', '_with_admin') end |
#validate_double_values(property) ⇒ Object
38 39 40 41 42 |
# File 'lib/puppet_x/enterprisemodules/oracle/grant_validator.rb', line 38 def validate_double_values(property) value = send(property) return if value.nil? fail "#{path}/#{property}: #{value} contains multiple times #{double_values(value).join(', ')}" if double_values(value).any? end |