Skip to content

Commit

Permalink
Added handling of X/x in comparisons to avoid constant updates.
Browse files Browse the repository at this point in the history
  • Loading branch information
ncstate-daniel committed Jun 12, 2019
1 parent 4d1cbf2 commit 6f8b67a
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 4 deletions.
7 changes: 5 additions & 2 deletions lib/puppet/provider/posix_acl/posixacl.rb
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,11 @@ def permission=(_value) # TODO: Investigate why we're not using this parameter
purge
when :exact, :set
cur_perm = permission
perm_to_set = @resource.value(:permission) - cur_perm
perm_to_unset = cur_perm - @resource.value(:permission)
# For comparison purposes, we want to change X to x as it's only useful
# for setfacl and isn't stored or noted by getfacl.
new_perm = @resource.value(:permission).map(&:downcase)
perm_to_set = new_perm - cur_perm
perm_to_unset = cur_perm - new_perm
return false if perm_to_set.empty? && perm_to_unset.empty?
# Take supplied perms literally, unset any existing perms which
# are absent from ACLs given
Expand Down
7 changes: 5 additions & 2 deletions lib/puppet/type/posix_acl.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
require 'set'
require 'pathname'
require 'English'

Puppet::Type.newtype(:posix_acl) do
desc <<-EOT
Expand Down Expand Up @@ -161,8 +162,10 @@ def unset_insync(cur_perm)
(sp - cp).sort == sp
end

# Make sure we are not misinterpreting recursive permission notation (e.g. rwX) when
# comparing current to new perms.
def set_insync(cur_perm) # rubocop:disable Style/AccessorMethodName
should = @should.uniq.sort
should = @should.uniq.map(&:downcase).sort
(cur_perm.sort == should) || (provider.check_set && (should - cur_perm).empty?)
end

Expand Down Expand Up @@ -218,7 +221,7 @@ def insync?(is)
s = p.tr '-', ''
r << (s.sub!('r', '') ? 'r' : '-')
r << (s.sub!('w', '') ? 'w' : '-')
r << (s.sub!(/x/i, '') ? $~.to_s : '-')
r << (s.sub!(%r{x}i, '') ? $LAST_MATCH_INFO.to_s : '-')
raise ArgumentError, %(Invalid permission set "#{p}".) unless s.empty?
end
r
Expand Down

0 comments on commit 6f8b67a

Please sign in to comment.