class Inspec::Resources::User

The `user` resource handles the special case where only one resource is required

describe user('root') do

it { should exist }
its('uid') { should eq 0 }
its('gid') { should eq 0 }
its('group') { should eq 'root' }
its('groups') { should eq ['root', 'wheel']}
its('home') { should eq '/root' }
its('shell') { should eq '/bin/bash' }
its('mindays') { should eq 0 }
its('maxdays') { should eq 99 }
its('warndays') { should eq 5 }
its('passwordage') { should be >= 0 }
its('maxbadpasswords') { should eq nil } // not yet supported on linux
its('badpasswordattempts') { should eq 0 }

end describe user('Administrator') do

it { should exist }
its('uid') { should eq "S-1-5-21-1759981009-4135989804-1844563890-500" }
its('gid') { should eq nil } // not supported on Windows
its('group') { should eq nil } // not supported on Windows
its('groups') { should eq ['Administrators', 'Users']}
its('home') { should eq '' }
its('shell') { should eq nil } // not supported on Windows
its('mindays') { should eq 0 }
its('maxdays') { should eq 42 }
its('warndays') { should eq nil }
its('passwordage') { should eq 355 }
its('maxbadpasswords') { should eq 0 }
its('badpasswordattempts') { should eq 0 }

end

The following Serverspec matchers are deprecated in favor for direct value access

describe user('root') do

it { should belong_to_group 'root' }
it { should have_uid 0 }
it { should have_home_directory '/root' }
it { should have_login_shell '/bin/bash' }
its('minimum_days_between_password_change') { should eq 0 }
its('maximum_days_between_password_change') { should eq 99 }

end

ServerSpec tests that are not supported:

describe user('root') do

it { should have_authorized_key 'ssh-rsa ADg54...3434 user@example.local' }
its(:encrypted_password) { should eq 1234 }

end

Public Class Methods

new(username = nil) click to toggle source
# File lib/inspec/resources/users.rb, line 170
def initialize(username = nil)
  @username = username
  # select user provider
  @user_provider = select_user_manager(inspec.os)
  return skip_resource "The `user` resource is not supported on your OS yet." if @user_provider.nil?
end

Public Instance Methods

badpasswordattempts() click to toggle source
# File lib/inspec/resources/users.rb, line 245
def badpasswordattempts
  credentials[:badpasswordattempts] unless credentials.nil?
end
disabled?() click to toggle source
# File lib/inspec/resources/users.rb, line 181
def disabled?
  identity[:disabled] == true unless identity.nil?
end
domain() click to toggle source
# File lib/inspec/resources/users.rb, line 218
def domain
  meta_info[:domain] unless meta_info.nil?
end
enabled?() click to toggle source
# File lib/inspec/resources/users.rb, line 185
def enabled?
  identity[:disabled] == false unless identity.nil?
end
exists?() click to toggle source
# File lib/inspec/resources/users.rb, line 177
def exists?
  !identity.nil? && !identity[:username].nil?
end
gid() click to toggle source
# File lib/inspec/resources/users.rb, line 197
def gid
  identity[:gid] unless identity.nil?
end
group()
Alias for: groupname
groupname() click to toggle source
# File lib/inspec/resources/users.rb, line 201
def groupname
  identity[:groupname] unless identity.nil?
end
Also aliased as: group
groups() click to toggle source
# File lib/inspec/resources/users.rb, line 206
def groups
  identity[:groups] unless identity.nil?
end
has_authorized_key?(_compare_key) click to toggle source
# File lib/inspec/resources/users.rb, line 286
def has_authorized_key?(_compare_key)
  Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `has_authorized_key?` matcher is deprecated. There is no currently implemented alternative")
  raise NotImplementedError
end
has_home_directory?(compare_home) click to toggle source
# File lib/inspec/resources/users.rb, line 276
def has_home_directory?(compare_home)
  Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `has_home_directory?` matcher is deprecated. Please use `its('home')`.")
  home == compare_home
end
has_login_shell?(compare_shell) click to toggle source
# File lib/inspec/resources/users.rb, line 281
def has_login_shell?(compare_shell)
  Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `has_login_shell?` matcher is deprecated. Please use `its('shell')`.")
  shell == compare_shell
end
has_uid?(compare_uid) click to toggle source

implements rspec has matcher, to be compatible with serverspec @see: github.com/rspec/rspec-expectations/blob/master/lib/rspec/matchers/built_in/has.rb

# File lib/inspec/resources/users.rb, line 271
def has_uid?(compare_uid)
  Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `has_uid?` matcher is deprecated.")
  uid == compare_uid
end
home() click to toggle source
# File lib/inspec/resources/users.rb, line 210
def home
  meta_info[:home] unless meta_info.nil?
end
lastlogin() click to toggle source
# File lib/inspec/resources/users.rb, line 226
def lastlogin
  meta_info[:lastlogin] unless meta_info.nil?
end
maxbadpasswords() click to toggle source
# File lib/inspec/resources/users.rb, line 249
def maxbadpasswords
  credentials[:maxbadpasswords] unless credentials.nil?
end
maxdays() click to toggle source

returns the maximum days between password changes

# File lib/inspec/resources/users.rb, line 236
def maxdays
  credentials[:maxdays] unless credentials.nil?
end
maximum_days_between_password_change() click to toggle source

implement 'maxdays' method to be compatible with serverspec

# File lib/inspec/resources/users.rb, line 264
def maximum_days_between_password_change
  Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `maximum_days_between_password_change` property is deprecated. Please use `maxdays`.")
  maxdays
end
mindays() click to toggle source

returns the minimum days between password changes

# File lib/inspec/resources/users.rb, line 231
def mindays
  credentials[:mindays] unless credentials.nil?
end
minimum_days_between_password_change() click to toggle source

implement 'mindays' method to be compatible with serverspec

# File lib/inspec/resources/users.rb, line 258
def minimum_days_between_password_change
  Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `minimum_days_between_password_change` property is deprecated. Please use `mindays`.")
  mindays
end
passwordage() click to toggle source
# File lib/inspec/resources/users.rb, line 253
def passwordage
  credentials[:passwordage] unless credentials.nil?
end
shell() click to toggle source
# File lib/inspec/resources/users.rb, line 214
def shell
  meta_info[:shell] unless meta_info.nil?
end
to_s() click to toggle source
# File lib/inspec/resources/users.rb, line 291
def to_s
  "User #{@username}"
end
uid() click to toggle source
# File lib/inspec/resources/users.rb, line 193
def uid
  identity[:uid] unless identity.nil?
end
userflags() click to toggle source
# File lib/inspec/resources/users.rb, line 222
def userflags
  meta_info[:userflags] unless meta_info.nil?
end
username() click to toggle source
# File lib/inspec/resources/users.rb, line 189
def username
  identity[:username] unless identity.nil?
end
warndays() click to toggle source

returns the days for password change warning

# File lib/inspec/resources/users.rb, line 241
def warndays
  credentials[:warndays] unless credentials.nil?
end

Private Instance Methods

credentials() click to toggle source
# File lib/inspec/resources/users.rb, line 310
def credentials
  return @cred_cache if defined?(@cred_cache)

  @cred_cache = @user_provider.credentials(@username) unless @user_provider.nil?
end
identity() click to toggle source

returns the iden

# File lib/inspec/resources/users.rb, line 298
def identity
  return @id_cache if defined?(@id_cache)

  @id_cache = @user_provider.identity(@username) unless @user_provider.nil?
end
meta_info() click to toggle source
# File lib/inspec/resources/users.rb, line 304
def meta_info
  return @meta_cache if defined?(@meta_cache)

  @meta_cache = @user_provider.meta_info(@username) unless @user_provider.nil?
end