class Inspec::Resources::User
The `user` resource handles the special case where only one resource is required
describe user('root') do
it { should exist } its('uid') { should eq 0 } its('gid') { should eq 0 } its('group') { should eq 'root' } its('groups') { should eq ['root', 'wheel']} its('home') { should eq '/root' } its('shell') { should eq '/bin/bash' } its('mindays') { should eq 0 } its('maxdays') { should eq 99 } its('warndays') { should eq 5 } its('passwordage') { should be >= 0 } its('maxbadpasswords') { should eq nil } // not yet supported on linux its('badpasswordattempts') { should eq 0 }
end describe user('Administrator') do
it { should exist } its('uid') { should eq "S-1-5-21-1759981009-4135989804-1844563890-500" } its('gid') { should eq nil } // not supported on Windows its('group') { should eq nil } // not supported on Windows its('groups') { should eq ['Administrators', 'Users']} its('home') { should eq '' } its('shell') { should eq nil } // not supported on Windows its('mindays') { should eq 0 } its('maxdays') { should eq 42 } its('warndays') { should eq nil } its('passwordage') { should eq 355 } its('maxbadpasswords') { should eq 0 } its('badpasswordattempts') { should eq 0 }
end
The following Serverspec matchers are deprecated in favor for direct value access
describe user('root') do
it { should belong_to_group 'root' } it { should have_uid 0 } it { should have_home_directory '/root' } it { should have_login_shell '/bin/bash' } its('minimum_days_between_password_change') { should eq 0 } its('maximum_days_between_password_change') { should eq 99 }
end
ServerSpec tests that are not supported:
describe user('root') do
it { should have_authorized_key 'ssh-rsa ADg54...3434 user@example.local' } its(:encrypted_password) { should eq 1234 }
end
Public Class Methods
new(username = nil)
click to toggle source
# File lib/inspec/resources/users.rb, line 170 def initialize(username = nil) @username = username # select user provider @user_provider = select_user_manager(inspec.os) return skip_resource "The `user` resource is not supported on your OS yet." if @user_provider.nil? end
Public Instance Methods
badpasswordattempts()
click to toggle source
# File lib/inspec/resources/users.rb, line 245 def badpasswordattempts credentials[:badpasswordattempts] unless credentials.nil? end
disabled?()
click to toggle source
# File lib/inspec/resources/users.rb, line 181 def disabled? identity[:disabled] == true unless identity.nil? end
domain()
click to toggle source
# File lib/inspec/resources/users.rb, line 218 def domain meta_info[:domain] unless meta_info.nil? end
enabled?()
click to toggle source
# File lib/inspec/resources/users.rb, line 185 def enabled? identity[:disabled] == false unless identity.nil? end
exists?()
click to toggle source
# File lib/inspec/resources/users.rb, line 177 def exists? !identity.nil? && !identity[:username].nil? end
gid()
click to toggle source
# File lib/inspec/resources/users.rb, line 197 def gid identity[:gid] unless identity.nil? end
groupname()
click to toggle source
# File lib/inspec/resources/users.rb, line 201 def groupname identity[:groupname] unless identity.nil? end
Also aliased as: group
groups()
click to toggle source
# File lib/inspec/resources/users.rb, line 206 def groups identity[:groups] unless identity.nil? end
has_home_directory?(compare_home)
click to toggle source
# File lib/inspec/resources/users.rb, line 276 def has_home_directory?(compare_home) Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `has_home_directory?` matcher is deprecated. Please use `its('home')`.") home == compare_home end
has_login_shell?(compare_shell)
click to toggle source
# File lib/inspec/resources/users.rb, line 281 def has_login_shell?(compare_shell) Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `has_login_shell?` matcher is deprecated. Please use `its('shell')`.") shell == compare_shell end
has_uid?(compare_uid)
click to toggle source
implements rspec has matcher, to be compatible with serverspec @see: github.com/rspec/rspec-expectations/blob/master/lib/rspec/matchers/built_in/has.rb
# File lib/inspec/resources/users.rb, line 271 def has_uid?(compare_uid) Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `has_uid?` matcher is deprecated.") uid == compare_uid end
home()
click to toggle source
# File lib/inspec/resources/users.rb, line 210 def home meta_info[:home] unless meta_info.nil? end
lastlogin()
click to toggle source
# File lib/inspec/resources/users.rb, line 226 def lastlogin meta_info[:lastlogin] unless meta_info.nil? end
maxbadpasswords()
click to toggle source
# File lib/inspec/resources/users.rb, line 249 def maxbadpasswords credentials[:maxbadpasswords] unless credentials.nil? end
maxdays()
click to toggle source
returns the maximum days between password changes
# File lib/inspec/resources/users.rb, line 236 def maxdays credentials[:maxdays] unless credentials.nil? end
maximum_days_between_password_change()
click to toggle source
implement 'maxdays' method to be compatible with serverspec
# File lib/inspec/resources/users.rb, line 264 def maximum_days_between_password_change Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `maximum_days_between_password_change` property is deprecated. Please use `maxdays`.") maxdays end
mindays()
click to toggle source
returns the minimum days between password changes
# File lib/inspec/resources/users.rb, line 231 def mindays credentials[:mindays] unless credentials.nil? end
minimum_days_between_password_change()
click to toggle source
implement 'mindays' method to be compatible with serverspec
# File lib/inspec/resources/users.rb, line 258 def minimum_days_between_password_change Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `minimum_days_between_password_change` property is deprecated. Please use `mindays`.") mindays end
passwordage()
click to toggle source
# File lib/inspec/resources/users.rb, line 253 def passwordage credentials[:passwordage] unless credentials.nil? end
shell()
click to toggle source
# File lib/inspec/resources/users.rb, line 214 def shell meta_info[:shell] unless meta_info.nil? end
to_s()
click to toggle source
# File lib/inspec/resources/users.rb, line 291 def to_s "User #{@username}" end
uid()
click to toggle source
# File lib/inspec/resources/users.rb, line 193 def uid identity[:uid] unless identity.nil? end
userflags()
click to toggle source
# File lib/inspec/resources/users.rb, line 222 def userflags meta_info[:userflags] unless meta_info.nil? end
username()
click to toggle source
# File lib/inspec/resources/users.rb, line 189 def username identity[:username] unless identity.nil? end
warndays()
click to toggle source
returns the days for password change warning
# File lib/inspec/resources/users.rb, line 241 def warndays credentials[:warndays] unless credentials.nil? end
Private Instance Methods
credentials()
click to toggle source
# File lib/inspec/resources/users.rb, line 310 def credentials return @cred_cache if defined?(@cred_cache) @cred_cache = @user_provider.credentials(@username) unless @user_provider.nil? end
identity()
click to toggle source
returns the iden
# File lib/inspec/resources/users.rb, line 298 def identity return @id_cache if defined?(@id_cache) @id_cache = @user_provider.identity(@username) unless @user_provider.nil? end
meta_info()
click to toggle source
# File lib/inspec/resources/users.rb, line 304 def meta_info return @meta_cache if defined?(@meta_cache) @meta_cache = @user_provider.meta_info(@username) unless @user_provider.nil? end