treefile: add getters for check-passwd and check-groups

This add default-aware getters for `check-passwd` and `check-groups`.
2021-02-25 17:29:01 +00:00 · 2021-02-25 17:29:01 +00:00 · dbe2d50cf1
commit dbe2d50cf1
parent 101d531f3b
2 changed files with 70 additions and 16 deletions
--- a/rust/src/passwd.rs
+++ b/rust/src/passwd.rs
@ -267,26 +267,16 @@ fn data_from_json(

    // Migrate the check data from the specified file to /etc.
    let mut src_file = if target == "passwd" {
-        let check_passwd = match treefile.parsed.check_passwd {
-            None => return Ok(false),
-            Some(ref p) => p,
-        };
-
-        if check_passwd.variant != CheckPasswdType::File {
+        let check_passwd_cfg = treefile.get_check_passwd();
+        if check_passwd_cfg.variant != CheckPasswdType::File {
            return Ok(false);
        };
-
        treefile.passwd_file_mut().context("missing passwd file")?
    } else if target == "group" {
-        let check_groups = match treefile.parsed.check_groups {
-            None => return Ok(false),
-            Some(ref p) => p,
-        };
-
-        if check_groups.variant != CheckPasswdType::File {
+        let check_groups_cfg = treefile.get_check_groups();
+        if check_groups_cfg.variant != CheckPasswdType::File {
            return Ok(false);
        };
-
        treefile.group_file_mut().context("missing group file")?
    } else {
        unreachable!("impossible merge target '{}'", target);
--- a/rust/src/treefile.rs
+++ b/rust/src/treefile.rs
@ -566,6 +566,22 @@ impl Treefile {
        files_to_remove
    }

+    pub(crate) fn get_check_passwd(&self) -> &CheckPasswd {
+        static DEFAULT: CheckPasswd = CheckPasswd {
+            variant: CheckPasswdType::Previous,
+            filename: None,
+        };
+        self.parsed.check_passwd.as_ref().unwrap_or(&DEFAULT)
+    }
+
+    pub(crate) fn get_check_groups(&self) -> &CheckPasswd {
+        static DEFAULT: CheckPasswd = CheckPasswd {
+            variant: CheckPasswdType::Previous,
+            filename: None,
+        };
+        self.parsed.check_groups.as_ref().unwrap_or(&DEFAULT)
+    }
+
    /// Do some upfront semantic checks we can do beyond just the type safety serde provides.
    fn validate_config(config: &TreeComposeConfig) -> Result<()> {
        // check add-files
@ -955,10 +971,10 @@ pub(crate) struct TreeComposeConfig {
    pub(crate) preserve_passwd: Option<bool>,
    #[serde(skip_serializing_if = "Option::is_none")]
    #[serde(rename = "check-passwd")]
-    pub(crate) check_passwd: Option<CheckPasswd>,
+    check_passwd: Option<CheckPasswd>,
    #[serde(skip_serializing_if = "Option::is_none")]
    #[serde(rename = "check-groups")]
-    pub(crate) check_groups: Option<CheckPasswd>,
+    check_groups: Option<CheckPasswd>,
    #[serde(skip_serializing_if = "Option::is_none")]
    #[serde(rename = "ignore-removed-users")]
    ignore_removed_users: Option<Vec<String>>,
@ -1510,6 +1526,54 @@ etc-group-members:

        Ok(())
    }
+
+    #[test]
+    fn test_check_passwd() {
+        {
+            let workdir = tempfile::tempdir().unwrap();
+            let tf = new_test_treefile(workdir.path(), VALID_PRELUDE, None).unwrap();
+            let default_cfg = tf.get_check_passwd();
+            assert_eq!(default_cfg.variant, CheckPasswdType::Previous);
+            assert_eq!(default_cfg.filename, None);
+        }
+        {
+            let input = VALID_PRELUDE.to_string()
+                + r#"check-passwd: { "type": "file", "filename": "local-file" }"#;
+            let workdir = tempfile::tempdir().unwrap();
+            let workdir_d = openat::Dir::open(workdir.path()).unwrap();
+            workdir_d
+                .write_file_contents("local-file", 0o755, "")
+                .unwrap();
+            let tf = new_test_treefile(workdir.path(), &input, None).unwrap();
+            let custom_cfg = tf.get_check_passwd();
+            assert_eq!(custom_cfg.variant, CheckPasswdType::File);
+            assert_eq!(custom_cfg.filename, Some("local-file".to_string()));
+        }
+    }
+
+    #[test]
+    fn test_check_groups() {
+        {
+            let workdir = tempfile::tempdir().unwrap();
+            let tf = new_test_treefile(workdir.path(), VALID_PRELUDE, None).unwrap();
+            let default_cfg = tf.get_check_groups();
+            assert_eq!(default_cfg.variant, CheckPasswdType::Previous);
+            assert_eq!(default_cfg.filename, None);
+        }
+        {
+            let input = VALID_PRELUDE.to_string()
+                + r#"check-groups: { "type": "file", "filename": "local-file" }"#;
+            let workdir = tempfile::tempdir().unwrap();
+            let workdir_d = openat::Dir::open(workdir.path()).unwrap();
+            workdir_d
+                .write_file_contents("local-file", 0o755, "")
+                .unwrap();
+            let tf = new_test_treefile(workdir.path(), &input, None).unwrap();
+            let custom_cfg = tf.get_check_groups();
+            assert_eq!(custom_cfg.variant, CheckPasswdType::File);
+            assert_eq!(custom_cfg.filename, Some("local-file".to_string()));
+        }
+    }
 }

 // Some of our file descriptors may be read multiple times.