mirror of https://github.com/ansible/ansible.git
become mixin is no more (#54002)
* become mixin is no more since sudo/su keywords are removed in 2.9 .. no need to keep this code around * also don't need test for code that is removed * made preprocess_data on base noop its not used by anything anymore, but kept for backwards compat since other methods of same name are usedpull/55218/head
Brian Coca
6 years ago
committed by
GitHub
parent
9ddde6b27f
commit
e40832df84
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- remove obsolete become mixin
|
||||
@ -1,93 +0,0 @@
|
||||
# (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
# Make coding more python3-ish
|
||||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
|
||||
from ansible import constants as C
|
||||
from ansible import context
|
||||
from ansible.errors import AnsibleParserError
|
||||
from ansible.playbook.attribute import FieldAttribute
|
||||
from ansible.utils.display import Display
|
||||
|
||||
display = Display()
|
||||
|
||||
|
||||
class Become:
|
||||
|
||||
# Privilege escalation
|
||||
_become = FieldAttribute(isa='bool', default=context.cliargs_deferred_get('become'))
|
||||
_become_method = FieldAttribute(isa='string', default=context.cliargs_deferred_get('become_method'))
|
||||
_become_user = FieldAttribute(isa='string', default=context.cliargs_deferred_get('become_user'))
|
||||
_become_flags = FieldAttribute(isa='string')
|
||||
|
||||
def __init__(self):
|
||||
super(Become, self).__init__()
|
||||
|
||||
def _detect_privilege_escalation_conflict(self, ds):
|
||||
|
||||
# Fail out if user specifies conflicting privilege escalations
|
||||
has_become = 'become' in ds or 'become_user'in ds
|
||||
has_sudo = 'sudo' in ds or 'sudo_user' in ds
|
||||
has_su = 'su' in ds or 'su_user' in ds
|
||||
|
||||
if has_become:
|
||||
msg = 'The become params ("become", "become_user") and'
|
||||
if has_sudo:
|
||||
raise AnsibleParserError('%s sudo params ("sudo", "sudo_user") cannot be used together' % msg)
|
||||
elif has_su:
|
||||
raise AnsibleParserError('%s su params ("su", "su_user") cannot be used together' % msg)
|
||||
elif has_sudo and has_su:
|
||||
raise AnsibleParserError('sudo params ("sudo", "sudo_user") and su params ("su", "su_user") cannot be used together')
|
||||
|
||||
def _preprocess_data_become(self, ds):
|
||||
"""Preprocess the playbook data for become attributes
|
||||
|
||||
This is called from the Base object's preprocess_data() method which
|
||||
in turn is called pretty much anytime any sort of playbook object
|
||||
(plays, tasks, blocks, etc) is created.
|
||||
"""
|
||||
|
||||
self._detect_privilege_escalation_conflict(ds)
|
||||
|
||||
# Privilege escalation, backwards compatibility for sudo/su
|
||||
if 'sudo' in ds or 'sudo_user' in ds:
|
||||
ds['become_method'] = 'sudo'
|
||||
if 'sudo' in ds:
|
||||
ds['become'] = ds['sudo']
|
||||
del ds['sudo']
|
||||
|
||||
if 'sudo_user' in ds:
|
||||
ds['become_user'] = ds['sudo_user']
|
||||
del ds['sudo_user']
|
||||
|
||||
display.deprecated("Instead of sudo/sudo_user, use become/become_user and make sure become_method is 'sudo' (default)", '2.9')
|
||||
|
||||
elif 'su' in ds or 'su_user' in ds:
|
||||
ds['become_method'] = 'su'
|
||||
if 'su' in ds:
|
||||
ds['become'] = ds['su']
|
||||
del ds['su']
|
||||
|
||||
if 'su_user' in ds:
|
||||
ds['become_user'] = ds['su_user']
|
||||
del ds['su_user']
|
||||
|
||||
display.deprecated("Instead of su/su_user, use become/become_user and set become_method to 'su' (default is sudo)", '2.9')
|
||||
|
||||
return ds
|
||||
@ -1,100 +0,0 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
# (c) 2018 Matt Martz <matt@sivel.net>
|
||||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
|
||||
from __future__ import absolute_import, division, print_function
|
||||
__metaclass__ = type
|
||||
|
||||
import re
|
||||
|
||||
from ansible.errors import AnsibleParserError
|
||||
from ansible.playbook.become import Become
|
||||
from ansible.module_utils._text import to_native
|
||||
|
||||
import pytest
|
||||
|
||||
|
||||
class InString(str):
|
||||
def __eq__(self, other):
|
||||
return self in other
|
||||
|
||||
|
||||
@pytest.mark.parametrize("ds", [
|
||||
{},
|
||||
{'become': True},
|
||||
{'become_user': 'root'},
|
||||
{'sudo': True},
|
||||
{'sudo_user': 'root'},
|
||||
{'su': True},
|
||||
{'su_user': 'root'}
|
||||
])
|
||||
def test_detect_privilege_escalation_conflict_valid(ds):
|
||||
become = Become()
|
||||
become._detect_privilege_escalation_conflict(ds)
|
||||
|
||||
|
||||
@pytest.mark.parametrize("ds,message", [
|
||||
({'become': True, 'sudo': True}, re.compile('"become".*"sudo"')),
|
||||
({'become': True, 'su': True}, re.compile('"become".*"su"')),
|
||||
({'sudo': True, 'su': True}, re.compile('"sudo".*"su"')),
|
||||
({'become_user': 'root', 'sudo': True}, re.compile('"become".*"sudo"')),
|
||||
({'sudo_user': 'root', 'su': True}, re.compile('"sudo".*"su"')),
|
||||
])
|
||||
def test_detect_privilege_escalation_conflict_invalid(ds, message):
|
||||
become = Become()
|
||||
with pytest.raises(AnsibleParserError) as excinfo:
|
||||
become._detect_privilege_escalation_conflict(ds)
|
||||
assert message.search(excinfo.value.message) is not None
|
||||
|
||||
|
||||
def test_preprocess_data_become(mocker):
|
||||
display_mock = mocker.patch('ansible.playbook.become.display')
|
||||
|
||||
become = Become()
|
||||
ds = {}
|
||||
assert become._preprocess_data_become(ds) == {}
|
||||
|
||||
display_mock.reset_mock()
|
||||
ds = {'sudo': True}
|
||||
out = become._preprocess_data_become(ds)
|
||||
assert 'sudo' not in out
|
||||
assert out.get('become_method') == 'sudo'
|
||||
display_mock.deprecated.assert_called_once_with(
|
||||
"Instead of sudo/sudo_user, use become/become_user and make sure become_method is 'sudo' (default)",
|
||||
'2.9'
|
||||
)
|
||||
|
||||
ds = {'sudo_user': 'root'}
|
||||
out = become._preprocess_data_become(ds)
|
||||
assert 'sudo_user' not in out
|
||||
assert out.get('become_user') == 'root'
|
||||
|
||||
ds = {'sudo': True, 'sudo_user': 'root'}
|
||||
out = become._preprocess_data_become(ds)
|
||||
assert 'sudo' not in out
|
||||
assert 'sudo_user' not in out
|
||||
assert out.get('become_method') == 'sudo'
|
||||
assert out.get('become_user') == 'root'
|
||||
|
||||
display_mock.reset_mock()
|
||||
ds = {'su': True}
|
||||
out = become._preprocess_data_become(ds)
|
||||
assert 'su' not in out
|
||||
assert out.get('become_method') == 'su'
|
||||
display_mock.deprecated.assert_called_once_with(
|
||||
"Instead of su/su_user, use become/become_user and set become_method to 'su' (default is sudo)",
|
||||
'2.9'
|
||||
)
|
||||
display_mock.reset_mock()
|
||||
|
||||
ds = {'su_user': 'root'}
|
||||
out = become._preprocess_data_become(ds)
|
||||
assert 'su_user' not in out
|
||||
assert out.get('become_user') == 'root'
|
||||
|
||||
ds = {'su': True, 'su_user': 'root'}
|
||||
out = become._preprocess_data_become(ds)
|
||||
assert 'su' not in out
|
||||
assert 'su_user' not in out
|
||||
assert out.get('become_method') == 'su'
|
||||
assert out.get('become_user') == 'root'
|
||||
Loading…
Reference in New Issue