1
|
|
|
# frozen_string_literal: true |
2
|
|
|
|
3
|
|
|
require_relative 'group/privilege' |
4
|
|
|
require_relative '../action/group/set_members' |
5
|
|
|
require_relative '../action/group/append_members' |
6
|
|
|
require_relative '../action/group/exclude_members' |
7
|
|
|
require_relative '../action/group/remove' |
8
|
|
|
require_relative '../model/policy' |
9
|
|
|
|
10
|
|
|
module AMA |
11
|
|
|
module Chef |
12
|
|
|
module User |
13
|
|
|
class Planner |
14
|
|
|
# This planner creates actions altering group state |
15
|
|
|
class Group |
16
|
|
|
def initialize |
17
|
|
|
@privilege = Privilege.new |
18
|
|
|
end |
19
|
|
|
|
20
|
|
|
# @param [Hash{Symbol, AMA::Chef::User::Model::Group}] current_state |
21
|
|
|
# @param [Hash{Symbol, AMA::Chef::User::Model::Group}] desired_state |
22
|
|
|
def plan(current_state, desired_state) |
23
|
|
|
(current_state.keys | desired_state.keys).flat_map do |id| |
24
|
|
|
process(current_state[id], desired_state[id]) |
25
|
|
|
end |
26
|
|
|
end |
27
|
|
|
|
28
|
|
|
private |
29
|
|
|
|
30
|
|
|
# @param [AMA::Chef::User::Model::Group] current_state |
31
|
|
|
# @param [AMA::Chef::User::Model::Group] desired_state |
32
|
|
|
def process(current_state, desired_state) |
33
|
|
|
actions = privilege_actions(current_state, desired_state) |
34
|
|
|
group = desired_state || current_state |
35
|
|
|
return [] if group.policy == Model::Policy::NONE |
36
|
|
|
if desired_state.nil? |
37
|
|
|
actions.push(*deletion_actions(current_state)) |
38
|
|
|
else |
39
|
|
|
actions.push(*creation_actions(current_state, desired_state)) |
40
|
|
|
end |
41
|
|
|
post_process_actions(actions) |
42
|
|
|
end |
43
|
|
|
|
44
|
|
|
def ns |
45
|
|
|
::AMA::Chef::User::Action::Group |
46
|
|
|
end |
47
|
|
|
|
48
|
|
|
def creation_actions(current_state, desired_state) |
49
|
|
|
group = desired_state |
50
|
|
|
unless desired_state.policy == Model::Policy::EDIT |
51
|
|
|
return [ns::SetMembers.new(group)] |
52
|
|
|
end |
53
|
|
|
actions = [ns::AppendMembers.new(group)] |
54
|
|
|
current_members = current_state ? current_state.members : Set.new |
55
|
|
|
excluded_members = current_members - desired_state.members |
56
|
|
|
return actions if excluded_members.empty? |
57
|
|
|
actions.unshift(ns::ExcludeMembers.new(group, excluded_members)) |
58
|
|
|
end |
59
|
|
|
|
60
|
|
|
def deletion_actions(current_state) |
61
|
|
|
if current_state.policy.remove? |
62
|
|
|
return [ns::Remove.new(current_state)] |
63
|
|
|
end |
64
|
|
|
return [] if current_state.members.empty? |
65
|
|
|
[ns::ExcludeMembers.new(current_state, current_state.members)] |
66
|
|
|
end |
67
|
|
|
|
68
|
|
|
def post_process_actions(actions) |
69
|
|
|
actions.each do |action| |
70
|
|
|
action.class_name = action.class.to_s |
71
|
|
|
end |
72
|
|
|
actions |
73
|
|
|
end |
74
|
|
|
|
75
|
|
View Code Duplication |
def privilege_actions(current_state, desired_state) |
|
|
|
|
76
|
|
|
return [] if desired_state.nil? && !current_state.policy.remove? |
77
|
|
|
group = desired_state || current_state |
78
|
|
|
current = current_state.nil? ? {} : current_state.privileges |
79
|
|
|
desired = desired_state.nil? ? {} : desired_state.privileges |
80
|
|
|
@privilege.plan(group, current, desired) |
81
|
|
|
end |
82
|
|
|
end |
83
|
|
|
end |
84
|
|
|
end |
85
|
|
|
end |
86
|
|
|
end |
87
|
|
|
|