diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index 7eeb79eba..75b3ae181 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -9,28 +9,23 @@ def self.instances require 'json' - if db_ismaster - script = 'EJSON.stringify(db.system.users.find().toArray())' - # A hack to prevent prefetching failures until admin user is created - script = "try {#{script}} catch (e) { if (e.message.match(/requires authentication/) || e.message.match(/not authorized on admin/)) { 'not authorized on admin' } else {throw e}}" if auth_enabled - - out = mongo_eval(script) - return [] if auth_enabled && (out.include?('requires authentication') || out.include?('not authorized on admin')) - - users = JSON.parse out - - users.map do |user| - new(name: user['_id'], - ensure: :present, - username: user['user'], - database: user['db'], - roles: from_roles(user['roles'], user['db']), - password_hash: user['credentials']['MONGODB-CR'], - scram_credentials: user['credentials']['SCRAM-SHA-1']) - end - else - Puppet.warning 'User info is available only from master host' - [] + script = 'EJSON.stringify(db.system.users.find().toArray())' + # A hack to prevent prefetching failures until admin user is created + script = "try {#{script}} catch (e) { if (e.message.match(/requires authentication/) || e.message.match(/not authorized on admin/)) { 'not authorized on admin' } else {throw e}}" if auth_enabled + + out = mongo_eval(script) + return [] if auth_enabled && (out.include?('requires authentication') || out.include?('not authorized on admin')) + + users = JSON.parse out + + users.map do |user| + new(name: user['_id'], + ensure: :present, + username: user['user'], + database: user['db'], + roles: from_roles(user['roles'], user['db']), + password_hash: user['credentials']['MONGODB-CR'], + scram_credentials: user['credentials']['SCRAM-SHA-1']) end end diff --git a/spec/acceptance/replset_spec.rb b/spec/acceptance/replset_spec.rb index bb1568354..5f373f423 100644 --- a/spec/acceptance/replset_spec.rb +++ b/spec/acceptance/replset_spec.rb @@ -73,6 +73,20 @@ class { 'mongodb::globals': expect(r.stdout).to match %r{some value} end end + + it 'create a user' do + pp = <<-EOS + mongodb_user {'testuser': + ensure => present, + password_hash => mongodb_password('testuser', 'passw0rd'), + database => 'testdb', + roles => ['readWrite', 'dbAdmin'], + } + EOS + + apply_manifest_on(hosts, pp, catch_failures: true) + apply_manifest_on(hosts, pp, catch_changes: true) + end end describe 'mongodb::server with replset_members' do @@ -347,5 +361,19 @@ class { 'mongodb::globals': expect(r.stdout).to match %r{created_by_puppet} end end + + it 'create a user' do + pp = <<-EOS + mongodb_user {'testuser': + ensure => present, + password_hash => mongodb_password('testuser', 'passw0rd'), + database => 'testdb', + roles => ['readWrite', 'dbAdmin'], + } + EOS + + apply_manifest_on(hosts, pp, catch_failures: true) + apply_manifest_on(hosts, pp, catch_changes: true) + end end end diff --git a/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb index 22ed42c8f..cf2ccd6dc 100644 --- a/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb @@ -71,13 +71,6 @@ end end - describe 'empty self.instances from slave' do - it 'doesn`t retrun array of users' do - allow(provider.class).to receive(:db_ismaster).and_return(false) - expect(provider.class.instances).to be_empty - end - end - describe 'create' do it 'creates a user' do cmd_json = <<-EOS.gsub(%r{^\s*}, '').gsub(%r{$\n}, '')