From 374f46e12c4dc0364fc88225bff4884d76a4f97d Mon Sep 17 00:00:00 2001 From: Steven POST Date: Tue, 23 Jul 2024 12:40:51 +0200 Subject: [PATCH] Retrieve user info on secondary nodes as well Not doing this causes Puppet to display changes when adding secondary users. --- lib/puppet/provider/mongodb_user/mongodb.rb | 39 ++++++++----------- .../provider/mongodb_user/mongodb_spec.rb | 8 ++-- 2 files changed, 21 insertions(+), 26 deletions(-) diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index 7eeb79eba..75b3ae181 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -9,28 +9,23 @@ def self.instances require 'json' - if db_ismaster - script = 'EJSON.stringify(db.system.users.find().toArray())' - # A hack to prevent prefetching failures until admin user is created - script = "try {#{script}} catch (e) { if (e.message.match(/requires authentication/) || e.message.match(/not authorized on admin/)) { 'not authorized on admin' } else {throw e}}" if auth_enabled - - out = mongo_eval(script) - return [] if auth_enabled && (out.include?('requires authentication') || out.include?('not authorized on admin')) - - users = JSON.parse out - - users.map do |user| - new(name: user['_id'], - ensure: :present, - username: user['user'], - database: user['db'], - roles: from_roles(user['roles'], user['db']), - password_hash: user['credentials']['MONGODB-CR'], - scram_credentials: user['credentials']['SCRAM-SHA-1']) - end - else - Puppet.warning 'User info is available only from master host' - [] + script = 'EJSON.stringify(db.system.users.find().toArray())' + # A hack to prevent prefetching failures until admin user is created + script = "try {#{script}} catch (e) { if (e.message.match(/requires authentication/) || e.message.match(/not authorized on admin/)) { 'not authorized on admin' } else {throw e}}" if auth_enabled + + out = mongo_eval(script) + return [] if auth_enabled && (out.include?('requires authentication') || out.include?('not authorized on admin')) + + users = JSON.parse out + + users.map do |user| + new(name: user['_id'], + ensure: :present, + username: user['user'], + database: user['db'], + roles: from_roles(user['roles'], user['db']), + password_hash: user['credentials']['MONGODB-CR'], + scram_credentials: user['credentials']['SCRAM-SHA-1']) end end diff --git a/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb index 22ed42c8f..e4bba0f5b 100644 --- a/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb @@ -71,10 +71,10 @@ end end - describe 'empty self.instances from slave' do - it 'doesn`t retrun array of users' do - allow(provider.class).to receive(:db_ismaster).and_return(false) - expect(provider.class.instances).to be_empty + describe 'same self.instances from slave' do + it 'returns an array of users' do + usernames = provider.class.instances.map(&:username) + expect(parsed_users).to match_array(usernames) end end