diff options
| author | Joey Hess <joeyh@joeyh.name> | 2014-12-07 14:57:35 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2014-12-07 15:03:06 -0400 |
| commit | 9ca332e48169ac19dad050a7f99e0db523d8d9c4 (patch) | |
| tree | a1bbe51c18c64317a19d0dbd887fae4355a3bc50 /src/Propellor/Property/User.hs | |
| parent | 8c12047b6b6be67e086d60d79a95490598601a7a (diff) | |
Fixed privdata introspection for User.hasPassword and User.hasSomePassword
This is not a complete fix for the problem that Info doen't propigate
from the called property when code does something like:
do
hostname <- asks hostName
ensureProperty $ foo hostname
Instead, I just eliminated the need to implement hasPassword that way,
by making the PrivData Info use a HostContext which automatically
gets the right hostname passed to it.
All other uses of withPrivData don't have the problem. It's still possible
for the user to run into the problem if they write something like the
above, where foo is a property that uses privdata. However, all properties
that take a Context now also accept a HostContext, so it's at least less
likely the user needs to write that.
Diffstat (limited to 'src/Propellor/Property/User.hs')
| -rw-r--r-- | src/Propellor/Property/User.hs | 28 |
1 files changed, 13 insertions, 15 deletions
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs index 5c8e768c..69794d84 100644 --- a/src/Propellor/Property/User.hs +++ b/src/Propellor/Property/User.hs @@ -25,34 +25,32 @@ nuked user _ = check (isJust <$> catchMaybeIO (homedir user)) $ cmdProperty "use -- | Only ensures that the user has some password set. It may or may -- not be the password from the PrivData. hasSomePassword :: UserName -> Property -hasSomePassword user = property (user ++ "has password") $ do - hostname <- asks hostName - ensureProperty $ hasSomePassword' user (Context hostname) +hasSomePassword user = hasSomePassword' user hostContext -- | While hasSomePassword uses the name of the host as context, -- this allows specifying a different context. This is useful when -- you want to use the same password on multiple hosts, for example. -hasSomePassword' :: UserName -> Context -> Property +hasSomePassword' :: IsContext c => UserName -> c -> Property hasSomePassword' user context = check ((/= HasPassword) <$> getPasswordStatus user) $ hasPassword' user context -- | Ensures that a user's password is set to the password from the PrivData. -- (Will change any existing password.) hasPassword :: UserName -> Property -hasPassword user = property (user ++ "has password") $ do - hostname <- asks hostName - ensureProperty $ hasPassword' user (Context hostname) +hasPassword user = hasPassword' user hostContext -hasPassword' :: UserName -> Context -> Property +hasPassword' :: IsContext c => UserName -> c -> Property hasPassword' user context = go `requires` shadowConfig True where - go = withPrivData (Password user) context $ \getpassword -> - property (user ++ " has password") $ - getpassword $ \password -> makeChange $ - withHandle StdinHandle createProcessSuccess - (proc "chpasswd" []) $ \h -> do - hPutStrLn h $ user ++ ":" ++ password - hClose h + go = withPrivData (Password user) context $ + property (user ++ " has password") . setPassword user + +setPassword :: UserName -> ((PrivData -> Propellor Result) -> Propellor Result) -> Propellor Result +setPassword user getpassword = getpassword $ \password -> makeChange $ + withHandle StdinHandle createProcessSuccess + (proc "chpasswd" []) $ \h -> do + hPutStrLn h $ user ++ ":" ++ password + hClose h lockedPassword :: UserName -> Property lockedPassword user = check (not <$> isLockedPassword user) $ cmdProperty "passwd" |