Merge "Adding augeas insertion check. Augeas change call will fail if key does not exists in policy.json. This fix will add the key/value if it doesn't exists or will change the value to match. Added unit test. Change-Id: Ibd97228c431fa6b23e8a15ce548f82f649131cc2"

manifests/policy/base.pp

@@ -22,10 +22,24 @@ define openstacklib::policy::base (
   $value = '',
 ) {
 
+  # Add entry if it doesn't exists
+  augeas { "${file_path}-${key}-${value}-add":
+    lens    => 'Json.lns',
+    incl    => $file_path,
+    changes => [
+      "set dict/entry[last()+1] \"${key}\"",
+      "set dict/entry[last()]/string \"${value}\""
+    ],
+    onlyif  => "match dict/entry[*][.=\"${key}\"] size == 0"
+  }
+
+  # Requires that the entry is added before this call or it will fail.
   augeas { "${file_path}-${key}-${value}" :
     lens    => 'Json.lns',
     incl    => $file_path,
-    changes => "set dict/entry[*][.=\"${key}\"]/string ${value}"
+    changes => "set dict/entry[*][.=\"${key}\"]/string ${value}",
+    require => Augeas["${file_path}-${key}-${value}-add"]
   }
 
 }
+

spec/defines/openstacklib_policy_spec.rb

@@ -16,8 +16,22 @@ describe 'openstacklib::policy::base' do
     should contain_augeas('/etc/nova/policy.json-context_is_admin-foo:bar').with(
       'lens'    => 'Json.lns',
       'incl'    => '/etc/nova/policy.json',
-      'changes' => 'set dict/entry[*][.="context_is_admin"]/string foo:bar'
+      'changes' => 'set dict/entry[*][.="context_is_admin"]/string foo:bar',
+      'require' => 'Augeas[/etc/nova/policy.json-context_is_admin-foo:bar-add]'
+    )
+  end
+
+  it 'configures the proper policy' do
+    should contain_augeas('/etc/nova/policy.json-context_is_admin-foo:bar-add').with(
+      'lens'    => 'Json.lns',
+      'incl'    => '/etc/nova/policy.json',
+      'changes' => [
+          'set dict/entry[last()+1] "context_is_admin"',
+          'set dict/entry[last()]/string "foo:bar"'
+      ],
+      'onlyif' => 'match dict/entry[*][.="context_is_admin"] size == 0'
     )
   end
 
 end
+