tempauth: Do not log account information
... to avoid leaking passwords. Change-Id: Ie16a2950f0d7d6727354bd5d7313b83adcd547ff
This commit is contained in:
@@ -19,7 +19,7 @@ define swift::proxy::tempauth_account() {
|
||||
$account_data = strip(split($title,','))
|
||||
if $account_data[0] != '' {
|
||||
swift_proxy_config {
|
||||
"filter:tempauth/${account_data[0]}": value => $account_data[1];
|
||||
"filter:tempauth/${account_data[0]}": value => $account_data[1], secret => true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@@ -7,7 +7,7 @@ describe 'swift::proxy::tempauth' do
|
||||
{
|
||||
'user' => 'admin',
|
||||
'account' => 'admin',
|
||||
'key' => 'admin',
|
||||
'key' => 'adminpass',
|
||||
'groups' => [ 'admin', 'reseller_admin' ],
|
||||
},
|
||||
]
|
||||
@@ -17,7 +17,7 @@ describe 'swift::proxy::tempauth' do
|
||||
let :params do default_params end
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/use').with_value('egg:swift#tempauth') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/user_admin_admin').with_value('admin .admin .reseller_admin') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/user_admin_admin').with_value('adminpass .admin .reseller_admin').with_secret(true) }
|
||||
|
||||
it { is_expected.to_not contain_swift_proxy_config('filter:tempauth/reseller_prefix').with_value('') }
|
||||
it { is_expected.to_not contain_swift_proxy_config('filter:tempauth/token_life').with_value('') }
|
||||
@@ -30,7 +30,7 @@ describe 'swift::proxy::tempauth' do
|
||||
{
|
||||
'user' => 'admin',
|
||||
'account' => 'admin',
|
||||
'key' => 'admin',
|
||||
'key' => 'adminpass',
|
||||
'groups' => [ 'admin', 'reseller_admin' ],
|
||||
},
|
||||
{
|
||||
@@ -42,8 +42,8 @@ describe 'swift::proxy::tempauth' do
|
||||
]
|
||||
} end
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/user_admin_admin').with_value('admin .admin .reseller_admin') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/user_bar_foo').with_value('pass .reseller_admin') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/user_admin_admin').with_value('adminpass .admin .reseller_admin').with_secret(true) }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/user_bar_foo').with_value('pass .reseller_admin').with_secret(true) }
|
||||
end
|
||||
|
||||
context 'when group is empty' do
|
||||
|
@@ -3,11 +3,11 @@ require 'spec_helper'
|
||||
describe 'swift::proxy::tempauth_account' do
|
||||
shared_examples 'swift::proxy::tempauth_account' do
|
||||
let :title do
|
||||
' user_admin_admin, admin .admin .reseller_admin'
|
||||
' user_admin_admin, adminpass .admin .reseller_admin'
|
||||
end
|
||||
|
||||
describe 'when passing in a string containing "user_<account>_<user>, <key> .<group1> .<groupx>"' do
|
||||
it { should contain_swift_proxy_config('filter:tempauth/user_admin_admin').with_value('admin .admin .reseller_admin') }
|
||||
it { should contain_swift_proxy_config('filter:tempauth/user_admin_admin').with_value('adminpass .admin .reseller_admin').with_secret(true) }
|
||||
end
|
||||
end
|
||||
|
||||
|
Reference in New Issue
Block a user