Sha256: 70a184534464e8aee7c713bbbb9396937db9eff1ba420fbcd76ddb46c27232e4
Contents?: true
Size: 1.88 KB
Versions: 25
Compression:
Stored size: 1.88 KB
Contents
# encoding: utf-8
require 'utils/file_reader'
require 'resources/postgres'
module Inspec::Resources
class PostgresIdentConf < Inspec.resource(1)
name 'postgres_ident_conf'
supports platform: 'unix'
desc 'Use the postgres_ident_conf InSpec audit resource to test the client
authentication data is controlled by a pg_ident.conf file.'
example "
describe postgres_ident_conf.where { pg_username == 'acme_user' } do
its('map_name') { should eq ['ssl-test'] }
end
"
include FileReader
attr_reader :params, :conf_file
def initialize(ident_conf_path = nil)
@conf_file = ident_conf_path || File.expand_path('pg_ident.conf', inspec.postgres.conf_dir)
@content = nil
@params = nil
read_content
end
filter = FilterTable.create
filter.add_accessor(:where)
.add_accessor(:entries)
.add(:map_name, field: 'map_name')
.add(:system_username, field: 'system_username')
.add(:pg_username, field: 'pg_username')
filter.connect(self, :params)
def to_s
"PostgreSQL Ident Config #{@conf_file}"
end
private
def filter_comments(data)
content = []
data.each do |line|
line.chomp!
content << line unless line.match(/^\s*#/) || line.empty?
end
content
end
def read_content
@content = ''
@params = {}
@content = filter_comments(read_file(@conf_file))
@params = parse_conf(@content)
end
def parse_conf(content)
content.map do |line|
parse_line(line)
end.compact
end
def parse_line(line)
x = line.split(/\s+/)
{
'map_name' => x[0],
'system_username' => x[1],
'pg_username' => x[2],
}
end
def read_file(conf_file = @conf_file)
read_file_content(conf_file, allow_empty: true).lines
end
end
end
Version data entries
25 entries across 25 versions & 2 rubygems