From: Chris Butler <chrisb@zedcore.com>
Date: Mon, 30 Jan 2017 16:19:22 +0000 (+0000)
Subject: Add code to map between group names and GIDs
X-Git-Tag: 1.10.0~6^2~1
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=772cb15e78bce035cc4799f2e153bdf97e06a2c1;p=puppet-modules%2Fpuppetlabs-firewall.git

Add code to map between group names and GIDs
---

diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index a0de965..1208f92 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -845,6 +845,45 @@ Puppet::Type.newtype(:firewall) do
       only, as iptables does not accept multiple gid in a single
       statement.
     EOS
+    def insync?(is)
+      require 'etc'
+
+      # The following code allow us to take into consideration unix mappings
+      # between string group names and GIDs (integers). We also need to ignore
+      # spaces as they are irrelevant with respect to rule sync.
+
+      # Remove whitespace
+      is = is.gsub(/\s+/,'')
+      should = @should.first.to_s.gsub(/\s+/,'')
+
+      # Keep track of negation, but remove the '!'
+      is_negate = ''
+      should_negate = ''
+      if is.start_with?('!')
+        is = is.gsub(/^!/,'')
+        is_negate = '!'
+      end
+      if should.start_with?('!')
+        should = should.gsub(/^!/,'')
+        should_negate = '!'
+      end
+
+      # If 'should' contains anything other than digits,
+      # we assume that we have to do a lookup to convert
+      # to UID
+      unless should[/[0-9]+/] == should
+        should = Etc.getgrnam(should).gid
+      end
+
+      # If 'is' contains anything other than digits,
+      # we assume that we have to do a lookup to convert
+      # to UID
+      unless is[/[0-9]+/] == is
+        is = Etc.getgrnam(is).gid
+      end
+
+      return "#{is_negate}#{is}" == "#{should_negate}#{should}"
+    end
   end
 
   # match mark