commit b7f25992a9ecc99c111969f40fcf79080baefa5c
author Filip Pytloun <filip@pytloun.cz> Wed Apr 20 11:39:08 2016 +0200
committer Filip Pytloun <filip@pytloun.cz> Wed Apr 20 15:22:45 2016 +0200
tree cd98baccd9586b7f497012e94b770ce547fff1e9
parent 833b13885017f2de526786d4f255928061589cb9

Ensure guest user is absent if not explicitly defined

rabbitmq/map.jinja

diff --git a/rabbitmq/map.jinja b/rabbitmq/map.jinja
index 051f2fd..0d633c8 100644
--- a/rabbitmq/map.jinja
+++ b/rabbitmq/map.jinja
@@ -40,3 +40,8 @@
 }, merge=salt['pillar.get']('rabbitmq:server')) %}
 
 {% set cluster = salt['pillar.get']('rabbitmq:cluster') %}
+
+{%- set rabbitmq_users = {} %}
+{%- for host_name, host in server.get('host', {}).iteritems() %}
+{%- do rabbitmq_users.update({host.user: [host]}) %}
+{%- endfor %}

rabbitmq/server/user.sls

diff --git a/rabbitmq/server/user.sls b/rabbitmq/server/user.sls
index dcd05ba..b11b78b 100644
--- a/rabbitmq/server/user.sls
+++ b/rabbitmq/server/user.sls
@@ -1,4 +1,4 @@
-{%- from "rabbitmq/map.jinja" import server with context %}
+{%- from "rabbitmq/map.jinja" import server, rabbitmq_users with context %}
 {%- if server.enabled %}
 
 include:
@@ -24,4 +24,13 @@
 
 {%- endif %}
 
-{%- endif %}
\ No newline at end of file
+{%- if 'guest' not in rabbitmq_users.keys() %}
+{#- Delete default guest user if we are not using it #}
+rabbitmq_user_guest_absent:
+  rabbitmq_user.absent:
+  - name: guest
+  - require:
+    - service: rabbitmq_service
+{%- endif %}
+
+{%- endif %}

tests/pillar/rabbitmq_server.sls

diff --git a/tests/pillar/rabbitmq_server.sls b/tests/pillar/rabbitmq_server.sls
index 794253c..410af92 100644
--- a/tests/pillar/rabbitmq_server.sls
+++ b/tests/pillar/rabbitmq_server.sls
@@ -8,4 +8,13 @@
     admin:
       name: adminuser
       password: pwd
+    host:
+      '/':
+        enabled: true
+        user: guest
+        password: guest
+        policies:
+        - name: HA
+          pattern: '^(?!amq\.).*'
+          definition: '{"ha-mode": "all"}'