Method: Puppet::Provider::NameService::DirectoryService#remove_unwanted_members

Defined in:

lib/vendor/puppet/provider/nameservice/directoryservice.rb

#remove_unwanted_members(current_members, new_members) ⇒ Object

# File 'lib/vendor/puppet/provider/nameservice/directoryservice.rb', line 571

def remove_unwanted_members(current_members, new_members)
  current_members.each do |member|
    if not new_members.flatten.include?(member)
      cmd = [:dseditgroup, "-o", "edit", "-n", ".", "-d", member, @resource[:name]]
      begin
        execute(cmd)
      rescue Puppet::ExecutionFailure => detail
        # TODO: We're falling back to removing the member using dscl due to rdar://8481241
        # This bug causes dseditgroup to fail to remove a member if that member doesn't exist
        cmd = [:dscl, ".", "-delete", "/Groups/#{@resource.name}", "GroupMembership", member]
        begin
          execute(cmd)
        rescue Puppet::ExecutionFailure => detail
          fail("Could not remove #{member} from group: #{@resource.name}, #{detail}")
        end
      end
    end
  end
end