"auth for" does not work when dont_register flag is true

[labbeduddel]

When task is not registered, authentication user is not taken from "auth for" parameter. Instead the user which is executing the task is used.

auth for => qr/task/ =>
            user => $user,
            password => $password;
    }


run_task "task", on => $srv;


task "task", sub {
    run "id";
}, { dont_register => 1 };

[ferki]

@labbeduddel: thanks for your report and patience!

There seems to be multiple moving parts at play here, so I'll address them separately below.

Syntax error

For anyone copy-pasting the code snippet to reproduce, there are two issues to be aware of:

• auth for does not need a trailing } curly brace

• this feature also requires at least 0.31 feature flags enabled:

  use Rex -feature => [qw(0.31)];
  

Ordering

In general, auth should come after the declaration of the entity it tries to modify (host group or task). There is an attempt at late-binding authentication info in case Rex hasn't seen the entity yet at the time auth is called, but that only works with exact matching of the entity names, and doesn't work with matching regular expressions (yet?).

The auth docs has correct examples, but only mention the importance of ordering for groups currently.

So there may be two things to address around this part of the story:

• [ ] clarify documentation about auth ordering
• [ ] check if late-binding could be made to work with regular expressions too

Hidden tasks not considered by auth

auth currently looks for matching tasks via Rex::TaskList->create()->get_tasks; instead of ->get_all_tasks() (see code). The former doesn't return hidden tasks (for example to be used when displaying list of available tasks), so the latter might be a better fit for the purposes of auth.

Things to consider addressing by anyone working on this:

• [ ] use get_all_tasks() in auth
• [ ] maybe fix get_all_tasks() to work without errors when a regular expression is omitted in the arguments