375 lines
11 KiB
YAML
375 lines
11 KiB
YAML
|
---
|
||
|
- name: fail to set invalid right
|
||
|
win_user_right:
|
||
|
name: FailRight
|
||
|
users: Administrator
|
||
|
register: fail_invalid_right
|
||
|
failed_when: fail_invalid_right.msg != 'the specified right FailRight is not a valid right'
|
||
|
|
||
|
- name: fail with invalid username
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: FakeUser
|
||
|
register: fail_invalid_user
|
||
|
failed_when: "'Account Name: FakeUser is not a valid account, cannot get SID' not in fail_invalid_user.msg"
|
||
|
|
||
|
- name: remove from empty right check
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Administrators']
|
||
|
action: remove
|
||
|
register: remove_empty_right_check
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: assert remove from empty right check
|
||
|
assert:
|
||
|
that:
|
||
|
- not remove_empty_right_check|changed
|
||
|
- remove_empty_right_check.added == []
|
||
|
- remove_empty_right_check.removed == []
|
||
|
|
||
|
- name: remove from empty right
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Administrators']
|
||
|
action: remove
|
||
|
register: remove_empty_right
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: assert remove from empty right
|
||
|
assert:
|
||
|
that:
|
||
|
- not remove_empty_right|changed
|
||
|
- remove_empty_right.added == []
|
||
|
- remove_empty_right.removed == []
|
||
|
|
||
|
- name: set administrator check
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: Administrator
|
||
|
action: set
|
||
|
register: set_administrator_check
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: get actual set administrator check
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: set_administrator_actual_check
|
||
|
|
||
|
- name: assert set administrator check
|
||
|
assert:
|
||
|
that:
|
||
|
- set_administrator_check|changed
|
||
|
- set_administrator_check.added == ["{{ansible_hostname}}\\Administrator"]
|
||
|
- set_administrator_check.removed == []
|
||
|
- set_administrator_actual_check.users == []
|
||
|
|
||
|
- name: set administrator
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: Administrator
|
||
|
action: set
|
||
|
register: set_administrator
|
||
|
|
||
|
- name: get actual set administrator
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: set_administrator_actual
|
||
|
|
||
|
- name: assert set administrator check
|
||
|
assert:
|
||
|
that:
|
||
|
- set_administrator|changed
|
||
|
- set_administrator.added == ["{{ansible_hostname}}\\Administrator"]
|
||
|
- set_administrator.removed == []
|
||
|
- set_administrator_actual.users == ['Administrator']
|
||
|
|
||
|
- name: set administrator again
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: Administrator
|
||
|
action: set
|
||
|
register: set_administrator_again
|
||
|
|
||
|
- name: assert set administrator check
|
||
|
assert:
|
||
|
that:
|
||
|
- not set_administrator_again|changed
|
||
|
- set_administrator_again.added == []
|
||
|
- set_administrator_again.removed == []
|
||
|
|
||
|
- name: remove from right check
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Guests', '{{ansible_hostname}}\Users', '.\Backup Operators']
|
||
|
action: remove
|
||
|
register: remove_right_check
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: get actual remove from right check
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: remove_right_actual_check
|
||
|
|
||
|
- name: assert remove from right check
|
||
|
assert:
|
||
|
that:
|
||
|
- remove_right_check|changed
|
||
|
- remove_right_check.removed == ["{{ansible_hostname}}\\Administrator"]
|
||
|
- remove_right_check.added == []
|
||
|
- remove_right_actual_check.users == ['Administrator']
|
||
|
|
||
|
- name: remove from right
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Guests', '{{ansible_hostname}}\Users', '.\Backup Operators']
|
||
|
action: remove
|
||
|
register: remove_right
|
||
|
|
||
|
- name: get actual remove from right
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: remove_right_actual
|
||
|
|
||
|
- name: assert remove from right
|
||
|
assert:
|
||
|
that:
|
||
|
- remove_right|changed
|
||
|
- remove_right.removed == ["{{ansible_hostname}}\\Administrator"]
|
||
|
- remove_right.added == []
|
||
|
- remove_right_actual.users == []
|
||
|
|
||
|
- name: remove from right again
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Guests', '{{ansible_hostname}}\Users', '.\Backup Operators']
|
||
|
action: remove
|
||
|
register: remove_right_again
|
||
|
|
||
|
- name: assert remove from right
|
||
|
assert:
|
||
|
that:
|
||
|
- not remove_right_again|changed
|
||
|
- remove_right_again.removed == []
|
||
|
- remove_right_again.added == []
|
||
|
|
||
|
- name: add to empty right check
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Administrators']
|
||
|
action: add
|
||
|
register: add_right_on_empty_check
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: get actual add to empty right check
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: add_right_on_empty_actual_check
|
||
|
|
||
|
- name: assert add to empty right check
|
||
|
assert:
|
||
|
that:
|
||
|
- add_right_on_empty_check|changed
|
||
|
- add_right_on_empty_check.removed == []
|
||
|
- add_right_on_empty_check.added == ["{{ansible_hostname}}\\Administrator", "BUILTIN\\Administrators"]
|
||
|
- add_right_on_empty_actual_check.users == []
|
||
|
|
||
|
- name: add to empty right
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Administrators']
|
||
|
action: add
|
||
|
register: add_right_on_empty
|
||
|
|
||
|
- name: get actual add to empty right
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: add_right_on_empty_actual
|
||
|
|
||
|
- name: assert add to empty right
|
||
|
assert:
|
||
|
that:
|
||
|
- add_right_on_empty|changed
|
||
|
- add_right_on_empty.removed == []
|
||
|
- add_right_on_empty.added == ["{{ansible_hostname}}\\Administrator", "BUILTIN\\Administrators"]
|
||
|
- add_right_on_empty_actual.users == ["Administrator", "BUILTIN\\Administrators"]
|
||
|
|
||
|
- name: add to empty right again
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Administrators']
|
||
|
action: add
|
||
|
register: add_right_on_empty_again
|
||
|
|
||
|
- name: assert add to empty right
|
||
|
assert:
|
||
|
that:
|
||
|
- not add_right_on_empty_again|changed
|
||
|
- add_right_on_empty_again.removed == []
|
||
|
- add_right_on_empty_again.added == []
|
||
|
|
||
|
- name: add to existing right check
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Guests', '{{ansible_hostname}}\Users']
|
||
|
action: add
|
||
|
register: add_right_on_existing_check
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: get actual add to existing right check
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: add_right_on_existing_actual_check
|
||
|
|
||
|
- name: assert add to existing right check
|
||
|
assert:
|
||
|
that:
|
||
|
- add_right_on_existing_check|changed
|
||
|
- add_right_on_existing_check.removed == []
|
||
|
- add_right_on_existing_check.added == ["BUILTIN\\Guests", "BUILTIN\\Users"]
|
||
|
- add_right_on_existing_actual_check.users == ["Administrator", "BUILTIN\\Administrators"]
|
||
|
|
||
|
- name: add to existing right
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Guests', '{{ansible_hostname}}\Users']
|
||
|
action: add
|
||
|
register: add_right_on_existing
|
||
|
|
||
|
- name: get actual add to existing right
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: add_right_on_existing_actual
|
||
|
|
||
|
- name: assert add to existing right
|
||
|
assert:
|
||
|
that:
|
||
|
- add_right_on_existing|changed
|
||
|
- add_right_on_existing.removed == []
|
||
|
- add_right_on_existing.added == ["BUILTIN\\Guests", "BUILTIN\\Users"]
|
||
|
- add_right_on_existing_actual.users == ["Administrator", "BUILTIN\\Administrators", "BUILTIN\\Users", "BUILTIN\\Guests"]
|
||
|
|
||
|
- name: add to existing right again
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrator', 'Guests', '{{ansible_hostname}}\Users']
|
||
|
action: add
|
||
|
register: add_right_on_existing_again
|
||
|
|
||
|
- name: assert add to existing right
|
||
|
assert:
|
||
|
that:
|
||
|
- not add_right_on_existing_again|changed
|
||
|
- add_right_on_existing_again.removed == []
|
||
|
- add_right_on_existing_again.added == []
|
||
|
|
||
|
- name: remove from existing check
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Guests', 'Administrator']
|
||
|
action: remove
|
||
|
register: remove_on_existing_check
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: get actual remove from existing check
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: remove_on_existing_actual_check
|
||
|
|
||
|
- name: assert remove from existing check
|
||
|
assert:
|
||
|
that:
|
||
|
- remove_on_existing_check|changed
|
||
|
- remove_on_existing_check.removed == ["BUILTIN\\Guests", "{{ansible_hostname}}\\Administrator"]
|
||
|
- remove_on_existing_check.added == []
|
||
|
- remove_on_existing_actual_check.users == ["Administrator", "BUILTIN\\Administrators", "BUILTIN\\Users", "BUILTIN\\Guests"]
|
||
|
|
||
|
- name: remove from existing
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Guests', 'Administrator']
|
||
|
action: remove
|
||
|
register: remove_on_existing
|
||
|
|
||
|
- name: get actual remove from existing
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: remove_on_existing_actual
|
||
|
|
||
|
- name: assert remove from existing
|
||
|
assert:
|
||
|
that:
|
||
|
- remove_on_existing|changed
|
||
|
- remove_on_existing.removed == ["BUILTIN\\Guests", "{{ansible_hostname}}\\Administrator"]
|
||
|
- remove_on_existing.added == []
|
||
|
- remove_on_existing_actual.users == ["BUILTIN\\Administrators", "BUILTIN\\Users"]
|
||
|
|
||
|
- name: remove from existing again
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Guests', 'Administrator']
|
||
|
action: remove
|
||
|
register: remove_on_existing_again
|
||
|
|
||
|
- name: assert remove from existing again
|
||
|
assert:
|
||
|
that:
|
||
|
- not remove_on_existing_again|changed
|
||
|
- remove_on_existing_again.removed == []
|
||
|
- remove_on_existing_again.added == []
|
||
|
|
||
|
- name: set to existing check
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrators', 'SYSTEM', 'Backup Operators']
|
||
|
action: set
|
||
|
register: set_on_existing_check
|
||
|
check_mode: yes
|
||
|
|
||
|
- name: get actual set to existing check
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: set_on_existing_actual_check
|
||
|
|
||
|
- name: assert set to existing check
|
||
|
assert:
|
||
|
that:
|
||
|
- set_on_existing_check|changed
|
||
|
- set_on_existing_check.removed == ["BUILTIN\\Users"]
|
||
|
- set_on_existing_check.added == ["NT AUTHORITY\\SYSTEM", "BUILTIN\\Backup Operators"]
|
||
|
- set_on_existing_actual_check.users == ["BUILTIN\\Administrators", "BUILTIN\\Users"]
|
||
|
|
||
|
- name: set to existing
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrators', 'SYSTEM', 'Backup Operators']
|
||
|
action: set
|
||
|
register: set_on_existing
|
||
|
|
||
|
- name: get actual set to existing
|
||
|
test_get_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
register: set_on_existing_actual
|
||
|
|
||
|
- name: assert set to existing
|
||
|
assert:
|
||
|
that:
|
||
|
- set_on_existing|changed
|
||
|
- set_on_existing.removed == ["BUILTIN\\Users"]
|
||
|
- set_on_existing.added == ["NT AUTHORITY\\SYSTEM", "BUILTIN\\Backup Operators"]
|
||
|
- set_on_existing_actual.users == ["NT AUTHORITY\\SYSTEM", "BUILTIN\\Administrators", "BUILTIN\\Backup Operators"]
|
||
|
|
||
|
- name: set to existing again
|
||
|
win_user_right:
|
||
|
name: '{{test_win_user_right_name}}'
|
||
|
users: ['Administrators', 'SYSTEM', 'Backup Operators']
|
||
|
action: set
|
||
|
register: set_on_existing_again
|
||
|
|
||
|
- name: assert set to existing
|
||
|
assert:
|
||
|
that:
|
||
|
- not set_on_existing_again|changed
|
||
|
- set_on_existing_again.removed == []
|
||
|
- set_on_existing_again.added == []
|