win_acl - fix glob file paths (#53828)
This commit is contained in:
parent
4f9de45785
commit
aba6f5f50d
5 changed files with 12 additions and 10 deletions
2
changelogs/fragments/win_acl-paths.yaml
Normal file
2
changelogs/fragments/win_acl-paths.yaml
Normal file
|
@ -0,0 +1,2 @@
|
|||
bugfixes:
|
||||
- win_acl - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
|
|
@ -31,9 +31,9 @@ function Get-UserSID {
|
|||
|
||||
if ($searchAppPools) {
|
||||
Import-Module -Name WebAdministration
|
||||
$testIISPath = Test-Path -Path "IIS:"
|
||||
$testIISPath = Test-Path -LiteralPath "IIS:"
|
||||
if ($testIISPath) {
|
||||
$appPoolObj = Get-ItemProperty -Path "IIS:\AppPools\$AccountName"
|
||||
$appPoolObj = Get-ItemProperty -LiteralPath "IIS:\AppPools\$AccountName"
|
||||
$userSID = $appPoolObj.applicationPoolSid
|
||||
}
|
||||
}
|
||||
|
@ -90,7 +90,7 @@ $state = Get-AnsibleParam -obj $params -name "state" -type "str" -default "prese
|
|||
$inherit = Get-AnsibleParam -obj $params -name "inherit" -type "str"
|
||||
$propagation = Get-AnsibleParam -obj $params -name "propagation" -type "str" -default "None" -validateset "InheritOnly","None","NoPropagateInherit"
|
||||
|
||||
If (-Not (Test-Path -Path $path)) {
|
||||
If (-Not (Test-Path -LiteralPath $path)) {
|
||||
Fail-Json -obj $result -message "$path file or directory does not exist on the host"
|
||||
}
|
||||
|
||||
|
@ -100,7 +100,7 @@ if (!$sid) {
|
|||
Fail-Json -obj $result -message "$user is not a valid user or group on the host machine or domain"
|
||||
}
|
||||
|
||||
If (Test-Path -Path $path -PathType Leaf) {
|
||||
If (Test-Path -LiteralPath $path -PathType Leaf) {
|
||||
$inherit = "None"
|
||||
}
|
||||
ElseIf ($null -eq $inherit) {
|
||||
|
@ -133,7 +133,7 @@ Try {
|
|||
Else {
|
||||
$objACE = New-Object System.Security.AccessControl.FileSystemAccessRule ($objUser, $colRights, $InheritanceFlag, $PropagationFlag, $objType)
|
||||
}
|
||||
$objACL = Get-ACL $path
|
||||
$objACL = Get-ACL -LiteralPath $path
|
||||
|
||||
# Check if the ACE exists already in the objects ACL list
|
||||
$match = $false
|
||||
|
@ -168,7 +168,7 @@ Try {
|
|||
If ($state -eq "present" -And $match -eq $false) {
|
||||
Try {
|
||||
$objACL.AddAccessRule($objACE)
|
||||
Set-ACL $path $objACL
|
||||
Set-ACL -LiteralPath $path -AclObject $objACL
|
||||
$result.changed = $true
|
||||
}
|
||||
Catch {
|
||||
|
@ -178,7 +178,7 @@ Try {
|
|||
ElseIf ($state -eq "absent" -And $match -eq $true) {
|
||||
Try {
|
||||
$objACL.RemoveAccessRule($objACE)
|
||||
Set-ACL $path $objACL
|
||||
Set-ACL -LiteralPath $path -AclObject $objACL
|
||||
$result.changed = $true
|
||||
}
|
||||
Catch {
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
test_acl_path: '{{ win_output_dir }}/win_acl'
|
||||
test_acl_path: '{{ win_output_dir }}\win_acl .ÅÑŚÌβŁÈ [$!@^&test(;)]'
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
include_tasks: tests.yml
|
||||
|
||||
always:
|
||||
- name: clenaup testing dir
|
||||
- name: cleanup testing dir
|
||||
win_file:
|
||||
path: '{{ test_acl_path }}'
|
||||
state: absent
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
- name: get register cmd that will get ace info
|
||||
set_fact:
|
||||
test_ace_cmd: |
|
||||
$ace_list = (Get-Acl -Path $path).Access | Where-Object { $_.IsInherited -eq $false } | ForEach-Object {
|
||||
$ace_list = (Get-Acl -LiteralPath $path).Access | Where-Object { $_.IsInherited -eq $false } | ForEach-Object {
|
||||
@{
|
||||
rights = $_.FileSystemRights.ToString()
|
||||
type = $_.AccessControlType.ToString()
|
||||
|
|
Loading…
Reference in a new issue