win_owner - fix glob like paths (#53830)

* win_owner - fix glob like paths

* Fix issues on older PS versions
This commit is contained in:
Jordan Borean 2019-03-15 14:58:15 +10:00 committed by GitHub
parent 3cfa71bff0
commit d063cefb64
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 52 additions and 74 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- win_owner - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``

View file

@ -17,7 +17,7 @@ $path = Get-AnsibleParam -obj $params -name "path" -type "path" -failifempty $tr
$user = Get-AnsibleParam -obj $params -name "user" -type "str" -failifempty $true $user = Get-AnsibleParam -obj $params -name "user" -type "str" -failifempty $true
$recurse = Get-AnsibleParam -obj $params -name "recurse" -type "bool" -default $false -resultobj $result $recurse = Get-AnsibleParam -obj $params -name "recurse" -type "bool" -default $false -resultobj $result
If (-Not (Test-Path -Path $path)) { If (-Not (Test-Path -LiteralPath $path)) {
Fail-Json $result "$path file or directory does not exist on the host" Fail-Json $result "$path file or directory does not exist on the host"
} }
@ -30,23 +30,24 @@ if (!$sid) {
Try { Try {
$objUser = New-Object System.Security.Principal.SecurityIdentifier($sid) $objUser = New-Object System.Security.Principal.SecurityIdentifier($sid)
$file = Get-Item -Path $path $file = Get-Item -LiteralPath $path
$acl = Get-Acl $file.FullName $acl = Get-Acl -LiteralPath $file.FullName
If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) { If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) {
$acl.setOwner($objUser) $acl.setOwner($objUser)
Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode
$result.changed = $true $result.changed = $true
} }
If ($recurse) { If ($recurse -and $file -is [System.IO.DirectoryInfo]) {
$files = Get-ChildItem -Path $path -Force -Recurse # Get-ChildItem falls flat on pre PSv5 when dealing with complex path chars
$files = $file.EnumerateFileSystemInfos("*", [System.IO.SearchOption]::AllDirectories)
ForEach($file in $files){ ForEach($file in $files){
$acl = Get-Acl $file.FullName $acl = Get-Acl -LiteralPath $file.FullName
If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) { If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) {
$acl.setOwner($objUser) $acl.setOwner($objUser)
Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode
$result.changed = $true $result.changed = $true
} }
} }

View file

@ -1 +1 @@
test_win_owner_path: C:\ansible\win_owner test_win_owner_path: C:\ansible\win_owner .ÅÑŚÌβŁÈ [$!@^&test(;)]

View file

@ -1,36 +1,36 @@
--- ---
# Setup tests # Setup tests
- name: gather facts on host for use with later tests # Use single task to save on CI runtime
setup: - name: create test files
win_shell: |
$folders = @(
"folder",
"folder\folder1",
"folder\folder2",
"folder with space",
"folder with space\folder1",
"folder with space\folder2"
)
$tmp_dir = '{{ test_win_owner_path }}'
if (Test-Path -LiteralPath $tmp_dir) {
Remove-Item -LiteralPath $tmp_dir -Force -Recurse
}
New-Item -Path $tmp_dir -ItemType Directory
- name: remove test path to ensure baseline foreach ($folder in $folders) {
win_file: New-Item -Path "$tmp_dir\$folder" -ItemType Directory
path: "{{test_win_owner_path}}" }
state: absent $files = @(
"folder\file.txt",
- name: create test paths "folder\folder1\file.txt",
win_file: "folder\folder2\file.txt",
path: "{{test_win_owner_path}}\\{{item}}" "folder with space\file.txt",
state: directory "folder with space\folder1\file.txt",
with_items: "folder with space\folder2\file.txt"
- folder )
- folder\folder1 foreach ($file in $files) {
- folder\folder2 Set-Content -LiteralPath "$tmp_dir\$file" -Value "content"
- folder with space }
- folder with space\folder1
- folder with space\folder2
- name: create system test files
win_copy:
dest: "{{test_win_owner_path}}\\{{item}}"
content: content
with_items:
- folder\file.txt
- folder\folder1\file.txt
- folder\folder2\file.txt
- folder with space\file.txt
- folder with space\folder1\file.txt
- folder with space\folder2\file.txt
# Run win_owner tests # Run win_owner tests
- name: set owner for invalid path - name: set owner for invalid path
@ -55,7 +55,7 @@
check_mode: True check_mode: True
- name: get owner of folder of set owner defaults check - name: get owner of folder of set owner defaults check
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
register: actual_defaults_check register: actual_defaults_check
- name: assert set owner defaults check - name: assert set owner defaults check
@ -71,7 +71,7 @@
register: defaults register: defaults
- name: get owner of folder of set owner defaults - name: get owner of folder of set owner defaults
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
register: actual_defaults register: actual_defaults
- name: assert set owner defaults - name: assert set owner defaults
@ -86,15 +86,10 @@
user: SYSTEM user: SYSTEM
register: defaults_again register: defaults_again
- name: get owner of folder of set owner defaults again
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner"
register: actual_defaults_again
- name: assert set owner defaults again - name: assert set owner defaults again
assert: assert:
that: that:
- defaults_again is not changed - defaults_again is not changed
- actual_defaults_again.stdout_lines[0] == 'NT AUTHORITY\SYSTEM'
- name: set owner recurse check - name: set owner recurse check
win_owner: win_owner:
@ -105,7 +100,7 @@
check_mode: True check_mode: True
- name: get owner of folder of set owner recurse check - name: get owner of folder of set owner recurse check
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item.path}}').Owner" win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item.path}}').Owner
register: actual_recurse_check register: actual_recurse_check
failed_when: actual_recurse_check.stdout_lines[0] != item.owner failed_when: actual_recurse_check.stdout_lines[0] != item.owner
with_items: with_items:
@ -129,7 +124,7 @@
register: recurse register: recurse
- name: get owner of folder of set owner recurse - name: get owner of folder of set owner recurse
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item}}').Owner
register: actual_recurse register: actual_recurse
failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM' failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM'
with_items: with_items:
@ -152,18 +147,6 @@
recurse: True recurse: True
register: recurse_again register: recurse_again
- name: get owner of folder of set owner recurse again
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner"
register: actual_recurse_again
failed_when: actual_recurse_again.stdout_lines[0] != 'NT AUTHORITY\SYSTEM'
with_items:
- folder
- folder\file.txt
- folder\folder1
- folder\folder1\file.txt
- folder\folder2
- folder\folder2\file.txt
- name: assert set owner recurse again - name: assert set owner recurse again
assert: assert:
that: that:
@ -173,6 +156,7 @@
win_user: win_user:
name: test win owner name: test win owner
password: E1K0-O8b1-c8M9-c6D5 password: E1K0-O8b1-c8M9-c6D5
register: test_user
- name: set owner with space recurse - name: set owner with space recurse
win_owner: win_owner:
@ -182,9 +166,12 @@
register: recurse_space register: recurse_space
- name: get owner of folder of set owner with space recurse - name: get owner of folder of set owner with space recurse
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" win_shell: |
$owner = (Get-Acl -LiteralPath '{{ test_win_owner_path }}\{{ item }}').Owner
$account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $owner
$account.Translate([System.Security.Principal.SecurityIdentifier]).Value
register: actual_recurse_space register: actual_recurse_space
failed_when: actual_recurse_space.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER' failed_when: actual_recurse_space.stdout_lines[0] != test_user.sid
with_items: with_items:
- folder with space - folder with space
- folder with space\file.txt - folder with space\file.txt
@ -205,18 +192,6 @@
recurse: True recurse: True
register: recurse_space_again register: recurse_space_again
- name: get owner of folder of set owner with space recurse again
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner"
register: actual_recurse_space_again
failed_when: actual_recurse_space_again.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER'
with_items:
- folder with space
- folder with space\file.txt
- folder with space\folder1
- folder with space\folder1\file.txt
- folder with space\folder2
- folder with space\folder2\file.txt
- name: assert set owner with space recurse again - name: assert set owner with space recurse again
assert: assert:
that: that: