d063cefb64
* win_owner - fix glob like paths * Fix issues on older PS versions
209 lines
5.7 KiB
YAML
209 lines
5.7 KiB
YAML
---
|
|
# Setup tests
|
|
# Use single task to save on CI runtime
|
|
- name: create test files
|
|
win_shell: |
|
|
$folders = @(
|
|
"folder",
|
|
"folder\folder1",
|
|
"folder\folder2",
|
|
"folder with space",
|
|
"folder with space\folder1",
|
|
"folder with space\folder2"
|
|
)
|
|
$tmp_dir = '{{ test_win_owner_path }}'
|
|
if (Test-Path -LiteralPath $tmp_dir) {
|
|
Remove-Item -LiteralPath $tmp_dir -Force -Recurse
|
|
}
|
|
New-Item -Path $tmp_dir -ItemType Directory
|
|
|
|
foreach ($folder in $folders) {
|
|
New-Item -Path "$tmp_dir\$folder" -ItemType Directory
|
|
}
|
|
$files = @(
|
|
"folder\file.txt",
|
|
"folder\folder1\file.txt",
|
|
"folder\folder2\file.txt",
|
|
"folder with space\file.txt",
|
|
"folder with space\folder1\file.txt",
|
|
"folder with space\folder2\file.txt"
|
|
)
|
|
foreach ($file in $files) {
|
|
Set-Content -LiteralPath "$tmp_dir\$file" -Value "content"
|
|
}
|
|
|
|
# Run win_owner tests
|
|
- name: set owner for invalid path
|
|
win_owner:
|
|
path: C:\invalid
|
|
user: SYSTEM
|
|
register: invalid_path
|
|
failed_when: invalid_path.msg != 'C:\invalid file or directory does not exist on the host'
|
|
|
|
- name: set owner for invalid user
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}"
|
|
user: invalid-user
|
|
register: invalid_user
|
|
failed_when: invalid_user.msg is not search("account_name invalid-user is not a valid account, cannot get SID.*")
|
|
|
|
- name: set owner defaults check
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder"
|
|
user: SYSTEM
|
|
register: defaults_check
|
|
check_mode: True
|
|
|
|
- name: get owner of folder of set owner defaults check
|
|
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
|
|
register: actual_defaults_check
|
|
|
|
- name: assert set owner defaults check
|
|
assert:
|
|
that:
|
|
- defaults_check is changed
|
|
- actual_defaults_check.stdout_lines[0] == 'BUILTIN\Administrators'
|
|
|
|
- name: set owner defaults
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder"
|
|
user: SYSTEM
|
|
register: defaults
|
|
|
|
- name: get owner of folder of set owner defaults
|
|
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
|
|
register: actual_defaults
|
|
|
|
- name: assert set owner defaults
|
|
assert:
|
|
that:
|
|
- defaults is changed
|
|
- actual_defaults.stdout_lines[0] == 'NT AUTHORITY\SYSTEM'
|
|
|
|
- name: set owner defaults again
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder"
|
|
user: SYSTEM
|
|
register: defaults_again
|
|
|
|
- name: assert set owner defaults again
|
|
assert:
|
|
that:
|
|
- defaults_again is not changed
|
|
|
|
- name: set owner recurse check
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder"
|
|
user: SYSTEM
|
|
recurse: True
|
|
register: recurse_check
|
|
check_mode: True
|
|
|
|
- name: get owner of folder of set owner recurse check
|
|
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item.path}}').Owner
|
|
register: actual_recurse_check
|
|
failed_when: actual_recurse_check.stdout_lines[0] != item.owner
|
|
with_items:
|
|
- { path: 'folder', owner: 'NT AUTHORITY\SYSTEM' }
|
|
- { path: 'folder\file.txt', owner: 'BUILTIN\Administrators' }
|
|
- { path: 'folder\folder1', owner: 'BUILTIN\Administrators' }
|
|
- { path: 'folder\folder1\file.txt', owner: 'BUILTIN\Administrators' }
|
|
- { path: 'folder\folder2', owner: 'BUILTIN\Administrators' }
|
|
- { path: 'folder\folder2\file.txt', owner: 'BUILTIN\Administrators' }
|
|
|
|
- name: assert set owner recurse check
|
|
assert:
|
|
that:
|
|
- recurse_check is changed
|
|
|
|
- name: set owner recurse
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder"
|
|
user: SYSTEM
|
|
recurse: True
|
|
register: recurse
|
|
|
|
- name: get owner of folder of set owner recurse
|
|
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item}}').Owner
|
|
register: actual_recurse
|
|
failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM'
|
|
with_items:
|
|
- folder
|
|
- folder\file.txt
|
|
- folder\folder1
|
|
- folder\folder1\file.txt
|
|
- folder\folder2
|
|
- folder\folder2\file.txt
|
|
|
|
- name: assert set owner recurse
|
|
assert:
|
|
that:
|
|
- recurse is changed
|
|
|
|
- name: set owner recurse again
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder"
|
|
user: SYSTEM
|
|
recurse: True
|
|
register: recurse_again
|
|
|
|
- name: assert set owner recurse again
|
|
assert:
|
|
that:
|
|
- recurse_again is not changed
|
|
|
|
- name: create test user
|
|
win_user:
|
|
name: test win owner
|
|
password: E1K0-O8b1-c8M9-c6D5
|
|
register: test_user
|
|
|
|
- name: set owner with space recurse
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder with space"
|
|
user: test win owner
|
|
recurse: True
|
|
register: recurse_space
|
|
|
|
- name: get owner of folder of set owner with space recurse
|
|
win_shell: |
|
|
$owner = (Get-Acl -LiteralPath '{{ test_win_owner_path }}\{{ item }}').Owner
|
|
$account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $owner
|
|
$account.Translate([System.Security.Principal.SecurityIdentifier]).Value
|
|
register: actual_recurse_space
|
|
failed_when: actual_recurse_space.stdout_lines[0] != test_user.sid
|
|
with_items:
|
|
- folder with space
|
|
- folder with space\file.txt
|
|
- folder with space\folder1
|
|
- folder with space\folder1\file.txt
|
|
- folder with space\folder2
|
|
- folder with space\folder2\file.txt
|
|
|
|
- name: assert set owner with space recurse
|
|
assert:
|
|
that:
|
|
- recurse_space is changed
|
|
|
|
- name: set owner with space recurse again
|
|
win_owner:
|
|
path: "{{test_win_owner_path}}\\folder with space"
|
|
user: test win owner
|
|
recurse: True
|
|
register: recurse_space_again
|
|
|
|
- name: assert set owner with space recurse again
|
|
assert:
|
|
that:
|
|
- recurse_space_again is not changed
|
|
|
|
# Run cleanup after tests
|
|
- name: delete test path
|
|
win_file:
|
|
path: "{{test_win_owner_path}}"
|
|
state: absent
|
|
|
|
- name: remove test user
|
|
win_user:
|
|
name: test win owner
|
|
state: absent
|