--- # Setup tests # Use single task to save on CI runtime - name: create test files win_shell: | $folders = @( "folder", "folder\folder1", "folder\folder2", "folder with space", "folder with space\folder1", "folder with space\folder2" ) $tmp_dir = '{{ test_win_owner_path }}' if (Test-Path -LiteralPath $tmp_dir) { Remove-Item -LiteralPath $tmp_dir -Force -Recurse } New-Item -Path $tmp_dir -ItemType Directory foreach ($folder in $folders) { New-Item -Path "$tmp_dir\$folder" -ItemType Directory } $files = @( "folder\file.txt", "folder\folder1\file.txt", "folder\folder2\file.txt", "folder with space\file.txt", "folder with space\folder1\file.txt", "folder with space\folder2\file.txt" ) foreach ($file in $files) { Set-Content -LiteralPath "$tmp_dir\$file" -Value "content" } # Run win_owner tests - name: set owner for invalid path win_owner: path: C:\invalid user: SYSTEM register: invalid_path failed_when: invalid_path.msg != 'C:\invalid file or directory does not exist on the host' - name: set owner for invalid user win_owner: path: "{{test_win_owner_path}}" user: invalid-user register: invalid_user failed_when: invalid_user.msg is not search("account_name invalid-user is not a valid account, cannot get SID.*") - name: set owner defaults check win_owner: path: "{{test_win_owner_path}}\\folder" user: SYSTEM register: defaults_check check_mode: True - name: get owner of folder of set owner defaults check win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner register: actual_defaults_check - name: assert set owner defaults check assert: that: - defaults_check is changed - actual_defaults_check.stdout_lines[0] == 'BUILTIN\Administrators' - name: set owner defaults win_owner: path: "{{test_win_owner_path}}\\folder" user: SYSTEM register: defaults - name: get owner of folder of set owner defaults win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner register: actual_defaults - name: assert set owner defaults assert: that: - defaults is changed - actual_defaults.stdout_lines[0] == 'NT AUTHORITY\SYSTEM' - name: set owner defaults again win_owner: path: "{{test_win_owner_path}}\\folder" user: SYSTEM register: defaults_again - name: assert set owner defaults again assert: that: - defaults_again is not changed - name: set owner recurse check win_owner: path: "{{test_win_owner_path}}\\folder" user: SYSTEM recurse: True register: recurse_check check_mode: True - name: get owner of folder of set owner recurse check win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item.path}}').Owner register: actual_recurse_check failed_when: actual_recurse_check.stdout_lines[0] != item.owner with_items: - { path: 'folder', owner: 'NT AUTHORITY\SYSTEM' } - { path: 'folder\file.txt', owner: 'BUILTIN\Administrators' } - { path: 'folder\folder1', owner: 'BUILTIN\Administrators' } - { path: 'folder\folder1\file.txt', owner: 'BUILTIN\Administrators' } - { path: 'folder\folder2', owner: 'BUILTIN\Administrators' } - { path: 'folder\folder2\file.txt', owner: 'BUILTIN\Administrators' } - name: assert set owner recurse check assert: that: - recurse_check is changed - name: set owner recurse win_owner: path: "{{test_win_owner_path}}\\folder" user: SYSTEM recurse: True register: recurse - name: get owner of folder of set owner recurse win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item}}').Owner register: actual_recurse failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM' with_items: - folder - folder\file.txt - folder\folder1 - folder\folder1\file.txt - folder\folder2 - folder\folder2\file.txt - name: assert set owner recurse assert: that: - recurse is changed - name: set owner recurse again win_owner: path: "{{test_win_owner_path}}\\folder" user: SYSTEM recurse: True register: recurse_again - name: assert set owner recurse again assert: that: - recurse_again is not changed - name: create test user win_user: name: test win owner password: E1K0-O8b1-c8M9-c6D5 register: test_user - name: set owner with space recurse win_owner: path: "{{test_win_owner_path}}\\folder with space" user: test win owner recurse: True register: recurse_space - name: get owner of folder of set owner with space recurse win_shell: | $owner = (Get-Acl -LiteralPath '{{ test_win_owner_path }}\{{ item }}').Owner $account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $owner $account.Translate([System.Security.Principal.SecurityIdentifier]).Value register: actual_recurse_space failed_when: actual_recurse_space.stdout_lines[0] != test_user.sid with_items: - folder with space - folder with space\file.txt - folder with space\folder1 - folder with space\folder1\file.txt - folder with space\folder2 - folder with space\folder2\file.txt - name: assert set owner with space recurse assert: that: - recurse_space is changed - name: set owner with space recurse again win_owner: path: "{{test_win_owner_path}}\\folder with space" user: test win owner recurse: True register: recurse_space_again - name: assert set owner with space recurse again assert: that: - recurse_space_again is not changed # Run cleanup after tests - name: delete test path win_file: path: "{{test_win_owner_path}}" state: absent - name: remove test user win_user: name: test win owner state: absent