You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ansible/test/integration/targets/win_owner/tasks/main.yml

210 lines
5.7 KiB
YAML

---
# Setup tests
# Use single task to save on CI runtime
- name: create test files
win_shell: |
$folders = @(
"folder",
"folder\folder1",
"folder\folder2",
"folder with space",
"folder with space\folder1",
"folder with space\folder2"
)
$tmp_dir = '{{ test_win_owner_path }}'
if (Test-Path -LiteralPath $tmp_dir) {
Remove-Item -LiteralPath $tmp_dir -Force -Recurse
}
New-Item -Path $tmp_dir -ItemType Directory
foreach ($folder in $folders) {
New-Item -Path "$tmp_dir\$folder" -ItemType Directory
}
$files = @(
"folder\file.txt",
"folder\folder1\file.txt",
"folder\folder2\file.txt",
"folder with space\file.txt",
"folder with space\folder1\file.txt",
"folder with space\folder2\file.txt"
)
foreach ($file in $files) {
Set-Content -LiteralPath "$tmp_dir\$file" -Value "content"
}
# Run win_owner tests
- name: set owner for invalid path
win_owner:
path: C:\invalid
user: SYSTEM
register: invalid_path
failed_when: invalid_path.msg != 'C:\invalid file or directory does not exist on the host'
- name: set owner for invalid user
win_owner:
path: "{{test_win_owner_path}}"
user: invalid-user
register: invalid_user
failed_when: invalid_user.msg is not search("account_name invalid-user is not a valid account, cannot get SID.*")
- name: set owner defaults check
win_owner:
path: "{{test_win_owner_path}}\\folder"
user: SYSTEM
register: defaults_check
check_mode: True
- name: get owner of folder of set owner defaults check
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
register: actual_defaults_check
- name: assert set owner defaults check
assert:
that:
- defaults_check is changed
- actual_defaults_check.stdout_lines[0] == 'BUILTIN\Administrators'
- name: set owner defaults
win_owner:
path: "{{test_win_owner_path}}\\folder"
user: SYSTEM
register: defaults
- name: get owner of folder of set owner defaults
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
register: actual_defaults
- name: assert set owner defaults
assert:
that:
- defaults is changed
- actual_defaults.stdout_lines[0] == 'NT AUTHORITY\SYSTEM'
- name: set owner defaults again
win_owner:
path: "{{test_win_owner_path}}\\folder"
user: SYSTEM
register: defaults_again
- name: assert set owner defaults again
assert:
that:
- defaults_again is not changed
- name: set owner recurse check
win_owner:
path: "{{test_win_owner_path}}\\folder"
user: SYSTEM
recurse: True
register: recurse_check
check_mode: True
- name: get owner of folder of set owner recurse check
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item.path}}').Owner
register: actual_recurse_check
failed_when: actual_recurse_check.stdout_lines[0] != item.owner
with_items:
- { path: 'folder', owner: 'NT AUTHORITY\SYSTEM' }
- { path: 'folder\file.txt', owner: 'BUILTIN\Administrators' }
- { path: 'folder\folder1', owner: 'BUILTIN\Administrators' }
- { path: 'folder\folder1\file.txt', owner: 'BUILTIN\Administrators' }
- { path: 'folder\folder2', owner: 'BUILTIN\Administrators' }
- { path: 'folder\folder2\file.txt', owner: 'BUILTIN\Administrators' }
- name: assert set owner recurse check
assert:
that:
- recurse_check is changed
- name: set owner recurse
win_owner:
path: "{{test_win_owner_path}}\\folder"
user: SYSTEM
recurse: True
register: recurse
- name: get owner of folder of set owner recurse
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item}}').Owner
register: actual_recurse
failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM'
with_items:
- folder
- folder\file.txt
- folder\folder1
- folder\folder1\file.txt
- folder\folder2
- folder\folder2\file.txt
- name: assert set owner recurse
assert:
that:
- recurse is changed
- name: set owner recurse again
win_owner:
path: "{{test_win_owner_path}}\\folder"
user: SYSTEM
recurse: True
register: recurse_again
- name: assert set owner recurse again
assert:
that:
- recurse_again is not changed
- name: create test user
win_user:
name: test win owner
password: E1K0-O8b1-c8M9-c6D5
register: test_user
- name: set owner with space recurse
win_owner:
path: "{{test_win_owner_path}}\\folder with space"
user: test win owner
recurse: True
register: recurse_space
- name: get owner of folder of set owner with space recurse
win_shell: |
$owner = (Get-Acl -LiteralPath '{{ test_win_owner_path }}\{{ item }}').Owner
$account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $owner
$account.Translate([System.Security.Principal.SecurityIdentifier]).Value
register: actual_recurse_space
failed_when: actual_recurse_space.stdout_lines[0] != test_user.sid
with_items:
- folder with space
- folder with space\file.txt
- folder with space\folder1
- folder with space\folder1\file.txt
- folder with space\folder2
- folder with space\folder2\file.txt
- name: assert set owner with space recurse
assert:
that:
- recurse_space is changed
- name: set owner with space recurse again
win_owner:
path: "{{test_win_owner_path}}\\folder with space"
user: test win owner
recurse: True
register: recurse_space_again
- name: assert set owner with space recurse again
assert:
that:
- recurse_space_again is not changed
# Run cleanup after tests
- name: delete test path
win_file:
path: "{{test_win_owner_path}}"
state: absent
- name: remove test user
win_user:
name: test win owner
state: absent