mirror of https://github.com/ansible/ansible.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
255 lines
7.9 KiB
YAML
255 lines
7.9 KiB
YAML
---
|
|
- name: test create a new RAP (check mode)
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- administrators
|
|
- users@builtin
|
|
state: present
|
|
register: new_rap_check
|
|
check_mode: yes
|
|
|
|
- name: get result of create a new RAP (check mode)
|
|
win_shell: Import-Module RemoteDesktopServices; Write-Host (Test-Path "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}")
|
|
register: new_rap_actual_check
|
|
|
|
- name: assert results of create a new RAP (check mode)
|
|
assert:
|
|
that:
|
|
- new_rap_check.changed == true
|
|
- new_rap_actual_check.stdout_lines[0] == "False"
|
|
|
|
- name: test create a new RAP
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- administrators
|
|
- users@builtin
|
|
state: present
|
|
register: new_rap
|
|
|
|
- name: get result of create a new RAP
|
|
win_shell: Import-Module RemoteDesktopServices; Write-Host (Test-Path "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}")
|
|
register: new_rap_actual
|
|
|
|
- name: assert results of create a new RAP
|
|
assert:
|
|
that:
|
|
- new_rap.changed == true
|
|
- new_rap_actual.stdout_lines[0] == "True"
|
|
|
|
- name: test create a new RAP (idempotent)
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- administrators
|
|
- users@builtin
|
|
state: present
|
|
register: new_rap_again
|
|
|
|
- name: get result of create a new RAP (idempotent)
|
|
win_shell: Import-Module RemoteDesktopServices; Write-Host (Test-Path "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}")
|
|
register: new_rap_actual_again
|
|
|
|
- name: assert results of create a new RAP (idempotent)
|
|
assert:
|
|
that:
|
|
- new_rap_again.changed == false
|
|
- new_rap_actual_again.stdout_lines[0] == "True"
|
|
|
|
- name: test edit a RAP
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
description: 'Description of {{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
# Test with different group name formats
|
|
- users@builtin
|
|
- .\guests
|
|
computer_group_type: ad_network_resource_group
|
|
computer_group: administrators
|
|
allowed_ports:
|
|
- 3389
|
|
- 3390
|
|
- 3391
|
|
state: disabled
|
|
register: edit_rap
|
|
|
|
- name: get result of edit a RAP
|
|
win_shell: |
|
|
Import-Module RemoteDesktopServices;
|
|
$rap_path = "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}"
|
|
$rap = @{}
|
|
Get-ChildItem -Path "$rap_path" | foreach { $rap.Add($_.Name,$_.CurrentValue) }
|
|
$rap.UserGroups = @(Get-ChildItem -Path "$rap_path\UserGroups" | Select -ExpandProperty Name)
|
|
$rap | ConvertTo-Json
|
|
register: edit_rap_actual_json
|
|
|
|
- name: parse result of edit a RAP.
|
|
set_fact:
|
|
edit_rap_actual: '{{ edit_rap_actual_json.stdout | from_json }}'
|
|
|
|
- name: assert results of edit a RAP
|
|
assert:
|
|
that:
|
|
- edit_rap.changed == true
|
|
- edit_rap_actual.Status == "0"
|
|
- edit_rap_actual.Description == "Description of {{ test_win_rds_rap_name }}"
|
|
- edit_rap_actual.PortNumbers == "3389,3390,3391"
|
|
- edit_rap_actual.UserGroups | length == 2
|
|
- edit_rap_actual.UserGroups[0] == "Users@BUILTIN"
|
|
- edit_rap_actual.UserGroups[1] == "Guests@BUILTIN"
|
|
- edit_rap_actual.ComputerGroupType == "1"
|
|
- edit_rap_actual.ComputerGroup == "Administrators@BUILTIN"
|
|
|
|
- name: test edit a RAP (indempotent)
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
description: 'Description of {{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- users@builtin
|
|
- guests@builtin
|
|
computer_group_type: ad_network_resource_group
|
|
computer_group: Administrators@BUILTIN
|
|
allowed_ports:
|
|
- 3389
|
|
- 3390
|
|
- 3391
|
|
state: disabled
|
|
register: edit_rap_again
|
|
|
|
- name: assert results of edit a RAP (indempotent)
|
|
assert:
|
|
that:
|
|
- edit_rap_again.changed == false
|
|
|
|
- name: test allow all ports
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
allowed_ports: any
|
|
register: edit_rap_allow_all_ports
|
|
|
|
- name: get result of allow all ports
|
|
win_shell: Import-Module RemoteDesktopServices; Write-Host (Get-Item "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}\PortNumbers").CurrentValue
|
|
register: edit_rap_allow_all_ports_actual
|
|
|
|
- name: assert results of allow all ports
|
|
assert:
|
|
that:
|
|
- edit_rap_allow_all_ports.changed == true
|
|
- edit_rap_allow_all_ports_actual.stdout_lines[0] == "*"
|
|
|
|
- name: test remove RAP (check mode)
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
state: absent
|
|
register: remove_rap_check
|
|
check_mode: yes
|
|
|
|
- name: get result of remove RAP (check mode)
|
|
win_shell: Import-Module RemoteDesktopServices; Write-Host (Test-Path "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}")
|
|
register: remove_rap_actual_check
|
|
|
|
- name: assert results of remove RAP (check mode)
|
|
assert:
|
|
that:
|
|
- remove_rap_check.changed == true
|
|
- remove_rap_actual_check.stdout_lines[0] == "True"
|
|
|
|
- name: test remove RAP
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
state: absent
|
|
register: remove_rap
|
|
|
|
- name: get result of remove RAP
|
|
win_shell: Import-Module RemoteDesktopServices; Write-Host (Test-Path "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}")
|
|
register: remove_rap_actual
|
|
|
|
- name: assert results of remove RAP
|
|
assert:
|
|
that:
|
|
- remove_rap.changed == true
|
|
- remove_rap_actual.stdout_lines[0] == "False"
|
|
|
|
- name: test remove RAP (idempotent)
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
state: absent
|
|
register: remove_rap_again
|
|
|
|
- name: get result of remove RAP (idempotent)
|
|
win_shell: Import-Module RemoteDesktopServices; Write-Host (Test-Path "RDS:\GatewayServer\RAP\{{ test_win_rds_rap_name }}")
|
|
register: remove_rap_actual_again
|
|
|
|
- name: assert results of remove RAP (idempotent)
|
|
assert:
|
|
that:
|
|
- remove_rap_again.changed == false
|
|
- remove_rap_actual_again.stdout_lines[0] == "False"
|
|
|
|
- name: fail when create a new RAP without user group
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
state: present
|
|
register: new_rap_without_group
|
|
check_mode: yes
|
|
failed_when: "new_rap_without_group.msg != 'User groups must be defined to create a new RAP.'"
|
|
|
|
- name: fail when create a new RAP with an empty user group list
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups: []
|
|
state: present
|
|
register: new_rap_empty_group_list
|
|
check_mode: yes
|
|
failed_when: "new_rap_empty_group_list.msg is not search('cannot be an empty list')"
|
|
|
|
- name: fail when create a new RAP with an invalid user group
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- fake_group
|
|
state: present
|
|
register: new_rap_invalid_group
|
|
check_mode: yes
|
|
failed_when: new_rap_invalid_group.changed != false or new_rap_invalid_group.msg is not search('is not a valid account')
|
|
|
|
- name: fail when create a new RAP with an invalid AD computer group
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- administrators
|
|
computer_group_type: ad_network_resource_group
|
|
computer_group: fake_ad_group
|
|
state: present
|
|
register: new_rap_invalid_ad_computer_group
|
|
check_mode: yes
|
|
failed_when: new_rap_invalid_ad_computer_group.changed != false or new_rap_invalid_ad_computer_group.msg is not search('is not a valid account')
|
|
|
|
- name: fail when create a new RAP with an invalid gateway managed computer group
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- administrators
|
|
computer_group_type: rdg_group
|
|
computer_group: fake_rdg_group
|
|
state: present
|
|
register: new_rap_invalid_rdg_computer_group
|
|
check_mode: yes
|
|
failed_when: new_rap_invalid_rdg_computer_group.changed != false or new_rap_invalid_rdg_computer_group.msg is not search('is not a valid gateway managed computer group')
|
|
|
|
- name: fail when create a new RAP with invalid port numbers
|
|
win_rds_rap:
|
|
name: '{{ test_win_rds_rap_name }}'
|
|
user_groups:
|
|
- administrators
|
|
allowed_ports:
|
|
- '{{ item }}'
|
|
state: present
|
|
loop:
|
|
- invalid_port_number
|
|
- 65536
|
|
register: new_rap_invalid_port
|
|
check_mode: yes
|
|
failed_when: new_rap_invalid_port.changed != false or new_rap_invalid_port.msg is not search('is not a valid port number')
|