diff options
Diffstat (limited to 'test/integration/targets/win_acl')
-rw-r--r-- | test/integration/targets/win_acl/aliases | 1 | ||||
-rw-r--r-- | test/integration/targets/win_acl/defaults/main.yml | 5 | ||||
-rw-r--r-- | test/integration/targets/win_acl/tasks/main.yml | 33 | ||||
-rw-r--r-- | test/integration/targets/win_acl/tasks/tests.yml | 362 |
4 files changed, 0 insertions, 401 deletions
diff --git a/test/integration/targets/win_acl/aliases b/test/integration/targets/win_acl/aliases deleted file mode 100644 index 3cf5b97e80..0000000000 --- a/test/integration/targets/win_acl/aliases +++ /dev/null @@ -1 +0,0 @@ -shippable/windows/group3 diff --git a/test/integration/targets/win_acl/defaults/main.yml b/test/integration/targets/win_acl/defaults/main.yml deleted file mode 100644 index 9999acd1ba..0000000000 --- a/test/integration/targets/win_acl/defaults/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -test_acl_path: '{{ win_output_dir }}\win_acl .ÅÑŚÌβŁÈ [$!@^&test(;)]' -test_acl_network_path: \\localhost\{{ test_acl_path[0:1] }}$\{{ test_acl_path[3:] }} -# Use HKU as that path is not automatically loaded in the PSProvider making our test more complex -test_acl_reg_path: HKU:\.DEFAULT\Ansible Test .ÅÑŚÌβŁÈ [$!@^&test(;)] diff --git a/test/integration/targets/win_acl/tasks/main.yml b/test/integration/targets/win_acl/tasks/main.yml deleted file mode 100644 index d322fb893a..0000000000 --- a/test/integration/targets/win_acl/tasks/main.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -- name: ensure we start with a clean dir - win_file: - path: '{{ test_acl_path }}' - state: '{{ item }}' - with_items: - - absent - - directory - -- name: ensure we start with a clean reg path - win_regedit: - path: '{{ test_acl_reg_path }}' - delete_key: yes - state: '{{ item }}' - with_items: - - absent - - present - -- block: - - name: run tests - include_tasks: tests.yml - - always: - - name: cleanup testing dir - win_file: - path: '{{ test_acl_path }}' - state: absent - - - name: cleanup testing reg path - win_regedit: - path: '{{ test_acl_reg_path }}' - delete_key: yes - state: absent diff --git a/test/integration/targets/win_acl/tasks/tests.yml b/test/integration/targets/win_acl/tasks/tests.yml deleted file mode 100644 index 56f5273373..0000000000 --- a/test/integration/targets/win_acl/tasks/tests.yml +++ /dev/null @@ -1,362 +0,0 @@ -# these are very basic tests, they should be expanded greatly as this is a core module ---- -- name: get register cmd that will get ace info - set_fact: - test_ace_cmd: | - # Overcome bug in Set-Acl/Get-Acl for registry paths and -LiteralPath - New-PSDrive -Name HKU -PSProvider Registry -Root HKEY_USERS > $null - Push-Location -LiteralPath (Split-Path -Path $path -Qualifier) - $rights_key = if ((Get-Item -LiteralPath $path -Force).PSProvider.Name -eq "Registry") { - "RegistryRights" - } else { - "FileSystemRights" - } - $ace_list = (Get-Acl -LiteralPath $path).Access | Where-Object { $_.IsInherited -eq $false } | ForEach-Object { - @{ - rights = $_."$rights_key".ToString() - type = $_.AccessControlType.ToString() - identity = $_.IdentityReference.Value.ToString() - inheritance_flags = $_.InheritanceFlags.ToString() - propagation_flags = $_.PropagationFlags.ToString() - } - } - Pop-Location - ConvertTo-Json -InputObject @($ace_list) - -- name: add write rights to Guest - win_acl: - path: '{{ test_acl_path }}' - type: allow - user: Guests - rights: Write - register: allow_right - -- name: get result of add write rights to Guest - win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' - register: allow_right_actual - -- name: assert add write rights to Guest - assert: - that: - - allow_right is changed - - (allow_right_actual.stdout|from_json)|count == 1 - - (allow_right_actual.stdout|from_json)[0].identity == 'BUILTIN\Guests' - - (allow_right_actual.stdout|from_json)[0].inheritance_flags == 'ContainerInherit, ObjectInherit' - - (allow_right_actual.stdout|from_json)[0].propagation_flags == 'None' - - (allow_right_actual.stdout|from_json)[0].rights == 'Write, Synchronize' - - (allow_right_actual.stdout|from_json)[0].type == 'Allow' - -- name: add write rights to Guest (idempotent) - win_acl: - path: '{{ test_acl_path }}' - type: allow - user: Guests - rights: Write - register: allow_right_again - -- name: assert add write rights to Guest (idempotent) - assert: - that: - - not allow_right_again is changed - -- name: remove write rights from Guest - win_acl: - path: '{{ test_acl_path }}' - type: allow - user: Guests - rights: Write - state: absent - register: remove_right - -- name: get result of remove write rights from Guest - win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' - register: remove_right_actual - -- name: assert remove write rights from Guest - assert: - that: - - remove_right is changed - - remove_right_actual.stdout_lines == ["[", "", "]"] - -- name: remove write rights from Guest (idempotent) - win_acl: - path: '{{ test_acl_path }}' - type: allow - user: Guests - rights: Write - state: absent - register: remove_right_again - -- name: assert remote write rights from Guest (idempotent) - assert: - that: - - not remove_right_again is changed - -- name: add deny write rights to Guest - win_acl: - path: '{{ test_acl_path }}' - type: deny - user: Guests - rights: Write - inherit: ContainerInherit - propagation: NoPropagateInherit - state: present - register: add_deny_right - -- name: get result of add deny write rights to Guest - win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' - register: add_deny_right_actual - -- name: assert add deny write rights to Guest - assert: - that: - - add_deny_right is changed - - (add_deny_right_actual.stdout|from_json)|count == 1 - - (add_deny_right_actual.stdout|from_json)[0].identity == 'BUILTIN\Guests' - - (add_deny_right_actual.stdout|from_json)[0].inheritance_flags == 'ContainerInherit' - - (add_deny_right_actual.stdout|from_json)[0].propagation_flags == 'NoPropagateInherit' - - (add_deny_right_actual.stdout|from_json)[0].rights == 'Write' - - (add_deny_right_actual.stdout|from_json)[0].type == 'Deny' - -- name: add deny write rights to Guest (idempotent) - win_acl: - path: '{{ test_acl_path }}' - type: deny - user: Guests - rights: Write - inherit: ContainerInherit - propagation: NoPropagateInherit - state: present - register: add_deny_right_again - -- name: assert add deny write rights to Guest (idempotent) - assert: - that: - - not add_deny_right_again is changed - -- name: remove deny write rights from Guest - win_acl: - path: '{{ test_acl_path }}' - type: deny - user: Guests - rights: Write - inherit: ContainerInherit - propagation: NoPropagateInherit - state: absent - register: remove_deny_right - -- name: get result of remove deny write rights from Guest - win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' - register: remove_deny_right_actual - -- name: assert remove deny write rights from Guest - assert: - that: - - remove_deny_right is changed - - remove_deny_right_actual.stdout_lines == ["[", "", "]"] - -- name: remove deny write rights from Guest (idempotent) - win_acl: - path: '{{ test_acl_path }}' - type: deny - user: Guests - rights: Write - inherit: ContainerInherit - propagation: NoPropagateInherit - state: absent - register: remove_deny_right_again - -- name: assert remove deny write rights from Guest (idempotent) - assert: - that: - - not remove_deny_right_again is changed - -- name: add write rights to Guest - network - win_acl: - path: '{{ test_acl_network_path }}' - type: allow - user: Guests - rights: Write - register: allow_right - -- name: get result of add write rights to Guest - network - win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' - register: allow_right_actual - -- name: assert add write rights to Guest - network - assert: - that: - - allow_right is changed - - (allow_right_actual.stdout|from_json)|count == 1 - - (allow_right_actual.stdout|from_json)[0].identity == 'BUILTIN\Guests' - - (allow_right_actual.stdout|from_json)[0].inheritance_flags == 'ContainerInherit, ObjectInherit' - - (allow_right_actual.stdout|from_json)[0].propagation_flags == 'None' - - (allow_right_actual.stdout|from_json)[0].rights == 'Write, Synchronize' - - (allow_right_actual.stdout|from_json)[0].type == 'Allow' - -- name: remove write rights from Guest - network - win_acl: - path: '{{ test_acl_network_path }}' - type: allow - user: Guests - rights: Write - state: absent - register: remove_right - -- name: get result of remove write rights from Guest - network - win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' - register: remove_right_actual - -- name: assert remove write rights from Guest - assert: - that: - - remove_right is changed - - remove_right_actual.stdout_lines == ["[", "", "]"] - -- name: add write rights to Guest - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: allow - user: Guests - rights: WriteKey - register: allow_right_reg - -- name: get result of add write rights to Guest - registry - win_shell: '$path = ''{{ test_acl_reg_path }}''; {{ test_ace_cmd }}' - register: allow_right_reg_actual - -- name: assert add write rights to Guest - registry - assert: - that: - - allow_right_reg is changed - - (allow_right_reg_actual.stdout|from_json)|count == 1 - - (allow_right_reg_actual.stdout|from_json)[0].identity == 'BUILTIN\Guests' - - (allow_right_reg_actual.stdout|from_json)[0].inheritance_flags == 'ContainerInherit, ObjectInherit' - - (allow_right_reg_actual.stdout|from_json)[0].propagation_flags == 'None' - - (allow_right_reg_actual.stdout|from_json)[0].rights == 'WriteKey' - - (allow_right_reg_actual.stdout|from_json)[0].type == 'Allow' - -- name: add write rights to Guest (idempotent) - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: allow - user: Guests - rights: WriteKey - register: allow_right_reg_again - -- name: assert add write rights to Guest (idempotent) - registry - assert: - that: - - not allow_right_reg_again is changed - -- name: remove write rights from Guest - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: allow - user: Guests - rights: WriteKey - state: absent - register: remove_right_reg - -- name: get result of remove write rights from Guest - registry - win_shell: '$path = ''{{ test_acl_reg_path }}''; {{ test_ace_cmd }}' - register: remove_right_reg_actual - -- name: assert remove write rights from Guest - registry - assert: - that: - - remove_right_reg is changed - - remove_right_reg_actual.stdout_lines == ["[", "", "]"] - -- name: remove write rights from Guest (idempotent) - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: allow - user: Guests - rights: WriteKey - state: absent - register: remove_right_reg_again - -- name: assert remote write rights from Guest (idempotent) - registry - assert: - that: - - not remove_right_reg_again is changed - -- name: add deny write rights to Guest - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: deny - user: Guests - rights: WriteKey - inherit: ContainerInherit - propagation: NoPropagateInherit - state: present - register: add_deny_right_reg - -- name: get result of add deny write rights to Guest - registry - win_shell: '$path = ''{{ test_acl_reg_path }}''; {{ test_ace_cmd }}' - register: add_deny_right_reg_actual - -- name: assert add deny write rights to Guest - registry - assert: - that: - - add_deny_right_reg is changed - - (add_deny_right_reg_actual.stdout|from_json)|count == 1 - - (add_deny_right_reg_actual.stdout|from_json)[0].identity == 'BUILTIN\Guests' - - (add_deny_right_reg_actual.stdout|from_json)[0].inheritance_flags == 'ContainerInherit' - - (add_deny_right_reg_actual.stdout|from_json)[0].propagation_flags == 'NoPropagateInherit' - - (add_deny_right_reg_actual.stdout|from_json)[0].rights == 'WriteKey' - - (add_deny_right_reg_actual.stdout|from_json)[0].type == 'Deny' - -- name: add deny write rights to Guest (idempotent) - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: deny - user: Guests - rights: WriteKey - inherit: ContainerInherit - propagation: NoPropagateInherit - state: present - register: add_deny_right_reg_again - -- name: assert add deny write rights to Guest (idempotent) - registry - assert: - that: - - not add_deny_right_reg_again is changed - -- name: remove deny write rights from Guest - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: deny - user: Guests - rights: WriteKey - inherit: ContainerInherit - propagation: NoPropagateInherit - state: absent - register: remove_deny_right_reg - -- name: get result of remove deny write rights from Guest - registry - win_shell: '$path = ''{{ test_acl_reg_path }}''; {{ test_ace_cmd }}' - register: remove_deny_right_reg_actual - -- name: assert remove deny write rights from Guest - registry - assert: - that: - - remove_deny_right_reg is changed - - remove_deny_right_reg_actual.stdout_lines == ["[", "", "]"] - -- name: remove deny write rights from Guest (idempotent) - registry - win_acl: - path: '{{ test_acl_reg_path }}' - type: deny - user: Guests - rights: WriteKey - inherit: ContainerInherit - propagation: NoPropagateInherit - state: absent - register: remove_deny_right_reg_again - -- name: assert remove deny write rights from Guest (idempotent) - registry - assert: - that: - - not remove_deny_right_reg_again is changed |