updating to use the `converge_by` option for nicer logging during the client run.

Signed-off-by: Davin Taddeo <davin@chef.io>
author: Davin Taddeo <davin@chef.io> 2020-06-11 14:20:18 -0400
committer: Davin Taddeo <davin@chef.io> 2020-06-11 14:20:18 -0400
commit: e46512e00a701e547c992b879673b6331f8ec48d (patch)
tree: 076db5fefa77e8f8566e63ac4c9889232da125d2
parent: 81c9167e2c4e3fb2b38ebf0f37aeb9165788eca6 (diff)
download: chef-e46512e00a701e547c992b879673b6331f8ec48d.tar.gz
1 files changed, 34 insertions, 35 deletions
diff --git a/lib/chef/resource/windows_audit_policy.rb b/lib/chef/resource/windows_audit_policy.rb
index 3203c777ef..152f6442f1 100644
--- a/lib/chef/resource/windows_audit_policy.rb
+++ b/lib/chef/resource/windows_audit_policy.rb
@@ -176,52 +176,51 @@ class Chef
         unless new_resource.sub_category.empty?
           new_resource.sub_category.each do |subcategory|
             next if subcategory_configured?(subcategory, new_resource.success, new_resource.failure)
-
-            sval = new_resource.success ? "enable" : "disable"
-            fval = new_resource.failure ? "enable" : "disable"
-            cmd = "auditpol /set "
-            cmd << "/user:\"#{new_resource.include_user}\" /include " if new_resource.include_user
-            cmd << "/user:\"#{new_resource.exclude_user}\" /exclude " if new_resource.exclude_user
-            cmd << "/subcategory:\"#{subcategory}\" /success:#{sval} /failure:#{fval}"
-
-            powershell_script "Update Audit Policy for Subcategory: #{subcategory}" do
-              code cmd
+      
+            sval = new_resource.success ? 'enable' : 'disable'
+            fval = new_resource.failure ? 'enable' : 'disable'
+            converge_by "Update Audit Policy for \"#{subcategory}\" to Success:#{sval} and Failure:#{fval}" do
+              cmd = 'auditpol /set '
+              cmd += "/user:\"#{new_resource.include_user}\" /include " if new_resource.include_user
+              cmd += "/user:\"#{new_resource.exclude_user}\" /exclude " if new_resource.exclude_user
+              cmd += "/subcategory:\"#{subcategory}\" /success:#{sval} /failure:#{fval}"
+              powershell_exec(cmd)
             end
           end
         end
-
-        if !new_resource.crash_on_audit_fail.nil? && option_configured?("CrashOnAuditFail", new_resource.crash_on_audit_fail)
-          val = new_resource.crash_on_audit_fail ? "Enable" : "Disable"
-          cmd = "auditpol /set /option:CrashOnAuditFail /value:#{val}"
-          powershell_script "Configure Audit: CrashOnAuditFail to #{val}" do
-            code cmd
+      
+        if !new_resource.crash_on_audit_fail.nil? && option_configured?('CrashOnAuditFail', new_resource.crash_on_audit_fail)
+          val = new_resource.crash_on_audit_fail ? 'Enable' : 'Disable'
+          converge_by "Configure Audit: CrashOnAuditFail to #{val}" do
+            cmd = "auditpol /set /option:CrashOnAuditFail /value:#{val}"
+            powershell_exec(cmd)
           end
         end
-
-        if !new_resource.full_privilege_auditing.nil? && option_configured?("FullPrivilegeAuditing", new_resource.full_privilege_auditing)
-          val = new_resource.full_privilege_auditing ? "Enable" : "Disable"
-          cmd = "auditpol /set /option:FullPrivilegeAuditing /value:#{val}"
-          powershell_script "Configure Audit: FullPrivilegeAuditing to #{val}" do
-            code cmd
+      
+        if !new_resource.full_privilege_auditing.nil? && option_configured?('FullPrivilegeAuditing', new_resource.full_privilege_auditing)
+          val = new_resource.full_privilege_auditing ? 'Enable' : 'Disable'
+          converge_by "Configure Audit: FullPrivilegeAuditing to #{val}" do
+            cmd = "auditpol /set /option:FullPrivilegeAuditing /value:#{val}"
+            powershell_exec(cmd)
           end
         end
-
-        if !new_resource.audit_base_directories.nil? && option_configured?("AuditBaseDirectories", new_resource.audit_base_directories)
-          val = new_resource.audit_base_directories ? "Enable" : "Disable"
-          cmd = "auditpol /set /option:AuditBaseDirectories /value:#{val}"
-          powershell_script "Configure Audit: AuditBaseDirectories to #{val}" do
-            code cmd
+      
+        if !new_resource.audit_base_directories.nil? && option_configured?('AuditBaseDirectories', new_resource.audit_base_directories)
+          val = new_resource.audit_base_directories ? 'Enable' : 'Disable'
+          converge_by "Configure Audit: AuditBaseDirectories to #{val}" do
+            cmd = "auditpol /set /option:AuditBaseDirectories /value:#{val}"
+            powershell_exec(cmd)
           end
         end
-
-        if !new_resource.audit_base_objects.nil? && option_configured?("AuditBaseObjects", new_resource.audit_base_objects)
-          val = new_resource.audit_base_objects ? "Enable" : "Disable"
-          cmd = "auditpol /set /option:AuditBaseObjects /value:#{val}"
-          powershell_script "Configure Audit: AuditBaseObjects to #{val}" do
-            code cmd
+      
+        if !new_resource.audit_base_objects.nil? && option_configured?('AuditBaseObjects', new_resource.audit_base_objects)
+          val = new_resource.audit_base_objects ? 'Enable' : 'Disable'
+          converge_by "Configure Audit: AuditBaseObjects to #{val}" do
+            cmd = "auditpol /set /option:AuditBaseObjects /value:#{val}"
+            powershell_exec(cmd)
           end
         end
-      end
+      end      
     end
   end
 end
author	Davin Taddeo <davin@chef.io>	2020-06-11 14:20:18 -0400
committer	Davin Taddeo <davin@chef.io>	2020-06-11 14:20:18 -0400
commit	e46512e00a701e547c992b879673b6331f8ec48d (patch)
tree	076db5fefa77e8f8566e63ac4c9889232da125d2
parent	81c9167e2c4e3fb2b38ebf0f37aeb9165788eca6 (diff)
download	chef-e46512e00a701e547c992b879673b6331f8ec48d.tar.gz