Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2025-02-17 06:28:40 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/lib/resources/iis_site.rb

121 lines
3.4 KiB
Ruby
Raw Normal View History

add iis_site resource
2016-08-10 16:56:17 -04:00
# encoding: utf-8
# check for site in IIS
# Usage:
# describe iis_site('Default Web Site') do
# it{ should exist }
# it{ should be_running }
# it{ should be_in_app_pool('Default App Pool') }
# it{ should have_physical_path('C:\\inetpub\wwwroot\\DefaultWebSite') }
# it{ should have_binding('https :443:www.contoso.com sslFlags=0') }
# it{ should have_binding('net.pipe *') }
# end
#
# Note: this is only supported in windows 2012 and later
module Inspec::Resources
class IisSite < Inspec.resource(1)
name 'iis_site'
desc 'Tests IIS site configuration on windows. Supported in server 2012+ only'
example "
describe iis_site('Default Web Site') do
it { should exist }
it { should be_running }
it { should have_app_pool('DefaultAppPool') }
it { should have_binding('https :443:www.contoso.com sslFlags=0') }
it { should have_binding('net.pipe *') }
it { should have_path('C:\\inetpub\\wwwroot') }
end
"
def initialize(site_name)
@site_name = site_name
@cache = nil
@site_provider = SiteProvider.new(inspec)
# verify that this resource is only supported on Windows
return skip_resource 'The `iis_site` resource is not supported on your OS.' if inspec.os[:family] != 'windows'
end
def exists?
!iis_site.nil? && !iis_site[:name].nil?
end
def running?
iis_site.nil? ? false : (iis_site[:state] == 'Started')
end
def has_app_pool?(app_pool)
iis_site.nil? ? false : iis_site[:app_pool] == app_pool
end
def has_path?(path)
iis_site.nil? ? false : iis_site[:path] == path
end
def has_binding?(binding)
iis_site.nil? ? false : (iis_site[:bindings].include? binding)
end
def to_s
"iis_site '#{@site_name}'"
end
def iis_site
return @cache if !@cache.nil?
@cache = @site_provider.iis_site(@site_name) if !@site_provider.nil?
end
end
class SiteProvider
attr_reader :inspec
def initialize(inspec)
@inspec = inspec
end
# want to populate everything using one powershell command here and spit it out as json
def iis_site(name)
command = "Get-Website '#{name}' | select-object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json"
cmd = @inspec.command(command)
begin
site = JSON.parse(cmd.stdout)
rescue JSON::ParserError => _e
return nil
end
bindings_array = []
# chop up our binding to look like it does when you run the get-website ps cmdlet
# using the following format
# <protocol> <bindingInformation> {if https "sslFlags=<sslFlags>"}
# the binding is a collection and there will always be at least one entry per site
if site['bindings']['Collection']
site['bindings']['Collection'].each do |binding|
s = ''
s << binding['protocol'] << ' '
s << binding['bindingInformation']
# tack on sslflags if we using ssl
if binding['protocol'] == 'https'
s << ' sslFlags=' << binding['sslFlags']
end
bindings_array.push(s)
end
end
# map our values to a hash table
info = {
name: site['name'],
state: site['state'],
path: site['physicalPath'],
bindings: bindings_array,
app_pool: site['applicationPool'],
}
info
end
end
end
Reference in a new issue Copy permalink