mirror of
https://github.com/inspec/inspec
synced 2024-11-23 21:23:29 +00:00
104 lines
2.5 KiB
Ruby
104 lines
2.5 KiB
Ruby
|
# encoding: utf-8
|
||
|
# frozen_string_literal: true
|
||
|
# check for web applications in IIS
|
||
|
# Note: this is only supported in windows 2012 and later
|
||
|
module Inspec::Resources
|
||
|
class IisApp < Inspec.resource(1)
|
||
|
name 'iis_app'
|
||
|
desc 'Tests IIS application configuration on windows. Supported in server 2012+ only'
|
||
|
example "
|
||
|
describe iis_app('/myapp', 'Default Web Site') do
|
||
|
it { should exist }
|
||
|
it { should have_application_pool('MyAppPool') }
|
||
|
it { should have_protocols('http') }
|
||
|
it { should have_site_name('Default Web Site') }
|
||
|
it { should have_physical_path('C:\\inetpub\\wwwroot\\myapp') }
|
||
|
it { should have_path('\\My Application') }
|
||
|
end
|
||
|
"
|
||
|
|
||
|
def initialize(path, site_name)
|
||
|
@path = path
|
||
|
@site_name = site_name
|
||
|
@cache = nil
|
||
|
@inspec = inspec
|
||
|
|
||
|
# verify that this resource is only supported on Windows
|
||
|
return skip_resource 'The `iis_app` resource is not supported on your OS.' unless inspec.os.windows?
|
||
|
end
|
||
|
|
||
|
def application_pool
|
||
|
iis_app[:application_pool]
|
||
|
end
|
||
|
|
||
|
def protocols
|
||
|
iis_app[:protocols]
|
||
|
end
|
||
|
|
||
|
def site_name
|
||
|
iis_app[:site_name]
|
||
|
end
|
||
|
|
||
|
def path
|
||
|
iis_app[:path]
|
||
|
end
|
||
|
|
||
|
def physical_path
|
||
|
iis_app[:physical_path]
|
||
|
end
|
||
|
|
||
|
def exists?
|
||
|
!iis_app[:path].empty?
|
||
|
end
|
||
|
|
||
|
def has_site_name?(site_name)
|
||
|
iis_app[:site_name] == site_name
|
||
|
end
|
||
|
|
||
|
def has_application_pool?(application_pool)
|
||
|
iis_app[:application_pool] == application_pool
|
||
|
end
|
||
|
|
||
|
def has_path?(path)
|
||
|
iis_app[:path] == path
|
||
|
end
|
||
|
|
||
|
def has_physical_path?(physical_path)
|
||
|
iis_app[:physical_path] == physical_path
|
||
|
end
|
||
|
|
||
|
def has_protocol?(protocol)
|
||
|
iis_app[:protocols].include?(protocol)
|
||
|
end
|
||
|
|
||
|
def to_s
|
||
|
"iis_app '#{@site_name}#{@path}'"
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def iis_app
|
||
|
return @cache unless @cache.nil?
|
||
|
command = "Import-Module WebAdministration; Get-WebApplication -Name '#{@path}' -Site '#{@site_name}' | Select-Object * | ConvertTo-Json"
|
||
|
cmd = @inspec.command(command)
|
||
|
|
||
|
begin
|
||
|
app = JSON.parse(cmd.stdout)
|
||
|
rescue JSON::ParserError => _e
|
||
|
return {}
|
||
|
end
|
||
|
|
||
|
# map our values to a hash table
|
||
|
info = {
|
||
|
site_name: @site_name,
|
||
|
path: @path,
|
||
|
application_pool: app['applicationPool'],
|
||
|
physical_path: app['PhysicalPath'],
|
||
|
protocols: app['enabledProtocols'],
|
||
|
}
|
||
|
|
||
|
@cache = info unless info.nil?
|
||
|
end
|
||
|
end
|
||
|
end
|