Merge pull request #178 from chef/group_policy

Merged change 29f1ea8f-45dc-49bd-aa4a-7070a2fcf1d4 From review branch group_policy into master Signed-off-by: drichter <drichter@chef.io>
2024-11-23 21:23:29 +00:00 · 2015-11-01 13:54:16 -08:00 · 2015-11-01 13:54:16 -08:00 · 45414d804c
commit 45414d804c
parent c48944e851 1941606b9e
3 changed files with 0 additions and 111 deletions
--- a/docs/resources.rst
+++ b/docs/resources.rst
@ -18,7 +18,6 @@ The following InSpec audit resources are available:
 * ``file``
 * ``gem``
 * ``group``
-* ``group_policy``
 * ``host``
 * ``inetd_conf``
 * ``interface``
@ -1627,57 +1626,6 @@ The following examples show how to use this InSpec audit resource.



-group_policy
-=====================================================
-Use the ``group_policy`` |inspec resource| to test group policy on the |windows| platform. This resource uses the ``Get-Item`` cmdlet to return all of the policy keys and related values.
-
-**Stability: Experimental**
-
-Syntax
-----------------------------------------------------
-A ``group_policy`` |inspec resource| block declares the path to the policy:
-
-.. code-block:: ruby
-
-   describe group_policy('Path\to\Policy') do
-     its('setting') { should eq 'value' }
-   end
-
-where
-
-* ``'Path\to\Policy'`` must specify a group policy, such as ``'Local Policies\Audit Policy'`` or ``'Local Policies\Security Options'``
-* ``'setting'`` is the group policy setting to be tested. For example: ``Automatically log off users when the logon time expires``
-* ``'value'`` is compared to the value on the group policy
-
-Matchers
-----------------------------------------------------
-This InSpec audit resource has the following matchers.
-
-setting
-+++++++++++++++++++++++++++++++++++++++++++++++++++++
-The ``setting`` matcher tests specific, named settings in the group policy:
-
-.. code-block:: ruby
-
-   its('setting') { should eq 'value' }
-
-where ``'setting'`` is replaced with the full string for the setting. For example: ``Automatically log off users when the logon time expires``.
-
-Use a ``setting`` matcher for each setting to be tested.
-
-Examples
-----------------------------------------------------
-The following examples show how to use this InSpec audit resource.
-
-**Test if users are logged off after the logon time expires**
-
-.. code-block:: ruby
-
-   describe group_policy('Local Policies\Security Options') do
-     its('Automatically log off users when the logon time expires') { should eq 'Enabled' }
-   end
-
-
 host
 =====================================================
 Use the ``host`` |inspec resource| to test the name used to refer to a specific host and its availability, including the Internet protocols and ports over which that host name should be available.
--- a/lib/inspec/resource.rb
+++ b/lib/inspec/resource.rb
@ -35,7 +35,6 @@ require 'resources/etc_group'
 require 'resources/file'
 require 'resources/gem'
 require 'resources/group'
-require 'resources/group_policy'
 require 'resources/host'
 require 'resources/inetd_conf'
 require 'resources/interface'
--- a/lib/resources/group_policy.rb
+++ b/lib/resources/group_policy.rb
@ -1,58 +0,0 @@
-# encoding: utf-8
-# copyright: 2015, Vulcano Security GmbH
-# author: Christoph Hartmann
-# author: Dominik Richter
-# license: All rights reserved
-
-require 'json'
-
-# return JSON object
-def gpo(policy_path, policy_name)
-  file = ::File.read(::File.join ::File.dirname(__FILE__), 'gpo.json')
-  gpo_hash = JSON.parse(file)
-  key = 'Machine--' + policy_path + '--' + policy_name
-  gpo_hash[key]
-end
-
-# Group Policy
-class GroupPolicy < Inspec.resource(1)
-  name 'group_policy'
-
-  def initialize(name)
-    @name = name
-  end
-
-  def get_registry_value(entry)
-    keys = entry['registry_information'][0]
-    cmd = "(Get-Item 'Registry::#{keys['path']}').GetValue('#{keys['key']}')"
-    command_result ||= inspec.command(cmd)
-    val = { exit_code: command_result.exit_status.to_i, data: command_result.stdout }
-    val
-  end
-
-  def convert_value(value)
-    val = value.strip
-    val = val.to_i if val.match(/^\d+$/)
-    val
-  end
-
-  # returns nil, if not existant or value
-  def method_missing(meth)
-    # map gpo to registry key
-    entry = gpo(@name, meth.to_s)
-
-    # get data
-    val = get_registry_value(entry)
-
-    # verify data
-    if (val[:exit_code] == 0)
-      return convert_value(val[:data])
-    else
-      return nil
-    end
-  end
-
-  def to_s
-    'Group Policy'
-  end
-end