mirror of
https://github.com/inspec/inspec
synced 2025-02-17 06:28:40 +00:00
improve windows implementation
This commit is contained in:
Christoph Hartmann
parent
74c3904844
commit
78a47aa43b
2 changed files with 52 additions and 39 deletions
|
|
@ -67,7 +67,7 @@ module Inspec::Resources
|
|||
.add(:mindays, field: :mindays)
|
||||
.add(:maxdays, field: :maxdays)
|
||||
.add(:warndays, field: :warndays)
|
||||
filter.connect(self, :collect_user_info)
|
||||
filter.connect(self, :collect_user_details)
|
||||
|
||||
def to_s
|
||||
'Users'
|
||||
|
|
@ -81,11 +81,8 @@ module Inspec::Resources
|
|||
end
|
||||
|
||||
# collects information about every user
|
||||
def collect_user_info
|
||||
@users_cache ||= list_users.map { |username|
|
||||
@user_provider.user_details(username.chomp)
|
||||
}
|
||||
@users_cache
|
||||
def collect_user_details
|
||||
@users_cache ||= @user_provider.collect_user_details unless @user_provider.nil?
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -300,6 +297,13 @@ module Inspec::Resources
|
|||
item.merge!(credentials(username))
|
||||
item
|
||||
end
|
||||
|
||||
# returns the full information list for a user
|
||||
def collect_user_details
|
||||
list_users.map { |username|
|
||||
user_details(username.chomp)
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
# implements generic unix id handling
|
||||
|
|
@ -539,12 +543,6 @@ module Inspec::Resources
|
|||
[name, domain]
|
||||
end
|
||||
|
||||
def list_users
|
||||
script = 'Get-WmiObject Win32_UserAccount | Select-Object -ExpandProperty Caption'
|
||||
cmd = inspec.powershell(script)
|
||||
cmd.stdout.chomp.lines
|
||||
end
|
||||
|
||||
def identity(username)
|
||||
# extract domain/user information
|
||||
account, domain = parse_windows_account(username)
|
||||
|
|
@ -602,5 +600,11 @@ module Inspec::Resources
|
|||
shell: nil,
|
||||
}
|
||||
end
|
||||
|
||||
def list_users
|
||||
script = 'Get-WmiObject Win32_UserAccount | Select-Object -ExpandProperty Caption'
|
||||
cmd = inspec.powershell(script)
|
||||
cmd.stdout.chomp.lines
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
# encoding: utf-8
|
||||
|
||||
if ['centos', 'redhat', 'fedora', 'opensuse', 'debian', 'ubuntu'].include?(os[:family])
|
||||
if ['centos', 'redhat', 'fedora', 'suse', 'debian', 'ubuntu'].include?(os[:family])
|
||||
userinfo = {
|
||||
username: 'root',
|
||||
groupname: 'root',
|
||||
|
|
@ -25,8 +24,9 @@ elsif ['freebsd'].include?(os[:family])
|
|||
shell: '/bin/csh',
|
||||
}
|
||||
elsif os.windows?
|
||||
hostname = powershell('$env:computername').stdout.chomp
|
||||
userinfo = {
|
||||
username: 'Administrator',
|
||||
username: hostname + '\Administrator',
|
||||
groupname: nil,
|
||||
uid: nil,
|
||||
gid: nil,
|
||||
|
|
@ -34,6 +34,8 @@ elsif os.windows?
|
|||
home: nil,
|
||||
shell: nil,
|
||||
}
|
||||
# store uid of user
|
||||
userinfo[:uid] = user(userinfo[:username]).uid
|
||||
elsif os[:family] == 'aix'
|
||||
userinfo = {
|
||||
username: 'bin',
|
||||
|
|
@ -90,6 +92,13 @@ if os.windows?
|
|||
# should return the SID of the user
|
||||
its('uid') { should_not eq nil}
|
||||
end
|
||||
|
||||
# also support simple username for local users without domain
|
||||
describe user('Administrator') do
|
||||
it { should exist }
|
||||
# should return the SID of the user
|
||||
its('uid') { should_not eq nil}
|
||||
end
|
||||
else
|
||||
# test single `user` resource
|
||||
describe user(userinfo[:username]) do
|
||||
|
|
@ -105,31 +114,31 @@ else
|
|||
end
|
||||
end
|
||||
|
||||
# catch case where user is not existant
|
||||
describe user('not_available') do
|
||||
it { should_not exist }
|
||||
its ('uid') { should eq nil}
|
||||
its ('username') { should eq nil}
|
||||
its ('gid') { should eq nil}
|
||||
its ('home') { should eq nil}
|
||||
its ('shell') { should eq nil}
|
||||
end
|
||||
|
||||
# test `users` resource
|
||||
describe users.where(username: userinfo[:username]) do
|
||||
userinfo.each do |k, v|
|
||||
name = k.to_s
|
||||
if name == 'groups'
|
||||
# its(name) { should include v }
|
||||
else
|
||||
name += 's' unless %w{ maxdays mindays warndays }.include? name
|
||||
its(name) { should eq [v] }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe users.where(username: userinfo[:username]).groups.entries[0] do
|
||||
it { should include userinfo[:groups] }
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
# test `users` resource
|
||||
describe users.where(username: userinfo[:username]) do
|
||||
userinfo.each do |k, v|
|
||||
name = k.to_s
|
||||
if name == 'groups'
|
||||
# its(name) { should include v }
|
||||
else
|
||||
name += 's' unless %w{ maxdays mindays warndays }.include? name
|
||||
expected_value = [v]
|
||||
its(name) { should eq expected_value}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
# catch case where user is not existant
|
||||
describe user('not_available') do
|
||||
it { should_not exist }
|
||||
its ('uid') { should eq nil}
|
||||
its ('username') { should eq nil}
|
||||
its ('gid') { should eq nil}
|
||||
its ('home') { should eq nil}
|
||||
its ('shell') { should eq nil}
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue