mirror of
https://github.com/inspec/inspec
synced 2025-02-22 00:48:41 +00:00
Fix for security_policy resource does not return array for local groups
Signed-off-by: Vasu1105 <vasundhara.jagdale@chef.io>
This commit is contained in:
parent
d85bdbc4e1
commit
8487da327f
3 changed files with 7 additions and 3 deletions
lib/inspec/resources
test
|
@ -147,7 +147,7 @@ module Inspec::Resources
|
|||
|
||||
# extracts the values, this methods detects:
|
||||
# numbers and SIDs and optimizes them for further usage
|
||||
def extract_value(val)
|
||||
def extract_value(key, val)
|
||||
if val =~ /^\d+$/
|
||||
val.to_i
|
||||
# special handling for SID array
|
||||
|
@ -166,14 +166,15 @@ module Inspec::Resources
|
|||
elsif !(m = /^\"(.*)\"$/.match(val)).nil?
|
||||
m[1]
|
||||
else
|
||||
val
|
||||
# When there is Registry Values we are not spliting the value for backward compatibility
|
||||
key.include?("\\") ? val : val.split(",")
|
||||
end
|
||||
end
|
||||
|
||||
def convert_hash(hash)
|
||||
new_hash = {}
|
||||
hash.each do |k, v|
|
||||
v.is_a?(Hash) ? value = convert_hash(v) : value = extract_value(v)
|
||||
v.is_a?(Hash) ? value = convert_hash(v) : value = extract_value(k, v)
|
||||
new_hash[k.strip] = value
|
||||
end
|
||||
new_hash
|
||||
|
|
1
test/fixtures/cmd/secedit-export
vendored
1
test/fixtures/cmd/secedit-export
vendored
|
@ -5,3 +5,4 @@ MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\Secur
|
|||
[Privilege Rights]
|
||||
SeUndockPrivilege = *S-1-5-32-544
|
||||
SeRemoteInteractiveLogonRight = *S-1-5-32-544,*S-1-5-32-555
|
||||
SeServiceLogonRight = DB2ADMNS,db2admin
|
||||
|
|
|
@ -11,6 +11,7 @@ describe "Inspec::Resources::SecurityPolicy" do
|
|||
_(resource.send('MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel')).must_equal "4,0"
|
||||
_(resource.SeUndockPrivilege).must_equal ["S-1-5-32-544"]
|
||||
_(resource.SeRemoteInteractiveLogonRight).must_equal ["S-1-5-32-544", "S-1-5-32-555"]
|
||||
_(resource.SeServiceLogonRight).must_equal %w{ DB2ADMNS db2admin }
|
||||
end
|
||||
|
||||
it "parse empty policy file" do
|
||||
|
@ -33,5 +34,6 @@ describe "Inspec::Resources::SecurityPolicy" do
|
|||
_(resource.send('MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel')).must_equal "4,0"
|
||||
_(resource.SeUndockPrivilege).must_equal ["BUILTIN\\Administrators"]
|
||||
_(resource.SeRemoteInteractiveLogonRight).must_equal ["BUILTIN\\Administrators", "S-1-5-32-555"]
|
||||
_(resource.SeServiceLogonRight).must_equal %w{ DB2ADMNS db2admin }
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Add table
Reference in a new issue