From cebe044a6880420f064c5f95cca43a94d80fcd77 Mon Sep 17 00:00:00 2001 From: mrshanahan Date: Thu, 8 Nov 2018 12:42:59 -0600 Subject: [PATCH] Update iis_site bindingInformation construction and add tests. (#3490) (#3492) Signed-off-by: Matt Shanahan --- lib/resources/iis_site.rb | 9 +-- test/helper.rb | 3 + test/unit/mock/cmd/iis-default-web-site | 80 +++++++++++++++++++++++++ test/unit/resources/iis_site_test.rb | 32 ++++++++++ 4 files changed, 118 insertions(+), 6 deletions(-) create mode 100644 test/unit/mock/cmd/iis-default-web-site create mode 100644 test/unit/resources/iis_site_test.rb diff --git a/lib/resources/iis_site.rb b/lib/resources/iis_site.rb index f90f29cb5..4316438fa 100644 --- a/lib/resources/iis_site.rb +++ b/lib/resources/iis_site.rb @@ -94,7 +94,7 @@ module Inspec::Resources # want to populate everything using one powershell command here and spit it out as json def iis_site(name) - command = "Get-Website '#{name}' | select-object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json" + command = "Get-Website '#{name}' | Select-Object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json" cmd = @inspec.command(command) begin @@ -103,11 +103,8 @@ module Inspec::Resources return nil end - bindings_array = site['bindings']['Collection'].map { |k, _str| - k['protocol'] << - ' ' << - k['bindingInformation'] << - (k['protocol'] == 'https' ? ' sslFlags=' << flags : '') + bindings_array = site['bindings']['Collection'].map { |k| + "#{k['protocol']} #{k['bindingInformation']}#{k['protocol'] == 'https' ? " sslFlags=#{k['sslFlags']}" : ''}" } # map our values to a hash table diff --git a/test/helper.rb b/test/helper.rb index 5e8c1c186..361b986d1 100644 --- a/test/helper.rb +++ b/test/helper.rb @@ -528,6 +528,9 @@ class MockLoader "Import-Module WebAdministration; Get-Item 'IIS:\\AppPools\\DefaultAppPool' | Select-Object name,managedruntimeversion,enable32bitapponwin64,managedpipelinemode,processmodel | ConvertTo-Json" => cmd.call('iis-default-app-pool'), "Import-Module WebAdministration; Get-Item 'IIS:\\AppPools\\DefaultAppPool' | Select-Object * | ConvertTo-Json" => cmd.call('iis-default-app-pool'), + # iis_site resource + "Get-Website 'Default Web Site' | Select-Object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json" => cmd.call('iis-default-web-site'), + #security_policy resource calls 'Get-Content win_secpol-abc123.cfg' => cmd.call('secedit-export'), 'secedit /export /cfg win_secpol-abc123.cfg' => cmd.call('success'), diff --git a/test/unit/mock/cmd/iis-default-web-site b/test/unit/mock/cmd/iis-default-web-site new file mode 100644 index 000000000..9f44ba8e6 --- /dev/null +++ b/test/unit/mock/cmd/iis-default-web-site @@ -0,0 +1,80 @@ +{ + "name": "Default Web Site", + "state": "Started", + "physicalPath": "%SystemDrive%\\inetpub\\wwwroot", + "bindings": { + "Attributes": [ + + ], + "ChildElements": [ + + ], + "ElementTagName": "bindings", + "Methods": null, + "Schema": { + "AllowUnrecognizedAttributes": false, + "AttributeSchemas": "", + "ChildElementSchemas": null, + "CollectionSchema": "Microsoft.IIs.PowerShell.Framework.ConfigurationCollectionSchema", + "IsCollectionDefault": false, + "Name": "bindings" + }, + "Collection": [ + { + "value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement", + "protocol": "http", + "bindingInformation": "*:80:", + "sslFlags": 0, + "isDsMapperEnabled": false, + "certificateHash": "", + "certificateStoreName": "" + }, + { + "value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement", + "protocol": "net.tcp", + "bindingInformation": "808:*", + "sslFlags": 0, + "isDsMapperEnabled": null, + "certificateHash": null, + "certificateStoreName": null + }, + { + "value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement", + "protocol": "net.pipe", + "bindingInformation": "*", + "sslFlags": 0, + "isDsMapperEnabled": null, + "certificateHash": null, + "certificateStoreName": null + }, + { + "value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement", + "protocol": "net.msmq", + "bindingInformation": "localhost", + "sslFlags": 0, + "isDsMapperEnabled": null, + "certificateHash": null, + "certificateStoreName": null + }, + { + "value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement", + "protocol": "msmq.formatname", + "bindingInformation": "localhost", + "sslFlags": 0, + "isDsMapperEnabled": null, + "certificateHash": null, + "certificateStoreName": null + }, + { + "value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement", + "protocol": "https", + "bindingInformation": "*:443:", + "sslFlags": 0, + "isDsMapperEnabled": false, + "certificateHash": "E024B9723C6EBCF17E933466F2B34D008B9334FB", + "certificateStoreName": "My" + } + ] + }, + "applicationPool": "DefaultAppPool" +} \ No newline at end of file diff --git a/test/unit/resources/iis_site_test.rb b/test/unit/resources/iis_site_test.rb new file mode 100644 index 000000000..957e7cde4 --- /dev/null +++ b/test/unit/resources/iis_site_test.rb @@ -0,0 +1,32 @@ +# encoding: utf-8 +# author: Matt Shanahan, matt.shanahan@relativity.com + +require 'helper' +require 'inspec/resource' + +describe 'Inspec::Resources::IisSite' do + it 'verify Default Web Site settings' do + resource = MockLoader.new(:windows).load_resource('iis_site', 'Default Web Site') + _(resource.send('app_pool')).must_equal 'DefaultAppPool' + _(resource.send('bindings')).must_equal [ + "http *:80:", + "net.tcp 808:*", + "net.pipe *", + "net.msmq localhost", + "msmq.formatname localhost", + "https *:443: sslFlags=0" + ] + _(resource.send('state')).must_equal 'Started' + _(resource.send('path')).must_equal '%SystemDrive%\\inetpub\\wwwroot' + _(resource.send('exists?')).must_equal true + _(resource.send('running?')).must_equal true + _(resource.send('has_app_pool?', 'DefaultAppPool')).must_equal true + _(resource.send('has_app_pool?', 'SomeOtherAppPool')).must_equal false + _(resource.send('has_path?', '%SystemDrive%\\inetpub\\wwwroot')).must_equal true + _(resource.send('has_path?', '%SystemDrive%\\inetpub\\wwwroot\\subpath')).must_equal false + _(resource.send('has_binding?', "https *:443: sslFlags=0")).must_equal true + _(resource.send('has_binding?', "https *:443:")).must_equal false + _(resource.send('has_binding?', "https :443:example.com sslFlags=0")).must_equal false + _(resource.send('to_s')).must_equal 'iis_site \'Default Web Site\'' + end +end