Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-23 05:03:07 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update iis_site bindingInformation construction and add tests. (#3490) (#3492)

Browse source 
Signed-off-by: Matt Shanahan <mrshanahan11235@gmail.com>
This commit is contained in:
mrshanahan 2018-11-08 12:42:59 -06:00 committed by Jared Quick
parent 23b40887b4
commit cebe044a68
4 changed files with 118 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/resources/iis_site.rb
View file

@ -94,7 +94,7 @@ module Inspec::Resources
# want to populate everything using one powershell command here and spit it out as json
def iis_site(name)
command = "Get-Website '#{name}' | select-object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json"
command = "Get-Website '#{name}' | Select-Object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json"
cmd = @inspec.command(command)
begin
@ -103,11 +103,8 @@ module Inspec::Resources
return nil
end
bindings_array = site['bindings']['Collection'].map { |k, _str|
k['protocol'] <<
' ' <<
k['bindingInformation'] <<
(k['protocol'] == 'https' ? ' sslFlags=' << flags : '')
bindings_array = site['bindings']['Collection'].map { |k|
"#{k['protocol']} #{k['bindingInformation']}#{k['protocol'] == 'https' ? " sslFlags=#{k['sslFlags']}" : ''}"
}
# map our values to a hash table

3
test/helper.rb
View file

@ -528,6 +528,9 @@ class MockLoader
"Import-Module WebAdministration; Get-Item 'IIS:\\AppPools\\DefaultAppPool' | Select-Object name,managedruntimeversion,enable32bitapponwin64,managedpipelinemode,processmodel | ConvertTo-Json" => cmd.call('iis-default-app-pool'),
"Import-Module WebAdministration; Get-Item 'IIS:\\AppPools\\DefaultAppPool' | Select-Object * | ConvertTo-Json" => cmd.call('iis-default-app-pool'),
# iis_site resource
"Get-Website 'Default Web Site' | Select-Object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json" => cmd.call('iis-default-web-site'),
#security_policy resource calls
'Get-Content win_secpol-abc123.cfg' => cmd.call('secedit-export'),
'secedit /export /cfg win_secpol-abc123.cfg' => cmd.call('success'),

80
test/unit/mock/cmd/iis-default-web-site Normal file
View file

@ -0,0 +1,80 @@
{
"name": "Default Web Site",
"state": "Started",
"physicalPath": "%SystemDrive%\\inetpub\\wwwroot",
"bindings": {
"Attributes": [
],
"ChildElements": [
],
"ElementTagName": "bindings",
"Methods": null,
"Schema": {
"AllowUnrecognizedAttributes": false,
"AttributeSchemas": "",
"ChildElementSchemas": null,
"CollectionSchema": "Microsoft.IIs.PowerShell.Framework.ConfigurationCollectionSchema",
"IsCollectionDefault": false,
"Name": "bindings"
},
"Collection": [
{
"value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement",
"protocol": "http",
"bindingInformation": "*:80:",
"sslFlags": 0,
"isDsMapperEnabled": false,
"certificateHash": "",
"certificateStoreName": ""
},
{
"value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement",
"protocol": "net.tcp",
"bindingInformation": "808:*",
"sslFlags": 0,
"isDsMapperEnabled": null,
"certificateHash": null,
"certificateStoreName": null
},
{
"value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement",
"protocol": "net.pipe",
"bindingInformation": "*",
"sslFlags": 0,
"isDsMapperEnabled": null,
"certificateHash": null,
"certificateStoreName": null
},
{
"value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement",
"protocol": "net.msmq",
"bindingInformation": "localhost",
"sslFlags": 0,
"isDsMapperEnabled": null,
"certificateHash": null,
"certificateStoreName": null
},
{
"value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement",
"protocol": "msmq.formatname",
"bindingInformation": "localhost",
"sslFlags": 0,
"isDsMapperEnabled": null,
"certificateHash": null,
"certificateStoreName": null
},
{
"value": "Microsoft.IIs.PowerShell.Framework.ConfigurationElement",
"protocol": "https",
"bindingInformation": "*:443:",
"sslFlags": 0,
"isDsMapperEnabled": false,
"certificateHash": "E024B9723C6EBCF17E933466F2B34D008B9334FB",
"certificateStoreName": "My"
}
]
},
"applicationPool": "DefaultAppPool"
}

32
test/unit/resources/iis_site_test.rb Normal file
View file

@ -0,0 +1,32 @@
# encoding: utf-8
# author: Matt Shanahan, matt.shanahan@relativity.com
require 'helper'
require 'inspec/resource'
describe 'Inspec::Resources::IisSite' do
it 'verify Default Web Site settings' do
resource = MockLoader.new(:windows).load_resource('iis_site', 'Default Web Site')
_(resource.send('app_pool')).must_equal 'DefaultAppPool'
_(resource.send('bindings')).must_equal [
"http *:80:",
"net.tcp 808:*",
"net.pipe *",
"net.msmq localhost",
"msmq.formatname localhost",
"https *:443: sslFlags=0"
]
_(resource.send('state')).must_equal 'Started'
_(resource.send('path')).must_equal '%SystemDrive%\\inetpub\\wwwroot'
_(resource.send('exists?')).must_equal true
_(resource.send('running?')).must_equal true
_(resource.send('has_app_pool?', 'DefaultAppPool')).must_equal true
_(resource.send('has_app_pool?', 'SomeOtherAppPool')).must_equal false
_(resource.send('has_path?', '%SystemDrive%\\inetpub\\wwwroot')).must_equal true
_(resource.send('has_path?', '%SystemDrive%\\inetpub\\wwwroot\\subpath')).must_equal false
_(resource.send('has_binding?', "https *:443: sslFlags=0")).must_equal true
_(resource.send('has_binding?', "https *:443:")).must_equal false
_(resource.send('has_binding?', "https :443:example.com sslFlags=0")).must_equal false
_(resource.send('to_s')).must_equal 'iis_site \'Default Web Site\''
end
end