diff options
author | Jordan Borean <jborean93@gmail.com> | 2019-03-19 07:35:28 +1000 |
---|---|---|
committer | Toshio Kuratomi <a.badger@gmail.com> | 2019-03-18 14:35:28 -0700 |
commit | 0429b10ddc86cffdb2d276a1d094a35df48869ff (patch) | |
tree | d62b9d1496f7623d26431d027c764dad3937b90c | |
parent | 00a02574c22b36cb85a5f60117a2279df0420d7c (diff) | |
download | ansible-0429b10ddc86cffdb2d276a1d094a35df48869ff.tar.gz |
Merge pull request #53845 from jborean93/win-paths-2.6
Windows - Fix issues with glob like path chars - 2.6
32 files changed, 524 insertions, 253 deletions
diff --git a/changelogs/fragments/win_acl-paths.yaml b/changelogs/fragments/win_acl-paths.yaml new file mode 100644 index 0000000000..766a1f0281 --- /dev/null +++ b/changelogs/fragments/win_acl-paths.yaml @@ -0,0 +1,2 @@ +bugfixes: +- win_acl - Fix issues when using paths with glob like characters, e.g. ``[``, ``]`` diff --git a/changelogs/fragments/win_acl_inheritance-paths.yaml b/changelogs/fragments/win_acl_inheritance-paths.yaml new file mode 100644 index 0000000000..7cfcab663f --- /dev/null +++ b/changelogs/fragments/win_acl_inheritance-paths.yaml @@ -0,0 +1,2 @@ +bugfixes: +- win_acl_inheritance - Fix issues when using paths with glob like characters, e.g. ``[``, ``]`` diff --git a/changelogs/fragments/win_mod_utils-paths.yaml b/changelogs/fragments/win_mod_utils-paths.yaml new file mode 100644 index 0000000000..91b5d61cfa --- /dev/null +++ b/changelogs/fragments/win_mod_utils-paths.yaml @@ -0,0 +1,2 @@ +bugfixes: +- windows - Fixed various module utils that did not work with path that had glob like chars diff --git a/changelogs/fragments/win_owner-paths.yaml b/changelogs/fragments/win_owner-paths.yaml new file mode 100644 index 0000000000..8cf343dd57 --- /dev/null +++ b/changelogs/fragments/win_owner-paths.yaml @@ -0,0 +1,2 @@ +bugfixes: +- win_owner - Fix issues when using paths with glob like characters, e.g. ``[``, ``]`` diff --git a/changelogs/fragments/win_slurp-paths.yaml b/changelogs/fragments/win_slurp-paths.yaml new file mode 100644 index 0000000000..da2f13f0fb --- /dev/null +++ b/changelogs/fragments/win_slurp-paths.yaml @@ -0,0 +1,2 @@ +bugfixes: +- slurp - Fix issues when using paths on Windows with glob like characters, e.g. ``[``, ``]`` diff --git a/changelogs/fragments/win_tempfile-path.yaml b/changelogs/fragments/win_tempfile-path.yaml new file mode 100644 index 0000000000..12edab5aeb --- /dev/null +++ b/changelogs/fragments/win_tempfile-path.yaml @@ -0,0 +1,2 @@ +bugfixes: +- win_tempfile - Always return the full NTFS absolute path and not a DOS 8.3 path. diff --git a/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.CommandUtil.psm1 b/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.CommandUtil.psm1 index 88e0cd095d..16aa254bfc 100644 --- a/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.CommandUtil.psm1 +++ b/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.CommandUtil.psm1 @@ -367,12 +367,12 @@ Function Get-ExecutablePath($executable, $directory) { $full_path = [System.IO.Path]::GetFullPath($executable) if ($full_path -ne $executable -and $directory -ne $null) { - $file = Get-Item -Path "$directory\$executable" -Force -ErrorAction SilentlyContinue + $file = Get-Item -LiteralPath "$directory\$executable" -Force -ErrorAction SilentlyContinue } else { - $file = Get-Item -Path $executable -Force -ErrorAction SilentlyContinue + $file = Get-Item -LiteralPath $executable -Force -ErrorAction SilentlyContinue } - if ($file -ne $null) { + if ($null -ne $file) { $executable_path = $file.FullName } else { $executable_path = [Ansible.CommandUtil]::SearchPath($executable) @@ -394,7 +394,7 @@ Function Run-Command { # need to validate the working directory if it is set if ($working_directory) { # validate working directory is a valid path - if (-not (Test-Path -Path $working_directory)) { + if (-not (Test-Path -LiteralPath $working_directory)) { throw "invalid working directory path '$working_directory'" } } diff --git a/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.Legacy.psm1 b/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.Legacy.psm1 index 9dad05728e..9332ff0082 100644 --- a/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.Legacy.psm1 +++ b/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.Legacy.psm1 @@ -282,7 +282,7 @@ Function Parse-Args($arguments, $supports_check_mode = $false) # and above can handle: Function Get-FileChecksum($path, $algorithm = 'sha1') { - If (Test-Path -Path $path -PathType Leaf) + If (Test-Path -LiteralPath $path -PathType Leaf) { switch ($algorithm) { @@ -295,7 +295,7 @@ Function Get-FileChecksum($path, $algorithm = 'sha1') } If ($PSVersionTable.PSVersion.Major -ge 4) { - $raw_hash = Get-FileHash $path -Algorithm $algorithm + $raw_hash = Get-FileHash -LiteralPath $path -Algorithm $algorithm $hash = $raw_hash.Hash.ToLower() } Else { $fp = [System.IO.File]::Open($path, [System.IO.Filemode]::Open, [System.IO.FileAccess]::Read, [System.IO.FileShare]::ReadWrite); @@ -303,7 +303,7 @@ Function Get-FileChecksum($path, $algorithm = 'sha1') $fp.Dispose(); } } - ElseIf (Test-Path -Path $path -PathType Container) + ElseIf (Test-Path -LiteralPath $path -PathType Container) { $hash = "3"; } diff --git a/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.LinkUtil.psm1 b/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.LinkUtil.psm1 index fcef6733a4..bcd21a615e 100644 --- a/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.LinkUtil.psm1 +++ b/lib/ansible/module_utils/powershell/Ansible.ModuleUtils.LinkUtil.psm1 @@ -496,7 +496,7 @@ Function Remove-Link($link_path) { } Function New-Link($link_path, $link_target, $link_type) { - if (-not (Test-Path -Path $link_target)) { + if (-not (Test-Path -LiteralPath $link_target)) { throw "link_target '$link_target' does not exist, cannot create link" } @@ -505,13 +505,13 @@ Function New-Link($link_path, $link_target, $link_type) { $type = [Ansible.LinkType]::SymbolicLink } "junction" { - if (Test-Path -Path $link_target -PathType Leaf) { + if (Test-Path -LiteralPath $link_target -PathType Leaf) { throw "cannot set the target for a junction point to a file" } $type = [Ansible.LinkType]::JunctionPoint } "hard" { - if (Test-Path -Path $link_target -PathType Container) { + if (Test-Path -LiteralPath $link_target -PathType Container) { throw "cannot set the target for a hard link to a directory" } $type = [Ansible.LinkType]::HardLink diff --git a/lib/ansible/modules/windows/slurp.ps1 b/lib/ansible/modules/windows/slurp.ps1 index 0c8b85e1db..164deb8eab 100644 --- a/lib/ansible/modules/windows/slurp.ps1 +++ b/lib/ansible/modules/windows/slurp.ps1 @@ -24,14 +24,14 @@ $result = @{ changed = $false; } -If (Test-Path -Path $src -PathType Leaf) +If (Test-Path -LiteralPath $src -PathType Leaf) { $bytes = [System.IO.File]::ReadAllBytes($src); $result.content = [System.Convert]::ToBase64String($bytes); $result.encoding = "base64"; Exit-Json $result; } -ElseIf (Test-Path -Path $src -PathType Container) +ElseIf (Test-Path -LiteralPath $src -PathType Container) { Fail-Json $result "Path $src is a directory"; } diff --git a/lib/ansible/modules/windows/win_acl.ps1 b/lib/ansible/modules/windows/win_acl.ps1 index 1077559fe5..6a749a57d6 100644 --- a/lib/ansible/modules/windows/win_acl.ps1 +++ b/lib/ansible/modules/windows/win_acl.ps1 @@ -27,9 +27,9 @@ function Get-UserSID { if ($searchAppPools) { Import-Module -Name WebAdministration - $testIISPath = Test-Path -Path "IIS:" + $testIISPath = Test-Path -LiteralPath "IIS:" if ($testIISPath) { - $appPoolObj = Get-ItemProperty -Path "IIS:\AppPools\$AccountName" + $appPoolObj = Get-ItemProperty -LiteralPath "IIS:\AppPools\$AccountName" $userSID = $appPoolObj.applicationPoolSid } } @@ -168,7 +168,7 @@ $state = Get-Attr $params "state" "present" -validateSet "present","absent" -res $inherit = Get-Attr $params "inherit" "" $propagation = Get-Attr $params "propagation" "None" -validateSet "None","NoPropagateInherit","InheritOnly" -resultobj $result -If (-Not (Test-Path -Path $path)) { +If (-Not (Test-Path -LiteralPath $path)) { Fail-Json $result "$path file or directory does not exist on the host" } @@ -178,7 +178,7 @@ if (!$sid) { Fail-Json $result "$user is not a valid user or group on the host machine or domain" } -If (Test-Path -Path $path -PathType Leaf) { +If (Test-Path -LiteralPath $path -PathType Leaf) { $inherit = "None" } ElseIf ($inherit -eq "") { @@ -213,7 +213,7 @@ Try { Else { $objACE = New-Object System.Security.AccessControl.FileSystemAccessRule ($objUser, $colRights, $InheritanceFlag, $PropagationFlag, $objType) } - $objACL = Get-ACL $path + $objACL = Get-ACL -LiteralPath $path # Check if the ACE exists already in the objects ACL list $match = $false @@ -248,7 +248,7 @@ Try { If ($state -eq "present" -And $match -eq $false) { Try { $objACL.AddAccessRule($objACE) - Set-ACL $path $objACL + Set-ACL -LiteralPath $path -AclObject $objACL $result.changed = $true } Catch { @@ -258,7 +258,7 @@ Try { ElseIf ($state -eq "absent" -And $match -eq $true) { Try { $objACL.RemoveAccessRule($objACE) - Set-ACL $path $objACL + Set-ACL -LiteralPath $path -AclObject $objACL $result.changed = $true } Catch { diff --git a/lib/ansible/modules/windows/win_acl_inheritance.ps1 b/lib/ansible/modules/windows/win_acl_inheritance.ps1 index cfc8b3bc0b..007365fbd3 100644 --- a/lib/ansible/modules/windows/win_acl_inheritance.ps1 +++ b/lib/ansible/modules/windows/win_acl_inheritance.ps1 @@ -30,12 +30,12 @@ $path = Get-AnsibleParam -obj $params "path" -type "path" -failifempty $true $state = Get-AnsibleParam -obj $params "state" -type "str" -default "absent" -validateSet "present","absent" -resultobj $result $reorganize = Get-AnsibleParam -obj $params "reorganize" -type "bool" -default $false -resultobj $result -If (-Not (Test-Path -Path $path)) { +If (-Not (Test-Path -LiteralPath $path)) { Fail-Json $result "$path file or directory does not exist on the host" } Try { - $objACL = Get-ACL -Path $path + $objACL = Get-ACL -LiteralPath $path # AreAccessRulesProtected - $false if inheritance is set ,$true if inheritance is not set $inheritanceDisabled = $objACL.AreAccessRulesProtected @@ -45,9 +45,9 @@ Try { If ($reorganize) { # it wont work without intermediate save, state would be the same - Set-ACL -Path $path -AclObject $objACL -WhatIf:$check_mode + Set-ACL -LiteralPath $path -AclObject $objACL -WhatIf:$check_mode $result.changed = $true - $objACL = Get-ACL -Path $path + $objACL = Get-ACL -LiteralPath $path # convert explicit ACE to inherited ACE ForEach($inheritedRule in $objACL.Access) { @@ -67,11 +67,11 @@ Try { } } - Set-ACL -Path $path -AclObject $objACL -WhatIf:$check_mode + Set-ACL -LiteralPath $path -AclObject $objACL -WhatIf:$check_mode $result.changed = $true } Elseif (($state -eq "absent") -And (-not $inheritanceDisabled)) { $objACL.SetAccessRuleProtection($True, $reorganize) - Set-ACL -Path $path -AclObject $objACL -WhatIf:$check_mode + Set-ACL -LiteralPath $path -AclObject $objACL -WhatIf:$check_mode $result.changed = $true } } Catch { diff --git a/lib/ansible/modules/windows/win_owner.ps1 b/lib/ansible/modules/windows/win_owner.ps1 index 6cd5b187f5..e5c39b4a34 100644 --- a/lib/ansible/modules/windows/win_owner.ps1 +++ b/lib/ansible/modules/windows/win_owner.ps1 @@ -16,7 +16,7 @@ $path = Get-AnsibleParam -obj $params -name "path" -type "path" -failifempty $tr $user = Get-AnsibleParam -obj $params -name "user" -type "str" -failifempty $true $recurse = Get-AnsibleParam -obj $params -name "recurse" -type "bool" -default $false -resultobj $result -If (-Not (Test-Path -Path $path)) { +If (-Not (Test-Path -LiteralPath $path)) { Fail-Json $result "$path file or directory does not exist on the host" } @@ -29,23 +29,24 @@ if (!$sid) { Try { $objUser = New-Object System.Security.Principal.SecurityIdentifier($sid) - $file = Get-Item -Path $path - $acl = Get-Acl $file.FullName + $file = Get-Item -LiteralPath $path + $acl = Get-Acl -LiteralPath $file.FullName If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) { $acl.setOwner($objUser) - Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode + Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode $result.changed = $true } - If ($recurse) { - $files = Get-ChildItem -Path $path -Force -Recurse + If ($recurse -and $file -is [System.IO.DirectoryInfo]) { + # Get-ChildItem falls flat on pre PSv5 when dealing with complex path chars + $files = $file.EnumerateFileSystemInfos("*", [System.IO.SearchOption]::AllDirectories) ForEach($file in $files){ - $acl = Get-Acl $file.FullName + $acl = Get-Acl -LiteralPath $file.FullName If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) { $acl.setOwner($objUser) - Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode + Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode $result.changed = $true } } diff --git a/lib/ansible/modules/windows/win_tempfile.ps1 b/lib/ansible/modules/windows/win_tempfile.ps1 index 5e4419f3d8..b0f1232785 100644 --- a/lib/ansible/modules/windows/win_tempfile.ps1 +++ b/lib/ansible/modules/windows/win_tempfile.ps1 @@ -17,7 +17,14 @@ Function New-TempFile { $randomname = [System.IO.Path]::GetRandomFileName() $temppath = (Join-Path -Path $path -ChildPath "$prefix$randomname$suffix") Try { - New-Item -Path $temppath -ItemType $type -WhatIf:$checkmode | Out-Null + $file = New-Item -Path $temppath -ItemType $type -WhatIf:$checkmode + # Makes sure we get the full absolute path of the created temp file and not a relative or DOS 8.3 dir + if (-not $checkmode) { + $temppath = $file.FullName + } else { + # Just rely on GetFulLpath for check mode + $temppath = [System.IO.Path]::GetFullPath($temppath) + } } Catch { $temppath = $null $error = $_.Exception.Message diff --git a/lib/ansible/modules/windows/win_tempfile.py b/lib/ansible/modules/windows/win_tempfile.py index 1432a376b8..f120ba13ff 100644 --- a/lib/ansible/modules/windows/win_tempfile.py +++ b/lib/ansible/modules/windows/win_tempfile.py @@ -55,7 +55,7 @@ EXAMPLES = r""" RETURN = r''' path: - description: Path to created file or directory + description: The absolute path to the created file or directory. returned: success type: string sample: C:\Users\Administrator\AppData\Local\Temp\ansible.bMlvdk diff --git a/test/integration/targets/win_acl/aliases b/test/integration/targets/win_acl/aliases new file mode 100644 index 0000000000..3cf5b97e80 --- /dev/null +++ b/test/integration/targets/win_acl/aliases @@ -0,0 +1 @@ +shippable/windows/group3 diff --git a/test/integration/targets/win_acl/defaults/main.yml b/test/integration/targets/win_acl/defaults/main.yml new file mode 100644 index 0000000000..959a36ce42 --- /dev/null +++ b/test/integration/targets/win_acl/defaults/main.yml @@ -0,0 +1,2 @@ +--- +test_acl_path: '{{ win_output_dir }}\win_acl .ÅÑŚÌβŁÈ [$!@^&test(;)]' diff --git a/test/integration/targets/win_acl/tasks/main.yml b/test/integration/targets/win_acl/tasks/main.yml new file mode 100644 index 0000000000..56cac985fc --- /dev/null +++ b/test/integration/targets/win_acl/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: ensure we start with a clean dir + win_file: + path: '{{ test_acl_path }}' + state: '{{ item }}' + with_items: + - absent + - directory + +- block: + - name: run tests + include_tasks: tests.yml + + always: + - name: cleanup testing dir + win_file: + path: '{{ test_acl_path }}' + state: absent diff --git a/test/integration/targets/win_acl/tasks/tests.yml b/test/integration/targets/win_acl/tasks/tests.yml new file mode 100644 index 0000000000..de438b2a48 --- /dev/null +++ b/test/integration/targets/win_acl/tasks/tests.yml @@ -0,0 +1,163 @@ +# these are very basic tests, they should be expanded greatly as this is a core module +--- +- name: get register cmd that will get ace info + set_fact: + test_ace_cmd: | + $ace_list = (Get-Acl -LiteralPath $path).Access | Where-Object { $_.IsInherited -eq $false } | ForEach-Object { + @{ + rights = $_.FileSystemRights.ToString() + type = $_.AccessControlType.ToString() + identity = $_.IdentityReference.Value.ToString() + inheritance_flags = $_.InheritanceFlags.ToString() + propagation_flags = $_.PropagationFlags.ToString() + } + } + ConvertTo-Json -InputObject @($ace_list) + +- name: add write rights to Guest + win_acl: + path: '{{ test_acl_path }}' + type: allow + user: Guests + rights: Write + register: allow_right + +- name: get result of add write rights to Guest + win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' + register: allow_right_actual + +- name: assert add write rights to Guest + assert: + that: + - allow_right is changed + - (allow_right_actual.stdout|from_json)|count == 1 + - (allow_right_actual.stdout|from_json)[0].identity == 'BUILTIN\Guests' + - (allow_right_actual.stdout|from_json)[0].inheritance_flags == 'ContainerInherit, ObjectInherit' + - (allow_right_actual.stdout|from_json)[0].propagation_flags == 'None' + - (allow_right_actual.stdout|from_json)[0].rights == 'Write, Synchronize' + - (allow_right_actual.stdout|from_json)[0].type == 'Allow' + +- name: add write rights to Guest (idempotent) + win_acl: + path: '{{ test_acl_path }}' + type: allow + user: Guests + rights: Write + register: allow_right_again + +- name: assert add write rights to Guest (idempotent) + assert: + that: + - not allow_right_again is changed + +- name: remove write rights from Guest + win_acl: + path: '{{ test_acl_path }}' + type: allow + user: Guests + rights: Write + state: absent + register: remove_right + +- name: get result of remove write rights from Guest + win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' + register: remove_right_actual + +- name: assert remove write rights from Guest + assert: + that: + - remove_right is changed + - remove_right_actual.stdout_lines == ["[", "", "]"] + +- name: remove write rights from Guest (idempotent) + win_acl: + path: '{{ test_acl_path }}' + type: allow + user: Guests + rights: Write + state: absent + register: remove_right_again + +- name: assert remote write rights from Guest (idempotent) + assert: + that: + - not remove_right_again is changed + +- name: add deny write rights to Guest + win_acl: + path: '{{ test_acl_path }}' + type: deny + user: Guests + rights: Write + inherit: ContainerInherit + propagation: NoPropagateInherit + state: present + register: add_deny_right + +- name: get result of add deny write rights to Guest + win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' + register: add_deny_right_actual + +- name: assert add deny write rights to Guest + assert: + that: + - add_deny_right is changed + - (add_deny_right_actual.stdout|from_json)|count == 1 + - (add_deny_right_actual.stdout|from_json)[0].identity == 'BUILTIN\Guests' + - (add_deny_right_actual.stdout|from_json)[0].inheritance_flags == 'ContainerInherit' + - (add_deny_right_actual.stdout|from_json)[0].propagation_flags == 'NoPropagateInherit' + - (add_deny_right_actual.stdout|from_json)[0].rights == 'Write' + - (add_deny_right_actual.stdout|from_json)[0].type == 'Deny' + +- name: add deny write rights to Guest (idempotent) + win_acl: + path: '{{ test_acl_path }}' + type: deny + user: Guests + rights: Write + inherit: ContainerInherit + propagation: NoPropagateInherit + state: present + register: add_deny_right_again + +- name: assert add deny write rights to Guest (idempotent) + assert: + that: + - not add_deny_right_again is changed + +- name: remove deny write rights from Guest + win_acl: + path: '{{ test_acl_path }}' + type: deny + user: Guests + rights: Write + inherit: ContainerInherit + propagation: NoPropagateInherit + state: absent + register: remove_deny_right + +- name: get result of remove deny write rights from Guest + win_shell: '$path = ''{{ test_acl_path }}''; {{ test_ace_cmd }}' + register: remove_deny_right_actual + +- name: assert remove deny write rights from Guest + assert: + that: + - remove_deny_right is changed + - remove_deny_right_actual.stdout_lines == ["[", "", "]"] + +- name: remove deny write rights from Guest (idempotent) + win_acl: + path: '{{ test_acl_path }}' + type: deny + user: Guests + rights: Write + inherit: ContainerInherit + propagation: NoPropagateInherit + state: absent + register: remove_deny_right_again + +- name: assert remove deny write rights from Guest (idempotent) + assert: + that: + - not remove_deny_right_again is changed diff --git a/test/integration/targets/win_acl_inheritance/defaults/main.yml b/test/integration/targets/win_acl_inheritance/defaults/main.yml index 325bfbe81d..138063f4fe 100644 --- a/test/integration/targets/win_acl_inheritance/defaults/main.yml +++ b/test/integration/targets/win_acl_inheritance/defaults/main.yml @@ -1 +1 @@ -test_win_acl_inheritance_path: C:\ansible\win_acl_inheritance +test_win_acl_inheritance_path: C:\ansible\win_acl_inheritance .ÅÑŚÌβŁÈ [$!@^&test(;)] diff --git a/test/integration/targets/win_acl_inheritance/library/test_get_acl.ps1 b/test/integration/targets/win_acl_inheritance/library/test_get_acl.ps1 index 6c73f96c0a..c75d33ead8 100644 --- a/test/integration/targets/win_acl_inheritance/library/test_get_acl.ps1 +++ b/test/integration/targets/win_acl_inheritance/library/test_get_acl.ps1 @@ -13,29 +13,21 @@ $result = @{ changed = $false } -$acl = Get-Acl -Path $path +$acl = Get-Acl -LiteralPath $path $result.inherited = $acl.AreAccessRulesProtected -eq $false $user_details = @{} $acl.Access | ForEach-Object { - # Backslashes are the bane of my existance, convert to / to we can export to JSON - $user = $_.IdentityReference -replace '\\','/' + $user = $_.IdentityReference.Translate([System.Security.Principal.SecurityIdentifier]).Value if ($user_details.ContainsKey($user)) { $details = $user_details.$user } else { $details = @{ isinherited = $false - isnotinherited = $false } } - - if ($_.IsInherited) { - $details.isinherited = $true - } else { - $details.isnotinherited = $true - } - + $details.isinherited = $_.IsInherited $user_details.$user = $details } diff --git a/test/integration/targets/win_acl_inheritance/tasks/main.yml b/test/integration/targets/win_acl_inheritance/tasks/main.yml index d1fadc43a7..9b613276a3 100644 --- a/test/integration/targets/win_acl_inheritance/tasks/main.yml +++ b/test/integration/targets/win_acl_inheritance/tasks/main.yml @@ -1,24 +1,65 @@ --- - # Test setup -- name: remove test folder for baseline - win_file: - path: '{{test_win_acl_inheritance_path}}' - state: absent - +# Test setup +# Use single task to save in CI runtime - name: create test folders - win_file: - path: '{{test_win_acl_inheritance_path}}\folder' - state: directory - -- name: create test files - win_copy: - dest: '{{test_win_acl_inheritance_path}}\folder\file.txt' - content: a + win_shell: | + $ErrorActionPreference = 'Stop' + + $tmp_dir = '{{ test_win_acl_inheritance_path }}' + if (Test-Path -LiteralPath $tmp_dir) { + Remove-Item -LiteralPath $tmp_dir -Force -Recurse + } + New-Item -Path $tmp_dir -ItemType Directory > $null + + Add-Type -AssemblyName System.DirectoryServices.AccountManagement + $current_sid = ([System.DirectoryServices.AccountManagement.UserPrincipal]::Current).Sid + $system_sid = New-Object -TypeName System.Security.Principal.SecurityIdentifier -ArgumentList @([System.Security.Principal.WellKnownSidType]::LocalSystemSid, $null) + $everyone_sid = New-Object -TypeName System.Security.Principal.SecurityIdentifier -ArgumentList @([System.Security.Principal.WellKnownSidType]::WorldSid, $null) + + $sd = New-Object -TypeName System.Security.AccessControl.DirectorySecurity + $sd.SetAccessRuleProtection($true, $false) + $sd.AddAccessRule( + (New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList @( + $system_sid, + [System.Security.AccessControl.FileSystemRights]::FullControl, + [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit", + [System.Security.AccessControl.PropagationFlags]::None, + [System.Security.AccessControl.AccessControlType]::Allow + )) + ) + $sd.AddAccessRule( + (New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList @( + $current_sid, + [System.Security.AccessControl.FileSystemRights]::FullControl, + [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit", + [System.Security.AccessControl.PropagationFlags]::None, + [System.Security.AccessControl.AccessControlType]::Allow + )) + ) + $sd.AddAccessRule( + (New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList @( + $everyone_sid, + [System.Security.AccessControl.FileSystemRights]::Read, + [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit", + [System.Security.AccessControl.PropagationFlags]::None, + [System.Security.AccessControl.AccessControlType]::Allow + )) + ) + + Set-Acl -LiteralPath $tmp_dir -AclObject $sd + + New-Item -Path "$tmp_dir\folder" -ItemType Directory > $null + Set-Content -LiteralPath "$tmp_dir\folder\file.txt" -Value 'a' + + $system_sid.Value + $current_sid.Value + $everyone_sid.Value + register: test_sids # register the output SID values used for comparison tests below # Run tests - name: remove inheritance check win_acl_inheritance: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' reorganize: True state: absent register: remove_check @@ -26,7 +67,7 @@ - name: get actual remove inheritance check test_get_acl: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' register: actual_remove_check - name: assert remove inheritance check @@ -34,17 +75,20 @@ that: - remove_check is changed - actual_remove_check.inherited == True + - actual_remove_check.user_details[test_sids.stdout_lines[0]].isinherited == True + - actual_remove_check.user_details[test_sids.stdout_lines[1]].isinherited == True + - actual_remove_check.user_details[test_sids.stdout_lines[2]].isinherited == True - name: remove inheritance win_acl_inheritance: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' reorganize: True state: absent register: remove - name: get actual remove inheritance test_get_acl: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' register: actual_remove - name: assert remove inheritance @@ -52,44 +96,25 @@ that: - remove is changed - actual_remove.inherited == False - - actual_remove.user_details['BUILTIN/Administrators'].isinherited == False - - actual_remove.user_details['BUILTIN/Administrators'].isnotinherited == True - - actual_remove.user_details['BUILTIN/Users'].isinherited == False - - actual_remove.user_details['BUILTIN/Users'].isnotinherited == True - - actual_remove.user_details['CREATOR OWNER'].isinherited == False - - actual_remove.user_details['CREATOR OWNER'].isnotinherited == True - - actual_remove.user_details['NT AUTHORITY/SYSTEM'].isinherited == False - - actual_remove.user_details['NT AUTHORITY/SYSTEM'].isnotinherited == True + - actual_remove.user_details[test_sids.stdout_lines[0]].isinherited == False + - actual_remove.user_details[test_sids.stdout_lines[1]].isinherited == False + - actual_remove.user_details[test_sids.stdout_lines[2]].isinherited == False - name: remove inheritance again win_acl_inheritance: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' reorganize: True state: absent register: remove_again -- name: get actual remove inheritance again - test_get_acl: - path: '{{test_win_acl_inheritance_path}}\folder' - register: actual_remove_again - - name: assert remove inheritance again assert: that: - remove_again is not changed - - actual_remove_again.inherited == False - - actual_remove.user_details['BUILTIN/Administrators'].isinherited == False - - actual_remove.user_details['BUILTIN/Administrators'].isnotinherited == True - - actual_remove.user_details['BUILTIN/Users'].isinherited == False - - actual_remove.user_details['BUILTIN/Users'].isnotinherited == True - - actual_remove.user_details['CREATOR OWNER'].isinherited == False - - actual_remove.user_details['CREATOR OWNER'].isnotinherited == True - - actual_remove.user_details['NT AUTHORITY/SYSTEM'].isinherited == False - - actual_remove.user_details['NT AUTHORITY/SYSTEM'].isnotinherited == True - name: add inheritance check win_acl_inheritance: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' reorganize: True state: present register: add_check @@ -97,7 +122,7 @@ - name: get actual add inheritance check test_get_acl: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' register: actual_add_check - name: assert add inheritance check @@ -105,25 +130,20 @@ that: - add_check is changed - actual_add_check.inherited == False - - actual_add_check.user_details['BUILTIN/Administrators'].isinherited == False - - actual_add_check.user_details['BUILTIN/Administrators'].isnotinherited == True - - actual_add_check.user_details['BUILTIN/Users'].isinherited == False - - actual_add_check.user_details['BUILTIN/Users'].isnotinherited == True - - actual_add_check.user_details['CREATOR OWNER'].isinherited == False - - actual_add_check.user_details['CREATOR OWNER'].isnotinherited == True - - actual_add_check.user_details['NT AUTHORITY/SYSTEM'].isinherited == False - - actual_add_check.user_details['NT AUTHORITY/SYSTEM'].isnotinherited == True + - actual_add_check.user_details[test_sids.stdout_lines[0]].isinherited == False + - actual_add_check.user_details[test_sids.stdout_lines[1]].isinherited == False + - actual_add_check.user_details[test_sids.stdout_lines[2]].isinherited == False - name: add inheritance win_acl_inheritance: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' reorganize: True state: present register: add - name: get actual add inheritance test_get_acl: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' register: actual_add - name: assert add inheritance @@ -131,43 +151,24 @@ that: - add is changed - actual_add.inherited == True - - actual_add.user_details['BUILTIN/Administrators'].isinherited == True - - actual_add.user_details['BUILTIN/Administrators'].isnotinherited == False - - actual_add.user_details['BUILTIN/Users'].isinherited == True - - actual_add.user_details['BUILTIN/Users'].isnotinherited == True # Bug in win_acl_inheritance, resetting inheritance doubles up entries - - actual_add.user_details['CREATOR OWNER'].isinherited == True - - actual_add.user_details['CREATOR OWNER'].isnotinherited == False - - actual_add.user_details['NT AUTHORITY/SYSTEM'].isinherited == True - - actual_add.user_details['NT AUTHORITY/SYSTEM'].isnotinherited == False + - actual_add.user_details[test_sids.stdout_lines[0]].isinherited == True + - actual_add.user_details[test_sids.stdout_lines[1]].isinherited == True + - actual_add.user_details[test_sids.stdout_lines[2]].isinherited == True - name: add inheritance again win_acl_inheritance: - path: '{{test_win_acl_inheritance_path}}\folder' + path: '{{ test_win_acl_inheritance_path }}\folder' reorganize: True state: present register: add_again -- name: get actual add inheritance again - test_get_acl: - path: '{{test_win_acl_inheritance_path}}\folder' - register: actual_add_again - - name: assert add inheritance again assert: that: - add_again is not changed - - actual_add_again.inherited == True - - actual_add_again.user_details['BUILTIN/Administrators'].isinherited == True - - actual_add_again.user_details['BUILTIN/Administrators'].isnotinherited == False - - actual_add_again.user_details['BUILTIN/Users'].isinherited == True - - actual_add_again.user_details['BUILTIN/Users'].isnotinherited == True # Bug in win_acl_inheritance, resetting inheritance doubles up entries - - actual_add_again.user_details['CREATOR OWNER'].isinherited == True - - actual_add_again.user_details['CREATOR OWNER'].isnotinherited == False - - actual_add_again.user_details['NT AUTHORITY/SYSTEM'].isinherited == True - - actual_add_again.user_details['NT AUTHORITY/SYSTEM'].isnotinherited == False # Test cleanup - name: remove test folder win_file: - path: '{{test_win_acl_inheritance_path}}' + path: '{{ test_win_acl_inheritance_path }}' state: absent diff --git a/test/integration/targets/win_module_utils/library/command_util_test.ps1 b/test/integration/targets/win_module_utils/library/command_util_test.ps1 index 0a0826cd54..e95c742a3a 100644 --- a/test/integration/targets/win_module_utils/library/command_util_test.ps1 +++ b/test/integration/targets/win_module_utils/library/command_util_test.ps1 @@ -29,6 +29,21 @@ Assert-Equals -actual $actual.stdout -expected "arg1`r`narg2`r`narg 3`r`n" Assert-Equals -actual $actual.stderr -expected "" Assert-Equals -actual $actual.executable -expected $exe +$test_name = "exe in special char dir" +$tmp_dir = Join-Path -Path $env:TEMP -ChildPath "ansible .ÅÑŚÌβŁÈ [$!@^&test(;)]" +try { + New-Item -Path $tmp_dir -ItemType Directory > $null + $exe_special = Join-Path $tmp_dir -ChildPath "PrintArgv.exe" + Copy-Item -LiteralPath $exe -Destination $exe_special + $actual = Run-Command -command "`"$exe_special`" arg1 arg2 `"arg 3`"" +} finally { + Remove-Item -LiteralPath $tmp_dir -Force -Recurse +} +Assert-Equals -actual $actual.rc -expected 0 +Assert-Equals -actual $actual.stdout -expected "arg1`r`narg2`r`narg 3`r`n" +Assert-Equals -actual $actual.stderr -expected "" +Assert-Equals -actual $actual.executable -expected $exe_special + $test_name = "invalid exe path" try { $actual = Run-Command -command "C:\fakepath\$exe_filename arg1" @@ -80,7 +95,7 @@ $test_name = "test default environment variable" Set-Item -Path env:TESTENV -Value "test" $actual = Run-Command -command "cmd.exe /c set" $env_present = $actual.stdout -split "`r`n" | Where-Object { $_ -eq "TESTENV=test" } -if ($env_present -eq $null) { +if ($null -eq $env_present) { Fail-Json -obj $result -message "Test $test_name failed`nenvironment variable TESTENV not found in stdout`n$($actual.stdout)" } @@ -88,10 +103,10 @@ $test_name = "test custom environment variable1" $actual = Run-Command -command "cmd.exe /c set" -environment @{ TESTENV2 = "testing" } $env_not_present = $actual.stdout -split "`r`n" | Where-Object { $_ -eq "TESTENV=test" } $env_present = $actual.stdout -split "`r`n" | Where-Object { $_ -eq "TESTENV2=testing" } -if ($env_not_present -ne $null) { +if ($null -ne $env_not_present) { Fail-Json -obj $result -message "Test $test_name failed`nenvironment variabel TESTENV found in stdout when it should be`n$($actual.stdout)" } -if ($env_present -eq $null) { +if ($null -eq $env_present) { Fail-json -obj $result -message "Test $test_name failed`nenvironment variable TESTENV2 not found in stdout`n$($actual.stdout)" } diff --git a/test/integration/targets/win_module_utils/library/symbolic_link_test.ps1 b/test/integration/targets/win_module_utils/library/symbolic_link_test.ps1 index c70ab1d23b..1decfe4fd8 100644 --- a/test/integration/targets/win_module_utils/library/symbolic_link_test.ps1 +++ b/test/integration/targets/win_module_utils/library/symbolic_link_test.ps1 @@ -6,8 +6,7 @@ $ErrorActionPreference = 'Stop' -$params = Parse-Args $args; -$path = Get-AnsibleParam -obj $params -name "path" -type "path" -failifempty $true +$path = Join-Path -Path ([System.IO.Path]::GetFullPath($env:TEMP)) -ChildPath '.ansible .ÅÑŚÌβŁÈ [$!@^&test(;)]' $folder_target = "$path\folder" $file_target = "$path\file" @@ -17,13 +16,14 @@ $hardlink_path = "$path\hardlink" $hardlink_path_2 = "$path\hardlink2" $junction_point_path = "$path\junction" -if (Test-Path -Path $path) { - Remove-Item -Path $path -Force -Recurse | Out-Null +if (Test-Path -LiteralPath $path) { + # Remove-Item struggles with broken symlinks, rely on trusty rmdir instead + Run-Command -command "cmd.exe /c rmdir /S /Q `"$path`"" > $null } New-Item -Path $path -ItemType Directory | Out-Null New-Item -Path $folder_target -ItemType Directory | Out-Null New-Item -Path $file_target -ItemType File | Out-Null -Set-Content -Path $file_target -Value "a" +Set-Content -LiteralPath $file_target -Value "a" Function Assert-Equals($actual, $expected) { if ($actual -ne $expected) { @@ -42,7 +42,7 @@ Load-LinkUtils # path is not a link $no_link_result = Get-Link -link_path $path -Assert-True -expression ($no_link_result -eq $null) -message "did not return null result for a non link" +Assert-True -expression ($null -eq $no_link_result) -message "did not return null result for a non link" # fail to create hard link pointed to a directory try { @@ -122,7 +122,7 @@ if ($hardlink_result.HardTargets[0] -ne $hardlink_path -and $hardlink_result.Har if ($hardlink_result.HardTargets[0] -ne $file_target -and $hardlink_result.HardTargets[1] -ne $file_target) { Assert-True -expression $false -message "file $file_target is not a target of the hard link" } -Assert-equals -actual (Get-Content -Path $hardlink_path -Raw) -expected (Get-Content -Path $file_target -Raw) +Assert-equals -actual (Get-Content -LiteralPath $hardlink_path -Raw) -expected (Get-Content -LiteralPath $file_target -Raw) # create a new hard link and verify targets go to 3 New-Link -link_path $hardlink_path_2 -link_target $file_target -link_type "hard" @@ -130,7 +130,7 @@ $hardlink_result_2 = Get-Link -link_path $hardlink_path Assert-True -expression ($hardlink_result_2.HardTargets.Count -eq 3) -message "did not return 3 targets for the hard link, actual $($hardlink_result_2.Targets.Count)" # check if broken symbolic link still works -Remove-Item -Path $folder_target -Force | Out-Null +Remove-Item -LiteralPath $folder_target -Force | Out-Null $broken_link_result = Get-Link -link_path $symlink_folder_path Assert-Equals -actual $broken_link_result.Type -expected "SymbolicLink" Assert-Equals -actual $broken_link_result.SubstituteName -expected "\??\$folder_target" @@ -150,18 +150,21 @@ Assert-Equals -actual $broken_junction_result.HardTargets -expected $null # delete file symbolic link Remove-Link -link_path $symlink_file_path -Assert-True -expression (-not (Test-Path -Path $symlink_file_path)) -message "failed to delete file symbolic link" +Assert-True -expression (-not (Test-Path -LiteralPath $symlink_file_path)) -message "failed to delete file symbolic link" # delete folder symbolic link Remove-Link -link_path $symlink_folder_path -Assert-True -expression (-not (Test-Path -Path $symlink_folder_path)) -message "failed to delete folder symbolic link" +Assert-True -expression (-not (Test-Path -LiteralPath $symlink_folder_path)) -message "failed to delete folder symbolic link" # delete junction point Remove-Link -link_path $junction_point_path -Assert-True -expression (-not (Test-Path -Path $junction_point_path)) -message "failed to delete junction point" +Assert-True -expression (-not (Test-Path -LiteralPath $junction_point_path)) -message "failed to delete junction point" # delete hard link Remove-Link -link_path $hardlink_path -Assert-True -expression (-not (Test-Path -Path $hardlink_path)) -message "failed to delete hard link" +Assert-True -expression (-not (Test-Path -LiteralPath $hardlink_path)) -message "failed to delete hard link" + +# cleanup after tests +Run-Command -command "cmd.exe /c rmdir /S /Q `"$path`"" > $null Exit-Json @{ data = "success" } diff --git a/test/integration/targets/win_module_utils/tasks/main.yml b/test/integration/targets/win_module_utils/tasks/main.yml index 2c8561fc7e..d6882ce8c9 100644 --- a/test/integration/targets/win_module_utils/tasks/main.yml +++ b/test/integration/targets/win_module_utils/tasks/main.yml @@ -108,7 +108,6 @@ - name: call module with symbolic link tests symbolic_link_test: - path: C:\ansible testing register: symbolic_link - assert: diff --git a/test/integration/targets/win_owner/defaults/main.yml b/test/integration/targets/win_owner/defaults/main.yml index f71d353ec8..a3882a95f6 100644 --- a/test/integration/targets/win_owner/defaults/main.yml +++ b/test/integration/targets/win_owner/defaults/main.yml @@ -1 +1 @@ -test_win_owner_path: C:\ansible\win_owner +test_win_owner_path: C:\ansible\win_owner .ÅÑŚÌβŁÈ [$!@^&test(;)] diff --git a/test/integration/targets/win_owner/tasks/main.yml b/test/integration/targets/win_owner/tasks/main.yml index 483c05f417..4b6046f409 100644 --- a/test/integration/targets/win_owner/tasks/main.yml +++ b/test/integration/targets/win_owner/tasks/main.yml @@ -1,36 +1,36 @@ --- # Setup tests -- name: gather facts on host for use with later tests - setup: - -- name: remove test path to ensure baseline - win_file: - path: "{{test_win_owner_path}}" - state: absent - -- name: create test paths - win_file: - path: "{{test_win_owner_path}}\\{{item}}" - state: directory - with_items: - - folder - - folder\folder1 - - folder\folder2 - - folder with space - - folder with space\folder1 - - folder with space\folder2 - -- name: create system test files - win_copy: - dest: "{{test_win_owner_path}}\\{{item}}" - content: content - with_items: - - folder\file.txt - - folder\folder1\file.txt - - folder\folder2\file.txt - - folder with space\file.txt - - folder with space\folder1\file.txt - - folder with space\folder2\file.txt +# Use single task to save on CI runtime +- name: create test files + win_shell: | + $folders = @( + "folder", + "folder\folder1", + "folder\folder2", + "folder with space", + "folder with space\folder1", + "folder with space\folder2" + ) + $tmp_dir = '{{ test_win_owner_path }}' + if (Test-Path -LiteralPath $tmp_dir) { + Remove-Item -LiteralPath $tmp_dir -Force -Recurse + } + New-Item -Path $tmp_dir -ItemType Directory + + foreach ($folder in $folders) { + New-Item -Path "$tmp_dir\$folder" -ItemType Directory + } + $files = @( + "folder\file.txt", + "folder\folder1\file.txt", + "folder\folder2\file.txt", + "folder with space\file.txt", + "folder with space\folder1\file.txt", + "folder with space\folder2\file.txt" + ) + foreach ($file in $files) { + Set-Content -LiteralPath "$tmp_dir\$file" -Value "content" + } # Run win_owner tests - name: set owner for invalid path @@ -55,7 +55,7 @@ check_mode: True - name: get owner of folder of set owner defaults check - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner register: actual_defaults_check - name: assert set owner defaults check @@ -71,7 +71,7 @@ register: defaults - name: get owner of folder of set owner defaults - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner register: actual_defaults - name: assert set owner defaults @@ -86,15 +86,10 @@ user: SYSTEM register: defaults_again -- name: get owner of folder of set owner defaults again - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" - register: actual_defaults_again - - name: assert set owner defaults again assert: that: - defaults_again is not changed - - actual_defaults_again.stdout_lines[0] == 'NT AUTHORITY\SYSTEM' - name: set owner recurse check win_owner: @@ -105,7 +100,7 @@ check_mode: True - name: get owner of folder of set owner recurse check - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item.path}}').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item.path}}').Owner register: actual_recurse_check failed_when: actual_recurse_check.stdout_lines[0] != item.owner with_items: @@ -129,7 +124,7 @@ register: recurse - name: get owner of folder of set owner recurse - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item}}').Owner register: actual_recurse failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM' with_items: @@ -152,18 +147,6 @@ recurse: True register: recurse_again -- name: get owner of folder of set owner recurse again - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" - register: actual_recurse_again - failed_when: actual_recurse_again.stdout_lines[0] != 'NT AUTHORITY\SYSTEM' - with_items: - - folder - - folder\file.txt - - folder\folder1 - - folder\folder1\file.txt - - folder\folder2 - - folder\folder2\file.txt - - name: assert set owner recurse again assert: that: @@ -173,6 +156,7 @@ win_user: name: test win owner password: E1K0-O8b1-c8M9-c6D5 + register: test_user - name: set owner with space recurse win_owner: @@ -182,9 +166,12 @@ register: recurse_space - name: get owner of folder of set owner with space recurse - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" + win_shell: | + $owner = (Get-Acl -LiteralPath '{{ test_win_owner_path }}\{{ item }}').Owner + $account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $owner + $account.Translate([System.Security.Principal.SecurityIdentifier]).Value register: actual_recurse_space - failed_when: actual_recurse_space.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER' + failed_when: actual_recurse_space.stdout_lines[0] != test_user.sid with_items: - folder with space - folder with space\file.txt @@ -205,18 +192,6 @@ recurse: True register: recurse_space_again -- name: get owner of folder of set owner with space recurse again - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" - register: actual_recurse_space_again - failed_when: actual_recurse_space_again.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER' - with_items: - - folder with space - - folder with space\file.txt - - folder with space\folder1 - - folder with space\folder1\file.txt - - folder with space\folder2 - - folder with space\folder2\file.txt - - name: assert set owner with space recurse again assert: that: diff --git a/test/integration/targets/win_slurp/defaults/main.yml b/test/integration/targets/win_slurp/defaults/main.yml new file mode 100644 index 0000000000..a229fef968 --- /dev/null +++ b/test/integration/targets/win_slurp/defaults/main.yml @@ -0,0 +1 @@ +test_win_slurp_dir: C:\ansible\win_slurp .ÅÑŚÌβŁÈ [$!@^&test(;)]
\ No newline at end of file diff --git a/test/integration/targets/win_slurp/handlers/main.yml b/test/integration/targets/win_slurp/handlers/main.yml new file mode 100644 index 0000000000..ced20a405c --- /dev/null +++ b/test/integration/targets/win_slurp/handlers/main.yml @@ -0,0 +1,4 @@ +- name: remove test directory + win_file: + path: '{{ test_win_slurp_dir }}' + state: absent diff --git a/test/integration/targets/win_slurp/tasks/main.yml b/test/integration/targets/win_slurp/tasks/main.yml index c5ede290f2..1956c8a899 100644 --- a/test/integration/targets/win_slurp/tasks/main.yml +++ b/test/integration/targets/win_slurp/tasks/main.yml @@ -16,20 +16,37 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see <http://www.gnu.org/licenses/>. +- name: create test directory + win_file: + path: '{{ test_win_slurp_dir }}' + state: directory + notify: remove test directory + +# removes reliance on win_copy, set back once win_copy supports glob like chars +- name: create test file + win_shell: | + $file = '{{ test_win_slurp_dir }}\slurp.txt' + if (Test-Path -LiteralPath $file) { + Remove-Item -LiteralPath $file -Force + } + Set-Content -LiteralPath $file -Value 'Slurp this!' + - name: test slurping an existing file - slurp: src="C:/Windows/win.ini" + slurp: + src: '{{ test_win_slurp_dir }}\slurp.txt' register: slurp_existing - name: check slurp existing result assert: that: - - "slurp_existing.content" + - "slurp_existing.content == 'U2x1cnAgdGhpcyENCg=='" - "slurp_existing.encoding == 'base64'" - "slurp_existing is not changed" - "slurp_existing is not failed" - name: test slurping a large binary file with path param and backslashes - slurp: path="C:\Windows\explorer.exe" + slurp: + path: C:\Windows\explorer.exe register: slurp_path_backslashes no_log: true @@ -42,7 +59,8 @@ - "slurp_path_backslashes is not failed" - name: test slurping a non-existent file - slurp: src="C:/this_file_should_not_exist.txt" + slurp: + src: C:\this_file_should_not_exist.txt register: slurp_missing ignore_errors: true @@ -54,7 +72,8 @@ - "slurp_missing is not changed" - name: test slurping a directory - slurp: src="C:/Windows" + slurp: + src: '{{ test_win_slurp_dir }}\missing' register: slurp_dir ignore_errors: true diff --git a/test/integration/targets/win_tempfile/defaults/main.yml b/test/integration/targets/win_tempfile/defaults/main.yml index 656cdf6737..824fe00bb1 100644 --- a/test/integration/targets/win_tempfile/defaults/main.yml +++ b/test/integration/targets/win_tempfile/defaults/main.yml @@ -1 +1 @@ -test_tempfile_path: C:\ansible\win_tempfile +test_tempfile_path: 'C:\ansible\win_tempfile .ÅÑŚÌβŁÈ [$!@^&test(;)]' diff --git a/test/integration/targets/win_tempfile/tasks/main.yml b/test/integration/targets/win_tempfile/tasks/main.yml index c29fa6b518..e989d1ada7 100644 --- a/test/integration/targets/win_tempfile/tasks/main.yml +++ b/test/integration/targets/win_tempfile/tasks/main.yml @@ -1,12 +1,16 @@ --- -- name: get expanded %TEMP% value - win_command: powershell.exe "$env:TEMP" - register: raw_temp_value +- name: get the current %TEMP% value + win_shell: '[System.IO.Path]::GetFullPath($env:TEMP)' + register: temp_value -# match filter doesn't work with \, replace it with / -- name: replace backslash with frontslash for easier testing +- name: register temp path value set_fact: - temp_value: "{{raw_temp_value.stdout_lines[0] | regex_replace('\\\\', '/')}}" + temp_value: '{{ temp_value.stdout | trim }}' + + +- name: get raw %TEMP% value + win_shell: '$env:TEMP' + register: raw_temp_value - name: create temp file defaults check win_tempfile: @@ -23,7 +27,7 @@ that: - create_tmp_file_defaults_check is changed - create_tmp_file_defaults_check.state == 'file' - - create_tmp_file_defaults_check.path | regex_replace('\\\\', '/') is match(temp_value + '/ansible.*') + - create_tmp_file_defaults_check.path.startswith(temp_value + '\\ansible.') - actual_create_tmp_file_defaults_check.stat.exists == False - name: create temp file defaults @@ -40,7 +44,7 @@ that: - create_tmp_file_defaults is changed - create_tmp_file_defaults.state == 'file' - - create_tmp_file_defaults.path | regex_replace('\\\\', '/') is match(temp_value + '/ansible.*') + - create_tmp_file_defaults.path.startswith(temp_value + '\\ansible.') - actual_create_tmp_file_defaults.stat.exists == True - actual_create_tmp_file_defaults.stat.isdir == False @@ -58,7 +62,7 @@ that: - create_tmp_file_defaults_again is changed - create_tmp_file_defaults_again.state == 'file' - - create_tmp_file_defaults_again.path | regex_replace('\\\\', '/') is match(temp_value + '/ansible.*') + - create_tmp_file_defaults_again.path.startswith(temp_value + '\\ansible.') - create_tmp_file_defaults_again.path != create_tmp_file_defaults.path - actual_create_tmp_file_defaults_again.stat.exists == True - actual_create_tmp_file_defaults_again.stat.isdir == False @@ -79,7 +83,7 @@ that: - create_tmp_folder_check is changed - create_tmp_folder_check.state == 'directory' - - create_tmp_folder_check.path | regex_replace('\\\\', '/') is match(temp_value + '/ansible.*') + - create_tmp_folder_check.path.startswith(temp_value + '\\ansible.') - actual_create_tmp_folder_check.stat.exists == False - name: create temp folder @@ -97,7 +101,7 @@ that: - create_tmp_folder is changed - create_tmp_folder.state == 'directory' - - create_tmp_folder.path | regex_replace('\\\\', '/') is match(temp_value + '/ansible.*') + - create_tmp_folder.path.startswith(temp_value + '\\ansible.') - actual_create_tmp_folder.stat.exists == True - actual_create_tmp_folder.stat.isdir == True @@ -116,7 +120,8 @@ that: - create_tmp_file_suffix is changed - create_tmp_file_suffix.state == 'file' - - create_tmp_file_suffix.path | regex_replace('\\\\', '/') is match(temp_value + '/ansible.*.test-suffix') + - create_tmp_file_suffix.path.startswith(temp_value + '\\ansible.') + - create_tmp_file_suffix.path.endswith('test-suffix') - actual_creat_tmp_file_suffix.stat.exists == True - actual_creat_tmp_file_suffix.stat.isdir == False @@ -135,39 +140,92 @@ that: - create_tmp_file_prefix is changed - create_tmp_file_prefix.state == 'file' - - create_tmp_file_prefix.path | regex_replace('\\\\', '/') is match(temp_value + '/test-prefix.*') + - create_tmp_file_prefix.path.startswith(temp_value + '\\test-prefix') - actual_creat_tmp_file_prefix.stat.exists == True - actual_creat_tmp_file_prefix.stat.isdir == False - name: create new temp file folder win_file: - path: "{{test_tempfile_path}}" + path: '{{test_tempfile_path}}\testing folder' state: directory -- name: create temp file with different path - win_tempfile: - path: "{{test_tempfile_path}}" - register: create_tmp_file_difference_path - -- name: get stat of temp file with different path - win_stat: - path: "{{create_tmp_file_difference_path.path}}" - register: actual_creat_tmp_file_different_path - -- name: convert new temp path to regex format - set_fact: - test_tempfile_path_regex: "{{test_tempfile_path | regex_replace('\\\\', '/')}}" - -- name: assert create temp file with different path - assert: - that: - - create_tmp_file_difference_path is changed - - create_tmp_file_difference_path.state == 'file' - - create_tmp_file_difference_path.path | regex_replace('\\\\', '/') is match(test_tempfile_path_regex + '/ansible.*') - - actual_creat_tmp_file_different_path.stat.exists == True - - actual_creat_tmp_file_different_path.stat.isdir == False - -- name: delete temp file folder +- block: + - name: create temp file with different path + win_tempfile: + path: '{{test_tempfile_path}}\testing folder' + register: create_tmp_file_difference_path + + - name: get stat of temp file with different path + win_stat: + path: "{{create_tmp_file_difference_path.path}}" + register: actual_creat_tmp_file_different_path + + - name: assert create temp file with different path + assert: + that: + - create_tmp_file_difference_path is changed + - create_tmp_file_difference_path.state == 'file' + - create_tmp_file_difference_path.path.startswith(test_tempfile_path + '\\testing folder\\ansible.') + - actual_creat_tmp_file_different_path.stat.exists == True + - actual_creat_tmp_file_different_path.stat.isdir == False + + - name: create temp file with DOS 8.3 short name + win_tempfile: + path: '{{ test_tempfile_path }}\TESTIN~1' + register: create_tmp_file_dos_path + + - name: get stat of temp file with different path + win_stat: + path: '{{ create_tmp_file_dos_path.path }}' + register: actual_create_tmp_file_dos_path + + - name: assert create temp file with different path + assert: + that: + - create_tmp_file_dos_path is changed + - create_tmp_file_dos_path.state == 'file' + - create_tmp_file_dos_path.path.startswith(test_tempfile_path + '\\testing folder\\ansible.') + - actual_create_tmp_file_dos_path.stat.exists == True + - actual_create_tmp_file_dos_path.stat.isdir == False + + always: + - name: delete temp file folder + win_file: + path: "{{test_tempfile_path}}" + state: absent + +- name: get current working directory + win_shell: $pwd.Path + register: current_dir + +- name: create directory for relative dir tests win_file: - path: "{{test_tempfile_path}}" - state: absent + path: '{{ current_dir.stdout | trim }}\win_tempfile' + state: directory + +- block: + - name: create temp folder with relative path + win_tempfile: + path: win_tempfile + state: directory + register: create_relative + + - name: get stat of temp folder with relative path + win_stat: + path: '{{ create_relative.path }}' + register: actual_create_relative + + - name: assert create temp folder with relative path + assert: + that: + - create_relative is changed + - create_relative.state == 'directory' + - create_relative.path.startswith((current_dir.stdout | trim) + '\\win_tempfile\\ansible.') + - actual_create_relative.stat.exists == True + - actual_create_relative.stat.isdir == True + + always: + - name: remove relative directory tests + win_file: + path: '{{ current_dir.stdout | trim }}\win_tempfile' + state: absent |