diff options
author | Vasu1105 <vasundhara.jagdale@msystechnologies.com> | 2020-02-23 22:37:07 -0800 |
---|---|---|
committer | Vasu1105 <vasundhara.jagdale@msystechnologies.com> | 2020-02-24 00:03:39 -0800 |
commit | b55fa03435b8045a3cea58693691cd0c12d1a3db (patch) | |
tree | 5213cf64086e72d1db0934bd249c4286d57f70fa /spec/functional/resource | |
parent | 8e5d87f13f91780f5a61cad4e78f2ae6c94f36b4 (diff) | |
download | chef-b55fa03435b8045a3cea58693691cd0c12d1a3db.tar.gz |
Using win32 api to fetch the account with user rights. Used this method in set action to set the users for privileges and removed dsc_resource code
Signed-off-by: Vasu1105 <vasundhara.jagdale@msystechnologies.com>
Diffstat (limited to 'spec/functional/resource')
-rw-r--r-- | spec/functional/resource/windows_user_privilege_spec.rb | 60 |
1 files changed, 41 insertions, 19 deletions
diff --git a/spec/functional/resource/windows_user_privilege_spec.rb b/spec/functional/resource/windows_user_privilege_spec.rb index cf1320e12a..fa134b4fe7 100644 --- a/spec/functional/resource/windows_user_privilege_spec.rb +++ b/spec/functional/resource/windows_user_privilege_spec.rb @@ -64,25 +64,6 @@ describe Chef::Resource::WindowsUserPrivilege, :windows_only do end describe "#set privilege" do - before(:all) { - powershell_exec("Uninstall-Module -Name cSecurityOptions") unless powershell_exec("(Get-Package -Name cSecurityOptions -WarningAction SilentlyContinue).name").result.empty? - } - - let(:principal) { "user_privilege" } - let(:users) { %w{Administrators Administrator} } - let(:privilege) { %w{SeCreateSymbolicLinkPrivilege} } - - it "raises error if cSecurityOptions is not installed." do - subject.action(:set) - expect { subject.run_action(:set) }.to raise_error(RuntimeError) - end - end - - describe "#set privilege" do - before(:all) { - powershell_exec("Install-Module -Name cSecurityOptions -Force") if powershell_exec("(Get-Package -Name cSecurityOptions -WarningAction SilentlyContinue).name").result.empty? - } - after { remove_user_privilege("Administrator", subject.privilege) } let(:principal) { "user_privilege" } @@ -120,6 +101,47 @@ describe Chef::Resource::WindowsUserPrivilege, :windows_only do end end + describe "running with non admin user" do + include Chef::Mixin::UserContext + + let(:user) { "security_user" } + let(:password) { "Security@123" } + let(:principal) { "user_privilege" } + let(:users) { ["Administrators", "#{domain}\\security_user"] } + let(:privilege) { %w{SeCreateSymbolicLinkPrivilege} } + + let(:domain) do + ENV["COMPUTERNAME"] + end + + before do + allow_any_instance_of(Chef::Mixin::UserContext).to receive(:node).and_return({ "platform_family" => "windows" }) + add_user = Mixlib::ShellOut.new("net user #{user} #{password} /ADD") + add_user.run_command + add_user.error! + end + + after do + remove_user_privilege("#{domain}\\#{user}", subject.privilege) + delete_user = Mixlib::ShellOut.new("net user #{user} /delete") + delete_user.run_command + delete_user.error! + end + + it "sets user to privilege" do + subject.action(:set) + subject.run_action(:set) + expect(subject).to be_updated_by_last_action + end + + it "is idempotent" do + subject.action(:set) + subject.run_action(:set) + subject.run_action(:set) + expect(subject).not_to be_updated_by_last_action + end + end + def remove_user_privilege(user, privilege) subject.action(:remove) subject.principal = user |