summaryrefslogtreecommitdiff
path: root/spec/functional/resource
diff options
context:
space:
mode:
Diffstat (limited to 'spec/functional/resource')
-rw-r--r--spec/functional/resource/windows_user_privilege_spec.rb60
1 files changed, 41 insertions, 19 deletions
diff --git a/spec/functional/resource/windows_user_privilege_spec.rb b/spec/functional/resource/windows_user_privilege_spec.rb
index cf1320e12a..fa134b4fe7 100644
--- a/spec/functional/resource/windows_user_privilege_spec.rb
+++ b/spec/functional/resource/windows_user_privilege_spec.rb
@@ -64,25 +64,6 @@ describe Chef::Resource::WindowsUserPrivilege, :windows_only do
end
describe "#set privilege" do
- before(:all) {
- powershell_exec("Uninstall-Module -Name cSecurityOptions") unless powershell_exec("(Get-Package -Name cSecurityOptions -WarningAction SilentlyContinue).name").result.empty?
- }
-
- let(:principal) { "user_privilege" }
- let(:users) { %w{Administrators Administrator} }
- let(:privilege) { %w{SeCreateSymbolicLinkPrivilege} }
-
- it "raises error if cSecurityOptions is not installed." do
- subject.action(:set)
- expect { subject.run_action(:set) }.to raise_error(RuntimeError)
- end
- end
-
- describe "#set privilege" do
- before(:all) {
- powershell_exec("Install-Module -Name cSecurityOptions -Force") if powershell_exec("(Get-Package -Name cSecurityOptions -WarningAction SilentlyContinue).name").result.empty?
- }
-
after { remove_user_privilege("Administrator", subject.privilege) }
let(:principal) { "user_privilege" }
@@ -120,6 +101,47 @@ describe Chef::Resource::WindowsUserPrivilege, :windows_only do
end
end
+ describe "running with non admin user" do
+ include Chef::Mixin::UserContext
+
+ let(:user) { "security_user" }
+ let(:password) { "Security@123" }
+ let(:principal) { "user_privilege" }
+ let(:users) { ["Administrators", "#{domain}\\security_user"] }
+ let(:privilege) { %w{SeCreateSymbolicLinkPrivilege} }
+
+ let(:domain) do
+ ENV["COMPUTERNAME"]
+ end
+
+ before do
+ allow_any_instance_of(Chef::Mixin::UserContext).to receive(:node).and_return({ "platform_family" => "windows" })
+ add_user = Mixlib::ShellOut.new("net user #{user} #{password} /ADD")
+ add_user.run_command
+ add_user.error!
+ end
+
+ after do
+ remove_user_privilege("#{domain}\\#{user}", subject.privilege)
+ delete_user = Mixlib::ShellOut.new("net user #{user} /delete")
+ delete_user.run_command
+ delete_user.error!
+ end
+
+ it "sets user to privilege" do
+ subject.action(:set)
+ subject.run_action(:set)
+ expect(subject).to be_updated_by_last_action
+ end
+
+ it "is idempotent" do
+ subject.action(:set)
+ subject.run_action(:set)
+ subject.run_action(:set)
+ expect(subject).not_to be_updated_by_last_action
+ end
+ end
+
def remove_user_privilege(user, privilege)
subject.action(:remove)
subject.principal = user
View Lorry Controller Status