-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
win_firewall_rule only change arguments passed by user #54297
Conversation
defaults are controlled by com object integration test for built in rule
The test
|
I've only done a brief look through but I have a few things;
Let me know your thoughts on this |
@jborean93 thanks for the feedback, and I have a few questions about what should be done for the documentation
|
program and service respect default values documentation updated to reflect that defaults apply to rule creation added test to disable a rule and verify other values have not changed
@mhunsber thanks for the changes, I've make some slight tweaks to the documentation but everything else seems good to me. As for your questions;
The
Somewhat, the defaults still indicate the default for the module options which was correct before the PR and based on the changes you are still correct. Because of the defaults were set on the options and the property checks done later on I still think the rules would have changed if a user chose a non-default constructor option but agree it is slightly confusing and convoluted how it was done before.
The tests look good now, easy to see how/why it works and you have a good assertion which is great to see. |
Awesome! Thanks for the feedback and clarifications. |
defaults are controlled by com object
integration test for built in rule
SUMMARY
the current win_firewall_rule module will reset an existing firewall rule's options to the defaults for any unspecified parameters. This is especially a problem when trying to enable a built-in windows firewall rule since changing them is protected.
This just keeps unspecified parameters as null so that they can be checked for existence when changing an existing rule.
Fixes #34392
ISSUE TYPE
COMPONENT NAME
win_firewall_rule
ADDITIONAL INFORMATION
This is the result of the change, instead of needing to pass back in the port and protocol, the module only changes action, because it was different from the existing rule.
output (diff):