-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add support for deleting hash tables #1
base: master
Are you sure you want to change the base?
Changes from 1 commit
a95390d
5561f99
4109c27
1a1c93e
331f723
ac7020d
7ade80b
ff90106
316a98b
e69e9cd
7e5656e
532014e
e865364
dade060
eeae781
71cbee8
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -125,6 +125,8 @@ def set_value(val) | |
out_file.write(out) | ||
end | ||
|
||
remove_key(path['setting_key'], scope) if real_val == 'DELETEALLVALUES' | ||
|
||
# Convert lgpo_import.txt to lgpo_import.pol with lgpo.exe | ||
lgpo_args = ['/r', out_file_path, '/w', out_polfile_path] | ||
lgpo(*lgpo_args) | ||
|
@@ -138,4 +140,18 @@ def set_value(val) | |
lgpo(*lgpo_args) | ||
File.delete(out_polfile_path) | ||
end | ||
|
||
def remove_key(key, scope) | ||
pol_file = "C:\\Windows\\System32\\GroupPolicy\\#{scope.capitalize}\\Registry.pol" | ||
out_file_path = File.join(Puppet[:vardir], 'lgpo_import.txt') | ||
gpos = lgpo('/parse', '/q', "/#{scope[0]}", pol_file) | ||
gpos.split("\n\n").reject { |l| l.start_with? ';' }.each do |g| | ||
split_g = g.split("\n") | ||
unless split_g[1] == key | ||
File.open(out_file_path, 'a') do |out_file| | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I would rather open the file outside the loop to avoid opening/closing for every line. |
||
out_file.write(split_g) | ||
end | ||
end | ||
end | ||
end | ||
end |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -60,6 +60,25 @@ def stub_create(scope, content, cse) | |
provider.class.expects(:lgpo).once.with(*args).returns(nil) | ||
expect(File).to receive(:delete).once.with(out_polfile).and_return(nil) | ||
end | ||
def hash_delete(scope, content, cse) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Maybe call this |
||
file = StringIO.new | ||
allow(File).to receive(:open).once.with(out_file, 'w').and_yield(file) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||
allow(file).to receive(:write).with(content) | ||
|
||
stub_lgpo_pol(scope, true) | ||
allow(file).to receive(:open).at_least(:once).with(out_file, 'a').and_yield(file) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is |
||
allow(file).to receive(:write).at_least(:once) | ||
|
||
args = ["/r", out_file] | ||
args << '/w' << out_polfile | ||
provider.class.expects(:lgpo).once.with(*args).returns(nil) | ||
expect(File).to receive(:delete).once.with(out_file).and_return(nil) | ||
|
||
args = ["/#{scope[0]}", out_polfile] | ||
args << '/e' << cse unless cse.nil? | ||
provider.class.expects(:lgpo).once.with(*args).returns(nil) | ||
expect(File).to receive(:delete).once.with(out_polfile).and_return(nil) | ||
end | ||
|
||
context 'when listing instances' do | ||
context 'when the gpo file exists' do | ||
|
@@ -211,32 +230,37 @@ def stub_create(scope, content, cse) | |
end | ||
end | ||
|
||
context 'when we need to delete a HASHTABLE instance' do | ||
context 'when there is a cse' do | ||
let(:params) do | ||
{ | ||
:title => 'machine::windowsdefender::exclusions_processes::exclusions_processeslist', | ||
:ensure => :deleted, | ||
:title => 'admpwd::pol_admpwd_enabled::admpwdenabled', | ||
:value => '1', | ||
:provider => 'lgpo', | ||
} | ||
end | ||
it 'should create a resource without /e' do | ||
stub_create('machine', "computer\nSoftware\\Policies\\Microsoft\\Windows Defender\\Exclusions\\Processes\n*\nDELETEALLVALUES", nil) | ||
|
||
it 'should create a resource with /e' do | ||
stub_create('machine', "computer\nSoftware\\Policies\\Microsoft Services\\AdmPwd\nAdmPwdEnabled\nDELETE", '{D76B9641-3288-4f75-942D-087DE603E3EA}') | ||
|
||
provider.delete | ||
end | ||
end | ||
|
||
context 'when there is a cse' do | ||
end | ||
context 'when deleting a hash resource' do | ||
before :each do | ||
expect(Puppet).to receive(:[]).exactly(3).times.with(:vardir).and_return('C:\ProgramData\PuppetLabs\Puppet\var') | ||
end | ||
|
||
context 'when we need to delete a HASHTABLE instance' do | ||
let(:params) do | ||
{ | ||
:title => 'admpwd::pol_admpwd_enabled::admpwdenabled', | ||
:value => '1', | ||
:title => 'machine::windowsdefender::exclusions_processes::exclusions_processeslist', | ||
:ensure => :deleted, | ||
:provider => 'lgpo', | ||
} | ||
end | ||
|
||
it 'should create a resource with /e' do | ||
stub_create('machine', "computer\nSoftware\\Policies\\Microsoft Services\\AdmPwd\nAdmPwdEnabled\nDELETE", '{D76B9641-3288-4f75-942D-087DE603E3EA}') | ||
it 'should create a resource without /e' do | ||
hash_delete('machine', "computer\nSoftware\\Policies\\Microsoft\\Windows Defender\\Exclusions\\Processes\n*\nDELETEALLVALUES", nil) | ||
|
||
provider.delete | ||
end | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Return if pol_file doesn't exist to avoid
lgpo
from crashing