Skip to content

Commit

Permalink
win_owner - fix glob like paths (ansible#53830)
Browse files Browse the repository at this point in the history 
* win_owner - fix glob like paths

* Fix issues on older PS versions
  • Loading branch information
@jborean93
jborean93 committed Mar 15, 2019
1 parent 3cfa71b commit d063cef
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 75 deletions.
2 changes: 2 additions & 0 deletions changelogs/fragments/win_owner-paths.yaml
View file
@@ -0,0 +1,2 @@
bugfixes:
- win_owner - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
17 changes: 9 additions & 8 deletions lib/ansible/modules/windows/win_owner.ps1
View file
Expand Up @@ -17,7 +17,7 @@ $path = Get-AnsibleParam -obj $params -name "path" -type "path" -failifempty $tr
$user = Get-AnsibleParam -obj $params -name "user" -type "str" -failifempty $true
$recurse = Get-AnsibleParam -obj $params -name "recurse" -type "bool" -default $false -resultobj $result

If (-Not (Test-Path -Path $path)) {
If (-Not (Test-Path -LiteralPath $path)) {
Fail-Json $result "$path file or directory does not exist on the host"
}

Expand All @@ -30,23 +30,24 @@ if (!$sid) {
Try {
$objUser = New-Object System.Security.Principal.SecurityIdentifier($sid)

$file = Get-Item -Path $path
$acl = Get-Acl $file.FullName
$file = Get-Item -LiteralPath $path
$acl = Get-Acl -LiteralPath $file.FullName

If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) {
$acl.setOwner($objUser)
Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode
Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode
$result.changed = $true
}

If ($recurse) {
$files = Get-ChildItem -Path $path -Force -Recurse
If ($recurse -and $file -is [System.IO.DirectoryInfo]) {
# Get-ChildItem falls flat on pre PSv5 when dealing with complex path chars
$files = $file.EnumerateFileSystemInfos("*", [System.IO.SearchOption]::AllDirectories)
ForEach($file in $files){
$acl = Get-Acl $file.FullName
$acl = Get-Acl -LiteralPath $file.FullName

If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) {
$acl.setOwner($objUser)
Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode
Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode
$result.changed = $true
}
}
Expand Down
2 changes: 1 addition & 1 deletion test/integration/targets/win_owner/defaults/main.yml
View file
@@ -1 +1 @@
test_win_owner_path: C:\ansible\win_owner
test_win_owner_path: C:\ansible\win_owner .ÅÑŚÌβŁÈ [$!@^&test(;)]
107 changes: 41 additions & 66 deletions test/integration/targets/win_owner/tasks/main.yml
View file
@@ -1,36 +1,36 @@
---
# Setup tests
- name: gather facts on host for use with later tests
setup:

- name: remove test path to ensure baseline
win_file:
path: "{{test_win_owner_path}}"
state: absent

- name: create test paths
win_file:
path: "{{test_win_owner_path}}\\{{item}}"
state: directory
with_items:
- folder
- folder\folder1
- folder\folder2
- folder with space
- folder with space\folder1
- folder with space\folder2

- name: create system test files
win_copy:
dest: "{{test_win_owner_path}}\\{{item}}"
content: content
with_items:
- folder\file.txt
- folder\folder1\file.txt
- folder\folder2\file.txt
- folder with space\file.txt
- folder with space\folder1\file.txt
- folder with space\folder2\file.txt
# Use single task to save on CI runtime
- name: create test files
win_shell: |
$folders = @(
"folder",
"folder\folder1",
"folder\folder2",
"folder with space",
"folder with space\folder1",
"folder with space\folder2"
)
$tmp_dir = '{{ test_win_owner_path }}'
if (Test-Path -LiteralPath $tmp_dir) {
Remove-Item -LiteralPath $tmp_dir -Force -Recurse
}
New-Item -Path $tmp_dir -ItemType Directory
foreach ($folder in $folders) {
New-Item -Path "$tmp_dir\$folder" -ItemType Directory
}
$files = @(
"folder\file.txt",
"folder\folder1\file.txt",
"folder\folder2\file.txt",
"folder with space\file.txt",
"folder with space\folder1\file.txt",
"folder with space\folder2\file.txt"
)
foreach ($file in $files) {
Set-Content -LiteralPath "$tmp_dir\$file" -Value "content"
}
# Run win_owner tests
- name: set owner for invalid path
Expand All @@ -55,7 +55,7 @@
check_mode: True

- name: get owner of folder of set owner defaults check
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner"
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
register: actual_defaults_check

- name: assert set owner defaults check
Expand All @@ -71,7 +71,7 @@
register: defaults

- name: get owner of folder of set owner defaults
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner"
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner
register: actual_defaults

- name: assert set owner defaults
Expand All @@ -86,15 +86,10 @@
user: SYSTEM
register: defaults_again

- name: get owner of folder of set owner defaults again
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner"
register: actual_defaults_again

- name: assert set owner defaults again
assert:
that:
- defaults_again is not changed
- actual_defaults_again.stdout_lines[0] == 'NT AUTHORITY\SYSTEM'

- name: set owner recurse check
win_owner:
Expand All @@ -105,7 +100,7 @@
check_mode: True

- name: get owner of folder of set owner recurse check
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item.path}}').Owner"
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item.path}}').Owner
register: actual_recurse_check
failed_when: actual_recurse_check.stdout_lines[0] != item.owner
with_items:
Expand All @@ -129,7 +124,7 @@
register: recurse

- name: get owner of folder of set owner recurse
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner"
win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item}}').Owner
register: actual_recurse
failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM'
with_items:
Expand All @@ -152,18 +147,6 @@
recurse: True
register: recurse_again

- name: get owner of folder of set owner recurse again
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner"
register: actual_recurse_again
failed_when: actual_recurse_again.stdout_lines[0] != 'NT AUTHORITY\SYSTEM'
with_items:
- folder
- folder\file.txt
- folder\folder1
- folder\folder1\file.txt
- folder\folder2
- folder\folder2\file.txt

- name: assert set owner recurse again
assert:
that:
Expand All @@ -173,6 +156,7 @@
win_user:
name: test win owner
password: E1K0-O8b1-c8M9-c6D5
register: test_user

- name: set owner with space recurse
win_owner:
Expand All @@ -182,9 +166,12 @@
register: recurse_space

- name: get owner of folder of set owner with space recurse
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner"
win_shell: |
$owner = (Get-Acl -LiteralPath '{{ test_win_owner_path }}\{{ item }}').Owner
$account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $owner
$account.Translate([System.Security.Principal.SecurityIdentifier]).Value
register: actual_recurse_space
failed_when: actual_recurse_space.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER'
failed_when: actual_recurse_space.stdout_lines[0] != test_user.sid
with_items:
- folder with space
- folder with space\file.txt
Expand All @@ -205,18 +192,6 @@
recurse: True
register: recurse_space_again

- name: get owner of folder of set owner with space recurse again
win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner"
register: actual_recurse_space_again
failed_when: actual_recurse_space_again.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER'
with_items:
- folder with space
- folder with space\file.txt
- folder with space\folder1
- folder with space\folder1\file.txt
- folder with space\folder2
- folder with space\folder2\file.txt

- name: assert set owner with space recurse again
assert:
that:
Expand Down

0 comments on commit d063cef

Please sign in to comment.