def test_check_perms_test_true(test_file):
with patch.dict(win_dacl.__opts__, {"test": True}):
result = win_dacl.check_perms(
obj_name=str(test_file),
obj_type="file",
ret=None,
owner="Users",
grant_perms={"Backup Operators": {
"perms": "read"
}},
deny_perms={
"NETWORK SERVICE": {
"perms":
["delete", "set_value", "write_dac", "write_owner"]
},
"Backup Operators": {
"perms": ["delete"]
},
},
inheritance=True,
reset=False,
)
expected = {
"changes": {
"owner": "Users",
"grant_perms": {
"Backup Operators": {
"permissions": "read"
}
},
"deny_perms": {
"Backup Operators": {
"permissions": ["delete"]
},
"NETWORK SERVICE": {
"permissions": [
"delete",
"set_value",
"write_dac",
"write_owner",
]
},
},
},
"comment": "",
"name": str(test_file),
"result": None,
}
assert result == expected
result = win_dacl.get_owner(obj_name=str(test_file), obj_type="file")
assert result != "Users"
result = win_dacl.get_permissions(
obj_name=str(test_file),
principal="Backup Operators",
obj_type="file",
)
assert result == {}
def setUp(self):
self.temp_file = temp.file(parent=RUNTIME_VARS.TMP)
win_dacl.set_owner(obj_name=self.temp_file,
principal=self.current_user)
win_dacl.set_inheritance(obj_name=self.temp_file, enabled=True)
self.assertEqual(win_dacl.get_owner(obj_name=self.temp_file),
self.current_user)
def test_get_set_owner(test_file):
result = win_dacl.set_owner(obj_name=str(test_file),
principal="Backup Operators",
obj_type="file")
assert result is True
result = win_dacl.get_owner(obj_name=str(test_file), obj_type="file")
assert result == "Backup Operators"
def test_get_set_owner(reg_key):
result = win_dacl.set_owner(obj_name=reg_key,
principal="Backup Operators",
obj_type="registry")
assert result is True
result = win_dacl.get_owner(obj_name=reg_key, obj_type="registry")
assert result == "Backup Operators"
def setUp(self):
self.temp_file = tempfile.NamedTemporaryFile(delete=False)
self.temp_file.close()
win_dacl.set_owner(obj_name=self.temp_file.name,
principal=self.current_user)
win_dacl.set_inheritance(obj_name=self.temp_file.name, enabled=True)
self.assertEqual(win_dacl.get_owner(obj_name=self.temp_file.name),
self.current_user)
def test_copy_security():
with pytest.helpers.temp_file("source_test.file") as source:
# Set permissions on Source
result = win_dacl.set_permissions(
obj_name=str(source),
principal="Backup Operators",
permissions="full_control",
access_mode="grant",
obj_type="file",
reset_perms=False,
protected=None,
)
assert result is True
# Set owner on Source
result = win_dacl.set_owner(obj_name=str(source),
principal="Backup Operators",
obj_type="file")
assert result is True
# Set group on Source
result = win_dacl.set_primary_group(obj_name=str(source),
principal="Backup Operators",
obj_type="file")
assert result is True
with pytest.helpers.temp_file("target_test.file") as target:
# Copy security from Source to Target
result = win_dacl.copy_security(source=str(source),
target=str(target))
assert result is True
# Verify permissions on Target
expected = {
"Not Inherited": {
"Backup Operators": {
"grant": {
"applies to": "This folder only",
"permissions": "Full control",
}
}
}
}
result = win_dacl.get_permissions(
obj_name=str(target),
principal="Backup Operators",
obj_type="file",
)
assert result == expected
# Verify owner on Target
result = win_dacl.get_owner(obj_name=str(target), obj_type="file")
assert result == "Backup Operators"
# Verify group on Target
result = win_dacl.get_primary_group(obj_name=str(target),
obj_type="file")
assert result == "Backup Operators"
def test_check_perms_test_true(self):
"""
Test the check_perms function
"""
with patch.dict(win_dacl.__opts__, {"test": True}):
result = win_dacl.check_perms(
obj_name=self.obj_name,
obj_type=self.obj_type,
ret=None,
owner="Users",
grant_perms={"Backup Operators": {
"perms": "read"
}},
deny_perms={
"NETWORK SERVICE": {
"perms":
["delete", "set_value", "write_dac", "write_owner"]
},
"Backup Operators": {
"perms": ["delete"]
},
},
inheritance=True,
reset=False,
)
expected = {
"changes": {
"owner": "Users",
"perms": {
"Backup Operators": {
"grant": "read",
"deny": ["delete"]
},
"NETWORK SERVICE": {
"deny":
["delete", "set_value", "write_dac", "write_owner"]
},
},
},
"comment": "",
"name": self.obj_name,
"result": None,
}
self.assertDictEqual(result, expected)
self.assertNotEqual(
win_dacl.get_owner(obj_name=self.obj_name, obj_type=self.obj_type),
"Users")
self.assertEqual(
win_dacl.get_permissions(
obj_name=self.obj_name,
principal="Backup Operators",
obj_type=self.obj_type,
),
{},
)
def test_check_perms_test_true(self):
'''
Test the check_perms function
'''
with patch.dict(win_dacl.__opts__, {"test": True}):
result = win_dacl.check_perms(
obj_name=self.obj_name,
obj_type=self.obj_type,
ret=None,
owner='Users',
grant_perms={'Backup Operators': {
'perms': 'read'
}},
deny_perms={
'NETWORK SERVICE': {
'perms':
['delete', 'set_value', 'write_dac', 'write_owner']
},
'Backup Operators': {
'perms': ['delete']
}
},
inheritance=True,
reset=False)
expected = {
'changes': {
'perms': {}
},
'comment': '',
'name': self.obj_name,
'pchanges': {
'owner': 'Users',
'perms': {
'Backup Operators': {
'grant': 'read',
'deny': ['delete']
},
'NETWORK SERVICE': {
'deny':
['delete', 'set_value', 'write_dac', 'write_owner']
}
}
},
'result': None
}
self.assertDictEqual(result, expected)
self.assertNotEqual(
win_dacl.get_owner(obj_name=self.obj_name, obj_type=self.obj_type),
'Users')
self.assertEqual(
win_dacl.get_permissions(obj_name=self.obj_name,
principal='Backup Operators',
obj_type=self.obj_type), {})
def test_owner(self):
'''
Test the set_owner function
Test the get_owner function
'''
self.assertTrue(win_dacl.set_owner(obj_name=self.obj_name,
principal='Backup Operators',
obj_type=self.obj_type))
self.assertEqual(win_dacl.get_owner(obj_name=self.obj_name,
obj_type=self.obj_type),
'Backup Operators')
def test_present_set_owner(reg_vars, clean):
"""
Test reg.present
"""
reg.present(
name=reg_vars.name,
vname=reg_vars.vname,
vdata=reg_vars.vdata,
win_owner=reg_vars.current_user,
)
assert (win_dacl.get_owner(obj_name=reg_vars.name,
obj_type="registry") == reg_vars.current_user)
def test_owner(self):
"""
Test the set_owner function
Test the get_owner function
"""
self.assertTrue(
win_dacl.set_owner(
obj_name=self.obj_name,
principal="Backup Operators",
obj_type=self.obj_type,
))
self.assertEqual(
win_dacl.get_owner(obj_name=self.obj_name, obj_type=self.obj_type),
"Backup Operators",
)
def test_check_perms(self):
"""
Test the check_perms function
"""
with patch.dict(win_dacl.__opts__, {"test": False}):
result = win_dacl.check_perms(
obj_name=self.obj_name,
obj_type=self.obj_type,
ret={},
owner="Users",
grant_perms={"Backup Operators": {"perms": "read"}},
deny_perms={
"Backup Operators": {"perms": ["delete"]},
"NETWORK SERVICE": {
"perms": [
"delete",
"change_permissions",
"write_attributes",
"write_data",
]
},
},
inheritance=True,
reset=False,
)
expected = {
"changes": {
"owner": "Users",
"perms": {
"Backup Operators": {"grant": "read", "deny": ["delete"]},
"NETWORK SERVICE": {
"deny": [
"delete",
"change_permissions",
"write_attributes",
"write_data",
]
},
},
},
"comment": "",
"name": self.obj_name,
"result": True,
}
self.assertDictEqual(result, expected)
expected = {
"Not Inherited": {
"Backup Operators": {
"grant": {
"applies to": "Not Inherited (file)",
"permissions": "Read",
},
"deny": {
"applies to": "Not Inherited (file)",
"permissions": ["Delete"],
},
}
}
}
self.assertDictEqual(
win_dacl.get_permissions(
obj_name=self.obj_name,
principal="Backup Operators",
obj_type=self.obj_type,
),
expected,
)
expected = {
"Not Inherited": {
"NETWORK SERVICE": {
"deny": {
"applies to": "Not Inherited (file)",
"permissions": [
"Change permissions",
"Create files / write data",
"Delete",
"Write attributes",
],
}
}
}
}
self.assertDictEqual(
win_dacl.get_permissions(
obj_name=self.obj_name,
principal="NETWORK SERVICE",
obj_type=self.obj_type,
),
expected,
)
self.assertEqual(
win_dacl.get_owner(obj_name=self.obj_name, obj_type=self.obj_type), "Users"
)
def test_check_perms(self):
'''
Test the check_perms function
'''
with patch.dict(win_dacl.__opts__, {"test": False}):
result = win_dacl.check_perms(
obj_name=self.obj_name,
obj_type=self.obj_type,
ret={},
owner='Users',
grant_perms={'Backup Operators': {
'perms': 'read'
}},
deny_perms={
'Backup Operators': {
'perms': ['delete']
},
'NETWORK SERVICE': {
'perms': [
'delete', 'change_permissions', 'write_attributes',
'write_data'
]
}
},
inheritance=True,
reset=False)
expected = {
'changes': {
'owner': 'Users',
'perms': {
'Backup Operators': {
'grant': 'read',
'deny': ['delete']
},
'NETWORK SERVICE': {
'deny': [
'delete', 'change_permissions', 'write_attributes',
'write_data'
]
}
}
},
'comment': '',
'name': self.obj_name,
'pchanges': {
'perms': {}
},
'result': True
}
self.assertDictEqual(result, expected)
expected = {
'Not Inherited': {
'Backup Operators': {
'grant': {
'applies to': 'Not Inherited (file)',
'permissions': 'Read'
},
'deny': {
'applies to': 'Not Inherited (file)',
'permissions': ['Delete']
}
}
}
}
self.assertDictEqual(
win_dacl.get_permissions(obj_name=self.obj_name,
principal='Backup Operators',
obj_type=self.obj_type), expected)
expected = {
'Not Inherited': {
'NETWORK SERVICE': {
'deny': {
'applies to':
'Not Inherited (file)',
'permissions': [
'Delete', 'Create files / write data',
'Write attributes', 'Change permissions'
]
}
}
}
}
self.assertDictEqual(
win_dacl.get_permissions(obj_name=self.obj_name,
principal='NETWORK SERVICE',
obj_type=self.obj_type), expected)
self.assertEqual(
win_dacl.get_owner(obj_name=self.obj_name, obj_type=self.obj_type),
'Users')
def test_check_perms(test_file):
result = win_dacl.check_perms(
obj_name=str(test_file),
obj_type="file",
ret={},
owner="Users",
grant_perms={"Backup Operators": {
"perms": "read"
}},
deny_perms={
"Backup Operators": {
"perms": ["delete"]
},
"NETWORK SERVICE": {
"perms": [
"delete",
"change_permissions",
"write_attributes",
"write_data",
]
},
},
inheritance=True,
reset=False,
)
expected = {
"changes": {
"owner": "Users",
"grant_perms": {
"Backup Operators": {
"permissions": "read"
}
},
"deny_perms": {
"Backup Operators": {
"permissions": ["delete"]
},
"NETWORK SERVICE": {
"permissions": [
"delete",
"change_permissions",
"write_attributes",
"write_data",
]
},
},
},
"comment": "",
"name": str(test_file),
"result": True,
}
assert result == expected
expected = {
"Not Inherited": {
"Backup Operators": {
"deny": {
"applies to": "This folder only",
"permissions": ["Delete"],
},
"grant": {
"applies to": "This folder only",
"permissions": "Read"
},
}
}
}
result = win_dacl.get_permissions(
obj_name=str(test_file),
principal="Backup Operators",
obj_type="file",
)
assert result == expected
expected = {
"Not Inherited": {
"NETWORK SERVICE": {
"deny": {
"applies to":
"This folder only",
"permissions": [
"Change permissions",
"Create files / write data",
"Delete",
"Write attributes",
],
}
}
}
}
result = win_dacl.get_permissions(
obj_name=str(test_file),
principal="NETWORK SERVICE",
obj_type="file",
)
assert result == expected
result = win_dacl.get_owner(obj_name=str(test_file), obj_type="file")
assert result == "Users"
def test_check_perms(reg_key):
result = win_dacl.check_perms(
obj_name=reg_key,
obj_type="registry",
ret={},
owner="Users",
grant_perms={"Backup Operators": {
"perms": "read"
}},
deny_perms={
"Backup Operators": {
"perms": ["delete"]
},
"NETWORK SERVICE": {
"perms": ["delete", "set_value", "write_dac", "write_owner"]
},
},
inheritance=True,
reset=False,
)
expected = {
"changes": {
"owner": "Users",
"grant_perms": {
"Backup Operators": {
"permissions": "read"
}
},
"deny_perms": {
"Backup Operators": {
"permissions": ["delete"]
},
"NETWORK SERVICE": {
"permissions": [
"delete",
"set_value",
"write_dac",
"write_owner",
]
},
},
},
"comment": "",
"name": reg_key,
"result": True,
}
assert result == expected
expected = {
"Not Inherited": {
"Backup Operators": {
"grant": {
"applies to": "This key and subkeys",
"permissions": "Read",
},
"deny": {
"applies to": "This key and subkeys",
"permissions": ["Delete"],
},
}
}
}
result = win_dacl.get_permissions(
obj_name=reg_key,
principal="Backup Operators",
obj_type="registry",
)
assert result == expected
expected = {
"Not Inherited": {
"NETWORK SERVICE": {
"deny": {
"applies to":
"This key and subkeys",
"permissions": [
"Delete",
"Set Value",
"Write DAC",
"Write Owner",
],
}
}
}
}
result = win_dacl.get_permissions(
obj_name=reg_key,
principal="NETWORK SERVICE",
obj_type="registry",
)
assert result == expected
result = win_dacl.get_owner(obj_name=reg_key, obj_type="registry")
assert result == "Users"