def test_directory_test_mode_user_group_not_present(): name = "/etc/testdir" user = "******" group = "saltstack" if salt.utils.platform.is_windows(): name = name.replace("/", "\\") ret = { "name": name, "result": None, "comment": "", "changes": { name: { "directory": "new" } }, } if salt.utils.platform.is_windows(): comt = 'The directory "{}" will be changed' "".format(name) else: comt = "The following files will be changed:\n{}:" " directory - new\n".format( name) ret["comment"] = comt mock_f = MagicMock(return_value=False) mock_uid = MagicMock(side_effect=[ "", "U12", "", ]) mock_gid = MagicMock(side_effect=[ "G12", "", "", ]) mock_error = CommandExecutionError with patch.dict( filestate.__salt__, { "file.user_to_uid": mock_uid, "file.group_to_gid": mock_gid, "file.stats": mock_f, }, ), patch("salt.utils.win_dacl.get_sid", mock_error), patch.object( os.path, "isdir", mock_f), patch.dict(filestate.__opts__, {"test": True}): assert filestate.directory(name, user=user, group=group) == ret assert filestate.directory(name, user=user, group=group) == ret assert filestate.directory(name, user=user, group=group) == ret
def test_directory_new_reset_no_inherit(tmp_path): """ Test file.directory when the directory does not exist Should just return "New Dir" """ path = os.path.join(tmp_path, "test") ret = file.directory( name=path, makedirs=True, win_perms={"Administrators": {"perms": "full_control"}}, win_deny_perms={"Guest": {"perms": "full_control"}}, win_inheritance=False, win_perms_reset=True, ) expected = {path: {"directory": "new"}} assert ret["changes"] == expected permissions = win_dacl.get_permissions(path) expected = { "Inherited": {}, "Not Inherited": { "Administrators": { "grant": { "applies to": "This folder, subfolders and files", "permissions": "Full control", } }, "Guest": { "deny": { "applies to": "This folder, subfolders and files", "permissions": "Full control", } }, }, } assert permissions == expected
def test_directory_new_no_inherit(tmp_path): """ Test file.directory when the directory does not exist Should just return "New Dir" """ path = os.path.join(tmp_path, "test") ret = file.directory( name=path, makedirs=True, win_perms={"Administrators": {"perms": "full_control"}}, win_deny_perms={"Guest": {"perms": "full_control"}}, win_inheritance=False, ) expected = {path: {"directory": "new"}} assert ret["changes"] == expected assert not win_dacl.get_inheritance(path) permissions = win_dacl.get_permissions(path) assert permissions["Inherited"] == {}
def test_directory_existing_no_inherit(tmp_path): path = str(tmp_path) ret = file.directory( name=path, makedirs=True, win_perms={"Everyone": {"perms": "full_control"}}, win_deny_perms={"Guest": {"perms": ["write_data", "write_attributes"]}}, win_inheritance=False, ) expected = { "deny_perms": {"Guest": {"permissions": ["write_data", "write_attributes"]}}, "grant_perms": {"Everyone": {"permissions": "full_control"}}, "inheritance": False, } # We are checking these individually because sometimes it will return an # owner if it is running under the Administrator account assert ret["changes"]["deny_perms"] == expected["deny_perms"] assert ret["changes"]["grant_perms"] == expected["grant_perms"] assert ret["changes"]["inheritance"] == expected["inheritance"] assert not win_dacl.get_inheritance(path) permissions = win_dacl.get_permissions(path) assert permissions["Inherited"] == {}
def managed( name, conf_dir='/etc/salt', cloud_servers_pillar=None, cloud_providers_pillar=None, cloud_defaults_pillar=None, file_mode='0600', dir_mode='0700', user='******', group='root', test=False ): from salt.states import file file.__instance_id__ = str(id(managed)) file.__env__ = __env__ file.__opts__ = __opts__ file.__salt__ = __salt__ ret = { 'name': name, 'result': False, 'comment': '', 'changes': {}, } comments = [] results = [] changes = {} provider_path = os.path.join(conf_dir, 'cloud.providers.d') profile_path = os.path.join(conf_dir, 'cloud.profiles.d') map_path = os.path.join(conf_dir, 'cloud.maps') cloud_servers = __salt__['pillar.get'](cloud_servers_pillar) cloud_providers = __salt__['pillar.get'](cloud_providers_pillar) cloud_defaults = __salt__['pillar.get'](cloud_defaults_pillar) providers, profiles, maps = __salt__['simplecloud.consume_map']( cloud_providers, cloud_servers, cloud_defaults ) provider_dir_results = file.directory( provider_path, user=user, group=group, dir_mode=dir_mode, test=test ) comments.append(provider_dir_results['comment']) results.append(provider_dir_results['result']) if provider_dir_results['changes']: changes[provider_path] = provider_dir_results['changes'] profile_dir_results = file.directory( profile_path, user=user, group=group, dir_mode=dir_mode, test=test ) comments.append(profile_dir_results['comment']) results.append(profile_dir_results['result']) if profile_dir_results['changes']: changes[profile_path] = profile_dir_results['changes'] map_dir_results = file.directory( map_path, user=user, group=group, dir_mode=dir_mode, test=test ) comments.append(map_dir_results['comment']) results.append(map_dir_results['result']) if map_dir_results['changes']: changes[map_path] = map_dir_results['changes'] for provider_name, provider in providers.items(): provider_data = {provider_name: provider} provider_file = os.path.join(provider_path, '%s.conf' % provider_name) source = _ordered_dump(provider_data, default_flow_style=False) provider_results = file.managed( provider_file, user=user, group=group, mode=file_mode, contents=source, test=test ) comments.append(provider_results['comment']) results.append(provider_results['result']) if provider_results['changes']: changes[provider_file] = provider_results['changes'] for env_name, profile_data in profiles.items(): profile_file = os.path.join(profile_path, '%s.conf' % env_name) source = _ordered_dump(profile_data, default_flow_style=False) profile_results = file.managed( profile_file, user=user, group=group, mode=file_mode, contents=source, test=test ) comments.append(profile_results['comment']) results.append(profile_results['result']) if profile_results['changes']: changes[profile_file] = profile_results['changes'] for env_name, map_data in maps.items(): map_file = os.path.join(map_path, env_name) source = _ordered_dump(map_data, default_flow_style=False) map_results = file.managed( map_file, user=user, group=group, mode=file_mode, contents=source, test=test ) comments.append(map_results['comment']) results.append(map_results['result']) if map_results['changes']: changes[map_file] = map_results['changes'] ret['changes'] = {s: c for s, c in changes.items() if c} ret['comment'] = '\n'.join([c for c in comments if c]) ret['result'] = all(results) return ret
def test_directory(): """ Test to ensure that a named directory is present and has the right perms """ name = "/etc/testdir" user = "******" group = "saltstack" if salt.utils.platform.is_windows(): name = name.replace("/", "\\") ret = {"name": name, "result": False, "comment": "", "changes": {}} check_perms_ret = { "name": name, "result": False, "comment": "", "changes": {} } comt = "Must provide name to file.directory" ret.update({"comment": comt, "name": ""}) assert filestate.directory("") == ret comt = "Cannot specify both max_depth and clean" ret.update({"comment": comt, "name": name}) assert filestate.directory(name, clean=True, max_depth=2) == ret mock_t = MagicMock(return_value=True) mock_f = MagicMock(return_value=False) if salt.utils.platform.is_windows(): mock_perms = MagicMock(return_value=check_perms_ret) else: mock_perms = MagicMock(return_value=(check_perms_ret, "")) mock_uid = MagicMock(side_effect=[ "", "U12", "U12", "U12", "U12", "U12", "U12", "U12", "U12", "U12", "U12", ]) mock_gid = MagicMock(side_effect=[ "", "G12", "G12", "G12", "G12", "G12", "G12", "G12", "G12", "G12", "G12", ]) mock_check = MagicMock(return_value=( None, 'The directory "{}" will be changed'.format(name), { name: { "directory": "new" } }, )) mock_error = CommandExecutionError with patch.dict( filestate.__salt__, { "config.manage_mode": mock_t, "file.user_to_uid": mock_uid, "file.group_to_gid": mock_gid, "file.stats": mock_f, "file.check_perms": mock_perms, "file.mkdir": mock_t, }, ), patch("salt.utils.win_dacl.get_sid", mock_error), patch("os.path.isdir", mock_t), patch( "salt.states.file._check_directory_win", mock_check): if salt.utils.platform.is_windows(): comt = "" else: comt = "User salt is not available Group saltstack is not available" ret.update({"comment": comt, "name": name}) assert filestate.directory(name, user=user, group=group) == ret with patch.object(os.path, "isabs", mock_f): comt = "Specified file {} is not an absolute path".format(name) ret.update({"comment": comt}) assert filestate.directory(name, user=user, group=group) == ret with patch.object(os.path, "isabs", mock_t): with patch.object( os.path, "isfile", MagicMock(side_effect=[ True, True, False, True, True, True, False ]), ): with patch.object(os.path, "lexists", mock_t): comt = "File exists where the backup target A should go" ret.update({"comment": comt}) assert (filestate.directory(name, user=user, group=group, backupname="A") == ret) with patch.object(os.path, "isfile", mock_t): comt = "Specified location {} exists and is a file".format( name) ret.update({"comment": comt}) assert filestate.directory(name, user=user, group=group) == ret with patch.object(os.path, "islink", mock_t): comt = "Specified location {} exists and is a symlink".format( name) ret.update({"comment": comt}) assert filestate.directory(name, user=user, group=group) == ret with patch.object(os.path, "isdir", mock_f): with patch.dict(filestate.__opts__, {"test": True}): if salt.utils.platform.is_windows(): comt = 'The directory "{}" will be changed' "".format( name) else: comt = ("The following files will be changed:\n{}:" " directory - new\n".format(name)) ret.update({ "comment": comt, "result": None, "changes": { name: { "directory": "new" } }, }) assert filestate.directory(name, user=user, group=group) == ret with patch.dict(filestate.__opts__, {"test": False}): with patch.object(os.path, "isdir", mock_f): comt = "No directory to create {} in".format(name) ret.update({"comment": comt, "result": False}) assert filestate.directory(name, user=user, group=group) == ret if salt.utils.platform.is_windows(): isdir_side_effect = [False, True, False] else: isdir_side_effect = [True, False, True, False] with patch.object( os.path, "isdir", MagicMock(side_effect=isdir_side_effect)): comt = "Failed to create directory {}".format(name) ret.update({ "comment": comt, "result": False, "changes": { name: { "directory": "new" } }, }) assert filestate.directory(name, user=user, group=group) == ret check_perms_ret = { "name": name, "result": False, "comment": "", "changes": {}, } if salt.utils.platform.is_windows(): mock_perms = MagicMock(return_value=check_perms_ret) else: mock_perms = MagicMock(return_value=(check_perms_ret, "")) recurse = ["silent"] ret = { "name": name, "result": False, "comment": "Directory /etc/testdir updated", "changes": { "recursion": "Changes silenced" }, } if salt.utils.platform.is_windows(): ret["comment"] = ret["comment"].replace("/", "\\") with patch.dict(filestate.__salt__, {"file.check_perms": mock_perms}): with patch.object(os.path, "isdir", mock_t): assert (filestate.directory(name, user=user, recurse=recurse, group=group) == ret) check_perms_ret = { "name": name, "result": False, "comment": "", "changes": {}, } if salt.utils.platform.is_windows(): mock_perms = MagicMock(return_value=check_perms_ret) else: mock_perms = MagicMock(return_value=(check_perms_ret, "")) recurse = ["ignore_files", "ignore_dirs"] ret = { "name": name, "result": False, "comment": 'Must not specify "recurse" ' 'options "ignore_files" and ' '"ignore_dirs" at the same ' "time.", "changes": {}, } with patch.dict(filestate.__salt__, {"file.check_perms": mock_perms}): with patch.object(os.path, "isdir", mock_t): assert (filestate.directory(name, user=user, recurse=recurse, group=group) == ret) comt = "Directory {} updated".format(name) ret = { "name": name, "result": True, "comment": comt, "changes": { "group": "group", "mode": "0777", "user": "******" }, } check_perms_ret = { "name": name, "result": True, "comment": "", "changes": { "group": "group", "mode": "0777", "user": "******" }, } if salt.utils.platform.is_windows(): _mock_perms = MagicMock(return_value=check_perms_ret) else: _mock_perms = MagicMock(return_value=(check_perms_ret, "")) with patch.object(os.path, "isdir", mock_t): with patch.dict(filestate.__salt__, {"file.check_perms": _mock_perms}): assert (filestate.directory(name, user=user, group=group) == ret)
def test_directory_existing_reset_no_inherit(tmp_path): path = str(tmp_path) ret = file.directory( name=path, makedirs=True, win_perms={"Everyone": { "perms": "full_control" }}, win_deny_perms={ "Guest": { "perms": ["write_data", "write_attributes"] } }, win_perms_reset=True, win_inheritance=False, ) expected = { "deny_perms": { "Guest": { "permissions": ["write_data", "write_attributes"] } }, "grant_perms": { "Everyone": { "permissions": "full_control" } }, "inheritance": False, "remove_perms": { "Administrators": { "grant": { "applies to": "This folder, subfolders and files", "permissions": "Full control", }, }, "SYSTEM": { "grant": { "applies to": "This folder, subfolders and files", "permissions": "Full control", }, }, CURRENT_USER: { "grant": { "applies to": "This folder, subfolders and files", "permissions": "Full control", }, }, }, } # We are checking these individually because sometimes it will return an # owner if it is running under the Administrator account assert ret["changes"]["deny_perms"] == expected["deny_perms"] assert ret["changes"]["grant_perms"] == expected["grant_perms"] assert ret["changes"]["inheritance"] == expected["inheritance"] assert ret["changes"]["remove_perms"] == expected["remove_perms"] permissions = win_dacl.get_permissions(path) expected = { "Inherited": {}, "Not Inherited": { "Everyone": { "grant": { "applies to": "This folder, subfolders and files", "permissions": "Full control", } }, "Guest": { "deny": { "applies to": "This folder, subfolders and files", "permissions": ["Create files / write data", "Write attributes"], } }, }, } assert permissions == expected