saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add tests for check_perms

Browse source 
Fix some docs
This commit is contained in:
twangboy 2018-10-02 18:18:55 -06:00
parent d6e751227d
commit 8ecbe0eb08
No known key found for this signature in database
GPG key ID: 93FF3BDEB278C9EB
3 changed files with 266 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
salt/modules/win_file.py
View file

@ -1935,8 +1935,8 @@ def check_perms(path,
if grant_perms is not None and \
user_name.lower() not in dict(
(k.lower(), v) for k, v in grant_perms.iteritems()):
if 'grant' in cur_perms[user_name] and not \
cur_perms[user_name]['grant']['inherited']:
if 'grant' in cur_perms[user_name] and \
not cur_perms[user_name]['grant']['inherited']:
if __opts__['test'] is True:
if 'remove_perms' not in ret['pchanges']:
ret['pchanges']['remove_perms'] = {}
@ -1954,8 +1954,8 @@ def check_perms(path,
if deny_perms is not None and \
user_name.lower() not in dict(
(k.lower(), v) for k, v in deny_perms.iteritems()):
if 'deny' in cur_perms[user_name] and not \
cur_perms[user_name]['deny']['inherited']:
if 'deny' in cur_perms[user_name] and \
not cur_perms[user_name]['deny']['inherited']:
if __opts__['test'] is True:
if 'remove_perms' not in ret['pchanges']:
ret['pchanges']['remove_perms'] = {}

6
salt/utils/win_functions.py
View file

@ -123,6 +123,12 @@ def get_current_user(with_domain=True):
'''
Gets the user executing the process
Args:
with_domain (bool):
``True`` will prepend the user name with the machine name or domain
separated by a backslash
Returns:
str: The user name
'''

256
tests/unit/modules/test_win_file.py
View file

@ -5,19 +5,24 @@
# Import Python Libs
from __future__ import absolute_import, unicode_literals, print_function
import os
import tempfile
# Import Salt Testing Libs
from tests.support.mixins import LoaderModuleMockMixin
from tests.support.unit import TestCase, skipIf
from tests.support.mock import (
patch,
NO_MOCK,
NO_MOCK_REASON
)
from tests.support.helpers import destructiveTest
# Import Salt Libs
import salt.modules.win_file as win_file
from salt.exceptions import CommandExecutionError
import salt.utils.platform
import salt.utils.win_functions
import salt.utils.win_dacl
@skipIf(NO_MOCK, NO_MOCK_REASON)
@ -49,3 +54,254 @@ class WinFileTestCase(TestCase):
with patch('os.path.exists', return_value=False):
self.assertRaises(
CommandExecutionError, win_file.check_perms, self.FAKE_PATH)
@destructiveTest
@skipIf(NO_MOCK, NO_MOCK_REASON)
class WinFileCheckPermsTestCase(TestCase, LoaderModuleMockMixin):
'''
Test cases for the check_perms function in salt.modules.win_file
'''
temp_file = ''
current_user = salt.utils.win_functions.get_current_user(False)
def setup_loader_modules(self):
return {
win_file: {
'__opts__': {
'test': False}}}
def setUp(self):
self.temp_file = tempfile.NamedTemporaryFile(delete=False)
self.temp_file.close()
salt.utils.win_dacl.set_owner(obj_name=self.temp_file.name,
principal=self.current_user)
salt.utils.win_dacl.set_inheritance(obj_name=self.temp_file.name,
enabled=True)
self.assertEqual(
salt.utils.win_dacl.get_owner(obj_name=self.temp_file.name),
self.current_user)
def tearDown(self):
os.remove(self.temp_file.name)
def test_check_perms_set_owner_test_true(self):
'''
Test setting the owner of a file with test=True
'''
with patch.dict(win_file.__opts__, {'test': True}):
expected = {'comment': '',
'changes': {},
'pchanges': {'owner': 'Administrators'},
'name': self.temp_file.name,
'result': None}
ret = win_file.check_perms(path=self.temp_file.name,
owner='Administrators',
inheritance=None)
self.assertDictEqual(expected, ret)
def test_check_perms_set_owner(self):
'''
Test setting the owner of a file
'''
expected = {'comment': '',
'pchanges': {},
'changes': {'owner': 'Administrators'},
'name': self.temp_file.name,
'result': True}
ret = win_file.check_perms(path=self.temp_file.name,
owner='Administrators',
inheritance=None)
self.assertDictEqual(expected, ret)
def test_check_perms_deny_test_true(self):
'''
Test setting deny perms on a file with test=True
'''
with patch.dict(win_file.__opts__, {'test': True}):
expected = {'comment': '',
'pchanges': {
'deny_perms': {
'Users': {'perms': 'read_execute'}}},
'changes': {'deny_perms': {}},
'name': self.temp_file.name,
'result': None}
ret = win_file.check_perms(
path=self.temp_file.name,
deny_perms={
'Users': {
'perms': 'read_execute'}},
inheritance=None)
self.assertDictEqual(expected, ret)
def test_check_perms_deny(self):
'''
Test setting deny perms on a file
'''
expected = {'comment': '',
'pchanges': {'deny_perms': {}},
'changes': {
'deny_perms': {
'Users': {'perms': 'read_execute'}}},
'name': self.temp_file.name,
'result': True}
ret = win_file.check_perms(path=self.temp_file.name,
deny_perms={
'Users': {
'perms': 'read_execute'}},
inheritance=None)
self.assertDictEqual(expected, ret)
def test_check_perms_grant_test_true(self):
'''
Test setting grant perms on a file with test=True
'''
with patch.dict(win_file.__opts__, {'test': True}):
expected = {'comment': '',
'pchanges': {
'grant_perms': {
'Users': {'perms': 'read_execute'}}},
'changes': {'grant_perms': {}},
'name': self.temp_file.name,
'result': None}
ret = win_file.check_perms(
path=self.temp_file.name,
grant_perms={
'Users': {
'perms': 'read_execute'}},
inheritance=None)
self.assertDictEqual(expected, ret)
def test_check_perms_grant(self):
'''
Test setting grant perms on a file
'''
expected = {'comment': '',
'pchanges': {'grant_perms': {}},
'changes': {
'grant_perms': {
'Users': {'perms': 'read_execute'}}},
'name': self.temp_file.name,
'result': True}
ret = win_file.check_perms(path=self.temp_file.name,
grant_perms={
'Users': {
'perms': 'read_execute'}},
inheritance=None)
self.assertDictEqual(expected, ret)
def test_check_perms_inheritance_false_test_true(self):
'''
Test setting inheritance to False with test=True
'''
with patch.dict(win_file.__opts__, {'test': True}):
expected = {'comment': '',
'pchanges': {'inheritance': False},
'changes': {},
'name': self.temp_file.name,
'result': None}
ret = win_file.check_perms(path=self.temp_file.name,
inheritance=False)
self.assertDictEqual(expected, ret)
def test_check_perms_inheritance_false(self):
'''
Test setting inheritance to False
'''
expected = {'comment': '',
'pchanges': {},
'changes': {'inheritance': False},
'name': self.temp_file.name,
'result': True}
ret = win_file.check_perms(path=self.temp_file.name,
inheritance=False)
self.assertDictEqual(expected, ret)
def test_check_perms_inheritance_true(self):
'''
Test setting inheritance to true when it's already true (default)
'''
expected = {'comment': '',
'pchanges': {},
'changes': {},
'name': self.temp_file.name,
'result': True}
ret = win_file.check_perms(path=self.temp_file.name,
inheritance=True)
self.assertDictEqual(expected, ret)
def test_check_perms_reset_test_true(self):
'''
Test resetting perms with test=True. This shows minimal changes
'''
# Turn off inheritance
salt.utils.win_dacl.set_inheritance(obj_name=self.temp_file.name,
enabled=False,
clear=True)
# Set some permissions
salt.utils.win_dacl.set_permissions(obj_name=self.temp_file.name,
principal='Administrator',
permissions='full_control')
with patch.dict(win_file.__opts__, {'test': True}):
expected = {
'comment': '',
'pchanges': {
'remove_perms': {
'Administrator': {
'grant': {
'applies to': 'Not Inherited (file)',
'permissions': ['Full control'],
'inherited': False}}},
'grant_perms': {
'Administrators': {'perms': 'full_control'},
'Users': {'perms': 'read_execute'}}},
'changes': {'grant_perms': {}},
'name': self.temp_file.name,
'result': None}
ret = win_file.check_perms(path=self.temp_file.name,
grant_perms={
'Users': {
'perms': 'read_execute'},
'Administrators': {
'perms': 'full_control'}},
inheritance=False,
reset=True)
self.assertDictEqual(expected, ret)
def test_check_perms_reset(self):
'''
Test resetting perms on a File
'''
# Turn off inheritance
salt.utils.win_dacl.set_inheritance(obj_name=self.temp_file.name,
enabled=False,
clear=True)
# Set some permissions
salt.utils.win_dacl.set_permissions(obj_name=self.temp_file.name,
principal='Administrator',
permissions='full_control')
expected = {
'comment': '',
'pchanges': {'grant_perms': {}},
'changes': {
'remove_perms': {
'Administrator': {
'grant': {
'applies to': 'Not Inherited (file)',
'permissions': ['Full control'],
'inherited': False}}},
'grant_perms': {
'Administrators': {'perms': 'full_control'},
'Users': {'perms': 'read_execute'}}},
'name': self.temp_file.name,
'result': True}
ret = win_file.check_perms(path=self.temp_file.name,
grant_perms={
'Users': {
'perms': 'read_execute'},
'Administrators': {
'perms': 'full_control'}},
inheritance=False,
reset=True)
self.assertDictEqual(expected, ret)