diff --git a/changelogs/fragments/win_owner-paths.yaml b/changelogs/fragments/win_owner-paths.yaml new file mode 100644 index 0000000000..8cf343dd57 --- /dev/null +++ b/changelogs/fragments/win_owner-paths.yaml @@ -0,0 +1,2 @@ +bugfixes: +- win_owner - Fix issues when using paths with glob like characters, e.g. ``[``, ``]`` diff --git a/lib/ansible/modules/windows/win_owner.ps1 b/lib/ansible/modules/windows/win_owner.ps1 index 8fc5d4ca5c..a023d27ba0 100644 --- a/lib/ansible/modules/windows/win_owner.ps1 +++ b/lib/ansible/modules/windows/win_owner.ps1 @@ -17,7 +17,7 @@ $path = Get-AnsibleParam -obj $params -name "path" -type "path" -failifempty $tr $user = Get-AnsibleParam -obj $params -name "user" -type "str" -failifempty $true $recurse = Get-AnsibleParam -obj $params -name "recurse" -type "bool" -default $false -resultobj $result -If (-Not (Test-Path -Path $path)) { +If (-Not (Test-Path -LiteralPath $path)) { Fail-Json $result "$path file or directory does not exist on the host" } @@ -30,23 +30,24 @@ if (!$sid) { Try { $objUser = New-Object System.Security.Principal.SecurityIdentifier($sid) - $file = Get-Item -Path $path - $acl = Get-Acl $file.FullName + $file = Get-Item -LiteralPath $path + $acl = Get-Acl -LiteralPath $file.FullName If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) { $acl.setOwner($objUser) - Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode + Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode $result.changed = $true } - If ($recurse) { - $files = Get-ChildItem -Path $path -Force -Recurse + If ($recurse -and $file -is [System.IO.DirectoryInfo]) { + # Get-ChildItem falls flat on pre PSv5 when dealing with complex path chars + $files = $file.EnumerateFileSystemInfos("*", [System.IO.SearchOption]::AllDirectories) ForEach($file in $files){ - $acl = Get-Acl $file.FullName + $acl = Get-Acl -LiteralPath $file.FullName If ($acl.getOwner([System.Security.Principal.SecurityIdentifier]) -ne $objUser) { $acl.setOwner($objUser) - Set-Acl -Path $file.FullName -AclObject $acl -WhatIf:$check_mode + Set-Acl -LiteralPath $file.FullName -AclObject $acl -WhatIf:$check_mode $result.changed = $true } } diff --git a/test/integration/targets/win_owner/defaults/main.yml b/test/integration/targets/win_owner/defaults/main.yml index f71d353ec8..a3882a95f6 100644 --- a/test/integration/targets/win_owner/defaults/main.yml +++ b/test/integration/targets/win_owner/defaults/main.yml @@ -1 +1 @@ -test_win_owner_path: C:\ansible\win_owner +test_win_owner_path: C:\ansible\win_owner .ÅÑŚÌβŁÈ [$!@^&test(;)] diff --git a/test/integration/targets/win_owner/tasks/main.yml b/test/integration/targets/win_owner/tasks/main.yml index 483c05f417..4b6046f409 100644 --- a/test/integration/targets/win_owner/tasks/main.yml +++ b/test/integration/targets/win_owner/tasks/main.yml @@ -1,36 +1,36 @@ --- # Setup tests -- name: gather facts on host for use with later tests - setup: +# Use single task to save on CI runtime +- name: create test files + win_shell: | + $folders = @( + "folder", + "folder\folder1", + "folder\folder2", + "folder with space", + "folder with space\folder1", + "folder with space\folder2" + ) + $tmp_dir = '{{ test_win_owner_path }}' + if (Test-Path -LiteralPath $tmp_dir) { + Remove-Item -LiteralPath $tmp_dir -Force -Recurse + } + New-Item -Path $tmp_dir -ItemType Directory -- name: remove test path to ensure baseline - win_file: - path: "{{test_win_owner_path}}" - state: absent - -- name: create test paths - win_file: - path: "{{test_win_owner_path}}\\{{item}}" - state: directory - with_items: - - folder - - folder\folder1 - - folder\folder2 - - folder with space - - folder with space\folder1 - - folder with space\folder2 - -- name: create system test files - win_copy: - dest: "{{test_win_owner_path}}\\{{item}}" - content: content - with_items: - - folder\file.txt - - folder\folder1\file.txt - - folder\folder2\file.txt - - folder with space\file.txt - - folder with space\folder1\file.txt - - folder with space\folder2\file.txt + foreach ($folder in $folders) { + New-Item -Path "$tmp_dir\$folder" -ItemType Directory + } + $files = @( + "folder\file.txt", + "folder\folder1\file.txt", + "folder\folder2\file.txt", + "folder with space\file.txt", + "folder with space\folder1\file.txt", + "folder with space\folder2\file.txt" + ) + foreach ($file in $files) { + Set-Content -LiteralPath "$tmp_dir\$file" -Value "content" + } # Run win_owner tests - name: set owner for invalid path @@ -55,7 +55,7 @@ check_mode: True - name: get owner of folder of set owner defaults check - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner register: actual_defaults_check - name: assert set owner defaults check @@ -71,7 +71,7 @@ register: defaults - name: get owner of folder of set owner defaults - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\folder').Owner register: actual_defaults - name: assert set owner defaults @@ -86,15 +86,10 @@ user: SYSTEM register: defaults_again -- name: get owner of folder of set owner defaults again - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\folder').Owner" - register: actual_defaults_again - - name: assert set owner defaults again assert: that: - defaults_again is not changed - - actual_defaults_again.stdout_lines[0] == 'NT AUTHORITY\SYSTEM' - name: set owner recurse check win_owner: @@ -105,7 +100,7 @@ check_mode: True - name: get owner of folder of set owner recurse check - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item.path}}').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item.path}}').Owner register: actual_recurse_check failed_when: actual_recurse_check.stdout_lines[0] != item.owner with_items: @@ -129,7 +124,7 @@ register: recurse - name: get owner of folder of set owner recurse - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" + win_shell: (Get-Acl -LiteralPath '{{test_win_owner_path}}\\{{item}}').Owner register: actual_recurse failed_when: actual_recurse.stdout_lines[0] != 'NT AUTHORITY\SYSTEM' with_items: @@ -152,18 +147,6 @@ recurse: True register: recurse_again -- name: get owner of folder of set owner recurse again - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" - register: actual_recurse_again - failed_when: actual_recurse_again.stdout_lines[0] != 'NT AUTHORITY\SYSTEM' - with_items: - - folder - - folder\file.txt - - folder\folder1 - - folder\folder1\file.txt - - folder\folder2 - - folder\folder2\file.txt - - name: assert set owner recurse again assert: that: @@ -173,6 +156,7 @@ win_user: name: test win owner password: E1K0-O8b1-c8M9-c6D5 + register: test_user - name: set owner with space recurse win_owner: @@ -182,9 +166,12 @@ register: recurse_space - name: get owner of folder of set owner with space recurse - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" + win_shell: | + $owner = (Get-Acl -LiteralPath '{{ test_win_owner_path }}\{{ item }}').Owner + $account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $owner + $account.Translate([System.Security.Principal.SecurityIdentifier]).Value register: actual_recurse_space - failed_when: actual_recurse_space.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER' + failed_when: actual_recurse_space.stdout_lines[0] != test_user.sid with_items: - folder with space - folder with space\file.txt @@ -205,18 +192,6 @@ recurse: True register: recurse_space_again -- name: get owner of folder of set owner with space recurse again - win_command: powershell.exe "(Get-Acl -Path '{{test_win_owner_path}}\\{{item}}').Owner" - register: actual_recurse_space_again - failed_when: actual_recurse_space_again.stdout_lines[0]|upper != ansible_hostname|upper + '\\TEST WIN OWNER' - with_items: - - folder with space - - folder with space\file.txt - - folder with space\folder1 - - folder with space\folder1\file.txt - - folder with space\folder2 - - folder with space\folder2\file.txt - - name: assert set owner with space recurse again assert: that: