1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/test/integration/targets/win_audit_rule/tasks/modify.yml
Matt Martz 4fe08441be Deprecate tests used as filters (#32361)
* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc
2017-11-27 17:58:08 -05:00

172 lines
5.7 KiB
YAML

#########################
### modify check mode ###
#########################
- name: check mode modify audit policy directory
win_audit_rule:
path: "{{ test_audit_rule_folder }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: directory
check_mode: yes
- name: check mode modify audit policy file
win_audit_rule:
path: "{{ test_audit_rule_file }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
inheritance_flags: none
register: file
check_mode: yes
- name: check mode modify audit policy registry
win_audit_rule:
path: "{{ test_audit_rule_registry }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: registry
check_mode: yes
- name: check mode modify get directory rule results
test_get_audit_rule:
path: "{{ test_audit_rule_folder }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: directory_results
- name: check mode modify get file rule results
test_get_audit_rule:
path: "{{ test_audit_rule_file }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
audit_flags: "{{ test_audit_rule_audit_flags }}"
inheritance_flags: none
register: file_results
- name: check mode modify get REGISTRY rule results
test_get_audit_rule:
path: "{{ test_audit_rule_registry }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: registry_results
- name: check mode modify assert that change is needed but rights still equal the original rights and not test_audit_rule_new_rights
assert:
that:
- directory is changed
- file is changed
- registry is changed
- not directory_results.matching_rule_found and directory_results.path_type == 'directory'
- not file_results.matching_rule_found and file_results.path_type == 'file'
- not registry_results.matching_rule_found and registry_results.path_type == 'registry'
##############
### modify ###
##############
- name: modify audit policy directory
win_audit_rule:
path: "{{ test_audit_rule_folder }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: directory
- name: modify audit policy file
win_audit_rule:
path: "{{ test_audit_rule_file }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
inheritance_flags: none
register: file
- name: modify audit policy registry
win_audit_rule:
path: "{{ test_audit_rule_registry }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: registry
- name: modify get directory rule results
test_get_audit_rule:
path: "{{ test_audit_rule_folder }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: directory_results
- name: modify get file rule results
test_get_audit_rule:
path: "{{ test_audit_rule_file }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
audit_flags: "{{ test_audit_rule_audit_flags }}"
inheritance_flags: none
register: file_results
- name: modify get REGISTRY rule results
test_get_audit_rule:
path: "{{ test_audit_rule_registry }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: registry_results
- name: modify assert that the rules were modified and a change is detected
assert:
that:
- directory is changed
- file is changed
- registry is changed
- directory_results.matching_rule_found and directory_results.path_type == 'directory'
- file_results.matching_rule_found and file_results.path_type == 'file'
- registry_results.matching_rule_found and registry_results.path_type == 'registry'
#####################################
### idempotent test modify a rule ###
#####################################
- name: idempotent modify audit policy directory
win_audit_rule:
path: "{{ test_audit_rule_folder }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: directory
- name: idempotent modify audit policy file
win_audit_rule:
path: "{{ test_audit_rule_file }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
inheritance_flags: none
register: file
- name: idempotent modify audit policy registry
win_audit_rule:
path: "{{ test_audit_rule_registry }}"
user: "{{ test_audit_rule_user }}"
rights: "{{ test_audit_rule_new_rights }}"
state: present
audit_flags: "{{ test_audit_rule_audit_flags }}"
register: registry
- name: idempotent modify assert that and a change is not detected
assert:
that:
- directory is not changed and directory.path_type == 'directory'
- file is not changed and file.path_type == 'file'
- registry is not changed and registry.path_type == 'registry'