ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-22 12:50:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

win_security_policy: Allow setting a value to empty (#42051)

Browse source 
* win_security_policy: allow removing values (resolves #40869)

* Removing warning

* Adding test for remove policy setting

* Fixing string comparison

* Make idempotent

* Adding idempotency and diff test

* added changelog fragment
This commit is contained in:
jamessemai 2018-07-13 06:08:14 +02:00 committed by Jordan Borean
commit dc32842573
3 changed files with 59 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

53
test/integration/targets/win_security_policy/tasks/tests.yml
View file

@ -131,3 +131,56 @@
that:
- change_existing_string_again is not changed
- change_existing_string_again.value == "New Guest"
- name: add policy setting
win_security_policy:
section: Privilege Rights
# following key is empty by default
key: SeCreateTokenPrivilege
# add Guests
value: '*S-1-5-32-546'
- name: get actual policy setting
test_win_security_policy:
section: Privilege Rights
key: SeCreateTokenPrivilege
register: add_policy_setting_actual
- name: assert add policy setting
assert:
that:
- add_policy_setting_actual.value == '*S-1-5-32-546'
- name: remove policy setting
win_security_policy:
section: Privilege Rights
key: SeCreateTokenPrivilege
value: ''
diff: yes
register: remove_policy_setting
- name: get actual policy setting
test_win_security_policy:
section: Privilege Rights
key: SeCreateTokenPrivilege
register: remove_policy_setting_actual
- name: assert remove policy setting
assert:
that:
- remove_policy_setting is changed
- remove_policy_setting.diff.prepared == "[Privilege Rights]\n-SeCreateTokenPrivilege = *S-1-5-32-546\n+SeCreateTokenPrivilege = "
- remove_policy_setting_actual.value is none
- name: remove policy setting again
win_security_policy:
section: Privilege Rights
key: SeCreateTokenPrivilege
value: ''
register: remove_policy_setting_again
- name: assert remove policy setting again
assert:
that:
- remove_policy_setting_again is not changed
- remove_policy_setting_again.value == ''