Skip to content

Commit

Permalink
Merge pull request #21 from mcollera/Dev
Browse files Browse the repository at this point in the history 
Merge changes to Master
  • Loading branch information
@mcollera
mcollera authored Nov 30, 2017
2 parents 54c5234 + 3dd2bee commit 03b1377
Show file tree
Hide file tree
Showing 15 changed files with 148 additions and 167 deletions.
2 changes: 1 addition & 1 deletion DscResources/AccessControlResourceHelper/AccessControlResourceHelper.psd1
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#
#
# Module manifest for module 'AccessControlResourceHelper'
#
# Generated by: adamhay
Expand Down
2 changes: 1 addition & 1 deletion DscResources/AccessControlResourceHelper/AccessControlResourceHelper.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ function Resolve-Identity
$tryNTService = $false

try
{
{
if ($Identity -match '^S-\d-(\d+-){1,14}\d+$')
{
[System.Security.Principal.SecurityIdentifier]$Identity = $Identity
Expand Down
8 changes: 4 additions & 4 deletions DscResources/ActiveDirectoryAuditRuleEntry/ActiveDirectoryAuditRuleEntry.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ Function Get-TargetResource
[OutputType([Hashtable])]
param
(
[Parameter(Mandatory = $true)]
[Parameter(Mandatory=$true)]
[System.String]
$DistinguishedName,

Expand Down Expand Up @@ -98,7 +98,7 @@ Function Get-TargetResource

$ReturnValue = @{
Force = $Force
DistinguishedName = $Path
DistinguishedName = $DistinguishedName
AccessControlList = $CimAccessControlList
}

Expand All @@ -110,7 +110,7 @@ Function Set-TargetResource
[CmdletBinding()]
param
(
[Parameter(Mandatory = $true)]
[Parameter(Mandatory=$true)]
[System.String]
$DistinguishedName,

Expand Down Expand Up @@ -253,7 +253,7 @@ Function Test-TargetResource
[OutputType([System.Boolean])]
param
(
[Parameter(Mandatory = $true)]
[Parameter(Mandatory=$true)]
[System.String]
$DistinguishedName,

Expand Down
20 changes: 10 additions & 10 deletions DscResources/NTFSAccessEntry/NTFSAccessEntry.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,7 @@ Function Set-TargetResource

$actualAce = $currentAcl.Access

$Results = Compare-NtfsRules -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal
$Results = Compare-NtfsRule -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal

$Expected = $Results.Rules
$AbsentToBeRemoved = $Results.Absent
Expand All @@ -154,7 +154,7 @@ Function Set-TargetResource
$actualAce = $currentAcl.Access.Where({$_.IdentityReference -eq $Identity.Name})

$ACLRules = ConvertTo-FileSystemAccessRule -AccessControlList $AccessControlItem -IdentityRef $IdentityRef
$Results = Compare-NtfsRules -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal
$Results = Compare-NtfsRule -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal

$Expected += $Results.Rules
$AbsentToBeRemoved += $Results.Absent
Expand Down Expand Up @@ -297,7 +297,7 @@ Function Test-TargetResource

$actualAce = $mappedACL.Access

$Results = Compare-NtfsRules -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal
$Results = Compare-NtfsRule -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal

$Expected = $Results.Rules
$AbsentToBeRemoved = $Results.Absent
Expand All @@ -315,7 +315,7 @@ Function Test-TargetResource

$actualAce = $mappedACL.Access.Where({$_.IdentityReference -eq $Identity.Name})

$Results = Compare-NtfsRules -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal
$Results = Compare-NtfsRule -Expected $ACLRules -Actual $actualAce -Force $AccessControlItem.ForcePrincipal

$Expected += $Results.Rules
$AbsentToBeRemoved += $Results.Absent
Expand Down Expand Up @@ -400,7 +400,7 @@ Function Test-TargetResource
return $InDesiredState
}

Function Get-NtfsInheritenceFlags
Function Get-NtfsInheritenceFlag
{
[CmdletBinding()]
param
Expand Down Expand Up @@ -519,7 +519,7 @@ Function ConvertTo-FileSystemAccessRule

foreach($ace in $AccessControlList.AccessControlEntry)
{
$Inheritance = Get-NtfsInheritenceFlags -Inheritance $ace.Inheritance
$Inheritance = Get-NtfsInheritenceFlag -Inheritance $ace.Inheritance

$rule = [PSCustomObject]@{
Rules = New-Object System.Security.AccessControl.FileSystemAccessRule($IdentityRef, $ace.FileSystemRights, $Inheritance.InheritanceFlag, $Inheritance.PropagationFlag, $ace.AccessControlType)
Expand All @@ -531,7 +531,7 @@ Function ConvertTo-FileSystemAccessRule
return $refrenceObject
}

Function Compare-NtfsRules
Function Compare-NtfsRule
{
param
(
Expand Down Expand Up @@ -635,15 +635,15 @@ Function Update-FileSystemRightsMapping
if( ($rightsBand -gt 0) -or ($rightsBand -lt 0) )
{
$SID = ConvertTo-SID -IdentityReference $Rule.IdentityReference
$mappedRight = Get-MappedGenericRights($Rule.FileSystemRights)
$mappedRight = Get-MappedGenericRight($Rule.FileSystemRights)
$mappedRule = New-Object System.Security.AccessControl.FileSystemAccessRule($SID, $mappedRight, $Rule.InheritanceFlags, $Rule.PropagationFlags, $Rule.AccessControlType)

try
{
$ACE.RemoveAccessRule($Rule)
}
catch
{
{
$sidRule = $ACE.AccessRuleFactory($SID, $Rule.FileSystemRights, $Rule.IsInherited , $Rule.InheritanceFlags, $Rule.PropagationFlags, $Rule.AccessControlType)
$ACE.RemoveAccessRule($sidRule)
}
Expand All @@ -655,7 +655,7 @@ Function Update-FileSystemRightsMapping
return $ACE
}

Function Get-MappedGenericRights
Function Get-MappedGenericRight
{
param
(
Expand Down
15 changes: 8 additions & 7 deletions DscResources/RegistryAccessEntry/RegistryAccessEntry.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ Function Set-TargetResource

$actualAce = $currentAcl.Access

$Results = Compare-RegistryRules -Expected $ACLRules -Actual $actualAce
$Results = Compare-RegistryRule -Expected $ACLRules -Actual $actualAce

$Expected = $Results.Rules
$AbsentToBeRemoved = $Results.Absent
Expand All @@ -155,7 +155,7 @@ Function Set-TargetResource
$actualAce = $currentAcl.Access.Where({$_.IdentityReference -eq $Identity.Name})

$ACLRules = ConvertTo-RegistryAccessRule -AccessControlList $AccessControlItem -IdentityRef $IdentityRef
$Results = Compare-RegistryRules -Expected $ACLRules -Actual $actualAce
$Results = Compare-RegistryRule -Expected $ACLRules -Actual $actualAce

$Expected += $Results.Rules
$AbsentToBeRemoved += $Results.Absent
Expand Down Expand Up @@ -257,7 +257,7 @@ Function Test-TargetResource

$actualAce = $currentAcl.Access

$Results = Compare-RegistryRules -Expected $ACLRules -Actual $actualAce
$Results = Compare-RegistryRule -Expected $ACLRules -Actual $actualAce

$Expected = $Results.Rules
$AbsentToBeRemoved = $Results.Absent
Expand All @@ -275,7 +275,7 @@ Function Test-TargetResource

$actualAce = $currentAcl.Access.Where({$_.IdentityReference -eq $Identity.Name})

$Results = Compare-RegistryRules -Expected $ACLRules -Actual $actualAce
$Results = Compare-RegistryRule -Expected $ACLRules -Actual $actualAce

$Expected += $Results.Rules
$AbsentToBeRemoved += $Results.Absent
Expand Down Expand Up @@ -326,7 +326,7 @@ Function ConvertTo-RegistryAccessRule

foreach($ace in $AccessControlList.AccessControlEntry)
{
$Inheritance = Get-RegistryRuleInheritenceFlags -Inheritance $ace.Inheritance
$Inheritance = Get-RegistryRuleInheritenceFlag -Inheritance $ace.Inheritance

$rule = [PSCustomObject]@{
Rules = New-Object System.Security.AccessControl.RegistryAccessRule($IdentityRef, $ace.Rights, $Inheritance.InheritanceFlag, $Inheritance.PropagationFlag, $ace.AccessControlType)
Expand All @@ -338,7 +338,7 @@ Function ConvertTo-RegistryAccessRule
return $refrenceObject
}

Function Compare-RegistryRules
Function Compare-RegistryRule
{
param
(
Expand Down Expand Up @@ -423,7 +423,7 @@ Function Compare-RegistryRules
}
}

Function Get-RegistryRuleInheritenceFlags
Function Get-RegistryRuleInheritenceFlag
{
[CmdletBinding()]
param
Expand Down Expand Up @@ -463,6 +463,7 @@ Function Get-RegistryRuleInheritenceFlags
Function Get-RegistryRuleInheritenceName
{
[CmdletBinding()]
[OutputType([System.String])]
param
(
[Parameter(Mandatory = $true)]
Expand Down
2 changes: 1 addition & 1 deletion Examples/NtfsAccessEntry_example.ps1
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
configuration Sample_NTFSAccessControl
configuration Sample_NTFSAccessControl
{
Import-DscResource -ModuleName AccessControlDsc
node localhost
Expand Down
16 changes: 8 additions & 8 deletions Tests/Integration/NTFSAccessEntry.Integration.Tests.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
#requires -RunAsAdministrator

#region Set up for tests
$Global:DSCModuleName = 'AccessControlDSC'
$Global:DSCResourceName = 'NTFSAccessEntry'
$DSCModuleName = 'AccessControlDSC'
$DSCResourceName = 'NTFSAccessEntry'

$ModuleRoot = Split-Path -Path $Script:MyInvocation.MyCommand.Path -Parent | Split-Path -Parent | Split-Path -Parent

Expand All @@ -18,16 +18,16 @@ if (
Import-Module -Name (Join-Path -Path $ModuleRoot -ChildPath 'DSCResource.Tests\TestHelper.psm1') -Force

$TestEnvironment = Initialize-TestEnvironment `
-DSCModuleName $Global:DSCModuleName `
-DSCResourceName $Global:DSCResourceName `
-DSCModuleName $DSCModuleName `
-DSCResourceName $DSCResourceName `
-TestType Integration

#endregion


try
{
$ConfigFile = Join-Path -Path $PSScriptRoot -ChildPath "$($Global:DSCResourceName).Config.ps1"
$ConfigFile = Join-Path -Path $PSScriptRoot -ChildPath "$($DSCResourceName).Config.ps1"
. $ConfigFile

#Create temporary directory
Expand All @@ -37,13 +37,13 @@ try
$Acl.Access.Where({-not $_.IsInherited}).ForEach({[Void]$Acl.RemoveAccessRule($_)})
[System.IO.Directory]::SetAccessControl($TestDirectory.FullName, $Acl)

Describe "$($Global:DSCResourceName)_Integration" {
Describe "$($DSCResourceName)_Integration" {

$ConfigurationName = "$($Global:DSCResourceName)_Test"
$ConfigurationName = "$($DSCResourceName)_Test"

It 'Should compile without throwing' {
{
Invoke-Expression -Command ('{0} -OutputPath "{1}"' -f $ConfigurationName, $TestParameter.Path)
& $ConfigurationName -OutputPath $TestParameter.Path
Start-DscConfiguration -Path $TestParameter.Path -ComputerName localhost -Force -Verbose -Wait
} | Should Not Throw
}
Expand Down
2 changes: 1 addition & 1 deletion Tests/Integration/RegistryAccessEntry.Config.ps1
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
$TestParameter = [PSCustomObject]@{
$TestParameter = [PSCustomObject]@{
Ensure = 'Present'
Path = 'HKLM:\Software\TestKey'
Principal = 'Everyone'
Expand Down
18 changes: 9 additions & 9 deletions Tests/Integration/RegistryAccessEntry.Integration.Tests.ps1
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
#requires -Version 4.0 -Modules Pester
#requires -Version 4.0 -Modules Pester
#requires -RunAsAdministrator

#region Set up for tests
$Global:DSCModuleName = 'AccessControlDSC'
$Global:DSCResourceName = 'RegistryAccessEntry'
$DSCModuleName = 'AccessControlDSC'
$DSCResourceName = 'RegistryAccessEntry'

Import-Module "$($PSScriptRoot)\..\TestHelper.psm1" -Force
Import-Module Pester -Force
Expand All @@ -21,34 +21,34 @@ if (
Import-Module -Name (Join-Path -Path $ModuleRoot -ChildPath 'DSCResource.Tests\TestHelper.psm1') -Force

$TestEnvironment = Initialize-TestEnvironment `
-DSCModuleName $Global:DSCModuleName `
-DSCResourceName $Global:DSCResourceName `
-DSCModuleName $DSCModuleName `
-DSCResourceName $DSCResourceName `
-TestType Integration

#endregion


try
{
$ConfigFile = Join-Path -Path $PSScriptRoot -ChildPath "$($Global:DSCResourceName).Config.ps1"
$ConfigFile = Join-Path -Path $PSScriptRoot -ChildPath "$($DSCResourceName).Config.ps1"
. $ConfigFile

#Create a temporary file to hold the configuration
$configPath = "C:\TestRegConfig"
New-Item -Path $configPath -ItemType Directory

Describe "$($Global:DSCResourceName)_Integration" {
Describe "$($DSCResourceName)_Integration" {

#Create temporary Registry Key
$TestRegistryKey = Set-NewTempRegKeyAcl -Path $TestParameter.Path -PassThru
$Acl = $TestRegistryKey.GetAccessControl()
$Acl.SetAccessRuleProtection($false, $false)
Set-Acl -Path $TestParameter.Path -AclObject $Acl

$ConfigurationName = "$($Global:DSCResourceName)_Test"
$ConfigurationName = "$($DSCResourceName)_Test"
It 'Should compile without throwing' {
{
Invoke-Expression -Command ('{0} -OutputPath "{1}"' -f $ConfigurationName, $configPath)
& $ConfigurationName -OutputPath $ConfigPath
Start-DscConfiguration -Path $configPath -ComputerName localhost -Force -Verbose -Wait
} | Should Not Throw
}
Expand Down
2 changes: 1 addition & 1 deletion Tests/TestHelper.psm1
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
function Set-NewTempItemAcl
function Set-NewTempItemAcl
{
<#
.SYNOPSIS
Expand Down
Loading

0 comments on commit 03b1377

Please sign in to comment.