diff --git a/salt/states/file.py b/salt/states/file.py index 2feb98f48b..475c3579d0 100644 --- a/salt/states/file.py +++ b/salt/states/file.py @@ -781,10 +781,12 @@ def _check_directory_win(name, if not os.path.isdir(name): changes = {name: {'directory': 'new'}} else: - # Check owner + # Check owner by SID if win_owner is not None: - owner = salt.utils.win_dacl.get_owner(name) - if not owner.lower() == win_owner.lower(): + current_owner = salt.utils.win_dacl.get_owner(name) + current_owner_sid = salt.utils.win_functions.get_sid_from_name(current_owner) + expected_owner_sid = salt.utils.win_functions.get_sid_from_name(win_owner) + if not current_owner_sid == expected_owner_sid: changes['owner'] = win_owner # Check perms diff --git a/tests/integration/states/test_file.py b/tests/integration/states/test_file.py index f4fca4c887..34df82cf9d 100644 --- a/tests/integration/states/test_file.py +++ b/tests/integration/states/test_file.py @@ -889,6 +889,31 @@ class FileTest(ModuleCase, SaltReturnAssertsMixin): self.assertFalse(os.path.exists(straydir)) self.assertTrue(os.path.isdir(name)) + def test_directory_is_idempotent(self): + ''' + Ensure the file.directory state produces no changes when rerun. + ''' + name = os.path.join(TMP, 'a_dir_twice') + + if IS_WINDOWS: + username = os.environ.get('USERNAME', 'Administrators') + domain = os.environ.get('USERDOMAIN', '') + fullname = '{0}\\{1}'.format(domain, username) + + ret = self.run_state('file.directory', name=name, win_owner=fullname) + else: + ret = self.run_state('file.directory', name=name) + + self.assertSaltTrueReturn(ret) + + if IS_WINDOWS: + ret = self.run_state('file.directory', name=name, win_owner=username) + else: + ret = self.run_state('file.directory', name=name) + + self.assertSaltTrueReturn(ret) + self.assertSaltStateChangesEqual(ret, {}) + @with_tempdir() def test_directory_clean_exclude(self, base_dir): '''