mirror of
https://github.com/valitydev/salt.git
synced 2024-11-06 16:45:27 +00:00
538 lines
26 KiB
Python
538 lines
26 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
# Import Python Libs
|
|
from __future__ import absolute_import, unicode_literals, print_function
|
|
|
|
# Import Salt Testing Libs
|
|
from tests.support.helpers import destructiveTest
|
|
from tests.support.mock import NO_MOCK, NO_MOCK_REASON
|
|
from tests.support.unit import TestCase, skipIf
|
|
|
|
# Import Salt Libs
|
|
import salt.utils.platform
|
|
import salt.utils.win_lgpo_netsh as win_lgpo_netsh
|
|
from salt.exceptions import CommandExecutionError
|
|
|
|
|
|
@skipIf(NO_MOCK, NO_MOCK_REASON)
|
|
@skipIf(not salt.utils.platform.is_windows(), 'System is not Windows')
|
|
class WinLgpoNetshTestCase(TestCase):
|
|
def test_get_settings_firewallpolicy_local(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='local')
|
|
self.assertIn('Inbound', ret)
|
|
self.assertIn('Outbound', ret)
|
|
|
|
def test_get_settings_firewallpolicy_lgpo(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='lgpo')
|
|
self.assertIn('Inbound', ret)
|
|
self.assertIn('Outbound', ret)
|
|
|
|
def test_get_settings_logging_local(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')
|
|
self.assertIn('FileName', ret)
|
|
self.assertIn('LogAllowedConnections', ret)
|
|
self.assertIn('LogDroppedConnections', ret)
|
|
self.assertIn('MaxFileSize', ret)
|
|
|
|
def test_get_settings_logging_lgpo(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='lgpo')
|
|
self.assertIn('FileName', ret)
|
|
self.assertIn('LogAllowedConnections', ret)
|
|
self.assertIn('LogDroppedConnections', ret)
|
|
self.assertIn('MaxFileSize', ret)
|
|
|
|
def test_get_settings_settings_local(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')
|
|
self.assertIn('InboundUserNotification', ret)
|
|
self.assertIn('LocalConSecRules', ret)
|
|
self.assertIn('LocalFirewallRules', ret)
|
|
self.assertIn('RemoteManagement', ret)
|
|
self.assertIn('UnicastResponseToMulticast', ret)
|
|
|
|
def test_get_settings_settings_lgpo(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='lgpo')
|
|
self.assertIn('InboundUserNotification', ret)
|
|
self.assertIn('LocalConSecRules', ret)
|
|
self.assertIn('LocalFirewallRules', ret)
|
|
self.assertIn('RemoteManagement', ret)
|
|
self.assertIn('UnicastResponseToMulticast', ret)
|
|
|
|
def test_get_settings_state_local(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='state',
|
|
store='local')
|
|
self.assertIn('State', ret)
|
|
|
|
def test_get_settings_state_lgpo(self):
|
|
ret = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='state',
|
|
store='lgpo')
|
|
self.assertIn('State', ret)
|
|
|
|
def test_get_all_settings_local(self):
|
|
ret = win_lgpo_netsh.get_all_settings(profile='domain',
|
|
store='local')
|
|
|
|
self.assertIn('Inbound', ret)
|
|
self.assertIn('Outbound', ret)
|
|
self.assertIn('FileName', ret)
|
|
self.assertIn('LogAllowedConnections', ret)
|
|
self.assertIn('LogDroppedConnections', ret)
|
|
self.assertIn('MaxFileSize', ret)
|
|
self.assertIn('InboundUserNotification', ret)
|
|
self.assertIn('LocalConSecRules', ret)
|
|
self.assertIn('LocalFirewallRules', ret)
|
|
self.assertIn('RemoteManagement', ret)
|
|
self.assertIn('UnicastResponseToMulticast', ret)
|
|
self.assertIn('State', ret)
|
|
|
|
def test_get_all_settings_lgpo(self):
|
|
ret = win_lgpo_netsh.get_all_settings(profile='domain',
|
|
store='local')
|
|
|
|
self.assertIn('Inbound', ret)
|
|
self.assertIn('Outbound', ret)
|
|
self.assertIn('FileName', ret)
|
|
self.assertIn('LogAllowedConnections', ret)
|
|
self.assertIn('LogDroppedConnections', ret)
|
|
self.assertIn('MaxFileSize', ret)
|
|
self.assertIn('InboundUserNotification', ret)
|
|
self.assertIn('LocalConSecRules', ret)
|
|
self.assertIn('LocalFirewallRules', ret)
|
|
self.assertIn('RemoteManagement', ret)
|
|
self.assertIn('UnicastResponseToMulticast', ret)
|
|
self.assertIn('State', ret)
|
|
|
|
def test_get_all_profiles_local(self):
|
|
ret = win_lgpo_netsh.get_all_profiles(store='local')
|
|
self.assertIn('Domain Profile', ret)
|
|
self.assertIn('Private Profile', ret)
|
|
self.assertIn('Public Profile', ret)
|
|
|
|
def test_get_all_profiles_lgpo(self):
|
|
ret = win_lgpo_netsh.get_all_profiles(store='lgpo')
|
|
self.assertIn('Domain Profile', ret)
|
|
self.assertIn('Private Profile', ret)
|
|
self.assertIn('Public Profile', ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_inbound_local(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='local')['Inbound']
|
|
try:
|
|
ret = win_lgpo_netsh.set_firewall_settings(profile='domain',
|
|
inbound='allowinbound',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='local')['Inbound']
|
|
self.assertEqual('AllowInbound', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_firewall_settings(profile='domain',
|
|
inbound=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_inbound_local_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='local')['Inbound']
|
|
try:
|
|
self.assertRaises(
|
|
CommandExecutionError,
|
|
win_lgpo_netsh.set_firewall_settings,
|
|
profile='domain',
|
|
inbound='notconfigured',
|
|
store='local')
|
|
finally:
|
|
ret = win_lgpo_netsh.set_firewall_settings(profile='domain',
|
|
inbound=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_inbound_lgpo_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='lgpo')['Inbound']
|
|
try:
|
|
ret = win_lgpo_netsh.set_firewall_settings(profile='domain',
|
|
inbound='notconfigured',
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='lgpo')['Inbound']
|
|
self.assertEqual('NotConfigured', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_firewall_settings(profile='domain',
|
|
inbound=current,
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_outbound_local(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='local')['Outbound']
|
|
try:
|
|
ret = win_lgpo_netsh.set_firewall_settings(profile='domain',
|
|
outbound='allowoutbound',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='firewallpolicy',
|
|
store='local')['Outbound']
|
|
self.assertEqual('AllowOutbound', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_firewall_settings(profile='domain',
|
|
outbound=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_logging_allowed_local_enable(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['LogAllowedConnections']
|
|
try:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='allowedconnections',
|
|
value='enable',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['LogAllowedConnections']
|
|
self.assertEqual('Enable', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='allowedconnections',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_logging_allowed_local_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['LogAllowedConnections']
|
|
try:
|
|
self.assertRaises(
|
|
CommandExecutionError,
|
|
win_lgpo_netsh.set_logging_settings,
|
|
profile='domain',
|
|
setting='allowedconnections',
|
|
value='notconfigured',
|
|
store='local')
|
|
finally:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='allowedconnections',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_logging_allowed_lgpo_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='lgpo')['LogAllowedConnections']
|
|
try:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='allowedconnections',
|
|
value='notconfigured',
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='lgpo')['LogAllowedConnections']
|
|
self.assertEqual('NotConfigured', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='allowedconnections',
|
|
value=current,
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
|
|
def test_set_firewall_logging_dropped_local_enable(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['LogDroppedConnections']
|
|
try:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='droppedconnections',
|
|
value='enable',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['LogDroppedConnections']
|
|
self.assertEqual('Enable', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='droppedconnections',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
def test_set_firewall_logging_filename_local(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['FileName']
|
|
try:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='filename',
|
|
value='C:\\Temp\\test.log',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['FileName']
|
|
self.assertEqual('C:\\Temp\\test.log', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='filename',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
def test_set_firewall_logging_maxfilesize_local(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['MaxFileSize']
|
|
try:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='maxfilesize',
|
|
value='16384',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='logging',
|
|
store='local')['MaxFileSize']
|
|
self.assertEqual('16384', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_logging_settings(profile='domain',
|
|
setting='maxfilesize',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_fwrules_local_enable(self):
|
|
self.assertRaises(
|
|
CommandExecutionError,
|
|
win_lgpo_netsh.set_settings,
|
|
profile='domain',
|
|
setting='localfirewallrules',
|
|
value='enable',
|
|
store='local')
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_fwrules_lgpo_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='lgpo')['LocalFirewallRules']
|
|
try:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='localfirewallrules',
|
|
value='notconfigured',
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='lgpo')['LocalFirewallRules']
|
|
self.assertEqual('NotConfigured', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='localfirewallrules',
|
|
value=current,
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_consecrules_local_enable(self):
|
|
self.assertRaises(
|
|
CommandExecutionError,
|
|
win_lgpo_netsh.set_settings,
|
|
profile='domain',
|
|
setting='localconsecrules',
|
|
value='enable',
|
|
store='local')
|
|
|
|
def test_set_firewall_settings_notification_local_enable(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')['InboundUserNotification']
|
|
try:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='inboundusernotification',
|
|
value='enable',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')['InboundUserNotification']
|
|
self.assertEqual('Enable', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='inboundusernotification',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_settings_notification_local_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')['InboundUserNotification']
|
|
try:
|
|
self.assertRaises(
|
|
CommandExecutionError,
|
|
win_lgpo_netsh.set_settings,
|
|
profile='domain',
|
|
setting='inboundusernotification',
|
|
value='notconfigured',
|
|
store='local')
|
|
finally:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='inboundusernotification',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
def test_set_firewall_settings_notification_lgpo_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='lgpo')['InboundUserNotification']
|
|
try:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='inboundusernotification',
|
|
value='notconfigured',
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='lgpo')['InboundUserNotification']
|
|
self.assertEqual('NotConfigured', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='inboundusernotification',
|
|
value=current,
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
|
|
def test_set_firewall_settings_remotemgmt_local_enable(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')['RemoteManagement']
|
|
try:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='remotemanagement',
|
|
value='enable',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')['RemoteManagement']
|
|
self.assertEqual('Enable', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='remotemanagement',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
def test_set_firewall_settings_unicast_local_disable(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')['UnicastResponseToMulticast']
|
|
try:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='unicastresponsetomulticast',
|
|
value='disable',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='settings',
|
|
store='local')['UnicastResponseToMulticast']
|
|
self.assertEqual('Disable', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_settings(profile='domain',
|
|
setting='unicastresponsetomulticast',
|
|
value=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_state_local_on(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='state',
|
|
store='local')['State']
|
|
try:
|
|
ret = win_lgpo_netsh.set_state(profile='domain',
|
|
state='off',
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='state',
|
|
store='local')['State']
|
|
self.assertEqual('OFF', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_state(profile='domain',
|
|
state=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_state_local_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='state',
|
|
store='local')['State']
|
|
try:
|
|
self.assertRaises(
|
|
CommandExecutionError,
|
|
win_lgpo_netsh.set_state,
|
|
profile='domain',
|
|
state='notconfigured',
|
|
store='local')
|
|
finally:
|
|
ret = win_lgpo_netsh.set_state(profile='domain',
|
|
state=current,
|
|
store='local')
|
|
self.assertTrue(ret)
|
|
|
|
@destructiveTest
|
|
def test_set_firewall_state_lgpo_notconfigured(self):
|
|
current = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='state',
|
|
store='local')['State']
|
|
try:
|
|
ret = win_lgpo_netsh.set_state(profile='domain',
|
|
state='notconfigured',
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|
|
new = win_lgpo_netsh.get_settings(profile='domain',
|
|
section='state',
|
|
store='lgpo')['State']
|
|
self.assertEqual('NotConfigured', new)
|
|
finally:
|
|
ret = win_lgpo_netsh.set_state(profile='domain',
|
|
state=current,
|
|
store='lgpo')
|
|
self.assertTrue(ret)
|