110 lines
		
	
	
		
			3.1 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			110 lines
		
	
	
		
			3.1 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| #
 | |
| # Author:: Richard Lavey (richard.lavey@calastone.com)
 | |
| # Cookbook:: windows
 | |
| # Resource:: http_acl
 | |
| #
 | |
| # Copyright:: 2015-2017, Calastone Ltd.
 | |
| #
 | |
| # Licensed under the Apache License, Version 2.0 (the "License");
 | |
| # you may not use this file except in compliance with the License.
 | |
| # You may obtain a copy of the License at
 | |
| #
 | |
| #     http://www.apache.org/licenses/LICENSE-2.0
 | |
| #
 | |
| # Unless required by applicable law or agreed to in writing, software
 | |
| # distributed under the License is distributed on an "AS IS" BASIS,
 | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | |
| # See the License for the specific language governing permissions and
 | |
| # limitations under the License.
 | |
| #
 | |
| 
 | |
| include Windows::Helper
 | |
| 
 | |
| property :url, String, name_property: true
 | |
| property :user, String
 | |
| property :sddl, String
 | |
| property :exists, [true, false]
 | |
| 
 | |
| # See https://msdn.microsoft.com/en-us/library/windows/desktop/cc307236%28v=vs.85%29.aspx for netsh info
 | |
| 
 | |
| load_current_value do |desired|
 | |
|   cmd_out = shell_out!("#{locate_sysnative_cmd('netsh.exe')} http show urlacl url=#{desired.url}").stdout
 | |
|   Chef::Log.debug "netsh reports: #{cmd_out}"
 | |
| 
 | |
|   if cmd_out.include? desired.url
 | |
|     exists true
 | |
|     url desired.url
 | |
|     # Checks first for sddl, because it generates user(s)
 | |
|     sddl_match = cmd_out.match(/SDDL:\s*(?<sddl>\S+)/)
 | |
|     if sddl_match
 | |
|       sddl sddl_match['sddl']
 | |
|     else
 | |
|       # if no sddl, tries to find a single user
 | |
|       user_match = cmd_out.match(/User:\s*(?<user>.+)/)
 | |
|       user user_match['user']
 | |
|     end
 | |
|   else
 | |
|     exists false
 | |
|   end
 | |
| end
 | |
| 
 | |
| action :create do
 | |
|   raise '`user` xor `sddl` can\'t be used together' if new_resource.user && new_resource.sddl
 | |
|   raise 'When provided user property can\'t be empty' if new_resource.user && new_resource.user.empty?
 | |
|   raise 'When provided sddl property can\'t be empty' if new_resource.sddl && new_resource.sddl.empty?
 | |
| 
 | |
|   if current_resource.exists
 | |
|     sddl_changed = (
 | |
|       new_resource.sddl &&
 | |
|       current_resource.sddl &&
 | |
|       current_resource.sddl.casecmp(new_resource.sddl) != 0
 | |
|     )
 | |
|     user_changed = (
 | |
|       new_resource.user &&
 | |
|       current_resource.user &&
 | |
|       current_resource.user.casecmp(new_resource.user) != 0
 | |
|     )
 | |
| 
 | |
|     if sddl_changed || user_changed
 | |
|       converge_by("Changing #{new_resource.url}") do
 | |
|         delete_acl
 | |
|         apply_acl
 | |
|       end
 | |
|     else
 | |
|       Chef::Log.debug("#{new_resource.url} already set - nothing to do")
 | |
|     end
 | |
|   else
 | |
|     converge_by("Setting #{new_resource.url}") do
 | |
|       apply_acl
 | |
|     end
 | |
|   end
 | |
| end
 | |
| 
 | |
| action :delete do
 | |
|   if current_resource.exists
 | |
|     converge_by("Deleting #{new_resource.url}") do
 | |
|       delete_acl
 | |
|     end
 | |
|   else
 | |
|     Chef::Log.debug("#{new_resource.url} does not exist - nothing to do")
 | |
|   end
 | |
| end
 | |
| 
 | |
| action_class do
 | |
|   def netsh_command
 | |
|     locate_sysnative_cmd('netsh.exe')
 | |
|   end
 | |
| 
 | |
|   def apply_acl
 | |
|     if current_resource.sddl
 | |
|       shell_out!("#{netsh_command} http add urlacl url=#{new_resource.url} sddl=\"#{new_resource.sddl}\"")
 | |
|     else
 | |
|       shell_out!("#{netsh_command} http add urlacl url=#{new_resource.url} user=\"#{new_resource.user}\"")
 | |
|     end
 | |
|   end
 | |
| 
 | |
|   def delete_acl
 | |
|     shell_out!("#{netsh_command} http delete urlacl url=#{new_resource.url}")
 | |
|   end
 | |
| end
 |