summaryrefslogtreecommitdiff
path: root/spec/integration/util/windows/user_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/integration/util/windows/user_spec.rb')
-rwxr-xr-xspec/integration/util/windows/user_spec.rb84
1 files changed, 75 insertions, 9 deletions
diff --git a/spec/integration/util/windows/user_spec.rb b/spec/integration/util/windows/user_spec.rb
index 0435b2cdc..4e873b34c 100755
--- a/spec/integration/util/windows/user_spec.rb
+++ b/spec/integration/util/windows/user_spec.rb
@@ -10,23 +10,23 @@ describe "Puppet::Util::Windows::User", :if => Puppet.features.microsoft_windows
it "should be an admin if user's token contains the Administrators SID" do
Puppet::Util::Windows::User.expects(:check_token_membership).returns(true)
- Win32::Security.expects(:elevated_security?).never
+ Puppet::Util::Windows::Process.expects(:elevated_security?).never
Puppet::Util::Windows::User.should be_admin
end
it "should not be an admin if user's token doesn't contain the Administrators SID" do
Puppet::Util::Windows::User.expects(:check_token_membership).returns(false)
- Win32::Security.expects(:elevated_security?).never
+ Puppet::Util::Windows::Process.expects(:elevated_security?).never
Puppet::Util::Windows::User.should_not be_admin
end
it "should raise an exception if we can't check token membership" do
- Puppet::Util::Windows::User.expects(:check_token_membership).raises(Win32::Security::Error, "Access denied.")
- Win32::Security.expects(:elevated_security?).never
+ Puppet::Util::Windows::User.expects(:check_token_membership).raises(Puppet::Util::Windows::Error, "Access denied.")
+ Puppet::Util::Windows::Process.expects(:elevated_security?).never
- lambda { Puppet::Util::Windows::User.admin? }.should raise_error(Win32::Security::Error, /Access denied./)
+ lambda { Puppet::Util::Windows::User.admin? }.should raise_error(Puppet::Util::Windows::Error, /Access denied./)
end
end
@@ -36,24 +36,90 @@ describe "Puppet::Util::Windows::User", :if => Puppet.features.microsoft_windows
end
it "should be an admin if user is running with elevated privileges" do
- Win32::Security.stubs(:elevated_security?).returns(true)
+ Puppet::Util::Windows::Process.stubs(:elevated_security?).returns(true)
Puppet::Util::Windows::User.expects(:check_token_membership).never
Puppet::Util::Windows::User.should be_admin
end
it "should not be an admin if user is not running with elevated privileges" do
- Win32::Security.stubs(:elevated_security?).returns(false)
+ Puppet::Util::Windows::Process.stubs(:elevated_security?).returns(false)
Puppet::Util::Windows::User.expects(:check_token_membership).never
Puppet::Util::Windows::User.should_not be_admin
end
it "should raise an exception if the process fails to open the process token" do
- Win32::Security.stubs(:elevated_security?).raises(Win32::Security::Error, "Access denied.")
+ Puppet::Util::Windows::Process.stubs(:elevated_security?).raises(Puppet::Util::Windows::Error, "Access denied.")
Puppet::Util::Windows::User.expects(:check_token_membership).never
- lambda { Puppet::Util::Windows::User.admin? }.should raise_error(Win32::Security::Error, /Access denied./)
+ lambda { Puppet::Util::Windows::User.admin? }.should raise_error(Puppet::Util::Windows::Error, /Access denied./)
+ end
+ end
+
+ describe "module function" do
+ let(:username) { 'fabio' }
+ let(:bad_password) { 'goldilocks' }
+ let(:logon_fail_msg) { /Failed to logon user "fabio": Logon failure: unknown user name or bad password./ }
+
+ def expect_logon_failure_error(&block)
+ expect {
+ yield
+ }.to raise_error { |error|
+ expect(error).to be_a(Puppet::Util::Windows::Error)
+ # http://msdn.microsoft.com/en-us/library/windows/desktop/ms681385(v=vs.85).aspx
+ # ERROR_LOGON_FAILURE 1326
+ expect(error.code).to eq(1326)
+ }
+ end
+
+ describe "load_profile" do
+ it "should raise an error when provided with an incorrect username and password" do
+ expect_logon_failure_error {
+ Puppet::Util::Windows::User.load_profile(username, bad_password)
+ }
+ end
+
+ it "should raise an error when provided with an incorrect username and nil password" do
+ expect_logon_failure_error {
+ Puppet::Util::Windows::User.load_profile(username, nil)
+ }
+ end
+ end
+
+ describe "logon_user" do
+ it "should raise an error when provided with an incorrect username and password" do
+ expect_logon_failure_error {
+ Puppet::Util::Windows::User.logon_user(username, bad_password)
+ }
+ end
+
+ it "should raise an error when provided with an incorrect username and nil password" do
+ expect_logon_failure_error {
+ Puppet::Util::Windows::User.logon_user(username, nil)
+ }
+ end
+ end
+
+ describe "password_is?" do
+ it "should return false given an incorrect username and password" do
+ Puppet::Util::Windows::User.password_is?(username, bad_password).should be_false
+ end
+
+ it "should return false given an incorrect username and nil password" do
+ Puppet::Util::Windows::User.password_is?(username, nil).should be_false
+ end
+
+ it "should return false given a nil username and an incorrect password" do
+ Puppet::Util::Windows::User.password_is?(nil, bad_password).should be_false
+ end
+ end
+
+ describe "check_token_membership" do
+ it "should not raise an error" do
+ # added just to call an FFI code path on all platforms
+ lambda { Puppet::Util::Windows::User.check_token_membership }.should_not raise_error
+ end
end
end
end
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-07 07:45:59 +0000