Class: Chef::Util::Windows::NetUser

Inherits:

Chef::Util::Windows

• Object
• Chef::Util::Windows
• Chef::Util::Windows::NetUser

Defined in:

lib/chef/util/windows/net_user.rb

Overview

wrapper around a subset of the NetUser* APIs. nothing Chef specific, but not complete enough to be its own gem, so util for now.

Constant Summary

LOGON32_PROVIDER_DEFAULT =

Security::LOGON32_PROVIDER_DEFAULT

LOGON32_LOGON_NETWORK =

Security::LOGON32_LOGON_NETWORK

Instance Method Summary

• #add(args) ⇒ Object
• #check_enabled ⇒ Object
• #delete ⇒ Object
• #disable_account ⇒ Object
• #enable_account ⇒ Object
• #get_info ⇒ Object
• #initialize(username) ⇒ NetUser constructor

  A new instance of NetUser.

• #update(args) ⇒ Object
• #user_modify {|user| ... } ⇒ Object

  FIXME: yard with @yield.

• #validate_credentials(passwd) ⇒ Object

  XXX for an extra painful alternative, see: support.microsoft.com/kb/180548.

Constructor Details

#initialize(username) ⇒ NetUser

Returns a new instance of NetUser.

# File 'lib/chef/util/windows/net_user.rb', line 88

def initialize(username)
  @username = username
end

Instance Method Details

#add(args) ⇒ Object

# File 'lib/chef/util/windows/net_user.rb', line 112

def add(args)
  transformed_args = transform_usri3(args)
  NetUser.net_user_add_l3(nil, transformed_args)
  NetUser.net_local_group_add_member(nil, Chef::ReservedNames::Win32::Security::SID.BuiltinUsers.account_simple_name, args[:name])
end

#check_enabled ⇒ Object

# File 'lib/chef/util/windows/net_user.rb', line 161

def check_enabled
  (get_info()[:flags] & NetUser::UF_ACCOUNTDISABLE) != 0
end

#delete ⇒ Object

# File 'lib/chef/util/windows/net_user.rb', line 135

def delete
  NetUser.net_user_del(nil, @username)
rescue Chef::Exceptions::Win32APIError => e
  raise ArgumentError, e
end

#disable_account ⇒ Object

# File 'lib/chef/util/windows/net_user.rb', line 141

def disable_account
  user_modify do |user|
    user[:flags] |= NetUser::UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#enable_account ⇒ Object

# File 'lib/chef/util/windows/net_user.rb', line 151

def enable_account
  user_modify do |user|
    user[:flags] &= ~NetUser::UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#get_info ⇒ Object

# File 'lib/chef/util/windows/net_user.rb', line 103

def get_info
  begin
    ui3 = NetUser.net_user_get_info_l3(nil, @username)
  rescue Chef::Exceptions::Win32APIError => e
    raise ArgumentError, e
  end
  usri3_to_hash(ui3)
end

#update(args) ⇒ Object

# File 'lib/chef/util/windows/net_user.rb', line 127

def update(args)
  user_modify do |user|
    args.each do |key, val|
      user[key] = val
    end
  end
end

#user_modify {|user| ... } ⇒ Object

FIXME: yard with @yield

Yields:

• (user)

# File 'lib/chef/util/windows/net_user.rb', line 119

def user_modify
  user = get_info
  user[:last_logon] = user[:units_per_week] = 0 #ignored as per USER_INFO_3 doc
  user[:logon_hours] = nil #PBYTE field; \0 == no changes
  yield(user)
  set_info(user)
end

#validate_credentials(passwd) ⇒ Object

XXX for an extra painful alternative, see: support.microsoft.com/kb/180548

# File 'lib/chef/util/windows/net_user.rb', line 95

def validate_credentials(passwd)
  token = Security.logon_user(@username, nil, passwd,
             LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT)
  true
rescue Chef::Exceptions::Win32APIError
  false
end