Class: Inspec::Resources::SecurityPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/resources/security_policy.rb

Instance Method Summary collapse

Constructor Details

#initializeSecurityPolicy

Returns a new instance of SecurityPolicy.



25
26
27
28
29
 
# File 'lib/resources/security_policy.rb', line 25

def initialize
  @loaded = false
  @policy = nil
  @exit_status = nil
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method) ⇒ Object 



52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
# File 'lib/resources/security_policy.rb', line 52

def method_missing(method)
  # load data if needed
  if @loaded == false
    load
  end

  # find line with key
  key = Regexp.escape(method.to_s)
  target = ''
  @policy.each_line {|s|
    target = s.strip if s =~ /^\s*#{key}\s*=\s*(.*)\b/
  }

  # extract variable value
  result = target.match(/[=]{1}\s*(?<value>.*)/)

  if !result.nil?
    val = result[:value]
    val = val.to_i if val =~ /^\d+$/
  else
    # TODO: we may need to return skip or failure if the
    # requested value is not available
    val = nil
  end

  val
end

Instance Method Details

#loadObject

load security content



32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'lib/resources/security_policy.rb', line 32

def load
  # export the security policy
  cmd = inspec.command('secedit /export /cfg win_secpol.cfg')
  return nil if cmd.exit_status.to_i != 0

  # store file content
  cmd = inspec.command('Get-Content win_secpol.cfg')
  @exit_status = cmd.exit_status.to_i
  return nil if @exit_status != 0
  @policy = cmd.stdout
  @loaded = true

  # returns self
  self

ensure
  # delete temp file
  inspec.command('Remove-Item win_secpol.cfg').exit_status.to_i
end

#to_sObject 



80
81
82
 
# File 'lib/resources/security_policy.rb', line 80

def to_s
  'Security Policy'
end