Method: Inspec::Resources::WindowsGroup#groups

Defined in:
lib/inspec/resources/groups.rb

#groupsObject

returns all local groups



207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
 
# File 'lib/inspec/resources/groups.rb', line 207

def groups
  script = "    Function ConvertTo-SID { Param([byte[]]$BinarySID)\n      (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value\n    }\n    $Computername = $Env:Computername\n    $adsi = [ADSI]\"WinNT://$Computername\"\n    $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach {\n      $name = $_.Name[0]\n      $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0]\n      $group =[ADSI]$_.Path\n      $members = $_.Members() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) }\n      # An empty collection of these objects isn't properly converted to an empty array by ConvertTo-Json\n      if(-not [bool]$members) {\n        $members = @()\n      }\n      new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain = $Computername; members = $members}\n    }\n    $groups | ConvertTo-Json -Depth 3\n  EOH\n  cmd = inspec.powershell(script)\n  # cannot rely on exit code for now, successful command returns exit code 1\n  # return nil if cmd.exit_status != 0, try to parse json\n  begin\n    groups = JSON.parse(cmd.stdout)\n  rescue JSON::ParserError => _e\n    return []\n  end\n\n  # ensure we have an array of groups\n  groups = [groups] unless groups.is_a?(Array)\n  groups\nend\n"