Class: Puppet::Util::ADSI::Group

Inherits:

Object

• Object
• Puppet::Util::ADSI::Group

Extended by:

Enumerable

Defined in:

lib/puppet/util/adsi.rb

Instance Attribute Summary

• #name ⇒ Object readonly
• #native_group ⇒ Object

Class Method Summary

• .create(name) ⇒ Object
• .delete(name) ⇒ Object
• .each(&block) ⇒ Object
• .exists?(name) ⇒ Boolean
• .name_sid_hash(names) ⇒ Object
• .uri(name, host = '.') ⇒ Object

Instance Method Summary

• #add_member_sids(*sids) ⇒ Object
• #add_members(*names) ⇒ Object (also: #add_member)
• #commit ⇒ Object
• #initialize(name, native_group = nil) ⇒ Group constructor

  A new instance of Group.

• #member_sids ⇒ Object
• #members ⇒ Object
• #remove_member_sids(*sids) ⇒ Object
• #remove_members(*names) ⇒ Object (also: #remove_member)
• #set_members(desired_members) ⇒ Object
• #uri ⇒ Object

Constructor Details

#initialize(name, native_group = nil) ⇒ Group

Returns a new instance of Group.

# File 'lib/puppet/util/adsi.rb', line 247

def initialize(name, native_group = nil)
  @name = name
  @native_group = native_group
end

Instance Attribute Details

#name ⇒ Object (readonly)

# File 'lib/puppet/util/adsi.rb', line 246

def name
  @name
end

#native_group ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 245

def native_group
  @native_group
end

Class Method Details

.create(name) ⇒ Object

Raises:

• (Puppet::Error)

# File 'lib/puppet/util/adsi.rb', line 343

def self.create(name)
  # Windows error 2224: The account already exists.
  raise Puppet::Error.new( "Cannot create group if user '#{name}' exists." ) if Puppet::Util::ADSI::User.exists? name
  new(name, Puppet::Util::ADSI.create(name, 'group'))
end

.delete(name) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 353

def self.delete(name)
  Puppet::Util::ADSI.delete(name, 'group')
end

.each(&block) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 357

def self.each(&block)
  wql = Puppet::Util::ADSI.execquery( 'select name from win32_group where localaccount = "TRUE"' )

  groups = []
  wql.each do |g|
    groups << new(g.name)
  end

  groups.each(&block)
end

.exists?(name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/puppet/util/adsi.rb', line 349

def self.exists?(name)
  Puppet::Util::ADSI.connectable?(Group.uri(name))
end

.name_sid_hash(names) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 275

def self.name_sid_hash(names)
  return [] if names.nil? or names.empty?

  sids = names.map do |name|
    sid = Puppet::Util::Windows::Security.name_to_sid_object(name)
    raise Puppet::Error.new( "Could not resolve username: #{name}" ) if !sid
    [sid.to_s, sid]
  end

  Hash[ sids ]
end

.uri(name, host = '.') ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 256

def self.uri(name, host = '.')
  if sid_uri = Puppet::Util::ADSI.sid_uri_safe(name) then return sid_uri end

  Puppet::Util::ADSI.uri(name, 'group', host)
end

Instance Method Details

#add_member_sids(*sids) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 301

def add_member_sids(*sids)
  sids.each do |sid|
    native_group.Add(Puppet::Util::ADSI.sid_uri(sid))
  end
end

#add_members(*names) ⇒ Object Also known as: add_member

# File 'lib/puppet/util/adsi.rb', line 287

def add_members(*names)
  Puppet.deprecation_warning('Puppet::Util::ADSI::Group#add_members is deprecated; please use Puppet::Util::ADSI::Group#add_member_sids')
  sids = self.class.name_sid_hash(names)
  add_member_sids(*sids.values)
end

#commit ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 266

def commit
  begin
    native_group.SetInfo unless native_group.nil?
  rescue Exception => e
    raise Puppet::Error.new( "Group update failed: #{e}", e )
  end
  self
end

#member_sids ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 320

def member_sids
  sids = []
  native_group.Members.each do |m|
    sids << Puppet::Util::Windows::Security.octet_string_to_sid_object(m.objectSID)
  end
  sids
end

#members ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 313

def members
  # WIN32OLE objects aren't enumerable, so no map
  members = []
  native_group.Members.each {|m| members << m.Name}
  members
end

#remove_member_sids(*sids) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 307

def remove_member_sids(*sids)
  sids.each do |sid|
    native_group.Remove(Puppet::Util::ADSI.sid_uri(sid))
  end
end

#remove_members(*names) ⇒ Object Also known as: remove_member

# File 'lib/puppet/util/adsi.rb', line 294

def remove_members(*names)
  Puppet.deprecation_warning('Puppet::Util::ADSI::Group#remove_members is deprecated; please use Puppet::Util::ADSI::Group#remove_member_sids')
  sids = self.class.name_sid_hash(names)
  remove_member_sids(*sids.values)
end

#set_members(desired_members) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 328

def set_members(desired_members)
  return if desired_members.nil? or desired_members.empty?

  current_hash = Hash[ self.member_sids.map { |sid| [sid.to_s, sid] } ]
  desired_hash = self.class.name_sid_hash(desired_members)

  # First we add all missing members
  members_to_add = (desired_hash.keys - current_hash.keys).map { |sid| desired_hash[sid] }
  add_member_sids(*members_to_add)

  # Then we remove all extra members
  members_to_remove = (current_hash.keys - desired_hash.keys).map { |sid| current_hash[sid] }
  remove_member_sids(*members_to_remove)
end

#uri ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 252

def uri
  self.class.uri(name)
end