Class: Puppet::Util::Windows::ADSI::Group

Inherits:

ADSIObject

• Object
• ADSIObject
• Puppet::Util::Windows::ADSI::Group

Defined in:

lib/puppet/util/windows.rb,
lib/puppet/util/windows/adsi.rb

Instance Attribute Summary

Attributes inherited from ADSIObject

#name

Class Method Summary

• .create(name) ⇒ Object
• .list_all ⇒ Object

Instance Method Summary

• #add_member_sids(*sids) ⇒ Object
• #members ⇒ Object (also: #member_sids)

  returns Puppet::Util::Windows::SID::Principal[] may contain objects that represent unresolvable SIDs qualified account names are returned by calling #domain_account.

• #remove_member_sids(*sids) ⇒ Object
• #set_members(desired_members, inclusive = true) ⇒ Object

Methods inherited from ADSIObject

#[], #[]=, #commit, delete, each, exists?, get_sids, #initialize, localized_domains, name_sid_hash, #native_object, #object_class, parse_name, #sid, #uri, uri

Methods included from Enumerable

#uniq

Constructor Details

This class inherits a constructor from Puppet::Util::Windows::ADSI::ADSIObject

Class Method Details

.create(name) ⇒ Object

Raises:

• (Puppet::Error)

# File 'lib/puppet/util/windows/adsi.rb', line 520

def create(name)
  # Windows error 2224: The account already exists.
  raise Puppet::Error.new( _("Cannot create group if user '%{name}' exists.") % { name: name } ) if Puppet::Util::Windows::ADSI::User.exists?(name)
  new(name, Puppet::Util::Windows::ADSI.create(name, @object_class))
end

.list_all ⇒ Object

# File 'lib/puppet/util/windows/adsi.rb', line 516

def list_all
  Puppet::Util::Windows::ADSI.execquery('select name from win32_group where localaccount = "TRUE"')
end

Instance Method Details

#add_member_sids(*sids) ⇒ Object

# File 'lib/puppet/util/windows/adsi.rb', line 527

def add_member_sids(*sids)
  sids.each do |sid|
    native_object.Add(Puppet::Util::Windows::ADSI.sid_uri(sid))
  end
end

#members ⇒ Object Also known as: member_sids

returns Puppet::Util::Windows::SID::Principal[] may contain objects that represent unresolvable SIDs qualified account names are returned by calling #domain_account

# File 'lib/puppet/util/windows/adsi.rb', line 542

def members
  self.class.get_sids(native_object.Members)
end

#remove_member_sids(*sids) ⇒ Object

# File 'lib/puppet/util/windows/adsi.rb', line 533

def remove_member_sids(*sids)
  sids.each do |sid|
    native_object.Remove(Puppet::Util::Windows::ADSI.sid_uri(sid))
  end
end

#set_members(desired_members, inclusive = true) ⇒ Object

# File 'lib/puppet/util/windows/adsi.rb', line 547

def set_members(desired_members, inclusive = true)
  return if desired_members.nil?

  current_hash = Hash[ self.member_sids.map { |sid| [sid.sid, sid] } ]
  desired_hash = self.class.name_sid_hash(desired_members)

  # First we add all missing members
  if !desired_hash.empty?
    members_to_add = (desired_hash.keys - current_hash.keys).map { |sid| desired_hash[sid] }
    add_member_sids(*members_to_add)
  end

  # Then we remove all extra members if inclusive
  if inclusive
    if desired_hash.empty?
      members_to_remove = current_hash.values
    else
      members_to_remove = (current_hash.keys - desired_hash.keys).map { |sid| current_hash[sid] }
    end

    remove_member_sids(*members_to_remove)
  end
end