sys-admin 1.7.4 → 1.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -5,297 +5,6 @@ require 'win32/registry'
5
5
  require 'socket'
6
6
 
7
7
  module Sys
8
- class Group
9
- # Short description of the object.
10
- attr_accessor :caption
11
-
12
- # Description of the group.
13
- attr_accessor :description
14
-
15
- # Name of the Windows domain to which the group account belongs.
16
- attr_accessor :domain
17
-
18
- # Date the group was added.
19
- attr_accessor :install_date
20
-
21
- # Name of the Windows group account on the Group#domain specified.
22
- attr_accessor :name
23
-
24
- # Security identifier for this group.
25
- attr_accessor :sid
26
-
27
- # Current status for the group, such as "ok", "error", etc.
28
- attr_accessor :status
29
-
30
- # The group ID.
31
- attr_accessor :gid
32
-
33
- # Sets whether or not the group is local (as opposed to global).
34
- attr_writer :local
35
-
36
- # An array of members for that group. May contain SID's.
37
- attr_accessor :members
38
-
39
- # Creates and returns a new Group object. This class encapsulates
40
- # the information for a group account, whether it be global or local.
41
- #
42
- # Yields +self+ if a block is given.
43
- #
44
- def initialize
45
- yield self if block_given?
46
- end
47
-
48
- # Returns whether or not the group is a local group.
49
- #
50
- def local?
51
- @local
52
- end
53
-
54
- # Returns the type of SID (Security Identifier) as a stringified value.
55
- #
56
- def sid_type
57
- @sid_type
58
- end
59
-
60
- # Sets the SID (Security Identifier) type to +stype+, which can be
61
- # one of the following constant values:
62
- #
63
- # * Admin::SidTypeUser
64
- # * Admin::SidTypeGroup
65
- # * Admin::SidTypeDomain
66
- # * Admin::SidTypeAlias
67
- # * Admin::SidTypeWellKnownGroup
68
- # * Admin::SidTypeDeletedAccount
69
- # * Admin::SidTypeInvalid
70
- # * Admin::SidTypeUnknown
71
- # * Admin::SidTypeComputer
72
- #
73
- def sid_type=(stype)
74
- if stype.kind_of?(String)
75
- @sid_type = stype.downcase
76
- else
77
- case stype
78
- when Admin::SidTypeUser
79
- @sid_type = "user"
80
- when Admin::SidTypeGroup
81
- @sid_type = "group"
82
- when Admin::SidTypeDomain
83
- @sid_type = "domain"
84
- when Admin::SidTypeAlias
85
- @sid_type = "alias"
86
- when Admin::SidTypeWellKnownGroup
87
- @sid_type = "well_known_group"
88
- when Admin::SidTypeDeletedAccount
89
- @sid_type = "deleted_account"
90
- when Admin::SidTypeInvalid
91
- @sid_type = "invalid"
92
- when Admin::SidTypeUnknown
93
- @sid_type = "unknown"
94
- when Admin::SidTypeComputer
95
- @sid_type = "computer"
96
- else
97
- @sid_type = "unknown"
98
- end
99
- end
100
-
101
- @sid_type
102
- end
103
- end
104
-
105
- class User
106
- # An account for users whose primary account is in another domain.
107
- TEMP_DUPLICATE = 0x0100
108
-
109
- # Default account type that represents a typical user.
110
- NORMAL = 0x0200
111
-
112
- # A permit to trust account for a domain that trusts other domains.
113
- INTERDOMAIN_TRUST = 0x0800
114
-
115
- # An account for a Windows NT/2000 workstation or server that is a
116
- # member of this domain.
117
- WORKSTATION_TRUST = 0x1000
118
-
119
- # A computer account for a backup domain controller that is a member
120
- # of this domain.
121
- SERVER_TRUST = 0x2000
122
-
123
- # Domain and username of the account.
124
- attr_accessor :caption
125
-
126
- # Description of the account.
127
- attr_accessor :description
128
-
129
- # Name of the Windows domain to which a user account belongs.
130
- attr_accessor :domain
131
-
132
- # The user's password.
133
- attr_accessor :password
134
-
135
- # Full name of a local user.
136
- attr_accessor :full_name
137
-
138
- # An array of groups to which the user belongs.
139
- attr_accessor :groups
140
-
141
- # Date the user account was created.
142
- attr_accessor :install_date
143
-
144
- # Name of the Windows user account on the domain that the User#domain
145
- # property specifies.
146
- attr_accessor :name
147
-
148
- # The user's security identifier.
149
- attr_accessor :sid
150
-
151
- # Current status for the user, such as "ok", "error", etc.
152
- attr_accessor :status
153
-
154
- # The user's id (RID).
155
- attr_accessor :uid
156
-
157
- # The user's primary group ID.
158
- attr_accessor :gid
159
-
160
- # The user's home directory
161
- attr_accessor :dir
162
-
163
- # Used to set whether or not the account is disabled.
164
- attr_writer :disabled
165
-
166
- # Sets whether or not the account is defined on the local computer.
167
- attr_writer :local
168
-
169
- # Sets whether or not the account is locked out of the OS.
170
- attr_writer :lockout
171
-
172
- # Sets whether or not the password for the account can be changed.
173
- attr_writer :password_changeable
174
-
175
- # Sets whether or not the password for the account expires.
176
- attr_writer :password_expires
177
-
178
- # Sets whether or not a password is required for the account.
179
- attr_writer :password_required
180
-
181
- # Returns the account type as a human readable string.
182
- attr_reader :account_type
183
-
184
- # Creates an returns a new User object. A User object encapsulates a
185
- # user account on the operating system.
186
- #
187
- # Yields +self+ if a block is provided.
188
- #
189
- def initialize
190
- yield self if block_given?
191
- end
192
-
193
- # Sets the account type for the account. Possible values are:
194
- #
195
- # * User::TEMP_DUPLICATE
196
- # * User::NORMAL
197
- # * User::INTERDOMAIN_TRUST
198
- # * User::WORKSTATION_TRUST
199
- # * User::SERVER_TRUST
200
- #
201
- def account_type=(type)
202
- case type
203
- when TEMP_DUPLICATE
204
- @account_type = 'duplicate'
205
- when NORMAL
206
- @account_type = 'normal'
207
- when INTERDOMAIN_TRUST
208
- @account_type = 'interdomain_trust'
209
- when WORKSTATION_TRUST
210
- @account_type = 'workstation_trust'
211
- when SERVER_TRUST
212
- @account_type = 'server_trust'
213
- else
214
- @account_type = 'unknown'
215
- end
216
- end
217
-
218
- # Returns the SID type as a human readable string.
219
- #
220
- def sid_type
221
- @sid_type
222
- end
223
-
224
- # Sets the SID (Security Identifier) type to +stype+, which can be
225
- # one of the following constant values:
226
- #
227
- # * Admin::SidTypeUser
228
- # * Admin::SidTypeGroup
229
- # * Admin::SidTypeDomain
230
- # * Admin::SidTypeAlias
231
- # * Admin::SidTypeWellKnownGroup
232
- # * Admin::SidTypeDeletedAccount
233
- # * Admin::SidTypeInvalid
234
- # * Admin::SidTypeUnknown
235
- # * Admin::SidTypeComputer
236
- #
237
- def sid_type=(stype)
238
- case stype
239
- when Admin::SidTypeUser
240
- @sid_type = 'user'
241
- when Admin::SidTypeGroup
242
- @sid_type = 'group'
243
- when Admin::SidTypeDomain
244
- @sid_type = 'domain'
245
- when Admin::SidTypeAlias
246
- @sid_type = 'alias'
247
- when Admin::SidTypeWellKnownGroup
248
- @sid_type = 'well_known_group'
249
- when Admin::SidTypeDeletedAccount
250
- @sid_type = 'deleted_account'
251
- when Admin::SidTypeInvalid
252
- @sid_type = 'invalid'
253
- when Admin::SidTypeUnknown
254
- @sid_type = 'unknown'
255
- when Admin::SidTypeComputer
256
- @sid_type = 'computer'
257
- else
258
- @sid_type = 'unknown'
259
- end
260
- end
261
-
262
- # Returns whether or not the account is disabled.
263
- #
264
- def disabled?
265
- @disabled
266
- end
267
-
268
- # Returns whether or not the account is local.
269
- #
270
- def local?
271
- @local
272
- end
273
-
274
- # Returns whether or not the account is locked out.
275
- #
276
- def lockout?
277
- @lockout
278
- end
279
-
280
- # Returns whether or not the password for the account is changeable.
281
- #
282
- def password_changeable?
283
- @password_changeable
284
- end
285
-
286
- # Returns whether or not the password for the account is changeable.
287
- #
288
- def password_expires?
289
- @password_expires
290
- end
291
-
292
- # Returns whether or not the a password is required for the account.
293
- #
294
- def password_required?
295
- @password_required
296
- end
297
- end
298
-
299
8
  class Admin
300
9
  extend FFI::Library
301
10
 
@@ -314,9 +23,8 @@ module Sys
314
23
  SidTypeUnknown = 8
315
24
  SidTypeComputer = 9
316
25
 
317
- private
318
-
319
26
  HKEY = "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\"
27
+ private_constant :HKEY
320
28
 
321
29
  # Retrieves the user's home directory. For local accounts query the
322
30
  # registry. For domain accounts use ADSI and use the HomeDirectory.
@@ -343,6 +51,8 @@ module Sys
343
51
  dir
344
52
  end
345
53
 
54
+ private_class_method :get_home_dir
55
+
346
56
  # A private method that lower cases all keys, and converts them
347
57
  # all to symbols.
348
58
  #
@@ -357,6 +67,8 @@ module Sys
357
67
  rhash
358
68
  end
359
69
 
70
+ private_class_method :munge_options
71
+
360
72
  # An internal, private method for getting a list of groups for
361
73
  # a particular user. The first member is a list of group names,
362
74
  # the second member is the primary group ID.
@@ -368,6 +80,8 @@ module Sys
368
80
  [array, adsi.PrimaryGroupId]
369
81
  end
370
82
 
83
+ private_class_method :get_groups
84
+
371
85
  # An internal, private method for getting a list of members for
372
86
  # any particular group.
373
87
  #
@@ -378,13 +92,13 @@ module Sys
378
92
  array
379
93
  end
380
94
 
95
+ private_class_method :get_members
96
+
381
97
  # Used by the get_login method
382
98
  ffi_lib :advapi32
383
99
  attach_function :GetUserNameW, [:pointer, :pointer], :bool
384
100
  private_class_method :GetUserNameW
385
101
 
386
- public
387
-
388
102
  # Creates the given +user+. If no domain option is specified,
389
103
  # then it defaults to your local host, i.e. a local account is
390
104
  # created.
@@ -705,10 +419,18 @@ module Sys
705
419
  end
706
420
  }
707
421
 
708
- if usr.kind_of?(Fixnum)
709
- query << " and sid like '%-#{usr}'"
422
+ if usr.kind_of?(Numeric)
423
+ if i == 0
424
+ query << " where sid like '%-#{usr}'"
425
+ else
426
+ query << " and sid like '%-#{usr}'"
427
+ end
710
428
  else
711
- query << " and name = '#{usr}'"
429
+ if i == 0
430
+ query << " where name = '#{usr}'"
431
+ else
432
+ query << " and name = '#{usr}'"
433
+ end
712
434
  end
713
435
 
714
436
  domain = options[:domain] || host
@@ -718,7 +440,7 @@ module Sys
718
440
 
719
441
  # Because our 'like' query isn't fulproof, let's parse
720
442
  # the SID again to make sure
721
- if usr.kind_of?(Fixnum)
443
+ if usr.kind_of?(Numeric)
722
444
  next if usr != uid
723
445
  end
724
446
 
@@ -886,10 +608,18 @@ module Sys
886
608
  end
887
609
  }
888
610
 
889
- if grp.kind_of?(Fixnum)
890
- query << " and sid like '%-#{grp}'"
611
+ if grp.kind_of?(Integer)
612
+ if i == 0
613
+ query << " where sid like '%-#{grp}'"
614
+ else
615
+ query << " and sid like '%-#{grp}'"
616
+ end
891
617
  else
892
- query << " and name = '#{grp}'"
618
+ if i == 0
619
+ query << " where name = '#{grp}'"
620
+ else
621
+ query << " and name = '#{grp}'"
622
+ end
893
623
  end
894
624
 
895
625
  domain = options[:domain] || host
@@ -899,7 +629,7 @@ module Sys
899
629
 
900
630
  # Because our 'like' query isn't fulproof, let's parse
901
631
  # the SID again to make sure
902
- if grp.kind_of?(Fixnum)
632
+ if grp.kind_of?(Integer)
903
633
  next if grp != gid
904
634
  end
905
635
 
@@ -993,5 +723,296 @@ module Sys
993
723
 
994
724
  array
995
725
  end
726
+
727
+ class User
728
+ # An account for users whose primary account is in another domain.
729
+ TEMP_DUPLICATE = 0x0100
730
+
731
+ # Default account type that represents a typical user.
732
+ NORMAL = 0x0200
733
+
734
+ # A permit to trust account for a domain that trusts other domains.
735
+ INTERDOMAIN_TRUST = 0x0800
736
+
737
+ # An account for a Windows NT/2000 workstation or server that is a
738
+ # member of this domain.
739
+ WORKSTATION_TRUST = 0x1000
740
+
741
+ # A computer account for a backup domain controller that is a member
742
+ # of this domain.
743
+ SERVER_TRUST = 0x2000
744
+
745
+ # Domain and username of the account.
746
+ attr_accessor :caption
747
+
748
+ # Description of the account.
749
+ attr_accessor :description
750
+
751
+ # Name of the Windows domain to which a user account belongs.
752
+ attr_accessor :domain
753
+
754
+ # The user's password.
755
+ attr_accessor :password
756
+
757
+ # Full name of a local user.
758
+ attr_accessor :full_name
759
+
760
+ # An array of groups to which the user belongs.
761
+ attr_accessor :groups
762
+
763
+ # Date the user account was created.
764
+ attr_accessor :install_date
765
+
766
+ # Name of the Windows user account on the domain that the User#domain
767
+ # property specifies.
768
+ attr_accessor :name
769
+
770
+ # The user's security identifier.
771
+ attr_accessor :sid
772
+
773
+ # Current status for the user, such as "ok", "error", etc.
774
+ attr_accessor :status
775
+
776
+ # The user's id (RID).
777
+ attr_accessor :uid
778
+
779
+ # The user's primary group ID.
780
+ attr_accessor :gid
781
+
782
+ # The user's home directory
783
+ attr_accessor :dir
784
+
785
+ # Used to set whether or not the account is disabled.
786
+ attr_writer :disabled
787
+
788
+ # Sets whether or not the account is defined on the local computer.
789
+ attr_writer :local
790
+
791
+ # Sets whether or not the account is locked out of the OS.
792
+ attr_writer :lockout
793
+
794
+ # Sets whether or not the password for the account can be changed.
795
+ attr_writer :password_changeable
796
+
797
+ # Sets whether or not the password for the account expires.
798
+ attr_writer :password_expires
799
+
800
+ # Sets whether or not a password is required for the account.
801
+ attr_writer :password_required
802
+
803
+ # Returns the account type as a human readable string.
804
+ attr_reader :account_type
805
+
806
+ # Creates an returns a new User object. A User object encapsulates a
807
+ # user account on the operating system.
808
+ #
809
+ # Yields +self+ if a block is provided.
810
+ #
811
+ def initialize
812
+ yield self if block_given?
813
+ end
814
+
815
+ # Sets the account type for the account. Possible values are:
816
+ #
817
+ # * User::TEMP_DUPLICATE
818
+ # * User::NORMAL
819
+ # * User::INTERDOMAIN_TRUST
820
+ # * User::WORKSTATION_TRUST
821
+ # * User::SERVER_TRUST
822
+ #
823
+ def account_type=(type)
824
+ case type
825
+ when TEMP_DUPLICATE
826
+ @account_type = 'duplicate'
827
+ when NORMAL
828
+ @account_type = 'normal'
829
+ when INTERDOMAIN_TRUST
830
+ @account_type = 'interdomain_trust'
831
+ when WORKSTATION_TRUST
832
+ @account_type = 'workstation_trust'
833
+ when SERVER_TRUST
834
+ @account_type = 'server_trust'
835
+ else
836
+ @account_type = 'unknown'
837
+ end
838
+ end
839
+
840
+ # Returns the SID type as a human readable string.
841
+ #
842
+ def sid_type
843
+ @sid_type
844
+ end
845
+
846
+ # Sets the SID (Security Identifier) type to +stype+, which can be
847
+ # one of the following constant values:
848
+ #
849
+ # * Admin::SidTypeUser
850
+ # * Admin::SidTypeGroup
851
+ # * Admin::SidTypeDomain
852
+ # * Admin::SidTypeAlias
853
+ # * Admin::SidTypeWellKnownGroup
854
+ # * Admin::SidTypeDeletedAccount
855
+ # * Admin::SidTypeInvalid
856
+ # * Admin::SidTypeUnknown
857
+ # * Admin::SidTypeComputer
858
+ #
859
+ def sid_type=(stype)
860
+ case stype
861
+ when Admin::SidTypeUser
862
+ @sid_type = 'user'
863
+ when Admin::SidTypeGroup
864
+ @sid_type = 'group'
865
+ when Admin::SidTypeDomain
866
+ @sid_type = 'domain'
867
+ when Admin::SidTypeAlias
868
+ @sid_type = 'alias'
869
+ when Admin::SidTypeWellKnownGroup
870
+ @sid_type = 'well_known_group'
871
+ when Admin::SidTypeDeletedAccount
872
+ @sid_type = 'deleted_account'
873
+ when Admin::SidTypeInvalid
874
+ @sid_type = 'invalid'
875
+ when Admin::SidTypeUnknown
876
+ @sid_type = 'unknown'
877
+ when Admin::SidTypeComputer
878
+ @sid_type = 'computer'
879
+ else
880
+ @sid_type = 'unknown'
881
+ end
882
+ end
883
+
884
+ # Returns whether or not the account is disabled.
885
+ #
886
+ def disabled?
887
+ @disabled
888
+ end
889
+
890
+ # Returns whether or not the account is local.
891
+ #
892
+ def local?
893
+ @local
894
+ end
895
+
896
+ # Returns whether or not the account is locked out.
897
+ #
898
+ def lockout?
899
+ @lockout
900
+ end
901
+
902
+ # Returns whether or not the password for the account is changeable.
903
+ #
904
+ def password_changeable?
905
+ @password_changeable
906
+ end
907
+
908
+ # Returns whether or not the password for the account is changeable.
909
+ #
910
+ def password_expires?
911
+ @password_expires
912
+ end
913
+
914
+ # Returns whether or not the a password is required for the account.
915
+ #
916
+ def password_required?
917
+ @password_required
918
+ end
919
+ end
920
+
921
+ class Group
922
+ # Short description of the object.
923
+ attr_accessor :caption
924
+
925
+ # Description of the group.
926
+ attr_accessor :description
927
+
928
+ # Name of the Windows domain to which the group account belongs.
929
+ attr_accessor :domain
930
+
931
+ # Date the group was added.
932
+ attr_accessor :install_date
933
+
934
+ # Name of the Windows group account on the Group#domain specified.
935
+ attr_accessor :name
936
+
937
+ # Security identifier for this group.
938
+ attr_accessor :sid
939
+
940
+ # Current status for the group, such as "ok", "error", etc.
941
+ attr_accessor :status
942
+
943
+ # The group ID.
944
+ attr_accessor :gid
945
+
946
+ # Sets whether or not the group is local (as opposed to global).
947
+ attr_writer :local
948
+
949
+ # An array of members for that group. May contain SID's.
950
+ attr_accessor :members
951
+
952
+ # Creates and returns a new Group object. This class encapsulates
953
+ # the information for a group account, whether it be global or local.
954
+ #
955
+ # Yields +self+ if a block is given.
956
+ #
957
+ def initialize
958
+ yield self if block_given?
959
+ end
960
+
961
+ # Returns whether or not the group is a local group.
962
+ #
963
+ def local?
964
+ @local
965
+ end
966
+
967
+ # Returns the type of SID (Security Identifier) as a stringified value.
968
+ #
969
+ def sid_type
970
+ @sid_type
971
+ end
972
+
973
+ # Sets the SID (Security Identifier) type to +stype+, which can be
974
+ # one of the following constant values:
975
+ #
976
+ # * Admin::SidTypeUser
977
+ # * Admin::SidTypeGroup
978
+ # * Admin::SidTypeDomain
979
+ # * Admin::SidTypeAlias
980
+ # * Admin::SidTypeWellKnownGroup
981
+ # * Admin::SidTypeDeletedAccount
982
+ # * Admin::SidTypeInvalid
983
+ # * Admin::SidTypeUnknown
984
+ # * Admin::SidTypeComputer
985
+ #
986
+ def sid_type=(stype)
987
+ if stype.kind_of?(String)
988
+ @sid_type = stype.downcase
989
+ else
990
+ case stype
991
+ when Admin::SidTypeUser
992
+ @sid_type = "user"
993
+ when Admin::SidTypeGroup
994
+ @sid_type = "group"
995
+ when Admin::SidTypeDomain
996
+ @sid_type = "domain"
997
+ when Admin::SidTypeAlias
998
+ @sid_type = "alias"
999
+ when Admin::SidTypeWellKnownGroup
1000
+ @sid_type = "well_known_group"
1001
+ when Admin::SidTypeDeletedAccount
1002
+ @sid_type = "deleted_account"
1003
+ when Admin::SidTypeInvalid
1004
+ @sid_type = "invalid"
1005
+ when Admin::SidTypeUnknown
1006
+ @sid_type = "unknown"
1007
+ when Admin::SidTypeComputer
1008
+ @sid_type = "computer"
1009
+ else
1010
+ @sid_type = "unknown"
1011
+ end
1012
+ end
1013
+
1014
+ @sid_type
1015
+ end
1016
+ end
996
1017
  end
997
1018
  end
@@ -0,0 +1,13 @@
1
+ require 'rspec'
2
+ require 'sys-admin'
3
+
4
+ RSpec.configure do |config|
5
+ config.filter_run_excluding(:darwin) if Gem::Platform.local.os != 'darwin'
6
+ config.filter_run_excluding(:windows) unless Gem.win_platform?
7
+
8
+ if Gem.win_platform?
9
+ config.filter_run_excluding(:unix)
10
+ require 'win32-security'
11
+ require 'socket'
12
+ end
13
+ end