class Inspec::Resources::SecurityPolicy
def content
def content read_content end
def convert_hash(hash)
def convert_hash(hash) new_hash = {} hash.each do |k, v| v.is_a?(Hash) ? value = convert_hash(v) : value = extract_value(v) new_hash[k.strip] = value end new_hash end
def extract_value(val)
extracts the values, this methods detects:
def extract_value(val) if val =~ /^\d+$/ val.to_i # special handling for SID array elsif val =~ /^\*\S/ val.split(',').map { |v| v.sub('*S', 'S') } # special handling for string values with " elsif !(m = /^\"(.*)\"$/.match(val)).nil? m[1] else val end end
def method_missing(name)
def method_missing(name) params = read_params return nil if params.nil? # deep search for hash key params.extend Hashie::Extensions::DeepFind res = params.deep_find(name.to_s) # return an empty array if configuration does not include rights configuration return [] if res.nil? && MS_PRIVILEGES_RIGHTS.include?(name.to_s) res end
def params(*opts)
def params(*opts) opts.inject(read_params) do |res, nxt| res.respond_to?(:key) ? res[nxt] : nil end end
def read_content
def read_content return @content if defined?(@content) # export the security policy cmd = inspec.command('secedit /export /cfg win_secpol.cfg') return nil if cmd.exit_status.to_i != 0 # store file content cmd = inspec.command('Get-Content win_secpol.cfg') return skip_resource "Can't read security policy" if cmd.exit_status.to_i != 0 @content = cmd.stdout if @content.empty? && file.size > 0 return skip_resource "Can't read security policy" end @content ensure # delete temp file inspec.command('Remove-Item win_secpol.cfg').exit_status.to_i end
def read_params
def read_params return @params if defined?(@params) return @params = {} if read_content.nil? conf = SimpleConfig.new( @content, assignment_re: /^\s*(.*)=\s*(\S*)\s*$/, ) @params = convert_hash(conf.params) end
def to_s
def to_s 'Security Policy' end