From 8a754e0858d922e955e71b253c139e071ecec432 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 28 Apr 2024 18:04:21 +0200
Subject: Adding upstream version 2.14.3.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../user/tasks/test_password_lock_new_user.yml     | 63 ++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 test/integration/targets/user/tasks/test_password_lock_new_user.yml

(limited to 'test/integration/targets/user/tasks/test_password_lock_new_user.yml')

diff --git a/test/integration/targets/user/tasks/test_password_lock_new_user.yml b/test/integration/targets/user/tasks/test_password_lock_new_user.yml
new file mode 100644
index 0000000..dd4f23d
--- /dev/null
+++ b/test/integration/targets/user/tasks/test_password_lock_new_user.yml
@@ -0,0 +1,63 @@
+- name: Test password lock
+  when: ansible_facts.system in ['FreeBSD', 'OpenBSD', 'Linux']
+  block:
+    - name: Remove ansibulluser
+      user:
+        name: ansibulluser
+        state: absent
+        remove: yes
+
+    - name: Create ansibulluser with password and locked
+      user:
+        name: ansibulluser
+        password: "$6$rounds=656000$TT4O7jz2M57npccl$33LF6FcUMSW11qrESXL1HX0BS.bsiT6aenFLLiVpsQh6hDtI9pJh5iY7x8J7ePkN4fP8hmElidHXaeD51pbGS."
+        password_lock: yes
+      register: create_with_lock_1
+
+    - name: Create ansibulluser with password and locked again
+      user:
+        name: ansibulluser
+        password: "$6$rounds=656000$TT4O7jz2M57npccl$33LF6FcUMSW11qrESXL1HX0BS.bsiT6aenFLLiVpsQh6hDtI9pJh5iY7x8J7ePkN4fP8hmElidHXaeD51pbGS."
+        password_lock: yes
+      register: create_with_lock_2
+
+    - name: Ensure task reported changes appropriately
+      assert:
+        msg: The password_lock tasks did not make changes appropriately
+        that:
+          - create_with_lock_1 is changed
+          - create_with_lock_2 is not changed
+
+    - name: Verify account lock for BSD
+      when: ansible_facts.system in ['FreeBSD', 'OpenBSD']
+      block:
+        - name: BSD | Get account status
+          shell: "{{ status_command[ansible_facts['system']] }}"
+          register: account_status_locked
+
+        - name: FreeBSD | Ensure account is locked
+          assert:
+            that:
+              - "'LOCKED' in account_status_locked.stdout"
+          when: ansible_facts.system == 'FreeBSD'
+
+
+    - name: Verify account lock for Linux
+      when: ansible_facts.system == 'Linux'
+      block:
+        - name: LINUX | Get account status
+          getent:
+            database: shadow
+            key: ansibulluser
+
+        - name: LINUX | Ensure account is locked
+          assert:
+            that:
+              - getent_shadow['ansibulluser'][0].startswith('!')
+
+
+  always:
+    - name: Unlock account
+      user:
+        name: ansibulluser
+        password_lock: no
-- 
cgit v1.2.3