Skip to content

Commit db202d7

Browse files
yaakoviyunyaakoviyun
committed
Merge pull request #5 from yaakoviyun/build
merge
2 parents b795424 + 7436ae1 commit db202d7

21 files changed

+13186
-997
lines changed

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/SecurityTests.cs

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -183,5 +183,53 @@ public void TestServerStorageKeyRotation()
183183
{
184184
RunPowerShellTest("Test-ServerStorageKeyRotation");
185185
}
186+
187+
[Fact(Skip = "Skip for the version header upgrade on Storage library.")]
188+
[Trait(Category.RunType, Category.LiveOnly)]
189+
[Trait(Category.AcceptanceType, Category.CheckIn)]
190+
public void TestServerUpdatePolicyWithRetention()
191+
{
192+
RunPowerShellTest("Test-ServerUpdatePolicyWithRetention");
193+
}
194+
195+
[Fact(Skip = "Skip for the version header upgrade on Storage library.")]
196+
[Trait(Category.RunType, Category.LiveOnly)]
197+
[Trait(Category.AcceptanceType, Category.CheckIn)]
198+
public void TestDatabaseUpdatePolicyWithRetention()
199+
{
200+
RunPowerShellTest("Test-DatabaseUpdatePolicyWithRetention");
201+
}
202+
203+
[Fact(Skip = "Skip for the version header upgrade on Storage library.")]
204+
[Trait(Category.RunType, Category.LiveOnly)]
205+
[Trait(Category.AcceptanceType, Category.CheckIn)]
206+
public void TestServerRetentionKeepProperties()
207+
{
208+
RunPowerShellTest("Test-ServerRetentionKeepProperties");
209+
}
210+
211+
[Fact(Skip = "Skip for the version header upgrade on Storage library.")]
212+
[Trait(Category.RunType, Category.LiveOnly)]
213+
[Trait(Category.AcceptanceType, Category.CheckIn)]
214+
public void TestDatabaseRetentionKeepProperties()
215+
{
216+
RunPowerShellTest("Test-DatabaseRetentionKeepProperties");
217+
}
218+
219+
[Fact(Skip = "Skip for the version header upgrade on Storage library.")]
220+
[Trait(Category.RunType, Category.LiveOnly)]
221+
[Trait(Category.AcceptanceType, Category.CheckIn)]
222+
public void TestServerRetentionMissing()
223+
{
224+
RunPowerShellTest("Test-ServerRetentionMissing");
225+
}
226+
227+
[Fact(Skip = "Skip for the version header upgrade on Storage library.")]
228+
[Trait(Category.RunType, Category.LiveOnly)]
229+
[Trait(Category.AcceptanceType, Category.CheckIn)]
230+
public void TestDatabaseRetentionMissing()
231+
{
232+
RunPowerShellTest("Test-DatabaseRetentionMissing");
233+
}
186234
}
187235
}

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/SecurityTests.ps1

Lines changed: 217 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -156,14 +156,11 @@ function Test-DatabaseUpdatePolicyWithEventTypes
156156
Assert-AreEqual $policy.EventType.Length 15
157157

158158
# Test
159-
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure","DataAccess","DataChanges","RevokePermissions"
159+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure"
160160
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
161161

162162
# Assert
163-
Assert-AreEqual $policy.EventType.Length 6
164-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataAccess)}
165-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataChanges)}
166-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::RevokePermissions)}
163+
Assert-AreEqual $policy.EventType.Length 3
167164
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::PlainSQL_Success)}
168165
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Success)}
169166
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Failure)}
@@ -203,18 +200,16 @@ function Test-ServerUpdatePolicyWithEventTypes
203200
Assert-AreEqual $policy.EventType.Length 15
204201

205202
# Test
206-
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "DataAccess","DataChanges","RevokePermissions","PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure"
203+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure"
207204
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
208205

209206
# Assert
210-
Assert-AreEqual $policy.EventType.Length 6
211-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataAccess)}
212-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataChanges)}
213-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::RevokePermissions)}
207+
Assert-AreEqual $policy.EventType.Length 3
214208
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::PlainSQL_Success)}
215209
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Success)}
216210
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Failure)}
217211

212+
218213
# Test
219214
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "None"
220215
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
@@ -276,6 +271,10 @@ function Test-DatabaseUpdatePolicyWithEventTypeShortcuts
276271
Assert-Throws {Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "None", "All"}
277272
Assert-Throws {Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "All"}
278273
Assert-Throws {Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "None"}
274+
275+
#Test - If the event types includes new events and deprecated events we throw error
276+
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "DataAccess"}
277+
279278
}
280279
finally
281280
{
@@ -331,6 +330,9 @@ function Test-ServerUpdatePolicyWithEventTypeShortcuts
331330
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "None", "All"}
332331
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "All"}
333332
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "None"}
333+
334+
#Test - If the event types includes new events and deprecated events we throw error
335+
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "DataAccess"}
334336
}
335337
finally
336338
{
@@ -731,4 +733,208 @@ function Test-DatabaseStorageKeyRotation
731733
# Cleanup
732734
Remove-TestEnvironment $testSuffix
733735
}
734-
}
736+
}
737+
<#
738+
.SYNOPSIS
739+
Tests that when setting the retention values of server policy, that values is later fetched properly.
740+
#>
741+
function Test-ServerUpdatePolicyWithRetention
742+
{
743+
# Setup
744+
$testSuffix = 202
745+
Create-TestEnvironment $testSuffix
746+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
747+
748+
try
749+
{
750+
# Test
751+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
752+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
753+
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
754+
755+
# Assert
756+
Assert-AreEqual $policy.RetentionInDays 10
757+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
758+
}
759+
finally
760+
{
761+
# Cleanup
762+
Remove-TestEnvironment $testSuffix
763+
}
764+
}
765+
766+
<#
767+
.SYNOPSIS
768+
Tests that when setting the retention values of database policy, that values is later fetched properly.
769+
#>
770+
function Test-DatabaseUpdatePolicyWithRetention
771+
{
772+
# Setup
773+
$testSuffix = 203
774+
Create-TestEnvironment $testSuffix
775+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
776+
777+
try
778+
{
779+
# Test
780+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
781+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
782+
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
783+
784+
# Assert
785+
Assert-AreEqual $policy.RetentionInDays 10
786+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
787+
}
788+
finally
789+
{
790+
# Cleanup
791+
Remove-TestEnvironment $testSuffix
792+
}
793+
}
794+
795+
<#
796+
.SYNOPSIS
797+
Tests that after setting the retention values to a server auditing policy, this value is used on next policy set operations as default.
798+
#>
799+
function Test-ServerRetentionKeepProperties
800+
{
801+
# Setup
802+
$testSuffix = 204
803+
Create-TestEnvironment $testSuffix
804+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
805+
806+
try
807+
{
808+
# Test
809+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
810+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
811+
812+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -RetentionInDays 11;
813+
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
814+
815+
# Assert
816+
Assert-AreEqual $policy.RetentionInDays 11
817+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
818+
819+
# Test
820+
$retentionTableIdentifier = "retentionTableIdentifier1" + $testSuffix;
821+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -TableIdentifier $retentionTableIdentifier;
822+
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
823+
824+
# Assert
825+
Assert-AreEqual $policy.RetentionInDays 11
826+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
827+
}
828+
finally
829+
{
830+
# Cleanup
831+
Remove-TestEnvironment $testSuffix
832+
}
833+
}
834+
835+
<#
836+
.SYNOPSIS
837+
Tests that after setting the retention values to a database auditing policy, this value is used on next policy set operations as default.
838+
#>
839+
function Test-DatabaseRetentionKeepProperties
840+
{
841+
# Setup
842+
$testSuffix = 205
843+
Create-TestEnvironment $testSuffix
844+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
845+
846+
try
847+
{
848+
# Test
849+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
850+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
851+
852+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -RetentionInDays 11;
853+
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
854+
855+
# Assert
856+
Assert-AreEqual $policy.RetentionInDays 11
857+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
858+
859+
# Test
860+
$retentionTableIdentifier = "retentionTableIdentifier1" + $testSuffix;
861+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -TableIdentifier $retentionTableIdentifier;
862+
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
863+
864+
# Assert
865+
Assert-AreEqual $policy.RetentionInDays 11
866+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
867+
}
868+
finally
869+
{
870+
# Cleanup
871+
Remove-TestEnvironment $testSuffix
872+
}
873+
}
874+
875+
876+
<#
877+
.SYNOPSIS
878+
Tests the case when one of the retention values is missing from the server policy.
879+
#>
880+
function Test-ServerRetentionMissing
881+
{
882+
# Setup
883+
$testSuffix = 206
884+
Create-TestEnvironment $testSuffix
885+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
886+
887+
try
888+
{
889+
# Test - only RetentionInDays
890+
Assert-Throws { Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -RetentionInDays 9 }
891+
892+
893+
# Test - only TableIdentifier
894+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
895+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -TableIdentifier $retentionTableIdentifier;
896+
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
897+
898+
# Assert
899+
Assert-AreEqual $policy.RetentionInDays 0
900+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
901+
}
902+
finally
903+
{
904+
# Cleanup
905+
Remove-TestEnvironment $testSuffix
906+
}
907+
}
908+
909+
<#
910+
.SYNOPSIS
911+
Tests the case when one of the retention values is missing from the database policy.
912+
#>
913+
function Test-DatabaseRetentionMissing
914+
{
915+
# Setup
916+
$testSuffix = 207
917+
Create-TestEnvironment $testSuffix
918+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
919+
920+
try
921+
{
922+
# Test - only RetentionInDays
923+
Assert-Throws { Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -RetentionInDays 9 }
924+
925+
926+
# Test - only TableIdentifier
927+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
928+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -TableIdentifier $retentionTableIdentifier;
929+
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
930+
931+
# Assert
932+
Assert-AreEqual $policy.RetentionInDays 0
933+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
934+
}
935+
finally
936+
{
937+
# Cleanup
938+
Remove-TestEnvironment $testSuffix
939+
}
940+
}

0 commit comments

Comments
 (0)