Merge pull request #759 from j82w/dev

Add SQL Server Active Directory administrator Cmdlets

Author: ogail

src/ResourceManager/Sql/Commands.Sql.Test/Commands.Sql.Test.csproj

@@ -67,8 +67,12 @@
     <Reference Include="Microsoft.Azure.Gallery">
       <HintPath>..\..\..\packages\Microsoft.Azure.Gallery.2.6.2-preview\lib\net40\Microsoft.Azure.Gallery.dll</HintPath>
     </Reference>
+    <Reference Include="Microsoft.Azure.Graph.RBAC">
+      <SpecificVersion>False</SpecificVersion>
+      <HintPath>..\..\..\packages\Microsoft.Azure.Graph.RBAC.1.7.0-preview\lib\net40\Microsoft.Azure.Graph.RBAC.dll</HintPath>
+    </Reference>
     <Reference Include="Microsoft.Azure.Management.Sql">
-      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Sql.0.35.0-prerelease\lib\net40\Microsoft.Azure.Management.Sql.dll</HintPath>
+      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Sql.0.36.0-prerelease\lib\net40\Microsoft.Azure.Management.Sql.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.Management.Storage">
       <HintPath>..\..\..\packages\Microsoft.Azure.Management.Storage.2.4.0-preview\lib\net40\Microsoft.Azure.Management.Storage.dll</HintPath>
@@ -188,6 +192,9 @@
     <Compile Include="ScenarioTests\DatabaseBackupTests.cs" />
     <Compile Include="ScenarioTests\DatabaseCrudTests.cs" />
     <Compile Include="ScenarioTests\DataMaskingTests.cs" />
+    <None Include="ScenarioTests\ServerActiveDirectoryAdministratorTest.ps1">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
     <None Include="ScenarioTests\ServiceTierAdvisorTests.ps1">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
@@ -203,12 +210,14 @@
     <None Include="ScenarioTests\ElasticPoolCrudTests.ps1">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>
+    <Compile Include="ScenarioTests\ServerActiveDirectoryAdministratorTest.cs" />
     <Compile Include="ScenarioTests\ServiceTierAdvisorTests.cs" />
     <Compile Include="ScenarioTests\RecommendedElasticPoolTests.cs" />
     <Compile Include="ScenarioTests\ElasticPoolCrudTests.cs" />
     <Compile Include="ScenarioTests\AuditingTests.cs" />
     <Compile Include="ScenarioTests\ServerCrudTests.cs" />
     <Compile Include="ScenarioTests\ServerUpgradeTests.cs" />
+    <Compile Include="ScenarioTests\SqlEvnSetupHelper.cs" />
     <Compile Include="ScenarioTests\SqlTestsBase.cs" />
     <Compile Include="ScenarioTests\TransparentDataEncryptionCrudTests.cs" />
     <Compile Include="ScenarioTests\IndexRecommendationTests.cs" />
@@ -434,6 +443,9 @@
     <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.RecommendedElasticPoolTests\ListRecommendedElasticPools.json">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>
+    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ServerActiveDirectoryAdministratorTest\TestServerActiveDirectoryAdministratorCRUD.json">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
     <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ServerCrudTests\TestServerCreate.json">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/ServerActiveDirectoryAdministratorTest.cs

@@ -0,0 +1,30 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.ScenarioTest.SqlTests;
+using Microsoft.WindowsAzure.Commands.ScenarioTest;
+using Xunit;
+
+namespace Microsoft.Azure.Commands.Sql.Test.ScenarioTests
+{
+    public class ServerActiveDirectoryAdministratorTest : SqlTestsBase
+    {
+        [Fact]
+        [Trait(Category.Sql, Category.CheckIn)]
+        public void TestServerActiveDirectoryAdministratorCRUD()
+        {
+            RunPowerShellTest("Test-ServerActiveDirectoryAdministrator");
+        }
+    }
+}

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/ServerActiveDirectoryAdministratorTest.ps1

@@ -0,0 +1,73 @@
+# ----------------------------------------------------------------------------------
+#
+# Copyright Microsoft Corporation
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ----------------------------------------------------------------------------------
+
+<#
+	.SYNOPSIS
+	Tests creating a database
+#>
+function Test-ServerActiveDirectoryAdministrator ($location = "North Europe")
+{
+	# Setup
+	$rg = Create-ResourceGroupForTest
+	$server = Create-ServerForTest $rg "12.0" $location
+	
+	try
+	{
+		$activeDirectoryGroup1 = "testAADaccount"
+		$activeDirectoryGroup1ObjectId = "41732a4a-e09e-4b18-9624-38e252d68bbf"
+		$activeDirectoryUser1 = "Test User 2"
+		$activeDirectoryUser1ObjectId = "e87332b2-e3ed-480a-9723-e9b3611268f8"
+
+		# Verify there is no Active Directory Administrator set
+		$activeDirectoryAdmin = Get-AzureSqlServerActiveDirectoryAdministrator -ResourceGroupName $rg.ResourceGroupName -ServerName $server.ServerName
+
+		Assert-Null $activeDirectoryAdmin
+
+			# Set an Azure SQL Server Active Directory Administrator Group
+		$activeDirectoryAdmin1 = Set-AzureSqlServerActiveDirectoryAdministrator -ResourceGroupName $rg.ResourceGroupName -ServerName $server.ServerName `
+		-DisplayName $activeDirectoryGroup1
+
+		Assert-NotNull $activeDirectoryAdmin1
+
+		# Verify the correct Active Directory Administrator is set
+		Assert-AreEqual $activeDirectoryAdmin1.DisplayName $activeDirectoryGroup1
+		Assert-AreEqual $activeDirectoryAdmin1.ObjectId $activeDirectoryGroup1ObjectId
+
+		# Get an Azure SQL Server Active Directory Administrator
+		$activeDirectoryAdmin2 = Get-AzureSqlServerActiveDirectoryAdministrator -ResourceGroupName $rg.ResourceGroupName -ServerName $server.ServerName
+
+		Assert-AreEqual $activeDirectoryAdmin2.DisplayName $activeDirectoryGroup1
+		Assert-AreEqual $activeDirectoryAdmin2.ObjectId $activeDirectoryGroup1ObjectId
+
+		# Set an Azure SQL Server Active Directory Administrator User
+		$activeDirectoryAdmin3 = Set-AzureSqlServerActiveDirectoryAdministrator -ResourceGroupName $rg.ResourceGroupName -ServerName $server.ServerName `
+		-DisplayName $activeDirectoryUser1
+
+		Assert-AreEqual $activeDirectoryAdmin3.DisplayName $activeDirectoryUser1
+		Assert-AreEqual $activeDirectoryAdmin3.ObjectId $activeDirectoryUser1ObjectId
+
+		# Set an Azure SQL Server Active Directory Administrator User
+		$activeDirectoryAdmin4 = Remove-AzureSqlServerActiveDirectoryAdministrator -ResourceGroupName $rg.ResourceGroupName -ServerName $server.ServerName -Force
+
+		# Verify that Azure SQL Server Active Directory Administrator was deleted
+		$activeDirectoryAdmin5 = Get-AzureSqlServerActiveDirectoryAdministrator -ResourceGroupName $rg.ResourceGroupName -ServerName $server.ServerName
+
+		Assert-Null $activeDirectoryAdmin5
+	}
+	finally
+	{
+		Remove-ResourceGroupForTest $rg
+	}
+}
+

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/SqlEvnSetupHelper.cs

@@ -0,0 +1,149 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using Microsoft.Azure.Common.Authentication;
+using Microsoft.Azure.Common.Authentication.Models;
+using Microsoft.Azure.Gallery;
+using Microsoft.Azure.Graph.RBAC;
+using Microsoft.Azure.Management.Authorization;
+using Microsoft.Azure.Management.Resources;
+using Microsoft.Azure.Subscriptions;
+using Microsoft.Azure.Test;
+using Microsoft.Azure.Test.HttpRecorder;
+using Microsoft.WindowsAzure.Commands.ScenarioTest;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+
+namespace Microsoft.Azure.Commands.ScenarioTest.SqlTests
+{
+    public class SqlEvnSetupHelper : EnvironmentSetupHelper
+    {
+        /// <summary>
+        /// This overrides the default subscription and default account. This allows the 
+        /// test to get the tenant id in the test.
+        /// </summary>
+        public void SetupEnvironment()
+        {
+            base.SetupEnvironment(AzureModule.AzureResourceManager);
+
+            TestEnvironment csmEnvironment = new CSMTestEnvironmentFactory().GetTestEnvironment();
+
+            if (csmEnvironment.SubscriptionId != null)
+            {
+                //Overwrite the default subscription and default account
+                //with ones using user ID and tenant ID from auth context
+                var user = GetUser(csmEnvironment);
+                var tenantId = GetTenantId(csmEnvironment);
+
+                // Existing test will not have a user or tenant id set
+                if (tenantId != null && user != null)
+                {
+                    var testSubscription = new AzureSubscription()
+                    {
+                        Id = new Guid(csmEnvironment.SubscriptionId),
+                        Name = ProfileClient.Profile.DefaultSubscription.Name,
+                        Environment = ProfileClient.Profile.DefaultSubscription.Environment,
+                        Account = user,
+                        Properties = new Dictionary<AzureSubscription.Property, string>
+                    {
+                        {
+                            AzureSubscription.Property.Default, "True"
+                        },
+                        {
+                            AzureSubscription.Property.StorageAccount,
+                            Environment.GetEnvironmentVariable("AZURE_STORAGE_ACCOUNT")
+                        },
+                        {
+                            AzureSubscription.Property.Tenants, tenantId
+                        },
+                    }
+                    };
+
+                    var testAccount = new AzureAccount()
+                    {
+                        Id = user,
+                        Type = AzureAccount.AccountType.User,
+                        Properties = new Dictionary<AzureAccount.Property, string>
+                    {
+                        {
+                            AzureAccount.Property.Subscriptions, csmEnvironment.SubscriptionId
+                        },
+                    }
+                    };
+
+                    ProfileClient.Profile.Accounts.Remove(ProfileClient.Profile.DefaultSubscription.Account);
+                    ProfileClient.Profile.Subscriptions[testSubscription.Id] = testSubscription;
+                    ProfileClient.Profile.Accounts[testAccount.Id] = testAccount;
+                    ProfileClient.SetSubscriptionAsDefault(testSubscription.Name, testSubscription.Account);
+
+                    ProfileClient.Profile.Save();
+                }
+            }
+        }
+
+        /// <summary>
+        /// Helper function to get the tenant id if it was set in the test
+        /// </summary>
+        /// <param name="environment">Test environment</param>
+        /// <returns>The tenant id or null if not tenant id could be found.</returns>
+        private string GetTenantId(TestEnvironment environment)
+        {
+            if (HttpMockServer.Mode == HttpRecorderMode.Record)
+            {
+                HttpMockServer.Variables["TenantId"] = environment.AuthorizationContext.TenantId;
+                return environment.AuthorizationContext.TenantId;
+            }
+            else
+            {
+                if (HttpMockServer.Variables.ContainsKey("TenantId"))
+                {
+                    return HttpMockServer.Variables["TenantId"];
+                }
+                else
+                {
+                    return null;
+                }
+            }
+        }
+
+        /// <summary>
+        /// Helper function to get the user id if it was set in the test
+        /// </summary>
+        /// <param name="environment">Test environment</param>
+        /// <returns>The user id or null if not tenant id could be found.</returns>
+        private string GetUser(TestEnvironment environment)
+        {
+            if (HttpMockServer.Mode == HttpRecorderMode.Record)
+            {
+                HttpMockServer.Variables["User"] = environment.AuthorizationContext.UserId;
+                return environment.AuthorizationContext.UserId;
+            }
+            else
+            {
+                if (HttpMockServer.Variables.ContainsKey("User"))
+                {
+                    return HttpMockServer.Variables["User"];
+                }
+                else
+                {
+                    return null;
+                }
+                
+            }
+        }
+
+    }
+}

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/SqlTestsBase.cs

@@ -19,18 +19,26 @@
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 using Microsoft.WindowsAzure.Management.Storage;
 using Microsoft.Azure.Test;
+using Microsoft.Azure.Graph.RBAC;
 using Microsoft.Azure.Common.Authentication;
 using Microsoft.Azure.Management.Authorization;
+using Microsoft.Azure.Commands.Resources.Models.ActiveDirectory;
+using System;
 
 namespace Microsoft.Azure.Commands.ScenarioTest.SqlTests
 {
     public class SqlTestsBase
     {
-        protected EnvironmentSetupHelper helper;
+        protected SqlEvnSetupHelper helper;
+
+        private const string TenantIdKey = "TenantId";
+        private const string DomainKey = "Domain";
+
+        public string UserDomain { get; private set; }
 
         protected SqlTestsBase()
         {
-            helper = new EnvironmentSetupHelper();
+            helper = new SqlEvnSetupHelper();
         }
 
         protected virtual void SetupManagementClients()
@@ -39,7 +47,8 @@ protected virtual void SetupManagementClients()
             var storageClient = GetStorageClient();
             var resourcesClient = GetResourcesClient();
             var authorizationClient = GetAuthorizationManagementClient();
-            helper.SetupSomeOfManagementClients(sqlCSMClient, storageClient, resourcesClient, authorizationClient);
+            var graphClient = GetGraphClient();
+            helper.SetupSomeOfManagementClients(sqlCSMClient, storageClient, resourcesClient, authorizationClient, graphClient);
         }
 
         protected void RunPowerShellTest(params string[] scripts)
@@ -53,7 +62,7 @@ protected void RunPowerShellTest(params string[] scripts)
 
                 SetupManagementClients();
 
-                helper.SetupEnvironment(AzureModule.AzureResourceManager);
+                helper.SetupEnvironment();
 
                 helper.SetupModules(AzureModule.AzureProfile, "ScenarioTests\\Common.ps1",
                     "ScenarioTests\\" + this.GetType().Name + ".ps1");
@@ -105,5 +114,34 @@ protected AuthorizationManagementClient GetAuthorizationManagementClient()
             }
             return client;
         }
+
+        protected GraphRbacManagementClient GetGraphClient()
+        {
+            var testFactory = new CSMTestEnvironmentFactory();
+            var environment = testFactory.GetTestEnvironment();
+            string tenantId = Guid.Empty.ToString();
+
+            if (HttpMockServer.Mode == HttpRecorderMode.Record)
+            {
+                tenantId = environment.AuthorizationContext.TenantId;
+                UserDomain = environment.AuthorizationContext.UserDomain;
+
+                HttpMockServer.Variables[TenantIdKey] = tenantId;
+                HttpMockServer.Variables[DomainKey] = UserDomain;
+            }
+            else if (HttpMockServer.Mode == HttpRecorderMode.Playback)
+            {
+                if (HttpMockServer.Variables.ContainsKey(TenantIdKey))
+                {
+                    tenantId = HttpMockServer.Variables[TenantIdKey];
+                }
+                if (HttpMockServer.Variables.ContainsKey(DomainKey))
+                {
+                    UserDomain = HttpMockServer.Variables[DomainKey];
+                }
+            }
+
+            return TestBase.GetGraphServiceClient<GraphRbacManagementClient>(testFactory, tenantId);
+        }
     }
 }