Merge pull request #9548 from v-Ajnava/masterIssue5824

Eventhub: added verification and error message for authorizationrules rights

Author: cormacpayne

src/EventHub/EventHub.Test/ScenarioTests/EventHubs.cs

@@ -36,11 +36,7 @@ public void EventHubsCRUD()
             EventHubsController.NewInstance.RunPsTest(_logger, "EventHubsTests");
         }
 
-#if NETSTANDARD
-        [Fact(Skip = "Fails in NetStandard, investigation needed: $namespaceListKeys.PrimaryConnectionString.Contains($updatedAuthRule.PrimaryKey)")]
-#else
         [Fact]
-#endif
         [Trait(Category.AcceptanceType, Category.CheckIn)]
         public void EventHubsAuthorizationRulesCRUD()
         {

src/EventHub/EventHub.Test/ScenarioTests/EventHubsTests.ps1

@@ -217,8 +217,8 @@ function EventHubsAuthTests
 	Write-Debug "Get Eventhub authorizationRules connectionStrings"
 	$namespaceListKeys = Get-AzEventHubKey -ResourceGroup $resourceGroupName -Namespace $namespaceName -EventHub $eventHubName -Name $authRuleName
 
-	Assert-True {$namespaceListKeys.PrimaryConnectionString.Contains($updatedAuthRule.PrimaryKey)}
-	Assert-True {$namespaceListKeys.SecondaryConnectionString.Contains($updatedAuthRule.SecondaryKey)}
+	Assert-True {$namespaceListKeys.PrimaryConnectionString -like "*$($updatedAuthRule.PrimaryKey)*"}
+	Assert-True {$namespaceListKeys.SecondaryConnectionString -like "*$($updatedAuthRule.SecondaryKey)*"}
 
 	# Regentrate the Keys 
 	$policyKey = "PrimaryKey"

src/EventHub/EventHub.Test/ScenarioTests/Namespace.cs

@@ -36,11 +36,7 @@ public void NamespaceCRUD()
             EventHubsController.NewInstance.RunPsTest(_logger, "NamespaceTests");
         }
 
-#if NETSTANDARD
-        [Fact(Skip = "Fails in NetStandard, investigation needed: $namespaceListKeys.PrimaryConnectionString.Contains($updatedAuthRule.PrimaryKey)")]
-#else
         [Fact]
-#endif
         [Trait(Category.AcceptanceType, Category.CheckIn)]
         public void NamespaceAuthorizationRulesCRUD()
         {

src/EventHub/EventHub.Test/ScenarioTests/NamespaceTests.ps1

@@ -53,7 +53,7 @@ function NamespaceAuthTests
 
     Write-Debug "Create a Namespace Authorization Rule"    
     Write-Debug "Auth Rule name : $authRuleName"
-    $result = New-AzEventHubAuthorizationRule -ResourceGroup $resourceGroupName -Namespace $namespaceName -Name $authRuleName -Rights @("Listen","Send")																																	  
+    $result = New-AzEventHubAuthorizationRule -ResourceGroup $resourceGroupName -Namespace $namespaceName -Name $authRuleName -Rights @("Listen", "Send")																																	  
 
     Assert-AreEqual $authRuleName $result.Name
     Assert-AreEqual 2 $result.Rights.Count
@@ -125,8 +125,8 @@ function NamespaceAuthTests
     Write-Debug "Get namespace authorizationRules connectionStrings"
     $namespaceListKeys = Get-AzEventHubKey -ResourceGroup $resourceGroupName -Namespace $namespaceName -Name $authRuleName
 
-    Assert-True {$namespaceListKeys.PrimaryConnectionString.Contains($updatedAuthRule.PrimaryKey)}
-    Assert-True {$namespaceListKeys.SecondaryConnectionString.Contains($updatedAuthRule.SecondaryKey)}
+    Assert-True {$namespaceListKeys.PrimaryConnectionString -like "*$($updatedAuthRule.PrimaryKey)*"}
+    Assert-True {$namespaceListKeys.SecondaryConnectionString -like "*$($updatedAuthRule.SecondaryKey)*"}
 
 	Write-Debug "Regenrate Authorizationrules Keys"
 	$policyKey = "PrimaryKey"

src/EventHub/EventHub.Test/SessionRecords/Microsoft.Azure.Commands.EventHub.Test.ScenarioTests.EventHubsTests/EventHubsAuthorizationRulesCRUD.json

@@ -18,6 +18,7 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+* added verification and error message for authorizationrules rights if only 'Manage' is assigned
 
 ## Version 1.2.0
 * Fix for #9231 - Get-AzEventHubNamespace does not return tags

src/EventHub/EventHub.Test/SessionRecords/Microsoft.Azure.Commands.EventHub.Test.ScenarioTests.NamespaceTests/NamespaceAuthorizationRulesCRUD.json

@@ -16,6 +16,7 @@
 using System.Collections.Generic;
 using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
 using Microsoft.Azure.Commands.EventHub.Models;
+using System;
 
 namespace Microsoft.Azure.Commands.EventHub.Commands
 {
@@ -59,6 +60,12 @@ public override void ExecuteCmdlet()
             PSSharedAccessAuthorizationRuleAttributes sasRule = new PSSharedAccessAuthorizationRuleAttributes();
             sasRule.Rights = new List<string>();
 
+            if (Array.Exists(Rights, element => element == "Manage") && !Array.Exists(Rights, element => element == "Listen") || !Array.Exists(Rights, element => element == "Send"))
+            {
+                Exception exManage = new Exception("Assigning 'Manage' to rights requires ‘Listen and ‘Send' to be included with. e.g. @(\"Manage\",\"Listen\",\"Send\")");
+                throw exManage;
+            }
+
             foreach (string right in Rights)
             {
                 sasRule.Rights.Add(right);
@@ -84,6 +91,10 @@ public override void ExecuteCmdlet()
             {
                 WriteError(Eventhub.EventHubsClient.WriteErrorforBadrequest(ex));
             }
+            catch (Exception ex)
+            {
+                WriteError(new ErrorRecord(ex, ex.Message, ErrorCategory.OpenError, ex));
+            }
         }
     }
 }

src/EventHub/EventHub/ChangeLog.md

@@ -16,6 +16,7 @@
 using System.Management.Automation;
 using System.Collections.Generic;
 using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
+using System;
 
 namespace Microsoft.Azure.Commands.EventHub.Commands
 {
@@ -71,10 +72,18 @@ public override void ExecuteCmdlet()
             {
                 sasRule.Rights = new List<string>();
                 if (Rights != null && Rights.Length > 0)
+                {
+                    if (Array.Exists(Rights, element => element == "Manage") && !Array.Exists(Rights, element => element == "Listen") || !Array.Exists(Rights, element => element == "Send"))
+                    {
+                        Exception exManage = new Exception("Assigning 'Manage' to rights requires ‘Listen and ‘Send' to be included with. e.g. @(\"Manage\",\"Listen\",\"Send\")");
+                        throw exManage;
+                    }
+
                     foreach (string right in Rights)
                     {
                         sasRule.Rights.Add(right);
                     }
+                }
             }
 
             try
@@ -116,6 +125,10 @@ public override void ExecuteCmdlet()
             {
                 WriteError(Eventhub.EventHubsClient.WriteErrorforBadrequest(ex));
             }
+            catch (Exception ex)
+            {
+                WriteError(new ErrorRecord(ex, ex.Message, ErrorCategory.OpenError, ex));
+            }
         }
     }
 }