adding tests, updating cmdlets

Author: rewongmicrosoft

src/Sql/Sql.Test/ScenarioTests/Common.ps1

@@ -184,6 +184,47 @@ function Create-BasicTestEnvironmentWithParams ($params, $location, $serverVersi
 	New-AzSqlDatabase -DatabaseName $params.databaseName -ResourceGroupName $params.rgname -ServerName $params.serverName -Edition Basic
 }
 
+<#
+.SYNOPSIS
+Gets the values of the parameters used for ledger digest upload tests
+#>
+function Get-LedgerTestEnvironmentParameters ($testSuffix)
+{
+	$subscriptionId = (Get-AzContext).Subscription.Id
+	return @{ rgname = "ledger-cmdlet-test-rg" + $testSuffix;
+			  serverName = "ledger-cmdlet-server" + $testSuffix;
+			  databaseName = "ledger-cmdlet-db" + $testSuffix;
+		}
+}
+
+<#
+.SYNOPSIS
+Creates the basic test environment needed to perform the Sql data security tests - resource group, server and database
+#>
+function Create-LedgerTestEnvironment ($params)
+{
+	$location = "West Europe"
+	$serverVersion = "12.0"
+	New-AzResourceGroup -Name $params.rgname -Location $location
+	$serverName = $params.serverName
+	$serverLogin = "testusername"
+	<#[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Test passwords only valid for the duration of the test")]#>
+	$serverPassword = "t357ingP@s5w0rd!ledger"
+	$credentials = new-object System.Management.Automation.PSCredential($serverLogin, ($serverPassword | ConvertTo-SecureString -asPlainText -Force))
+	New-AzSqlServer -ResourceGroupName $params.rgname -ServerName $params.serverName -Location $location -ServerVersion $serverVersion -SqlAdministratorCredentials $credentials
+	New-AzSqlDatabase -DatabaseName $params.databaseName -ResourceGroupName $params.rgname -ServerName $params.serverName -Edition Basic
+}
+
+<#
+.SYNOPSIS
+Removes the test environment that was needed to perform the ledger digest upload tests
+#>
+function Remove-LedgerTestEnvironment ($testSuffix)
+{
+	$params = Get-LedgerTestEnvironmentParameters $testSuffix
+	Remove-AzResourceGroup -Name $params.rgname -Force
+}
+
 <#
 .SYNOPSIS
 Creates the basic test environment needed to perform the Sql data security tests - resource group, managed instance and managed database

src/Sql/Sql.Test/ScenarioTests/LedgerDigestUploadTests.cs

@@ -0,0 +1,60 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.ScenarioTest.SqlTests;
+using Microsoft.Azure.ServiceManagement.Common.Models;
+using Microsoft.WindowsAzure.Commands.ScenarioTest;
+using Xunit;
+using Xunit.Abstractions;
+
+namespace Microsoft.Azure.Commands.Sql.Test.ScenarioTests
+{
+    public class LedgerDigestUploadTests : SqlTestsBase
+    {
+        public LedgerDigestUploadTests(ITestOutputHelper output) : base(output)
+        {
+            base.resourceTypesToIgnoreApiVersion = new string[] {
+                "Microsoft.Sql/servers"
+            };
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestGetDefaultLedgerDigestUpload()
+        {
+            RunPowerShellTest("Test-GetDefaultLedgerDigestUpload");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestSetLedgerDigestUploadByName()
+        {
+            RunPowerShellTest("Test-SetLedgerDigestUploadByName");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestSetLedgerDigestUploadByDatabaseObject()
+        {
+            RunPowerShellTest("Test-SetLedgerDigestUploadByDatabaseObject");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestSetLedgerDigestUploadByResourceId()
+        {
+            RunPowerShellTest("Test-SetLedgerDigestUploadByResourceId");
+        }
+    }
+}

src/Sql/Sql.Test/ScenarioTests/LedgerDigestUploadTests.ps1

@@ -0,0 +1,195 @@
+# ----------------------------------------------------------------------------------
+#
+# Copyright Microsoft Corporation
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ----------------------------------------------------------------------------------
+
+<#
+.SYNOPSIS
+Tests getting default ledger digest upload configuration
+#>
+function Test-GetDefaultLedgerDigestUpload
+{
+	# Setup
+	$testSuffix = getAssetName
+	$params = Get-LedgerTestEnvironmentParameters $testSuffix
+	Create-LedgerTestEnvironment $params
+
+	$databaseResourceId = "/subscriptions/" + $subscriptionId + "/resourceGroups/" + $params.rgname + "/providers/Microsoft.Sql/servers/" + $params.serverName + "/databases/" + $params.databaseName 
+	$databaseObject = Get-AzSqlDatabase -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+
+	try 
+	{
+		# Test
+		$ledgerDigestUpload = Get-AzSqlDatabaseLedgerDigestUpload -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+	
+		# Assert
+		Assert-AreEqual $ledgerDigestUpload.State "Disabled"
+
+		# Test
+		$ledgerDigestUploadByResourceId = Get-AzSqlDatabaseLedgerDigestUpload -ResourceId $databaseResourceId
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadByResourceId.State "Disabled"
+
+		# Test
+		$ledgerDigestUploadByDatabase = Get-AzSqlDatabaseLedgerDigestUpload -InputObject $databaseObject
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadByDatabase.State "Disabled"
+	}
+	finally
+	{
+		# Cleanup
+		Remove-LedgerTestEnvironment $testSuffix
+	}
+}
+
+<#
+.SYNOPSIS
+Tests that when setting the storage account property's value in a database's blob auditing policy, that value is later fetched properly
+#>
+function Test-SetLedgerDigestUploadByName
+{
+	# Setup
+	$testSuffix = getAssetName
+	$params = Get-LedgerTestEnvironmentParameters $testSuffix
+	Create-LedgerTestEnvironment $params
+	$endpoint = "https://test.confidential-ledger.azure.com"
+
+	try 
+	{
+		# Test enabling
+		$ledgerDigestUploadEnable = Enable-AzSqlDatabaseLedgerDigestUpload -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -Endpoint $endpoint
+	
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadEnable.State "Enabled"
+		Assert-AreEqual $ledgerDigestUploadEnable.Endpoint $endpoint
+
+		# Test get enabled settings
+		$ledgerDigestUploadEnabledGet = Get-AzSqlDatabaseLedgerDigestUpload -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+		<#
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadEnabledGet.State "Enabled"
+
+		# Test disabling 
+		$ledgerDigestUploadDisable = Disable-AzSqlDatabaseLedgerDigestUpload -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadDisable.State "Disabled"
+
+		# Test get disabled settings
+		$ledgerDigestUploadDisabledGet = Get-AzSqlDatabaseLedgerDigestUpload -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadDisabledGet.State "Disabled"
+		#>
+	}
+	finally
+	{
+		# Cleanup
+		Remove-LedgerTestEnvironment $testSuffix
+	}
+}
+
+<#
+.SYNOPSIS
+Tests that when setting the storage account property's value in a database's blob auditing policy, that value is later fetched properly
+#>
+function Test-SetLedgerDigestUploadByDatabaseObject
+{
+	# Setup
+	$testSuffix = getAssetName
+	$params = Get-LedgerTestEnvironmentParameters $testSuffix
+	Create-LedgerTestEnvironment $params
+	$endpoint = "https://test.confidential-ledger.azure.com"
+	$databaseObject = Get-AzSqlDatabase -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+
+	try 
+	{
+		# Test enabling
+		$ledgerDigestUploadEnable = Enable-AzSqlDatabaseLedgerDigestUpload -InputObject $databaseObject -Endpoint $endpoint
+	
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadEnable.State "Enabled"
+		Assert-AreEqual $ledgerDigestUploadEnable.Endpoint $endpoint
+
+		# Test get enabled settings
+		$ledgerDigestUploadEnabledGet = Get-AzSqlDatabaseLedgerDigestUpload -InputObject $databaseObject
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadEnabledGet.State "Enabled"
+
+		# Test disabling 
+		$ledgerDigestUploadDisable = Disable-AzSqlDatabaseLedgerDigestUpload -InputObject $databaseObject
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadDisable.State "Disabled"
+
+		# Test get disabled settings
+		$ledgerDigestUploadDisabledGet = Get-AzSqlDatabaseLedgerDigestUpload -InputObject $databaseObject
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadDisabledGet.State "Disabled"
+	}
+	finally
+	{
+		# Cleanup
+		Remove-LedgerTestEnvironment $testSuffix
+	}
+}
+
+<#
+.SYNOPSIS
+Tests that when setting the storage account property's value in a database's blob auditing policy, that value is later fetched properly
+#>
+function Test-SetLedgerDigestUploadByResourceId
+{
+	# Setup
+	$testSuffix = getAssetName
+	$params = Get-LedgerTestEnvironmentParameters $testSuffix
+	Create-LedgerTestEnvironment $params
+	$endpoint = "https://test.confidential-ledger.azure.com"
+	$databaseResourceId = "/subscriptions/" + $subscriptionId + "/resourceGroups/" + $params.rgname + "/providers/Microsoft.Sql/servers/" + $params.serverName + "/databases/" + $params.databaseName 
+
+	try 
+	{
+		# Test enabling
+		$ledgerDigestUploadEnable = Enable-AzSqlDatabaseLedgerDigestUpload -ResourceId $databaseResourceId -Endpoint $endpoint
+	
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadEnable.State "Enabled"
+		Assert-AreEqual $ledgerDigestUploadEnable.Endpoint $endpoint
+
+		# Test get enabled settings
+		$ledgerDigestUploadEnabledGet = Get-AzSqlDatabaseLedgerDigestUpload -ResourceId $databaseResourceId
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadEnabledGet.State "Enabled"
+
+		# Test disabling 
+		$ledgerDigestUploadDisable = Disable-AzSqlDatabaseLedgerDigestUpload -InputObject $databaseObject
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadDisable.State "Disabled"
+
+		# Test get disabled settings
+		$ledgerDigestUploadDisabledGet = Get-AzSqlDatabaseLedgerDigestUpload -ResourceId $databaseResourceId
+
+		# Assert
+		Assert-AreEqual $ledgerDigestUploadDisabledGet.State "Disabled"
+	}
+	finally
+	{
+		# Cleanup
+		Remove-LedgerTestEnvironment $testSuffix
+	}
+}

src/Sql/Sql/Az.Sql.psd1

@@ -272,7 +272,9 @@ CmdletsToExport = 'Get-AzSqlDatabaseTransparentDataEncryption',
                'Enable-AzSqlInstanceActiveDirectoryOnlyAuthentication', 
                'Get-AzSqlInstanceActiveDirectoryOnlyAuthentication', 
                'Get-AzSqlServerTrustGroup', 'New-AzSqlServerTrustGroup', 
-               'Remove-AzSqlServerTrustGroup'
+               'Remove-AzSqlServerTrustGroup',
+               'Enable-AzSqlDatabaseLedgerDigestUpload', 'Disable-AzSqlDatabaseLedgerDigestUpload',
+               'Get-AzSqlDatabaseLedgerDigestUpload'
 
 # Variables to export from this module
 # VariablesToExport = @()

src/Sql/Sql/Database/Cmdlet/NewAzureSqlDatabase.cs

@@ -235,7 +235,7 @@ public class NewAzureSqlDatabase : AzureSqlDatabaseCmdletBase<AzureSqlDatabaseCr
         /// Gets or sets the ledger option to assign to the Azure SQL Database
         /// </summary>
         [Parameter(Mandatory = false,
-            HelpMessage = "The enable ledger option for the Azure Sql Database")]
+            HelpMessage = "Creates a ledger database, in which the integrity of all data is protected by the ledger feature. All tables in the ledger database must be ledger tables. Note: the value of this property cannot be changed after the database has been created.")]
         public SwitchParameter EnableLedger { get; set; }
 
         /// <summary>