Skip to content

Commit 0d23979

Browse files
huangpfhuangpf
committed
Merge pull request #26 from Azure/ignite
Ignite
2 parents d02434f + 1bc090a commit 0d23979

22 files changed

+57502
-1612
lines changed

src/ResourceManager/Sql/Commands.Sql.Test/Commands.Sql.Test.csproj

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -241,6 +241,9 @@
241241
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestDatabaseDisableEnableKeepProperties.json">
242242
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
243243
</None>
244+
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestDatabaseRetentionKeepProperties.json">
245+
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
246+
</None>
244247
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestDatabaseStorageKeyRotation.json">
245248
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
246249
</None>
@@ -253,6 +256,9 @@
253256
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestDatabaseUpdatePolicyWithEventTypeShortcuts.json">
254257
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
255258
</None>
259+
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestDatabaseUpdatePolicyWithRetention.json">
260+
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
261+
</None>
256262
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestDatabaseUpdatePolicyWithStorage.json">
257263
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
258264
</None>
@@ -283,6 +289,9 @@
283289
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestServerDisableEnableKeepProperties.json">
284290
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
285291
</None>
292+
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestServerRetentionKeepProperties.json">
293+
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
294+
</None>
286295
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestServerStorageKeyRotation.json">
287296
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
288297
</None>
@@ -295,6 +304,9 @@
295304
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestServerUpdatePolicyWithEventTypeShortcuts.json">
296305
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
297306
</None>
307+
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestServerUpdatePolicyWithRetention.json">
308+
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
309+
</None>
298310
<None Include="SessionRecords\Microsoft.Azure.Commands.ScenarioTest.SqlTests.SecurityTests\TestServerUpdatePolicyWithStorage.json">
299311
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
300312
</None>

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/SecurityTests.cs

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ public void TestDatabaseUpdatePolicyWithStorage()
2626
RunPowerShellTest("Test-DatabaseUpdatePolicyWithStorage");
2727
}
2828

29-
[Fact(Skip = "Skip for the version header upgrade on Storage library.")]
29+
[Fact]
3030
[Trait(Category.RunType, Category.LiveOnly)]
3131
[Trait(Category.AcceptanceType, Category.CheckIn)]
3232
public void TestServerUpdatePolicyWithStorage()
@@ -183,5 +183,37 @@ public void TestServerStorageKeyRotation()
183183
{
184184
RunPowerShellTest("Test-ServerStorageKeyRotation");
185185
}
186+
187+
[Fact]
188+
[Trait(Category.RunType, Category.LiveOnly)]
189+
[Trait(Category.AcceptanceType, Category.CheckIn)]
190+
public void TestServerUpdatePolicyWithRetention()
191+
{
192+
RunPowerShellTest("Test-ServerUpdatePolicyWithRetention");
193+
}
194+
195+
[Fact]
196+
[Trait(Category.RunType, Category.LiveOnly)]
197+
[Trait(Category.AcceptanceType, Category.CheckIn)]
198+
public void TestDatabaseUpdatePolicyWithRetention()
199+
{
200+
RunPowerShellTest("Test-DatabaseUpdatePolicyWithRetention");
201+
}
202+
203+
[Fact]
204+
[Trait(Category.RunType, Category.LiveOnly)]
205+
[Trait(Category.AcceptanceType, Category.CheckIn)]
206+
public void TestServerRetentionKeepProperties()
207+
{
208+
RunPowerShellTest("Test-ServerRetentionKeepProperties");
209+
}
210+
211+
[Fact]
212+
[Trait(Category.RunType, Category.LiveOnly)]
213+
[Trait(Category.AcceptanceType, Category.CheckIn)]
214+
public void TestDatabaseRetentionKeepProperties()
215+
{
216+
RunPowerShellTest("Test-DatabaseRetentionKeepProperties");
217+
}
186218
}
187219
}

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/SecurityTests.ps1

Lines changed: 150 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -156,14 +156,11 @@ function Test-DatabaseUpdatePolicyWithEventTypes
156156
Assert-AreEqual $policy.EventType.Length 15
157157

158158
# Test
159-
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure","DataAccess","DataChanges","RevokePermissions"
159+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure"
160160
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
161161

162162
# Assert
163-
Assert-AreEqual $policy.EventType.Length 6
164-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataAccess)}
165-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataChanges)}
166-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::RevokePermissions)}
163+
Assert-AreEqual $policy.EventType.Length 3
167164
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::PlainSQL_Success)}
168165
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Success)}
169166
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Failure)}
@@ -203,18 +200,16 @@ function Test-ServerUpdatePolicyWithEventTypes
203200
Assert-AreEqual $policy.EventType.Length 15
204201

205202
# Test
206-
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "DataAccess","DataChanges","RevokePermissions","PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure"
203+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success","ParameterizedSQL_Success","ParameterizedSQL_Failure"
207204
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
208205

209206
# Assert
210-
Assert-AreEqual $policy.EventType.Length 6
211-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataAccess)}
212-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::DataChanges)}
213-
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::RevokePermissions)}
207+
Assert-AreEqual $policy.EventType.Length 3
214208
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::PlainSQL_Success)}
215209
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Success)}
216210
Assert-True {$policy.EventType.Contains([Microsoft.Azure.Commands.Sql.Security.Model.AuditEventType]::ParameterizedSQL_Failure)}
217211

212+
218213
# Test
219214
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "None"
220215
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
@@ -276,6 +271,10 @@ function Test-DatabaseUpdatePolicyWithEventTypeShortcuts
276271
Assert-Throws {Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "None", "All"}
277272
Assert-Throws {Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "All"}
278273
Assert-Throws {Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "None"}
274+
275+
#Test - If the event types includes new events and deprecated events we throw error
276+
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "DataAccess"}
277+
279278
}
280279
finally
281280
{
@@ -331,6 +330,9 @@ function Test-ServerUpdatePolicyWithEventTypeShortcuts
331330
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "None", "All"}
332331
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "All"}
333332
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "None"}
333+
334+
#Test - If the event types includes new events and deprecated events we throw error
335+
Assert-Throws {Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success", "DataAccess"}
334336
}
335337
finally
336338
{
@@ -731,4 +733,141 @@ function Test-DatabaseStorageKeyRotation
731733
# Cleanup
732734
Remove-TestEnvironment $testSuffix
733735
}
734-
}
736+
}
737+
<#
738+
.SYNOPSIS
739+
Tests that when setting the retention values of server policy, that values is later fetched properly.
740+
#>
741+
function Test-ServerUpdatePolicyWithRetention
742+
{
743+
# Setup
744+
$testSuffix = 202
745+
Create-TestEnvironment $testSuffix
746+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
747+
748+
try
749+
{
750+
# Test
751+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
752+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
753+
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
754+
755+
# Assert
756+
Assert-AreEqual $policy.RetentionInDays 10
757+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
758+
}
759+
finally
760+
{
761+
# Cleanup
762+
Remove-TestEnvironment $testSuffix
763+
}
764+
}
765+
766+
<#
767+
.SYNOPSIS
768+
Tests that when setting the retention values of database policy, that values is later fetched properly.
769+
#>
770+
function Test-DatabaseUpdatePolicyWithRetention
771+
{
772+
# Setup
773+
$testSuffix = 203
774+
Create-TestEnvironment $testSuffix
775+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
776+
777+
try
778+
{
779+
# Test
780+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
781+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
782+
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
783+
784+
# Assert
785+
Assert-AreEqual $policy.RetentionInDays 10
786+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
787+
}
788+
finally
789+
{
790+
# Cleanup
791+
Remove-TestEnvironment $testSuffix
792+
}
793+
}
794+
795+
<#
796+
.SYNOPSIS
797+
Tests that after setting the retention values to a server auditing policy, this value is used on next policy set operations as default.
798+
#>
799+
function Test-ServerRetentionKeepProperties
800+
{
801+
# Setup
802+
$testSuffix = 204
803+
Create-TestEnvironment $testSuffix
804+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
805+
806+
try
807+
{
808+
# Test
809+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
810+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
811+
812+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -RetentionInDays 11;
813+
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
814+
815+
# Assert
816+
Assert-AreEqual $policy.RetentionInDays 11
817+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
818+
819+
# Test
820+
$retentionTableIdentifier = "retentionTableIdentifier1" + $testSuffix;
821+
Set-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -TableIdentifier $retentionTableIdentifier;
822+
$policy = Get-AzureSqlDatabaseServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
823+
824+
# Assert
825+
Assert-AreEqual $policy.RetentionInDays 11
826+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
827+
}
828+
finally
829+
{
830+
# Cleanup
831+
Remove-TestEnvironment $testSuffix
832+
}
833+
}
834+
835+
<#
836+
.SYNOPSIS
837+
Tests that after setting the retention values to a database auditing policy, this value is used on next policy set operations as default.
838+
#>
839+
function Test-DatabaseRetentionKeepProperties
840+
{
841+
# Setup
842+
$testSuffix = 205
843+
Create-TestEnvironment $testSuffix
844+
$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
845+
846+
try
847+
{
848+
# Test
849+
$retentionTableIdentifier = "retentionTableIdentifier" + $testSuffix;
850+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -RetentionInDays 10 -TableIdentifier $retentionTableIdentifier;
851+
852+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -RetentionInDays 11;
853+
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
854+
855+
# Assert
856+
Assert-AreEqual $policy.RetentionInDays 11
857+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
858+
859+
# Test
860+
$retentionTableIdentifier = "retentionTableIdentifier1" + $testSuffix;
861+
Set-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -TableIdentifier $retentionTableIdentifier;
862+
$policy = Get-AzureSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
863+
864+
# Assert
865+
Assert-AreEqual $policy.RetentionInDays 11
866+
Assert-AreEqual $policy.TableIdentifier $retentionTableIdentifier
867+
}
868+
finally
869+
{
870+
# Cleanup
871+
Remove-TestEnvironment $testSuffix
872+
}
873+
}

0 commit comments

Comments
 (0)