Support inhering TD policy from server cmdlet

ayeletshpigelman · ayeletshpigelman · commit 0740a8c63ab3 · 2017-02-08T13:50:27.000+02:00
diff --git a/src/ResourceManager/Sql/Commands.Sql/Auditing/Model/DatabaseAuditingPolicyModel.cs b/src/ResourceManager/Sql/Commands.Sql/Auditing/Model/DatabaseAuditingPolicyModel.cs
@@ -12,13 +12,10 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
+using Microsoft.Azure.Commands.Sql.Common;
+
 namespace Microsoft.Azure.Commands.Sql.Auditing.Model
 {
-    /// <summary>
-    /// The possible states in which the user server's policy property may be in
-    /// </summary>
-    public enum UseServerDefaultOptions { Enabled, Disabled }
-
     /// <summary>
     /// A class representing a database auditing policy
     /// </summary>
@@ -32,6 +29,6 @@ public class DatabaseAuditingPolicyModel : BaseTableAuditingPolicyModel
         /// <summary>
         /// Gets or sets the use server default property
         /// </summary>
-        public UseServerDefaultOptions UseServerDefault { get; set; }
+        public SecurityConstants.UseServerDefaultOptions UseServerDefault { get; set; }
     }
 }
diff --git a/src/ResourceManager/Sql/Commands.Sql/Auditing/Services/SqlAuditAdapter.cs b/src/ResourceManager/Sql/Commands.Sql/Auditing/Services/SqlAuditAdapter.cs
@@ -180,7 +180,7 @@ private DatabaseAuditingPolicyModel ModelizeDatabaseAuditPolicy(DatabaseAuditing
             var dbPolicyModel = new DatabaseAuditingPolicyModel();
             var properties = policy.Properties;
             dbPolicyModel.AuditState = ModelizeAuditState(properties.AuditingState);
-            dbPolicyModel.UseServerDefault = properties.UseServerDefault == SecurityConstants.AuditingEndpoint.Enabled ? UseServerDefaultOptions.Enabled : UseServerDefaultOptions.Disabled;
+            dbPolicyModel.UseServerDefault = properties.UseServerDefault == SecurityConstants.AuditingEndpoint.Enabled ? SecurityConstants.UseServerDefaultOptions.Enabled : SecurityConstants.UseServerDefaultOptions.Disabled;
             ModelizeStorageInfo(dbPolicyModel, properties.StorageAccountName, properties.StorageAccountKey, properties.StorageAccountSecondaryKey);
             ModelizeEventTypesInfo(dbPolicyModel, properties.EventTypesToAudit);
             ModelizeRetentionInfo(dbPolicyModel, properties.RetentionDays, properties.AuditLogsTableName, properties.FullAuditLogsTableName);
@@ -406,7 +406,7 @@ private DatabaseAuditingPolicyCreateOrUpdateParameters PolicizeDatabaseAuditingM
             var properties = new DatabaseAuditingPolicyProperties();
             updateParameters.Properties = properties;
             properties.AuditingState = model.AuditState.ToString();
-            properties.UseServerDefault = (model.UseServerDefault == UseServerDefaultOptions.Enabled) ? SecurityConstants.AuditingEndpoint.Enabled : SecurityConstants.AuditingEndpoint.Disabled;
+            properties.UseServerDefault = (model.UseServerDefault == SecurityConstants.UseServerDefaultOptions.Enabled) ? SecurityConstants.AuditingEndpoint.Enabled : SecurityConstants.AuditingEndpoint.Disabled;
             properties.StorageAccountName = ExtractStorageAccountName(model);
             properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
             properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
diff --git a/src/ResourceManager/Sql/Commands.Sql/Commands.Sql.csproj b/src/ResourceManager/Sql/Commands.Sql/Commands.Sql.csproj
@@ -173,6 +173,7 @@
     <Compile Include="Auditing\Cmdlet\SqlDatabaseAuditingCmdletBase.cs" />
     <Compile Include="Auditing\Cmdlet\SqlDatabaseServerAuditingCmdletBase.cs" />
     <Compile Include="Auditing\Cmdlet\UseAzureSqlServerAuditingPolicy.cs" />
+    <Compile Include="ThreatDetection\Cmdlet\UseAzureSqlServerThreatDetection.cs" />
     <Compile Include="ThreatDetection\Model\BaseThreatDetectionPolicyModel.cs" />
     <Compile Include="ThreatDetection\Model\ServerThreatDetectionPolicyModel.cs" />
     <Compile Include="ThreatDetection\Model\DatabaseThreatDetectionPolicyModel .cs" />
diff --git a/src/ResourceManager/Sql/Commands.Sql/Common/SecurityConstants.cs b/src/ResourceManager/Sql/Commands.Sql/Common/SecurityConstants.cs
@@ -23,6 +23,11 @@ namespace Microsoft.Azure.Commands.Sql.Common
     /// </summary>
     public class SecurityConstants
     {
+        /// <summary>
+        /// The possible states in which the user server's policy property may be in
+        /// </summary>
+        public enum UseServerDefaultOptions { Enabled, Disabled }
+
         // Audit Events:
         public const string PlainSQL_Success = "PlainSQL_Success";
         public const string PlainSQL_Failure = "PlainSQL_Failure";
diff --git a/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Cmdlet/RemoveSqlDatabaseThreatDetection.cs b/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Cmdlet/RemoveSqlDatabaseThreatDetection.cs
@@ -46,6 +46,7 @@ protected override DatabaseThreatDetectionPolicyModel ApplyUserInputToModel(
         {
             model = base.ApplyUserInputToModel(model);
             model.ThreatDetectionState = ThreatDetectionStateType.Disabled;
+            model.UseServerDefault = UseServerDefaultOptions.Disabled;
             return model;
         }
     }
diff --git a/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Cmdlet/SetAzureSqlDatabaseThreatDetection.cs b/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Cmdlet/SetAzureSqlDatabaseThreatDetection.cs
@@ -84,6 +84,7 @@ protected override DatabaseThreatDetectionPolicyModel ApplyUserInputToModel(Data
             base.ApplyUserInputToModel(model);
 
             model.ThreatDetectionState = ThreatDetectionStateType.Enabled;
+            model.UseServerDefault = UseServerDefaultOptions.Disabled;
 
             if (NotificationRecipientsEmails != null)
             {
diff --git a/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Cmdlet/UseAzureSqlServerThreatDetection.cs b/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Cmdlet/UseAzureSqlServerThreatDetection.cs
@@ -0,0 +1,54 @@
+﻿// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.Sql.ThreatDetection.Model;
+using System.Management.Automation;
+using Microsoft.Azure.Commands.Sql.Common;
+
+namespace Microsoft.Azure.Commands.Sql.ThreatDetection.Cmdlet
+{
+    /// <summary>
+    /// Marks the given database as using its server's default policy instead of its own policy.
+    /// </summary>
+    [Cmdlet(VerbsOther.Use, "AzureRmSqlDatabaseThreatDetectionPolicy", SupportsShouldProcess = true),
+        OutputType(typeof(DatabaseThreatDetectionPolicyModel))]
+    public class UseAzureSqlServerAuditingPolicy : SqlDatabaseThreatDetectionCmdletBase
+    {
+        /// <summary>
+        ///  Defines whether the cmdlets will output the model object at the end of its execution
+        /// </summary>
+        [Parameter(Mandatory = false)]
+        public SwitchParameter PassThru { get; set; }
+
+        /// <summary>
+        /// Returns true if the model object that was constructed by this cmdlet should be written out
+        /// </summary>
+        /// <returns>True if the model object should be written out, False otherwise</returns>
+        protected override bool WriteResult() { return PassThru; }
+
+        /// <summary>
+        /// Updates the given model element with the cmdlet specific operation 
+        /// </summary>
+        /// <param name="model">A model object</param>
+        protected override DatabaseThreatDetectionPolicyModel ApplyUserInputToModel(DatabaseThreatDetectionPolicyModel model)
+        {
+            if (model.ThreatDetectionState == ThreatDetectionStateType.New)
+            {
+                model.ThreatDetectionState = ThreatDetectionStateType.Enabled;
+            }
+            model.UseServerDefault = SecurityConstants.UseServerDefaultOptions.Enabled;
+            return model;
+        }
+    }
+}
diff --git a/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Model/DatabaseThreatDetectionPolicyModel .cs b/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Model/DatabaseThreatDetectionPolicyModel .cs
@@ -12,8 +12,12 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
+using Microsoft.Azure.Commands.Sql.Common;
+
 namespace Microsoft.Azure.Commands.Sql.ThreatDetection.Model
 {
+
+
     /// <summary>
     /// A class representing a database threat detection policy
     /// </summary>
@@ -23,5 +27,10 @@ public class DatabaseThreatDetectionPolicyModel : BaseThreatDetectionPolicyModel
         /// Gets or sets the database name
         /// </summary>
         public string DatabaseName { get; set; }
+
+        /// <summary>
+        /// Gets or sets the use server default property
+        /// </summary>
+        public SecurityConstants.UseServerDefaultOptions UseServerDefault { get; set; }
     }
 }
diff --git a/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Services/SqlThreatDetectionAdapter.cs b/src/ResourceManager/Sql/Commands.Sql/ThreatDetection/Services/SqlThreatDetectionAdapter.cs
@@ -117,6 +117,7 @@ public ServerThreatDetectionPolicyModel GetServerThreatDetectionPolicy(string re
         private static BaseThreatDetectionPolicyModel ModelizeThreatDetectionPolicy(BaseSecurityAlertPolicyProperties threatDetectionProperties, BaseThreatDetectionPolicyModel model)
         {  
             model.ThreatDetectionState = ModelizeThreatDetectionState(threatDetectionProperties.State);
+            model.UseServerDefault = properties.UseServerDefault == SecurityConstants.AuditingEndpoint.Enabled ? SecurityConstants.UseServerDefaultOptions.Enabled : SecurityConstants.UseServerDefaultOptions.Disabled;
             model.NotificationRecipientsEmails = threatDetectionProperties.EmailAddresses;
             model.EmailAdmins = ModelizeThreatDetectionEmailAdmins(threatDetectionProperties.EmailAccountAdmins);
             ModelizeStorageAccount(model, threatDetectionProperties.StorageEndpoint);

Original file line number	Diff line number	Diff line change
`@@ -46,6 +46,7 @@ protected override DatabaseThreatDetectionPolicyModel ApplyUserInputToModel(`
`46`	`46`	`{`
`47`	`47`	`model = base.ApplyUserInputToModel(model);`
`48`	`48`	`model.ThreatDetectionState = ThreatDetectionStateType.Disabled;`
	`49`	`+ model.UseServerDefault = UseServerDefaultOptions.Disabled;`
`49`	`50`	`return model;`
`50`	`51`	`}`
`51`	`52`	`}`
Original file line number	Diff line number	Diff line change
`@@ -84,6 +84,7 @@ protected override DatabaseThreatDetectionPolicyModel ApplyUserInputToModel(Data`
`84`	`84`	`base.ApplyUserInputToModel(model);`
`85`	`85`
`86`	`86`	`model.ThreatDetectionState = ThreatDetectionStateType.Enabled;`
	`87`	`+ model.UseServerDefault = UseServerDefaultOptions.Disabled;`
`87`	`88`
`88`	`89`	`if (NotificationRecipientsEmails != null)`
`89`	`90`	`{`
Original file line number	Diff line number	Diff line change
`@@ -117,6 +117,7 @@ public ServerThreatDetectionPolicyModel GetServerThreatDetectionPolicy(string re`
`117`	`117`	`private static BaseThreatDetectionPolicyModel ModelizeThreatDetectionPolicy(BaseSecurityAlertPolicyProperties threatDetectionProperties, BaseThreatDetectionPolicyModel model)`
`118`	`118`	`{`
`119`	`119`	`model.ThreatDetectionState = ModelizeThreatDetectionState(threatDetectionProperties.State);`
	`120`	`+ model.UseServerDefault = properties.UseServerDefault == SecurityConstants.AuditingEndpoint.Enabled ? SecurityConstants.UseServerDefaultOptions.Enabled : SecurityConstants.UseServerDefaultOptions.Disabled;`
`120`	`121`	`model.NotificationRecipientsEmails = threatDetectionProperties.EmailAddresses;`
`121`	`122`	`model.EmailAdmins = ModelizeThreatDetectionEmailAdmins(threatDetectionProperties.EmailAccountAdmins);`
`122`	`123`	`ModelizeStorageAccount(model, threatDetectionProperties.StorageEndpoint);`