change tests

ayeletshpigelman · ayeletshpigelman · commit 71bccd680d84 · 2017-01-23T10:04:10.000+02:00
diff --git a/src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/AuditingTests.ps1 b/src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/AuditingTests.ps1
@@ -964,7 +964,7 @@ Tests that after migrating between database audit types the returned policy is o
 function Test-DatatabaseAuditingTypeMigration
 {
 	# Setup
-	$testSuffix = 554479
+	$testSuffix = 554478
 	Create-AuditingTestEnvironment $testSuffix
 	$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
 	$dbName = $params.databaseName
@@ -994,13 +994,25 @@ function Test-DatatabaseAuditingTypeMigration
 		Assert-AreEqual $policy.AuditAction.Length 2
 		Assert-AreEqual $policy.RetentionInDays 4
 
-		# Test
+		 # Test - Tests that when updating blob auditing policy on database without AuditType parameter, the policy type isn't changed.
+		Set-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -AuditActionGroup "DATABASE_OPERATION_GROUP"
+		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+
+		#Assert
+		Assert-AreEqual $policy.AuditState "Enabled"
+		Assert-AreEqual $policy.AuditType ([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditType]::Blob)
+		Assert-AreEqual $policy.AuditActionGroup.Length 1
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
+		Assert-AreEqual $policy.AuditAction.Length 2
+		Assert-AreEqual $policy.RetentionInDays 4
+
+		# Test - When trying to update the current blob auditing policy with eventType parameter it fails, because EventType parameter is only supported for table auditing.
 		Assert-Throws {Set-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType ParameterizedSQL_Failure}
 
-        # Test
+		# Test
 		Set-AzureRmSqlDatabaseAuditingPolicy -AuditType Table -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -EventType ParameterizedSQL_Failure
 		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
-	
+
 		# Assert
 		Assert-AreEqual $policy.AuditState "Enabled"
 		Assert-AreEqual $policy.AuditType ([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditType]::Table)
@@ -1023,7 +1035,7 @@ function Test-DatatabaseAuditingTypeMigration
 		# Assert
 		Assert-AreEqual $policy.AuditType ([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditType]::Table)
 
-		# Test
+        # Test
 		Remove-AzureRmSqlDatabaseAuditing -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
 		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
 	
@@ -1045,7 +1057,7 @@ Tests that after migrating between server audit types the returned policy is of
 function Test-ServerAuditingTypeMigration
 {
 	# Setup
-	$testSuffix = 584416
+	$testSuffix = 584412
 	Create-AuditingTestEnvironment $testSuffix
 	$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
 	$dbName = $params.databaseName
@@ -1072,7 +1084,18 @@ function Test-ServerAuditingTypeMigration
 		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::FAILED_DATABASE_AUTHENTICATION_GROUP)}
 		Assert-AreEqual $policy.RetentionInDays 4
 
-        # Test
+		#Test - Tests that when updating blob auditing policy on server without AuditType parameter, the policy type isn't changed.
+		Set-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -AuditActionGroup DATABASE_OPERATION_GROUP
+		$policy = Get-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
+
+		#Assert
+		Assert-AreEqual $policy.AuditState "Enabled"
+		Assert-AreEqual $policy.AuditType ([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditType]::Blob)
+		Assert-AreEqual $policy.AuditActionGroup.Length 1
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
+		Assert-AreEqual $policy.RetentionInDays 4
+
+		# Test - When trying to update the current blob auditing policy with eventType parameter it fails, because EventType parameter is only supported for table auditing.
 		Assert-Throws {Set-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType ParameterizedSQL_Failure}
 
 		# Test
@@ -1140,17 +1163,17 @@ function Test-GetServerAndDatabaseAuditingInUkRegion
 
 <#
 .SYNOPSIS
-Tests that when modifying the auditActionGroup property of a databases's auditing policy (including the All and None values), these properties are later fetched properly
+Tests that when modifying the auditActionGroup property of a blob auditing policy, these properties are later fetched properly
 #>
-function Test-BlobAuditingDatabaseUpdatePolicyWithAuditActionGroups
+function Test-BlobAuditingWithAuditActionGroups
 {
 	$testSuffix = 50118
 	Create-AuditingTestEnvironment $testSuffix
 	$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
 
 	try
 	{
-        # Test - when setting new blob auditin policy without audit action groups, the default audit action groups is set.
+		# Test - when setting new blob auditing policy for database without audit action groups, the default audit action groups is set.
 		Set-AzureRmSqlDatabaseAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount
 		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
 	
@@ -1161,6 +1184,15 @@ function Test-BlobAuditingDatabaseUpdatePolicyWithAuditActionGroups
 		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::BATCH_COMPLETED_GROUP)}
 
 		# Test
+		Set-AzureRmSqlDatabaseAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -AuditActionGroup "APPLICATION_ROLE_CHANGE_PASSWORD_GROUP","DATABASE_OBJECT_PERMISSION_CHANGE_GROUP"
+		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
+	
+		# Assert
+		Assert-AreEqual $policy.AuditActionGroup.Length 2
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::APPLICATION_ROLE_CHANGE_PASSWORD_GROUP)}
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OBJECT_PERMISSION_CHANGE_GROUP)} 
+
+		# Test - tests that audit action groups can be changed
 		Set-AzureRmSqlDatabaseAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -AuditActionGroup "DATABASE_OPERATION_GROUP","DATABASE_LOGOUT_GROUP"
 		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
 	
@@ -1169,10 +1201,47 @@ function Test-BlobAuditingDatabaseUpdatePolicyWithAuditActionGroups
 		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
 		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_LOGOUT_GROUP)}
 
-		# Test - when updating blob auditin policy for existing one without audit action groups, the action groups won't change.
+		# Test - when updating blob auditing policy for existing one without audit action groups, the action groups won't change.
 		Set-AzureRmSqlDatabaseAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount
 		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
 	
+		# Assert
+		Assert-AreEqual $policy.AuditActionGroup.Length 2
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_LOGOUT_GROUP)}
+
+				 # Test - when setting new blob auditing policy for server without audit action groups, the default audit action groups is set.
+		Set-AzureRmSqlServerAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount
+		$policy = Get-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
+	
+		# Assert
+		Assert-AreEqual $policy.AuditActionGroup.Length 3
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP)}
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::FAILED_DATABASE_AUTHENTICATION_GROUP)}
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::BATCH_COMPLETED_GROUP)}
+
+		# Test
+		Set-AzureRmSqlServerAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -AuditActionGroup "APPLICATION_ROLE_CHANGE_PASSWORD_GROUP","DATABASE_OBJECT_PERMISSION_CHANGE_GROUP"
+		$policy = Get-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
+	
+		# Assert
+		Assert-AreEqual $policy.AuditActionGroup.Length 2
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::APPLICATION_ROLE_CHANGE_PASSWORD_GROUP)}
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OBJECT_PERMISSION_CHANGE_GROUP)}
+
+		# Test - tests that audit action groups can be changed
+		Set-AzureRmSqlServerAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -AuditActionGroup "DATABASE_OPERATION_GROUP","DATABASE_LOGOUT_GROUP"
+		$policy = Get-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
+	
+		# Assert
+		Assert-AreEqual $policy.AuditActionGroup.Length 2
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
+		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_LOGOUT_GROUP)}
+
+		# Test - when updating blob auditing policy for existing one without audit action groups, the action groups won't change.
+		Set-AzureRmSqlServerAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount
+		$policy = Get-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
+	
 		# Assert
 		Assert-AreEqual $policy.AuditActionGroup.Length 2
 		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
@@ -1187,7 +1256,7 @@ function Test-BlobAuditingDatabaseUpdatePolicyWithAuditActionGroups
 
  <#
 .SYNOPSIS
-Tests that trying to configure table audititng with audit actions or action groups fails.
+Tests that trying to configure table auditing with audit actions or action groups fails.
 #>
 function Test-AuditingWithAuditActionsAndAuditActionGroups
 {
@@ -1212,101 +1281,4 @@ function Test-AuditingWithAuditActionsAndAuditActionGroups
 		# Cleanup
 		Remove-AuditingTestEnvironment $testSuffix
 	}
-}
-
- <#
-.SYNOPSIS
-Tests that trying to configure blob audititng with event types fails.
-#>
-function Test-BlobAuditingWithEventTypes
-{
-	$testSuffix = 50333
-	Create-AuditingTestEnvironment $testSuffix
-	$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
-
-	try
-	{
-		# Test
-		Assert-Throws {Set-AzureRmSqlDatabaseAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName  -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success"}
-
-		# Test
-		Assert-Throws {Set-AzureRmSqlServerAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -EventType "PlainSQL_Success"}
-	}
-	finally
-	{
-		# Cleanup
-		Remove-AuditingTestEnvironment $testSuffix
-	}
-}
-
- <#
-.SYNOPSIS
-Tests that when updating blob auditing policy on database without AuditType parameter, the policy type isn't changed.
-#>
-function Test-UpdateBlobAuditingOnDatabaseWithNoAuditType
-{
-	$testSuffix = 50118
-	Create-AuditingTestEnvironment $testSuffix
-	$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
-
-	try
-	{
-		# Test
-		Set-AzureRmSqlDatabaseAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount
-		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
-
-		#Assert
-		Assert-AreEqual $policy.AuditState "Enabled"
-		Assert-AreEqual $policy.AuditType "Blob"
-		
-		# Test
-		Set-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -StorageAccountName $params.storageAccount -AuditActionGroup "DATABASE_OPERATION_GROUP"
-		$policy = Get-AzureRmSqlDatabaseAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
-
-		#Assert
-		Assert-AreEqual $policy.AuditState "Enabled"
-		Assert-AreEqual $policy.AuditType "Blob"
-		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
-	}
-	finally
-	{
-		# Cleanup
-		Remove-AuditingTestEnvironment $testSuffix
-	}
-}
-
- <#
-.SYNOPSIS
-Tests that when updating blob auditing policy on server without AuditType parameter, the policy type isn't changed.
-#>
-function Test-UpdateBlobAuditingOnServerWithNoAuditType
-{
-	$testSuffix = 50130
-	Create-AuditingTestEnvironment $testSuffix
-	$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
-
-	try
-	{
-		#Test
-		Set-AzureRmSqlServerAuditingPolicy -AuditType Blob -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount
-		$policy = Get-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
-
-		#Assert
-		Assert-AreEqual $policy.AuditState "Enabled"
-		Assert-AreEqual $policy.AuditType "Blob"
-		
-		#Test
-		Set-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -StorageAccountName $params.storageAccount -AuditActionGroup "DATABASE_OPERATION_GROUP"
-		$policy = Get-AzureRmSqlServerAuditingPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
-
-		#Assert
-		Assert-AreEqual $policy.AuditState "Enabled"
-		Assert-AreEqual $policy.AuditType "Blob"
-		Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::DATABASE_OPERATION_GROUP)}
-	}
-	finally
-	{
-		# Cleanup
-		Remove-AuditingTestEnvironment $testSuffix
-	}
 }
