From 2c1b07a03e233c490ef08d810c578b8cbd04a31b Mon Sep 17 00:00:00 2001 From: Marko Bozikovic Date: Thu, 26 Mar 2020 16:35:13 +0100 Subject: [PATCH] [#1474] SqlServerLogin: Added DefaultDatabase parameter --- CHANGELOG.md | 5 ++ .../MSFT_SqlServerLogin.psm1 | 53 ++++++++++++++++--- .../MSFT_SqlServerLogin.schema.mof | 1 + .../en-US/MSFT_SqlServerLogin.strings.psd1 | 1 + .../MSFT_SqlServerLogin.Integration.Tests.ps1 | 1 + .../MSFT_SqlServerLogin.config.ps1 | 16 ++++++ tests/Unit/Stubs/SMO.cs | 1 + 7 files changed, 70 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a13c9951..70b197084 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,11 @@ For older change log history see the [historic changelog](HISTORIC_CHANGELOG.md) ## [Unreleased] +### Added + +- SqlServerLogin + - Added `DefaultDatabase` parameter ([issue #1474](https://github.com/dsccommunity/SqlServerDsc/issues/1474).) + ### Changed - SqlServerDsc diff --git a/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.psm1 b/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.psm1 index dd5d6f71c..6b8fb8d6e 100644 --- a/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.psm1 +++ b/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.psm1 @@ -62,12 +62,13 @@ function Get-TargetResource ) $returnValue = @{ - Ensure = $ensure - Name = $Name - LoginType = $login.LoginType - ServerName = $ServerName - InstanceName = $InstanceName - Disabled = $login.IsDisabled + Ensure = $ensure + Name = $Name + LoginType = $login.LoginType + ServerName = $ServerName + InstanceName = $InstanceName + Disabled = $login.IsDisabled + DefaultDatabase = $login.DefaultDatabase } if ($login.LoginType -eq 'SqlLogin') @@ -113,6 +114,9 @@ function Get-TargetResource .PARAMETER Disabled Specifies if the login is disabled. Default is $false. + + .PARAMETER DefaultDatabase + Specifies the default database for the login. #> function Set-TargetResource { @@ -167,7 +171,11 @@ function Set-TargetResource [Parameter()] [System.Boolean] - $Disabled + $Disabled, + + [Parameter()] + [System.String] + $DefaultDatabase ) $serverObject = Connect-SQL -ServerName $ServerName -InstanceName $InstanceName @@ -232,6 +240,12 @@ function Set-TargetResource $login.Enable() } } + + if ( $PSBoundParameers.ContainsKey('DefaultDatabase') -and ($login.DefaultDatabase -ne $DefaultDatabase) ) + { + $login.DefaultDatabase = $DefaultDatabase + Update-SQLServerLogin -Login $login + } } else { @@ -295,6 +309,13 @@ function Set-TargetResource $login.Disable() } + + # set the default database if specified + if ( $PSBoundParameers.ContainsKey('DefaultDatabase') ) + { + $login.DefaultDatabase = $DefaultDatabase + Update-SQLServerLogin -Login $login + } } } @@ -345,6 +366,9 @@ function Set-TargetResource .PARAMETER Disabled Specifies if the login is disabled. Default is $false. + + .PARAMETER DefaultDatabase + Specifies the default database for the login. #> function Test-TargetResource { @@ -399,7 +423,11 @@ function Test-TargetResource [Parameter()] [System.Boolean] - $Disabled + $Disabled, + + [Parameter()] + [System.String] + $DefaultDatabase ) Write-Verbose -Message ( @@ -455,6 +483,15 @@ function Test-TargetResource $testPassed = $false } + if ( $PSBoundParameters.ContainsKey('DefaultDatabase') -and ($loginInfo.DefaultDatabase -ne $DefaultDatabase) ) + { + Write-Verbose -Message ( + $script:localizedData.WrongDefaultDatabase -f $Name, $loginInfo.DefaultDatabase, $DefaultDatabase + ) + + $testPassed = $false + } + if ( $LoginType -eq 'SqlLogin' ) { if ( $LoginPasswordExpirationEnabled -ne $loginInfo.LoginPasswordExpirationEnabled ) diff --git a/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.schema.mof b/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.schema.mof index f687e0963..bc336633a 100644 --- a/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.schema.mof +++ b/source/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.schema.mof @@ -13,4 +13,5 @@ class MSFT_SqlServerLogin : OMI_BaseResource [Write, Description("Specifies if the login password is required to expire in accordance to the operating system security policy. Only applies to SQL Logins. Default is $true.")] Boolean LoginPasswordExpirationEnabled; [Write, Description("Specifies if the login password is required to conform to the password policy specified in the system security policy. Only applies to SQL Logins. Default is $true.")] Boolean LoginPasswordPolicyEnforced; [Write, Description("Specifies if the login is disabled. Default is $false.")] Boolean Disabled; + [Write, Description("Default database name.")] String DefaultDatabase; }; diff --git a/source/DSCResources/MSFT_SqlServerLogin/en-US/MSFT_SqlServerLogin.strings.psd1 b/source/DSCResources/MSFT_SqlServerLogin/en-US/MSFT_SqlServerLogin.strings.psd1 index a5d61cd0d..f11465e91 100644 --- a/source/DSCResources/MSFT_SqlServerLogin/en-US/MSFT_SqlServerLogin.strings.psd1 +++ b/source/DSCResources/MSFT_SqlServerLogin/en-US/MSFT_SqlServerLogin.strings.psd1 @@ -18,6 +18,7 @@ ConvertFrom-StringData @' WrongLoginType = The login '{0}' has the login type '{1}', but expected it to have the login type '{2}'. ExpectedDisabled = Expected the login '{0}' to be disabled, but it is enabled. ExpectedEnabled = Expected the login '{0}' to be enabled, but it is disabled. + WrongDefaultDatabase = The login '{0}' has the default database '{1}', but expected it to have the default database '{2}'. ExpectedLoginPasswordExpirationDisabled = The login '{0}' has the password expiration enabled, but expected it to be disabled. ExpectedLoginPasswordExpirationEnabled = The login '{0}' has the password expiration disabled, but expected it to be enabled. ExpectedLoginPasswordPolicyEnforcedDisabled = The login '{0}' has the password policy enforced enabled, but expected it to be disabled. diff --git a/tests/Integration/MSFT_SqlServerLogin.Integration.Tests.ps1 b/tests/Integration/MSFT_SqlServerLogin.Integration.Tests.ps1 index a8daec2de..39d338870 100644 --- a/tests/Integration/MSFT_SqlServerLogin.Integration.Tests.ps1 +++ b/tests/Integration/MSFT_SqlServerLogin.Integration.Tests.ps1 @@ -156,6 +156,7 @@ try $resourceCurrentState.Ensure | Should -Be 'Present' $resourceCurrentState.Name | Should -Be $ConfigurationData.AllNodes.DscUser2Name $resourceCurrentState.LoginType | Should -Be $ConfigurationData.AllNodes.DscUser2Type + $resourceCurrentState.DefaultDatabase | Should -Be $ConfigurationData.AllNodes.DefaultDbName $resourceCurrentState.Disabled | Should -Be $false } diff --git a/tests/Integration/MSFT_SqlServerLogin.config.ps1 b/tests/Integration/MSFT_SqlServerLogin.config.ps1 index a4d837b4d..8cadca465 100644 --- a/tests/Integration/MSFT_SqlServerLogin.config.ps1 +++ b/tests/Integration/MSFT_SqlServerLogin.config.ps1 @@ -24,6 +24,8 @@ else ServerName = $env:COMPUTERNAME InstanceName = 'DSCSQLTEST' + DefaultDbName = 'DefaultDb' + DscUser1Name = ('{0}\{1}' -f $env:COMPUTERNAME, 'DscUser1') DscUser1Type = 'WindowsUser' @@ -52,6 +54,7 @@ else Configuration MSFT_SqlServerLogin_CreateDependencies_Config { Import-DscResource -ModuleName 'PSDscResources' -ModuleVersion '2.12.0.0' + Import-DscResource -ModuleName 'SqlServerDsc' node $AllNodes.NodeName { @@ -99,6 +102,18 @@ Configuration MSFT_SqlServerLogin_CreateDependencies_Config '[User]CreateDscUser2' ) } + + SqlDatabase 'DefaultDb_Test' + { + Ensure = 'Present' + ServerName = $Node.ServerName + InstanceName = $Node.InstanceName + Name = $Node.DefaultDbName + + PsDscRunAsCredential = New-Object ` + -TypeName System.Management.Automation.PSCredential ` + -ArgumentList @($Node.Admin_UserName, (ConvertTo-SecureString -String $Node.Admin_Password -AsPlainText -Force)) + } } } @@ -143,6 +158,7 @@ Configuration MSFT_SqlServerLogin_AddLoginDscUser2_Config Ensure = 'Present' Name = $Node.DscUser2Name LoginType = $Node.DscUser2Type + DefaultDatabase = $Node.DefaultDbName ServerName = $Node.ServerName InstanceName = $Node.InstanceName diff --git a/tests/Unit/Stubs/SMO.cs b/tests/Unit/Stubs/SMO.cs index 02ba17e86..10bca2608 100644 --- a/tests/Unit/Stubs/SMO.cs +++ b/tests/Unit/Stubs/SMO.cs @@ -351,6 +351,7 @@ public class Login public bool PasswordPolicyEnforced = false; public bool PasswordExpirationEnabled = false; public bool IsDisabled = false; + public string DefaultDatabase; public string MockName; public LoginType MockLoginType;