Changes to SqlServerLogin

- Now when adding a login of type SqlLogin, and the SQL Server login mode is set to `'Integrated'`, an error is correctly thrown (issue #1179).
dsccommunity · Jan 21, 2019 · 0df4bd9 · 0df4bd9
1 parent 4f59191
commit 0df4bd9
Show file tree

Hide file tree

Showing 3 changed files with 75 additions and 33 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -31,6 +31,9 @@
 - Changes to SqlServerLogin
   - Fixed issue in Test-TargetResource to valid password on disabled accounts.
     ([issue #915](https://github.com/PowerShell/SqlServerDsc/issues/915)).
+  - Now when adding a login of type SqlLogin, and the SQL Server login mode
+    is set to `'Integrated'`, an error is correctly thrown
+    ([issue #1179](https://github.com/PowerShell/SqlServerDsc/issues/1179)).
 - Changes to SqlSetup
   - Updated the integration test to stop the named instance while installing
     the other instances to mitigate

diff --git a/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.psm1 b/DSCResources/MSFT_SqlServerLogin/MSFT_SqlServerLogin.psm1
@@ -227,10 +227,10 @@ function Set-TargetResource
 
                 switch ($LoginType)
                 {
-                    SqlLogin
+                    'SqlLogin'
                     {
                         # Verify the instance is in Mixed authentication mode
-                        if ( $serverObject.LoginMode -notmatch 'Mixed|Integrated' )
+                        if ( $serverObject.LoginMode -notmatch 'Mixed|Normal' )
                         {
                             throw New-TerminatingError -ErrorType IncorrectLoginMode -FormatArgs $ServerName, $InstanceName, $serverObject.LoginMode -ErrorCategory NotImplemented
                         }

diff --git a/Tests/Unit/MSFT_SqlServerLogin.Tests.ps1 b/Tests/Unit/MSFT_SqlServerLogin.Tests.ps1
@@ -222,12 +222,43 @@ try
             return $mock
         }
 
+        $mockConnectSQL_LoginMode = {
+            return New-Object -TypeName Object |
+                Add-Member -MemberType ScriptProperty -Name Logins -Value {
+                return @{
+                    'Windows\User1' = ( New-Object -TypeName Object |
+                            Add-Member -MemberType NoteProperty -Name 'Name' -Value 'Windows\User1' -PassThru |
+                            Add-Member -MemberType NoteProperty -Name 'LoginType' -Value 'WindowsUser' -PassThru |
+                            Add-Member -MemberType ScriptMethod -Name Alter -Value {} -PassThru |
+                            Add-Member -MemberType ScriptMethod -Name Drop -Value {} -PassThru -Force
+                    )
+                    'SqlLogin1' = ( New-Object -TypeName Object |
+                            Add-Member -MemberType NoteProperty -Name 'Name' -Value 'SqlLogin1' -PassThru |
+                            Add-Member -MemberType NoteProperty -Name 'LoginType' -Value 'SqlLogin' -PassThru |
+                            Add-Member -MemberType NoteProperty -Name 'MustChangePassword' -Value $false -PassThru |
+                            Add-Member -MemberType NoteProperty -Name 'PasswordExpirationEnabled' -Value $true -PassThru |
+                            Add-Member -MemberType NoteProperty -Name 'PasswordPolicyEnforced' -Value $true -PassThru |
+                            Add-Member -MemberType ScriptMethod -Name Alter -Value {} -PassThru |
+                            Add-Member -MemberType ScriptMethod -Name Drop -Value {} -PassThru -Force
+                    )
+                    'Windows\Group1' = ( New-Object -TypeName Object |
+                            Add-Member -MemberType NoteProperty -Name 'Name' -Value 'Windows\Group1' -PassThru |
+                            Add-Member -MemberType NoteProperty -Name 'LoginType' -Value 'WindowsGroup' -PassThru |
+                            Add-Member -MemberType ScriptMethod -Name Alter -Value {} -PassThru |
+                            Add-Member -MemberType ScriptMethod -Name Drop -Value {} -PassThru -Force
+                    )
+                }
+            } -PassThru |
+                Add-Member -MemberType NoteProperty -Name LoginMode -Value $mockLoginMode -PassThru -Force
+        }
+
         $mockAccountDisabledException = New-Object System.Exception 'Account disabled'
         $mockAccountDisabledException | Add-Member -Name 'Number' -Value 18470 -MemberType NoteProperty
         $mockLoginFailedException = New-Object System.Exception 'Login failed'
         $mockLoginFailedException | Add-Member -Name 'Number' -Value 18456 -MemberType NoteProperty
         $mockException = New-Object System.Exception 'Something went wrong'
         $mockException | Add-Member -Name 'Number' -Value 1 -MemberType NoteProperty
+
         #endregion Pester Test Initialization
 
         Describe 'MSFT_SqlServerLogin\Get-TargetResource' {
@@ -1014,38 +1045,10 @@ try
                     Assert-MockCalled -CommandName Set-SQLServerLoginPassword  -Scope It -Times 1 -Exactly
                 }
 
-                It 'Should throw the correct error when creating a SQL Login if the LoginMode is not Mixed' {
-                    $mockConnectSQL_LoginModeNormal = {
-                        return New-Object -TypeName Object |
-                            Add-Member -MemberType ScriptProperty -Name Logins -Value {
-                            return @{
-                                'Windows\User1' = ( New-Object -TypeName Object |
-                                        Add-Member -MemberType NoteProperty -Name 'Name' -Value 'Windows\User1' -PassThru |
-                                        Add-Member -MemberType NoteProperty -Name 'LoginType' -Value 'WindowsUser' -PassThru |
-                                        Add-Member -MemberType ScriptMethod -Name Alter -Value {} -PassThru |
-                                        Add-Member -MemberType ScriptMethod -Name Drop -Value {} -PassThru -Force
-                                )
-                                'SqlLogin1' = ( New-Object -TypeName Object |
-                                        Add-Member -MemberType NoteProperty -Name 'Name' -Value 'SqlLogin1' -PassThru |
-                                        Add-Member -MemberType NoteProperty -Name 'LoginType' -Value 'SqlLogin' -PassThru |
-                                        Add-Member -MemberType NoteProperty -Name 'MustChangePassword' -Value $false -PassThru |
-                                        Add-Member -MemberType NoteProperty -Name 'PasswordExpirationEnabled' -Value $true -PassThru |
-                                        Add-Member -MemberType NoteProperty -Name 'PasswordPolicyEnforced' -Value $true -PassThru |
-                                        Add-Member -MemberType ScriptMethod -Name Alter -Value {} -PassThru |
-                                        Add-Member -MemberType ScriptMethod -Name Drop -Value {} -PassThru -Force
-                                )
-                                'Windows\Group1' = ( New-Object -TypeName Object |
-                                        Add-Member -MemberType NoteProperty -Name 'Name' -Value 'Windows\Group1' -PassThru |
-                                        Add-Member -MemberType NoteProperty -Name 'LoginType' -Value 'WindowsGroup' -PassThru |
-                                        Add-Member -MemberType ScriptMethod -Name Alter -Value {} -PassThru |
-                                        Add-Member -MemberType ScriptMethod -Name Drop -Value {} -PassThru -Force
-                                )
-                            }
-                        } -PassThru |
-                            Add-Member -MemberType NoteProperty -Name LoginMode -Value 'Normal' -PassThru -Force
-                    }
+                It 'Should throw the correct error when creating a SQL Login if the LoginMode is ''Integrated''' {
+                    $mockLoginMode = 'Integrated'
 
-                    Mock -CommandName Connect-SQL -MockWith $mockConnectSQL_LoginModeNormal -Verifiable
+                    Mock -CommandName Connect-SQL -MockWith $mockConnectSQL_LoginMode -Verifiable
 
                     $setTargetResource_SqlLoginAbsent_EnsurePresent = $setTargetResource_SqlLoginAbsent.Clone()
                     $setTargetResource_SqlLoginAbsent_EnsurePresent.Add( 'Ensure', 'Present' )
@@ -1060,6 +1063,42 @@ try
                     Assert-MockCalled -CommandName Set-SQLServerLoginPassword  -Scope It -Times 0 -Exactly
                 }
             }
+
+            It 'Should not throw an error when creating a SQL Login and the LoginMode is set to ''Normal''' {
+                $mockLoginMode = 'Normal'
+
+                Mock -CommandName Connect-SQL -MockWith $mockConnectSQL_LoginMode -Verifiable
+
+                $setTargetResource_SqlLoginAbsent_EnsurePresent = $setTargetResource_SqlLoginAbsent.Clone()
+                $setTargetResource_SqlLoginAbsent_EnsurePresent.Add( 'Ensure', 'Present' )
+                $setTargetResource_SqlLoginAbsent_EnsurePresent.Add( 'LoginCredential', $mockSqlLoginCredential )
+
+                { Set-TargetResource @setTargetResource_SqlLoginAbsent_EnsurePresent } | Should -Not -Throw 'IncorrectLoginMode'
+
+                Assert-MockCalled -CommandName Connect-SQL -Scope It -Times 1 -Exactly
+                Assert-MockCalled -CommandName Update-SQLServerLogin  -Scope It -Times 0 -Exactly
+                Assert-MockCalled -CommandName New-SQLServerLogin  -Scope It -Times 1 -Exactly
+                Assert-MockCalled -CommandName Remove-SQLServerLogin  -Scope It -Times 0 -Exactly
+                Assert-MockCalled -CommandName Set-SQLServerLoginPassword  -Scope It -Times 0 -Exactly
+            }
+
+            It 'Should not throw an error when creating a SQL Login and the LoginMode is set to ''Mixed''' {
+                $mockLoginMode = 'Mixed'
+
+                Mock -CommandName Connect-SQL -MockWith $mockConnectSQL_LoginMode -Verifiable
+
+                $setTargetResource_SqlLoginAbsent_EnsurePresent = $setTargetResource_SqlLoginAbsent.Clone()
+                $setTargetResource_SqlLoginAbsent_EnsurePresent.Add( 'Ensure', 'Present' )
+                $setTargetResource_SqlLoginAbsent_EnsurePresent.Add( 'LoginCredential', $mockSqlLoginCredential )
+
+                { Set-TargetResource @setTargetResource_SqlLoginAbsent_EnsurePresent } | Should -Not -Throw 'IncorrectLoginMode'
+
+                Assert-MockCalled -CommandName Connect-SQL -Scope It -Times 1 -Exactly
+                Assert-MockCalled -CommandName Update-SQLServerLogin  -Scope It -Times 0 -Exactly
+                Assert-MockCalled -CommandName New-SQLServerLogin  -Scope It -Times 1 -Exactly
+                Assert-MockCalled -CommandName Remove-SQLServerLogin  -Scope It -Times 0 -Exactly
+                Assert-MockCalled -CommandName Set-SQLServerLoginPassword  -Scope It -Times 0 -Exactly
+            }
         }
 
         Describe 'MSFT_SqlServerLogin\Update-SQLServerLogin' {