Skip to content

Commit

Permalink
Changes to SqlDatabasePermission
Browse files Browse the repository at this point in the history 
- Added en-US localization (issue dsccommunity#608).
  • Loading branch information
@johlju
johlju committed Apr 27, 2019
1 parent 5faea8c commit b8a22ae
Show file tree
Hide file tree
Showing 6 changed files with 78 additions and 78 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,8 @@
- Added en-US localization ([issue #610](https://github.com/PowerShell/SqlServerDsc/issues/610)).
- Changes to SqlDatabaseRecoveryModel
- Added en-US localization ([issue #609](https://github.com/PowerShell/SqlServerDsc/issues/609)).
- Changes to SqlDatabasePermission
- Added en-US localization ([issue #608](https://github.com/PowerShell/SqlServerDsc/issues/608)).

## 12.4.0.0

Expand Down
85 changes: 42 additions & 43 deletions DSCResources/MSFT_SqlDatabasePermission/MSFT_SqlDatabasePermission.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath '
$script:resourceHelperModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'DscResource.Common'
Import-Module -Name (Join-Path -Path $script:resourceHelperModulePath -ChildPath 'DscResource.Common.psm1')

$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_SqlDatabasePermission'

<#
.SYNOPSIS
Returns the current permissions for the user in the database
Expand Down Expand Up @@ -66,11 +68,13 @@ function Get-TargetResource
$InstanceName
)

$sqlServerObject = Connect-SQL -ServerName $ServerName -InstanceName $InstanceName
Write-Verbose -Message (
$script:localizedData.GetDatabasePermission -f $Name, $Database, $InstanceName
)

$sqlServerObject = Connect-SQL -ServerName $ServerName -InstanceName $InstanceName
if ($sqlServerObject)
{
Write-Verbose -Message "Getting permissions for user $Name in database $Database"
$currentEnsure = 'Absent'

if ($sqlDatabaseObject = $sqlServerObject.Databases[$Database])
Expand Down Expand Up @@ -101,27 +105,21 @@ function Get-TargetResource
}
catch
{
throw New-TerminatingError -ErrorType FailedToEnumDatabasePermissions `
-FormatArgs @($Name, $Database, $ServerName, $InstanceName) `
-ErrorCategory InvalidOperation `
-InnerException $_.Exception
$errorMessage = $script:localizedData.FailedToEnumDatabasePermissions -f $Name, $Database
New-InvalidOperationException -Message $errorMessage -ErrorRecord $_
}

}
else
{
throw New-TerminatingError -ErrorType LoginNotFound `
-FormatArgs @($Name, $ServerName, $InstanceName) `
-ErrorCategory ObjectNotFound `
-InnerException $_.Exception
$errorMessage = $script:localizedData.LoginNotFound -f $Name
New-ObjectNotFoundException -Message $errorMessage
}
}
else
{
throw New-TerminatingError -ErrorType NoDatabase `
-FormatArgs @($Database, $ServerName, $InstanceName) `
-ErrorCategory InvalidResult `
-InnerException $_.Exception
$errorMessage = $script:localizedData.DatabaseNotFound -f $Database
New-ObjectNotFoundException -Message $errorMessage
}

if ($getSqlDatabasePermissionResult)
Expand All @@ -135,7 +133,7 @@ function Get-TargetResource
}
}

$returnValue = @{
return @{
Ensure = $currentEnsure
Database = $Database
Name = $Name
Expand All @@ -144,8 +142,6 @@ function Get-TargetResource
ServerName = $ServerName
InstanceName = $InstanceName
}

$returnValue
}

<#
Expand Down Expand Up @@ -215,10 +211,11 @@ function Set-TargetResource
)

$sqlServerObject = Connect-SQL -ServerName $ServerName -InstanceName $InstanceName

if ($sqlServerObject)
{
Write-Verbose -Message "Setting permissions of database $Database for login $Name"
Write-Verbose -Message (
$script:localizedData.ChangePermissionForUser -f $Name, $Database, $InstanceName
)

if ($sqlDatabaseObject = $sqlServerObject.Databases[$Database])
{
Expand All @@ -228,25 +225,28 @@ function Set-TargetResource
{
try
{
New-VerboseMessage -Message "Adding SQL login $Name as a user of database $Database"
$sqlDatabaseUser = New-Object -TypeName Microsoft.SqlServer.Management.Smo.User -ArgumentList ($sqlDatabaseObject, $Name)
Write-Verbose -Message (
'{0} {1}' -f
($script:localizedData.LoginIsNotUser -f $Name, $Database),
$script:localizedData.AddingLoginAsUser
)

$sqlDatabaseUser = New-Object -TypeName 'Microsoft.SqlServer.Management.Smo.User' -ArgumentList ($sqlDatabaseObject, $Name)
$sqlDatabaseUser.Login = $Name
$sqlDatabaseUser.Create()
}
catch
{
throw New-TerminatingError -ErrorType AddLoginDatabaseSetError `
-FormatArgs @($ServerName, $InstanceName, $Name, $Database) `
-ErrorCategory InvalidOperation `
-InnerException $_.Exception
$errorMessage = $script:localizedData.FailedToAddUser -f $Name, $Database
New-InvalidOperationException -Message $errorMessage -ErrorRecord $_
}
}

if ($sqlDatabaseObject.Users[$Name])
{
try
{
$permissionSet = New-Object -TypeName Microsoft.SqlServer.Management.Smo.DatabasePermissionSet
$permissionSet = New-Object -TypeName 'Microsoft.SqlServer.Management.Smo.DatabasePermissionSet'

foreach ($permission in $permissions)
{
Expand All @@ -257,8 +257,9 @@ function Set-TargetResource
{
'Present'
{
New-VerboseMessage -Message ('{0} the permissions ''{1}'' to the database {2} on the server {3}\{4}' `
-f $PermissionState, ($Permissions -join ','), $Database, $ServerName, $InstanceName)
Write-Verbose -Message (
$script:localizedData.AddPermission -f $PermissionState, ($Permissions -join ','), $Database
)

switch ($PermissionState)
{
Expand All @@ -281,8 +282,9 @@ function Set-TargetResource

'Absent'
{
New-VerboseMessage -Message ('Revoking {0} permissions {1} to the database {2} on the server {3}\{4}' `
-f $PermissionState, ($Permissions -join ','), $Database, $ServerName, $InstanceName)
Write-Verbose -Message (
$script:localizedData.DropPermission -f $PermissionState, ($Permissions -join ','), $Database
)

if ($PermissionState -eq 'GrantWithGrant')
{
Expand All @@ -297,27 +299,21 @@ function Set-TargetResource
}
catch
{
throw New-TerminatingError -ErrorType FailedToSetPermissionDatabase `
-FormatArgs @($Name, $Database, $ServerName, $InstanceName) `
-ErrorCategory InvalidOperation `
-InnerException $_.Exception
$errorMessage = $script:localizedData.FailedToSetPermissionDatabase -f $Name, $Database
New-InvalidOperationException -Message $errorMessage -ErrorRecord $_
}
}
}
else
{
throw New-TerminatingError -ErrorType LoginNotFound `
-FormatArgs @($Name, $ServerName, $InstanceName) `
-ErrorCategory ObjectNotFound `
-InnerException $_.Exception
$errorMessage = $script:localizedData.LoginNotFound -f $Name
New-ObjectNotFoundException -Message $errorMessage
}
}
else
{
throw New-TerminatingError -ErrorType NoDatabase `
-FormatArgs @($Database, $ServerName, $InstanceName) `
-ErrorCategory InvalidResult `
-InnerException $_.Exception
$errorMessage = $script:localizedData.DatabaseNotFound -f $Database
New-ObjectNotFoundException -Message $errorMessage
}
}
}
Expand Down Expand Up @@ -389,7 +385,10 @@ function Test-TargetResource
$InstanceName = 'MSSQLSERVER'
)

Write-Verbose -Message "Testing permissions for user $Name in database $Database."
Write-Verbose -Message (
$script:localizedData.TestingConfiguration -f $Name, $Database, $InstanceName
)

$getTargetResourceParameters = @{
InstanceName = $PSBoundParameters.InstanceName
ServerName = $PSBoundParameters.ServerName
Expand Down
14 changes: 14 additions & 0 deletions DSCResources/MSFT_SqlDatabasePermission/en-US/MSFT_SqlDatabasePermission.strings.psd1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
ConvertFrom-StringData @'
GetDatabasePermission = Get permissions for the user '{0}' in the database '{1}' on the instance '{2}'.
DatabaseNotFound = The database '{0}' does not exist.
LoginNotFound = The login '{0}' does not exist on the instance.
FailedToEnumDatabasePermissions = Failed to get the permission for the user '{0}' in the database '{1}'.
ChangePermissionForUser = Changing the permission for the user '{0}' in the database '{1}' on the instance '{2}'.
LoginIsNotUser = The login '{0}' is not a user in the database '{1}'.
AddingLoginAsUser = Adding the login as a user of the database.
FailedToAddUser = Failed to add the login '{0}' as a user of the database '{1}'.
AddPermission = {0} the permissions '{1}' to the database '{2}'.
DropPermission = Revoking the {0} permissions '{1}' from the database '{2}'.
FailedToSetPermissionDatabase = Failed to set the permissions for the login '{0}' in the database '{1}'.
TestingConfiguration = Determines if the user '{0}' has the correct permissions in the database '{1}' on the instance '{2}'.
'@
2 changes: 0 additions & 2 deletions Modules/DscResource.Common/en-US/DscResource.Common.strings.psd1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,6 @@ ConvertFrom-StringData @'
DropDatabaseSetError = Failed to drop the database named {2} on {0}\\{1}.
FailedToGetOwnerDatabase = Failed to get owner of the database named {0} on {1}\\{2}.
FailedToSetOwnerDatabase = Failed to set owner named {0} of the database named {1} on {2}\\{3}.
FailedToSetPermissionDatabase = Failed to set permission for login named {0} of the database named {1} on {2}\\{3}.
FailedToEnumDatabasePermissions = Failed to get permission for login named {0} of the database named {1} on {2}\\{3}.
UpdateDatabaseSetError = Failed to update database {1} on {0}\\{1} with specified changes.
InvalidCollationError = The specified collation '{3}' is not a valid collation for database {2} on {0}\\{1}.
Expand Down
2 changes: 0 additions & 2 deletions Modules/DscResource.Common/sv-SE/DscResource.Common.strings.psd1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,8 +105,6 @@ ConvertFrom-StringData @'
DropDatabaseSetError = Failed to drop the database named {2} on {0}\\{1}.
FailedToGetOwnerDatabase = Failed to get owner of the database named {0} on {1}\\{2}.
FailedToSetOwnerDatabase = Failed to set owner named {0} of the database named {1} on {2}\\{3}.
FailedToSetPermissionDatabase = Failed to set permission for login named {0} of the database named {1} on {2}\\{3}.
FailedToEnumDatabasePermissions = Failed to get permission for login named {0} of the database named {1} on {2}\\{3}.
# SQLServerNetwork
UnableToUseBothDynamicAndStaticPort = Unable to set both TCP dynamic port and TCP static port. Only one can be set.
Expand Down
51 changes: 20 additions & 31 deletions Tests/Unit/MSFT_SqlDatabasePermission.Tests.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,10 +257,9 @@ try
Permissions = @( 'Connect', 'Update' )
}

$throwInvalidOperation = ("Database 'unknownDatabaseName' does not exist " + `
"on SQL server 'localhost\MSSQLSERVER'.")
$errorMessage = $script:localizedData.DatabaseNotFound -f $testParameters.Database

{ Get-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Get-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand All @@ -276,10 +275,9 @@ try
Permissions = @( 'Connect', 'Update' )
}

$throwInvalidOperation = ("Login 'unknownLoginName' does not exist " + `
"on SQL server 'localhost\MSSQLSERVER'.")
$errorMessage = $script:localizedData.LoginNotFound -f $testParameters.Name

{ Get-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Get-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand All @@ -296,10 +294,9 @@ try
Permissions = @( 'Connect', 'Update' )
}

$throwInvalidOperation = ('Failed to get permission for login named Zebes\SamusAran of ' + `
'the database named AdventureWorks on localhost\MSSQLSERVER.')
$errorMessage = $script:localizedData.FailedToEnumDatabasePermissions -f $testParameters.Name, $testParameters.Database

{ Get-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Get-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand Down Expand Up @@ -428,10 +425,9 @@ try
Ensure = 'Present'
}

$throwInvalidOperation = ("Database 'unknownDatabaseName' does not exist " + `
"on SQL server 'localhost\MSSQLSERVER'.")
$errorMessage = $script:localizedData.DatabaseNotFound -f $testParameters.Database

{ Test-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Test-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand All @@ -448,10 +444,9 @@ try
Ensure = 'Present'
}

$throwInvalidOperation = ("Login 'unknownLoginName' does not exist " + `
"on SQL server 'localhost\MSSQLSERVER'.")
$errorMessage = $script:localizedData.LoginNotFound -f $testParameters.Name

{ Test-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Test-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand All @@ -469,10 +464,9 @@ try
Ensure = 'Present'
}

$throwInvalidOperation = ('Failed to get permission for login named Zebes\SamusAran of ' + `
'the database named AdventureWorks on localhost\MSSQLSERVER.')
$errorMessage = $script:localizedData.FailedToEnumDatabasePermissions -f $testParameters.Name, $testParameters.Database

{ Test-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Test-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand Down Expand Up @@ -573,10 +567,9 @@ try
Ensure = 'Present'
}

$throwInvalidOperation = ("Database 'unknownDatabaseName' does not exist " + `
"on SQL server 'localhost\MSSQLSERVER'.")
$errorMessage = $script:localizedData.DatabaseNotFound -f $testParameters.Database

{ Set-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Set-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand All @@ -593,10 +586,10 @@ try
Ensure = 'Present'
}

$throwInvalidOperation = ("Login 'unknownLoginName' does not exist " + `
"on SQL server 'localhost\MSSQLSERVER'.")

{ Set-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
$errorMessage = $script:localizedData.LoginNotFound -f $testParameters.Name

{ Set-TargetResource @testParameters } | Should -Throw $errorMessage

Assert-MockCalled Connect-SQL -Exactly -Times 1 -Scope It
}
Expand All @@ -614,11 +607,9 @@ try
Ensure = 'Present'
}

$throwInvalidOperation = ('Failed adding the login Elysia\Chozo ' + `
'as a user of the database AdventureWorks, ' + `
'on the instance localhost\MSSQLSERVER.')
$errorMessage = $script:localizedData.FailedToAddUser -f $testParameters.Name, $testParameters.Database

{ Set-TargetResource @testParameters } | Should -Throw $throwInvalidOperation
{ Set-TargetResource @testParameters } | Should -Throw $errorMessage

$script:mockMethodCreateLoginRan | Should -Be $true

Expand All @@ -629,9 +620,7 @@ try
Context 'When the system is not in the desired state' {
Context 'When the mock methods fail (testing the test)' {
BeforeAll {
$throwInvalidOperation = ('Failed to set permission for login named ' + `
'Zebes\SamusAran of the database named ' + `
'AdventureWorks on localhost\MSSQLSERVER.')
$throwInvalidOperation = $script:localizedData.FailedToSetPermissionDatabase -f 'Zebes\SamusAran', 'AdventureWorks'

$mockExpectedSqlServerLogin = $mockSqlServerLoginUnknown
}
Expand Down

0 comments on commit b8a22ae

Please sign in to comment.