Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Key Vault cmdlet bug fix for GitHub issues 368, 378 #381

Merged
merged 1 commit into from
May 14, 2015
Merged

Key Vault cmdlet bug fix for GitHub issues 368, 378 #381

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 29 additions & 23 deletions src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -167,70 +167,76 @@
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestCreateDeleteVaultWithPiping.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestCreateNewPremiumVaultEnabledForDeployment.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestCreateNewVault.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestCreateVaultInUnknownResGrpFails.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestCreateVaultPositionalParams.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestDeleteUnknownVaultFails.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestDeleteVaultByName.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestGetUnknownVaultFails.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestGetVaultByName.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestGetVaultByNameAndResourceGroup.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestGetVaultByNameAndResourceGroupPositionalParams.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestGetVaultFromUnknownResourceGroupFails.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestListAllVaultsInSubscription.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestListVaultsByResourceGroup.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestListVaultsByTag.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestListVaultsByUnknownResourceGroupFails.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestModifyAccessPolicy.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestModifyAccessPolicyEnabledForDeployment.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestRecreateVaultFails.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestRemoveNonExistentAccessPolicyDoesNotThrow.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestSetAccessPolicyNegativeCases.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestModifyAccessPolicyNegativeCases.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestSetRemoveAccessPolicyByObjectId.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestSetRemoveAccessPolicyBySPN.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\Microsoft.Azure.Commands.KeyVault.Test.ScenarioTests.KeyVaultManagementTests\TestSetRemoveAccessPolicyByUPN.json">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
</ItemGroup>
<ItemGroup>
Expand Down
50 changes: 48 additions & 2 deletions src/ResourceManager/KeyVault/Commands.KeyVault.Test/ScenarioTests/KeyVaultManagementTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -282,6 +282,28 @@ public void TestDeleteUnknownVaultFails()
#endregion

#region Set-AzureKeyVaultAccessPolicy & Remove-AzureKeyVaultAccessPolicy

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestSetRemoveAccessPolicyByObjectId()
{
string upn = "";
data.ResetPreCreatedVault();
KeyVaultManagementController.NewInstance.RunPsTestWorkflow(
() =>
{
return new[] { string.Format("{0} {1} {2} {3}", "Test-SetRemoveAccessPolicyByObjectId", data.preCreatedVault, data.resourceGroupName, upn) };
},
(env) =>
{
Initialize();
upn = GetUser(env.GetTestEnvironment());
},
null,
TestUtilities.GetCallingClass(),
TestUtilities.GetCurrentMethodName()
);
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
Expand Down Expand Up @@ -367,15 +389,39 @@ public void TestModifyAccessPolicy()

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestSetAccessPolicyNegativeCases()
public void TestModifyAccessPolicyEnabledForDeployment()
{
string upn = "";

data.ResetPreCreatedVault();
KeyVaultManagementController.NewInstance.RunPsTestWorkflow(
() =>
{
return new[] { string.Format("{0} {1} {2} {3}", "Test-ModifyAccessPolicyEnabledForDeployment", data.preCreatedVault, data.resourceGroupName, upn) };
},
(env) =>
{
Initialize();
upn = GetUser(env.GetTestEnvironment());
},
null,
TestUtilities.GetCallingClass(),
TestUtilities.GetCurrentMethodName()
);
}


[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestModifyAccessPolicyNegativeCases()
{
string upn = "";

data.ResetPreCreatedVault();
KeyVaultManagementController.NewInstance.RunPsTestWorkflow(
() =>
{
return new[] { string.Format("{0} {1} {2} {3}", "Test-SetAccessPolicyNegativeCases", data.preCreatedVault, data.resourceGroupName, upn) };
return new[] { string.Format("{0} {1} {2} {3}", "Test-ModifyAccessPolicyNegativeCases", data.preCreatedVault, data.resourceGroupName, upn) };
},
(env) =>
{
Expand Down
42 changes: 41 additions & 1 deletion ...ResourceManager/KeyVault/Commands.KeyVault.Test/ScenarioTests/KeyVaultManagementTests.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -330,7 +330,38 @@ function Test-ModifyAccessPolicy
Assert-AreEqual 0 $vault.AccessPolicies.Count
}

function Test-SetAccessPolicyNegativeCases
function Test-ModifyAccessPolicyEnabledForDeployment
{
Param($existingVaultName, $rgName, $upn)
$vault = Get-AzureKeyVault -VaultName $existingVaultName -ResourceGroupName $rgName
Assert-NotNull $vault
Assert-AreEqual 0 $vault.AccessPolicies.Count
Assert-AreEqual $false $vault.EnabledForDeployment

# Set and Remove EnabledForDeployment, without any other permissions
$vault = Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -EnabledForDeployment -PassThru
Assert-NotNull $vault
Assert-AreEqual 0 $vault.AccessPolicies.Count
Assert-AreEqual $true $vault.EnabledForDeployment

$vault = Remove-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -EnabledForDeployment -PassThru
Assert-NotNull $vault
Assert-AreEqual 0 $vault.AccessPolicies.Count
Assert-AreEqual $false $vault.EnabledForDeployment

# Set and Remove EnabledForDeployment, with other permissions
$PermToKeys = @("encrypt", "decrypt", "unwrapKey", "wrapKey", "verify", "sign", "get", "list", "update", "create", "import", "delete", "backup", "restore")
$PermToSecrets = @("get", "list", "set", "delete")
$vault = Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -EnabledForDeployment -UPN $upn -PermissionsToKeys $PermToKeys -PermissionsToSecrets $PermToSecrets -PassThru
CheckVaultAccessPolicy $vault $PermToKeys $PermToSecrets
Assert-AreEqual $true $vault.EnabledForDeployment

$vault = Remove-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -EnabledForDeployment -ObjectId $vault.AccessPolicies[0].ObjectId -PassThru
Assert-AreEqual 0 $vault.AccessPolicies.Count
Assert-AreEqual $false $vault.EnabledForDeployment
}

function Test-ModifyAccessPolicyNegativeCases
{
Param($existingVaultName, $rgName, $upn)

Expand All @@ -340,6 +371,15 @@ function Test-SetAccessPolicyNegativeCases

# random string in perms
Assert-Throws { Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -UserPrincipalName $upn -PermissionsToSecrets blah, get }

# invalid set of params
Assert-Throws { Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName }
Assert-Throws { Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName }
Assert-Throws { Remove-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName }
Assert-Throws { Remove-AzureKeyVaultAccessPolicy -VaultName $existingVaultName }
Assert-Throws { Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -UserPrincipalName $upn }
Assert-Throws { Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -SPN $upn }
Assert-Throws { Set-AzureKeyVaultAccessPolicy -VaultName $existingVaultName -ResourceGroupName $rgName -ObjectId $upn }
}

function Test-RemoveNonExistentAccessPolicyDoesNotThrow
Expand Down
4 changes: 2 additions & 2 deletions src/ResourceManager/KeyVault/Commands.KeyVault.Test/ScenarioTests/KeyVaultTestFixture.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ private VaultGetResponse CreateVault(KeyVaultManagementClient mgmtClient, string
Tags = new Dictionary<string, string> { { tagName, tagValue } },
Properties = new VaultProperties
{
EnabledForDeployment = true,
EnabledForDeployment = false,
Sku = new Sku { Family = "A", Name = "Premium" },
TenantId = Guid.Parse(tenantId),
VaultUri = "",
Expand Down Expand Up @@ -122,7 +122,7 @@ public void ResetPreCreatedVault()
Tags = new Dictionary<string, string> { { tagName, tagValue } },
Properties = new VaultProperties
{
EnabledForDeployment = true,
EnabledForDeployment = false,
Sku = new Sku { Family = "A", Name = "Premium" },
TenantId = tenantId,
VaultUri = "",
Expand Down
Loading