Implement Get-Group advanced function
This commit is contained in:
dmilov
@@ -34,7 +34,7 @@ RequiredModules = @(
|
||||
)
|
||||
|
||||
# Functions to export from this module
|
||||
FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-PersonUser', 'Get-PersonUser', 'Remove-PersonUser')
|
||||
FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-PersonUser', 'Get-PersonUser', 'Remove-PersonUser', 'Get-Group')
|
||||
|
||||
# Cmdlets to export from this module
|
||||
CmdletsToExport = @()
|
||||
|
||||
@@ -478,4 +478,99 @@ function Remove-PersonUser {
|
||||
}
|
||||
}
|
||||
}
|
||||
#endregion
|
||||
|
||||
#region Group cmdlets
|
||||
function Get-Group {
|
||||
<#
|
||||
.NOTES
|
||||
===========================================================================
|
||||
Created on: 9/29/2020
|
||||
Created by: Dimitar Milov
|
||||
Twitter: @dimitar_milov
|
||||
Github: https://github.com/dmilov
|
||||
===========================================================================
|
||||
.DESCRIPTION
|
||||
This function gets domain groups.
|
||||
|
||||
.PARAMETER Name
|
||||
Specifies Name to filter on when searching for groups.
|
||||
|
||||
.PARAMETER Domain
|
||||
Specifies the Domain in which search will be applied, default is 'localos'.
|
||||
|
||||
|
||||
.PARAMETER Server
|
||||
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
|
||||
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
|
||||
|
||||
.EXAMPLE
|
||||
Get-Group -Name administrators -Domain vsphere.local
|
||||
|
||||
Gets 'adminsitrators' group in 'vsphere.local' domain
|
||||
#>
|
||||
[CmdletBinding()]
|
||||
param(
|
||||
[Parameter(
|
||||
Mandatory=$false,
|
||||
ValueFromPipeline=$false,
|
||||
ValueFromPipelineByPropertyName=$false,
|
||||
HelpMessage='Name filter to be applied when searching for group')]
|
||||
[string]
|
||||
$Name,
|
||||
|
||||
[Parameter(
|
||||
Mandatory=$false,
|
||||
ValueFromPipeline=$false,
|
||||
ValueFromPipelineByPropertyName=$false,
|
||||
HelpMessage='Domain name to search in, default is "localos"')]
|
||||
[string]
|
||||
$Domain = 'localos',
|
||||
|
||||
[Parameter(
|
||||
Mandatory=$false,
|
||||
ValueFromPipeline=$false,
|
||||
ValueFromPipelineByPropertyName=$false,
|
||||
HelpMessage='Connected SsoAdminServer object')]
|
||||
[ValidateNotNull()]
|
||||
[VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer]
|
||||
$Server)
|
||||
|
||||
Process {
|
||||
$serversToProcess = $global:DefaultSsoAdminServers
|
||||
if ($Server -ne $null) {
|
||||
$serversToProcess = $Server
|
||||
}
|
||||
|
||||
if ($Name -eq $null) {
|
||||
$Name = [string]::Empty
|
||||
}
|
||||
|
||||
foreach ($connection in $serversToProcess) {
|
||||
if (-not $connection.IsConnected) {
|
||||
Write-Error "Server $connection is disconnected"
|
||||
continue
|
||||
}
|
||||
|
||||
foreach ($group in $connection.Client.GetGroups(
|
||||
(RemoveWildcardSymbols $Name),
|
||||
$Domain)) {
|
||||
|
||||
|
||||
if ([string]::IsNullOrEmpty($Name) ) {
|
||||
Write-Output $group
|
||||
} else {
|
||||
# Apply Name filtering
|
||||
if ((HasWildcardSymbols $Name) -and `
|
||||
$group.Name -like $Name) {
|
||||
Write-Output $group
|
||||
} elseif ($group.Name -eq $Name) {
|
||||
# Exactly equal
|
||||
Write-Output $group
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
#endregion
|
||||
Binary file not shown.
Binary file not shown.
@@ -79,5 +79,19 @@ namespace VMware.vSphere.SsoAdminClient.Tests
|
||||
Assert.AreEqual("root", actual[0].Name);
|
||||
Assert.AreEqual("localos", actual[0].Domain);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void GetRootLocalOsGroups() {
|
||||
// Arrange
|
||||
var ssoAdminClient = new SsoAdminClient(_vc, _user, _password, new AcceptAllX509CertificateValidator());
|
||||
|
||||
// Act
|
||||
var actual = ssoAdminClient.GetGroups("", "localos").ToArray();
|
||||
|
||||
// Assert
|
||||
Assert.NotNull(actual);
|
||||
Assert.Greater(actual.Length, 1);
|
||||
Assert.AreEqual("localos", actual[0].Domain);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,21 @@
|
||||
// **************************************************************************
|
||||
// Copyright (c) VMware, Inc. All rights reserved. -- VMware Confidential.
|
||||
// **************************************************************************
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace VMware.vSphere.SsoAdminClient.DataTypes
|
||||
{
|
||||
public class Group
|
||||
{
|
||||
public string Name { get; set; }
|
||||
public string Domain { get; set; }
|
||||
|
||||
public override string ToString() {
|
||||
return $"{Name}@{Domain}";
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -234,6 +234,34 @@ namespace VMware.vSphere.SsoAdminClient
|
||||
principal.Name));
|
||||
}
|
||||
|
||||
public IEnumerable<DataTypes.Group> GetGroups(string searchString, string domain) {
|
||||
// Create Authorization Invocation Context
|
||||
var authorizedInvocationContext =
|
||||
CreateAuthorizedInvocationContext();
|
||||
|
||||
// Invoke SSO Admin FindGroupsAsync operation
|
||||
var ssoAdminGroups = authorizedInvocationContext.
|
||||
InvokeOperation(() =>
|
||||
_ssoAdminBindingClient.FindGroupsAsync(
|
||||
new ManagedObjectReference {
|
||||
type = "SsoAdminPrincipalDiscoveryService",
|
||||
Value = "principalDiscoveryService"
|
||||
},
|
||||
new SsoAdminPrincipalDiscoveryServiceSearchCriteria {
|
||||
searchString = searchString,
|
||||
domain = domain
|
||||
},
|
||||
int.MaxValue)).Result.returnval;
|
||||
|
||||
if (ssoAdminGroups != null) {
|
||||
foreach (var group in ssoAdminGroups) {
|
||||
yield return new DataTypes.Group {
|
||||
Name = group.id.name,
|
||||
Domain = group.id.domain
|
||||
};
|
||||
}
|
||||
}
|
||||
}
|
||||
#endregion
|
||||
}
|
||||
}
|
||||
|
||||
@@ -114,12 +114,12 @@ function Test {
|
||||
if (-not [string]::IsNullOrEmpty($TestVc) -and `
|
||||
-not [string]::IsNullOrEmpty($TestVcUser) -and `
|
||||
-not [string]::IsNullOrEmpty($TestVcPassword)) {
|
||||
|
||||
|
||||
# Run Tests in external process because it will load build output binaries
|
||||
LogInfo "Run VC integration tests"
|
||||
$usePowerShell = (Get-Process -Id $pid).ProcessName
|
||||
$testLauncherScript = Join-Path (Join-Path $PSScriptRoot 'test') 'RunTests.ps1'
|
||||
$arguments = "-Command $testLauncherScript -VcAddress $TestVc -VcUser $TestVcUser -VcUserPassword $TestVcPassword"
|
||||
$arguments = "-Command $testLauncherScript -VcAddress $TestVc -User $TestVcUser -Password $TestVcPassword"
|
||||
|
||||
Start-Process `
|
||||
-FilePath $usePowerShell `
|
||||
|
||||
@@ -9,11 +9,11 @@ param(
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUser,
|
||||
$User,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUserPassword
|
||||
$Password
|
||||
)
|
||||
|
||||
# Import Vmware.vSphere.SsoAdmin Module
|
||||
@@ -27,14 +27,14 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" {
|
||||
Disconnect-SsoAdminServer -Server $connection
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Context "Connect-SsoAdminServer" {
|
||||
It 'Connect-SsoAdminServer returns SsoAdminServer object and updates DefaultSsoAdminServers variable' {
|
||||
# Act
|
||||
$actual = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
# Assert
|
||||
@@ -50,8 +50,8 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" {
|
||||
# Assert
|
||||
{ Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password ($VcUserPassword + "invalid") `
|
||||
-User $User `
|
||||
-Password ($Password + "invalid") `
|
||||
-SkipCertificateCheck } | `
|
||||
Should Throw "Invalid credentials"
|
||||
}
|
||||
@@ -61,43 +61,43 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" {
|
||||
# Assert
|
||||
{ Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword} | `
|
||||
-User $User `
|
||||
-Password $Password} | `
|
||||
Should Throw "The SSL connection could not be established, see inner exception."
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Context "Disconnect-SsoAdminServer" {
|
||||
It 'Diconnect-SsoAdminServer removes server from DefaultSsoAdminServers and makes the object not connected' {
|
||||
# Arrange
|
||||
$expected = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
|
||||
# Act
|
||||
$expected | Disconnect-SsoAdminServer
|
||||
|
||||
|
||||
# Assert
|
||||
$global:DefaultSsoAdminServers | Should Not Contain $expected
|
||||
$expected.IsConnected | Should Be $false
|
||||
}
|
||||
|
||||
|
||||
It 'Disconnects disconnected object' {
|
||||
# Arrange
|
||||
$expected = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
|
||||
$expected | Disconnect-SsoAdminServer
|
||||
|
||||
|
||||
# Act
|
||||
{ Disconnect-SsoAdminServer -Server $expected } | `
|
||||
Should Not Throw
|
||||
|
||||
|
||||
# Assert
|
||||
$global:DefaultSsoAdminServers | Should Not Contain $expected
|
||||
$expected.IsConnected | Should Be $false
|
||||
|
||||
76
Modules/VMware.vSphere.SsoAdmin/src/test/Group.Tests.ps1
Normal file
76
Modules/VMware.vSphere.SsoAdmin/src/test/Group.Tests.ps1
Normal file
@@ -0,0 +1,76 @@
|
||||
#**************************************************************************
|
||||
# Copyright (c) VMware, Inc. All rights reserved.
|
||||
#**************************************************************************
|
||||
|
||||
param(
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcAddress,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$User,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$Password
|
||||
)
|
||||
|
||||
# Import Vmware.vSphere.SsoAdmin Module
|
||||
$modulePath = Join-Path (Split-Path $PSScriptRoot | Split-Path) "VMware.vSphere.SsoAdmin.psd1"
|
||||
Import-Module $modulePath
|
||||
|
||||
Describe "Get-Group Tests" {
|
||||
BeforeEach {
|
||||
Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
}
|
||||
|
||||
AfterEach {
|
||||
$connectionsToCleanup = $global:DefaultSsoAdminServers.ToArray()
|
||||
foreach ($connection in $connectionsToCleanup) {
|
||||
Disconnect-SsoAdminServer -Server $connection
|
||||
}
|
||||
}
|
||||
|
||||
Context "Get-Group" {
|
||||
It 'Gets groups without filters' {
|
||||
# Act
|
||||
$actual = Get-Group
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
$actual.Count | Should BeGreaterThan 0
|
||||
$actual[0].Name | Should Not Be $null
|
||||
$actual[0].Domain | Should Be 'localos'
|
||||
}
|
||||
|
||||
It 'Gets groups for default domain' {
|
||||
# Arrange
|
||||
$newUserName = "NewUser1"
|
||||
$password = '$tr0NG_TestPa$$w0rd'
|
||||
|
||||
## Create Person User to determine default domain name
|
||||
## Person Users are created in the default domain
|
||||
$newPersonUser = New-PersonUser `
|
||||
-UserName $newUserName `
|
||||
-Password $password
|
||||
|
||||
# Act
|
||||
$actual = Get-Group `
|
||||
-Domain $newPersonUser.Domain
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
$actual.Count | Should BeGreaterThan 0
|
||||
$actual[0].Name | Should Not Be $null
|
||||
$actual[0].Domain | Should Be $newPersonUser.Domain
|
||||
|
||||
# Cleanup
|
||||
Remove-PersonUser -User $newPersonUser
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -9,11 +9,11 @@ param(
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUser,
|
||||
$User,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUserPassword
|
||||
$Password
|
||||
)
|
||||
|
||||
# Import Vmware.vSphere.SsoAdmin Module
|
||||
@@ -28,13 +28,13 @@ Describe "Lookup Service Client Integration Tests" {
|
||||
## Create LsClient
|
||||
$skipCertificateCheckValidator = New-Object `
|
||||
'VMware.vSphere.SsoAdmin.Utils.AcceptAllX509CertificateValidator'
|
||||
|
||||
|
||||
$script:lsClient = New-Object `
|
||||
'VMware.vSphere.LsClient.LookupServiceClient' `
|
||||
-ArgumentList @($VCAddress, $skipCertificateCheckValidator)
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
It 'Gets SsoAdmin API Url' {
|
||||
# Act
|
||||
$actual = $script:lsClient.GetSsoAdminEndpointUri()
|
||||
@@ -43,7 +43,7 @@ Describe "Lookup Service Client Integration Tests" {
|
||||
$actual | Should Not Be $null
|
||||
$actual.ToString().StartsWith("https://$VCAddress/sso-adminserver/sdk/") | Should Be $true
|
||||
}
|
||||
|
||||
|
||||
It 'Gets STS API Url' {
|
||||
# Act
|
||||
$actual = $script:lsClient.GetStsEndpointUri()
|
||||
|
||||
@@ -9,24 +9,24 @@ param(
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUser,
|
||||
$User,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUserPassword
|
||||
$Password
|
||||
)
|
||||
|
||||
# Import Vmware.vSphere.SsoAdmin Module
|
||||
$modulePath = Join-Path (Split-Path $PSScriptRoot | Split-Path) "VMware.vSphere.SsoAdmin.psd1"
|
||||
Import-Module $modulePath
|
||||
|
||||
Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
Describe "PersonUser Tests" {
|
||||
BeforeEach {
|
||||
$script:usersToCleanup = @()
|
||||
}
|
||||
AfterEach {
|
||||
foreach ($user in $script:usersToCleanup) {
|
||||
Remove-PersonUser -User $user
|
||||
foreach ($personUser in $script:usersToCleanup) {
|
||||
Remove-PersonUser -User $personUser
|
||||
}
|
||||
|
||||
$connectionsToCleanup = $global:DefaultSsoAdminServers.ToArray()
|
||||
@@ -46,8 +46,8 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
$expectedLastName = "User"
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
# Act
|
||||
@@ -79,8 +79,8 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
$expectedPassword = '$tr0NG_TestPa$$w0rd'
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
# Act
|
||||
@@ -101,9 +101,6 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
$actual.LastName | Should Be $null
|
||||
$actual.EmailAddress | Should Be $null
|
||||
}
|
||||
|
||||
It 'Try create person against disconnected server' {
|
||||
}
|
||||
}
|
||||
|
||||
Context "Get-PersonUser" {
|
||||
@@ -111,8 +108,8 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
# Arrange
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
# Act
|
||||
@@ -129,8 +126,8 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
# Arrange
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
$expectedUserName = "TestPersonUser3"
|
||||
@@ -166,8 +163,8 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
# Arrange
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
$expectedUserName = "TestPersonUser3"
|
||||
@@ -203,8 +200,8 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
# Arrange
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
$expectedUserName = "TestPersonUser3"
|
||||
@@ -240,8 +237,8 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
# Arrange
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
$expectedUserName = "TestPersonUser3"
|
||||
@@ -269,17 +266,17 @@ Describe "New-PersonUser, Remove-PersonUser Tests" {
|
||||
It 'Removes person user' {
|
||||
# Arrange
|
||||
$userName = "TestPersonUser4"
|
||||
$password = '$tr0NG_TestPa$$w0rd'
|
||||
$userPassword = '$tr0NG_TestPa$$w0rd'
|
||||
$connection = Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $VcUser `
|
||||
-Password $VcUserPassword `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
|
||||
|
||||
$personUserToRemove = New-PersonUser `
|
||||
-UserName $userName `
|
||||
-Password $password `
|
||||
-Password $userPassword `
|
||||
-Server $connection
|
||||
|
||||
# Act
|
||||
|
||||
@@ -9,11 +9,11 @@ param(
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUser,
|
||||
$User,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcUserPassword
|
||||
$Password
|
||||
)
|
||||
|
||||
function Test-PesterIsAvailable() {
|
||||
@@ -32,7 +32,7 @@ Invoke-Pester `
|
||||
Path = $PSScriptRoot
|
||||
Parameters = @{
|
||||
VcAddress = $VcAddress
|
||||
VcUser = $VcUser
|
||||
VcUserPassword = $VcUserPassword
|
||||
User = $User
|
||||
Password = $Password
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user