diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 index e71ba83..49bb6b2 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 @@ -34,7 +34,7 @@ RequiredModules = @( ) # Functions to export from this module -FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer') +FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-PersonUser', 'Get-PersonUser', 'Remove-PersonUser') # Cmdlets to export from this module CmdletsToExport = @() diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 index e58f998..b0abcfb 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 @@ -27,32 +27,56 @@ $PSModule.OnRemove = { Remove-Module -ModuleInfo $subModule } +# Internal helper functions +function HasWildcardSymbols { +param( + [string] + $stringToVerify +) + (-not [string]::IsNullOrEmpty($stringToVerify) -and ` + ($stringToVerify -match '\*' -or ` + $stringToVerify -match '\?')) +} + +function RemoveWildcardSymbols { +param( + [string] + $stringToProcess +) + if (-not [string]::IsNullOrEmpty($stringToProcess)) { + $stringToProcess.Replace('*','').Replace('?','') + } else { + [string]::Empty + } +} + # Global variables $global:DefaultSsoAdminServers = New-Object System.Collections.ArrayList # Module Advanced Functions Implementation +#region Connection Management function Connect-SsoAdminServer { -<# - .NOTES - =========================================================================== - Created on: 9/29/2020 - Created by: Dimitar Milov - Twitter: @dimitar_milov - Github: https://github.com/dmilov - =========================================================================== - .DESCRIPTION +<# + .NOTES + =========================================================================== + Created on: 9/29/2020 + Created by: Dimitar Milov + Twitter: @dimitar_milov + Github: https://github.com/dmilov + =========================================================================== + .DESCRIPTION This function establishes a connection to a vSphere SSO Admin server. .PARAMETER Server Specifies the IP address or the DNS name of the vSphere server to which you want to connect. - + .PARAMETER User Specifies the user name you want to use for authenticating with the server. - + .PARAMETER Password Specifies the password you want to use for authenticating with the server. - + .PARAMETER SkipCertificateCheck Specifies whether server Tls certificate validation will be skipped @@ -70,7 +94,7 @@ function Connect-SsoAdminServer { HelpMessage='IP address or the DNS name of the vSphere server')] [string] $Server, - + [Parameter( Mandatory=$true, ValueFromPipeline=$false, @@ -78,7 +102,7 @@ function Connect-SsoAdminServer { HelpMessage='User name you want to use for authenticating with the server')] [string] $User, - + [Parameter( Mandatory=$true, ValueFromPipeline=$false, @@ -86,7 +110,7 @@ function Connect-SsoAdminServer { HelpMessage='Password you want to use for authenticating with the server')] [string] $Password, - + [Parameter( Mandatory=$false, HelpMessage='Skips server Tls certificate validation')] @@ -98,42 +122,42 @@ function Connect-SsoAdminServer { if ($SkipCertificateCheck) { $certificateValidator = New-Object 'VMware.vSphere.SsoAdmin.Utils.AcceptAllX509CertificateValidator' } - + $ssoAdminServer = New-Object ` 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' ` -ArgumentList @( - $Server, - $User, + $Server, + $User, (ConvertTo-SecureString -String $Password -AsPlainText -Force), $certificateValidator) - + # Update $global:DefaultSsoAdminServers varaible $global:DefaultSsoAdminServers.Add($ssoAdminServer) | Out-Null - + # Function Output Write-Output $ssoAdminServer } } function Disconnect-SsoAdminServer { -<# - .NOTES +<# + .NOTES =========================================================================== - Created on: 9/29/2020 - Created by: Dimitar Milov - Twitter: @dimitar_milov - Github: https://github.com/dmilov + Created on: 9/29/2020 + Created by: Dimitar Milov + Twitter: @dimitar_milov + Github: https://github.com/dmilov =========================================================================== - .DESCRIPTION + .DESCRIPTION This function closes the connection to a vSphere SSO Admin server. .PARAMETER Server Specifies the vSphere SSO Admin systems you want to disconnect from - + .EXAMPLE - $mySsoAdminConnection = Connect-SsoAdminServer -Server my.vc.server -User myAdmin@vsphere.local -Password MyStrongPa$$w0rd + $mySsoAdminConnection = Connect-SsoAdminServer -Server my.vc.server -User ssoAdmin@vsphere.local -Password 'ssoAdminStrongPa$$w0rd' Disconnect-SsoAdminServer -Server $mySsoAdminConnection - + Disconnect a SSO Admin connection stored in 'mySsoAdminConnection' varaible #> [CmdletBinding()] @@ -147,13 +171,311 @@ function Disconnect-SsoAdminServer { [VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer] $Server) - Process { + Process { if ($global:DefaultSsoAdminServers.Contains($Server)) { $global:DefaultSsoAdminServers.Remove($Server) } - + if ($Server.IsConnected) { $Server.Disconnect() } } -} \ No newline at end of file +} +#endregion + +#region Person User Management +function New-PersonUser { +<# + .NOTES + =========================================================================== + Created on: 9/29/2020 + Created by: Dimitar Milov + Twitter: @dimitar_milov + Github: https://github.com/dmilov + =========================================================================== + .DESCRIPTION + This function creates new person user account. + + .PARAMETER UserName + Specifies the UserName of the requested person user account. + + .PARAMETER Password + Specifies the Password of the requested person user account. + + .PARAMETER Description + Specifies the Description of the requested person user account. + + .PARAMETER EmailAddress + Specifies the EmailAddress of the requested person user account. + + .PARAMETER FirstName + Specifies the FirstName of the requested person user account. + + .PARAMETER LastName + Specifies the FirstName of the requested person user account. + + .PARAMETER Server + Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. + If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. + + .EXAMPLE + $ssoAdminConnection = Connect-SsoAdminServer -Server my.vc.server -User ssoAdmin@vsphere.local -Password 'ssoAdminStrongPa$$w0rd' + New-PersonUser -Server $ssoAdminConnection -User myAdmin -Password 'MyStrongPa$$w0rd' + + Creates person user account with user name 'myAdmin' and password 'MyStrongPa$$w0rd' + + .EXAMPLE + New-PersonUser -User myAdmin -Password 'MyStrongPa$$w0rd' -EmailAddress 'myAdmin@mydomain.com' -FirstName 'My' -LastName 'Admin' + + Creates person user account with user name 'myAdmin', password 'MyStrongPa$$w0rd', and details against connections available in 'DefaultSsoAdminServers' +#> +[CmdletBinding(ConfirmImpact='Low')] + param( + [Parameter( + Mandatory=$true, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='User name of the new person user account')] + [string] + $UserName, + + [Parameter( + Mandatory=$true, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Password of the new person user account')] + [string] + $Password, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Description of the new person user account')] + [string] + $Description, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='EmailAddress of the new person user account')] + [string] + $EmailAddress, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='FirstName of the new person user account')] + [string] + $FirstName, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='LastName of the new person user account')] + [string] + $LastName, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Connected SsoAdminServer object')] + [ValidateNotNull()] + [VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer] + $Server) + + Process { + $serversToProcess = $global:DefaultSsoAdminServers + if ($Server -ne $null) { + $serversToProcess = $Server + } + + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + # Output is the result of 'CreateLocalUser' + $connection.Client.CreateLocalUser( + $UserName, + $Password, + $Description, + $EmailAddress, + $FirstName, + $LastName + ) + } + } +} + +function Get-PersonUser { +<# + .NOTES + =========================================================================== + Created on: 9/29/2020 + Created by: Dimitar Milov + Twitter: @dimitar_milov + Github: https://github.com/dmilov + =========================================================================== + .DESCRIPTION + This function gets new person user account. + + .PARAMETER Name + Specifies Name to filter on when searching for person user accounts. + + .PARAMETER Domain + Specifies the Domain in which search will be applied, default is 'localos'. + + + .PARAMETER Server + Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. + If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. + + .EXAMPLE + Get-PersonUser -Name admin -Domain vsphere.local + + Gets person user accounts which contain name 'admin' in 'vsphere.local' domain +#> +[CmdletBinding()] + param( + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Name filter to be applied when searching for person user accounts')] + [string] + $Name, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Domain name to search in, default is "localos"')] + [string] + $Domain = 'localos', + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Connected SsoAdminServer object')] + [ValidateNotNull()] + [VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer] + $Server) + + Process { + $serversToProcess = $global:DefaultSsoAdminServers + if ($Server -ne $null) { + $serversToProcess = $Server + } + + if ($Name -eq $null) { + $Name = [string]::Empty + } + + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + foreach ($personUser in $connection.Client.GetLocalUsers( + (RemoveWildcardSymbols $Name), + $Domain)) { + + + if ([string]::IsNullOrEmpty($Name) ) { + Write-Output $personUser + } else { + # Apply Name filtering + if ((HasWildcardSymbols $Name) -and ` + $personUser.Name -like $Name) { + Write-Output $personUser + } elseif ($personUser.Name -eq $Name) { + # Exactly equal + Write-Output $personUser + } + } + } + } + } +} + +function Remove-PersonUser { +<# + .NOTES + =========================================================================== + Created on: 9/29/2020 + Created by: Dimitar Milov + Twitter: @dimitar_milov + Github: https://github.com/dmilov + =========================================================================== + .DESCRIPTION + This function removes existing person user account. + + Nota Bene! Have in mind PersonUser objects don't carry information about the connection. + If you specify PersonUser and on the server there is user with same Id it will be deleted. + + .PARAMETER User + Specifies the PersonUser instance to remove. + + Nota Bene! Have in mind PersonUser objects don't carry information about the connection. + If you specify PersonUser and on the server there is user with same Id it will be deleted. + + .PARAMETER Server + Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. + If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. + + .EXAMPLE + $ssoAdminConnection = Connect-SsoAdminServer -Server my.vc.server -User ssoAdmin@vsphere.local -Password 'ssoAdminStrongPa$$w0rd' + $myNewPersonUser = New-PersonUser -Server $ssoAdminConnection -User myAdmin -Password 'MyStrongPa$$w0rd' + Remove-PersonUser -User $myNewPersonUser -Server $ssoAdminConnection + + Remove person user account with user name 'myAdmin' and password 'MyStrongPa$$w0rd' + + .EXAMPLE + New-PersonUser -User myAdmin -Password 'MyStrongPa$$w0rd' -EmailAddress 'myAdmin@mydomain.com' -FirstName 'My' -LastName 'Admin' + + Creates person user account with user name 'myAdmin', password 'MyStrongPa$$w0rd', and details against connections available in 'DefaultSsoAdminServers' +#> +[CmdletBinding(ConfirmImpact='High')] + param( + [Parameter( + Mandatory=$true, + ValueFromPipeline=$true, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Person User instance you want to remove from specified servers')] + [VMware.vSphere.SsoAdminClient.DataTypes.PersonUser] + $User, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Connected SsoAdminServer object')] + [ValidateNotNull()] + [VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer] + $Server) + + Process { + $serversToProcess = $global:DefaultSsoAdminServers + if ($Server -ne $null) { + $serversToProcess = $Server + } + + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + $connection.Client.DeleteLocalUser($User) + } + } +} +#endregion \ No newline at end of file diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll index 4611b73..a6fd312 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll index 946cd16..67c2349 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs index 1ac597a..fe43a78 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs @@ -49,6 +49,7 @@ namespace VMware.vSphere.SsoAdminClient.DataTypes public string User => _client?.User; public string Id { get; set; } public bool IsConnected => _client != null; + public SsoAdminClient Client => _client; public void Disconnect() { _client = null; diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs index b33e489..185d2f0 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs @@ -10,6 +10,7 @@ using System.ServiceModel; using System.ServiceModel.Channels; using System.ServiceModel.Security; using System.Text; +using System.Text.RegularExpressions; using VMware.Binding.WsTrust; using VMware.Binding.WsTrust.SecurityContext; using VMware.vSphere.LsClient; @@ -201,7 +202,7 @@ namespace VMware.vSphere.SsoAdminClient int.MaxValue)).Result.returnval; if (personUsers != null) { - foreach (var personUser in personUsers) { + foreach (var personUser in personUsers) { yield return new PersonUser { Name = personUser.id.name, Domain = personUser.id.domain, diff --git a/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 b/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 index 6e8e985..8be69b8 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 +++ b/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 @@ -41,6 +41,7 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" { $actual | Should Not Be $null $actual.GetType().FullName | Should Be 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' $actual.IsConnected | Should Be $true + $actual.Name | Should Be $VcAddress $global:DefaultSsoAdminServers | Should Contain $actual } diff --git a/Modules/VMware.vSphere.SsoAdmin/src/test/PersonUser.Tests.ps1 b/Modules/VMware.vSphere.SsoAdmin/src/test/PersonUser.Tests.ps1 new file mode 100644 index 0000000..36f5f5e --- /dev/null +++ b/Modules/VMware.vSphere.SsoAdmin/src/test/PersonUser.Tests.ps1 @@ -0,0 +1,297 @@ +#************************************************************************** +# Copyright (c) VMware, Inc. All rights reserved. +#************************************************************************** + +param( + [Parameter(Mandatory = $true)] + [string] + $VcAddress, + + [Parameter(Mandatory = $true)] + [string] + $VcUser, + + [Parameter(Mandatory = $true)] + [string] + $VcUserPassword +) + +# Import Vmware.vSphere.SsoAdmin Module +$modulePath = Join-Path (Split-Path $PSScriptRoot | Split-Path) "VMware.vSphere.SsoAdmin.psd1" +Import-Module $modulePath + +Describe "New-PersonUser, Remove-PersonUser Tests" { + BeforeEach { + $script:usersToCleanup = @() + } + AfterEach { + foreach ($user in $script:usersToCleanup) { + Remove-PersonUser -User $user + } + + $connectionsToCleanup = $global:DefaultSsoAdminServers.ToArray() + foreach ($connection in $connectionsToCleanup) { + Disconnect-SsoAdminServer -Server $connection + } + } + + Context "New-PersonUser" { + It 'Creates person user with details' { + # Arrange + $expectedUserName = "TestPersonUser1" + $expectedPassword = '$tr0NG_TestPa$$w0rd' + $expectedDescription = "Test Description" + $expectedEmailAddress = "testuser@testdomain.com" + $expectedFirstName = "Test" + $expectedLastName = "User" + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + # Act + $actual = New-PersonUser ` + -Server $connection ` + -UserName $expectedUserName ` + -Password $expectedPassword ` + -Description $expectedDescription ` + -EmailAddress $expectedEmailAddress ` + -FirstName $expectedFirstName ` + -LastName $expectedLastName + + $script:usersToCleanup += $actual + + # Assert + $actual | Should Not Be $null + $actual.GetType().FullName | Should Be 'VMware.vSphere.SsoAdminClient.DataTypes.PersonUser' + $actual.Name | Should Be $expectedUserName + $actual.Domain | Should Not Be $null + $actual.Description | Should Be $expectedDescription + $actual.FirstName | Should Be $expectedFirstName + $actual.LastName | Should Be $expectedLastName + $actual.EmailAddress | Should Be $expectedEmailAddress + } + + It 'Creates person user without details' { + # Arrange + $expectedUserName = "TestPersonUser2" + $expectedPassword = '$tr0NG_TestPa$$w0rd' + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + # Act + $actual = New-PersonUser ` + -Server $connection ` + -UserName $expectedUserName ` + -Password $expectedPassword + + $script:usersToCleanup += $actual + + # Assert + $actual | Should Not Be $null + $actual.GetType().FullName | Should Be 'VMware.vSphere.SsoAdminClient.DataTypes.PersonUser' + $actual.Name | Should Be $expectedUserName + $actual.Domain | Should Not Be $null + $actual.Description | Should Be $null + $actual.FirstName | Should Be $null + $actual.LastName | Should Be $null + $actual.EmailAddress | Should Be $null + } + + It 'Try create person against disconnected server' { + } + } + + Context "Get-PersonUser" { + It 'Gets person users without filters' { + # Arrange + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + # Act + $actual = Get-PersonUser + + # Assert + $actual | Should Not Be $null + $actual.Count | Should BeGreaterThan 0 + $actual[0].Name | Should Not Be $null + $actual[0].Domain | Should Be 'localos' + } + + It 'Gets person users by name (exact match) and domain filters' { + # Arrange + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + $expectedUserName = "TestPersonUser3" + $secondUserName = "TestPersonUser4" + $password = '$tr0NG_TestPa$$w0rd' + + $personUserToSearch = New-PersonUser ` + -UserName $expectedUserName ` + -Password $password ` + -Server $connection + $script:usersToCleanup += $personUserToSearch + + $secondPersonUserToSearch = New-PersonUser ` + -UserName $secondUserName ` + -Password $password ` + -Server $connection + $script:usersToCleanup += $secondPersonUserToSearch + + # Act + $actual = Get-PersonUser ` + -Name $expectedUserName ` + -Domain $personUserToSearch.Domain ` + -Server $connection + + # Assert + $actual | Should Not Be $null + $actual.Name | Should Be $expectedUserName + $actual.Domain | Should Not Be $null + $actual.Domain | Should Be $personUserToSearch.Domain + } + + It 'Gets person users by name (* wildcard match) and domain filters' { + # Arrange + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + $expectedUserName = "TestPersonUser3" + $secondUserName = "TestPersonUser4" + $password = '$tr0NG_TestPa$$w0rd' + + $personUserToSearch = New-PersonUser ` + -UserName $expectedUserName ` + -Password $password ` + -Server $connection + $script:usersToCleanup += $personUserToSearch + + $secondPersonUserToSearch = New-PersonUser ` + -UserName $secondUserName ` + -Password $password ` + -Server $connection + $script:usersToCleanup += $secondPersonUserToSearch + + # Act + $actual = Get-PersonUser ` + -Name "Test*" ` + -Domain $personUserToSearch.Domain ` + -Server $connection + + # Assert + $actual | Should Not Be $null + $actual.Count | Should Be 2 + $actual.Name | Should Contain $expectedUserName + $actual.Name | Should Contain $secondUserName + } + + It 'Gets person users by name (? wildcard match) and domain filters' { + # Arrange + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + $expectedUserName = "TestPersonUser3" + $secondUserName = "TestPersonUser4" + $password = '$tr0NG_TestPa$$w0rd' + + $personUserToSearch = New-PersonUser ` + -UserName $expectedUserName ` + -Password $password ` + -Server $connection + $script:usersToCleanup += $personUserToSearch + + $secondPersonUserToSearch = New-PersonUser ` + -UserName $secondUserName ` + -Password $password ` + -Server $connection + $script:usersToCleanup += $secondPersonUserToSearch + + # Act + $actual = Get-PersonUser ` + -Name "TestPersonUser?" ` + -Domain $personUserToSearch.Domain ` + -Server $connection + + # Assert + $actual | Should Not Be $null + $actual.Count | Should Be 2 + $actual.Name | Should Contain $expectedUserName + $actual.Name | Should Contain $secondUserName + } + + It 'Gets person users by unexisting name does not return' { + # Arrange + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + $expectedUserName = "TestPersonUser3" + $password = '$tr0NG_TestPa$$w0rd' + + $personUserToSearch = New-PersonUser ` + -UserName $expectedUserName ` + -Password $password ` + -Server $connection + $script:usersToCleanup += $personUserToSearch + + + # Act + $actual = Get-PersonUser ` + -Name "TestPersonUser" ` + -Domain $personUserToSearch.Domain ` + -Server $connection + + # Assert + $actual | Should Be $null + } + } + + Context "Remove-PersonUser" { + It 'Removes person user' { + # Arrange + $userName = "TestPersonUser4" + $password = '$tr0NG_TestPa$$w0rd' + $connection = Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $VcUser ` + -Password $VcUserPassword ` + -SkipCertificateCheck + + + $personUserToRemove = New-PersonUser ` + -UserName $userName ` + -Password $password ` + -Server $connection + + # Act + Remove-PersonUser -User $personUserToRemove -Server $connection + + # Assert + $personUserToRemove | Should Not Be $null + $userFromServer = Get-PersonUser ` + -Name $personUserToRemove.Name ` + -Domain $personUserToRemove.Domain ` + -Server $connection + $userFromServer | Should Be $null + } + } +} \ No newline at end of file