voltron/PowerCLI-Example-Scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement Add and Remove principal to/from SsoGroup

Browse Source 
Signed-off-by: Dimitar Milov <dmilov@vmware.com>
This commit is contained in:
Dimitar Milov
2021-05-26 10:54:15 +03:00
parent f0cf0f58bd
commit 5d221fdb15
8 changed files with 420 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs
View File

@@ -487,6 +487,29 @@ namespace VMware.vSphere.SsoAdminClient
group.Name)).Result;
}
public bool AddGroupToGroup(DataTypes.Group groupToAdd, DataTypes.Group destinationGroup)
{
// Create Authorization Invocation Context
var authorizedInvocationContext =
CreateAuthorizedInvocationContext();
// Invoke SSO Admin AddGroupToLocalGroupAsync operation
return authorizedInvocationContext.
InvokeOperation(() =>
_ssoAdminBindingClient.AddGroupToLocalGroupAsync(
new ManagedObjectReference
{
type = "SsoAdminPrincipalManagementService",
Value = "principalManagementService"
},
new SsoPrincipalId
{
name = groupToAdd.Name,
domain = groupToAdd.Domain
},
destinationGroup.Name)).Result;
}
public bool RemovePersonUserFromGroup(PersonUser user, DataTypes.Group group)
{
// Create Authorization Invocation Context
@@ -510,6 +533,29 @@ namespace VMware.vSphere.SsoAdminClient
group.Name)).Result;
}
public bool RemoveGroupFromGroup(DataTypes.Group groupToRemove, DataTypes.Group group)
{
// Create Authorization Invocation Context
var authorizedInvocationContext =
CreateAuthorizedInvocationContext();
// Invoke SSO Admin RemoveFromLocalGroupAsync operation
return authorizedInvocationContext.
InvokeOperation(() =>
_ssoAdminBindingClient.RemoveFromLocalGroupAsync(
new ManagedObjectReference
{
type = "SsoAdminPrincipalManagementService",
Value = "principalManagementService"
},
new SsoPrincipalId
{
name = groupToRemove.Name,
domain = groupToRemove.Domain
},
group.Name)).Result;
}
public void ResetPersonUserPassword(PersonUser user, string newPassword)
{
// Create Authorization Invocation Context

77
Modules/VMware.vSphere.SsoAdmin/src/test/Group.Tests.ps1
View File

@@ -29,6 +29,7 @@ Describe "SsoGroup Tests" {
-SkipCertificateCheck
$script:testGroupsToDelete = @()
$script:testUsersToDelete = @()
}
AfterEach {
@@ -37,6 +38,10 @@ Describe "SsoGroup Tests" {
Remove-SsoGroup -Group $group
}
foreach ($user in $script:testUsersToDelete) {
Remove-SsoPersonUser -User $user
}
$connectionsToCleanup = $global:DefaultSsoAdminServers.ToArray()
foreach ($connection in $connectionsToCleanup) {
Disconnect-SsoAdminServer -Server $connection
@@ -106,7 +111,7 @@ Describe "SsoGroup Tests" {
$actual = New-SsoGroup -Name $expectedName -Description $expectedDescription
# Assert
$actual | Should -Not -Be $
$actual | Should -Not -Be $null
$script:testGroupsToDelete += $actual
$actual.Name | Should -Be $expectedName
$actual.Domain | Should -Be 'vsphere.local'
@@ -144,4 +149,74 @@ Describe "SsoGroup Tests" {
$actual.Description | Should -Be $expectedDescription
}
}
Context "Add-GroupToSsoGroup" {
It 'Should add a newly created SsoGroup to another SsoGroup' {
# Arrange
$groupName = 'TestGroup5'
$groupToAdd = New-SsoGroup -Name $groupName
$script:testGroupsToDelete += $groupToAdd
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
# Act
$groupToAdd | Add-GroupToSsoGroup -TargetGroup $targetGroup
# Assert
## TODO: Implement Get Group Members and verify
}
}
Context "Remove-GroupFromSsoGroup" {
It 'Should remove a SsoGroup from another SsoGroup' {
# Arrange
$groupName = 'TestGroup6'
$groupToRemove = New-SsoGroup -Name $groupName
$script:testGroupsToDelete += $groupToRemove
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
$groupToRemove | Add-GroupToSsoGroup -TargetGroup $targetGroup
# Act
$groupToRemove | Remove-GroupFromSsoGroup -TargetGroup $targetGroup
# Assert
## TODO: Implement Get Group Members and verify
}
}
Context "Add-UserToSsoGroup" {
It 'Should add a newly created PersonUser to SsoGroup' {
# Arrange
$expectedUser = New-SsoPersonUser -User 'GroupTestUser1' -Password 'MyStrongPa$$w0rd'
$script:testUsersToDelete += $expectedUser
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
# Act
$expectedUser | Add-UserToSsoGroup -TargetGroup $targetGroup
# Assert
$actualUsers = $targetGroup | Get-SsoPersonUser
$actualUsers | Where-Object { $_.Name -eq $expectedUser.Name} | Should -Not -Be $null
}
}
Context "Remove-GroupFromSsoGroup" {
It 'Should remove a SsoGroup from another SsoGroup' {
# Arrange
$expectedUser = New-SsoPersonUser -User 'GroupTestUser2' -Password 'MyStrongPa$$w0rd'
$script:testUsersToDelete += $expectedUser
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
$expectedUser | Add-UserToSsoGroup -TargetGroup $targetGroup
# Act
$expectedUser | Remove-UserFromSsoGroup -TargetGroup $targetGroup
# Assert
$actualUsers = $targetGroup | Get-SsoPersonUser
$actualUsers | Where-Object { $_.Name -eq $expectedUser.Name} | Should -Be $null
}
}
}