Implement Add/Remove User to/from Group

2020-09-29 16:52:17 +03:00
parent 0cf0626f4c
commit 5fb63bb345
7 changed files with 264 additions and 1 deletions
--- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient.Tests/IntegrationTests.cs
+++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient.Tests/IntegrationTests.cs
@@ -93,5 +93,31 @@ namespace VMware.vSphere.SsoAdminClient.Tests
         Assert.Greater(actual.Length, 1);
         Assert.AreEqual("localos", actual[0].Domain);
      }
+
+      [Test]
+      public void AddRemoveUserFromGroup() {
+         // Arrange
+         var ssoAdminClient = new SsoAdminClient(_vc, _user, _password, new AcceptAllX509CertificateValidator());
+                  
+         var expectedUserName = "test-user5";
+         var expectedPassword = "te$tPa$sW0rd";         
+         var newUser = ssoAdminClient.CreateLocalUser(
+            expectedUserName,
+            expectedPassword);
+
+         var group = ssoAdminClient.GetGroups("administrators", newUser.Domain).FirstOrDefault<Group>();
+
+         // Act
+         var addActual = ssoAdminClient.AddPersonUserToGroup(newUser, group);
+         var removeActual = ssoAdminClient.RemovePersonUserFromGroup(newUser, group);
+
+         // Assert
+         Assert.IsTrue(addActual);
+         Assert.IsTrue(removeActual);
+
+         // Cleanup
+         ssoAdminClient.DeleteLocalUser(
+            newUser);
+      }
   }
 }
--- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs
+++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs
@@ -262,6 +262,46 @@ namespace VMware.vSphere.SsoAdminClient
            }
         }
      }
+
+      public bool AddPersonUserToGroup(PersonUser user, DataTypes.Group group) {
+         // Create Authorization Invocation Context
+         var authorizedInvocationContext =
+            CreateAuthorizedInvocationContext();
+
+         // Invoke SSO Admin AddUserToLocalGroupAsync operation
+         return authorizedInvocationContext.
+            InvokeOperation(() =>
+               _ssoAdminBindingClient.AddUserToLocalGroupAsync(
+                  new ManagedObjectReference {
+                     type = "SsoAdminPrincipalManagementService",
+                     Value = "principalManagementService"
+                  },
+                  new SsoPrincipalId {
+                     name = user.Name,
+                     domain = user.Domain
+                  },
+                  group.Name)).Result;
+      }
+
+      public bool RemovePersonUserFromGroup(PersonUser user, DataTypes.Group group) {
+         // Create Authorization Invocation Context
+         var authorizedInvocationContext =
+            CreateAuthorizedInvocationContext();
+
+         // Invoke SSO Admin RemoveFromLocalGroupAsync operation
+         return authorizedInvocationContext.
+            InvokeOperation(() =>
+               _ssoAdminBindingClient.RemoveFromLocalGroupAsync(
+                  new ManagedObjectReference {
+                     type = "SsoAdminPrincipalManagementService",
+                     Value = "principalManagementService"
+                  },
+                  new SsoPrincipalId {
+                     name = user.Name,
+                     domain = user.Domain
+                  },
+                  group.Name)).Result;
+      }
      #endregion
   }
 }
--- a/Modules/VMware.vSphere.SsoAdmin/src/test/PersonUser.Tests.ps1
+++ b/Modules/VMware.vSphere.SsoAdmin/src/test/PersonUser.Tests.ps1
@@ -262,6 +262,80 @@ Describe "PersonUser Tests" {
      }
   }

+   Context "Set-PersonUser Add/Remove Group" {
+      It 'Adds person user to group' {
+         # Arrange
+         $userName = "TestAddGroupPersonUserName"
+         $userPassword = '$tr0NG_TestPa$$w0rd'
+         $connection = Connect-SsoAdminServer `
+            -Server $VcAddress `
+            -User $User `
+            -Password $Password `
+            -SkipCertificateCheck
+
+         $personUserToUpdate = New-PersonUser `
+            -UserName $userName `
+            -Password $userPassword `
+            -Server $connection
+
+         $script:usersToCleanup += $personUserToUpdate
+
+         $groupUserToBeAddedTo = Get-Group `
+            -Name 'Administrators' `
+            -Domain $personUserToUpdate.Domain `
+            -Server $connection
+
+         # Act
+         $actual = Set-PersonUser `
+            -User $personUserToUpdate `
+            -Group $groupUserToBeAddedTo `
+            -Add `
+            -Server $connection
+
+         # Assert
+         $actual | Should Not Be $null
+      }
+
+      It 'Removes person user from group' {
+         # Arrange
+         $userName = "TestRemoveGroupPersonUserName"
+         $userPassword = '$tr0NG_TestPa$$w0rd'
+         $connection = Connect-SsoAdminServer `
+            -Server $VcAddress `
+            -User $User `
+            -Password $Password `
+            -SkipCertificateCheck
+
+         $personUserToUpdate = New-PersonUser `
+            -UserName $userName `
+            -Password $userPassword `
+            -Server $connection
+
+         $script:usersToCleanup += $personUserToUpdate
+
+         $groupToBeUsed = Get-Group `
+            -Name 'Administrators' `
+            -Domain $personUserToUpdate.Domain `
+            -Server $connection
+
+         Set-PersonUser `
+            -User $personUserToUpdate `
+            -Group $groupToBeUsed `
+            -Add `
+            -Server $connection | Out-Null
+
+         # Act
+         $actual = Set-PersonUser `
+            -User $personUserToUpdate `
+            -Group $groupToBeUsed `
+            -Remove `
+            -Server $connection
+
+         # Assert
+         $actual | Should Not Be $null
+      }
+   }
+
   Context "Remove-PersonUser" {
      It 'Removes person user' {
         # Arrange