Implement Find Group By Group
Signed-off-by: Dimitar Milov <dmilov@vmware.com>
This commit is contained in:
Dimitar Milov
@@ -107,6 +107,8 @@ function Get-SsoGroup {
|
|||||||
.PARAMETER Domain
|
.PARAMETER Domain
|
||||||
Specifies the Domain in which search will be applied, default is 'localos'.
|
Specifies the Domain in which search will be applied, default is 'localos'.
|
||||||
|
|
||||||
|
.PARAMETER Group
|
||||||
|
Specifies the group in which search for person user members will be applied.
|
||||||
|
|
||||||
.PARAMETER Server
|
.PARAMETER Server
|
||||||
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
|
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
|
||||||
@@ -128,6 +130,7 @@ function Get-SsoGroup {
|
|||||||
$Name,
|
$Name,
|
||||||
|
|
||||||
[Parameter(
|
[Parameter(
|
||||||
|
ParameterSetName = 'ByNameAndDomain',
|
||||||
Mandatory = $false,
|
Mandatory = $false,
|
||||||
ValueFromPipeline = $false,
|
ValueFromPipeline = $false,
|
||||||
ValueFromPipelineByPropertyName = $false,
|
ValueFromPipelineByPropertyName = $false,
|
||||||
@@ -136,6 +139,16 @@ function Get-SsoGroup {
|
|||||||
$Domain = 'localos',
|
$Domain = 'localos',
|
||||||
|
|
||||||
[Parameter(
|
[Parameter(
|
||||||
|
ParameterSetName = 'ByGroup',
|
||||||
|
Mandatory = $true,
|
||||||
|
ValueFromPipeline = $true,
|
||||||
|
ValueFromPipelineByPropertyName = $false,
|
||||||
|
HelpMessage = 'Searches group members of the specified group')]
|
||||||
|
[VMware.vSphere.SsoAdminClient.DataTypes.Group]
|
||||||
|
$Group,
|
||||||
|
|
||||||
|
[Parameter(
|
||||||
|
ParameterSetName = 'ByNameAndDomain',
|
||||||
Mandatory = $false,
|
Mandatory = $false,
|
||||||
ValueFromPipeline = $false,
|
ValueFromPipeline = $false,
|
||||||
ValueFromPipelineByPropertyName = $false,
|
ValueFromPipelineByPropertyName = $false,
|
||||||
@@ -146,38 +159,70 @@ function Get-SsoGroup {
|
|||||||
|
|
||||||
Process {
|
Process {
|
||||||
$serversToProcess = $global:DefaultSsoAdminServers.ToArray()
|
$serversToProcess = $global:DefaultSsoAdminServers.ToArray()
|
||||||
if ($Server -ne $null) {
|
if ($null -ne $Server) {
|
||||||
$serversToProcess = $Server
|
$serversToProcess = $Server
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($Name -eq $null) {
|
if ($null -eq $Name) {
|
||||||
$Name = [string]::Empty
|
$Name = [string]::Empty
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
if ($null -ne $Group) {
|
||||||
|
|
||||||
|
foreach ($g in $Group) {
|
||||||
|
$ssoAdminClient = $g.GetClient()
|
||||||
|
if ((-not $ssoAdminClient)) {
|
||||||
|
Write-Error "Object '$g' is from disconnected server"
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ($resultGroup in $ssoAdminClient.GetGroupsInGroup(
|
||||||
|
(RemoveWildcardSymbols $Name),
|
||||||
|
$Group)) {
|
||||||
|
|
||||||
|
if ([string]::IsNullOrEmpty($Name) ) {
|
||||||
|
Write-Output $resultGroup
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
# Apply Name filtering
|
||||||
|
if ((HasWildcardSymbols $Name) -and `
|
||||||
|
$resultGroup.Name -like $Name) {
|
||||||
|
Write-Output $resultGroup
|
||||||
|
}
|
||||||
|
elseif ($resultGroup.Name -eq $Name) {
|
||||||
|
# Exactly equal
|
||||||
|
Write-Output $resultGroup
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
foreach ($connection in $serversToProcess) {
|
foreach ($connection in $serversToProcess) {
|
||||||
if (-not $connection.IsConnected) {
|
if (-not $connection.IsConnected) {
|
||||||
Write-Error "Server $connection is disconnected"
|
Write-Error "Server $connection is disconnected"
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($group in $connection.Client.GetGroups(
|
foreach ($resultGroup in $connection.Client.GetGroups(
|
||||||
(RemoveWildcardSymbols $Name),
|
(RemoveWildcardSymbols $Name),
|
||||||
$Domain)) {
|
$Domain)) {
|
||||||
|
|
||||||
|
|
||||||
if ([string]::IsNullOrEmpty($Name) ) {
|
if ([string]::IsNullOrEmpty($Name) ) {
|
||||||
Write-Output $group
|
Write-Output $resultGroup
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
# Apply Name filtering
|
# Apply Name filtering
|
||||||
if ((HasWildcardSymbols $Name) -and `
|
if ((HasWildcardSymbols $Name) -and `
|
||||||
$group.Name -like $Name) {
|
$resultGroup.Name -like $Name) {
|
||||||
Write-Output $group
|
Write-Output $resultGroup
|
||||||
}
|
}
|
||||||
elseif ($group.Name -eq $Name) {
|
elseif ($resultGroup.Name -eq $Name) {
|
||||||
# Exactly equal
|
# Exactly equal
|
||||||
Write-Output $group
|
Write-Output $resultGroup
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -205,7 +250,7 @@ function Set-SsoGroup {
|
|||||||
.DESCRIPTION
|
.DESCRIPTION
|
||||||
Updates Local Sso Group details
|
Updates Local Sso Group details
|
||||||
|
|
||||||
.PARAMETER Gtoup
|
.PARAMETER Group
|
||||||
Specifies the group instace to update.
|
Specifies the group instace to update.
|
||||||
|
|
||||||
.PARAMETER Description
|
.PARAMETER Description
|
||||||
|
|||||||
@@ -155,6 +155,8 @@ function Get-SsoPersonUser {
|
|||||||
.PARAMETER Domain
|
.PARAMETER Domain
|
||||||
Specifies the Domain in which search will be applied, default is 'localos'.
|
Specifies the Domain in which search will be applied, default is 'localos'.
|
||||||
|
|
||||||
|
.PARAMETER Group
|
||||||
|
Specifies the group in which search for person user members will be applied.
|
||||||
|
|
||||||
.PARAMETER Server
|
.PARAMETER Server
|
||||||
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
|
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
|
||||||
|
|||||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -348,6 +348,43 @@ namespace VMware.vSphere.SsoAdminClient
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public IEnumerable<DataTypes.Group> GetGroupsInGroup(string searchString, DataTypes.Group group)
|
||||||
|
{
|
||||||
|
// Create Authorization Invocation Context
|
||||||
|
var authorizedInvocationContext =
|
||||||
|
CreateAuthorizedInvocationContext();
|
||||||
|
|
||||||
|
// Invoke SSO Admin FindGroupsInGroupResponse operation
|
||||||
|
var groups = authorizedInvocationContext.
|
||||||
|
InvokeOperation(() =>
|
||||||
|
_ssoAdminBindingClient.FindGroupsInGroupAsync(
|
||||||
|
new ManagedObjectReference
|
||||||
|
{
|
||||||
|
type = "SsoAdminPrincipalDiscoveryService",
|
||||||
|
Value = "principalDiscoveryService"
|
||||||
|
},
|
||||||
|
new SsoPrincipalId
|
||||||
|
{
|
||||||
|
name = group.Name,
|
||||||
|
domain = group.Domain
|
||||||
|
},
|
||||||
|
searchString,
|
||||||
|
int.MaxValue)).Result.returnval;
|
||||||
|
|
||||||
|
if (groups != null)
|
||||||
|
{
|
||||||
|
foreach (var g in groups)
|
||||||
|
{
|
||||||
|
yield return new DataTypes.Group(this)
|
||||||
|
{
|
||||||
|
Name = g.id.name,
|
||||||
|
Domain = g.id.domain,
|
||||||
|
Description = g.details.description
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public DataTypes.Group CreateLocalGroup(string name, string description)
|
public DataTypes.Group CreateLocalGroup(string name, string description)
|
||||||
{
|
{
|
||||||
// Create Authorization Invocation Context
|
// Create Authorization Invocation Context
|
||||||
|
|||||||
@@ -153,35 +153,35 @@ Describe "SsoGroup Tests" {
|
|||||||
Context "Add-GroupToSsoGroup" {
|
Context "Add-GroupToSsoGroup" {
|
||||||
It 'Should add a newly created SsoGroup to another SsoGroup' {
|
It 'Should add a newly created SsoGroup to another SsoGroup' {
|
||||||
# Arrange
|
# Arrange
|
||||||
$groupName = 'TestGroup5'
|
$expectedGroup = New-SsoGroup -Name 'TestGroup5'
|
||||||
$groupToAdd = New-SsoGroup -Name $groupName
|
$script:testGroupsToDelete += $expectedGroup
|
||||||
$script:testGroupsToDelete += $groupToAdd
|
|
||||||
|
|
||||||
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
|
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
|
||||||
|
|
||||||
# Act
|
# Act
|
||||||
$groupToAdd | Add-GroupToSsoGroup -TargetGroup $targetGroup
|
$expectedGroup | Add-GroupToSsoGroup -TargetGroup $targetGroup
|
||||||
|
|
||||||
# Assert
|
# Assert
|
||||||
## TODO: Implement Get Group Members and verify
|
$actualGroups = $targetGroup | Get-SsoGroup
|
||||||
|
$actualGroups | Where-Object { $_.Name -eq $expectedGroup.Name} | Should -Not -Be $null
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Context "Remove-GroupFromSsoGroup" {
|
Context "Remove-GroupFromSsoGroup" {
|
||||||
It 'Should remove a SsoGroup from another SsoGroup' {
|
It 'Should remove a SsoGroup from another SsoGroup' {
|
||||||
# Arrange
|
# Arrange
|
||||||
$groupName = 'TestGroup6'
|
$expectedGroup = New-SsoGroup -Name 'TestGroup6'
|
||||||
$groupToRemove = New-SsoGroup -Name $groupName
|
$script:testGroupsToDelete += $expectedGroup
|
||||||
$script:testGroupsToDelete += $groupToRemove
|
|
||||||
|
|
||||||
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
|
$targetGroup = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local'
|
||||||
$groupToRemove | Add-GroupToSsoGroup -TargetGroup $targetGroup
|
$expectedGroup | Add-GroupToSsoGroup -TargetGroup $targetGroup
|
||||||
|
|
||||||
# Act
|
# Act
|
||||||
$groupToRemove | Remove-GroupFromSsoGroup -TargetGroup $targetGroup
|
$expectedGroup | Remove-GroupFromSsoGroup -TargetGroup $targetGroup
|
||||||
|
|
||||||
# Assert
|
# Assert
|
||||||
## TODO: Implement Get Group Members and verify
|
$actualGroups = $targetGroup | Get-SsoGroup
|
||||||
|
$actualGroups | Where-Object { $_.Name -eq $expectedGroup.Name} | Should -Be $null
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user