Implement Get/Set-PasswordPolicy cmdlets
This commit is contained in:
dmilov
@@ -143,5 +143,78 @@ namespace VMware.vSphere.SsoAdminClient.Tests
|
||||
ssoAdminClient.DeleteLocalUser(
|
||||
newUser);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void GetPasswordPolicy() {
|
||||
// Arrange
|
||||
var ssoAdminClient = new SsoAdminClient(_vc, _user, _password, new AcceptAllX509CertificateValidator());
|
||||
|
||||
// Act
|
||||
var actual = ssoAdminClient.GetPasswordPolicy();
|
||||
|
||||
// Assert
|
||||
Assert.NotNull(actual);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void SetPasswordPolicy() {
|
||||
// Arrange
|
||||
var ssoAdminClient = new SsoAdminClient(_vc, _user, _password, new AcceptAllX509CertificateValidator());
|
||||
|
||||
var originalPasswordPolicy = ssoAdminClient.GetPasswordPolicy();
|
||||
|
||||
var expectedDescription = "TestDescription";
|
||||
var expectedProhibitedPreviousPasswordsCount = originalPasswordPolicy.ProhibitedPreviousPasswordsCount + 1;
|
||||
var expectedMinLength = originalPasswordPolicy.MinLength + 1;
|
||||
var expectedMaxLength = originalPasswordPolicy.MaxLength + 1;
|
||||
var exptectedMaxIdenticalAdjacentCharacters = originalPasswordPolicy.MaxIdenticalAdjacentCharacters + 1;
|
||||
var expectedMinNumericCount = originalPasswordPolicy.MinNumericCount + 1;
|
||||
var expectedMinSpecialCharCount = originalPasswordPolicy.MinSpecialCharCount + 1;
|
||||
var expectedMinAlphabeticCount = originalPasswordPolicy.MinAlphabeticCount + 2;
|
||||
var expectedMinUppercaseCount = 0;
|
||||
var expectedMinLowercaseCount = originalPasswordPolicy.MinLowercaseCount + 2;
|
||||
var expectedPasswordLifetimeDays = originalPasswordPolicy.PasswordLifetimeDays - 2;
|
||||
|
||||
// Act
|
||||
var actual = ssoAdminClient.SetPasswordPolicy(
|
||||
description: expectedDescription,
|
||||
prohibitedPreviousPasswordsCount: expectedProhibitedPreviousPasswordsCount,
|
||||
minLength: expectedMinLength,
|
||||
maxLength: expectedMaxLength,
|
||||
maxIdenticalAdjacentCharacters: exptectedMaxIdenticalAdjacentCharacters,
|
||||
minNumericCount: expectedMinNumericCount,
|
||||
minSpecialCharCount: expectedMinSpecialCharCount,
|
||||
minAlphabeticCount: expectedMinAlphabeticCount,
|
||||
minUppercaseCount: expectedMinUppercaseCount,
|
||||
minLowercaseCount: expectedMinLowercaseCount,
|
||||
passwordLifetimeDays: expectedPasswordLifetimeDays);
|
||||
|
||||
// Assert
|
||||
Assert.NotNull(actual);
|
||||
Assert.AreEqual(expectedDescription, actual.Description);
|
||||
Assert.AreEqual(expectedProhibitedPreviousPasswordsCount, actual.ProhibitedPreviousPasswordsCount);
|
||||
Assert.AreEqual(expectedMinLength, actual.MinLength);
|
||||
Assert.AreEqual(expectedMaxLength, actual.MaxLength);
|
||||
Assert.AreEqual(exptectedMaxIdenticalAdjacentCharacters, actual.MaxIdenticalAdjacentCharacters);
|
||||
Assert.AreEqual(expectedMinNumericCount, actual.MinNumericCount);
|
||||
Assert.AreEqual(expectedMinAlphabeticCount, actual.MinAlphabeticCount);
|
||||
Assert.AreEqual(expectedMinUppercaseCount, actual.MinUppercaseCount);
|
||||
Assert.AreEqual(expectedMinLowercaseCount, actual.MinLowercaseCount);
|
||||
Assert.AreEqual(expectedPasswordLifetimeDays, actual.PasswordLifetimeDays);
|
||||
|
||||
// Cleanup
|
||||
ssoAdminClient.SetPasswordPolicy(
|
||||
description: originalPasswordPolicy.Description,
|
||||
prohibitedPreviousPasswordsCount: originalPasswordPolicy.ProhibitedPreviousPasswordsCount,
|
||||
minLength: originalPasswordPolicy.MinLength,
|
||||
maxLength: originalPasswordPolicy.MaxLength,
|
||||
maxIdenticalAdjacentCharacters: originalPasswordPolicy.MaxIdenticalAdjacentCharacters,
|
||||
minNumericCount: originalPasswordPolicy.MinNumericCount,
|
||||
minSpecialCharCount: originalPasswordPolicy.MinSpecialCharCount,
|
||||
minAlphabeticCount: originalPasswordPolicy.MinAlphabeticCount,
|
||||
minUppercaseCount: originalPasswordPolicy.MinUppercaseCount,
|
||||
minLowercaseCount: originalPasswordPolicy.MinLowercaseCount,
|
||||
passwordLifetimeDays: originalPasswordPolicy.PasswordLifetimeDays);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,36 @@
|
||||
// **************************************************************************
|
||||
// Copyright (c) VMware, Inc. All rights reserved. -- VMware Confidential.
|
||||
// **************************************************************************
|
||||
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace VMware.vSphere.SsoAdminClient.DataTypes
|
||||
{
|
||||
public class PasswordPolicy
|
||||
{
|
||||
SsoAdminClient _client;
|
||||
public PasswordPolicy(SsoAdminClient client) {
|
||||
_client = client;
|
||||
}
|
||||
|
||||
public string Description { get; set; }
|
||||
public int ProhibitedPreviousPasswordsCount { get; set; }
|
||||
public int MinLength { get; set; }
|
||||
public int MaxLength { get; set; }
|
||||
public int MinNumericCount { get; set; }
|
||||
public int MinSpecialCharCount { get; set; }
|
||||
public int MaxIdenticalAdjacentCharacters { get; set; }
|
||||
public int MinAlphabeticCount { get; set; }
|
||||
public int MinUppercaseCount { get; set; }
|
||||
public int MinLowercaseCount { get; set; }
|
||||
public int PasswordLifetimeDays { get; set; }
|
||||
|
||||
public SsoAdminClient GetClient() {
|
||||
return _client;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -11,6 +11,11 @@ namespace VMware.vSphere.SsoAdminClient.DataTypes
|
||||
{
|
||||
public class PersonUser
|
||||
{
|
||||
SsoAdminClient _client;
|
||||
public PersonUser(SsoAdminClient client) {
|
||||
_client = client;
|
||||
}
|
||||
|
||||
public string Name { get; set; }
|
||||
public string Domain { get; set; }
|
||||
public string Description { get; set; }
|
||||
@@ -18,6 +23,10 @@ namespace VMware.vSphere.SsoAdminClient.DataTypes
|
||||
public string LastName { get; set; }
|
||||
public string EmailAddress { get; set; }
|
||||
|
||||
public SsoAdminClient GetClient() {
|
||||
return _client;
|
||||
}
|
||||
|
||||
public override string ToString() {
|
||||
return $"{Name}@{Domain}";
|
||||
}
|
||||
|
||||
@@ -42,7 +42,7 @@ namespace VMware.vSphere.SsoAdminClient
|
||||
|
||||
private void RenewIfNeeded() {
|
||||
if (_validToken == null ||
|
||||
_validToken.Expires < (DateTime.Now - new TimeSpan(0, 0, 30))) {
|
||||
_validToken.Expires < (DateTime.Now + new TimeSpan(0, 0, 30))) {
|
||||
_validToken = _stsClient.IssueBearerTokenByUserCredential(
|
||||
_user,
|
||||
_password);
|
||||
|
||||
@@ -0,0 +1,109 @@
|
||||
#**************************************************************************
|
||||
# Copyright (c) VMware, Inc. All rights reserved.
|
||||
#**************************************************************************
|
||||
|
||||
param(
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$VcAddress,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$User,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]
|
||||
$Password
|
||||
)
|
||||
|
||||
# Import Vmware.vSphere.SsoAdmin Module
|
||||
$modulePath = Join-Path (Split-Path $PSScriptRoot | Split-Path) "VMware.vSphere.SsoAdmin.psd1"
|
||||
Import-Module $modulePath
|
||||
|
||||
Describe "PasswordPolicy Tests" {
|
||||
BeforeEach {
|
||||
Connect-SsoAdminServer `
|
||||
-Server $VcAddress `
|
||||
-User $User `
|
||||
-Password $Password `
|
||||
-SkipCertificateCheck
|
||||
}
|
||||
|
||||
AfterEach {
|
||||
$connectionsToCleanup = $global:DefaultSsoAdminServers.ToArray()
|
||||
foreach ($connection in $connectionsToCleanup) {
|
||||
Disconnect-SsoAdminServer -Server $connection
|
||||
}
|
||||
}
|
||||
|
||||
Context "Get-PasswordPolicy" {
|
||||
It 'Gets password policy' {
|
||||
# Act
|
||||
$actual = Get-PasswordPolicy
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
}
|
||||
}
|
||||
|
||||
Context "Set-PasswordPolicy" {
|
||||
It 'Updates password policy MaxLength and PasswordLifetimeDays' {
|
||||
# Arrange
|
||||
$passwordPolicyToUpdate = Get-PasswordPolicy
|
||||
$expectedMaxLength = 17
|
||||
$expectedPasswordLifetimeDays = 77
|
||||
|
||||
# Act
|
||||
$actual = Set-PasswordPolicy `
|
||||
-PasswordPolicy $passwordPolicyToUpdate `
|
||||
-MaxLength $expectedMaxLength `
|
||||
-PasswordLifetimeDays $expectedPasswordLifetimeDays
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
$actual.MaxLength | Should Be $expectedMaxLength
|
||||
$actual.PasswordLifetimeDays | Should Be $expectedPasswordLifetimeDays
|
||||
$actual.Description | Should Be $passwordPolicyToUpdate.Description
|
||||
$actual.ProhibitedPreviousPasswordsCount | Should Be $passwordPolicyToUpdate.ProhibitedPreviousPasswordsCount
|
||||
$actual.MinLength | Should Be $passwordPolicyToUpdate.MinLength
|
||||
$actual.MaxIdenticalAdjacentCharacters | Should Be $passwordPolicyToUpdate.MaxIdenticalAdjacentCharacters
|
||||
$actual.MinNumericCount | Should Be $passwordPolicyToUpdate.MinNumericCount
|
||||
$actual.MinSpecialCharCount | Should Be $passwordPolicyToUpdate.MinSpecialCharCount
|
||||
$actual.MinAlphabeticCount | Should Be $passwordPolicyToUpdate.MinAlphabeticCount
|
||||
$actual.MinUppercaseCount | Should Be $passwordPolicyToUpdate.MinUppercaseCount
|
||||
$actual.MinLowercaseCount | Should Be $passwordPolicyToUpdate.MinLowercaseCount
|
||||
|
||||
# Cleanup
|
||||
$passwordPolicyToUpdate | Set-PasswordPolicy
|
||||
}
|
||||
|
||||
It 'Updates password policy Description and MinUppercaseCount' {
|
||||
# Arrange
|
||||
$passwordPolicyToUpdate = Get-PasswordPolicy
|
||||
$expectedMinUppercaseCount = 0
|
||||
$expectedDescription = "Test Description"
|
||||
|
||||
# Act
|
||||
$actual = $passwordPolicyToUpdate | Set-PasswordPolicy `
|
||||
-Description $expectedDescription `
|
||||
-MinUppercaseCount $expectedMinUppercaseCount
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
$actual.Description | Should Be $expectedDescription
|
||||
$actual.MinUppercaseCount | Should Be $expectedMinUppercaseCount
|
||||
$actual.MaxLength | Should Be $passwordPolicyToUpdate.MaxLength
|
||||
$actual.PasswordLifetimeDays | Should Be $passwordPolicyToUpdate.PasswordLifetimeDays
|
||||
$actual.ProhibitedPreviousPasswordsCount | Should Be $passwordPolicyToUpdate.ProhibitedPreviousPasswordsCount
|
||||
$actual.MinLength | Should Be $passwordPolicyToUpdate.MinLength
|
||||
$actual.MaxIdenticalAdjacentCharacters | Should Be $passwordPolicyToUpdate.MaxIdenticalAdjacentCharacters
|
||||
$actual.MinNumericCount | Should Be $passwordPolicyToUpdate.MinNumericCount
|
||||
$actual.MinSpecialCharCount | Should Be $passwordPolicyToUpdate.MinSpecialCharCount
|
||||
$actual.MinAlphabeticCount | Should Be $passwordPolicyToUpdate.MinAlphabeticCount
|
||||
$actual.MinLowercaseCount | Should Be $passwordPolicyToUpdate.MinLowercaseCount
|
||||
|
||||
# Cleanup
|
||||
$passwordPolicyToUpdate | Set-PasswordPolicy
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -289,8 +289,7 @@ Describe "PersonUser Tests" {
|
||||
$actual = Set-PersonUser `
|
||||
-User $personUserToUpdate `
|
||||
-Group $groupUserToBeAddedTo `
|
||||
-Add `
|
||||
-Server $connection
|
||||
-Add
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
@@ -321,15 +320,13 @@ Describe "PersonUser Tests" {
|
||||
Set-PersonUser `
|
||||
-User $personUserToUpdate `
|
||||
-Group $groupToBeUsed `
|
||||
-Add `
|
||||
-Server $connection | Out-Null
|
||||
-Add
|
||||
|
||||
# Act
|
||||
$actual = Set-PersonUser `
|
||||
-User $personUserToUpdate `
|
||||
-Group $groupToBeUsed `
|
||||
-Remove `
|
||||
-Server $connection
|
||||
-Remove
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
@@ -356,8 +353,7 @@ Describe "PersonUser Tests" {
|
||||
# Act
|
||||
$actual = Set-PersonUser `
|
||||
-User $personUserToUpdate `
|
||||
-NewPassword $newPassword `
|
||||
-Server $connection
|
||||
-NewPassword $newPassword
|
||||
|
||||
# Assert
|
||||
$actual | Should Not Be $null
|
||||
@@ -383,8 +379,7 @@ Describe "PersonUser Tests" {
|
||||
# Act
|
||||
$actual = Set-PersonUser `
|
||||
-User $personUserToUpdate `
|
||||
-Unlock `
|
||||
-Server $connection
|
||||
-Unlock
|
||||
|
||||
# Assert
|
||||
$actual | Should Be $null
|
||||
@@ -409,7 +404,7 @@ Describe "PersonUser Tests" {
|
||||
-Server $connection
|
||||
|
||||
# Act
|
||||
Remove-PersonUser -User $personUserToRemove -Server $connection
|
||||
Remove-PersonUser -User $personUserToRemove
|
||||
|
||||
# Assert
|
||||
$personUserToRemove | Should Not Be $null
|
||||
|
||||
Reference in New Issue
Block a user