/// <summary>
/// The non-boilerplated test code of the APIs for managing the lifecycle of a given database's data masking policy. It is meant to be called with a name of an already exisiting database (and therefore already existing
/// server and resource group). This test does not create these resources and does not remove them.
/// </summary>
private void TestDataMaskingPolicyAPIs(SqlManagementClient sqlClient, string resourceGroupName, Server server, Database database)
{
DataMaskingPolicyGetResponse getDefaultPolicyResponse = sqlClient.DataMasking.GetPolicy(resourceGroupName, server.Name, database.Name);
DataMaskingPolicyProperties properties = getDefaultPolicyResponse.DataMaskingPolicy.Properties;
// Verify that the initial Get request contains the default policy.
TestUtilities.ValidateOperationResponse(getDefaultPolicyResponse, HttpStatusCode.OK);
VerifyDataMaskingPolicyInformation(MakeDefaultDataMaskingPolicyProperties(), properties);
// Modify the policy properties, send and receive, see it its still ok
properties.DataMaskingState = "Enabled";
properties.ExemptPrincipals = "principal1;principal2";
DataMaskingPolicyCreateOrUpdateParameters updateParams = new DataMaskingPolicyCreateOrUpdateParameters();
updateParams.Properties = properties;
var updateResponse = sqlClient.DataMasking.CreateOrUpdatePolicy(resourceGroupName, server.Name, database.Name, updateParams);
// Verify that the initial Get request of contains the default policy.
TestUtilities.ValidateOperationResponse(updateResponse, HttpStatusCode.OK);
DataMaskingPolicyGetResponse getUpdatedPolicyResponse = sqlClient.DataMasking.GetPolicy(resourceGroupName, server.Name, database.Name);
DataMaskingPolicyProperties updatedProperties = getUpdatedPolicyResponse.DataMaskingPolicy.Properties;
// Verify that the Get request contains the updated policy.
TestUtilities.ValidateOperationResponse(getUpdatedPolicyResponse, HttpStatusCode.OK);
VerifyDataMaskingPolicyInformation(properties, updatedProperties);
}
/// <summary>
/// Creates and returns a DataMaskingPolicyProperties object that holds the default settings for a data masking policy
/// </summary>
/// <returns>A DataMaskingPolicyProperties object with the default policy settings</returns>
private DataMaskingPolicyProperties MakeDefaultDataMaskingPolicyProperties()
{
DataMaskingPolicyProperties props = new DataMaskingPolicyProperties();
props.DataMaskingState = "NewCustomer";
props.ExemptPrincipals = "";
return(props);
}
/// <summary>
/// Transforms a data masking policy to its cmdlet model representation
/// </summary>
private DatabaseDataMaskingPolicyModel ModelizeDatabaseDataMaskingPolicy(DataMaskingPolicy policy)
{
DatabaseDataMaskingPolicyModel dbPolicyModel = new DatabaseDataMaskingPolicyModel();
DataMaskingPolicyProperties properties = policy.Properties;
dbPolicyModel.DataMaskingState = ModelizePolicyState(properties.DataMaskingState);
dbPolicyModel.PrivilegedUsers = properties.ExemptPrincipals;
return(dbPolicyModel);
}
/// <summary>
/// Transforms a data masking policy to its cmdlet model representation
/// </summary>
private DatabaseDataMaskingPolicyModel ModelizeDatabaseDataMaskingPolicy(DataMaskingPolicy policy)
{
DatabaseDataMaskingPolicyModel dbPolicyModel = new DatabaseDataMaskingPolicyModel();
DataMaskingPolicyProperties properties = policy.Properties;
dbPolicyModel.DataMaskingState = (properties.DataMaskingState == SecurityConstants.DataMaskingEndpoint.Enabled) ? DataMaskingStateType.Enabled : DataMaskingStateType.Disabled;
dbPolicyModel.PrivilegedLogins = properties.ExemptPrincipals;
return(dbPolicyModel);
}
/// <summary>
/// Creates and returns a DataMaskingPolicyProperties object that holds the default settings for a data masking policy
/// </summary>
/// <returns>A DataMaskingPolicyProperties object with the default policy settings</returns>
private DataMaskingPolicyProperties MakeDefaultDataMaskingPolicyProperties()
{
DataMaskingPolicyProperties props = new DataMaskingPolicyProperties();
props.DataMaskingState = "Disabled";
props.MaskingLevel = "Relaxed";
props.ExemptPrincipals = "";
return(props);
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="model">The data masking Policy model object</param>
/// <returns>The communication model object</returns>
private DataMaskingPolicyCreateOrUpdateParameters PolicizeDatabaseDataMaskingModel(DatabaseDataMaskingPolicyModel model)
{
DataMaskingPolicyCreateOrUpdateParameters updateParameters = new DataMaskingPolicyCreateOrUpdateParameters();
DataMaskingPolicyProperties properties = new DataMaskingPolicyProperties();
updateParameters.Properties = properties;
properties.DataMaskingState = (model.DataMaskingState == DataMaskingStateType.Disabled) ? SecurityConstants.DataMaskingEndpoint.Disabled : SecurityConstants.DataMaskingEndpoint.Enabled;
properties.ExemptPrincipals = model.PrivilegedUsers ?? "";
return(updateParameters);
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="policy">The data masking Policy object</param>
/// <returns>The communication model object</returns>
private DataMaskingPolicyCreateOrUpdateParameters PolicizeDatabaseDataMaskingModel(DatabaseDataMaskingPolicyModel model)
{
DataMaskingPolicyCreateOrUpdateParameters updateParameters = new DataMaskingPolicyCreateOrUpdateParameters();
DataMaskingPolicyProperties properties = new DataMaskingPolicyProperties();
updateParameters.Properties = properties;
properties.DataMaskingState = (model.DataMaskingState == DataMaskingStateType.Enabled) ? Constants.DataMaskingEndpoint.Enabled : Constants.DataMaskingEndpoint.Disabled;
properties.MaskingLevel = (model.MaskingLevel == MaskingLevelType.Standard) ? Constants.DataMaskingEndpoint.Standard: Constants.DataMaskingEndpoint.Extended;
properties.ExemptPrincipals = (model.PrivilegedLogins == null) ? "" : model.PrivilegedLogins;
return(updateParameters);
}
/// <summary>
/// Verify that the received properties match their expected values
/// </summary>
/// <param name="expected">The expected value of the properties object</param>
/// <param name="actual">The properties object that needs to be checked</param>
private static void VerifyDataMaskingPolicyInformation(DataMaskingPolicyProperties expected, DataMaskingPolicyProperties actual)
{
Assert.Equal(expected.DataMaskingState, actual.DataMaskingState);
Assert.Equal(expected.ExemptPrincipals, actual.ExemptPrincipals);
}
