/// <summary>
/// Transforms a data masking policy to its cmdlet model representation
/// </summary>
private DatabaseDataMaskingPolicyModel ModelizeDatabaseDataMaskingPolicy(DataMaskingPolicy policy)
{
DatabaseDataMaskingPolicyModel dbPolicyModel = new DatabaseDataMaskingPolicyModel();
DataMaskingPolicyProperties properties = policy.Properties;
dbPolicyModel.DataMaskingState = ModelizePolicyState(properties.DataMaskingState);
dbPolicyModel.PrivilegedUsers = properties.ExemptPrincipals;
return(dbPolicyModel);
}
/// <summary>
/// Transforms a data masking policy to its cmdlet model representation
/// </summary>
private DatabaseDataMaskingPolicyModel ModelizeDatabaseDataMaskingPolicy(DataMaskingPolicy policy)
{
DatabaseDataMaskingPolicyModel dbPolicyModel = new DatabaseDataMaskingPolicyModel();
DataMaskingPolicyProperties properties = policy.Properties;
dbPolicyModel.DataMaskingState = (properties.DataMaskingState == SecurityConstants.DataMaskingEndpoint.Enabled) ? DataMaskingStateType.Enabled : DataMaskingStateType.Disabled;
dbPolicyModel.PrivilegedLogins = properties.ExemptPrincipals;
return(dbPolicyModel);
}
/// <summary>
/// Provides a cmdlet model representation of a specific database's data making policy
/// </summary>
public DatabaseDataMaskingPolicyModel GetDatabaseDataMaskingPolicy(string resourceGroup, string serverName, string databaseName, string requestId)
{
DataMaskingPolicy policy = Communicator.GetDatabaseDataMaskingPolicy(resourceGroup, serverName, databaseName, requestId);
DatabaseDataMaskingPolicyModel dbPolicyModel = ModelizeDatabaseDataMaskingPolicy(policy);
dbPolicyModel.ResourceGroupName = resourceGroup;
dbPolicyModel.ServerName = serverName;
dbPolicyModel.DatabaseName = databaseName;
return(dbPolicyModel);
}
/// <summary>
/// Provides a cmdlet model representation of a specific database's data making policy
/// </summary>
public DatabaseDataMaskingPolicyModel GetDatabaseDataMaskingPolicy(string resourceGroup, string serverName, string databaseName, string requestId)
{
if (!IsRightServerVersionForDataMasking(resourceGroup, serverName, requestId))
{
throw new Exception(Properties.Resources.ServerNotApplicableForDataMasking);
}
DataMaskingPolicy policy = Communicator.GetDatabaseDataMaskingPolicy(resourceGroup, serverName, databaseName, requestId);
DatabaseDataMaskingPolicyModel dbPolicyModel = ModelizeDatabaseDataMaskingPolicy(policy);
dbPolicyModel.ResourceGroupName = resourceGroup;
dbPolicyModel.ServerName = serverName;
dbPolicyModel.DatabaseName = databaseName;
return(dbPolicyModel);
}
/// <summary>
/// Creates or updates a Sql pool data masking policy
/// </summary>
/// <param name='resourceGroupName'>
/// The name of the resource group. The name is case insensitive.
/// </param>
/// <param name='workspaceName'>
/// The name of the workspace
/// </param>
/// <param name='sqlPoolName'>
/// SQL pool name
/// </param>
/// <param name='parameters'>
/// Parameters for creating or updating a data masking policy.
/// </param>
/// <param name='customHeaders'>
/// Headers that will be added to request.
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
/// <exception cref="ErrorResponseException">
/// Thrown when the operation returned an invalid status code
/// </exception>
/// <exception cref="SerializationException">
/// Thrown when unable to deserialize the response
/// </exception>
/// <exception cref="ValidationException">
/// Thrown when a required parameter is null
/// </exception>
/// <exception cref="System.ArgumentNullException">
/// Thrown when a required parameter is null
/// </exception>
/// <return>
/// A response object containing the response body and response headers.
/// </return>
public async Task <AzureOperationResponse <DataMaskingPolicy> > CreateOrUpdateWithHttpMessagesAsync(string resourceGroupName, string workspaceName, string sqlPoolName, DataMaskingPolicy parameters, Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken))
{
if (Client.SubscriptionId == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "this.Client.SubscriptionId");
}
if (Client.SubscriptionId != null)
{
if (Client.SubscriptionId.Length < 1)
{
throw new ValidationException(ValidationRules.MinLength, "Client.SubscriptionId", 1);
}
}
if (resourceGroupName == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "resourceGroupName");
}
if (resourceGroupName != null)
{
if (resourceGroupName.Length > 90)
{
throw new ValidationException(ValidationRules.MaxLength, "resourceGroupName", 90);
}
if (resourceGroupName.Length < 1)
{
throw new ValidationException(ValidationRules.MinLength, "resourceGroupName", 1);
}
}
if (workspaceName == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "workspaceName");
}
if (sqlPoolName == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "sqlPoolName");
}
if (parameters == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "parameters");
}
if (parameters != null)
{
parameters.Validate();
}
string apiVersion = "2021-06-01";
string dataMaskingPolicyName = "Default";
// Tracing
bool _shouldTrace = ServiceClientTracing.IsEnabled;
string _invocationId = null;
if (_shouldTrace)
{
_invocationId = ServiceClientTracing.NextInvocationId.ToString();
Dictionary <string, object> tracingParameters = new Dictionary <string, object>();
tracingParameters.Add("apiVersion", apiVersion);
tracingParameters.Add("resourceGroupName", resourceGroupName);
tracingParameters.Add("workspaceName", workspaceName);
tracingParameters.Add("sqlPoolName", sqlPoolName);
tracingParameters.Add("dataMaskingPolicyName", dataMaskingPolicyName);
tracingParameters.Add("parameters", parameters);
tracingParameters.Add("cancellationToken", cancellationToken);
ServiceClientTracing.Enter(_invocationId, this, "CreateOrUpdate", tracingParameters);
}
// Construct URL
var _baseUrl = Client.BaseUri.AbsoluteUri;
var _url = new System.Uri(new System.Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/dataMaskingPolicies/{dataMaskingPolicyName}").ToString();
_url = _url.Replace("{subscriptionId}", System.Uri.EscapeDataString(Client.SubscriptionId));
_url = _url.Replace("{resourceGroupName}", System.Uri.EscapeDataString(resourceGroupName));
_url = _url.Replace("{workspaceName}", System.Uri.EscapeDataString(workspaceName));
_url = _url.Replace("{sqlPoolName}", System.Uri.EscapeDataString(sqlPoolName));
_url = _url.Replace("{dataMaskingPolicyName}", System.Uri.EscapeDataString(dataMaskingPolicyName));
List <string> _queryParameters = new List <string>();
if (apiVersion != null)
{
_queryParameters.Add(string.Format("api-version={0}", System.Uri.EscapeDataString(apiVersion)));
}
if (_queryParameters.Count > 0)
{
_url += (_url.Contains("?") ? "&" : "?") + string.Join("&", _queryParameters);
}
// Create HTTP transport objects
var _httpRequest = new HttpRequestMessage();
HttpResponseMessage _httpResponse = null;
_httpRequest.Method = new HttpMethod("PUT");
_httpRequest.RequestUri = new System.Uri(_url);
// Set Headers
if (Client.GenerateClientRequestId != null && Client.GenerateClientRequestId.Value)
{
_httpRequest.Headers.TryAddWithoutValidation("x-ms-client-request-id", System.Guid.NewGuid().ToString());
}
if (Client.AcceptLanguage != null)
{
if (_httpRequest.Headers.Contains("accept-language"))
{
_httpRequest.Headers.Remove("accept-language");
}
_httpRequest.Headers.TryAddWithoutValidation("accept-language", Client.AcceptLanguage);
}
if (customHeaders != null)
{
foreach (var _header in customHeaders)
{
if (_httpRequest.Headers.Contains(_header.Key))
{
_httpRequest.Headers.Remove(_header.Key);
}
_httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value);
}
}
// Serialize Request
string _requestContent = null;
if (parameters != null)
{
_requestContent = Rest.Serialization.SafeJsonConvert.SerializeObject(parameters, Client.SerializationSettings);
_httpRequest.Content = new StringContent(_requestContent, System.Text.Encoding.UTF8);
_httpRequest.Content.Headers.ContentType = System.Net.Http.Headers.MediaTypeHeaderValue.Parse("application/json; charset=utf-8");
}
// Set Credentials
if (Client.Credentials != null)
{
cancellationToken.ThrowIfCancellationRequested();
await Client.Credentials.ProcessHttpRequestAsync(_httpRequest, cancellationToken).ConfigureAwait(false);
}
// Send Request
if (_shouldTrace)
{
ServiceClientTracing.SendRequest(_invocationId, _httpRequest);
}
cancellationToken.ThrowIfCancellationRequested();
_httpResponse = await Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false);
if (_shouldTrace)
{
ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse);
}
HttpStatusCode _statusCode = _httpResponse.StatusCode;
cancellationToken.ThrowIfCancellationRequested();
string _responseContent = null;
if ((int)_statusCode != 200)
{
var ex = new ErrorResponseException(string.Format("Operation returned an invalid status code '{0}'", _statusCode));
try
{
_responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
ErrorResponse _errorBody = Rest.Serialization.SafeJsonConvert.DeserializeObject <ErrorResponse>(_responseContent, Client.DeserializationSettings);
if (_errorBody != null)
{
ex.Body = _errorBody;
}
}
catch (JsonException)
{
// Ignore the exception
}
ex.Request = new HttpRequestMessageWrapper(_httpRequest, _requestContent);
ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent);
if (_shouldTrace)
{
ServiceClientTracing.Error(_invocationId, ex);
}
_httpRequest.Dispose();
if (_httpResponse != null)
{
_httpResponse.Dispose();
}
throw ex;
}
// Create Result
var _result = new AzureOperationResponse <DataMaskingPolicy>();
_result.Request = _httpRequest;
_result.Response = _httpResponse;
if (_httpResponse.Headers.Contains("x-ms-request-id"))
{
_result.RequestId = _httpResponse.Headers.GetValues("x-ms-request-id").FirstOrDefault();
}
// Deserialize Response
if ((int)_statusCode == 200)
{
_responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
try
{
_result.Body = Rest.Serialization.SafeJsonConvert.DeserializeObject <DataMaskingPolicy>(_responseContent, Client.DeserializationSettings);
}
catch (JsonException ex)
{
_httpRequest.Dispose();
if (_httpResponse != null)
{
_httpResponse.Dispose();
}
throw new SerializationException("Unable to deserialize the response.", _responseContent, ex);
}
}
if (_shouldTrace)
{
ServiceClientTracing.Exit(_invocationId, _result);
}
return(_result);
}
/// <summary>
/// Creates or updates a database data masking policy
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='resourceGroupName'>
/// The name of the resource group that contains the resource. You can obtain
/// this value from the Azure Resource Manager API or the portal.
/// </param>
/// <param name='serverName'>
/// The name of the server.
/// </param>
/// <param name='databaseName'>
/// The name of the database.
/// </param>
/// <param name='parameters'>
/// Parameters for creating or updating a data masking policy.
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
public static async Task <DataMaskingPolicy> CreateOrUpdateAsync(this IDataMaskingPoliciesOperations operations, string resourceGroupName, string serverName, string databaseName, DataMaskingPolicy parameters, CancellationToken cancellationToken = default(CancellationToken))
{
using (var _result = await operations.CreateOrUpdateWithHttpMessagesAsync(resourceGroupName, serverName, databaseName, parameters, null, cancellationToken).ConfigureAwait(false))
{
return(_result.Body);
}
}
/// <summary>
/// Creates or updates a database data masking policy
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='resourceGroupName'>
/// The name of the resource group that contains the resource. You can obtain
/// this value from the Azure Resource Manager API or the portal.
/// </param>
/// <param name='serverName'>
/// The name of the server.
/// </param>
/// <param name='databaseName'>
/// The name of the database.
/// </param>
/// <param name='parameters'>
/// Parameters for creating or updating a data masking policy.
/// </param>
public static DataMaskingPolicy CreateOrUpdate(this IDataMaskingPoliciesOperations operations, string resourceGroupName, string serverName, string databaseName, DataMaskingPolicy parameters)
{
return(operations.CreateOrUpdateAsync(resourceGroupName, serverName, databaseName, parameters).GetAwaiter().GetResult());
}
/// <summary>
/// Creates or updates a Sql pool data masking policy
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='resourceGroupName'>
/// The name of the resource group. The name is case insensitive.
/// </param>
/// <param name='workspaceName'>
/// The name of the workspace.
/// </param>
/// <param name='sqlPoolName'>
/// SQL pool name
/// </param>
/// <param name='parameters'>
/// Parameters for creating or updating a data masking policy.
/// </param>
public static DataMaskingPolicy CreateOrUpdate(this IDataMaskingPoliciesOperations operations, string resourceGroupName, string workspaceName, string sqlPoolName, DataMaskingPolicy parameters)
{
return(operations.CreateOrUpdateAsync(resourceGroupName, workspaceName, sqlPoolName, parameters).GetAwaiter().GetResult());
}
public void TestCreateUpdateGetDataMaskingRules()
{
string testPrefix = "sqldatamaskingcrudtest-";
using (SqlManagementTestContext context = new SqlManagementTestContext(this))
{
ResourceGroup resourceGroup = context.CreateResourceGroup();
SqlManagementClient sqlClient = context.GetClient <SqlManagementClient>();
Server server = context.CreateServer(resourceGroup);
// Create database
//
string dbName = SqlManagementTestUtilities.GenerateName(testPrefix);
var db1 = sqlClient.Databases.CreateOrUpdate(resourceGroup.Name, server.Name, dbName, new Database()
{
Location = server.Location,
});
Assert.NotNull(db1);
// Create server firewall rule
sqlClient.FirewallRules.CreateOrUpdate(resourceGroup.Name, server.Name, "sqltestrule", new FirewallRule()
{
StartIpAddress = "0.0.0.0",
EndIpAddress = "255.255.255.255"
});
// Create test table with columns
// This is not needed in playback because in playback, there is no actual database to execute against
HttpRecorderMode testMode = HttpMockServer.GetCurrentMode();
if (testMode != HttpRecorderMode.Playback)
{
SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder()
{
DataSource = string.Format(server.FullyQualifiedDomainName, server.Name),
UserID = SqlManagementTestUtilities.DefaultLogin,
Password = SqlManagementTestUtilities.DefaultPassword,
InitialCatalog = dbName
};
using (SqlConnection conn = new SqlConnection(builder.ConnectionString))
{
conn.Open();
SqlCommand command = new SqlCommand("create table table1 (column1 int, column2 nvarchar(max))", conn);
command.ExecuteNonQuery();
}
}
// Verify Policy is disabled to begin with
DataMaskingPolicy policy = sqlClient.DataMaskingPolicies.Get(resourceGroup.Name, server.Name, dbName);
Assert.Equal(DataMaskingState.Disabled, policy.DataMaskingState);
// Create a Number data masking rule (enables the data masking policy)
DataMaskingRule numberRule = new DataMaskingRule()
{
SchemaName = "dbo",
TableName = "table1",
ColumnName = "column1",
MaskingFunction = DataMaskingFunction.Number,
NumberFrom = "0",
NumberTo = "10"
};
// Create a Text data masking rule
DataMaskingRule textRule = new DataMaskingRule()
{
SchemaName = "dbo",
TableName = "table1",
ColumnName = "column2",
MaskingFunction = DataMaskingFunction.Text,
PrefixSize = "1",
SuffixSize = "1",
ReplacementString = "teststring"
};
// Not creating datamasking rule names because name is ignored when creating the rules anyway
sqlClient.DataMaskingRules.CreateOrUpdate(resourceGroup.Name, server.Name, dbName, "name", numberRule);
sqlClient.DataMaskingRules.CreateOrUpdate(resourceGroup.Name, server.Name, dbName, "name2", textRule);
// Verify Policy is now enabled
policy = sqlClient.DataMaskingPolicies.Get(resourceGroup.Name, server.Name, dbName);
Assert.Equal(DataMaskingState.Enabled, policy.DataMaskingState);
// List data masking rules
IEnumerable <DataMaskingRule> rules = sqlClient.DataMaskingRules.ListByDatabase(resourceGroup.Name, server.Name, dbName);
Assert.Equal(2, rules.Count());
// Verify number rule
numberRule = rules.FirstOrDefault(rule => rule.MaskingFunction == DataMaskingFunction.Number);
Assert.Equal("dbo", numberRule.SchemaName);
Assert.Equal("table1", numberRule.TableName);
Assert.Equal("column1", numberRule.ColumnName);
Assert.Equal("0", numberRule.NumberFrom);
Assert.Equal("10", numberRule.NumberTo);
// Verify text rule
textRule = rules.FirstOrDefault(rule => rule.MaskingFunction == DataMaskingFunction.Text);
Assert.Equal("dbo", textRule.SchemaName);
Assert.Equal("table1", textRule.TableName);
Assert.Equal("column2", textRule.ColumnName);
Assert.Equal("1", textRule.PrefixSize);
Assert.Equal("1", textRule.SuffixSize);
Assert.Equal("teststring", textRule.ReplacementString);
// Delete one rule through PUT
numberRule.RuleState = DataMaskingRuleState.Disabled;
sqlClient.DataMaskingRules.CreateOrUpdate(resourceGroup.Name, server.Name, dbName, "name", numberRule);
// List data masking rules
rules = sqlClient.DataMaskingRules.ListByDatabase(resourceGroup.Name, server.Name, dbName);
Assert.Equal(1, rules.Count());
// Verify Policy now enabled
policy = sqlClient.DataMaskingPolicies.Get(resourceGroup.Name, server.Name, dbName);
Assert.Equal(DataMaskingState.Enabled, policy.DataMaskingState);
// Disable data masking policy (this deletes data masking rules)
sqlClient.DataMaskingPolicies.CreateOrUpdate(resourceGroup.Name, server.Name, dbName, new DataMaskingPolicy()
{
DataMaskingState = DataMaskingState.Disabled
});
// Verify policy is disabled
policy = sqlClient.DataMaskingPolicies.Get(resourceGroup.Name, server.Name, dbName);
Assert.Equal(DataMaskingState.Disabled, policy.DataMaskingState);
// Verify no rules are returned
rules = sqlClient.DataMaskingRules.ListByDatabase(resourceGroup.Name, server.Name, dbName);
Assert.Equal(0, rules.Count());
};
}
