/// <summary>
/// Creates a new firewall rule on the specified server.
/// </summary>
/// <param name="parameterSetName">The parameter set for the command.</param>
/// <param name="serverName">The name of the server in which to create the firewall rule.</param>
/// <param name="ruleName">The name of the new firewall rule.</param>
/// <param name="startIpAddress">The starting IP address for the firewall rule.</param>
/// <param name="endIpAddress">The ending IP address for the firewall rule.</param>
/// <returns>The context to the newly created firewall rule.</returns>
internal SqlDatabaseServerFirewallRuleContext NewAzureSqlDatabaseServerFirewallRuleProcess(
string parameterSetName,
string serverName,
string ruleName,
string startIpAddress,
string endIpAddress)
{
// Get the SQL management client for the current subscription
SqlManagementClient sqlManagementClient = SqlDatabaseCmdletBase.GetCurrentSqlClient();
// Create the firewall rule
FirewallRuleCreateResponse response = sqlManagementClient.FirewallRules.Create(
serverName,
new FirewallRuleCreateParameters()
{
Name = ruleName,
StartIPAddress = startIpAddress,
EndIPAddress = endIpAddress,
});
SqlDatabaseServerFirewallRuleContext operationContext = new SqlDatabaseServerFirewallRuleContext()
{
OperationDescription = CommandRuntime.ToString(),
OperationStatus = Services.Constants.OperationSuccess,
OperationId = response.RequestId,
ServerName = serverName,
RuleName = ruleName,
StartIpAddress = response.StartIPAddress,
EndIpAddress = response.EndIPAddress,
};
return(operationContext);
}
/// <summary>
/// Process the command.
/// </summary>
public override void ExecuteCmdlet()
{
// Do nothing if force is not specified and user cancelled the operation
string verboseDescription = string.Format(
CultureInfo.InvariantCulture,
Resources.NewAzureSqlDatabaseServerFirewallRuleDescription,
this.RuleName,
this.ServerName);
string verboseWarning = string.Format(
CultureInfo.InvariantCulture,
Resources.NewAzureSqlDatabaseServerFirewallRuleWarning,
this.RuleName,
this.ServerName);
if (!this.Force.IsPresent &&
!this.ShouldProcess(verboseDescription, verboseWarning, Resources.ShouldProcessCaption))
{
return;
}
try
{
SqlDatabaseServerFirewallRuleContext context = null;
switch (this.ParameterSetName)
{
case IpRangeParameterSet:
context = this.NewAzureSqlDatabaseServerFirewallRuleProcess(
this.ParameterSetName,
this.ServerName,
this.RuleName,
this.StartIpAddress,
this.EndIpAddress);
break;
case AllowAllAzureServicesParameterSet:
// Determine which rule name to use.
string ruleName = AllowAllAzureServicesRuleName;
if (this.MyInvocation.BoundParameters.ContainsKey("RuleName"))
{
ruleName = this.RuleName;
}
// Create the rule
context = this.NewAzureSqlDatabaseServerFirewallRuleProcess(
this.ParameterSetName,
this.ServerName,
ruleName,
AllowAzureServicesRuleAddress,
AllowAzureServicesRuleAddress);
break;
}
this.WriteObject(context, true);
}
catch (Exception ex)
{
this.WriteErrorDetails(ex);
}
}
/// <summary>
/// Creates a new firewall rule on the specified server.
/// </summary>
/// <param name="parameterSetName">
/// The parameter set for the command.
/// </param>
/// <param name="serverName">
/// The name of the server in which to create the firewall rule.
/// </param>
/// <param name="ruleName">
/// The name of the new firewall rule.
/// </param>
/// <param name="startIpAddress">
/// The starting IP address for the firewall rule.
/// </param>
/// <param name="endIpAddress">
/// The ending IP address for the firewall rule.
/// </param>
/// <returns>The context to the newly created firewall rule.</returns>
internal SqlDatabaseServerFirewallRuleContext NewAzureSqlDatabaseServerFirewallRuleProcess(string parameterSetName, string serverName, string ruleName, string startIpAddress, string endIpAddress)
{
// Do nothing if force is not specified and user cancelled the operation
if (!Force.IsPresent &&
!ShouldProcess(
string.Format(CultureInfo.InvariantCulture, Resources.NewAzureSqlDatabaseServerFirewallRuleDescription, ruleName, serverName),
string.Format(CultureInfo.InvariantCulture, Resources.NewAzureSqlDatabaseServerFirewallRuleWarning, ruleName, serverName),
Resources.ShouldProcessCaption))
{
return(null);
}
SqlDatabaseServerFirewallRuleContext operationContext = null;
try
{
switch (parameterSetName)
{
case "IpRange":
InvokeInOperationContext(() =>
{
RetryCall(subscription =>
Channel.NewServerFirewallRule(subscription, serverName, ruleName, startIpAddress, endIpAddress));
WAPPSCmdlet.Operation operation = WaitForSqlDatabaseOperation();
operationContext = new SqlDatabaseServerFirewallRuleContext()
{
OperationDescription = CommandRuntime.ToString(),
OperationStatus = operation.Status,
OperationId = operation.OperationTrackingId,
ServerName = serverName,
RuleName = ruleName,
StartIpAddress = startIpAddress,
EndIpAddress = endIpAddress
};
});
break;
default:
// Should never get here
Debug.Assert(false, "Invalid parameter set!");
break;
}
}
catch (CommunicationException ex)
{
this.WriteErrorDetails(ex);
}
return(operationContext);
}
/// <summary>
/// Process the command.
/// </summary>
public override void ExecuteCmdlet()
{
try
{
SqlDatabaseServerFirewallRuleContext context = this.SetAzureSqlDatabaseServerFirewallRuleProcess(
this.ServerName,
this.RuleName,
this.StartIpAddress,
this.EndIpAddress);
this.WriteObject(context, true);
}
catch (Exception ex)
{
this.WriteErrorDetails(ex);
}
}
/// <summary>
/// Process the command.
/// </summary>
protected override void ProcessRecord()
{
try
{
base.ProcessRecord();
SqlDatabaseServerFirewallRuleContext context = this.SetAzureSqlDatabaseServerFirewallRuleProcess(
this.ServerName,
this.RuleName,
this.StartIpAddress,
this.EndIpAddress);
this.WriteObject(context, true);
}
catch (Exception ex)
{
this.WriteErrorDetails(ex);
}
}
/// <summary>
/// Updates a firewall rule on the specified server.
/// </summary>
/// <param name="serverName">The name of the server containing the firewall rule.</param>
/// <param name="ruleName">The name of the firewall rule to update.</param>
/// <param name="startIpAddress">The starting IP address for the firewall rule.</param>
/// <param name="endIpAddress">The ending IP address for the firewall rule.</param>
/// <returns>The updated firewall rule.</returns>
internal SqlDatabaseServerFirewallRuleContext SetAzureSqlDatabaseServerFirewallRuleProcess(
string serverName,
string ruleName,
string startIpAddress,
string endIpAddress)
{
// Do nothing if force is not specified and user cancelled the operation
if (!Force.IsPresent &&
!ShouldProcess(
string.Format(CultureInfo.InvariantCulture, Resources.SetAzureSqlDatabaseServerFirewallRuleDescription, ruleName, serverName),
string.Format(CultureInfo.InvariantCulture, Resources.SetAzureSqlDatabaseServerFirewallRuleWarning, ruleName, serverName),
Resources.ShouldProcessCaption))
{
return(null);
}
// Get the SQL management client for the current subscription
SqlManagementClient sqlManagementClient = GetCurrentSqlClient();
// Update the specified firewall rule
FirewallRuleUpdateResponse response = sqlManagementClient.FirewallRules.Update(
serverName,
ruleName,
new FirewallRuleUpdateParameters()
{
Name = ruleName,
StartIPAddress = startIpAddress,
EndIPAddress = endIpAddress,
});
SqlDatabaseServerFirewallRuleContext operationContext = new SqlDatabaseServerFirewallRuleContext()
{
OperationDescription = CommandRuntime.ToString(),
OperationStatus = Services.Constants.OperationSuccess,
OperationId = response.RequestId,
ServerName = serverName,
RuleName = ruleName,
StartIpAddress = response.FirewallRule.StartIPAddress,
EndIpAddress = response.FirewallRule.EndIPAddress
};
return(operationContext);
}
/// <summary>
/// Creates a new firewall rule on the specified server.
/// </summary>
/// <param name="parameterSetName">
/// The parameter set for the command.
/// </param>
/// <param name="serverName">
/// The name of the server in which to create the firewall rule.
/// </param>
/// <param name="ruleName">
/// The name of the new firewall rule.
/// </param>
/// <param name="startIpAddress">
/// The starting IP address for the firewall rule.
/// </param>
/// <param name="endIpAddress">
/// The ending IP address for the firewall rule.
/// </param>
/// <returns>The context to the newly created firewall rule.</returns>
internal SqlDatabaseServerFirewallRuleContext NewAzureSqlDatabaseServerFirewallRuleProcess(
string parameterSetName,
string serverName,
string ruleName,
string startIpAddress,
string endIpAddress)
{
SqlDatabaseServerFirewallRuleContext operationContext = null;
try
{
this.InvokeInOperationContext(() =>
{
this.RetryCall(subscription =>
this.Channel.NewServerFirewallRule(
subscription,
serverName,
ruleName,
startIpAddress,
endIpAddress));
Operation operation = WaitForSqlDatabaseOperation();
operationContext = new SqlDatabaseServerFirewallRuleContext()
{
OperationDescription = CommandRuntime.ToString(),
OperationStatus = operation.Status,
OperationId = operation.OperationTrackingId,
ServerName = serverName,
RuleName = ruleName,
StartIpAddress = startIpAddress,
EndIpAddress = endIpAddress
};
});
}
catch (CommunicationException ex)
{
this.WriteErrorDetails(ex);
}
return(operationContext);
}
/// <summary>
/// Updates a firewall rule on the specified server.
/// </summary>
/// <param name="serverName">
/// The name of the server containing the firewall rule.
/// </param>
/// <param name="ruleName">
/// The name of the firewall rule to update.
/// </param>
/// <param name="startIpAddress">
/// The starting IP address for the firewall rule.
/// </param>
/// <param name="endIpAddress">
/// The ending IP address for the firewall rule.
/// </param>
/// <returns>The updated firewall rule.</returns>
internal SqlDatabaseServerFirewallRuleContext SetAzureSqlDatabaseServerFirewallRuleProcess(string serverName, string ruleName, string startIpAddress, string endIpAddress)
{
// Do nothing if force is not specified and user cancelled the operation
if (!Force.IsPresent &&
!ShouldProcess(
string.Format(CultureInfo.InvariantCulture, Resources.SetAzureSqlDatabaseServerFirewallRuleDescription, ruleName, serverName),
string.Format(CultureInfo.InvariantCulture, Resources.SetAzureSqlDatabaseServerFirewallRuleWarning, ruleName, serverName),
Resources.ShouldProcessCaption))
{
return(null);
}
SqlDatabaseServerFirewallRuleContext operationContext = null;
try
{
InvokeInOperationContext(() =>
{
RetryCall(subscription =>
Channel.UpdateServerFirewallRule(subscription, serverName, ruleName, startIpAddress, endIpAddress));
Operation operation = WaitForSqlDatabaseOperation();
operationContext = new SqlDatabaseServerFirewallRuleContext()
{
OperationDescription = CommandRuntime.ToString(),
OperationStatus = operation.Status,
OperationId = operation.OperationTrackingId,
ServerName = serverName,
RuleName = ruleName,
StartIpAddress = startIpAddress,
EndIpAddress = endIpAddress
};
});
}
catch (CommunicationException ex)
{
this.WriteErrorDetails(ex);
}
return(operationContext);
}
public void AzureSqlDatabaseServerFirewallTests()
{
// This test uses the https endpoint, setup the certificates.
MockHttpServer.SetupCertificates();
using (System.Management.Automation.PowerShell powershell = System.Management.Automation.PowerShell.Create())
{
// Setup the subscription used for the test
AzureSubscription subscription =
UnitTestHelper.SetupUnitTestSubscription(powershell);
powershell.Runspace.SessionStateProxy.SetVariable(
"serverName",
SqlDatabaseTestSettings.Instance.ServerName);
// Create a new server
HttpSession testSession = MockServerHelper.DefaultSessionCollection.GetSession(
"UnitTest.AzureSqlDatabaseServerFirewallTests");
ServerTestHelper.SetDefaultTestSessionSettings(testSession);
testSession.RequestValidator =
new Action <HttpMessage, HttpMessage.Request>(
(expected, actual) =>
{
Assert.AreEqual(expected.RequestInfo.Method, actual.Method);
Assert.IsTrue(
actual.UserAgent.Contains(ApiConstants.UserAgentHeaderValue),
"Missing proper UserAgent string.");
});
Collection <PSObject> newFirewallRuleResult1 = MockServerHelper.ExecuteWithMock(
testSession,
MockHttpServer.DefaultHttpsServerPrefixUri,
() =>
{
return(powershell.InvokeBatchScript(
@"New-AzureSqlDatabaseServerFirewallRule" +
@" -ServerName $serverName" +
@" -RuleName Rule1" +
@" -StartIpAddress 0.0.0.0" +
@" -EndIpAddress 1.1.1.1"));
});
Collection <PSObject> newFirewallRuleResult2 = MockServerHelper.ExecuteWithMock(
testSession,
MockHttpServer.DefaultHttpsServerPrefixUri,
() =>
{
return(powershell.InvokeBatchScript(
@"New-AzureSqlDatabaseServerFirewallRule" +
@" -ServerName $serverName" +
@" -RuleName Rule2" +
@" -StartIpAddress 1.1.1.1" +
@" -EndIpAddress 2.2.2.2"));
});
Collection <PSObject> getFirewallRuleResult = MockServerHelper.ExecuteWithMock(
testSession,
MockHttpServer.DefaultHttpsServerPrefixUri,
() =>
{
return(powershell.InvokeBatchScript(
@"Get-AzureSqlDatabaseServerFirewallRule $serverName"));
});
Collection <PSObject> setFirewallResult = MockServerHelper.ExecuteWithMock(
testSession,
MockHttpServer.DefaultHttpsServerPrefixUri,
() =>
{
powershell.Runspace.SessionStateProxy.SetVariable("fw", newFirewallRuleResult1);
powershell.InvokeBatchScript(
@"$fw | Set-AzureSqlDatabaseServerFirewallRule" +
@" -StartIpAddress 2.2.2.2" +
@" -EndIpAddress 3.3.3.3");
return(powershell.InvokeBatchScript(
@"$fw | Get-AzureSqlDatabaseServerFirewallRule"));
});
Collection <PSObject> removeFirewallResult = MockServerHelper.ExecuteWithMock(
testSession,
MockHttpServer.DefaultHttpsServerPrefixUri,
() =>
{
powershell.Runspace.SessionStateProxy.SetVariable("rules", getFirewallRuleResult);
powershell.InvokeBatchScript(
@"$rules | Remove-AzureSqlDatabaseServerFirewallRule" +
@" -Force");
return(powershell.InvokeBatchScript(
@"Get-AzureSqlDatabaseServerFirewallRule $serverName"));
});
Assert.AreEqual(0, powershell.Streams.Error.Count, "Unexpected Errors during run!");
Assert.AreEqual(0, powershell.Streams.Warning.Count, "Unexpected Warnings during run!");
// Validate New- and Get-AzureSqlDatabaseServerFirewallRule
SqlDatabaseServerFirewallRuleContext[] firewallRules = getFirewallRuleResult
.Select(r => r.BaseObject as SqlDatabaseServerFirewallRuleContext)
.ToArray();
Assert.AreEqual(2, firewallRules.Length, "Expecting two firewall rules");
Assert.IsNotNull(firewallRules[0],
"Expecting a SqlDatabaseServerFirewallRuleContext object.");
Assert.IsNotNull(firewallRules[1],
"Expecting a SqlDatabaseServerFirewallRuleContext object.");
Assert.AreEqual(SqlDatabaseTestSettings.Instance.ServerName, firewallRules[0].ServerName);
Assert.AreEqual("Rule1", firewallRules[0].RuleName);
Assert.AreEqual("0.0.0.0", firewallRules[0].StartIpAddress);
Assert.AreEqual("1.1.1.1", firewallRules[0].EndIpAddress);
Assert.AreEqual("Success", firewallRules[0].OperationStatus);
Assert.AreEqual(SqlDatabaseTestSettings.Instance.ServerName, firewallRules[1].ServerName);
Assert.AreEqual("Rule2", firewallRules[1].RuleName);
Assert.AreEqual("1.1.1.1", firewallRules[1].StartIpAddress);
Assert.AreEqual("2.2.2.2", firewallRules[1].EndIpAddress);
Assert.AreEqual("Success", firewallRules[1].OperationStatus);
// Validate Set-AzureSqlDatabaseServerFirewallRule
SqlDatabaseServerFirewallRuleContext firewallRule =
setFirewallResult.Single().BaseObject as SqlDatabaseServerFirewallRuleContext;
Assert.IsNotNull(firewallRule, "Expecting a SqlDatabaseServerFirewallRuleContext object");
Assert.AreEqual(SqlDatabaseTestSettings.Instance.ServerName, firewallRule.ServerName);
Assert.AreEqual("Rule1", firewallRule.RuleName);
Assert.AreEqual("2.2.2.2", firewallRule.StartIpAddress);
Assert.AreEqual("3.3.3.3", firewallRule.EndIpAddress);
Assert.AreEqual("Success", firewallRule.OperationStatus);
// Validate Remove-AzureSqlDatabaseServerFirewallRule
Assert.AreEqual(0, removeFirewallResult.Count,
"Expect all firewall rules are dropped.");
}
}
/// <summary>
/// Creates a new firewall rule on the specified server.
/// </summary>
/// <param name="parameterSetName">
/// The parameter set for the command.
/// </param>
/// <param name="serverName">
/// The name of the server in which to create the firewall rule.
/// </param>
/// <param name="ruleName">
/// The name of the new firewall rule.
/// </param>
/// <param name="startIpAddress">
/// The starting IP address for the firewall rule.
/// </param>
/// <param name="endIpAddress">
/// The ending IP address for the firewall rule.
/// </param>
/// <returns>The context to the newly created firewall rule.</returns>
internal SqlDatabaseServerFirewallRuleContext NewAzureSqlDatabaseServerFirewallRuleProcess(string parameterSetName, string serverName, string ruleName, string startIpAddress, string endIpAddress)
{
// Do nothing if force is not specified and user cancelled the operation
if (!Force.IsPresent &&
!ShouldProcess(
string.Format(CultureInfo.InvariantCulture, Resources.NewAzureSqlDatabaseServerFirewallRuleDescription, ruleName, serverName),
string.Format(CultureInfo.InvariantCulture, Resources.NewAzureSqlDatabaseServerFirewallRuleWarning, ruleName, serverName),
Resources.ShouldProcessCaption))
{
return null;
}
SqlDatabaseServerFirewallRuleContext operationContext = null;
try
{
switch (parameterSetName)
{
case "IpRange":
InvokeInOperationContext(() =>
{
RetryCall(subscription =>
Channel.NewServerFirewallRule(subscription, serverName, ruleName, startIpAddress, endIpAddress));
Operation operation = WaitForSqlDatabaseOperation();
operationContext = new SqlDatabaseServerFirewallRuleContext()
{
OperationDescription = CommandRuntime.ToString(),
OperationStatus = operation.Status,
OperationId = operation.OperationTrackingId,
ServerName = serverName,
RuleName = ruleName,
StartIpAddress = startIpAddress,
EndIpAddress = endIpAddress
};
});
break;
default:
// Should never get here
Debug.Assert(false, "Invalid parameter set!");
break;
}
}
catch (CommunicationException ex)
{
this.WriteErrorDetails(ex);
}
return operationContext;
}
/// <summary>
/// Creates a new firewall rule on the specified server.
/// </summary>
/// <param name="parameterSetName">
/// The parameter set for the command.
/// </param>
/// <param name="serverName">
/// The name of the server in which to create the firewall rule.
/// </param>
/// <param name="ruleName">
/// The name of the new firewall rule.
/// </param>
/// <param name="startIpAddress">
/// The starting IP address for the firewall rule.
/// </param>
/// <param name="endIpAddress">
/// The ending IP address for the firewall rule.
/// </param>
/// <returns>The context to the newly created firewall rule.</returns>
internal SqlDatabaseServerFirewallRuleContext NewAzureSqlDatabaseServerFirewallRuleProcess(
string parameterSetName,
string serverName,
string ruleName,
string startIpAddress,
string endIpAddress)
{
SqlDatabaseServerFirewallRuleContext operationContext = null;
try
{
this.InvokeInOperationContext(() =>
{
this.RetryCall(subscription =>
this.Channel.NewServerFirewallRule(
subscription,
serverName,
ruleName,
startIpAddress,
endIpAddress));
Operation operation = WaitForSqlDatabaseOperation();
operationContext = new SqlDatabaseServerFirewallRuleContext()
{
OperationDescription = CommandRuntime.ToString(),
OperationStatus = operation.Status,
OperationId = operation.OperationTrackingId,
ServerName = serverName,
RuleName = ruleName,
StartIpAddress = startIpAddress,
EndIpAddress = endIpAddress
};
});
}
catch (CommunicationException ex)
{
this.WriteErrorDetails(ex);
}
return operationContext;
}
