/// <summary>
/// Changes the database auditing policy with new values
/// </summary>
private void ChangeDataBaseAuditPolicy(DatabaseAuditingPolicyProperties properties)
{
properties.AuditingState = "Disabled";
properties.EventTypesToAudit = "PlainSQL_Success";
properties.RetentionDays = "10";
properties.AuditLogsTableName = "TempHyrdraTestAuditLogsTableName";
}
/// <summary>
/// The non-boilerplated test code of the APIs for managing the lifecycle of a given database's auditing policy. It is meant to be called with a name of an already existing database (and therefore already existing
/// server and resource group). This test does not create these resources and does not remove them.
/// </summary>
private void TestDatabaseAuditingAPIs(SqlManagementClient sqlClient, string resourceGroupName, Server server, Database database)
{
DatabaseAuditingPolicyGetResponse getDefaultDatabasePolicyResponse = sqlClient.AuditingPolicy.GetDatabasePolicy(resourceGroupName, server.Name, database.Name);
DatabaseAuditingPolicyProperties properties = getDefaultDatabasePolicyResponse.AuditingPolicy.Properties;
// Verify that the initial Get request contains the default policy.
TestUtilities.ValidateOperationResponse(getDefaultDatabasePolicyResponse, HttpStatusCode.OK);
VerifyDatabaseAuditingPolicyInformation(GetDefaultDatabaseAuditProperties(), properties);
// Modify the policy properties, send and receive, see it its still ok
ChangeDataBaseAuditPolicy(properties);
DatabaseAuditingPolicyCreateOrUpdateParameters updateParams =
new DatabaseAuditingPolicyCreateOrUpdateParameters {
Properties = properties
};
var updateResponse = sqlClient.AuditingPolicy.CreateOrUpdateDatebasePolicy(resourceGroupName, server.Name, database.Name, updateParams);
// Verify that the initial Get request contains the default policy.
TestUtilities.ValidateOperationResponse(updateResponse, HttpStatusCode.OK);
DatabaseAuditingPolicyGetResponse getUpdatedPolicyResponse = sqlClient.AuditingPolicy.GetDatabasePolicy(resourceGroupName, server.Name, database.Name);
DatabaseAuditingPolicyProperties updatedProperties = getUpdatedPolicyResponse.AuditingPolicy.Properties;
// Verify that the Get request contains the updated policy.
TestUtilities.ValidateOperationResponse(getUpdatedPolicyResponse, HttpStatusCode.OK);
VerifyDatabaseAuditingPolicyInformation(properties, updatedProperties);
}
/// <summary>
/// Transforms the given database policy object to its cmdlet model representation
/// </summary>
private DatabaseAuditingPolicyModel ModelizeDatabaseAuditPolicy(DatabaseAuditingPolicy policy)
{
DatabaseAuditingPolicyModel dbPolicyModel = new DatabaseAuditingPolicyModel();
DatabaseAuditingPolicyProperties properties = policy.Properties;
dbPolicyModel.AuditState = ModelizeAuditState(properties.AuditingState);
dbPolicyModel.UseServerDefault = properties.UseServerDefault == Constants.AuditingEndpoint.Enabled ? UseServerDefaultOptions.Enabled : UseServerDefaultOptions.Disabled;
ModelizeStorageInfo(dbPolicyModel, properties.StorageAccountName, properties.StorageAccountKey, properties.StorageAccountSecondaryKey);
ModelizeEventTypesInfo(dbPolicyModel, properties.EventTypesToAudit);
return(dbPolicyModel);
}
/// <summary>
/// Verify that the received properties match their expected values
/// </summary>
/// <param name="expected">The expected value of the properties object</param>
/// <param name="actual">The properties object that needs to be checked</param>
private static void VerifyDatabaseAuditingPolicyInformation(DatabaseAuditingPolicyProperties expected, DatabaseAuditingPolicyProperties actual)
{
Assert.Equal(expected.AuditingState, actual.AuditingState);
Assert.Equal(expected.EventTypesToAudit, actual.EventTypesToAudit);
Assert.Equal(expected.StorageAccountName, actual.StorageAccountName);
Assert.Equal(expected.StorageAccountKey, actual.StorageAccountKey);
Assert.Equal(expected.StorageAccountSecondaryKey, actual.StorageAccountSecondaryKey);
Assert.Equal(expected.StorageAccountResourceGroupName, actual.StorageAccountResourceGroupName);
Assert.Equal(expected.StorageTableEndpoint, actual.StorageTableEndpoint);
Assert.Equal(expected.StorageAccountSubscriptionId, actual.StorageAccountSubscriptionId);
Assert.Equal(expected.RetentionDays, actual.RetentionDays);
Assert.Equal(expected.UseServerDefault, actual.UseServerDefault);
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="policy">The AuditingPolicy object</param>
/// <returns>The communication model object</returns>
private DatabaseAuditingPolicyCreateOrUpdateParameters PolicizeDatabaseAuditingModel(DatabaseAuditingPolicyModel model)
{
DatabaseAuditingPolicyCreateOrUpdateParameters updateParameters = new DatabaseAuditingPolicyCreateOrUpdateParameters();
DatabaseAuditingPolicyProperties properties = new DatabaseAuditingPolicyProperties();
updateParameters.Properties = properties;
properties.AuditingState = PolicizeAuditState(model.AuditState);
properties.UseServerDefault = (model.UseServerDefault == UseServerDefaultOptions.Enabled) ? Constants.AuditingEndpoint.Enabled : Constants.AuditingEndpoint.Disabled;
properties.StorageAccountName = ExtractStorageAccountName(model);
properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName);
properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
properties.EventTypesToAudit = ExtractEventTypes(model);
return(updateParameters);
}
/// <summary>
/// Creates and returns a DatabaseAuditingPolicyProperties object that holds the default settings for a a database auditing policy
/// </summary>
/// <returns>A DatabaseAuditingPolicyProperties object with the default audit policy settings</returns>
private DatabaseAuditingPolicyProperties GetDefaultDatabaseAuditProperties()
{
DatabaseAuditingPolicyProperties props = new DatabaseAuditingPolicyProperties
{
AuditingState = "New",
EventTypesToAudit = c_DefualtEventTypesToAudit,
StorageAccountName = null,
StorageAccountKey = null,
StorageAccountSecondaryKey = null,
StorageAccountResourceGroupName = null,
StorageAccountSubscriptionId = null,
StorageTableEndpoint = null,
RetentionDays = "0",
UseServerDefault = "Disabled"
};
return(props);
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="model">The AuditingPolicy model object</param>
/// <returns>The communication model object</returns>
private DatabaseAuditingPolicyCreateOrUpdateParameters PolicizeDatabaseAuditingModel(DatabaseAuditingPolicyModel model, string storageEndpointSuffix)
{
DatabaseAuditingPolicyCreateOrUpdateParameters updateParameters = new DatabaseAuditingPolicyCreateOrUpdateParameters();
DatabaseAuditingPolicyProperties properties = new DatabaseAuditingPolicyProperties();
updateParameters.Properties = properties;
properties.AuditingState = PolicizeAuditState(model.AuditState);
properties.UseServerDefault = (model.UseServerDefault == UseServerDefaultOptions.Enabled) ? SecurityConstants.AuditingEndpoint.Enabled : SecurityConstants.AuditingEndpoint.Disabled;
properties.StorageAccountName = ExtractStorageAccountName(model);
properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName, storageEndpointSuffix);
properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
properties.EventTypesToAudit = ExtractEventTypes(model);
properties.RetentionDays = model.RetentionInDays.ToString();
properties.AuditLogsTableName = model.TableIdentifier;
return updateParameters;
}
