/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerThreatDetectionPolicyModel ApplyUserInputToModel(ServerThreatDetectionPolicyModel model)
{
base.ApplyUserInputToModel(model);
model.ThreatDetectionState = ThreatDetectionStateType.Enabled;
if (NotificationRecipientsEmails != null)
{
model.NotificationRecipientsEmails = NotificationRecipientsEmails;
}
if (EmailAdmins != null)
{
model.EmailAdmins = (bool)EmailAdmins;
}
if (ExcludedDetectionType != null)
{
model.ExcludedDetectionTypes = BaseThreatDetectionPolicyModel.ProcessExcludedDetectionTypes(ExcludedDetectionType);
}
if (RetentionInDays != null)
{
model.RetentionInDays = RetentionInDays;
}
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
}
return(model);
}
/// <summary>
/// Provides a server threat detection policy model for the given server
/// </summary>
public ServerThreatDetectionPolicyModel GetServerThreatDetectionPolicy(string resourceGroup, string serverName)
{
if (!IsRightServerVersionForThreatDetection(resourceGroup, serverName))
{
throw new Exception(Properties.Resources.ServerNotApplicableForThreatDetection);
}
var threatDetectionPolicy = ThreatDetectionCommunicator.GetServerSecurityAlertPolicy(resourceGroup, serverName);
var serverThreatDetectionPolicyModel = new ServerThreatDetectionPolicyModel()
{
ThreatDetectionState = ModelizeThreatDetectionState(threatDetectionPolicy.State.ToString()),
NotificationRecipientsEmails = string.Join(";", threatDetectionPolicy.EmailAddresses.ToArray()),
EmailAdmins = threatDetectionPolicy.EmailAccountAdmins == null ? false : threatDetectionPolicy.EmailAccountAdmins.Value,
RetentionInDays = (uint)threatDetectionPolicy.RetentionDays,
};
serverThreatDetectionPolicyModel.ExcludedDetectionTypes = threatDetectionPolicy.DisabledAlerts.Where(alert => !string.IsNullOrEmpty(alert)).ToArray() ?? new string[] { };
serverThreatDetectionPolicyModel.ResourceGroupName = resourceGroup;
serverThreatDetectionPolicyModel.ServerName = serverName;
ModelizeStorageAccount(serverThreatDetectionPolicyModel, threatDetectionPolicy.StorageEndpoint);
return(serverThreatDetectionPolicyModel);
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetServerThreatDetectionPolicy(ServerThreatDetectionPolicyModel model, string storageEndpointSuffix)
{
if (model.ThreatDetectionState == ThreatDetectionStateType.Enabled &&
!IsRightServerVersionForThreatDetection(model.ResourceGroupName, model.ServerName))
{
throw new Exception(Properties.Resources.ServerNotApplicableForThreatDetection);
}
var serverSecurityAlertPolicyParameters = PolicizeServerSecurityAlertModel(model, storageEndpointSuffix);
ThreatDetectionCommunicator.SetServerSecurityAlertPolicy(model.ResourceGroupName, model.ServerName, serverSecurityAlertPolicyParameters);
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetServerThreatDetectionPolicy(ServerThreatDetectionPolicyModel model, string clientId)
{
if (model.ThreatDetectionState == ThreatDetectionStateType.Enabled)
{
if (!IsRightServerVersionForThreatDetection(model.ResourceGroupName, model.ServerName, clientId))
{
throw new Exception(Properties.Resources.ServerNotApplicableForThreatDetection);
}
// Check that auditing is turned on:
ServerAuditingPolicyModel serverAuditingPolicyModel;
AuditingAdapter.GetServerAuditingPolicy(model.ResourceGroupName, model.ServerName, clientId, out serverAuditingPolicyModel);
if (serverAuditingPolicyModel.AuditState != AuditStateType.Enabled)
{
throw new Exception(Properties.Resources.AuditingIsTurnedOff);
}
}
var serverSecurityAlertPolicyParameters = PolicizeServerSecurityAlertModel(model);
ThreatDetectionCommunicator.SetServerSecurityAlertPolicy(model.ResourceGroupName, model.ServerName, clientId, serverSecurityAlertPolicyParameters);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerThreatDetectionPolicyModel ApplyUserInputToModel(ServerThreatDetectionPolicyModel model)
{
base.ApplyUserInputToModel(model);
model.ThreatDetectionState = ThreatDetectionStateType.Enabled;
if (NotificationRecipientsEmails != null)
{
model.NotificationRecipientsEmails = NotificationRecipientsEmails;
}
if (EmailAdmins != null)
{
model.EmailAdmins = (bool)EmailAdmins;
}
if (ExcludedDetectionType != null)
{
model.ExcludedDetectionTypes = BaseThreatDetectionPolicyModel.ProcessExcludedDetectionTypes(ExcludedDetectionType);
}
model.ValidateContent();
return(model);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerThreatDetectionPolicyModel ApplyUserInputToModel(ServerThreatDetectionPolicyModel model)
{
base.ApplyUserInputToModel(model);
model.ThreatDetectionState = ThreatDetectionStateType.Enabled;
if (NotificationRecipientsEmails != null)
{
model.NotificationRecipientsEmails = NotificationRecipientsEmails;
}
if (EmailAdmins != null)
{
model.EmailAdmins = (bool)EmailAdmins;
}
if (ExcludedDetectionType != null)
{
model.ExcludedDetectionTypes = BaseThreatDetectionPolicyModel.ProcessExcludedDetectionTypes(ExcludedDetectionType);
}
model.ValidateContent();
return model;
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="model">The SecurityAlert model object</param>
/// <returns>The communication model object</returns>
private ServerSecurityAlertPolicyCreateOrUpdateParameters PolicizeServerSecurityAlertModel(ServerThreatDetectionPolicyModel model)
{
var updateParameters = new ServerSecurityAlertPolicyCreateOrUpdateParameters();
var properties = PopulatePolicyProperties(model, new ServerSecurityAlertPolicyProperties()) as ServerSecurityAlertPolicyProperties;
updateParameters.Properties = properties;
return updateParameters;
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetServerThreatDetectionPolicy(ServerThreatDetectionPolicyModel model, string clientId)
{
if (model.ThreatDetectionState == ThreatDetectionStateType.Enabled)
{
if (!IsRightServerVersionForThreatDetection(model.ResourceGroupName, model.ServerName, clientId))
{
throw new Exception(Properties.Resources.ServerNotApplicableForThreatDetection);
}
// Check that auditing is turned on:
ServerAuditingPolicyModel serverAuditingPolicyModel;
AuditingAdapter.GetServerAuditingPolicy(model.ResourceGroupName, model.ServerName, clientId, out serverAuditingPolicyModel);
if (serverAuditingPolicyModel.AuditState != AuditStateType.Enabled)
{
throw new Exception(Properties.Resources.AuditingIsTurnedOff);
}
}
var serverSecurityAlertPolicyParameters = PolicizeServerSecurityAlertModel(model);
ThreatDetectionCommunicator.SetServerSecurityAlertPolicy(model.ResourceGroupName, model.ServerName, clientId, serverSecurityAlertPolicyParameters);
}
/// <summary>
/// No sending is needed as this is a Get cmdlet
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override ServerThreatDetectionPolicyModel PersistChanges(ServerThreatDetectionPolicyModel model)
{
return null;
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerThreatDetectionPolicyModel ApplyUserInputToModel(ServerThreatDetectionPolicyModel model)
{
model = base.ApplyUserInputToModel(model);
model.ThreatDetectionState = ThreatDetectionStateType.Disabled;
return(model);
}
/// <summary>
/// No sending is needed as this is a Get cmdlet
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override ServerThreatDetectionPolicyModel PersistChanges(ServerThreatDetectionPolicyModel model)
{
return(null);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerThreatDetectionPolicyModel ApplyUserInputToModel(ServerThreatDetectionPolicyModel model)
{
model = base.ApplyUserInputToModel(model);
model.ThreatDetectionState = ThreatDetectionStateType.Disabled;
return model;
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="model">The SecurityAlert model object</param>
/// <returns>The communication model object</returns>
private ServerSecurityAlertPolicyCreateOrUpdateParameters PolicizeServerSecurityAlertModel(ServerThreatDetectionPolicyModel model)
{
var updateParameters = new ServerSecurityAlertPolicyCreateOrUpdateParameters();
var properties = PopulatePolicyProperties(model, new ServerSecurityAlertPolicyProperties()) as ServerSecurityAlertPolicyProperties;
updateParameters.Properties = properties;
return(updateParameters);
}
