Skip to content

Commit

Permalink
working on ValidDatabaseOwner for #884
Browse files Browse the repository at this point in the history
  • Loading branch information
@jpomfret
jpomfret committed Apr 26, 2022
1 parent 0400d39 commit ae74f95
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions checks/Databasev5.Tests.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,3 +61,22 @@ Describe "Suspect Page" -Tags SuspectPage, High , Database -ForEach $InstancesTo
}
}
}

Describe "Valid Database Owner" -Tags ValidDatabaseOwner, Medium, Database -ForEach $InstancesToTest {
BeforeAll {
[string[]]$targetowner = Get-DbcConfigValue policy.validdbowner.name
$ExcludedDatabases += Get-DbcConfigValue policy.validdbowner.excludedb
}
Context "Testing Database Owners on <_.Name>" {
#TODO fix the it text - needs commas --> should be in this list ( sqladmin sa ) )
#It "Database <_.Name> - owner should be in this list ( $( [String]::Join(", ", $targetowner) ) ) on <_.Parent.Name>" -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database }else { $ExcludedDatabases -notcontains $PsItem.Name } } {
It "Database <_.Name> - owner '<_.Owner>' should be in this list ( <targetowner> ) ) on <_.Parent.Name>" -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database }else { $ExcludedDatabases -notcontains $PsItem.Name } } {
[string[]]$targetowner = Get-DbcConfigValue policy.validdbowner.name
$psitem.Owner | Should -BeIn $targetowner -Because "The account that is the database owner is not what was expected"
}
}
}

# how to we get config data to use in its? like $TargetOwner

This comment has been minimized.

Sign in to view

Copy link
@SQLDBAWithABeard

SQLDBAWithABeard Apr 27, 2022

Collaborator

So in Instances v5 we call the NewGet-AllInstancesInfo function (so maybe we need a Get-AllDatabasesInfo)

dbachecks/checks/Instancev5.Tests.ps1

Line 27 in ae74f95

NewGet-AllInstanceInfo -Instance $InstanceSMO -Tags $Tags

I am then adding a skip for every test (although that will need checking later because I will have missed some !)

We know the tags that have been chosen

dbachecks/checks/Instancev5.Tests.ps1

Line 9 in ae74f95

$Tags = Get-CheckInformation -Check $Check -Group Instance -AllChecks $AllChecks -ExcludeCheck $ChecksToExclude

So we pass both InstancesSmo and Tags to the New Get-AllInstanceInfo (Databasinfo here)

Then create a configvalues property

dbachecks/internal/functions/NewGet-AllInstanceInfo.ps1

Line 33 in ae74f95

$ConfigValues = [PSCustomObject]@{}

When we have a need for one we add it

dbachecks/internal/functions/NewGet-AllInstanceInfo.ps1

Line 52 in ae74f95

$ConfigValues | Add-Member -MemberType NoteProperty -Name 'scanforstartupproceduresdisabled' -Value (Get-DbcConfigValue policy.security.scanforstartupproceduresdisabled)

and then reference it in the check like this

dbachecks/checks/Instancev5.Tests.ps1

Line 74 in ae74f95

It "Scan For Startup Procedures is set to <_.ConfigValues.scanforstartupproceduresdisabled> on <_.Name>" -Skip:$skip {

Does that help?

This comment has been minimized.

Sign in to view

Copy link
@ClaudioESSilva

ClaudioESSilva Apr 27, 2022

Collaborator

Yes! 👍🏽

This comment has been minimized.

Sign in to view

Copy link
@jpomfret

jpomfret Apr 27, 2022

Author Collaborator

This is a great explanation!


0 comments on commit ae74f95

Please sign in to comment.