Initial WIP code for user management (#1838)

* Initial user management code * WIP * Fix whitespace * WIP user objects * WIP user objects * Cleanup ported code * WIP * WIP * Update the User contracts * Additional cleanups * Remove warning silencing which isn't intended for this PR * Fix some warnings as error in CI
2026-02-13 11:38:33 -05:00 · 2023-01-31 21:12:53 -08:00
parent 9fe3aeddc3
commit 3c25549986
11 changed files with 4819 additions and 1 deletions
--- a/src/Microsoft.SqlTools.ServiceLayer/Security/Contracts/LoginInfo.cs
+++ b/src/Microsoft.SqlTools.ServiceLayer/Security/Contracts/LoginInfo.cs
@@ -0,0 +1,58 @@
+//
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+//
+
+using System.Runtime.Serialization;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Converters;
+
+namespace Microsoft.SqlTools.ServiceLayer.Security.Contracts
+{
+    [JsonConverter(typeof(StringEnumConverter))]
+    public enum LoginType
+    {
+        [EnumMember(Value = "Windows")]
+        Windows,
+        [EnumMember(Value = "Sql")]
+        Sql,
+        [EnumMember(Value = "AAD")]
+        AzureActiveDirectory
+    }
+
+    /// <summary>
+    /// a class for storing various login properties
+    /// </summary>
+    public class LoginInfo
+    {
+        public string LoginName { get; set; }
+
+        public LoginType LoginType { get; set; }
+
+        public string CertificateName { get; set; }
+            
+        public string AsymmetricKeyName { get; set; }
+
+        public bool WindowsGrantAccess { get; set; }
+
+        public bool MustChange { get; set; }
+
+        public bool IsDisabled { get; set; }
+
+        public bool IsLockedOut { get; set; }
+
+        public bool EnforcePolicy { get; set; }
+
+        public bool EnforceExpiration { get; set; }
+
+        public bool WindowsAuthSupported { get; set; }
+
+        public string Password { get; set; }
+
+        public string OldPassword { get; set; }
+
+        public string DefaultLanguage { get; set; }
+
+        public string DefaultDatabase { get; set; }
+    }
+}
--- a/src/Microsoft.SqlTools.ServiceLayer/Security/Contracts/LoginRequest.cs
+++ b/src/Microsoft.SqlTools.ServiceLayer/Security/Contracts/LoginRequest.cs
@@ -0,0 +1,66 @@
+//
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+//
+
+using Microsoft.SqlTools.Hosting.Protocol.Contracts;
+using Microsoft.SqlTools.ServiceLayer.Utility;
+using Microsoft.SqlTools.Utility;
+
+namespace Microsoft.SqlTools.ServiceLayer.Security.Contracts
+{    
+    /// <summary>
+    /// Create Login parameters
+    /// </summary>
+    public class CreateLoginParams : GeneralRequestDetails
+    {
+        public string OwnerUri { get; set; }
+
+        public LoginInfo Login { get; set; }
+    }
+
+    /// <summary>
+    /// Create Login result
+    /// </summary>
+    public class CreateLoginResult : ResultStatus
+    {
+        public LoginInfo Login { get; set; }        
+    }
+
+
+    /// <summary>
+    /// Create Login request type
+    /// </summary>
+    public class CreateLoginRequest
+    {
+        /// <summary>
+        /// Request definition
+        /// </summary>
+        public static readonly
+            RequestType<CreateLoginParams, CreateLoginResult> Type =
+            RequestType<CreateLoginParams, CreateLoginResult>.Create("security/createlogin");
+    }
+
+    /// <summary>
+    /// Delete Login params
+    /// </summary>
+    public class DeleteLoginParams : GeneralRequestDetails
+    {
+        public string OwnerUri { get; set; }
+
+        public string LoginName { get; set; }
+    }
+
+    /// <summary>
+    /// Delete Login request type
+    /// </summary>
+    public class DeleteLoginRequest
+    {
+        /// <summary>
+        /// Request definition
+        /// </summary>
+        public static readonly
+            RequestType<DeleteLoginParams, ResultStatus> Type =
+            RequestType<DeleteLoginParams, ResultStatus>.Create("security/deletelogin");
+    }
+}
--- a/src/Microsoft.SqlTools.ServiceLayer/Security/Contracts/UserInfo.cs
+++ b/src/Microsoft.SqlTools.ServiceLayer/Security/Contracts/UserInfo.cs
@@ -0,0 +1,124 @@
+//
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+//
+
+using System.Runtime.Serialization;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Converters;
+
+namespace Microsoft.SqlTools.ServiceLayer.Security.Contracts
+{
+    [JsonConverter(typeof(StringEnumConverter))]
+    public enum DatabaseUserType
+    {
+        [EnumMember(Value = "UserWithLogin")]
+        UserWithLogin,
+        [EnumMember(Value = "UserWithoutLogin")]
+        UserWithoutLogin
+    }
+
+    public class ExtendedProperty 
+    {
+
+        public string Name { get; set; }
+
+        public string Value { get; set; }
+    }
+
+    public class SqlObject
+    {
+        public string Name { get; set; }
+
+        public string Path { get; set; }
+    }
+
+    public class Permission
+    {
+        public string Name { get; set; }
+
+        public bool Grant { get; set; }
+
+        public bool WithGrant { get; set; }
+
+        public bool Deny { get; set; }
+    }
+
+    public class SecurablePermissions
+    {
+        public SqlObject Securable { get; set; }
+
+        public Permission[] Permissions { get; set; }
+    }
+
+    /// <summary>
+    /// a class for storing various user properties
+    /// </summary>
+    public class UserInfo
+    {
+        DatabaseUserType? Type { get; set; }
+
+        public string LoginName { get; set; }
+
+        public string Password { get; set; }
+
+        public string DefaultSchema { get; set; }
+
+        public string[] OwnedSchemas { get; set; }
+
+        public bool isEnabled { get; set; }
+
+        public bool isAAD { get; set; }
+
+        public ExtendedProperty[] ExtendedProperties { get; set; }
+
+        public SecurablePermissions[] SecurablePermissions { get; set; }   
+    }
+}
+
+
+#if false
+
+export interface ServerRole extends SqlObject {
+	owner: string | undefined;
+	securablePermissions: SecurablePermissions[];
+	members: SqlObject[];
+	memberships: SqlObject[];
+	isFixedRole: boolean;
+}
+
+export interface ServerLogin extends SqlObject {
+	type: LoginType;
+	password: string | undefined;
+	oldPassword: string | undefined;
+	enforcePasswordPolicy: boolean | undefined;
+	enforcePasswordExpiration: boolean | undefined;
+	defaultDatabase: string;
+	defaultLanguage: string;
+	serverRoles: string[];
+	userMapping: ServerLoginDatabaseUserMapping[];
+	isGroup: boolean;
+	isEnabled: boolean;
+	connectPermission: boolean;
+	isLockedOut: boolean;
+}
+
+
+
+export interface ServerLoginDatabaseUserMapping {
+	database: string;
+	user: string;
+	defaultSchema: string;
+	databaseRoles: string[];
+}
+
+export interface DatabaseRole extends SqlObject {
+	owner: string | undefined;
+	password: string | undefined;
+	ownedSchemas: string[];
+	securablePermissions: SecurablePermissions[] | undefined;
+	extendedProperties: ExtendedProperty[] | undefined;
+	isFixedRole: boolean;
+}
+
+#endif