changed from credential object to separate properties

dsccommunity · May 20, 2019 · b46a62d · b46a62d
1 parent c45ae90
commit b46a62d
Show file tree

Hide file tree

Showing 9 changed files with 249 additions and 527 deletions.
diff --git a/DSCResources/Helper.psm1 b/DSCResources/Helper.psm1
@@ -299,109 +299,6 @@ function Get-LocalizedData
     return $localizedData
 }
 
-#region Credential functions
-
-<#
-    .SYNOPSIS
-        Helper function used to update credential for physical path access.
-
-    .PARAMETER Site
-        Specifies the name of the website.
-
-    .PARAMETER Credential
-        Specifies the Credential which should be used.
-#>
-function Update-AccessCredential
-{
-    [CmdletBinding()]
-    param
-    (
-        [Parameter(Mandatory = $true)]
-        [String]
-        $Site,
-
-        [Parameter(Mandatory = $true)]
-        [ValidateNotNullOrEmpty()]
-        [System.Management.Automation.PSCredential]
-        $Credential
-    )
-
-    $siteObj = Get-Website -Name $Site
-
-    $userValue = switch($Credential.UserName)
-    {
-        $null   {''}
-        default {$Credential.UserName}
-    }
-
-    $passwordValue = switch($Credential.Password)
-    {
-        $null   {''}
-        default {$Credential.GetNetworkCredential().Password}
-    }
-
-    if ($userValue -ne $siteObj.userName)
-    {
-        Set-ItemProperty -Path "IIS:\Sites\$Site" `
-                         -Name userName `
-                         -Value $userValue `
-                         -ErrorAction Stop
-    }
-
-    if ($passwordValue -ne $siteObj.password)
-    {
-        Set-ItemProperty -Path "IIS:\Sites\$Site" `
-                         -Name password `
-                         -Value $passwordValue `
-                         -ErrorAction Stop
-    }
-}
-
-<#
-    .SYNOPSIS
-        Helper function used to validate credential for physical path access.
-
-    .PARAMETER Site
-        Specifies the name of the website.
-
-    .PARAMETER Credential
-        Specifies the Credential to check against.
-#>
-function Test-AccessCredential
-{
-    [CmdletBinding()]
-    [OutputType([Boolean])]
-    param
-    (
-        [Parameter(Mandatory = $true)]
-        [String]
-        $Site,
-
-        [Parameter(Mandatory = $true)]
-        [ValidateNotNullOrEmpty()]
-        [System.Management.Automation.PSCredential]
-        $Credential
-    )
-
-    $siteObj = Get-Website -Name $Site
-
-    if (($null -ne $Credential.UserName -and $siteObj.userName -ne $Credential.UserName) -or `
-        ($null -eq $Credential.UserName -and $siteObj.userName -ne ''))
-    {
-        return $false
-    }
-
-    if (($null -ne $Credential.Password -and $siteObj.password -ne $Credential.GetNetworkCredential().Password) -or `
-        ($null -eq $Credential.Password -and $siteObj.password -ne ''))
-    {
-        return $false
-    }
-
-    return $true
-}
-
-#endregion
-
 #region Authentication Functions
 
 <#

diff --git a/DSCResources/MSFT_FTP/MSFT_FTP.psm1 b/DSCResources/MSFT_FTP/MSFT_FTP.psm1
@@ -47,12 +47,6 @@ function Get-TargetResource
         $logFlags = [array]$ftpSite.ftpServer.logFile.LogExtFileFlags.Split(',')
         $showFlags = [array]$ftpSite.ftpServer.directoryBrowse.showFlags.Split(',')
 
-        if ($ftpSite.password -ne '')
-        {
-            $physicalPathCredential = New-Object System.Management.Automation.PSCredential ($ftpSite.userName, `
-                                        (ConvertTo-SecureString -String $ftpSite.password -AsPlainText -Force))
-        }
-
         Write-Verbose -Message ($LocalizedData.VerboseGetTargetPresent)
         $ensureResult = 'Present'
     }
@@ -66,33 +60,34 @@ function Get-TargetResource
 
     # Add all ftpSite properties to the hash table
     return @{
-        Ensure                    = $ensureResult
-        Name                      = $Name
-        PhysicalPath              = $ftpSite.PhysicalPath
-        PhysicalPathCredential    = $physicalPathCredential
-        State                     = $ftpSite.State
-        ApplicationPool           = $ftpSite.ApplicationPool
-        AuthenticationInfo        = $authenticationInfo
-        AuthorizationInfo         = $authorizationInfo
-        SslInfo                   = $sslInfo
-        BindingInfo               = $bindings
-        FirewallIPAddress         = $ftpServer.firewallSupport.externalIp4Address
-        StartingDataChannelPort   = $defaultFirewallSupport.lowDataChannelPort
-        EndingDataChannelPort     = $defaultFirewallSupport.highDataChannelPort
-        GreetingMessage           = $ftpSite.ftpServer.messages.greetingMessage
-        ExitMessage               = $ftpSite.ftpServer.messages.exitMessage
-        BannerMessage             = $ftpSite.ftpServer.messages.bannerMessage
-        MaxClientsMessage         = $ftpSite.ftpServer.messages.maxClientsMessage
-        SuppressDefaultBanner     = $ftpSite.ftpServer.messages.suppressDefaultBanner
-        AllowLocalDetailedErrors  = $ftpSite.ftpServer.messages.allowLocalDetailedErrors
-        ExpandVariablesInMessages = $ftpSite.ftpServer.messages.expandVariables
-        LogPath                   = $ftpSite.ftpServer.logFile.directory
-        LogFlags                  = $logFlags
-        LogPeriod                 = $ftpSite.ftpServer.logFile.period
-        LogtruncateSize           = $ftpSite.ftpServer.logFile.truncateSize
-        LoglocalTimeRollover      = $ftpSite.ftpServer.logFile.localTimeRollover
-        DirectoryBrowseFlags      = $showFlags
-        UserIsolation             = $ftpSite.ftpServer.userIsolation.mode
+        Ensure                     = $ensureResult
+        Name                       = $Name
+        PhysicalPath               = $ftpSite.PhysicalPath
+        PhysicalPathAccessUsername = $ftpSite.userName
+        PhysicalPathAccessPassword = $ftpSite.password
+        State                      = $ftpSite.State
+        ApplicationPool            = $ftpSite.ApplicationPool
+        AuthenticationInfo         = $authenticationInfo
+        AuthorizationInfo          = $authorizationInfo
+        SslInfo                    = $sslInfo
+        BindingInfo                = $bindings
+        FirewallIPAddress          = $ftpServer.firewallSupport.externalIp4Address
+        StartingDataChannelPort    = $defaultFirewallSupport.lowDataChannelPort
+        EndingDataChannelPort      = $defaultFirewallSupport.highDataChannelPort
+        GreetingMessage            = $ftpSite.ftpServer.messages.greetingMessage
+        ExitMessage                = $ftpSite.ftpServer.messages.exitMessage
+        BannerMessage              = $ftpSite.ftpServer.messages.bannerMessage
+        MaxClientsMessage          = $ftpSite.ftpServer.messages.maxClientsMessage
+        SuppressDefaultBanner      = $ftpSite.ftpServer.messages.suppressDefaultBanner
+        AllowLocalDetailedErrors   = $ftpSite.ftpServer.messages.allowLocalDetailedErrors
+        ExpandVariablesInMessages  = $ftpSite.ftpServer.messages.expandVariables
+        LogPath                    = $ftpSite.ftpServer.logFile.directory
+        LogFlags                   = $logFlags
+        LogPeriod                  = $ftpSite.ftpServer.logFile.period
+        LogtruncateSize            = $ftpSite.ftpServer.logFile.truncateSize
+        LoglocalTimeRollover       = $ftpSite.ftpServer.logFile.localTimeRollover
+        DirectoryBrowseFlags       = $showFlags
+        UserIsolation              = $ftpSite.ftpServer.userIsolation.mode
     }
 }
 
@@ -110,8 +105,11 @@ function Get-TargetResource
     .PARAMETER PhysicalPath
         Specifies physical folder location for FTP site.
 
-    .PARAMETER PhysicalPathCredential
-        Specifies credential object for physical path access.
+    .PARAMETER PhysicalPathAccessUsername
+        Specifies username for access to physical path if required.
+
+    .PARAMETER PhysicalPathAccessPassword
+        Specifies password for access to physical path if required.
 
     .PARAMETER State
         Specifies state of the FTP site whether it should be Started or Stopped.
@@ -212,10 +210,10 @@ function Set-TargetResource
         $PhysicalPath,
 
         [Parameter()]
-        [System.Management.Automation.CredentialAttribute()]
-        [ValidateNotNullOrEmpty()]
-        [System.Management.Automation.PSCredential]
-        $PhysicalPathCredential,
+        $PhysicalPathAccessUsername,
+
+        [Parameter()]
+        $PhysicalPathAccessPassword,
 
         [Parameter()]
         [ValidateSet('Started', 'Stopped')]
@@ -407,12 +405,27 @@ function Set-TargetResource
                                     -f $Name)
         }
 
-        # Update physical path access credential if required
-        if ($PSBoundParameters.ContainsKey('PhysicalPathCredential') -and `
-            (-not (Test-AccessCredential -Site $Name -Credential $PhysicalPathCredential)))
+        # Update physical path access username if required
+        if ($PSBoundParameters.ContainsKey('PhysicalPathAccessUsername') -and `
+            $ftpSite.userName -ne $PhysicalPathAccessUsername)
         {
-            Update-AccessCredential -Site $Name -Credential $PhysicalPathCredential
-            Write-Verbose -Message ($LocalizedData.VerboseSetTargetUpdatePhysicalPathCredential `
+            Set-ItemProperty -Path "IIS:\Sites\$Name" `
+                             -Name userName `
+                             -Value $PhysicalPathAccessUsername `
+                             -ErrorAction Stop
+            Write-Verbose -Message ($LocalizedData.VerboseSetTargetUpdatePhysicalPathAccessUsername `
+                             -f $Name)
+        }
+
+        # Update physical path access password if required
+        if ($PSBoundParameters.ContainsKey('PhysicalPathAccessPassword') -and `
+            $ftpSite.password -ne $PhysicalPathAccessPassword)
+        {
+            Set-ItemProperty -Path "IIS:\Sites\$Name" `
+                             -Name password `
+                             -Value $PhysicalPathAccessPassword `
+                             -ErrorAction Stop
+            Write-Verbose -Message ($LocalizedData.VerboseSetTargetUpdatePhysicalPathAccessPassword `
                              -f $Name)
         }
 
@@ -770,8 +783,11 @@ function Set-TargetResource
     .PARAMETER PhysicalPath
         Specifies physical folder location for FTP site.
 
-    .PARAMETER PhysicalPathCredential
-        Specifies credential object for physical path access.
+    .PARAMETER PhysicalPathAccessUsername
+        Specifies username for access to physical path if required.
+
+    .PARAMETER PhysicalPathAccessPassword
+        Specifies password for access to physical path if required.
 
     .PARAMETER State
         Specifies state of the FTP site whether it should be Started or Stopped.
@@ -873,10 +889,10 @@ function Test-TargetResource
         $PhysicalPath,
 
         [Parameter()]
-        [System.Management.Automation.CredentialAttribute()]
-        [ValidateNotNullOrEmpty()]
-        [System.Management.Automation.PSCredential]
-        $PhysicalPathCredential,
+        $PhysicalPathAccessUsername,
+
+        [Parameter()]
+        $PhysicalPathAccessPassword,
 
         [Parameter()]
         [ValidateSet('Started', 'Stopped')]
@@ -1016,12 +1032,20 @@ function Test-TargetResource
             Write-Verbose -Message ($LocalizedData.VerboseTestTargetFalsePhysicalPath -f $Name)
         }
 
-        # Update physical path access credential if required
-        if ($PSBoundParameters.ContainsKey('PhysicalPathCredential') -and `
-            (-not (Test-AccessCredential -Site $Name -Credential $PhysicalPathCredential)))
+        # Check physical path access username if required
+        if ($PSBoundParameters.ContainsKey('PhysicalPathAccessUsername') -and `
+            $ftpSite.userName -ne $PhysicalPathAccessUsername)
+        {
+            $InDesiredState = $false
+            Write-Verbose -Message ($LocalizedData.VerboseTestTargetFalsePhysicalPathAccessUsername -f $Name)
+        }
+
+        # Check physical path access password if required
+        if ($PSBoundParameters.ContainsKey('PhysicalPathAccessPassword') -and `
+            $ftpSite.password -ne $PhysicalPathAccessPassword)
         {
             $InDesiredState = $false
-            Write-Verbose -Message ($LocalizedData.VerboseTestTargetFalsePhysicalPathCredential -f $Name)
+            Write-Verbose -Message ($LocalizedData.VerboseTestTargetFalsePhysicalPathAccessPassword -f $Name)
         }
 
         # Check State

diff --git a/DSCResources/MSFT_FTP/MSFT_FTP.schema.mof b/DSCResources/MSFT_FTP/MSFT_FTP.schema.mof
@@ -3,10 +3,11 @@ class MSFT_FTP : OMI_BaseResource
 {
     [Write,ValueMap{"Present", "Absent"},Values{"Present", "Absent"}] String Ensure;
     [Key, Description("Specifies the name of the FTP site.")] String Name;
-    [Write] String PhysicalPath;
-    [Write,EmbeddedInstance("MSFT_Credential")] String PhysicalPathCredential;
+    [Write, Description("Specifies physical location of the FTP site.")] String PhysicalPath;
+    [Write, Description("Specifies the username for physical path access of the FTP site.")] String PhysicalPathAccessUsername;
+    [Write, Description("Specifies the password for physical path access of the FTP site.")] String PhysicalPathAccessPassword;
     [Write,ValueMap{"Started","Stopped"},Values{"Started", "Stopped"}] String State;
-    [Write] String ApplicationPool;
+    [Write, Description("Specifies the name of the application pool to be used.")] String ApplicationPool;
     [Write, EmbeddedInstance("MSFT_FTPAuthenticationInformation"), Description("Hashtable containing authentication information (Anonymous, Basic)")] String AuthenticationInfo;
     [Write, EmbeddedInstance("MSFT_FTPAuthorizationInformation"), Description("Hashtable containing authentication information (AccessType, Roles, Permissions, Users)")] String AuthorizationInfo[];
     [Write, EmbeddedInstance("MSFT_FTPBindingInformation"), Description("Website's binding information in the form of an array of embedded instances of the MSFT_FTPBindingInformation CIM class.")] String BindingInfo[];