Merge pull request #159 from Outek/dev

xPowershellExecutionPolicy merge in ComputerManagementDSC

Author: PlagueHO

CHANGELOG.md

@@ -2,6 +2,14 @@
 
 ## Unreleased
 
+- PowershellExecutionPolicy:
+  - Updated to meet HQRM guidelines.
+  - Migrated the xPowershellExecutionPolicy from [xPowershellExecutionPolicy](https://github.com/PowerShell/xPowerShellExecutionPolicy)
+    and renamed to PowershellExecutionPolicy.
+  - Moved strings to localization file.
+- Changed the scope from Global to Script in MSFT_ScheduledTask.Integration.Tests.ps1
+- Changed the scope from Global to Script ComputerManagementDsc.Common.Tests.ps1
+
 ## 5.1.0.0
 
 - TimeZone:

Modules/ComputerManagementDsc/DSCResources/MSFT_PowerShellExecutionPolicy/MSFT_PowerShellExecutionPolicy.psm1

@@ -0,0 +1,146 @@
+$modulePath = Join-Path -Path (Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent) -ChildPath 'Modules'
+
+# Import the ComputerManagementDsc Common Modules
+Import-Module -Name (Join-Path -Path $modulePath `
+        -ChildPath (Join-Path -Path 'ComputerManagementDsc.Common' `
+            -ChildPath 'ComputerManagementDsc.Common.psm1'))
+
+# Import the ComputerManagementDsc Resource Helper Module
+Import-Module -Name (Join-Path -Path $modulePath `
+        -ChildPath (Join-Path -Path 'ComputerManagementDsc.ResourceHelper' `
+            -ChildPath 'ComputerManagementDsc.ResourceHelper.psm1'))
+
+# Import Localization Strings
+$script:localizedData = Get-LocalizedData `
+    -ResourceName 'MSFT_PowershellExecutionPolicy' `
+    -ResourcePath (Split-Path -Parent $Script:MyInvocation.MyCommand.Path)
+
+<#
+    .SYNOPSIS
+        Gets the current resource state.
+
+    .PARAMETER ExecutionPolicy
+        Specifies the given Powershell Execution Policy
+
+    .PARAMETER ExecutionPolicyScope
+        Specifies the given Powershell Execution Policy Scope
+#>
+function Get-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Collections.Hashtable])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [ValidateSet("CurrentUser","LocalMachine","MachinePolicy","Process","UserPolicy")]
+        [System.String]
+        $ExecutionPolicyScope,
+
+        [Parameter(Mandatory = $true)]
+        [ValidateSet("Bypass","Restricted","AllSigned","RemoteSigned","Unrestricted")]
+        [System.String]
+        $ExecutionPolicy
+    )
+
+    Write-Verbose -Message ($localizedData.GettingPowerShellExecutionPolicy -f $ExecutionPolicyScope, $ExecutionPolicy)
+
+    # Gets the execution policies for the current session.
+    $returnValue = @{
+        ExecutionPolicyScope = $ExecutionPolicyScope
+        ExecutionPolicy = $(Get-ExecutionPolicy -Scope $ExecutionPolicyScope)
+    }
+
+    return $returnValue
+}
+
+<#
+    .SYNOPSIS
+        Sets the desired resource state.
+
+    .PARAMETER ExecutionPolicy
+        Specifies the given Powershell Execution Policy
+
+    .PARAMETER ExecutionPolicyScope
+        Specifies the given Powershell Execution Policy Scope
+#>
+
+function Set-TargetResource
+{
+    [CmdletBinding(SupportsShouldProcess=$true)]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [ValidateSet("CurrentUser","LocalMachine","MachinePolicy","Process","UserPolicy")]
+        [System.String]
+        $ExecutionPolicyScope,
+
+        [Parameter(Mandatory = $true)]
+        [ValidateSet("Bypass","Restricted","AllSigned","RemoteSigned","Unrestricted")]
+        [System.String]
+        $ExecutionPolicy
+    )
+
+    if ($PSCmdlet.ShouldProcess("$ExecutionPolicy","Set-ExecutionPolicy"))
+    {
+        Write-Verbose -Message ($localizedData.SettingPowerShellExecutionPolicy -f $ExecutionPolicyScope, $ExecutionPolicy)
+
+        try
+        {
+            Set-ExecutionPolicy -ExecutionPolicy $ExecutionPolicy -Scope $ExecutionPolicyScope -Force -ErrorAction Stop
+            Write-Verbose -Message ($localizedData.UpdatePowershellExecutionPolicySuccess -f $ExecutionPolicyScope, $ExecutionPolicy)
+        }
+        catch
+        {
+            if ($_.FullyQualifiedErrorId -eq 'ExecutionPolicyOverride,Microsoft.PowerShell.Commands.SetExecutionPolicyCommand')
+            {
+                Write-Verbose -Message ($localizedData.UpdatePowershellExecutionPolicySuccess -f $ExecutionPolicyScope, $ExecutionPolicy)
+            }
+            else
+            {
+                throw
+            }
+        }
+    }
+}
+
+<#
+    .SYNOPSIS
+        Tests if the current resource state matches the desired resource state.
+
+    .PARAMETER ExecutionPolicy
+        Specifies the given Powershell Execution Policy
+
+    .PARAMETER ExecutionPolicyScope
+        Specifies the given Powershell Execution Policy Scope
+#>
+
+function Test-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Boolean])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [ValidateSet("CurrentUser","LocalMachine","MachinePolicy","Process","UserPolicy")]
+        [System.String]
+        $ExecutionPolicyScope,
+
+        [Parameter(Mandatory = $true)]
+        [ValidateSet("Bypass","Restricted","AllSigned","RemoteSigned","Unrestricted")]
+        [System.String]
+        $ExecutionPolicy
+    )
+
+    Write-Verbose -Message ($localizedData.TestingPowerShellExecutionPolicy -f $ExecutionPolicyScope, $ExecutionPolicy)
+
+    if ((Get-ExecutionPolicy -Scope $ExecutionPolicyScope) -eq $ExecutionPolicy)
+    {
+        return $true
+    }
+    else
+    {
+        return $false
+    }
+}
+
+Export-ModuleMember -Function *-TargetResource

Modules/ComputerManagementDsc/DSCResources/MSFT_PowerShellExecutionPolicy/MSFT_PowerShellExecutionPolicy.schema.mof

@@ -0,0 +1,6 @@
+[ClassVersion("1.0.0.0"), FriendlyName("PowerShellExecutionPolicy")]
+class MSFT_PowerShellExecutionPolicy : OMI_BaseResource
+{
+    [Key, Description("Defines the scope for the preference of the Windows PowerShell execution policy."), ValueMap{"CurrentUser","LocalMachine","MachinePolicy","Process","UserPolicy"},Values{"CurrentUser","LocalMachine","MachinePolicy","Process","UserPolicy"}] String ExecutionPolicyScope;
+    [Required, Description("Changes the preference for the Windows PowerShell execution policy."), ValueMap{"Bypass","Restricted","AllSigned","RemoteSigned","Unrestricted"}, Values{"Bypass","Restricted","AllSigned","RemoteSigned","Unrestricted"}] String ExecutionPolicy;
+};

Modules/ComputerManagementDsc/DSCResources/MSFT_PowerShellExecutionPolicy/README.md

@@ -0,0 +1,4 @@
+# Description
+
+This resource allows configuration of the PowerShell execution
+policy for different execution scopes.

Modules/ComputerManagementDsc/DSCResources/MSFT_PowerShellExecutionPolicy/en-US/MSFT_PowerShellExecutionPolicy.strings.psd1

@@ -0,0 +1,9 @@
+# culture="en-US"
+ConvertFrom-StringData -StringData @'
+    GettingPowerShellExecutionPolicy                = The current execution policy for '{0}' is '{1}'.
+    SettingPowerShellExecutionPolicy                = Setting the execution policy for '{0}' to '{1}'.
+    PowerShellExecutionPolicyAlreadySetMessage      = Powershell execution policy already set to {0}.
+    UpdatePowershellExecutionPolicySuccess          = Updating PowerShell Execution policy for '{0}' to '{1}' successfully.
+    UpdatePowershellExecutionPolicyFailed           = Updating PowerShell Execution policy for '{0}' to '{1}' failed.
+    TestingPowerShellExecutionPolicy                = Testing the current execution policy for '{0}' is '{1}'.
+'@

Modules/ComputerManagementDsc/Examples/Resources/PowerShellExecutionPolicy/1-SetPowerShellExecutionPolicy.ps1

@@ -0,0 +1,18 @@
+<#
+.EXAMPLE
+    This example shows how to configure powershell's execution policy for the specified execution policy scope.
+#>
+
+Configuration Example
+{
+    Import-DscResource -ModuleName ComputerManagementDsc
+
+    Node localhost
+    {
+        PowerShellExecutionPolicy ExecutionPolicy
+        {
+            ExecutionPolicyScope = 'CurrentUser'
+            ExecutionPolicy      = 'RemoteSigned'
+        } # End of PowershellExecutionPolicy Resource
+    } # End of Node
+} # End of Configuration

Modules/ComputerManagementDsc/Examples/Resources/PowerShellExecutionPolicy/2-SetPowershellExecutionPolicyForMultipleScopes.ps1

@@ -0,0 +1,24 @@
+<#
+.EXAMPLE
+    This example shows how to configure multiple powershell's execution policy for a specified execution policy scope.
+#>
+
+Configuration Example
+{
+    Import-DscResource -ModuleName ComputerManagementDsc
+
+    Node localhost
+    {
+        PowerShellExecutionPolicy ExecutionPolicyCurrentUser
+        {
+            ExecutionPolicyScope = 'CurrentUser'
+            ExecutionPolicy      = 'RemoteSigned'
+        } # End of ExecutionPolicyCurrentUser Resource
+
+        PowerShellExecutionPolicy ExecutionPolicyLocalMachine
+        {
+            ExecutionPolicyScope = 'LocalMachine'
+            ExecutionPolicy      = 'RemoteSigned'
+        } # End of ExecutionPolicyLocalMachine Resource
+    } # End of Node
+} # End of Configuration

README.md

@@ -19,6 +19,7 @@ The **ComputerManagementDsc** module contains the following resources:
 - **TimeZone**: this resource is used for setting the time zone on a machine.
 - **VirtualMemory**: allows configuration of properties of the paging file on
   the local computer.
+- **PowerShellExecutionPolicy**: Specifies the desired PowerShell execution policy.
 
 This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
 For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)

Tests/Integration/ComputerManagementDsc.Common.Tests.ps1

@@ -54,7 +54,7 @@ try
                     }
 
                 Mock -CommandName 'TzUtil.exe' -MockWith {
-                    $global:LASTEXITCODE = 0
+                    $Script:LASTEXITCODE = 0
                     return 'OK'
                 }
 

Tests/Integration/MSFT_PowerShellExecutionPolicy.Integration.Tests.ps1

@@ -0,0 +1,69 @@
+$script:DSCModuleName = 'ComputerManagementDsc'
+$script:DSCResourceName = 'MSFT_PowerShellExecutionPolicy'
+
+#region HEADER
+# Integration Test Template Version: 1.1.1
+$script:moduleRoot = Join-Path -Path $(Split-Path -Parent (Split-Path -Parent (Split-Path -Parent $Script:MyInvocation.MyCommand.Path))) -ChildPath 'Modules\ComputerManagementDsc'
+if ( (-not (Test-Path -Path (Join-Path -Path $script:moduleRoot -ChildPath 'DSCResource.Tests'))) -or `
+    (-not (Test-Path -Path (Join-Path -Path $script:moduleRoot -ChildPath 'DSCResource.Tests\TestHelper.psm1'))) )
+{
+    & git @('clone', 'https://github.com/PowerShell/DscResource.Tests.git', (Join-Path -Path $script:moduleRoot -ChildPath '\DSCResource.Tests\'))
+}
+
+Import-Module -Name (Join-Path -Path $script:moduleRoot -ChildPath (Join-Path -Path 'DSCResource.Tests' -ChildPath 'TestHelper.psm1')) -Force
+$TestEnvironment = Initialize-TestEnvironment `
+    -DSCModuleName $script:DSCModuleName `
+    -DSCResourceName $script:DSCResourceName `
+    -TestType Integration
+
+#endregion
+
+try
+{
+    #region Integration Tests
+    $configFile = Join-Path -Path $PSScriptRoot -ChildPath "$($script:DSCResourceName).config.ps1"
+    . $configFile
+
+    Describe "$($script:DSCResourceName)_Integration" {
+        #region DEFAULT TESTS
+        It 'Should compile and apply the MOF without throwing' {
+            {
+                & "$($script:DSCResourceName)_Config" -OutputPath $TestDrive
+
+                $startDscConfigurationParameters = @{
+                    Path         = $TestDrive
+                    ComputerName = 'localhost'
+                    Wait         = $true
+                    Verbose      = $true
+                    Force        = $true
+                    ErrorAction  = 'Stop'
+                }
+
+                Start-DscConfiguration @startDscConfigurationParameters
+            } | Should -Not -Throw
+        }
+
+        It 'Should be able to call Get-DscConfiguration without throwing' {
+            {
+                Get-DscConfiguration -Verbose -ErrorAction Stop
+            } | Should -Not -Throw
+        }
+        #endregion
+
+        It 'Should have set the resource and all the parameters should match' {
+            $current = Get-DscConfiguration | Where-Object -FilterScript {
+                $_.ConfigurationName -eq "$($script:DSCResourceName)_Config"
+            }
+            $current.ExecutionPolicy      | Should Be 'RemoteSigned'
+            $current.ExecutionPolicyScope | Should Be 'LocalMachine'
+        }
+    }
+    #endregion
+
+}
+finally
+{
+    #region FOOTER
+    Restore-TestEnvironment -TestEnvironment $TestEnvironment
+    #endregion
+}