|
13 | 13 | from dateutil.tz import tzutc # pylint: disable=import-error |
14 | 14 | import uuid |
15 | 15 | from knack.log import get_logger |
| 16 | +from knack.prompting import ( |
| 17 | + prompt |
| 18 | +) |
16 | 19 | from azure.cli.core.commands.client_factory import get_subscription_id |
17 | 20 | from azure.cli.core.local_context import ALL |
18 | 21 | from azure.cli.core.util import CLIError, sdk_no_wait, user_confirmation |
@@ -121,7 +124,8 @@ def flexible_server_create(cmd, client, |
121 | 124 | high_availability = postgresql_flexibleservers.models.HighAvailability(mode=high_availability, |
122 | 125 | standby_availability_zone=standby_availability_zone) |
123 | 126 |
|
124 | | - administrator_login_password = generate_password(administrator_login_password) |
| 127 | + password_auth_enabled = password_auth.lower() == 'enabled' |
| 128 | + administrator_login_password = generate_password(administrator_login_password) if password_auth_enabled else None |
125 | 129 |
|
126 | 130 | identity, data_encryption = build_identity_and_data_encryption(db_engine='postgres', |
127 | 131 | byok_identity=byok_identity, |
@@ -383,14 +387,18 @@ def flexible_server_update_custom_func(cmd, client, instance, |
383 | 387 | byok_key=byok_key) |
384 | 388 |
|
385 | 389 | auth_config = instance.auth_config |
| 390 | + administrator_login = instance.administrator_login if instance.administrator_login else None |
386 | 391 | if active_directory_auth: |
387 | 392 | auth_config.active_directory_auth = active_directory_auth |
388 | 393 | if password_auth: |
| 394 | + administrator_login, administrator_login_password = _update_login(server_name, resource_group_name, auth_config, |
| 395 | + password_auth, administrator_login, administrator_login_password) |
389 | 396 | auth_config.password_auth = password_auth |
390 | 397 |
|
391 | 398 | params = ServerForUpdate(sku=instance.sku, |
392 | 399 | storage=instance.storage, |
393 | 400 | backup=instance.backup, |
| 401 | + administrator_login=administrator_login, |
394 | 402 | administrator_login_password=administrator_login_password, |
395 | 403 | maintenance_window=instance.maintenance_window, |
396 | 404 | network=instance.network, |
@@ -1536,6 +1544,20 @@ def _create_migration(cmd, logging_name, client, subscription_id, resource_group |
1536 | 1544 | return client.create(subscription_id, resource_group_name, target_db_server_name, migration_name, migration_parameters) |
1537 | 1545 |
|
1538 | 1546 |
|
| 1547 | +def _update_login(server_name, resource_group_name, auth_config, password_auth, administrator_login, administrator_login_password): |
| 1548 | + if auth_config.password_auth.lower() == 'disabled' and password_auth.lower() == 'enabled': |
| 1549 | + administrator_login = administrator_login if administrator_login else prompt('Please enter administrator username for the server. Once set, it cannot be changed: ') |
| 1550 | + if not administrator_login: |
| 1551 | + raise CLIError('Administrator username is required for enabling password authentication.') |
| 1552 | + if not administrator_login_password: |
| 1553 | + administrator_login_password = generate_password(administrator_login_password) |
| 1554 | + logger.warning('Make a note of password "%s". You can ' |
| 1555 | + 'reset your password with "az postgres flexible-server update -n %s -g %s -p <new-password>".', |
| 1556 | + administrator_login_password, server_name, resource_group_name) |
| 1557 | + |
| 1558 | + return administrator_login, administrator_login_password |
| 1559 | + |
| 1560 | + |
1539 | 1561 | # pylint: disable=too-many-instance-attributes, too-few-public-methods, useless-object-inheritance |
1540 | 1562 | class DbContext(object): |
1541 | 1563 | def __init__(self, cmd=None, azure_sdk=None, logging_name=None, cf_firewall=None, cf_db=None, |
|
0 commit comments