Rewrite to validate property to PSCredential

Author: Gijsreyn

powershell-adapter/Tests/win_powershellgroup.tests.ps1

@@ -211,26 +211,4 @@ resources:
         $LASTEXITCODE | Should -Be 0
         $out.results[0].result.inDesiredState | Should -Be $inDesiredState
     }
-
-    It 'Should be able to test against a service with credentials' -Skip:(!$IsWindows) {
-        $yaml = @"
-`$schema: https://aka.ms/dsc/schemas/v3/bundled/config/document.json
-resources:
-  - name: Test service 
-    type: Microsoft.Windows/WindowsPowerShell 
-    properties: 
-      resources:
-      - name: Test service
-        type: PSDesiredStateConfiguration/Service
-        properties:
-          Name: 'W32Time'
-          Credential:
-            Username: "User"
-            Password: "Password"
-"@
-        dsc -l trace config test -i $yaml
-        $out = dsc config test -i $yaml | ConvertFrom-Json
-        $LASTEXITCODE | Should -Be 0
-        $out.results[0].result.inDesiredState | Should -Be $false
-    }
 }

powershell-adapter/psDscAdapter/psDscAdapter.psm1

@@ -416,12 +416,19 @@ function Invoke-DscOperation {
 
                     $ValidProperties = $cachedDscResourceInfo.Properties.Name
 
+                    $ValidProperties | ConvertTo-Json | Write-DscTrace -Operation Trace
+
                     if ($DesiredState.properties) {
                         # set each property of $dscResourceInstance to the value of the property in the $desiredState INPUT object
                         $DesiredState.properties.psobject.properties | ForEach-Object -Process {
                             # handle input objects by converting them to a hash table
                             if ($_.Value -is [System.Management.Automation.PSCustomObject]) {
-                                if ($_.Name -like '*Credential*' -and $_.Value.Username -and $_.Value.Password) {
+                                $validateProperty = $cachedDscResourceInfo.Properties | Where-Object -Property Name -EQ $_.Value 
+                                if ($validateProperty.PropertyType -eq 'PSCredential') {
+                                    if (-not $_.Value.Username -and -not $_.Value.Password) {
+                                        "Credential property '$($_.Name)' requires both username and password input object" | Write-DscTrace -Operation Error
+                                        exit 1
+                                    }
                                     $dscResourceInstance.$($_.Name) = [System.Management.Automation.PSCredential]::new($_.Value.Username, (ConvertTo-SecureString -AsPlainText $_.Value.Password -Force))
                                 }
                                 else {

powershell-adapter/psDscAdapter/win_psDscAdapter.psm1

@@ -364,11 +364,16 @@ function Invoke-DscOperation {
                 # morph the INPUT object into a hashtable named "property" for the cmdlet Invoke-DscResource
                 $DesiredState.properties.psobject.properties | ForEach-Object -Begin { $property = @{} } -Process { 
                     if ($_.Value -is [System.Management.Automation.PSCustomObject]) {
-                        if ($_.Name -like '*Credential*' -and $_.Value.Username -and $_.Value.Password) {
-                            $property[$_.Name] = [System.Management.Automation.PSCredential]::new($_.Value.Username, (ConvertTo-SecureString -AsPlainText $_.Value.Password -Force))
+                        $validateProperty = $cachedDscResourceInfo.Properties | Where-Object -Property Name -EQ $_.Value 
+                        if ($validateProperty.PropertyType -eq 'PSCredential') {
+                            if (-not $_.Value.Username -and -not $_.Value.Password) {
+                                "Credential property '$($_.Name)' requires both username and password input object" | Write-DscTrace -Operation Error
+                                exit 1
+                            }
+                            $dscResourceInstance.$($_.Name) = [System.Management.Automation.PSCredential]::new($_.Value.Username, (ConvertTo-SecureString -AsPlainText $_.Value.Password -Force))
                         }
                         else {
-                            $property[$_.Name] = $_.Value.psobject.properties | ForEach-Object -Begin { $propertyHash = @{} } -Process { $propertyHash[$_.Name] = $_.Value } -End { $propertyHash }    
+                            $dscResourceInstance.$($_.Name) = $_.Value.psobject.properties | ForEach-Object -Begin { $propertyHash = @{} } -Process { $propertyHash[$_.Name] = $_.Value } -End { $propertyHash }
                         }
                     }
                     else {
@@ -409,7 +414,12 @@ function Invoke-DscOperation {
                         $DesiredState.properties.psobject.properties | ForEach-Object -Process {
                             # handle input objects by converting them to a hash table
                             if ($_.Value -is [System.Management.Automation.PSCustomObject]) {
-                                if ($_.Name -like '*Credential*' -and $_.Value.Username -and $_.Value.Password) {
+                                $validateProperty = $cachedDscResourceInfo.Properties | Where-Object -Property Name -EQ $_.Value 
+                                if ($validateProperty.PropertyType -eq 'PSCredential') {
+                                    if (-not $_.Value.Username -and -not $_.Value.Password) {
+                                        "Credential property '$($_.Name)' requires both username and password input object" | Write-DscTrace -Operation Error
+                                        exit 1
+                                    }
                                     $dscResourceInstance.$($_.Name) = [System.Management.Automation.PSCredential]::new($_.Value.Username, (ConvertTo-SecureString -AsPlainText $_.Value.Password -Force))
                                 }
                                 else {
@@ -462,11 +472,16 @@ function Invoke-DscOperation {
                 # morph the INPUT object into a hashtable named "property" for the cmdlet Invoke-DscResource
                 $DesiredState.properties.psobject.properties | ForEach-Object -Begin { $property = @{} } -Process {
                     if ($_.Value -is [System.Management.Automation.PSCustomObject]) {
-                        if ($_.Name -Like '*Credential*' -and $_.Value.Username -and $_.Value.Password) {
-                            $property[$_.Name] = [System.Management.Automation.PSCredential]::new($_.Value.Username, (ConvertTo-SecureString -AsPlainText $_.Value.Password -Force))
+                        $validateProperty = $cachedDscResourceInfo.Properties | Where-Object -Property Name -EQ $_.Value 
+                        if ($validateProperty.PropertyType -eq 'PSCredential') {
+                            if (-not $_.Value.Username -and -not $_.Value.Password) {
+                                "Credential property '$($_.Name)' requires both username and password input object" | Write-DscTrace -Operation Error
+                                exit 1
+                            }
+                            $dscResourceInstance.$($_.Name) = [System.Management.Automation.PSCredential]::new($_.Value.Username, (ConvertTo-SecureString -AsPlainText $_.Value.Password -Force))
                         }
                         else {
-                            $property[$_.Name] = $_.Value.psobject.properties | ForEach-Object -Begin { $propertyHash = @{} } -Process { $propertyHash[$_.Name] = $_.Value } -End { $propertyHash }
+                            $dscResourceInstance.$($_.Name) = $_.Value.psobject.properties | ForEach-Object -Begin { $propertyHash = @{} } -Process { $propertyHash[$_.Name] = $_.Value } -End { $propertyHash }
                         }
                     }
                     else {