Skip to content

Commit

Permalink
Merge pull request #7 from Azure/master
Browse files Browse the repository at this point in the history
.
  • Loading branch information
huangpf committed May 15, 2015
2 parents 370a7a6 + 40b71cc commit 6d04b76
Show file tree
Hide file tree
Showing 10 changed files with 729 additions and 170 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@
<None Include="SessionRecords\KeyVault.Management.Tests.VaultOperationsTest\KeyVaultManagementVaultCreateUpdateDelete.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
<None Include="SessionRecords\KeyVault.Management.Tests.VaultOperationsTest\KeyVaultManagementVaultTestCompoundIdentityAccessControlPolicy.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
</ItemGroup>
<ItemGroup>
<Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
using System.Linq;
using System;
using System.Linq;
using Microsoft.Azure.Graph.RBAC;
using Microsoft.Azure.Management.KeyVault;
using Microsoft.Azure.Management.Resources;
Expand All @@ -13,9 +14,11 @@ public class KeyVaultTestBase : TestBase
private const string ObjectIdKey = "ObjectId";
private const string LocationKey = "location";
private const string SubIdKey = "SubId";
private const string ApplicationIdKey = "ApplicationId";

public string tenantId { get; set; }
public string objectId { get; set; }
public string applicationId { get; set; }
public string location { get; set; }
public string subscriptionId { get; set; }

Expand All @@ -27,24 +30,25 @@ public KeyVaultTestBase()
var testEnv = testFactory.GetTestEnvironment();
this.client = GetServiceClient<KeyVaultManagementClient>(testFactory);
this.resourcesClient = GetServiceClient<ResourceManagementClient>(testFactory);


if (HttpMockServer.Mode == HttpRecorderMode.Record)
{
this.tenantId = testEnv.AuthorizationContext.TenatId;
this.subscriptionId = testEnv.SubscriptionId;

var graphClient = GetGraphServiceClient<GraphRbacManagementClient>(testFactory, tenantId);
this.objectId = graphClient.User.Get(testEnv.AuthorizationContext.UserId).User.ObjectId;
this.applicationId = Guid.NewGuid().ToString();
HttpMockServer.Variables[TenantIdKey] = tenantId;
HttpMockServer.Variables[ObjectIdKey] = objectId;
HttpMockServer.Variables[SubIdKey] = subscriptionId;
HttpMockServer.Variables[ApplicationIdKey] = applicationId;
}
else if (HttpMockServer.Mode == HttpRecorderMode.Playback)
{
tenantId = HttpMockServer.Variables[TenantIdKey];
objectId = HttpMockServer.Variables[ObjectIdKey];
subscriptionId = HttpMockServer.Variables[SubIdKey];
applicationId = HttpMockServer.Variables[ApplicationIdKey];
}

var providers = resourcesClient.Providers.Get("Microsoft.KeyVault");
Expand Down

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,97 @@ public void KeyVaultManagementVaultCreateUpdateDelete()
}
}

[Fact]
public void KeyVaultManagementVaultTestCompoundIdentityAccessControlPolicy()
{
using (var undoContext = UndoContext.Current)
{
undoContext.Start();

var testBase = new KeyVaultTestBase();
var client = testBase.client;

string rgName = TestUtilities.GenerateName("sdktestrg");
testBase.resourcesClient.ResourceGroups.CreateOrUpdate(rgName, new ResourceGroup { Location = testBase.location });

string vaultName = TestUtilities.GenerateName("sdktestvault");
var tenantIdGuid = Guid.Parse(testBase.tenantId);
var objectIdGuid = Guid.Parse(testBase.objectId);
var applicationIdGuid = Guid.Parse(testBase.applicationId);
var tags = new Dictionary<string, string> { { "tag1", "value1" }, { "tag2", "value2" }, { "tag3", "value3" } };
var accPol = new AccessPolicyEntry
{
TenantId = tenantIdGuid,
ObjectId = objectIdGuid,
ApplicationId = applicationIdGuid,
PermissionsToKeys = new string[] { "all" },
PermissionsToSecrets = null
};
var createResponse = client.Vaults.CreateOrUpdate(
resourceGroupName: rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = tags,
Properties = new VaultProperties
{
EnabledForDeployment = true,
Sku = new Sku { Family = "A", Name = "Standard" },
TenantId = tenantIdGuid,
VaultUri = "",
AccessPolicies = new[]
{
accPol
}
}
}
);

ValidateVaultGetResponse(createResponse,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
"Standard",
true,
new[] { accPol },
tags);

// Get
var getResponse = client.Vaults.Get(
resourceGroupName: rgName,
vaultName: vaultName);

ValidateVaultGetResponse(getResponse,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
"Standard",
true,
new[] { accPol },
tags);


// Delete
var deleteResponse = client.Vaults.Delete(
resourceGroupName: rgName,
vaultName: vaultName);

Assert.Throws<CloudException>(() =>
{
client.Vaults.Get(
resourceGroupName: rgName,
vaultName: vaultName);
});
}
}

private void ValidateVaultGetResponse(
VaultGetResponse response,
string expectedVaultName,
Expand Down Expand Up @@ -183,6 +274,8 @@ private bool CompareAccessPolicies(AccessPolicyEntry[] expected, AccessPolicyEnt
var match = expectedCopy.Where(e =>
e.TenantId == a.TenantId &&
e.ObjectId == a.ObjectId &&
((!e.ApplicationId.HasValue && !a.ApplicationId.HasValue) ||
(e.ApplicationId.Value == e.ApplicationId.Value)) &&
Enumerable.SequenceEqual(e.PermissionsToSecrets, a.PermissionsToSecrets) &&
Enumerable.SequenceEqual(a.PermissionsToKeys, a.PermissionsToKeys)
).FirstOrDefault();
Expand All @@ -196,6 +289,7 @@ private bool CompareAccessPolicies(AccessPolicyEntry[] expected, AccessPolicyEnt

return true;
}


[Fact]
public void KeyVaultManagementListVaults()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,15 @@ public Guid TenantId
set;
}

/// <summary>
/// Application ID of the client making request on behalf of a principal
/// </summary>
public Guid? ApplicationId
{
get;
set;
}

/// <summary>
/// Permissions to keys
/// </summary>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,11 @@ public async Task<VaultGetResponse> CreateOrUpdateAsync(string resourceGroupName

accessPolicyEntryValue["objectId"] = accessPoliciesItem.ObjectId.ToString();

if (accessPoliciesItem.ApplicationId != null)
{
accessPolicyEntryValue["applicationId"] = accessPoliciesItem.ApplicationId.Value.ToString();
}

if (accessPoliciesItem.PermissionsRawJsonString != null)
{
accessPolicyEntryValue["permissions"] = JObject.Parse(accessPoliciesItem.PermissionsRawJsonString);
Expand Down Expand Up @@ -348,6 +353,13 @@ public async Task<VaultGetResponse> CreateOrUpdateAsync(string resourceGroupName
accessPolicyEntryInstance.ObjectId = objectIdInstance;
}

JToken applicationIdValue = accessPoliciesValue["applicationId"];
if (applicationIdValue != null && applicationIdValue.Type != JTokenType.Null)
{
Guid applicationIdInstance = Guid.Parse(((string)applicationIdValue));
accessPolicyEntryInstance.ApplicationId = applicationIdInstance;
}

JToken permissionsValue = accessPoliciesValue["permissions"];
if (permissionsValue != null && permissionsValue.Type != JTokenType.Null)
{
Expand Down Expand Up @@ -772,6 +784,13 @@ public async Task<VaultGetResponse> GetAsync(string resourceGroupName, string va
accessPolicyEntryInstance.ObjectId = objectIdInstance;
}

JToken applicationIdValue = accessPoliciesValue["applicationId"];
if (applicationIdValue != null && applicationIdValue.Type != JTokenType.Null)
{
Guid applicationIdInstance = Guid.Parse(((string)applicationIdValue));
accessPolicyEntryInstance.ApplicationId = applicationIdInstance;
}

JToken permissionsValue = accessPoliciesValue["permissions"];
if (permissionsValue != null && permissionsValue.Type != JTokenType.Null)
{
Expand Down Expand Up @@ -1059,6 +1078,13 @@ public async Task<VaultListResponse> ListAsync(string resourceGroupName, int top
accessPolicyEntryInstance.ObjectId = objectIdInstance;
}

JToken applicationIdValue = accessPoliciesValue["applicationId"];
if (applicationIdValue != null && applicationIdValue.Type != JTokenType.Null)
{
Guid applicationIdInstance = Guid.Parse(((string)applicationIdValue));
accessPolicyEntryInstance.ApplicationId = applicationIdInstance;
}

JToken permissionsValue = accessPoliciesValue["permissions"];
if (permissionsValue != null && permissionsValue.Type != JTokenType.Null)
{
Expand Down Expand Up @@ -1320,6 +1346,13 @@ public async Task<VaultListResponse> ListNextAsync(string nextLink, Cancellation
accessPolicyEntryInstance.ObjectId = objectIdInstance;
}

JToken applicationIdValue = accessPoliciesValue["applicationId"];
if (applicationIdValue != null && applicationIdValue.Type != JTokenType.Null)
{
Guid applicationIdInstance = Guid.Parse(((string)applicationIdValue));
accessPolicyEntryInstance.ApplicationId = applicationIdInstance;
}

JToken permissionsValue = accessPoliciesValue["permissions"];
if (permissionsValue != null && permissionsValue.Type != JTokenType.Null)
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
Microsoft.Azure.Management.KeyVault
-->
<SdkNuGetPackage Include="Microsoft.Azure.Management.KeyVault">
<PackageVersion>0.9.0-preview</PackageVersion>
<PackageVersion>0.9.1-preview</PackageVersion>
<Folder>$(MSBuildThisFileDirectory)</Folder>
</SdkNuGetPackage>
</ItemGroup>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
//
//
// Copyright (c) Microsoft. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
Expand All @@ -21,7 +21,7 @@
[assembly: AssemblyDescription("Provides Microsoft Azure Key Vault management functions for managing key vaults.")]

[assembly: AssemblyVersion("0.9.0.0")]
[assembly: AssemblyFileVersion("0.9.0.0")]
[assembly: AssemblyFileVersion("0.9.1.0")]

[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("Microsoft")]
Expand Down

0 comments on commit 6d04b76

Please sign in to comment.