diff --git a/azure-keyvault/tests/test_storage.py b/azure-keyvault/tests/test_storage.py index d5908cbb670b..00c8a5fc3bd9 100644 --- a/azure-keyvault/tests/test_storage.py +++ b/azure-keyvault/tests/test_storage.py @@ -13,25 +13,25 @@ class KeyVaultSecretTest(KeyvaultTestCase): @StorageAccountPreparer(name_prefix='kvsa1') @KeyVaultPreparer() def test_e2e(self, vault, storage_account, resource_group, **kwargs): - # find the role definition for "Storage Account Key Operator Service Role" - filter_str = 'roleName eq \'Storage Account Key Operator Service Role\'' - authorization_mgmt_client = self.create_mgmt_client(AuthorizationManagementClient) - role_id = list(authorization_mgmt_client.role_definitions.list(scope='/', filter=filter_str))[0].id - - # create a role assignment granting the key vault service principal this role - role_params = RoleAssignmentCreateParameters(role_definition_id=role_id, - # the Azure Key Vault service id - principal_id='93c27d83-f79b-4cb2-8dd4-4aa716542e74') if not self.is_live: sa_id = '{}/providers/Microsoft.Storage/storageAccounts/{}'.format(resource_group.id, storage_account.name) else: sa_id = storage_account.id - authorization_mgmt_client.role_assignments.create(scope=sa_id, - role_assignment_name='d7607bd3-a467-4a14-ab5f-f4b016ffbfff', - parameters=role_params) + # find the role definition for "Storage Account Key Operator Service Role" + filter_str = 'roleName eq \'Storage Account Key Operator Service Role\'' + authorization_mgmt_client = self.create_mgmt_client(AuthorizationManagementClient) + role_id = list(authorization_mgmt_client.role_definitions.list(scope='/', filter=filter_str))[0].id + + # create a role assignment granting the key vault service principal this role + role_params = RoleAssignmentCreateParameters(role_definition_id=role_id, + # the Azure Key Vault service id + principal_id='93c27d83-f79b-4cb2-8dd4-4aa716542e74') + authorization_mgmt_client.role_assignments.create(scope=sa_id, + role_assignment_name='d7607bd3-a467-4a14-ab5f-f4b016ffbfff', + parameters=role_params) # add the storage account to the vault using the users KeyVaultClient attributes = StorageAccountAttributes(enabled=True) diff --git a/azure-mgmt-authorization/HISTORY.rst b/azure-mgmt-authorization/HISTORY.rst index 6e3dff4dfa52..d2bc8fb94998 100644 --- a/azure-mgmt-authorization/HISTORY.rst +++ b/azure-mgmt-authorization/HISTORY.rst @@ -3,6 +3,20 @@ Release History =============== +0.51.0 (2018-11-12) ++++++++++++++++++++ + +**Features** + +- Model RoleAssignmentCreateParameters has a new parameter principal_type + +**Breaking changes** + +- Parameter role_definition_id of model RoleAssignmentCreateParameters is now required +- Parameter principal_id of model RoleAssignmentCreateParameters is now required + +Role Assignments API version is now 2018-09-01-preview + 0.50.0 (2018-05-29) +++++++++++++++++++ diff --git a/azure-mgmt-authorization/MANIFEST.in b/azure-mgmt-authorization/MANIFEST.in index bb37a2723dae..6ceb27f7a96e 100644 --- a/azure-mgmt-authorization/MANIFEST.in +++ b/azure-mgmt-authorization/MANIFEST.in @@ -1 +1,4 @@ include *.rst +include azure/__init__.py +include azure/mgmt/__init__.py + diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/authorization_management_client.py b/azure-mgmt-authorization/azure/mgmt/authorization/authorization_management_client.py index edbb71132e28..4f7e2833d3ab 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/authorization_management_client.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/authorization_management_client.py @@ -83,6 +83,8 @@ class AuthorizationManagementClient(MultiApiClientMixin, SDKClient): LATEST_PROFILE = ProfileDefinition({ _PROFILE_TAG: { 'classic_administrators': '2015-06-01', + 'deny_assignments': '2018-07-01-preview', + 'role_assignments': '2018-09-01-preview', None: DEFAULT_API_VERSION }}, _PROFILE_TAG + " latest" @@ -110,6 +112,8 @@ def models(cls, api_version=DEFAULT_API_VERSION): * 2015-06-01: :mod:`v2015_06_01.models` * 2015-07-01: :mod:`v2015_07_01.models` * 2018-01-01-preview: :mod:`v2018_01_01_preview.models` + * 2018-07-01-preview: :mod:`v2018_07_01_preview.models` + * 2018-09-01-preview: :mod:`v2018_09_01_preview.models` """ if api_version == '2015-06-01': from .v2015_06_01 import models @@ -120,8 +124,14 @@ def models(cls, api_version=DEFAULT_API_VERSION): elif api_version == '2018-01-01-preview': from .v2018_01_01_preview import models return models + elif api_version == '2018-07-01-preview': + from .v2018_07_01_preview import models + return models + elif api_version == '2018-09-01-preview': + from .v2018_09_01_preview import models + return models raise NotImplementedError("APIVersion {} is not available".format(api_version)) - + @property def classic_administrators(self): """Instance depends on the API version: @@ -135,6 +145,19 @@ def classic_administrators(self): raise NotImplementedError("APIVersion {} is not available".format(api_version)) return OperationClass(self._client, self.config, Serializer(self._models_dict(api_version)), Deserializer(self._models_dict(api_version))) + @property + def deny_assignments(self): + """Instance depends on the API version: + + * 2018-07-01-preview: :class:`DenyAssignmentsOperations` + """ + api_version = self._get_api_version('deny_assignments') + if api_version == '2018-07-01-preview': + from .v2018_07_01_preview.operations import DenyAssignmentsOperations as OperationClass + else: + raise NotImplementedError("APIVersion {} is not available".format(api_version)) + return OperationClass(self._client, self.config, Serializer(self._models_dict(api_version)), Deserializer(self._models_dict(api_version))) + @property def permissions(self): """Instance depends on the API version: @@ -173,12 +196,15 @@ def role_assignments(self): * 2015-07-01: :class:`RoleAssignmentsOperations` * 2018-01-01-preview: :class:`RoleAssignmentsOperations` + * 2018-09-01-preview: :class:`RoleAssignmentsOperations` """ api_version = self._get_api_version('role_assignments') if api_version == '2015-07-01': from .v2015_07_01.operations import RoleAssignmentsOperations as OperationClass elif api_version == '2018-01-01-preview': from .v2018_01_01_preview.operations import RoleAssignmentsOperations as OperationClass + elif api_version == '2018-09-01-preview': + from .v2018_09_01_preview.operations import RoleAssignmentsOperations as OperationClass else: raise NotImplementedError("APIVersion {} is not available".format(api_version)) return OperationClass(self._client, self.config, Serializer(self._models_dict(api_version)), Deserializer(self._models_dict(api_version))) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/models.py b/azure-mgmt-authorization/azure/mgmt/authorization/models.py index 1f0a6e04de3f..a90e2986a809 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/models.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/models.py @@ -5,4 +5,6 @@ # license information. # -------------------------------------------------------------------------- from .v2015_07_01.models import * -from .v2018_01_01_preview.models import * \ No newline at end of file +from .v2018_01_01_preview.models import * +from .v2018_07_01_preview.models import * +from .v2018_09_01_preview.models import * \ No newline at end of file diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_06_01/operations/classic_administrators_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_06_01/operations/classic_administrators_operations.py index 6268edac035c..10f2a9569c3b 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_06_01/operations/classic_administrators_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_06_01/operations/classic_administrators_operations.py @@ -72,7 +72,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -81,9 +81,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters.py index 38e1fa3dec04..07b42c6b97c2 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters.py @@ -15,11 +15,17 @@ class RoleAssignmentCreateParameters(Model): """Role assignment create parameters. - :param properties: Role assignment properties. + All required parameters must be populated in order to send to Azure. + + :param properties: Required. Role assignment properties. :type properties: ~azure.mgmt.authorization.v2015_07_01.models.RoleAssignmentProperties """ + _validation = { + 'properties': {'required': True}, + } + _attribute_map = { 'properties': {'key': 'properties', 'type': 'RoleAssignmentProperties'}, } diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters_py3.py index 7c284acd5581..827b88f9bf88 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters_py3.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_create_parameters_py3.py @@ -15,15 +15,21 @@ class RoleAssignmentCreateParameters(Model): """Role assignment create parameters. - :param properties: Role assignment properties. + All required parameters must be populated in order to send to Azure. + + :param properties: Required. Role assignment properties. :type properties: ~azure.mgmt.authorization.v2015_07_01.models.RoleAssignmentProperties """ + _validation = { + 'properties': {'required': True}, + } + _attribute_map = { 'properties': {'key': 'properties', 'type': 'RoleAssignmentProperties'}, } - def __init__(self, *, properties=None, **kwargs) -> None: + def __init__(self, *, properties, **kwargs) -> None: super(RoleAssignmentCreateParameters, self).__init__(**kwargs) self.properties = properties diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties.py index 4f50e37e25a4..a8aa4eaefd5e 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties.py @@ -15,15 +15,22 @@ class RoleAssignmentProperties(Model): """Role assignment properties. - :param role_definition_id: The role definition ID used in the role - assignment. + All required parameters must be populated in order to send to Azure. + + :param role_definition_id: Required. The role definition ID used in the + role assignment. :type role_definition_id: str - :param principal_id: The principal ID assigned to the role. This maps to - the ID inside the Active Directory. It can point to a user, service - principal, or security group. + :param principal_id: Required. The principal ID assigned to the role. This + maps to the ID inside the Active Directory. It can point to a user, + service principal, or security group. :type principal_id: str """ + _validation = { + 'role_definition_id': {'required': True}, + 'principal_id': {'required': True}, + } + _attribute_map = { 'role_definition_id': {'key': 'roleDefinitionId', 'type': 'str'}, 'principal_id': {'key': 'principalId', 'type': 'str'}, diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties_py3.py index 06c65c31878a..b64107791b2c 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties_py3.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/models/role_assignment_properties_py3.py @@ -15,21 +15,28 @@ class RoleAssignmentProperties(Model): """Role assignment properties. - :param role_definition_id: The role definition ID used in the role - assignment. + All required parameters must be populated in order to send to Azure. + + :param role_definition_id: Required. The role definition ID used in the + role assignment. :type role_definition_id: str - :param principal_id: The principal ID assigned to the role. This maps to - the ID inside the Active Directory. It can point to a user, service - principal, or security group. + :param principal_id: Required. The principal ID assigned to the role. This + maps to the ID inside the Active Directory. It can point to a user, + service principal, or security group. :type principal_id: str """ + _validation = { + 'role_definition_id': {'required': True}, + 'principal_id': {'required': True}, + } + _attribute_map = { 'role_definition_id': {'key': 'roleDefinitionId', 'type': 'str'}, 'principal_id': {'key': 'principalId', 'type': 'str'}, } - def __init__(self, *, role_definition_id: str=None, principal_id: str=None, **kwargs) -> None: + def __init__(self, *, role_definition_id: str, principal_id: str, **kwargs) -> None: super(RoleAssignmentProperties, self).__init__(**kwargs) self.role_definition_id = role_definition_id self.principal_id = principal_id diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/permissions_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/permissions_operations.py index 4d494c5e4412..69c971ccdd53 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/permissions_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/permissions_operations.py @@ -75,7 +75,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -84,9 +84,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -158,7 +157,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -167,9 +166,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/provider_operations_metadata_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/provider_operations_metadata_operations.py index fe29414f06af..696544d851a5 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/provider_operations_metadata_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/provider_operations_metadata_operations.py @@ -72,7 +72,7 @@ def get( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -81,8 +81,8 @@ def get( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -137,7 +137,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -146,9 +146,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_assignments_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_assignments_operations.py index da87e79da071..f9e6785b6c9b 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_assignments_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_assignments_operations.py @@ -95,7 +95,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -104,9 +104,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -170,7 +169,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -179,9 +178,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -234,7 +232,7 @@ def delete( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -243,8 +241,8 @@ def delete( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.delete(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -264,7 +262,7 @@ def delete( delete.metadata = {'url': '/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}'} def create( - self, scope, role_assignment_name, properties=None, custom_headers=None, raw=False, **operation_config): + self, scope, role_assignment_name, properties, custom_headers=None, raw=False, **operation_config): """Creates a role assignment. :param scope: The scope of the role assignment to create. The scope @@ -307,6 +305,7 @@ def create( # Construct headers header_parameters = {} + header_parameters['Accept'] = 'application/json' header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) @@ -319,9 +318,8 @@ def create( body_content = self._serialize.body(parameters, 'RoleAssignmentCreateParameters') # Construct and send request - request = self._client.put(url, query_parameters) - response = self._client.send( - request, header_parameters, body_content, stream=False, **operation_config) + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [201]: exp = CloudError(response) @@ -372,7 +370,7 @@ def get( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -381,8 +379,8 @@ def get( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -435,7 +433,7 @@ def delete_by_id( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -444,8 +442,8 @@ def delete_by_id( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.delete(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -465,7 +463,7 @@ def delete_by_id( delete_by_id.metadata = {'url': '/{roleAssignmentId}'} def create_by_id( - self, role_assignment_id, properties=None, custom_headers=None, raw=False, **operation_config): + self, role_assignment_id, properties, custom_headers=None, raw=False, **operation_config): """Creates a role assignment by ID. :param role_assignment_id: The fully qualified ID of the role @@ -503,6 +501,7 @@ def create_by_id( # Construct headers header_parameters = {} + header_parameters['Accept'] = 'application/json' header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) @@ -515,9 +514,8 @@ def create_by_id( body_content = self._serialize.body(parameters, 'RoleAssignmentCreateParameters') # Construct and send request - request = self._client.put(url, query_parameters) - response = self._client.send( - request, header_parameters, body_content, stream=False, **operation_config) + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [201]: exp = CloudError(response) @@ -570,7 +568,7 @@ def get_by_id( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -579,8 +577,8 @@ def get_by_id( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -640,7 +638,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -649,9 +647,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -714,7 +711,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -723,9 +720,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_definitions_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_definitions_operations.py index fcc18e8624ee..ca12412eb42d 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_definitions_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2015_07_01/operations/role_definitions_operations.py @@ -69,7 +69,7 @@ def delete( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -78,8 +78,8 @@ def delete( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.delete(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -130,7 +130,7 @@ def get( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -139,8 +139,8 @@ def get( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -196,6 +196,7 @@ def create_or_update( # Construct headers header_parameters = {} + header_parameters['Accept'] = 'application/json' header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) @@ -208,9 +209,8 @@ def create_or_update( body_content = self._serialize.body(role_definition, 'RoleDefinition') # Construct and send request - request = self._client.put(url, query_parameters) - response = self._client.send( - request, header_parameters, body_content, stream=False, **operation_config) + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [201]: exp = CloudError(response) @@ -270,7 +270,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -279,9 +279,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -335,7 +334,7 @@ def get_by_id( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -344,8 +343,8 @@ def get_by_id( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/authorization_management_client.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/authorization_management_client.py index a0c0ad7eb534..4ce4e64e50bc 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/authorization_management_client.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/authorization_management_client.py @@ -14,8 +14,8 @@ from msrestazure import AzureConfiguration from .version import VERSION from .operations.provider_operations_metadata_operations import ProviderOperationsMetadataOperations -from .operations.permissions_operations import PermissionsOperations from .operations.role_assignments_operations import RoleAssignmentsOperations +from .operations.permissions_operations import PermissionsOperations from .operations.role_definitions_operations import RoleDefinitionsOperations from . import models @@ -53,17 +53,17 @@ def __init__( class AuthorizationManagementClient(SDKClient): - """Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role definitions and role assignments. A role definition describes the set of actions that can be performed on resources. A role assignment grants access to Azure Active Directory users. + """AuthorizationManagementClient :ivar config: Configuration for client. :vartype config: AuthorizationManagementClientConfiguration :ivar provider_operations_metadata: ProviderOperationsMetadata operations :vartype provider_operations_metadata: azure.mgmt.authorization.v2018_01_01_preview.operations.ProviderOperationsMetadataOperations - :ivar permissions: Permissions operations - :vartype permissions: azure.mgmt.authorization.v2018_01_01_preview.operations.PermissionsOperations :ivar role_assignments: RoleAssignments operations :vartype role_assignments: azure.mgmt.authorization.v2018_01_01_preview.operations.RoleAssignmentsOperations + :ivar permissions: Permissions operations + :vartype permissions: azure.mgmt.authorization.v2018_01_01_preview.operations.PermissionsOperations :ivar role_definitions: RoleDefinitions operations :vartype role_definitions: azure.mgmt.authorization.v2018_01_01_preview.operations.RoleDefinitionsOperations @@ -88,9 +88,9 @@ def __init__( self.provider_operations_metadata = ProviderOperationsMetadataOperations( self._client, self.config, self._serialize, self._deserialize) - self.permissions = PermissionsOperations( - self._client, self.config, self._serialize, self._deserialize) self.role_assignments = RoleAssignmentsOperations( self._client, self.config, self._serialize, self._deserialize) + self.permissions = PermissionsOperations( + self._client, self.config, self._serialize, self._deserialize) self.role_definitions = RoleDefinitionsOperations( self._client, self.config, self._serialize, self._deserialize) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/__init__.py index 9116b671939d..73d9f69be00e 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/__init__.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/__init__.py @@ -13,39 +13,39 @@ from .provider_operation_py3 import ProviderOperation from .resource_type_py3 import ResourceType from .provider_operations_metadata_py3 import ProviderOperationsMetadata - from .permission_py3 import Permission - from .role_definition_filter_py3 import RoleDefinitionFilter - from .role_definition_py3 import RoleDefinition from .role_assignment_filter_py3 import RoleAssignmentFilter from .role_assignment_py3 import RoleAssignment from .role_assignment_create_parameters_py3 import RoleAssignmentCreateParameters + from .role_definition_filter_py3 import RoleDefinitionFilter + from .permission_py3 import Permission + from .role_definition_py3 import RoleDefinition except (SyntaxError, ImportError): from .provider_operation import ProviderOperation from .resource_type import ResourceType from .provider_operations_metadata import ProviderOperationsMetadata - from .permission import Permission - from .role_definition_filter import RoleDefinitionFilter - from .role_definition import RoleDefinition from .role_assignment_filter import RoleAssignmentFilter from .role_assignment import RoleAssignment from .role_assignment_create_parameters import RoleAssignmentCreateParameters + from .role_definition_filter import RoleDefinitionFilter + from .permission import Permission + from .role_definition import RoleDefinition from .provider_operations_metadata_paged import ProviderOperationsMetadataPaged -from .permission_paged import PermissionPaged from .role_assignment_paged import RoleAssignmentPaged +from .permission_paged import PermissionPaged from .role_definition_paged import RoleDefinitionPaged __all__ = [ 'ProviderOperation', 'ResourceType', 'ProviderOperationsMetadata', - 'Permission', - 'RoleDefinitionFilter', - 'RoleDefinition', 'RoleAssignmentFilter', 'RoleAssignment', 'RoleAssignmentCreateParameters', + 'RoleDefinitionFilter', + 'Permission', + 'RoleDefinition', 'ProviderOperationsMetadataPaged', - 'PermissionPaged', 'RoleAssignmentPaged', + 'PermissionPaged', 'RoleDefinitionPaged', ] diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters.py index 5da7259a980e..4405dc8ba3c6 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters.py @@ -15,18 +15,25 @@ class RoleAssignmentCreateParameters(Model): """Role assignment create parameters. - :param role_definition_id: The role definition ID used in the role - assignment. + All required parameters must be populated in order to send to Azure. + + :param role_definition_id: Required. The role definition ID used in the + role assignment. :type role_definition_id: str - :param principal_id: The principal ID assigned to the role. This maps to - the ID inside the Active Directory. It can point to a user, service - principal, or security group. + :param principal_id: Required. The principal ID assigned to the role. This + maps to the ID inside the Active Directory. It can point to a user, + service principal, or security group. :type principal_id: str :param can_delegate: The delgation flag used for creating a role assignment :type can_delegate: bool """ + _validation = { + 'role_definition_id': {'required': True}, + 'principal_id': {'required': True}, + } + _attribute_map = { 'role_definition_id': {'key': 'properties.roleDefinitionId', 'type': 'str'}, 'principal_id': {'key': 'properties.principalId', 'type': 'str'}, diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters_py3.py index 7570e2aa0234..ebeeef9c1063 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters_py3.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/models/role_assignment_create_parameters_py3.py @@ -15,25 +15,32 @@ class RoleAssignmentCreateParameters(Model): """Role assignment create parameters. - :param role_definition_id: The role definition ID used in the role - assignment. + All required parameters must be populated in order to send to Azure. + + :param role_definition_id: Required. The role definition ID used in the + role assignment. :type role_definition_id: str - :param principal_id: The principal ID assigned to the role. This maps to - the ID inside the Active Directory. It can point to a user, service - principal, or security group. + :param principal_id: Required. The principal ID assigned to the role. This + maps to the ID inside the Active Directory. It can point to a user, + service principal, or security group. :type principal_id: str :param can_delegate: The delgation flag used for creating a role assignment :type can_delegate: bool """ + _validation = { + 'role_definition_id': {'required': True}, + 'principal_id': {'required': True}, + } + _attribute_map = { 'role_definition_id': {'key': 'properties.roleDefinitionId', 'type': 'str'}, 'principal_id': {'key': 'properties.principalId', 'type': 'str'}, 'can_delegate': {'key': 'properties.canDelegate', 'type': 'bool'}, } - def __init__(self, *, role_definition_id: str=None, principal_id: str=None, can_delegate: bool=None, **kwargs) -> None: + def __init__(self, *, role_definition_id: str, principal_id: str, can_delegate: bool=None, **kwargs) -> None: super(RoleAssignmentCreateParameters, self).__init__(**kwargs) self.role_definition_id = role_definition_id self.principal_id = principal_id diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/__init__.py index 460a4b779f97..153d40df359f 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/__init__.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/__init__.py @@ -10,13 +10,13 @@ # -------------------------------------------------------------------------- from .provider_operations_metadata_operations import ProviderOperationsMetadataOperations -from .permissions_operations import PermissionsOperations from .role_assignments_operations import RoleAssignmentsOperations +from .permissions_operations import PermissionsOperations from .role_definitions_operations import RoleDefinitionsOperations __all__ = [ 'ProviderOperationsMetadataOperations', - 'PermissionsOperations', 'RoleAssignmentsOperations', + 'PermissionsOperations', 'RoleDefinitionsOperations', ] diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/permissions_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/permissions_operations.py index 9badd2c857f0..27c790ca40d1 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/permissions_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/permissions_operations.py @@ -74,7 +74,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -83,9 +83,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -156,7 +155,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -165,9 +164,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/provider_operations_metadata_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/provider_operations_metadata_operations.py index cce8912b95fc..5346cd2f6716 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/provider_operations_metadata_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/provider_operations_metadata_operations.py @@ -72,7 +72,7 @@ def get( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -81,8 +81,8 @@ def get( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -135,7 +135,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -144,9 +144,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_assignments_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_assignments_operations.py index e72b81802db5..b90f976cce6f 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_assignments_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_assignments_operations.py @@ -95,7 +95,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -104,9 +104,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -170,7 +169,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -179,9 +178,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -235,7 +233,7 @@ def delete( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -244,8 +242,8 @@ def delete( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.delete(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -307,6 +305,7 @@ def create( # Construct headers header_parameters = {} + header_parameters['Accept'] = 'application/json' header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) @@ -319,9 +318,8 @@ def create( body_content = self._serialize.body(parameters, 'RoleAssignmentCreateParameters') # Construct and send request - request = self._client.put(url, query_parameters) - response = self._client.send( - request, header_parameters, body_content, stream=False, **operation_config) + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [201]: exp = CloudError(response) @@ -373,7 +371,7 @@ def get( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -382,8 +380,8 @@ def get( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -432,7 +430,7 @@ def delete_by_id( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -441,8 +439,8 @@ def delete_by_id( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.delete(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -494,6 +492,7 @@ def create_by_id( # Construct headers header_parameters = {} + header_parameters['Accept'] = 'application/json' header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) @@ -506,9 +505,8 @@ def create_by_id( body_content = self._serialize.body(parameters, 'RoleAssignmentCreateParameters') # Construct and send request - request = self._client.put(url, query_parameters) - response = self._client.send( - request, header_parameters, body_content, stream=False, **operation_config) + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [201]: exp = CloudError(response) @@ -557,7 +555,7 @@ def get_by_id( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -566,8 +564,8 @@ def get_by_id( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -627,7 +625,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -636,9 +634,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -701,7 +698,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -710,9 +707,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_definitions_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_definitions_operations.py index 507c8a36b6cb..0c5b432255ae 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_definitions_operations.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_01_01_preview/operations/role_definitions_operations.py @@ -70,7 +70,7 @@ def delete( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -79,8 +79,8 @@ def delete( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.delete(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -132,7 +132,7 @@ def get( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -141,8 +141,8 @@ def get( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -197,6 +197,7 @@ def create_or_update( # Construct headers header_parameters = {} + header_parameters['Accept'] = 'application/json' header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) @@ -209,9 +210,8 @@ def create_or_update( body_content = self._serialize.body(role_definition, 'RoleDefinition') # Construct and send request - request = self._client.put(url, query_parameters) - response = self._client.send( - request, header_parameters, body_content, stream=False, **operation_config) + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [201]: exp = CloudError(response) @@ -271,7 +271,7 @@ def internal_paging(next_link=None, raw=False): # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -280,9 +280,8 @@ def internal_paging(next_link=None, raw=False): header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send( - request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) @@ -337,7 +336,7 @@ def get_by_id( # Construct headers header_parameters = {} - header_parameters['Content-Type'] = 'application/json; charset=utf-8' + header_parameters['Accept'] = 'application/json' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -346,8 +345,8 @@ def get_by_id( header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') # Construct and send request - request = self._client.get(url, query_parameters) - response = self._client.send(request, header_parameters, stream=False, **operation_config) + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) if response.status_code not in [200]: exp = CloudError(response) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/__init__.py new file mode 100644 index 000000000000..05f283c292d4 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/__init__.py @@ -0,0 +1,18 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .authorization_management_client import AuthorizationManagementClient +from .version import VERSION + +__all__ = ['AuthorizationManagementClient'] + +__version__ = VERSION + diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/authorization_management_client.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/authorization_management_client.py new file mode 100644 index 000000000000..4be0d8c94163 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/authorization_management_client.py @@ -0,0 +1,81 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.service_client import SDKClient +from msrest import Serializer, Deserializer +from msrestazure import AzureConfiguration +from .version import VERSION +from .operations.deny_assignments_operations import DenyAssignmentsOperations +from . import models + + +class AuthorizationManagementClientConfiguration(AzureConfiguration): + """Configuration for AuthorizationManagementClient + Note that all parameters used to create this instance are saved as instance + attributes. + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param subscription_id: The ID of the target subscription. + :type subscription_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, subscription_id, base_url=None): + + if credentials is None: + raise ValueError("Parameter 'credentials' must not be None.") + if subscription_id is None: + raise ValueError("Parameter 'subscription_id' must not be None.") + if not base_url: + base_url = 'https://management.azure.com' + + super(AuthorizationManagementClientConfiguration, self).__init__(base_url) + + self.add_user_agent('azure-mgmt-authorization/{}'.format(VERSION)) + self.add_user_agent('Azure-SDK-For-Python') + + self.credentials = credentials + self.subscription_id = subscription_id + + +class AuthorizationManagementClient(SDKClient): + """Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to get deny assignments. A deny assignment describes the set of actions on resources that are denied for Azure Active Directory users. + + :ivar config: Configuration for client. + :vartype config: AuthorizationManagementClientConfiguration + + :ivar deny_assignments: DenyAssignments operations + :vartype deny_assignments: azure.mgmt.authorization.v2018_07_01_preview.operations.DenyAssignmentsOperations + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param subscription_id: The ID of the target subscription. + :type subscription_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, subscription_id, base_url=None): + + self.config = AuthorizationManagementClientConfiguration(credentials, subscription_id, base_url) + super(AuthorizationManagementClient, self).__init__(self.config.credentials, self.config) + + client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)} + self.api_version = '2018-07-01-preview' + self._serialize = Serializer(client_models) + self._deserialize = Deserializer(client_models) + + self.deny_assignments = DenyAssignmentsOperations( + self._client, self.config, self._serialize, self._deserialize) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/__init__.py new file mode 100644 index 000000000000..cc4c8ddc5fff --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/__init__.py @@ -0,0 +1,30 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +try: + from .deny_assignment_filter_py3 import DenyAssignmentFilter + from .deny_assignment_permission_py3 import DenyAssignmentPermission + from .principal_py3 import Principal + from .deny_assignment_py3 import DenyAssignment +except (SyntaxError, ImportError): + from .deny_assignment_filter import DenyAssignmentFilter + from .deny_assignment_permission import DenyAssignmentPermission + from .principal import Principal + from .deny_assignment import DenyAssignment +from .deny_assignment_paged import DenyAssignmentPaged + +__all__ = [ + 'DenyAssignmentFilter', + 'DenyAssignmentPermission', + 'Principal', + 'DenyAssignment', + 'DenyAssignmentPaged', +] diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment.py new file mode 100644 index 000000000000..36116fb8912e --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment.py @@ -0,0 +1,85 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DenyAssignment(Model): + """Deny Assignment. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: The deny assignment ID. + :vartype id: str + :ivar name: The deny assignment name. + :vartype name: str + :ivar type: The deny assignment type. + :vartype type: str + :param deny_assignment_name: The display name of the deny assignment. + :type deny_assignment_name: str + :param description: The description of the deny assignment. + :type description: str + :param permissions: An array of permissions that are denied by the deny + assignment. + :type permissions: + list[~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignmentPermission] + :param scope: The deny assignment scope. + :type scope: str + :param do_not_apply_to_child_scopes: Determines if the deny assignment + applies to child scopes. Default value is false. + :type do_not_apply_to_child_scopes: bool + :param principals: Array of principals to which the deny assignment + applies. + :type principals: + list[~azure.mgmt.authorization.v2018_07_01_preview.models.Principal] + :param exclude_principals: Array of principals to which the deny + assignment does not apply. + :type exclude_principals: + list[~azure.mgmt.authorization.v2018_07_01_preview.models.Principal] + :param is_system_protected: Specifies whether this deny assignment was + created by Azure and cannot be edited or deleted. + :type is_system_protected: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'deny_assignment_name': {'key': 'properties.denyAssignmentName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'permissions': {'key': 'properties.permissions', 'type': '[DenyAssignmentPermission]'}, + 'scope': {'key': 'properties.scope', 'type': 'str'}, + 'do_not_apply_to_child_scopes': {'key': 'properties.doNotApplyToChildScopes', 'type': 'bool'}, + 'principals': {'key': 'properties.principals', 'type': '[Principal]'}, + 'exclude_principals': {'key': 'properties.excludePrincipals', 'type': '[Principal]'}, + 'is_system_protected': {'key': 'properties.isSystemProtected', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(DenyAssignment, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.deny_assignment_name = kwargs.get('deny_assignment_name', None) + self.description = kwargs.get('description', None) + self.permissions = kwargs.get('permissions', None) + self.scope = kwargs.get('scope', None) + self.do_not_apply_to_child_scopes = kwargs.get('do_not_apply_to_child_scopes', None) + self.principals = kwargs.get('principals', None) + self.exclude_principals = kwargs.get('exclude_principals', None) + self.is_system_protected = kwargs.get('is_system_protected', None) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_filter.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_filter.py new file mode 100644 index 000000000000..6988d5f04893 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_filter.py @@ -0,0 +1,39 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DenyAssignmentFilter(Model): + """Deny Assignments filter. + + :param deny_assignment_name: Return deny assignment with specified name. + :type deny_assignment_name: str + :param principal_id: Return all deny assignments where the specified + principal is listed in the principals list of deny assignments. + :type principal_id: str + :param gdpr_export_principal_id: Return all deny assignments where the + specified principal is listed either in the principals list or exclude + principals list of deny assignments. + :type gdpr_export_principal_id: str + """ + + _attribute_map = { + 'deny_assignment_name': {'key': 'denyAssignmentName', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'gdpr_export_principal_id': {'key': 'gdprExportPrincipalId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(DenyAssignmentFilter, self).__init__(**kwargs) + self.deny_assignment_name = kwargs.get('deny_assignment_name', None) + self.principal_id = kwargs.get('principal_id', None) + self.gdpr_export_principal_id = kwargs.get('gdpr_export_principal_id', None) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_filter_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_filter_py3.py new file mode 100644 index 000000000000..355f4e95ff82 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_filter_py3.py @@ -0,0 +1,39 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DenyAssignmentFilter(Model): + """Deny Assignments filter. + + :param deny_assignment_name: Return deny assignment with specified name. + :type deny_assignment_name: str + :param principal_id: Return all deny assignments where the specified + principal is listed in the principals list of deny assignments. + :type principal_id: str + :param gdpr_export_principal_id: Return all deny assignments where the + specified principal is listed either in the principals list or exclude + principals list of deny assignments. + :type gdpr_export_principal_id: str + """ + + _attribute_map = { + 'deny_assignment_name': {'key': 'denyAssignmentName', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'gdpr_export_principal_id': {'key': 'gdprExportPrincipalId', 'type': 'str'}, + } + + def __init__(self, *, deny_assignment_name: str=None, principal_id: str=None, gdpr_export_principal_id: str=None, **kwargs) -> None: + super(DenyAssignmentFilter, self).__init__(**kwargs) + self.deny_assignment_name = deny_assignment_name + self.principal_id = principal_id + self.gdpr_export_principal_id = gdpr_export_principal_id diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_paged.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_paged.py new file mode 100644 index 000000000000..f1062e69ff3c --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class DenyAssignmentPaged(Paged): + """ + A paging container for iterating over a list of :class:`DenyAssignment ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[DenyAssignment]'} + } + + def __init__(self, *args, **kwargs): + + super(DenyAssignmentPaged, self).__init__(*args, **kwargs) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_permission.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_permission.py new file mode 100644 index 000000000000..c29b9944d959 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_permission.py @@ -0,0 +1,44 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DenyAssignmentPermission(Model): + """Deny assignment permissions. + + :param actions: Actions to which the deny assignment does not grant + access. + :type actions: list[str] + :param not_actions: Actions to exclude from that the deny assignment does + not grant access. + :type not_actions: list[str] + :param data_actions: Data actions to which the deny assignment does not + grant access. + :type data_actions: list[str] + :param not_data_actions: Data actions to exclude from that the deny + assignment does not grant access. + :type not_data_actions: list[str] + """ + + _attribute_map = { + 'actions': {'key': 'actions', 'type': '[str]'}, + 'not_actions': {'key': 'notActions', 'type': '[str]'}, + 'data_actions': {'key': 'dataActions', 'type': '[str]'}, + 'not_data_actions': {'key': 'notDataActions', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(DenyAssignmentPermission, self).__init__(**kwargs) + self.actions = kwargs.get('actions', None) + self.not_actions = kwargs.get('not_actions', None) + self.data_actions = kwargs.get('data_actions', None) + self.not_data_actions = kwargs.get('not_data_actions', None) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_permission_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_permission_py3.py new file mode 100644 index 000000000000..e1e5e9ab75fc --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_permission_py3.py @@ -0,0 +1,44 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DenyAssignmentPermission(Model): + """Deny assignment permissions. + + :param actions: Actions to which the deny assignment does not grant + access. + :type actions: list[str] + :param not_actions: Actions to exclude from that the deny assignment does + not grant access. + :type not_actions: list[str] + :param data_actions: Data actions to which the deny assignment does not + grant access. + :type data_actions: list[str] + :param not_data_actions: Data actions to exclude from that the deny + assignment does not grant access. + :type not_data_actions: list[str] + """ + + _attribute_map = { + 'actions': {'key': 'actions', 'type': '[str]'}, + 'not_actions': {'key': 'notActions', 'type': '[str]'}, + 'data_actions': {'key': 'dataActions', 'type': '[str]'}, + 'not_data_actions': {'key': 'notDataActions', 'type': '[str]'}, + } + + def __init__(self, *, actions=None, not_actions=None, data_actions=None, not_data_actions=None, **kwargs) -> None: + super(DenyAssignmentPermission, self).__init__(**kwargs) + self.actions = actions + self.not_actions = not_actions + self.data_actions = data_actions + self.not_data_actions = not_data_actions diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_py3.py new file mode 100644 index 000000000000..cf566f59c948 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/deny_assignment_py3.py @@ -0,0 +1,85 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DenyAssignment(Model): + """Deny Assignment. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: The deny assignment ID. + :vartype id: str + :ivar name: The deny assignment name. + :vartype name: str + :ivar type: The deny assignment type. + :vartype type: str + :param deny_assignment_name: The display name of the deny assignment. + :type deny_assignment_name: str + :param description: The description of the deny assignment. + :type description: str + :param permissions: An array of permissions that are denied by the deny + assignment. + :type permissions: + list[~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignmentPermission] + :param scope: The deny assignment scope. + :type scope: str + :param do_not_apply_to_child_scopes: Determines if the deny assignment + applies to child scopes. Default value is false. + :type do_not_apply_to_child_scopes: bool + :param principals: Array of principals to which the deny assignment + applies. + :type principals: + list[~azure.mgmt.authorization.v2018_07_01_preview.models.Principal] + :param exclude_principals: Array of principals to which the deny + assignment does not apply. + :type exclude_principals: + list[~azure.mgmt.authorization.v2018_07_01_preview.models.Principal] + :param is_system_protected: Specifies whether this deny assignment was + created by Azure and cannot be edited or deleted. + :type is_system_protected: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'deny_assignment_name': {'key': 'properties.denyAssignmentName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'permissions': {'key': 'properties.permissions', 'type': '[DenyAssignmentPermission]'}, + 'scope': {'key': 'properties.scope', 'type': 'str'}, + 'do_not_apply_to_child_scopes': {'key': 'properties.doNotApplyToChildScopes', 'type': 'bool'}, + 'principals': {'key': 'properties.principals', 'type': '[Principal]'}, + 'exclude_principals': {'key': 'properties.excludePrincipals', 'type': '[Principal]'}, + 'is_system_protected': {'key': 'properties.isSystemProtected', 'type': 'bool'}, + } + + def __init__(self, *, deny_assignment_name: str=None, description: str=None, permissions=None, scope: str=None, do_not_apply_to_child_scopes: bool=None, principals=None, exclude_principals=None, is_system_protected: bool=None, **kwargs) -> None: + super(DenyAssignment, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.deny_assignment_name = deny_assignment_name + self.description = description + self.permissions = permissions + self.scope = scope + self.do_not_apply_to_child_scopes = do_not_apply_to_child_scopes + self.principals = principals + self.exclude_principals = exclude_principals + self.is_system_protected = is_system_protected diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/principal.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/principal.py new file mode 100644 index 000000000000..f1707cd04ffb --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/principal.py @@ -0,0 +1,46 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Principal(Model): + """Deny assignment principal. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Object ID of the Azure AD principal (user, group, or service + principal) to which the deny assignment applies. An empty guid + '00000000-0000-0000-0000-000000000000' as principal id and principal type + as 'Everyone' represents all users, groups and service principals. + :vartype id: str + :ivar type: Type of object represented by principal id (user, group, or + service principal). An empty guid '00000000-0000-0000-0000-000000000000' + as principal id and principal type as 'Everyone' represents all users, + groups and service principals. + :vartype type: str + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(Principal, self).__init__(**kwargs) + self.id = None + self.type = None diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/principal_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/principal_py3.py new file mode 100644 index 000000000000..d41628e88e81 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/models/principal_py3.py @@ -0,0 +1,46 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Principal(Model): + """Deny assignment principal. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Object ID of the Azure AD principal (user, group, or service + principal) to which the deny assignment applies. An empty guid + '00000000-0000-0000-0000-000000000000' as principal id and principal type + as 'Everyone' represents all users, groups and service principals. + :vartype id: str + :ivar type: Type of object represented by principal id (user, group, or + service principal). An empty guid '00000000-0000-0000-0000-000000000000' + as principal id and principal type as 'Everyone' represents all users, + groups and service principals. + :vartype type: str + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(Principal, self).__init__(**kwargs) + self.id = None + self.type = None diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/operations/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/operations/__init__.py new file mode 100644 index 000000000000..597fcdcf388e --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/operations/__init__.py @@ -0,0 +1,16 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .deny_assignments_operations import DenyAssignmentsOperations + +__all__ = [ + 'DenyAssignmentsOperations', +] diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/operations/deny_assignments_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/operations/deny_assignments_operations.py new file mode 100644 index 000000000000..3d294efc66a5 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/operations/deny_assignments_operations.py @@ -0,0 +1,510 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class DenyAssignmentsOperations(object): + """DenyAssignmentsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: The API version to use for this operation. Constant value: "2018-07-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2018-07-01-preview" + + self.config = config + + def list_for_resource( + self, resource_group_name, resource_provider_namespace, parent_resource_path, resource_type, resource_name, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets deny assignments for a resource. + + :param resource_group_name: The name of the resource group. + :type resource_group_name: str + :param resource_provider_namespace: The namespace of the resource + provider. + :type resource_provider_namespace: str + :param parent_resource_path: The parent resource identity. + :type parent_resource_path: str + :param resource_type: The resource type of the resource. + :type resource_type: str + :param resource_name: The name of the resource to get deny assignments + for. + :type resource_name: str + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all deny assignments at or above the + scope. Use $filter=denyAssignmentName eq '{name}' to search deny + assignments by name at specified scope. Use $filter=principalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. Use $filter=gdprExportPrincipalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. This filter is different from the + principalId filter as it returns not only those deny assignments that + contain the specified principal is the Principals list but also those + deny assignments that contain the specified principal is the + ExcludePrincipals list. Additionally, when gdprExportPrincipalId + filter is used, only the deny assignment name and description + properties are returned. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DenyAssignment + :rtype: + ~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignmentPaged[~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_for_resource.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'resourceProviderNamespace': self._serialize.url("resource_provider_namespace", resource_provider_namespace, 'str'), + 'parentResourcePath': self._serialize.url("parent_resource_path", parent_resource_path, 'str', skip_quote=True), + 'resourceType': self._serialize.url("resource_type", resource_type, 'str', skip_quote=True), + 'resourceName': self._serialize.url("resource_name", resource_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_for_resource.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/denyAssignments'} + + def list_for_resource_group( + self, resource_group_name, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets deny assignments for a resource group. + + :param resource_group_name: The name of the resource group. + :type resource_group_name: str + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all deny assignments at or above the + scope. Use $filter=denyAssignmentName eq '{name}' to search deny + assignments by name at specified scope. Use $filter=principalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. Use $filter=gdprExportPrincipalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. This filter is different from the + principalId filter as it returns not only those deny assignments that + contain the specified principal is the Principals list but also those + deny assignments that contain the specified principal is the + ExcludePrincipals list. Additionally, when gdprExportPrincipalId + filter is used, only the deny assignment name and description + properties are returned. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DenyAssignment + :rtype: + ~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignmentPaged[~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_for_resource_group.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_for_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/denyAssignments'} + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets all deny assignments for the subscription. + + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all deny assignments at or above the + scope. Use $filter=denyAssignmentName eq '{name}' to search deny + assignments by name at specified scope. Use $filter=principalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. Use $filter=gdprExportPrincipalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. This filter is different from the + principalId filter as it returns not only those deny assignments that + contain the specified principal is the Principals list but also those + deny assignments that contain the specified principal is the + ExcludePrincipals list. Additionally, when gdprExportPrincipalId + filter is used, only the deny assignment name and description + properties are returned. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DenyAssignment + :rtype: + ~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignmentPaged[~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/denyAssignments'} + + def get( + self, scope, deny_assignment_id, custom_headers=None, raw=False, **operation_config): + """Get the specified deny assignment. + + :param scope: The scope of the deny assignment. + :type scope: str + :param deny_assignment_id: The ID of the deny assignment to get. + :type deny_assignment_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: DenyAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'scope': self._serialize.url("scope", scope, 'str', skip_quote=True), + 'denyAssignmentId': self._serialize.url("deny_assignment_id", deny_assignment_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('DenyAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{scope}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId}'} + + def get_by_id( + self, deny_assignment_id, custom_headers=None, raw=False, **operation_config): + """Gets a deny assignment by ID. + + :param deny_assignment_id: The fully qualified deny assignment ID. For + example, use the format, + /subscriptions/{guid}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} + for subscription level deny assignments, or + /providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} + for tenant level deny assignments. + :type deny_assignment_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: DenyAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get_by_id.metadata['url'] + path_format_arguments = { + 'denyAssignmentId': self._serialize.url("deny_assignment_id", deny_assignment_id, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('DenyAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get_by_id.metadata = {'url': '/{denyAssignmentId}'} + + def list_for_scope( + self, scope, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets deny assignments for a scope. + + :param scope: The scope of the deny assignments. + :type scope: str + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all deny assignments at or above the + scope. Use $filter=denyAssignmentName eq '{name}' to search deny + assignments by name at specified scope. Use $filter=principalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. Use $filter=gdprExportPrincipalId eq + '{id}' to return all deny assignments at, above and below the scope + for the specified principal. This filter is different from the + principalId filter as it returns not only those deny assignments that + contain the specified principal is the Principals list but also those + deny assignments that contain the specified principal is the + ExcludePrincipals list. Additionally, when gdprExportPrincipalId + filter is used, only the deny assignment name and description + properties are returned. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DenyAssignment + :rtype: + ~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignmentPaged[~azure.mgmt.authorization.v2018_07_01_preview.models.DenyAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_for_scope.metadata['url'] + path_format_arguments = { + 'scope': self._serialize.url("scope", scope, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.DenyAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_for_scope.metadata = {'url': '/{scope}/providers/Microsoft.Authorization/denyAssignments'} diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/version.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/version.py new file mode 100644 index 000000000000..640f86d33a0d --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_07_01_preview/version.py @@ -0,0 +1,13 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +VERSION = "2018-07-01-preview" + diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/__init__.py new file mode 100644 index 000000000000..05f283c292d4 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/__init__.py @@ -0,0 +1,18 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .authorization_management_client import AuthorizationManagementClient +from .version import VERSION + +__all__ = ['AuthorizationManagementClient'] + +__version__ = VERSION + diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/authorization_management_client.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/authorization_management_client.py new file mode 100644 index 000000000000..6c724eb02f16 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/authorization_management_client.py @@ -0,0 +1,81 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.service_client import SDKClient +from msrest import Serializer, Deserializer +from msrestazure import AzureConfiguration +from .version import VERSION +from .operations.role_assignments_operations import RoleAssignmentsOperations +from . import models + + +class AuthorizationManagementClientConfiguration(AzureConfiguration): + """Configuration for AuthorizationManagementClient + Note that all parameters used to create this instance are saved as instance + attributes. + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param subscription_id: The ID of the target subscription. + :type subscription_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, subscription_id, base_url=None): + + if credentials is None: + raise ValueError("Parameter 'credentials' must not be None.") + if subscription_id is None: + raise ValueError("Parameter 'subscription_id' must not be None.") + if not base_url: + base_url = 'https://management.azure.com' + + super(AuthorizationManagementClientConfiguration, self).__init__(base_url) + + self.add_user_agent('azure-mgmt-authorization/{}'.format(VERSION)) + self.add_user_agent('Azure-SDK-For-Python') + + self.credentials = credentials + self.subscription_id = subscription_id + + +class AuthorizationManagementClient(SDKClient): + """Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users. + + :ivar config: Configuration for client. + :vartype config: AuthorizationManagementClientConfiguration + + :ivar role_assignments: RoleAssignments operations + :vartype role_assignments: azure.mgmt.authorization.v2018_09_01_preview.operations.RoleAssignmentsOperations + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param subscription_id: The ID of the target subscription. + :type subscription_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, subscription_id, base_url=None): + + self.config = AuthorizationManagementClientConfiguration(credentials, subscription_id, base_url) + super(AuthorizationManagementClient, self).__init__(self.config.credentials, self.config) + + client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)} + self.api_version = '2018-09-01-preview' + self._serialize = Serializer(client_models) + self._deserialize = Deserializer(client_models) + + self.role_assignments = RoleAssignmentsOperations( + self._client, self.config, self._serialize, self._deserialize) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/__init__.py new file mode 100644 index 000000000000..6f57bf900582 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/__init__.py @@ -0,0 +1,31 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +try: + from .role_assignment_filter_py3 import RoleAssignmentFilter + from .role_assignment_py3 import RoleAssignment + from .role_assignment_create_parameters_py3 import RoleAssignmentCreateParameters +except (SyntaxError, ImportError): + from .role_assignment_filter import RoleAssignmentFilter + from .role_assignment import RoleAssignment + from .role_assignment_create_parameters import RoleAssignmentCreateParameters +from .role_assignment_paged import RoleAssignmentPaged +from .authorization_management_client_enums import ( + PrincipalType, +) + +__all__ = [ + 'RoleAssignmentFilter', + 'RoleAssignment', + 'RoleAssignmentCreateParameters', + 'RoleAssignmentPaged', + 'PrincipalType', +] diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/authorization_management_client_enums.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/authorization_management_client_enums.py new file mode 100644 index 000000000000..470522d4174d --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/authorization_management_client_enums.py @@ -0,0 +1,26 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from enum import Enum + + +class PrincipalType(str, Enum): + + user = "User" + group = "Group" + service_principal = "ServicePrincipal" + unknown = "Unknown" + directory_role_template = "DirectoryRoleTemplate" + foreign_group = "ForeignGroup" + application = "Application" + msi = "MSI" + directory_object_or_group = "DirectoryObjectOrGroup" + everyone = "Everyone" diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment.py new file mode 100644 index 000000000000..599d04d0b2cf --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RoleAssignment(Model): + """Role Assignments. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: The role assignment ID. + :vartype id: str + :ivar name: The role assignment name. + :vartype name: str + :ivar type: The role assignment type. + :vartype type: str + :param scope: The role assignment scope. + :type scope: str + :param role_definition_id: The role definition ID. + :type role_definition_id: str + :param principal_id: The principal ID. + :type principal_id: str + :param can_delegate: The Delegation flag for the roleassignment + :type can_delegate: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'scope': {'key': 'properties.scope', 'type': 'str'}, + 'role_definition_id': {'key': 'properties.roleDefinitionId', 'type': 'str'}, + 'principal_id': {'key': 'properties.principalId', 'type': 'str'}, + 'can_delegate': {'key': 'properties.canDelegate', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(RoleAssignment, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.scope = kwargs.get('scope', None) + self.role_definition_id = kwargs.get('role_definition_id', None) + self.principal_id = kwargs.get('principal_id', None) + self.can_delegate = kwargs.get('can_delegate', None) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_create_parameters.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_create_parameters.py new file mode 100644 index 000000000000..2144b9d8d063 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_create_parameters.py @@ -0,0 +1,55 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RoleAssignmentCreateParameters(Model): + """Role assignment create parameters. + + All required parameters must be populated in order to send to Azure. + + :param role_definition_id: Required. The role definition ID used in the + role assignment. + :type role_definition_id: str + :param principal_id: Required. The principal ID assigned to the role. This + maps to the ID inside the Active Directory. It can point to a user, + service principal, or security group. + :type principal_id: str + :param principal_type: The principal type of the assigned principal ID. + Possible values include: 'User', 'Group', 'ServicePrincipal', 'Unknown', + 'DirectoryRoleTemplate', 'ForeignGroup', 'Application', 'MSI', + 'DirectoryObjectOrGroup', 'Everyone' + :type principal_type: str or + ~azure.mgmt.authorization.v2018_09_01_preview.models.PrincipalType + :param can_delegate: The delgation flag used for creating a role + assignment + :type can_delegate: bool + """ + + _validation = { + 'role_definition_id': {'required': True}, + 'principal_id': {'required': True}, + } + + _attribute_map = { + 'role_definition_id': {'key': 'properties.roleDefinitionId', 'type': 'str'}, + 'principal_id': {'key': 'properties.principalId', 'type': 'str'}, + 'principal_type': {'key': 'properties.principalType', 'type': 'str'}, + 'can_delegate': {'key': 'properties.canDelegate', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(RoleAssignmentCreateParameters, self).__init__(**kwargs) + self.role_definition_id = kwargs.get('role_definition_id', None) + self.principal_id = kwargs.get('principal_id', None) + self.principal_type = kwargs.get('principal_type', None) + self.can_delegate = kwargs.get('can_delegate', None) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_create_parameters_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_create_parameters_py3.py new file mode 100644 index 000000000000..7b102e91fe18 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_create_parameters_py3.py @@ -0,0 +1,55 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RoleAssignmentCreateParameters(Model): + """Role assignment create parameters. + + All required parameters must be populated in order to send to Azure. + + :param role_definition_id: Required. The role definition ID used in the + role assignment. + :type role_definition_id: str + :param principal_id: Required. The principal ID assigned to the role. This + maps to the ID inside the Active Directory. It can point to a user, + service principal, or security group. + :type principal_id: str + :param principal_type: The principal type of the assigned principal ID. + Possible values include: 'User', 'Group', 'ServicePrincipal', 'Unknown', + 'DirectoryRoleTemplate', 'ForeignGroup', 'Application', 'MSI', + 'DirectoryObjectOrGroup', 'Everyone' + :type principal_type: str or + ~azure.mgmt.authorization.v2018_09_01_preview.models.PrincipalType + :param can_delegate: The delgation flag used for creating a role + assignment + :type can_delegate: bool + """ + + _validation = { + 'role_definition_id': {'required': True}, + 'principal_id': {'required': True}, + } + + _attribute_map = { + 'role_definition_id': {'key': 'properties.roleDefinitionId', 'type': 'str'}, + 'principal_id': {'key': 'properties.principalId', 'type': 'str'}, + 'principal_type': {'key': 'properties.principalType', 'type': 'str'}, + 'can_delegate': {'key': 'properties.canDelegate', 'type': 'bool'}, + } + + def __init__(self, *, role_definition_id: str, principal_id: str, principal_type=None, can_delegate: bool=None, **kwargs) -> None: + super(RoleAssignmentCreateParameters, self).__init__(**kwargs) + self.role_definition_id = role_definition_id + self.principal_id = principal_id + self.principal_type = principal_type + self.can_delegate = can_delegate diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_filter.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_filter.py new file mode 100644 index 000000000000..940b6baccc3c --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_filter.py @@ -0,0 +1,32 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RoleAssignmentFilter(Model): + """Role Assignments filter. + + :param principal_id: Returns role assignment of the specific principal. + :type principal_id: str + :param can_delegate: The Delegation flag for the roleassignment + :type can_delegate: bool + """ + + _attribute_map = { + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'can_delegate': {'key': 'canDelegate', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(RoleAssignmentFilter, self).__init__(**kwargs) + self.principal_id = kwargs.get('principal_id', None) + self.can_delegate = kwargs.get('can_delegate', None) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_filter_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_filter_py3.py new file mode 100644 index 000000000000..cfa2af336134 --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_filter_py3.py @@ -0,0 +1,32 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RoleAssignmentFilter(Model): + """Role Assignments filter. + + :param principal_id: Returns role assignment of the specific principal. + :type principal_id: str + :param can_delegate: The Delegation flag for the roleassignment + :type can_delegate: bool + """ + + _attribute_map = { + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'can_delegate': {'key': 'canDelegate', 'type': 'bool'}, + } + + def __init__(self, *, principal_id: str=None, can_delegate: bool=None, **kwargs) -> None: + super(RoleAssignmentFilter, self).__init__(**kwargs) + self.principal_id = principal_id + self.can_delegate = can_delegate diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_paged.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_paged.py new file mode 100644 index 000000000000..7df3204e28fb --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class RoleAssignmentPaged(Paged): + """ + A paging container for iterating over a list of :class:`RoleAssignment ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[RoleAssignment]'} + } + + def __init__(self, *args, **kwargs): + + super(RoleAssignmentPaged, self).__init__(*args, **kwargs) diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_py3.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_py3.py new file mode 100644 index 000000000000..15af2402089d --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/models/role_assignment_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RoleAssignment(Model): + """Role Assignments. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: The role assignment ID. + :vartype id: str + :ivar name: The role assignment name. + :vartype name: str + :ivar type: The role assignment type. + :vartype type: str + :param scope: The role assignment scope. + :type scope: str + :param role_definition_id: The role definition ID. + :type role_definition_id: str + :param principal_id: The principal ID. + :type principal_id: str + :param can_delegate: The Delegation flag for the roleassignment + :type can_delegate: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'scope': {'key': 'properties.scope', 'type': 'str'}, + 'role_definition_id': {'key': 'properties.roleDefinitionId', 'type': 'str'}, + 'principal_id': {'key': 'properties.principalId', 'type': 'str'}, + 'can_delegate': {'key': 'properties.canDelegate', 'type': 'bool'}, + } + + def __init__(self, *, scope: str=None, role_definition_id: str=None, principal_id: str=None, can_delegate: bool=None, **kwargs) -> None: + super(RoleAssignment, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.scope = scope + self.role_definition_id = role_definition_id + self.principal_id = principal_id + self.can_delegate = can_delegate diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/operations/__init__.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/operations/__init__.py new file mode 100644 index 000000000000..33057070c3ca --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/operations/__init__.py @@ -0,0 +1,16 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .role_assignments_operations import RoleAssignmentsOperations + +__all__ = [ + 'RoleAssignmentsOperations', +] diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/operations/role_assignments_operations.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/operations/role_assignments_operations.py new file mode 100644 index 000000000000..8a6cac34b8aa --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/operations/role_assignments_operations.py @@ -0,0 +1,729 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class RoleAssignmentsOperations(object): + """RoleAssignmentsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: The API version to use for this operation. Constant value: "2018-09-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2018-09-01-preview" + + self.config = config + + def list_for_resource( + self, resource_group_name, resource_provider_namespace, parent_resource_path, resource_type, resource_name, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets role assignments for a resource. + + :param resource_group_name: The name of the resource group. + :type resource_group_name: str + :param resource_provider_namespace: The namespace of the resource + provider. + :type resource_provider_namespace: str + :param parent_resource_path: The parent resource identity. + :type parent_resource_path: str + :param resource_type: The resource type of the resource. + :type resource_type: str + :param resource_name: The name of the resource to get role assignments + for. + :type resource_name: str + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all role assignments at or above the + scope. Use $filter=principalId eq {id} to return all role assignments + at, above or below the scope for the specified principal. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of RoleAssignment + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignmentPaged[~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_for_resource.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'resourceProviderNamespace': self._serialize.url("resource_provider_namespace", resource_provider_namespace, 'str'), + 'parentResourcePath': self._serialize.url("parent_resource_path", parent_resource_path, 'str', skip_quote=True), + 'resourceType': self._serialize.url("resource_type", resource_type, 'str', skip_quote=True), + 'resourceName': self._serialize.url("resource_name", resource_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_for_resource.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments'} + + def list_for_resource_group( + self, resource_group_name, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets role assignments for a resource group. + + :param resource_group_name: The name of the resource group. + :type resource_group_name: str + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all role assignments at or above the + scope. Use $filter=principalId eq {id} to return all role assignments + at, above or below the scope for the specified principal. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of RoleAssignment + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignmentPaged[~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_for_resource_group.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_for_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments'} + + def delete( + self, scope, role_assignment_name, custom_headers=None, raw=False, **operation_config): + """Deletes a role assignment. + + :param scope: The scope of the role assignment to delete. + :type scope: str + :param role_assignment_name: The name of the role assignment to + delete. + :type role_assignment_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: RoleAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'scope': self._serialize.url("scope", scope, 'str', skip_quote=True), + 'roleAssignmentName': self._serialize.url("role_assignment_name", role_assignment_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('RoleAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + delete.metadata = {'url': '/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}'} + + def create( + self, scope, role_assignment_name, parameters, custom_headers=None, raw=False, **operation_config): + """Creates a role assignment. + + :param scope: The scope of the role assignment to create. The scope + can be any REST resource instance. For example, use + '/subscriptions/{subscription-id}/' for a subscription, + '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' + for a resource group, and + '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' + for a resource. + :type scope: str + :param role_assignment_name: The name of the role assignment to + create. It can be any valid GUID. + :type role_assignment_name: str + :param parameters: Parameters for the role assignment. + :type parameters: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignmentCreateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: RoleAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create.metadata['url'] + path_format_arguments = { + 'scope': self._serialize.url("scope", scope, 'str', skip_quote=True), + 'roleAssignmentName': self._serialize.url("role_assignment_name", role_assignment_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'RoleAssignmentCreateParameters') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 201: + deserialized = self._deserialize('RoleAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create.metadata = {'url': '/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}'} + + def get( + self, scope, role_assignment_name, custom_headers=None, raw=False, **operation_config): + """Get the specified role assignment. + + :param scope: The scope of the role assignment. + :type scope: str + :param role_assignment_name: The name of the role assignment to get. + :type role_assignment_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: RoleAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'scope': self._serialize.url("scope", scope, 'str', skip_quote=True), + 'roleAssignmentName': self._serialize.url("role_assignment_name", role_assignment_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('RoleAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}'} + + def delete_by_id( + self, role_id, custom_headers=None, raw=False, **operation_config): + """Deletes a role assignment. + + :param role_id: The ID of the role assignment to delete. + :type role_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: RoleAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete_by_id.metadata['url'] + path_format_arguments = { + 'roleId': self._serialize.url("role_id", role_id, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('RoleAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + delete_by_id.metadata = {'url': '/{roleId}'} + + def create_by_id( + self, role_id, parameters, custom_headers=None, raw=False, **operation_config): + """Creates a role assignment by ID. + + :param role_id: The ID of the role assignment to create. + :type role_id: str + :param parameters: Parameters for the role assignment. + :type parameters: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignmentCreateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: RoleAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_by_id.metadata['url'] + path_format_arguments = { + 'roleId': self._serialize.url("role_id", role_id, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'RoleAssignmentCreateParameters') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 201: + deserialized = self._deserialize('RoleAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_by_id.metadata = {'url': '/{roleId}'} + + def get_by_id( + self, role_id, custom_headers=None, raw=False, **operation_config): + """Gets a role assignment by ID. + + :param role_id: The ID of the role assignment to get. + :type role_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: RoleAssignment or ClientRawResponse if raw=true + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get_by_id.metadata['url'] + path_format_arguments = { + 'roleId': self._serialize.url("role_id", role_id, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('RoleAssignment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get_by_id.metadata = {'url': '/{roleId}'} + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets all role assignments for the subscription. + + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all role assignments at or above the + scope. Use $filter=principalId eq {id} to return all role assignments + at, above or below the scope for the specified principal. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of RoleAssignment + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignmentPaged[~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments'} + + def list_for_scope( + self, scope, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets role assignments for a scope. + + :param scope: The scope of the role assignments. + :type scope: str + :param filter: The filter to apply on the operation. Use + $filter=atScope() to return all role assignments at or above the + scope. Use $filter=principalId eq {id} to return all role assignments + at, above or below the scope for the specified principal. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of RoleAssignment + :rtype: + ~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignmentPaged[~azure.mgmt.authorization.v2018_09_01_preview.models.RoleAssignment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_for_scope.metadata['url'] + path_format_arguments = { + 'scope': self._serialize.url("scope", scope, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.RoleAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_for_scope.metadata = {'url': '/{scope}/providers/Microsoft.Authorization/roleAssignments'} diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/version.py b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/version.py new file mode 100644 index 000000000000..b8bbafae36fe --- /dev/null +++ b/azure-mgmt-authorization/azure/mgmt/authorization/v2018_09_01_preview/version.py @@ -0,0 +1,13 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +VERSION = "2018-09-01-preview" + diff --git a/azure-mgmt-authorization/azure/mgmt/authorization/version.py b/azure-mgmt-authorization/azure/mgmt/authorization/version.py index 1002e003856c..1f265d852c1b 100644 --- a/azure-mgmt-authorization/azure/mgmt/authorization/version.py +++ b/azure-mgmt-authorization/azure/mgmt/authorization/version.py @@ -9,5 +9,5 @@ # regenerated. # -------------------------------------------------------------------------- -VERSION = "0.50.0" +VERSION = "0.51.0" diff --git a/azure-mgmt-authorization/build.json b/azure-mgmt-authorization/build.json deleted file mode 100644 index 3141ecaf1a95..000000000000 --- a/azure-mgmt-authorization/build.json +++ /dev/null @@ -1,183 +0,0 @@ -{ - "autorest": [ - { - "resolvedInfo": null, - "packageMetadata": { - "name": "@microsoft.azure/autorest-core", - "version": "2.0.4168", - "engines": { - "node": ">=7.10.0" - }, - "dependencies": {}, - "optionalDependencies": {}, - "devDependencies": { - "@microsoft.azure/async-io": "~1.0.22", - "@microsoft.azure/extension": "~1.2.12", - "@types/commonmark": "^0.27.0", - "@types/jsonpath": "^0.1.29", - "@types/node": "^8.0.28", - "@types/pify": "0.0.28", - "@types/source-map": "^0.5.0", - "@types/yargs": "^8.0.2", - "commonmark": "^0.27.0", - "file-url": "^2.0.2", - "get-uri": "^2.0.0", - "jsonpath": "^0.2.11", - "linq-es2015": "^2.4.25", - "mocha": "3.4.2", - "mocha-typescript": "1.1.5", - "pify": "^3.0.0", - "safe-eval": "^0.3.0", - "shx": "^0.2.2", - "source-map": "^0.5.6", - "source-map-support": "^0.4.15", - "strip-bom": "^3.0.0", - "typescript": "2.5.3", - "untildify": "^3.0.2", - "urijs": "^1.18.10", - "vscode-jsonrpc": "^3.3.1", - "yaml-ast-parser": "https://github.com/olydis/yaml-ast-parser/releases/download/0.0.34/yaml-ast-parser-0.0.34.tgz", - "yargs": "^8.0.2" - }, - "bundleDependencies": false, - "peerDependencies": {}, - "deprecated": false, - "_resolved": "/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core", - "_shasum": "33813111fc9bfa488bd600fbba48bc53cc9182c7", - "_shrinkwrap": null, - "bin": null, - "_id": "@microsoft.azure/autorest-core@2.0.4168", - "_from": "file:/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core", - "_requested": { - "type": "directory", - "where": "/git-restapi", - "raw": "/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core", - "rawSpec": "/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core", - "saveSpec": "file:/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core", - "fetchSpec": "/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core" - }, - "_spec": "/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core", - "_where": "/root/.autorest/@microsoft.azure_autorest-core@2.0.4168/node_modules/@microsoft.azure/autorest-core" - }, - "extensionManager": { - "installationPath": "/root/.autorest", - "dotnetPath": "/root/.dotnet" - }, - "installationPath": "/root/.autorest" - }, - { - "resolvedInfo": null, - "packageMetadata": { - "name": "@microsoft.azure/autorest.modeler", - "version": "2.1.22", - "dependencies": { - "dotnet-2.0.0": "^1.4.4" - }, - "optionalDependencies": {}, - "devDependencies": { - "coffee-script": "^1.11.1", - "dotnet-sdk-2.0.0": "^1.4.4", - "gulp": "^3.9.1", - "gulp-filter": "^5.0.0", - "gulp-line-ending-corrector": "^1.0.1", - "iced-coffee-script": "^108.0.11", - "marked": "^0.3.6", - "marked-terminal": "^2.0.0", - "moment": "^2.17.1", - "run-sequence": "*", - "shx": "^0.2.2", - "through2-parallel": "^0.1.3", - "yargs": "^8.0.2", - "yarn": "^1.0.2" - }, - "bundleDependencies": false, - "peerDependencies": {}, - "deprecated": false, - "_resolved": "/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler", - "_shasum": "ca425289fa38a210d279729048a4a91673f09c67", - "_shrinkwrap": null, - "bin": null, - "_id": "@microsoft.azure/autorest.modeler@2.1.22", - "_from": "file:/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler", - "_requested": { - "type": "directory", - "where": "/git-restapi", - "raw": "/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler", - "rawSpec": "/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler", - "saveSpec": "file:/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler", - "fetchSpec": "/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler" - }, - "_spec": "/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler", - "_where": "/root/.autorest/@microsoft.azure_autorest.modeler@2.1.22/node_modules/@microsoft.azure/autorest.modeler" - }, - "extensionManager": { - "installationPath": "/root/.autorest", - "dotnetPath": "/root/.dotnet" - }, - "installationPath": "/root/.autorest" - }, - { - "resolvedInfo": null, - "packageMetadata": { - "name": "@microsoft.azure/autorest.python", - "version": "2.0.17", - "dependencies": { - "dotnet-2.0.0": "^1.4.4" - }, - "optionalDependencies": {}, - "devDependencies": { - "@microsoft.azure/autorest.testserver": "^1.9.0", - "autorest": "^2.0.0", - "coffee-script": "^1.11.1", - "dotnet-sdk-2.0.0": "^1.4.4", - "gulp": "^3.9.1", - "gulp-filter": "^5.0.0", - "gulp-line-ending-corrector": "^1.0.1", - "iced-coffee-script": "^108.0.11", - "marked": "^0.3.6", - "marked-terminal": "^2.0.0", - "moment": "^2.17.1", - "run-sequence": "*", - "shx": "^0.2.2", - "through2-parallel": "^0.1.3", - "yargs": "^8.0.2", - "yarn": "^1.0.2" - }, - "bundleDependencies": false, - "peerDependencies": {}, - "deprecated": false, - "_resolved": "/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python", - "_shasum": "84a951c19c502343726cfe33cf43cefa76219b39", - "_shrinkwrap": null, - "bin": null, - "_id": "@microsoft.azure/autorest.python@2.0.17", - "_from": "file:/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python", - "_requested": { - "type": "directory", - "where": "/git-restapi", - "raw": "/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python", - "rawSpec": "/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python", - "saveSpec": "file:/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python", - "fetchSpec": "/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python" - }, - "_spec": "/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python", - "_where": "/root/.autorest/@microsoft.azure_autorest.python@2.0.17/node_modules/@microsoft.azure/autorest.python" - }, - "extensionManager": { - "installationPath": "/root/.autorest", - "dotnetPath": "/root/.dotnet" - }, - "installationPath": "/root/.autorest" - } - ], - "autorest_bootstrap": { - "dependencies": { - "autorest": { - "version": "2.0.4147", - "from": "autorest@latest", - "resolved": "https://registry.npmjs.org/autorest/-/autorest-2.0.4147.tgz" - } - } - }, - "date": "2017-10-17T19:17:51Z" -} \ No newline at end of file diff --git a/azure-mgmt-authorization/tests/recordings/test_mgmt_authorization.test_role_assignment.yaml b/azure-mgmt-authorization/tests/recordings/test_mgmt_authorization.test_role_assignment.yaml new file mode 100644 index 000000000000..0cdf76759d25 --- /dev/null +++ b/azure-mgmt-authorization/tests/recordings/test_mgmt_authorization.test_role_assignment.yaml @@ -0,0 +1,63 @@ +interactions: +- request: + body: 'b''b\''b\\\''b\\\\\\\''{"properties": {"roleDefinitionId": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "6d33bfc8-e476-11e8-915d-f2801f1b9fd1"}}\\\\\\\''\\\''\''''' + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + Connection: [keep-alive] + Content-Length: ['233'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.3 (Windows-10-10.0.17134-SP0) msrest/0.6.0 msrest_azure/0.4.34 + azure-mgmt-authorization/0.50.2 Azure-SDK-For-Python] + accept-language: [en-US] + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test_mgmt_authorization_test_role_assignment9e52125c/providers/Microsoft.Authorization/roleAssignments/ddfe2dc0-9858-442f-aca3-ac215947a815?api-version=2018-09-01-preview + response: + body: {string: '{"properties":{"roleDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c","principalId":"6d33bfc8-e476-11e8-915d-f2801f1b9fd1","principalType":"ServicePrincipal","scope":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test_mgmt_authorization_test_role_assignment9e52125c","createdOn":"2018-11-09T23:22:30.7697296Z","updatedOn":"2018-11-09T23:22:30.7697296Z","createdBy":null,"updatedBy":"6d33bfc8-e476-11e8-915d-f2801f1b9fd1"},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test_mgmt_authorization_test_role_assignment9e52125c/providers/Microsoft.Authorization/roleAssignments/ddfe2dc0-9858-442f-aca3-ac215947a815","type":"Microsoft.Authorization/roleAssignments","name":"ddfe2dc0-9858-442f-aca3-ac215947a815"}'} + headers: + cache-control: [no-cache] + content-length: ['857'] + content-type: [application/json; charset=utf-8] + date: ['Fri, 09 Nov 2018 23:22:31 GMT'] + expires: ['-1'] + pragma: [no-cache] + server: [Microsoft-IIS/10.0] + set-cookie: [x-ms-gateway-slice=productionb; path=/; secure; HttpOnly] + strict-transport-security: [max-age=31536000; includeSubDomains] + x-content-type-options: [nosniff] + x-ms-ratelimit-remaining-subscription-writes: ['1199'] + x-ms-request-charge: ['2'] + status: {code: 201, message: Created} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + Connection: [keep-alive] + Content-Length: ['0'] + Cookie: [x-ms-gateway-slice=productionb] + User-Agent: [python/3.6.3 (Windows-10-10.0.17134-SP0) msrest/0.6.0 msrest_azure/0.4.34 + azure-mgmt-authorization/0.50.2 Azure-SDK-For-Python] + accept-language: [en-US] + method: DELETE + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test_mgmt_authorization_test_role_assignment9e52125c/providers/Microsoft.Authorization/roleAssignments/ddfe2dc0-9858-442f-aca3-ac215947a815?api-version=2018-09-01-preview + response: + body: {string: '{"properties":{"roleDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c","principalId":"6d33bfc8-e476-11e8-915d-f2801f1b9fd1","principalType":"ServicePrincipal","scope":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test_mgmt_authorization_test_role_assignment9e52125c","createdOn":"2018-11-09T23:22:31.8326536Z","updatedOn":"2018-11-09T23:22:31.8326536Z","createdBy":"6d33bfc8-e476-11e8-915d-f2801f1b9fd1","updatedBy":"6d33bfc8-e476-11e8-915d-f2801f1b9fd1"},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test_mgmt_authorization_test_role_assignment9e52125c/providers/Microsoft.Authorization/roleAssignments/ddfe2dc0-9858-442f-aca3-ac215947a815","type":"Microsoft.Authorization/roleAssignments","name":"ddfe2dc0-9858-442f-aca3-ac215947a815"}'} + headers: + cache-control: [no-cache] + content-length: ['891'] + content-type: [application/json; charset=utf-8] + date: ['Fri, 09 Nov 2018 23:22:34 GMT'] + expires: ['-1'] + pragma: [no-cache] + server: [Microsoft-IIS/10.0] + set-cookie: [x-ms-gateway-slice=productionb; path=/; secure; HttpOnly] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: [Accept-Encoding] + x-content-type-options: [nosniff] + x-ms-ratelimit-remaining-subscription-deletes: ['14999'] + x-ms-request-charge: ['2'] + status: {code: 200, message: OK} +version: 1 diff --git a/azure-mgmt-authorization/tests/recordings/test_mgmt_authorization.test_role_definitions.yaml b/azure-mgmt-authorization/tests/recordings/test_mgmt_authorization.test_role_definitions.yaml new file mode 100644 index 000000000000..3054ab1a7f5f --- /dev/null +++ b/azure-mgmt-authorization/tests/recordings/test_mgmt_authorization.test_role_definitions.yaml @@ -0,0 +1,31 @@ +interactions: +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + Connection: [keep-alive] + User-Agent: [python/3.6.3 (Windows-10-10.0.17134-SP0) msrest/0.6.0 msrest_azure/0.4.34 + azure-mgmt-authorization/0.50.2 Azure-SDK-For-Python] + accept-language: [en-US] + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test_mgmt_authorization_test_role_definitionsb07e12bf/providers/Microsoft.Authorization/roleDefinitions?$filter=roleName%20eq%20%27Contributor%27&api-version=2018-01-01-preview + response: + body: {string: '{"value":[{"properties":{"roleName":"Contributor","type":"BuiltInRole","description":"Lets + you manage everything except access to resources.","assignableScopes":["/"],"permissions":[{"actions":["*"],"notActions":["Microsoft.Authorization/*/Delete","Microsoft.Authorization/*/Write","Microsoft.Authorization/elevateAccess/Action","Microsoft.Blueprint/blueprintAssignments/write","Microsoft.Blueprint/blueprintAssignments/delete"],"dataActions":[],"notDataActions":[]}],"createdOn":"0001-01-01T08:00:00.0000000Z","updatedOn":"2018-05-30T19:22:32.4538167Z","createdBy":null,"updatedBy":null},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c","type":"Microsoft.Authorization/roleDefinitions","name":"b24988ac-6180-42a0-ab88-20f7382dd24c"}]}'} + headers: + cache-control: [no-cache] + content-length: ['832'] + content-type: [application/json; charset=utf-8] + date: ['Fri, 09 Nov 2018 21:39:29 GMT'] + expires: ['-1'] + pragma: [no-cache] + server: [Microsoft-IIS/10.0] + set-cookie: [x-ms-gateway-slice=productionb; path=/; secure; HttpOnly] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: [Accept-Encoding] + x-content-type-options: [nosniff] + x-ms-request-charge: ['1'] + status: {code: 200, message: OK} +version: 1 diff --git a/azure-mgmt-authorization/tests/test_mgmt_authorization.py b/azure-mgmt-authorization/tests/test_mgmt_authorization.py index 47902288516c..349ee6d86a0e 100644 --- a/azure-mgmt-authorization/tests/test_mgmt_authorization.py +++ b/azure-mgmt-authorization/tests/test_mgmt_authorization.py @@ -23,12 +23,45 @@ def test_authorization(self, resource_group, location): permissions = self.authorization_client.permissions.list_for_resource_group( resource_group.name ) - + permissions = list(permissions) self.assertEqual(len(permissions), 1) self.assertEqual(permissions[0].actions[0], '*') + @ResourceGroupPreparer() + def test_role_definitions(self, resource_group, location): + # Get "Contributor" built-in role as a RoleDefinition object + role_name = 'Contributor' + roles = list(self.authorization_client.role_definitions.list( + resource_group.id, + filter="roleName eq '{}'".format(role_name) + )) + assert len(roles) == 1 + + @ResourceGroupPreparer() + def test_role_assignment(self, resource_group, location): + contributor_id = "b24988ac-6180-42a0-ab88-20f7382dd24c" # Reserved UUID for contributor on Azure + + contributor_full_id = "/subscriptions/{}/providers/Microsoft.Authorization/roleDefinitions/{}".format( + self.settings.SUBSCRIPTION_ID, + contributor_id + ) + + role_name = "ddfe2dc0-9858-442f-aca3-ac215947a815" # Consistent for testing, but not significant + role_assignment = self.authorization_client.role_assignments.create( + resource_group.id, + role_name, + { + 'role_definition_id': contributor_full_id, + 'principal_id': '6d33bfc8-e476-11e8-915d-f2801f1b9fd1' # Should be service principal object ID + } + ) + + self.authorization_client.role_assignments.delete( + resource_group.id, + role_assignment.name, + ) #------------------------------------------------------------------------------ if __name__ == '__main__':