From d045e2c50c70f318e78eaa8c55f3deb14c6cb21a Mon Sep 17 00:00:00 2001 From: Shubham Agarwal Date: Tue, 22 Sep 2015 11:38:53 -0700 Subject: [PATCH 1/7] Graph call optimization and parameter fixes --- .../Commands.Resources.Test.csproj | 2 +- .../Commands.Resources.csproj | 2 +- .../ADObjectFilterOptions.cs | 4 + .../ActiveDirectoryClient.cs | 16 ++- .../ActiveDirectoryClientExtensions.cs | 10 ++ .../Models.ActiveDirectory/PSADUser.cs | 2 + .../Models.ActiveDirectory/ParameterSet.cs | 4 + .../AuthorizationClient.cs | 16 ++- .../AuthorizationClientExtensions.cs | 121 ++++++++++-------- .../PSGroupRoleAssignment.cs | 1 - .../Models.Authorization/PSRoleAssignment.cs | 12 +- .../PSServiceRoleAssignment.cs | 1 - .../PSUserRoleAssignment.cs | 3 - .../RemoveAzureRoleAssignmentCommand.cs | 42 ++---- .../Commands.Resources/packages.config | 2 +- 15 files changed, 133 insertions(+), 105 deletions(-) diff --git a/src/ResourceManager/Resources/Commands.Resources.Test/Commands.Resources.Test.csproj b/src/ResourceManager/Resources/Commands.Resources.Test/Commands.Resources.Test.csproj index 07bf668bd4b7..d78e98937513 100644 --- a/src/ResourceManager/Resources/Commands.Resources.Test/Commands.Resources.Test.csproj +++ b/src/ResourceManager/Resources/Commands.Resources.Test/Commands.Resources.Test.csproj @@ -62,7 +62,7 @@ False - ..\..\..\packages\Microsoft.Azure.Graph.RBAC.1.7.0-preview\lib\net40\Microsoft.Azure.Graph.RBAC.dll + ..\..\..\packages\Microsoft.Azure.Graph.RBAC.1.7.1-preview\lib\net40\Microsoft.Azure.Graph.RBAC.dll ..\..\..\packages\Microsoft.Azure.Insights.0.7.7-preview\lib\net45\Microsoft.Azure.Insights.dll diff --git a/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj b/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj index d8d206f7f880..064a78c169c4 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj +++ b/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj @@ -66,7 +66,7 @@ False - ..\..\..\packages\Microsoft.Azure.Graph.RBAC.1.7.0-preview\lib\net40\Microsoft.Azure.Graph.RBAC.dll + ..\..\..\packages\Microsoft.Azure.Graph.RBAC.1.7.1-preview\lib\net40\Microsoft.Azure.Graph.RBAC.dll False diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ADObjectFilterOptions.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ADObjectFilterOptions.cs index f6ed5686b790..5eb8164569fc 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ADObjectFilterOptions.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ADObjectFilterOptions.cs @@ -19,6 +19,8 @@ public class ADObjectFilterOptions { public string SearchString { get; set; } + public string SignInName { get; set; } + public string Mail { get; set; } public string UPN { get; set; } @@ -48,6 +50,8 @@ public string ActiveFilter return SPN; else if (!string.IsNullOrEmpty(Mail)) return Mail; + else if (!string.IsNullOrEmpty(SignInName)) + return SignInName; else if (!string.IsNullOrEmpty(SearchString)) return SearchString; else diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs index 979c90f584c9..ea8cb54d3d48 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs @@ -5,7 +5,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software +// Unless required by applicable law or agreed to in writing, softwareF // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and @@ -47,7 +47,7 @@ public PSADObject GetADObject(ADObjectFilterOptions options) Debug.Assert(options != null); - if (IsSet(options.Mail, options.UPN, options.Id)) + if (IsSet(options.SignInName, options.Mail, options.UPN, options.Id)) { result = FilterUsers(options).FirstOrDefault(); } @@ -163,11 +163,11 @@ public List FilterUsers(ADObjectFilterOptions options) users.Add(user.ToPSADUser()); } } - else if (!string.IsNullOrEmpty(options.Mail)) + else if (!string.IsNullOrEmpty(options.Mail) || !string.IsNullOrEmpty(options.SignInName)) { try { - user = GraphClient.User.GetBySignInName(options.Mail).Users.FirstOrDefault(); + user = GraphClient.User.GetBySignInName(Normalize(options.Mail) ?? Normalize(options.SignInName)).Users.FirstOrDefault(); } catch { /* The user does not exist, ignore the exception. */ } @@ -225,6 +225,14 @@ public List ListUserGroups(string principal) return result; } + public List GetObjectsByObjectId(List objectIds) + { + List result = new List(); + var aadObjectList = GraphClient.Objects.GetObjectsByObjectIds(new GetObjectsParameters { Ids = objectIds }).AADObject; + result.AddRange(aadObjectList.Select(o => o.ToPSADObject())); + return result; + } + public List FilterGroups(ADObjectFilterOptions options) { List groups = new List(); diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs index 59f2b4f10cc4..3acff213a055 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs @@ -51,6 +51,7 @@ public static PSADObject ToPSADObject(this AADObject obj) Id = new Guid(obj.ObjectId), Type = obj.ObjectType, UserPrincipalName = obj.UserPrincipalName, + SignInName = obj.SignInName, Mail = obj.Mail }; } @@ -66,6 +67,15 @@ public static PSADObject ToPSADObject(this AADObject obj) }; } + else if (obj.ObjectType == typeof(ServicePrincipal).Name) + { + return new PSADServicePrincipal() + { + DisplayName = obj.DisplayName, + Id = new Guid(obj.ObjectId), + Type = obj.ObjectType + }; + } else { return new PSADObject() diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/PSADUser.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/PSADUser.cs index 9a932096a175..af4c6b903b1b 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/PSADUser.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/PSADUser.cs @@ -19,5 +19,7 @@ public class PSADUser : PSADObject public string UserPrincipalName { get; set; } public string Mail { get; set; } + + public string SignInName { get; set; } } } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs index ab606a7b9324..ab92d8dad3da 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs @@ -34,6 +34,8 @@ internal static class ParameterSet public const string ScopeWithSPN = "ScopeWithSPNParameterSet"; + public const string ScopeWithSignInName = "ScopeWithSignInNameParameterSet"; + public const string ScopeWithObjectId = "ScopeWithObjectIdParameterSet"; public const string ResourceGroup = "ResourceGroupParameterSet"; @@ -54,6 +56,8 @@ internal static class ParameterSet public const string ResourceWithSPN = "ResourceWithSPNParameterSet"; + public const string ResourceWithSignInName = "ResourceWithSignInNameParameterSet"; + public const string ResourceWithObjectId = "ResourceWithObjectIdParameterSet"; public const string ApplicationWithoutCredential = "ApplicationWithoutCredentialParameterSet"; diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs index 492286d1c21a..0e4477228ebc 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs @@ -68,6 +68,7 @@ public PSRoleDefinition GetRoleDefinition(string roleId) /// /// Filters the existing role Definitions. + /// If name is not provided, all role definitions are fetched. /// /// The role name /// The matched role Definitions @@ -122,7 +123,11 @@ public PSRoleAssignment CreateRoleAssignment(FilterRoleAssignmentsOptions parame }; AuthorizationManagementClient.RoleAssignments.Create(parameters.Scope, roleAssignmentId, createParameters); - return AuthorizationManagementClient.RoleAssignments.Get(parameters.Scope, roleAssignmentId).RoleAssignment.ToPSRoleAssignment(this, ActiveDirectoryClient); + + RoleAssignment assignment = AuthorizationManagementClient.RoleAssignments.Get(parameters.Scope, roleAssignmentId).RoleAssignment; + IEnumerable assignments = new List() { assignment }; + + return assignments.ToPSRoleAssignments(this, ActiveDirectoryClient).FirstOrDefault(); } /// @@ -139,8 +144,10 @@ public List FilterRoleAssignments(FilterRoleAssignmentsOptions { // Filter first by principal parameters.PrincipalId = string.IsNullOrEmpty(options.ADObjectFilter.Id) ? ActiveDirectoryClient.GetObjectId(options.ADObjectFilter) : Guid.Parse(options.ADObjectFilter.Id); + result.AddRange(AuthorizationManagementClient.RoleAssignments.List(parameters) - .RoleAssignments.Select(r => r.ToPSRoleAssignment(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals)).Where(r => r != null)); + .RoleAssignments.ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals)); + // Filter out by scope if (!string.IsNullOrEmpty(options.Scope)) @@ -152,13 +159,14 @@ public List FilterRoleAssignments(FilterRoleAssignmentsOptions { // Filter by scope and above directly parameters.AtScope = true; + result.AddRange(AuthorizationManagementClient.RoleAssignments.ListForScope(options.Scope, parameters) - .RoleAssignments.Select(r => r.ToPSRoleAssignment(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals)).Where(r => r != null)); + .RoleAssignments.ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals)); } else { result.AddRange(AuthorizationManagementClient.RoleAssignments.List(parameters) - .RoleAssignments.Select(r => r.ToPSRoleAssignment(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals)).Where(r => r != null)); + .RoleAssignments.ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals)); } if (!string.IsNullOrEmpty(options.RoleDefinition)) diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs index 899a40641b0f..949e027cf1f6 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs @@ -44,69 +44,82 @@ public static PSRoleDefinition ToPSRoleDefinition(this RoleDefinition role) return roleDefinition; } - public static PSRoleAssignment ToPSRoleAssignment(this RoleAssignment role, AuthorizationClient policyClient, ActiveDirectoryClient activeDirectoryClient, bool excludeAssignmentsForDeletedPrincipals = true) + public static IEnumerable ToPSRoleAssignments(this IEnumerable assignments, AuthorizationClient policyClient, ActiveDirectoryClient activeDirectoryClient, bool excludeAssignmentsForDeletedPrincipals = true) { - PSRoleDefinition roleDefinition = policyClient.GetRoleDefinition(role.Properties.RoleDefinitionId); - PSADObject adObject = activeDirectoryClient.GetADObject(new ADObjectFilterOptions { Id = role.Properties.PrincipalId.ToString() }) ?? new PSADObject() { Id = role.Properties.PrincipalId }; - - if (adObject is PSADUser) + List psAssignments = new List(); + if(assignments ==null || !assignments.Any()) { - return new PSUserRoleAssignment() - { - RoleAssignmentId = role.Id, - DisplayName = adObject.DisplayName, - Actions = roleDefinition.Actions, - NotActions = roleDefinition.NotActions, - RoleDefinitionName = roleDefinition.Name, - Scope = role.Properties.Scope, - UserPrincipalName = ((PSADUser)adObject).UserPrincipalName, - Mail = ((PSADUser)adObject).Mail, - ObjectId = adObject.Id - }; + return psAssignments; } - else if (adObject is PSADGroup) + + List objectIds = new List(); + objectIds.AddRange(assignments.Select(r => r.Properties.PrincipalId.ToString())); + List adObjects = activeDirectoryClient.GetObjectsByObjectId(objectIds); + + List roleDefinitions = policyClient.FilterRoleDefinitions(name: null); + + foreach (RoleAssignment assignment in assignments) { - return new PSGroupRoleAssignment() + PSADObject adObject = adObjects.SingleOrDefault(o => o.Id == assignment.Properties.PrincipalId) ?? new PSADObject() { Id = assignment.Properties.PrincipalId }; + PSRoleDefinition roleDefinition = roleDefinitions.SingleOrDefault(r => r.Id == assignment.Properties.RoleDefinitionId) ?? new PSRoleDefinition() { Id = assignment.Properties.RoleDefinitionId }; + + if (adObject is PSADUser) { - RoleAssignmentId = role.Id, - DisplayName = adObject.DisplayName, - Actions = roleDefinition.Actions, - NotActions = roleDefinition.NotActions, - RoleDefinitionName = roleDefinition.Name, - Scope = role.Properties.Scope, - Mail = ((PSADGroup)adObject).Mail, - ObjectId = adObject.Id - }; - } - else if (adObject is PSADServicePrincipal) - { - return new PSServiceRoleAssignment() + psAssignments.Add(new PSRoleAssignment() + { + RoleAssignmentId = assignment.Name.ToString(), + DisplayName = adObject.DisplayName, + RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionName = roleDefinition.Name, + Scope = assignment.Properties.Scope, + SignInName = ((PSADUser)adObject).SignInName, + ObjectId = adObject.Id, + ObjectType = adObject.Type + }); + } + else if (adObject is PSADGroup) { - RoleAssignmentId = role.Id, - DisplayName = adObject.DisplayName, - Actions = roleDefinition.Actions, - NotActions = roleDefinition.NotActions, - RoleDefinitionName = roleDefinition.Name, - Scope = role.Properties.Scope, - ServicePrincipalName = ((PSADServicePrincipal)adObject).ServicePrincipalName, - ObjectId = adObject.Id - }; - } - else if (!excludeAssignmentsForDeletedPrincipals) - { - return new PSRoleAssignment() + psAssignments.Add(new PSRoleAssignment() + { + RoleAssignmentId = assignment.Name.ToString(), + DisplayName = adObject.DisplayName, + RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionName = roleDefinition.Name, + Scope = assignment.Properties.Scope, + ObjectId = adObject.Id, + ObjectType = adObject.Type + }); + } + else if (adObject is PSADServicePrincipal) { - RoleAssignmentId = role.Id, - DisplayName = adObject.DisplayName, - Actions = roleDefinition.Actions, - NotActions = roleDefinition.NotActions, - RoleDefinitionName = roleDefinition.Name, - Scope = role.Properties.Scope, - ObjectId = adObject.Id - }; + psAssignments.Add(new PSRoleAssignment() + { + RoleAssignmentId = assignment.Name.ToString(), + DisplayName = adObject.DisplayName, + RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionName = roleDefinition.Name, + Scope = assignment.Properties.Scope, + ObjectId = adObject.Id, + ObjectType = adObject.Type + }); + } + else if (!excludeAssignmentsForDeletedPrincipals) + { + psAssignments.Add(new PSRoleAssignment() + { + RoleAssignmentId = assignment.Name.ToString(), + DisplayName = adObject.DisplayName, + RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionName = roleDefinition.Name, + Scope = assignment.Properties.Scope, + ObjectId = adObject.Id, + }); + } + + // Ignore the assignment if principal does not exists and excludeAssignmentsForDeletedPrincipals is set to true } - return null; + return psAssignments; } } } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs index 1cb6bf0d4ee7..d09ef8fe9dcb 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs @@ -18,6 +18,5 @@ namespace Microsoft.Azure.Commands.Resources.Models.Authorization { public class PSGroupRoleAssignment : PSRoleAssignment { - public string Mail { get; set; } } } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSRoleAssignment.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSRoleAssignment.cs index f6964f43d899..826cc2d4acfc 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSRoleAssignment.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSRoleAssignment.cs @@ -21,16 +21,18 @@ public class PSRoleAssignment { public string RoleAssignmentId { get; set; } - public string DisplayName { get; set; } + public string Scope { get; set; } - public string RoleDefinitionName { get; set; } + public string DisplayName { get; set; } - public List Actions { get; set; } + public string SignInName { get; set; } - public List NotActions { get; set; } + public string RoleDefinitionName { get; set; } - public string Scope { get; set; } + public string RoleDefinitionId { get; set; } public Guid ObjectId { get; set; } + + public string ObjectType { get; set; } } } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs index 935977a74f97..704e146505dc 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs @@ -18,6 +18,5 @@ namespace Microsoft.Azure.Commands.Resources.Models.Authorization { public class PSServiceRoleAssignment : PSRoleAssignment { - public string ServicePrincipalName { get; set; } } } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs index 61e6c72bfd81..b3534a110be1 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs @@ -18,8 +18,5 @@ namespace Microsoft.Azure.Commands.Resources.Models.Authorization { public class PSUserRoleAssignment : PSRoleAssignment { - public string UserPrincipalName { get; set; } - - public string Mail { get; set; } } } diff --git a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs index 56307658148e..eb54113144f7 100644 --- a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs +++ b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs @@ -38,20 +38,13 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Alias("Id", "PrincipalId")] public Guid ObjectId { get; set; } - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "The user or group email address.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithMail, - HelpMessage = "The user or group email address.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, + HelpMessage = "The user SignInName.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, + HelpMessage = "The user SignInName.")] [ValidateNotNullOrEmpty] - public string Mail { get; set; } - - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, - HelpMessage = "The user UPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithUPN, - HelpMessage = "The user UPN.")] - [ValidateNotNullOrEmpty] - [Alias("UPN")] - public string UserPrincipalName { get; set; } + [Alias("Email", "UserPrincipalName")] + public string SignInName { get; set; } [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "The app SPN.")] @@ -63,9 +56,7 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Resource group to assign the role to.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Resource group to assign the role to.")] @@ -74,9 +65,7 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Resource to assign the role to.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Resource to assign the role to.")] @@ -85,9 +74,7 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Type of the resource to assign the role to.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Type of the resource to assign the role to.")] @@ -96,9 +83,7 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] @@ -109,9 +94,7 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithMail, - HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] @@ -137,9 +120,8 @@ protected override void ProcessRecord() RoleDefinition = RoleDefinitionName, ADObjectFilter = new ADObjectFilterOptions { - Mail = Mail, + SignInName = SignInName, Id = ObjectId == Guid.Empty ? null : ObjectId.ToString(), - UPN = UserPrincipalName, SPN = ServicePrincipalName }, ResourceIdentifier = new ResourceIdentifier() diff --git a/src/ResourceManager/Resources/Commands.Resources/packages.config b/src/ResourceManager/Resources/Commands.Resources/packages.config index 4c4f85139e77..9fced30dcb83 100644 --- a/src/ResourceManager/Resources/Commands.Resources/packages.config +++ b/src/ResourceManager/Resources/Commands.Resources/packages.config @@ -5,7 +5,7 @@ - + From 1f174349d4268a4019ba9314d4a719ff96d89fb8 Mon Sep 17 00:00:00 2001 From: Shubham Agarwal Date: Tue, 22 Sep 2015 17:05:05 -0700 Subject: [PATCH 2/7] RoleAssignment fixes --- .../Commands.Resources.csproj | 3 - .../ActiveDirectoryClient.cs | 2 +- .../Models.ActiveDirectory/ParameterSet.cs | 16 +--- .../AuthorizationClientExtensions.cs | 23 +++-- .../PSGroupRoleAssignment.cs | 22 ----- .../PSServiceRoleAssignment.cs | 22 ----- .../PSUserRoleAssignment.cs | 22 ----- .../GetAzureRoleAssignmentCommand.cs | 94 +++++-------------- .../NewAzureRoleAssignmentCommand.cs | 64 ++++--------- .../RemoveAzureRoleAssignmentCommand.cs | 36 ++++--- 10 files changed, 86 insertions(+), 218 deletions(-) delete mode 100644 src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs delete mode 100644 src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs delete mode 100644 src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs diff --git a/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj b/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj index b141d9819878..5a0c54fdcb80 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj +++ b/src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj @@ -165,9 +165,6 @@ - - - diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs index ea8cb54d3d48..7c4d639f54f1 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs @@ -5,7 +5,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, softwareF +// Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs index ab92d8dad3da..2b49683e42e2 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ParameterSet.cs @@ -22,16 +22,14 @@ internal static class ParameterSet public const string SPN = "SPNParameterSet"; + public const string SignInName = "SignInNameParameterSet"; + public const string SearchString = "SearchStringParameterSet"; public const string ObjectId = "ObjectIdParameterSet"; public const string Scope = "ScopeParameterSet"; - public const string ScopeWithMail = "ScopeWithMailParameterSet"; - - public const string ScopeWithUPN = "ScopeWithUPNParameterSet"; - public const string ScopeWithSPN = "ScopeWithSPNParameterSet"; public const string ScopeWithSignInName = "ScopeWithSignInNameParameterSet"; @@ -40,19 +38,13 @@ internal static class ParameterSet public const string ResourceGroup = "ResourceGroupParameterSet"; - public const string ResourceGroupWithMail = "ResourceGroupWithMailParameterSet"; - - public const string ResourceGroupWithUPN = "ResourceGroupWithUPNParameterSet"; - public const string ResourceGroupWithSPN = "ResourceGroupWithSPNParameterSet"; public const string ResourceGroupWithObjectId = "ResourceGroupWithObjectIdParameterSet"; - public const string Resource = "ResourceParameterSet"; - - public const string ResourceWithMail = "ResourceWithMailParameterSet"; + public const string ResourceGroupWithSignInName = "ResourceGroupWithSignInNameParameterSet"; - public const string ResourceWithUPN = "ResourceWithUPNParameterSet"; + public const string Resource = "ResourceParameterSet"; public const string ResourceWithSPN = "ResourceWithSPNParameterSet"; diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs index c5f2fa22344a..9381f6968e23 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs @@ -67,9 +67,9 @@ public static IEnumerable ToPSRoleAssignments(this IEnumerable { psAssignments.Add(new PSRoleAssignment() { - RoleAssignmentId = assignment.Name.ToString(), + RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, - RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionId = roleDefinition.Id.GuidFromFullyQualifiedId(), RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, SignInName = ((PSADUser)adObject).SignInName, @@ -81,9 +81,9 @@ public static IEnumerable ToPSRoleAssignments(this IEnumerable { psAssignments.Add(new PSRoleAssignment() { - RoleAssignmentId = assignment.Name.ToString(), + RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, - RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionId = roleDefinition.Id.GuidFromFullyQualifiedId(), RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, ObjectId = adObject.Id, @@ -94,9 +94,9 @@ public static IEnumerable ToPSRoleAssignments(this IEnumerable { psAssignments.Add(new PSRoleAssignment() { - RoleAssignmentId = assignment.Name.ToString(), + RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, - RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionId = roleDefinition.Id.GuidFromFullyQualifiedId(), RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, ObjectId = adObject.Id, @@ -107,9 +107,9 @@ public static IEnumerable ToPSRoleAssignments(this IEnumerable { psAssignments.Add(new PSRoleAssignment() { - RoleAssignmentId = assignment.Name.ToString(), + RoleAssignmentId = assignment.Id, DisplayName = adObject.DisplayName, - RoleDefinitionId = roleDefinition.Id, //*****check + RoleDefinitionId = roleDefinition.Id.GuidFromFullyQualifiedId(), RoleDefinitionName = roleDefinition.Name, Scope = assignment.Properties.Scope, ObjectId = adObject.Id, @@ -129,8 +129,13 @@ public static PSRoleAssignment ToPSRoleAssignment(this ClassicAdministrator clas RoleDefinitionName = classicAdministrator.Properties.Role, DisplayName = classicAdministrator.Properties.EmailAddress, Scope = "/subscriptions/" + currentSubscriptionId, - Actions = new List() {"*"} + ObjectType = "User" }; } + + private static string GuidFromFullyQualifiedId(this string Id) + { + return Id.TrimEnd('/').Substring(Id.LastIndexOf('/') + 1); + } } } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs deleted file mode 100644 index d09ef8fe9dcb..000000000000 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSGroupRoleAssignment.cs +++ /dev/null @@ -1,22 +0,0 @@ -// ---------------------------------------------------------------------------------- -// -// Copyright Microsoft Corporation -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// ---------------------------------------------------------------------------------- - -using System.Collections.Generic; - -namespace Microsoft.Azure.Commands.Resources.Models.Authorization -{ - public class PSGroupRoleAssignment : PSRoleAssignment - { - } -} diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs deleted file mode 100644 index 704e146505dc..000000000000 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSServiceRoleAssignment.cs +++ /dev/null @@ -1,22 +0,0 @@ -// ---------------------------------------------------------------------------------- -// -// Copyright Microsoft Corporation -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// ---------------------------------------------------------------------------------- - -using System.Collections.Generic; - -namespace Microsoft.Azure.Commands.Resources.Models.Authorization -{ - public class PSServiceRoleAssignment : PSRoleAssignment - { - } -} diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs deleted file mode 100644 index b3534a110be1..000000000000 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/PSUserRoleAssignment.cs +++ /dev/null @@ -1,22 +0,0 @@ -// ---------------------------------------------------------------------------------- -// -// Copyright Microsoft Corporation -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// ---------------------------------------------------------------------------------- - -using System.Collections.Generic; - -namespace Microsoft.Azure.Commands.Resources.Models.Authorization -{ - public class PSUserRoleAssignment : PSRoleAssignment - { - } -} diff --git a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/GetAzureRoleAssignmentCommand.cs b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/GetAzureRoleAssignmentCommand.cs index 4d64f5b3bf94..c32cdb969685 100644 --- a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/GetAzureRoleAssignmentCommand.cs +++ b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/GetAzureRoleAssignmentCommand.cs @@ -39,28 +39,17 @@ public class GetAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Alias("Id", "PrincipalId")] public Guid ObjectId { get; set; } - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Mail, - HelpMessage = "The user email address.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithMail, - HelpMessage = "The user email address.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "The user email address.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithMail, - HelpMessage = "The user email address.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, + HelpMessage = "The user SignInName.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, + HelpMessage = "The user SignInName.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, + HelpMessage = "The user SignInName.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.SignInName, + HelpMessage = "The user SignInName.")] [ValidateNotNullOrEmpty] - public string Mail { get; set; } - - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithUPN, - HelpMessage = "The user UPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, - HelpMessage = "The user UPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithUPN, - HelpMessage = "The user UPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.UPN, - HelpMessage = "The user UPN.")] - [ValidateNotNullOrEmpty] - [Alias("UPN")] - public string UserPrincipalName { get; set; } + [Alias("Email", "UserPrincipalName")] + public string SignInName { get; set; } [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSPN, HelpMessage = "The app SPN.")] @@ -82,13 +71,9 @@ public class GetAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "Resource group to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithMail, - HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithUPN, - HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Resource group to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSPN, HelpMessage = "Resource group to assign the role to.")] @@ -101,9 +86,7 @@ public class GetAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "Resource to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Resource to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Resource to assign the role to.")] @@ -114,9 +97,7 @@ public class GetAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "Type of the resource to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Type of the resource to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Type of the resource to assign the role to.")] @@ -127,9 +108,7 @@ public class GetAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] @@ -138,41 +117,33 @@ public class GetAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Empty, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Mail, - HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ObjectId, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.UPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.SignInName, HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.SPN, HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Scope, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithMail, - HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroup, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithMail, - HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithObjectId, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSPN, HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Resource, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Role to assign the principals with.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Role to assign the principals with.")] @@ -183,60 +154,48 @@ public class GetAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "Scope of the role assignment. In the format of relative URI.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "Scope of the role assignment. In the format of relative URI.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithMail, - HelpMessage = "Scope of the role assignment. In the format of relative URI.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, HelpMessage = "Scope of the role assignment. In the format of relative URI.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "Scope of the role assignment. In the format of relative URI.")] [ValidateNotNullOrEmpty] public string Scope { get; set; } - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.Mail, - HelpMessage = "If specified, returns role assignments directly assigned to the principal as well as assignments to the principal's groups (transitive). Supported only for User Principals.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ObjectId, HelpMessage = "If specified, returns role assignments directly assigned to the principal as well as assignments to the principal's groups (transitive). Supported only for User Principals.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.UPN, + [Parameter(Mandatory = false, ParameterSetName = ParameterSet.SignInName, HelpMessage = "If specified, returns role assignments directly assigned to the principal as well as assignments to the principal's groups (transitive). Supported only for User Principals.")] public SwitchParameter ExpandPrincipalGroups { get; set; } [Parameter(Mandatory = false, ParameterSetName = ParameterSet.Empty, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.Mail, - HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ObjectId, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.UPN, + [Parameter(Mandatory = false, ParameterSetName = ParameterSet.SignInName, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.SPN, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.Scope, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ScopeWithMail, - HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ScopeWithUPN, + [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ScopeWithSignInName, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceGroup, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceGroupWithMail, - HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceGroupWithObjectId, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceGroupWithUPN, + [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceGroupWithSPN, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.Resource, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] [Parameter(Mandatory = false, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "If specified, also returns the subscription classic administrators as role assignments.")] @@ -250,8 +209,7 @@ protected override void ProcessRecord() RoleDefinition = RoleDefinitionName, ADObjectFilter = new ADObjectFilterOptions { - Mail = Mail, - UPN = UserPrincipalName, + SignInName = SignInName, SPN = ServicePrincipalName, Id = ObjectId == Guid.Empty ? null : ObjectId.ToString(), }, diff --git a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs index 0dff5003ac58..e5c7f4545cba 100644 --- a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs +++ b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs @@ -32,34 +32,19 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "The user or group object id.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "The user or group object id.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ObjectId, - HelpMessage = "The user or group object id.")] [ValidateNotNullOrEmpty] [Alias("Id", "PrincipalId")] public Guid ObjectId { get; set; } - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithMail, - HelpMessage = "The user or group email address.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "The user or group email address.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithMail, - HelpMessage = "The user or group email address.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Mail, - HelpMessage = "The user or group email address.")] - [ValidateNotNullOrEmpty] - public string Mail { get; set; } - - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithUPN, - HelpMessage = "The user UPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, - HelpMessage = "The user UPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithUPN, - HelpMessage = "The user UPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.UPN, - HelpMessage = "The user UPN.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, + HelpMessage = "The user SignInName.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, + HelpMessage = "The user SignInName.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, + HelpMessage = "The user SignInName.")] [ValidateNotNullOrEmpty] - [Alias("UPN")] - public string UserPrincipalName { get; set; } + [Alias("Email", "UserPrincipalName")] + public string SignInName { get; set; } [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSPN, HelpMessage = "The app SPN.")] @@ -67,8 +52,6 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "The app SPN.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "The app SPN.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.SPN, - HelpMessage = "The app SPN.")] [ValidateNotNullOrEmpty] [Alias("SPN")] public string ServicePrincipalName { get; set; } @@ -77,13 +60,9 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "Resource group to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithMail, - HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Resource group to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSPN, HelpMessage = "Resource group to assign the role to.")] @@ -94,9 +73,7 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Resource to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Resource to assign the role to.")] @@ -105,9 +82,7 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Type of the resource to assign the role to.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Type of the resource to assign the role to.")] @@ -116,22 +91,18 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithMail, - HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Parent resource of the resource to assign the role to, if there is any.")] [ValidateNotNullOrEmpty] public string ParentResource { get; set; } - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, - HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithMail, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithUPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] [ValidateNotNullOrEmpty] public string Scope { get; set; } @@ -148,8 +119,7 @@ protected override void ProcessRecord() RoleDefinition = RoleDefinitionName, ADObjectFilter = new ADObjectFilterOptions { - Mail = Mail, - UPN = UserPrincipalName, + SignInName = SignInName, SPN = ServicePrincipalName, Id = ObjectId == Guid.Empty ? null : ObjectId.ToString(), }, diff --git a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs index 666d56de2019..0b6d9ee66839 100644 --- a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs +++ b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/RemoveAzureRoleAssignmentCommand.cs @@ -32,6 +32,8 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "The user or group object id")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "The user or group object id.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithObjectId, + HelpMessage = "The user or group object id.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "The user or group object id.")] [ValidateNotNullOrEmpty] @@ -40,6 +42,8 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "The user SignInName.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, + HelpMessage = "The user SignInName.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, HelpMessage = "The user SignInName.")] [ValidateNotNullOrEmpty] @@ -48,35 +52,43 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "The app SPN.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSPN, + HelpMessage = "The app SPN.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "The app SPN.")] [ValidateNotNullOrEmpty] [Alias("SPN")] public string ServicePrincipalName { get; set; } - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithObjectId, HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource group to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSignInName, + HelpMessage = "Resource group to assign the role to.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, + HelpMessage = "Resource group to assign the role to.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithSPN, + HelpMessage = "Resource group to assign the role to.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Resource group to assign the role to.")] [ValidateNotNullOrEmpty] public string ResourceGroupName { get; set; } - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Resource to assign the role to.")] [ValidateNotNullOrEmpty] public string ResourceName { get; set; } - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithObjectId, HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSignInName, HelpMessage = "Type of the resource to assign the role to.")] - [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceWithSPN, HelpMessage = "Type of the resource to assign the role to.")] [ValidateNotNullOrEmpty] public string ResourceType { get; set; } @@ -92,11 +104,11 @@ public class RemoveAzureRoleAssignmentCommand : ResourcesBaseCmdlet [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Empty, HelpMessage = "Role to assign the principals with.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, + [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSPN, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] [ValidateNotNullOrEmpty] public string Scope { get; set; } From f7497c85b721d41cb38c2df8d42c1d78a0c08836 Mon Sep 17 00:00:00 2001 From: Robert Hencke Date: Tue, 22 Sep 2015 21:21:10 -0400 Subject: [PATCH 3/7] Fix a bunch of typos. --- .../Common/TestEnvironmentFactory.cs | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/ServiceManagement/Common/Commands.ScenarioTest/Common/TestEnvironmentFactory.cs b/src/ServiceManagement/Common/Commands.ScenarioTest/Common/TestEnvironmentFactory.cs index 24fbcfeb6aac..ec3cde25204f 100644 --- a/src/ServiceManagement/Common/Commands.ScenarioTest/Common/TestEnvironmentFactory.cs +++ b/src/ServiceManagement/Common/Commands.ScenarioTest/Common/TestEnvironmentFactory.cs @@ -36,12 +36,12 @@ public abstract class TestEnvironmentFactory public const string SubscriptionIdKey = ConnectionStringFields.SubscriptionId; /// - /// The key inside the connection string for the subscription identifier + /// The key inside the connection string for the AAD user ID /// public const string AADUserIdKey = ConnectionStringFields.UserId; /// - /// The key inside the connection string for the subscription identifier + /// The key inside the connection string for the AAD password /// public const string AADPasswordKey = ConnectionStringFields.Password; @@ -51,7 +51,7 @@ public abstract class TestEnvironmentFactory public const string BaseUriKey = ConnectionStringFields.BaseUri; /// - /// The key inside the connection string for the AAD client ID" + /// The key inside the connection string for the AAD client ID /// public const string ClientID = ConnectionStringFields.AADClientId; public const string ClientIdDefault = "1950a258-227b-4e31-a9cf-717495945fc2"; @@ -70,7 +70,7 @@ public abstract class TestEnvironmentFactory public const string StorageAccountKey = "AZURE_STORAGE_ACCOUNT"; /// - /// A raw token to be used for authentication with the give subscription ID + /// A raw token to be used for authentication with the given subscription ID /// public const string RawToken = ConnectionStringFields.RawToken; @@ -84,9 +84,9 @@ public virtual TestEnvironment GetTestEnvironment() protected abstract TestEnvironment GetTestEnvironmentFromContext(); /// - /// Return test credentials and URI using AAD auth for an OrgID account. Use this emthod with causion, it may take a dependency on ADAL + /// Return test credentials and URI using AAD auth for an OrgID account. Use this method with caution - it may take a dependency on ADAL. /// - /// The test credentials, or null if nthe appropriate environment variablke is not set. + /// The test credentials, or null if the appropriate environment variable is not set. protected virtual TestEnvironment GetOrgIdTestEnvironment(string orgIdVariable) { TestEnvironment orgIdEnvironment = null; @@ -181,7 +181,7 @@ private static string GetOrgId(string orgIdVariable) /// A dictionary of keys and values from the connection string public static IDictionary ParseConnectionString(string connectionString) { - // hacky connection string parser. We should replace with more robust connection strign parsing + // hacky connection string parser. We should replace with more robust connection string parsing IDictionary settings = new Dictionary(); string[] pairs = connectionString.Split(new char[] { ';' }); foreach (string pair in pairs) From 6ab0000ff080e8e0fe00af1e57af50cfdf3d2239 Mon Sep 17 00:00:00 2001 From: jasper-schneider Date: Wed, 23 Sep 2015 13:19:30 -0700 Subject: [PATCH 4/7] Fix Tests There was a PR changing cmdlet names from RM to Rm, and there was another PR that added some scenario tests using the RM name. Both were merged close together, causing a test issue. --- .../ScenarioTests/ComputeNodeUserTests.ps1 | 2 +- .../Commands.Batch.Test/ScenarioTests/JobScheduleTests.ps1 | 2 +- .../Commands.Batch.Test/ScenarioTests/JobTests.ps1 | 2 +- .../Commands.Batch.Test/ScenarioTests/PoolTests.ps1 | 2 +- .../Commands.Batch.Test/ScenarioTests/TaskTests.ps1 | 2 +- .../Commands.Batch/Accounts/GetBatchAccountCommand.cs | 2 +- .../Commands.Batch/Accounts/GetBatchAccountKeysCommand.cs | 2 +- .../Commands.Batch/Accounts/NewBatchAccountCommand.cs | 2 +- .../Commands.Batch/Accounts/NewBatchAccountKeyCommand.cs | 2 +- .../Commands.Batch/Accounts/RemoveBatchAccountCommand.cs | 2 +- .../Commands.Batch/Accounts/SetBatchAccountCommand.cs | 2 +- .../AzureBatch/Commands.Batch/Utils/Constants.cs | 6 +++--- 12 files changed, 14 insertions(+), 14 deletions(-) diff --git a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/ComputeNodeUserTests.ps1 b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/ComputeNodeUserTests.ps1 index 1a2070f8896d..d09ffbb343ef 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/ComputeNodeUserTests.ps1 +++ b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/ComputeNodeUserTests.ps1 @@ -49,7 +49,7 @@ function Test-UpdateComputeNodeUser { param([string]$accountName, [string]$poolId, [string]$computeNodeId, [string]$userName) - $context = Get-AzureRMBatchAccountKeys -Name $accountName + $context = Get-AzureRmBatchAccountKeys -Name $accountName # Basically just validating that we can set the parameters and execute the cmdlet without error. # If a Get user API is added, we can validate that the properties were actually updated. diff --git a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobScheduleTests.ps1 b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobScheduleTests.ps1 index b79c8db0eb71..24d61fd55cdd 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobScheduleTests.ps1 +++ b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobScheduleTests.ps1 @@ -336,7 +336,7 @@ function Test-UpdateJobSchedule { param([string]$accountName, [string]$jobScheduleId) - $context = Get-AzureRMBatchAccountKeys -Name $accountName + $context = Get-AzureRmBatchAccountKeys -Name $accountName $jobSchedule = Get-AzureBatchJobSchedule_ST $jobScheduleId -BatchContext $context diff --git a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobTests.ps1 b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobTests.ps1 index b15cb926ad8b..b4856c028c7d 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobTests.ps1 +++ b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/JobTests.ps1 @@ -333,7 +333,7 @@ function Test-UpdateJob { param([string]$accountName, [string]$jobId) - $context = Get-AzureRMBatchAccountKeys -Name $accountName + $context = Get-AzureRmBatchAccountKeys -Name $accountName # Create the job with an auto pool $poolSpec = New-Object Microsoft.Azure.Commands.Batch.Models.PSPoolSpecification diff --git a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/PoolTests.ps1 b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/PoolTests.ps1 index 0691a39b03a3..d777942ed99a 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/PoolTests.ps1 +++ b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/PoolTests.ps1 @@ -172,7 +172,7 @@ function Test-UpdatePool { param([string]$accountName, [string]$poolId) - $context = Get-AzureRMBatchAccountKeys -Name $accountName + $context = Get-AzureRmBatchAccountKeys -Name $accountName $pool = Get-AzureBatchPool_ST $poolId -BatchContext $context diff --git a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/TaskTests.ps1 b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/TaskTests.ps1 index 01cd2dd1cf2f..b1a0a15559cb 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/TaskTests.ps1 +++ b/src/ResourceManager/AzureBatch/Commands.Batch.Test/ScenarioTests/TaskTests.ps1 @@ -183,7 +183,7 @@ function Test-UpdateTask { param([string]$accountName, [string]$jobId, [string]$taskId) - $context = Get-AzureRMBatchAccountKeys -Name $accountName + $context = Get-AzureRmBatchAccountKeys -Name $accountName $task = Get-AzureBatchTask_ST $jobId $taskId -BatchContext $context diff --git a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountCommand.cs b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountCommand.cs index c44be7f1441d..c96b3d129008 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountCommand.cs +++ b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountCommand.cs @@ -18,7 +18,7 @@ namespace Microsoft.Azure.Commands.Batch { - [Cmdlet(VerbsCommon.Get, Constants.AzureRMBatchAccount), OutputType(typeof(BatchAccountContext))] + [Cmdlet(VerbsCommon.Get, Constants.AzureRmBatchAccount), OutputType(typeof(BatchAccountContext))] public class GetBatchAccountCommand : BatchCmdletBase { [Alias("Name")] diff --git a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountKeysCommand.cs b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountKeysCommand.cs index 4aebcda70028..59f857894aa3 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountKeysCommand.cs +++ b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/GetBatchAccountKeysCommand.cs @@ -17,7 +17,7 @@ namespace Microsoft.Azure.Commands.Batch { - [Cmdlet(VerbsCommon.Get, Constants.AzureRMBatchAccountKeys), OutputType(typeof(BatchAccountContext))] + [Cmdlet(VerbsCommon.Get, Constants.AzureRmBatchAccountKeys), OutputType(typeof(BatchAccountContext))] public class GetBatchAccountKeysCommand : BatchCmdletBase { [Parameter(Position = 0, Mandatory = true, ValueFromPipelineByPropertyName = true, diff --git a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountCommand.cs b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountCommand.cs index ecd36b03e35a..40af1c9f1fe2 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountCommand.cs +++ b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountCommand.cs @@ -18,7 +18,7 @@ namespace Microsoft.Azure.Commands.Batch { - [Cmdlet(VerbsCommon.New, Constants.AzureRMBatchAccount), OutputType(typeof(BatchAccountContext))] + [Cmdlet(VerbsCommon.New, Constants.AzureRmBatchAccount), OutputType(typeof(BatchAccountContext))] public class NewBatchAccountCommand : BatchCmdletBase { [Parameter(Position = 0, Mandatory = true, ValueFromPipelineByPropertyName = true, diff --git a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountKeyCommand.cs b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountKeyCommand.cs index 14bb82c62ffe..6bdcb76a690b 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountKeyCommand.cs +++ b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/NewBatchAccountKeyCommand.cs @@ -18,7 +18,7 @@ namespace Microsoft.Azure.Commands.Batch { - [Cmdlet(VerbsCommon.New, Constants.AzureRMBatchAccountKey), OutputType(typeof(BatchAccountContext))] + [Cmdlet(VerbsCommon.New, Constants.AzureRmBatchAccountKey), OutputType(typeof(BatchAccountContext))] public class RegenBatchAccountKeyCommand : BatchCmdletBase { [Parameter(Position = 0, Mandatory = true, ValueFromPipelineByPropertyName = true, diff --git a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/RemoveBatchAccountCommand.cs b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/RemoveBatchAccountCommand.cs index 8c5862fcbd09..ea7571a638b7 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/RemoveBatchAccountCommand.cs +++ b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/RemoveBatchAccountCommand.cs @@ -18,7 +18,7 @@ namespace Microsoft.Azure.Commands.Batch { - [Cmdlet(VerbsCommon.Remove, Constants.AzureRMBatchAccount)] + [Cmdlet(VerbsCommon.Remove, Constants.AzureRmBatchAccount)] public class RemoveBatchAccountCommand : BatchCmdletBase { private static string mamlCall = "RemoveAccount"; diff --git a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/SetBatchAccountCommand.cs b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/SetBatchAccountCommand.cs index fe5dc2aa071d..ffd5a5213d83 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/SetBatchAccountCommand.cs +++ b/src/ResourceManager/AzureBatch/Commands.Batch/Accounts/SetBatchAccountCommand.cs @@ -18,7 +18,7 @@ namespace Microsoft.Azure.Commands.Batch { - [Cmdlet(VerbsCommon.Set, Constants.AzureRMBatchAccount), OutputType(typeof(BatchAccountContext))] + [Cmdlet(VerbsCommon.Set, Constants.AzureRmBatchAccount), OutputType(typeof(BatchAccountContext))] public class SetBatchAccountCommand : BatchCmdletBase { [Parameter(Mandatory = true, Position = 0, ValueFromPipelineByPropertyName = true, diff --git a/src/ResourceManager/AzureBatch/Commands.Batch/Utils/Constants.cs b/src/ResourceManager/AzureBatch/Commands.Batch/Utils/Constants.cs index f2047a0a96d1..c038c2208b5e 100644 --- a/src/ResourceManager/AzureBatch/Commands.Batch/Utils/Constants.cs +++ b/src/ResourceManager/AzureBatch/Commands.Batch/Utils/Constants.cs @@ -19,9 +19,9 @@ public class Constants public const int DefaultMaxCount = 1000; // ARM cmdlet nouns - public const string AzureRMBatchAccount = "AzureRmBatchAccount"; - public const string AzureRMBatchAccountKey = "AzureRmBatchAccountKey"; - public const string AzureRMBatchAccountKeys = "AzureRmBatchAccountKeys"; + public const string AzureRmBatchAccount = "AzureRmBatchAccount"; + public const string AzureRmBatchAccountKey = "AzureRmBatchAccountKey"; + public const string AzureRmBatchAccountKeys = "AzureRmBatchAccountKeys"; // Batch Service cmdlet nouns public const string AzureBatchPool = "AzureBatchPool"; From 13a8f10fe831af09b09112441d7c136b2f980856 Mon Sep 17 00:00:00 2001 From: Shubham Agarwal Date: Wed, 23 Sep 2015 13:53:13 -0700 Subject: [PATCH 5/7] Role Assignment fixes review comments --- .../Models.ActiveDirectory/ActiveDirectoryClient.cs | 4 ++-- .../ActiveDirectoryClientExtensions.cs | 6 ++++-- .../Models.Authorization/AuthorizationClient.cs | 3 ++- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs index 7c4d639f54f1..d401b9e1d7aa 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClient.cs @@ -228,8 +228,8 @@ public List ListUserGroups(string principal) public List GetObjectsByObjectId(List objectIds) { List result = new List(); - var aadObjectList = GraphClient.Objects.GetObjectsByObjectIds(new GetObjectsParameters { Ids = objectIds }).AADObject; - result.AddRange(aadObjectList.Select(o => o.ToPSADObject())); + var adObjects = GraphClient.Objects.GetObjectsByObjectIds(new GetObjectsParameters { Ids = objectIds }).AADObject; + result.AddRange(adObjects.Select(o => o.ToPSADObject())); return result; } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs index 3acff213a055..cafbb1e26476 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.ActiveDirectory/ActiveDirectoryClientExtensions.cs @@ -73,7 +73,8 @@ public static PSADObject ToPSADObject(this AADObject obj) { DisplayName = obj.DisplayName, Id = new Guid(obj.ObjectId), - Type = obj.ObjectType + Type = obj.ObjectType, + ServicePrincipalName = obj.ServicePrincipalNames.FirstOrDefault() }; } else @@ -103,7 +104,8 @@ public static PSADUser ToPSADUser(this User user) DisplayName = user.DisplayName, Id = new Guid(user.ObjectId), UserPrincipalName = user.UserPrincipalName, - Mail = user.SignInName + Mail = user.SignInName, + SignInName = user.SignInName }; } diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs index 5708bde30438..4258bbd9c7f8 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs @@ -211,7 +211,8 @@ public List FilterRoleAssignments(FilterRoleAssignmentsOptions var userObject = adObject as PSADUser; classicAdministratorsAssignments = classicAdministratorsAssignments.Where(c => c.DisplayName.Equals(userObject.UserPrincipalName, StringComparison.OrdinalIgnoreCase) || - c.DisplayName.Equals(userObject.Mail, StringComparison.OrdinalIgnoreCase)).ToList(); + c.DisplayName.Equals(userObject.Mail, StringComparison.OrdinalIgnoreCase) || + c.DisplayName.Equals(userObject.SignInName, StringComparison.OrdinalIgnoreCase)).ToList(); } result.AddRange(classicAdministratorsAssignments); From 05be9581ebf1f61d99b5f3709a43b9d36fd2a133 Mon Sep 17 00:00:00 2001 From: Shubham Agarwal Date: Wed, 23 Sep 2015 19:18:10 -0700 Subject: [PATCH 6/7] Additional changes for RoleAssignments --- .../Models.Authorization/AuthorizationClientExtensions.cs | 1 + .../RoleAssignments/NewAzureRoleAssignmentCommand.cs | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs index 9381f6968e23..b1e7821a542b 100644 --- a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs +++ b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClientExtensions.cs @@ -128,6 +128,7 @@ public static PSRoleAssignment ToPSRoleAssignment(this ClassicAdministrator clas { RoleDefinitionName = classicAdministrator.Properties.Role, DisplayName = classicAdministrator.Properties.EmailAddress, + SignInName = classicAdministrator.Properties.EmailAddress, Scope = "/subscriptions/" + currentSubscriptionId, ObjectType = "User" }; diff --git a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs index 32be27b47294..76459623096a 100644 --- a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs +++ b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/NewAzureRoleAssignmentCommand.cs @@ -23,7 +23,7 @@ namespace Microsoft.Azure.Commands.Resources /// /// Creates new role assignment. /// - [Cmdlet(VerbsCommon.New, "AzureRmRoleAssignment"), OutputType(typeof(PSRoleAssignment))] + [Cmdlet(VerbsCommon.New, "AzureRmRoleAssignment", DefaultParameterSetName = ParameterSet.Empty), OutputType(typeof(PSRoleAssignment))] public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet { [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ResourceGroupWithObjectId, @@ -32,6 +32,8 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet HelpMessage = "The user or group object id.")] [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "The user or group object id.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Empty, + HelpMessage = "The user or group object id.")] [ValidateNotNullOrEmpty] [Alias("Id", "PrincipalId")] public Guid ObjectId { get; set; } @@ -98,6 +100,8 @@ public class NewAzureRoleAssignmentCommand : ResourcesBaseCmdlet [ValidateNotNullOrEmpty] public string ParentResource { get; set; } + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.Empty, + HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithObjectId, HelpMessage = "Scope of the role assignment. In the format of relative URI. If not specified, will assign the role at subscription level. If specified, it can either start with \"/subscriptions/\" or the part after that. If it's latter, the current subscription id will be used.")] [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ScopeWithSignInName, From 2c273185ec565df958c605dbae5b2750e0895d23 Mon Sep 17 00:00:00 2001 From: t-alguer Date: Fri, 25 Sep 2015 00:10:25 +0100 Subject: [PATCH 7/7] Fixing issue with AzureEndpoints. --- .../Models/TrafficManagerEndpoint.cs | 7 +++++-- .../Utilities/TrafficManagerClient.cs | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Models/TrafficManagerEndpoint.cs b/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Models/TrafficManagerEndpoint.cs index 1c49713a068f..db14aa458cbc 100644 --- a/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Models/TrafficManagerEndpoint.cs +++ b/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Models/TrafficManagerEndpoint.cs @@ -20,6 +20,8 @@ namespace Microsoft.Azure.Commands.TrafficManager.Models public class TrafficManagerEndpoint { + public string Id { get; set; } + public string Name { get; set; } public string ProfileName { get; set; } @@ -46,16 +48,17 @@ public Endpoint ToSDKEndpoint() { return new Endpoint { + Id = this.Id, Name = this.Name, Type = TrafficManagerEndpoint.ToSDKEndpointType(this.Type), - Id = this.TargetResourceId, Properties = new EndpointProperties { Target = this.Target, EndpointStatus = this.EndpointStatus, Weight = this.Weight, Priority = this.Priority, - EndpointLocation = this.Location + EndpointLocation = this.Location, + TargetResourceId = this.TargetResourceId } }; } diff --git a/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Utilities/TrafficManagerClient.cs b/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Utilities/TrafficManagerClient.cs index 87a220c5bd3a..2b2a1d0123d3 100644 --- a/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Utilities/TrafficManagerClient.cs +++ b/src/ResourceManager/TrafficManager/Commands.TrafficManager2/Utilities/TrafficManagerClient.cs @@ -105,7 +105,7 @@ public TrafficManagerEndpoint CreateTrafficManagerEndpoint(string resourceGroupN } }); - return TrafficManagerClient.GetPowershellTrafficManagerEndpoint(resourceGroupName, profileName, endpointType, endpointName, response.Endpoint.Properties); + return TrafficManagerClient.GetPowershellTrafficManagerEndpoint(response.Endpoint.Id, resourceGroupName, profileName, endpointType, endpointName, response.Endpoint.Properties); } public TrafficManagerProfile GetTrafficManagerProfile(string resourceGroupName, string profileName) @@ -120,6 +120,7 @@ public TrafficManagerEndpoint GetTrafficManagerEndpoint(string resourceGroupName EndpointGetResponse response = this.TrafficManagerManagementClient.Endpoints.Get(resourceGroupName, profileName, endpointType, endpointName); return TrafficManagerClient.GetPowershellTrafficManagerEndpoint( + response.Endpoint.Id, resourceGroupName, profileName, endpointType, @@ -171,6 +172,7 @@ public TrafficManagerEndpoint SetTrafficManagerEndpoint(TrafficManagerEndpoint e parameters); return TrafficManagerClient.GetPowershellTrafficManagerEndpoint( + endpoint.Id, endpoint.ResourceGroupName, endpoint.ProfileName, endpoint.Type, @@ -285,10 +287,11 @@ private static string ExtractResourceGroupFromId(string id) return id.Split('/')[4]; } - private static TrafficManagerEndpoint GetPowershellTrafficManagerEndpoint(string resourceGroupName, string profileName, string endpointType, string endpointName, EndpointProperties mamlEndpointProperties) + private static TrafficManagerEndpoint GetPowershellTrafficManagerEndpoint(string id, string resourceGroupName, string profileName, string endpointType, string endpointName, EndpointProperties mamlEndpointProperties) { return new TrafficManagerEndpoint { + Id = id, ResourceGroupName = resourceGroupName, ProfileName = profileName, Name = endpointName,