-
Notifications
You must be signed in to change notification settings - Fork 3.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Pass principal type during role assignment put operations (#13590)
* Added principal type to New-AzRoleDefinition calls * add principal type check for update role assignment * re-record tests * fix tests * update test * skip non deterministic tests * delete credentials * use ressource string
- Loading branch information
Showing
19 changed files
with
25,778 additions
and
15,321 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -707,17 +707,19 @@ function Test-RaCreatedBySP | |
#Setup | ||
# Conect to azure with SP | ||
# If you need to re-record replace this setup | ||
$passwd = ConvertTo-SecureString 'MCg1SVb3MX' -AsPlainText -Force | ||
$pscredential = New-Object System.Management.Automation.PSCredential('c82180ed-2f4b-4cb2-965f-ec5088751710' , $passwd) | ||
$tenantId = '1462fd46-afe5-491b-a340-31ebae81d1ce' | ||
Connect-AzAccount -ServicePrincipal -Credential $pscredential -Tenant $tenantId | ||
$passwd = ConvertTo-SecureString 'password' -AsPlainText -Force | ||
$pscredential = New-Object System.Management.Automation.PSCredential('33333333-3333-3333-3333-333333333333' , $passwd) | ||
$tenantId = '33333333-3333-3333-3333-333333333333' | ||
$subId = '33333333-3333-3333-3333-333333333333' | ||
Connect-AzAccount -ServicePrincipal -Credential $pscredential -Tenant $tenantId -Subscription $subId | ||
|
||
# Create role assignment | ||
$testUser = '1d2121a7-1943-4c7a-a872-b1b2069db55a' | ||
$testUser = '11b1042e-d5b6-4f65-b308-d69565f16f1e' | ||
$userUPN = '[email protected]' | ||
$data = New-AzRoleAssignmentWithId ` | ||
-ObjectId $testUser ` | ||
-SignInName $userUPN ` | ||
-RoleDefinitionName 'Contributor' ` | ||
-Scope '/subscriptions/3e123c33-5ffc-400f-a9f8-a073bf35f8ca/resourceGroups/daorozco_bug_repro' ` | ||
-Scope '/subscriptions/33333333-3333-3333-3333-333333333333/resourceGroups/contoso_rg' ` | ||
-RoleAssignmentId f0f113bd-7ff9-4eb6-b949-5de18d1b38ca | ||
|
||
Assert-NotNull $data | ||
|
@@ -757,9 +759,9 @@ Create role assignment with v2 conditions | |
#> | ||
function Test-RaWithV2Conditions{ | ||
#Given | ||
$RoleDefinitionId = "acdd72a7-3385-48ef-bd42-f606fba81ae7" | ||
$PrincipalId = "01072e9b-c4a1-4246-a756-031b529bbf66" | ||
$Scope = '/subscriptions/4e5329a6-39ce-4e13-b12e-11b30f015986/resourceGroups/contoso_rg' | ||
$RoleDefinitionId = "0353ee0a-19ae-4380-ba3d-d54767c75d5b" | ||
$PrincipalId = "37f3094a-d6e2-48cf-849e-cfa8546088ee" | ||
$Scope = '/subscriptions/ba90acaf-20c8-48bc-a73d-8643dbe0fee6/resourceGroups/contoso_rg' | ||
$Description = "This test should not fail" | ||
$Condition = "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:Name] StringEqualsIgnoreCase 'foo_storage_container'" | ||
$ConditionVersion = "2.0" | ||
|
@@ -794,9 +796,9 @@ Create role assignment with v2 conditions | |
#> | ||
function Test-RaWithV2ConditionsOnly{ | ||
#Given | ||
$RoleDefinitionId = "acdd72a7-3385-48ef-bd42-f606fba81ae7" | ||
$PrincipalId = "01072e9b-c4a1-4246-a756-031b529bbf66" | ||
$Scope = '/subscriptions/4e5329a6-39ce-4e13-b12e-11b30f015986/resourceGroups/contoso_rg' | ||
$RoleDefinitionId = "0353ee0a-19ae-4380-ba3d-d54767c75d5b" | ||
$PrincipalId = "37f3094a-d6e2-48cf-849e-cfa8546088ee" | ||
$Scope = '/subscriptions/ba90acaf-20c8-48bc-a73d-8643dbe0fee6/resourceGroups/contoso_rg' | ||
$Description = "This test should not fail" | ||
$Condition = "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:Name] StringEqualsIgnoreCase 'foo_storage_container'" | ||
|
||
|
@@ -855,9 +857,9 @@ update role assignment with v2 conditions | |
function Test-UpdateRa{ | ||
|
||
# Given | ||
$RoleDefinitionId = "acdd72a7-3385-48ef-bd42-f606fba81ae7" | ||
$PrincipalId = "01072e9b-c4a1-4246-a756-031b529bbf66" | ||
$Scope = '/subscriptions/4e5329a6-39ce-4e13-b12e-11b30f015986/resourceGroups/contoso_rg' | ||
$RoleDefinitionId = "0353ee0a-19ae-4380-ba3d-d54767c75d5b" | ||
$PrincipalId = "37f3094a-d6e2-48cf-849e-cfa8546088ee" | ||
$Scope = '/subscriptions/ba90acaf-20c8-48bc-a73d-8643dbe0fee6/resourceGroups/contoso_rg' | ||
$Description1 = "This test should not fail" | ||
$Condition1 = "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:Name] StringEqualsIgnoreCase 'foo_storage_container'" | ||
$ConditionVersion = "2.0" | ||
|
5,117 changes: 3,172 additions & 1,945 deletions
5,117
...rds/Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaById.json
Large diffs are not rendered by default.
Oops, something went wrong.
4,817 changes: 3,244 additions & 1,573 deletions
4,817
...crosoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaByResource.json
Large diffs are not rendered by default.
Oops, something went wrong.
4,840 changes: 3,204 additions & 1,636 deletions
4,840
...ft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaByResourceGroup.json
Large diffs are not rendered by default.
Oops, something went wrong.
3,138 changes: 1,890 additions & 1,248 deletions
3,138
.../Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaByScope.json
Large diffs are not rendered by default.
Oops, something went wrong.
3,152 changes: 1,885 additions & 1,267 deletions
3,152
...crosoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaDelegation.json
Large diffs are not rendered by default.
Oops, something went wrong.
4,963 changes: 3,106 additions & 1,857 deletions
4,963
...Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaDeleteByPSRoleAssignment.json
Large diffs are not rendered by default.
Oops, something went wrong.
4,961 changes: 3,105 additions & 1,856 deletions
4,961
...ft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaDeletionByScope.json
Large diffs are not rendered by default.
Oops, something went wrong.
3,126 changes: 1,872 additions & 1,254 deletions
3,126
...mmands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaDeletionByScopeAtRootScope.json
Large diffs are not rendered by default.
Oops, something went wrong.
5,756 changes: 3,501 additions & 2,255 deletions
5,756
...crosoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RaGetByScope.json
Large diffs are not rendered by default.
Oops, something went wrong.
Oops, something went wrong.