diff --git a/sdk/synapse/azure-synapse-accesscontrol/CHANGELOG.md b/sdk/synapse/azure-synapse-accesscontrol/CHANGELOG.md index dbdeb5d66e1f..18048a1f5127 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/CHANGELOG.md +++ b/sdk/synapse/azure-synapse-accesscontrol/CHANGELOG.md @@ -1,5 +1,9 @@ # Release History +## 0.5.0 (2021-02-09) + +* Update to API version 2020-08-01 + ## 0.4.0 (2020-12-08) * Internal bugfixes (re-generated with latest generator) diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_access_control_client.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_access_control_client.py index 0a13403bfad0..c4b8f7690a65 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_access_control_client.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_access_control_client.py @@ -18,13 +18,18 @@ from azure.core.credentials import TokenCredential from ._configuration import AccessControlClientConfiguration -from .operations import AccessControlClientOperationsMixin +from .operations import RoleAssignmentsOperations +from .operations import RoleDefinitionsOperations from . import models -class AccessControlClient(AccessControlClientOperationsMixin): +class AccessControlClient(object): """AccessControlClient. + :ivar role_assignments: RoleAssignmentsOperations operations + :vartype role_assignments: azure.synapse.accesscontrol.operations.RoleAssignmentsOperations + :ivar role_definitions: RoleDefinitionsOperations operations + :vartype role_definitions: azure.synapse.accesscontrol.operations.RoleDefinitionsOperations :param credential: Credential needed for the client to connect to Azure. :type credential: ~azure.core.credentials.TokenCredential :param endpoint: The workspace development endpoint, for example https://myworkspace.dev.azuresynapse.net. @@ -47,6 +52,10 @@ def __init__( self._serialize.client_side_validation = False self._deserialize = Deserializer(client_models) + self.role_assignments = RoleAssignmentsOperations( + self._client, self._config, self._serialize, self._deserialize) + self.role_definitions = RoleDefinitionsOperations( + self._client, self._config, self._serialize, self._deserialize) def close(self): # type: () -> None diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_configuration.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_configuration.py index 14b01add185f..e0483341c9c0 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_configuration.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_configuration.py @@ -47,7 +47,7 @@ def __init__( self.credential = credential self.endpoint = endpoint - self.api_version = "2020-02-01-preview" + self.api_version = "2020-08-01-preview" self.credential_scopes = kwargs.pop('credential_scopes', ['https://dev.azuresynapse.net/.default']) kwargs.setdefault('sdk_moniker', 'synapse/{}'.format(VERSION)) self._configure(**kwargs) diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_version.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_version.py index c8c0d6c52c29..c4551baee432 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_version.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/_version.py @@ -6,4 +6,4 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -VERSION = "0.4.0" +VERSION = "0.5.0" diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_access_control_client.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_access_control_client.py index 922fb6e59303..5a9dce9bbbd9 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_access_control_client.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_access_control_client.py @@ -16,13 +16,18 @@ from azure.core.credentials_async import AsyncTokenCredential from ._configuration import AccessControlClientConfiguration -from .operations import AccessControlClientOperationsMixin +from .operations import RoleAssignmentsOperations +from .operations import RoleDefinitionsOperations from .. import models -class AccessControlClient(AccessControlClientOperationsMixin): +class AccessControlClient(object): """AccessControlClient. + :ivar role_assignments: RoleAssignmentsOperations operations + :vartype role_assignments: azure.synapse.accesscontrol.aio.operations.RoleAssignmentsOperations + :ivar role_definitions: RoleDefinitionsOperations operations + :vartype role_definitions: azure.synapse.accesscontrol.aio.operations.RoleDefinitionsOperations :param credential: Credential needed for the client to connect to Azure. :type credential: ~azure.core.credentials_async.AsyncTokenCredential :param endpoint: The workspace development endpoint, for example https://myworkspace.dev.azuresynapse.net. @@ -44,6 +49,10 @@ def __init__( self._serialize.client_side_validation = False self._deserialize = Deserializer(client_models) + self.role_assignments = RoleAssignmentsOperations( + self._client, self._config, self._serialize, self._deserialize) + self.role_definitions = RoleDefinitionsOperations( + self._client, self._config, self._serialize, self._deserialize) async def close(self) -> None: await self._client.close() diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_configuration.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_configuration.py index dd26c75218a7..45c6ee3bdbac 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_configuration.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/_configuration.py @@ -44,7 +44,7 @@ def __init__( self.credential = credential self.endpoint = endpoint - self.api_version = "2020-02-01-preview" + self.api_version = "2020-08-01-preview" self.credential_scopes = kwargs.pop('credential_scopes', ['https://dev.azuresynapse.net/.default']) kwargs.setdefault('sdk_moniker', 'synapse/{}'.format(VERSION)) self._configure(**kwargs) diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/__init__.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/__init__.py index b4127a08ecec..dc7a8f54d689 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/__init__.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/__init__.py @@ -6,8 +6,10 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -from ._access_control_client_operations import AccessControlClientOperationsMixin +from ._role_assignments_operations import RoleAssignmentsOperations +from ._role_definitions_operations import RoleDefinitionsOperations __all__ = [ - 'AccessControlClientOperationsMixin', + 'RoleAssignmentsOperations', + 'RoleDefinitionsOperations', ] diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/_role_assignments_operations.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/_role_assignments_operations.py new file mode 100644 index 000000000000..79646a86451e --- /dev/null +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/_role_assignments_operations.py @@ -0,0 +1,366 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Generic, List, Optional, TypeVar +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse, HttpRequest + +from ... import models as _models + +T = TypeVar('T') +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + +class RoleAssignmentsOperations: + """RoleAssignmentsOperations async operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.synapse.accesscontrol.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer) -> None: + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + async def check_principal_access( + self, + subject: "_models.SubjectInfo", + actions: List["_models.RequiredAction"], + scope: str, + **kwargs + ) -> "_models.CheckPrincipalAccessResponse": + """Check if the given principalId has access to perform list of actions at a given scope. + + :param subject: Subject details. + :type subject: ~azure.synapse.accesscontrol.models.SubjectInfo + :param actions: List of actions. + :type actions: list[~azure.synapse.accesscontrol.models.RequiredAction] + :param scope: Scope at which the check access is done. + :type scope: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CheckPrincipalAccessResponse, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.CheckPrincipalAccessResponse + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CheckPrincipalAccessResponse"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + + _request = _models.CheckPrincipalAccessRequest(subject=subject, actions=actions, scope=scope) + api_version = "2020-08-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json, text/json" + + # Construct URL + url = self.check_principal_access.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(_request, 'CheckPrincipalAccessRequest') + body_content_kwargs['content'] = body_content + request = self._client.post(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('CheckPrincipalAccessResponse', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + check_principal_access.metadata = {'url': '/checkAccessSynapseRbac'} # type: ignore + + async def list_role_assignments( + self, + role_id: Optional[str] = None, + principal_id: Optional[str] = None, + scope: Optional[str] = None, + continuation_token_parameter: Optional[str] = None, + **kwargs + ) -> "_models.RoleAssignmentDetailsList": + """List role assignments. + + :param role_id: Synapse Built-In Role Id. + :type role_id: str + :param principal_id: Object ID of the AAD principal or security-group. + :type principal_id: str + :param scope: Scope of the Synapse Built-in Role. + :type scope: str + :param continuation_token_parameter: Continuation token. + :type continuation_token_parameter: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: RoleAssignmentDetailsList, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.RoleAssignmentDetailsList + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.RoleAssignmentDetailsList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.list_role_assignments.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + if role_id is not None: + query_parameters['roleId'] = self._serialize.query("role_id", role_id, 'str') + if principal_id is not None: + query_parameters['principalId'] = self._serialize.query("principal_id", principal_id, 'str') + if scope is not None: + query_parameters['scope'] = self._serialize.query("scope", scope, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + if continuation_token_parameter is not None: + header_parameters['x-ms-continuation'] = self._serialize.header("continuation_token_parameter", continuation_token_parameter, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + response_headers = {} + response_headers['x-ms-continuation']=self._deserialize('str', response.headers.get('x-ms-continuation')) + deserialized = self._deserialize('RoleAssignmentDetailsList', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, response_headers) + + return deserialized + list_role_assignments.metadata = {'url': '/roleAssignments'} # type: ignore + + async def create_role_assignment( + self, + role_assignment_id: str, + role_id: str, + principal_id: str, + scope: str, + principal_type: Optional[str] = None, + **kwargs + ) -> "_models.RoleAssignmentDetails": + """Create role assignment. + + :param role_assignment_id: The ID of the role assignment. + :type role_assignment_id: str + :param role_id: Role ID of the Synapse Built-In Role. + :type role_id: str + :param principal_id: Object ID of the AAD principal or security-group. + :type principal_id: str + :param scope: Scope at which the role assignment is created. + :type scope: str + :param principal_type: Type of the principal Id: User, Group or ServicePrincipal. + :type principal_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: RoleAssignmentDetails, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.RoleAssignmentDetails + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.RoleAssignmentDetails"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + + _request = _models.RoleAssignmentRequest(role_id=role_id, principal_id=principal_id, scope=scope, principal_type=principal_type) + api_version = "2020-08-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json, text/json" + + # Construct URL + url = self.create_role_assignment.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleAssignmentId': self._serialize.url("role_assignment_id", role_assignment_id, 'str', min_length=1), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(_request, 'RoleAssignmentRequest') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('RoleAssignmentDetails', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create_role_assignment.metadata = {'url': '/roleAssignments/{roleAssignmentId}'} # type: ignore + + async def get_role_assignment_by_id( + self, + role_assignment_id: str, + **kwargs + ) -> "_models.RoleAssignmentDetails": + """Get role assignment by role assignment Id. + + :param role_assignment_id: The ID of the role assignment. + :type role_assignment_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: RoleAssignmentDetails, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.RoleAssignmentDetails + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.RoleAssignmentDetails"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.get_role_assignment_by_id.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleAssignmentId': self._serialize.url("role_assignment_id", role_assignment_id, 'str', min_length=1), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('RoleAssignmentDetails', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get_role_assignment_by_id.metadata = {'url': '/roleAssignments/{roleAssignmentId}'} # type: ignore + + async def delete_role_assignment_by_id( + self, + role_assignment_id: str, + scope: Optional[str] = None, + **kwargs + ) -> None: + """Delete role assignment by role assignment Id. + + :param role_assignment_id: The ID of the role assignment. + :type role_assignment_id: str + :param scope: Scope of the Synapse Built-in Role. + :type scope: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.delete_role_assignment_by_id.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleAssignmentId': self._serialize.url("role_assignment_id", role_assignment_id, 'str', min_length=1), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + if scope is not None: + query_parameters['scope'] = self._serialize.query("scope", scope, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + if cls: + return cls(pipeline_response, None, {}) + + delete_role_assignment_by_id.metadata = {'url': '/roleAssignments/{roleAssignmentId}'} # type: ignore diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/_role_definitions_operations.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/_role_definitions_operations.py new file mode 100644 index 000000000000..39e200800bbd --- /dev/null +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/aio/operations/_role_definitions_operations.py @@ -0,0 +1,207 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Generic, List, Optional, TypeVar +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse, HttpRequest + +from ... import models as _models + +T = TypeVar('T') +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + +class RoleDefinitionsOperations: + """RoleDefinitionsOperations async operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.synapse.accesscontrol.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer) -> None: + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + async def list_role_definitions( + self, + is_built_in: Optional[bool] = None, + scope: Optional[str] = None, + **kwargs + ) -> List["_models.SynapseRoleDefinition"]: + """List role definitions. + + :param is_built_in: Is a Synapse Built-In Role or not. + :type is_built_in: bool + :param scope: Scope of the Synapse Built-in Role. + :type scope: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: list of SynapseRoleDefinition, or the result of cls(response) + :rtype: list[~azure.synapse.accesscontrol.models.SynapseRoleDefinition] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[List["_models.SynapseRoleDefinition"]] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.list_role_definitions.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + if is_built_in is not None: + query_parameters['isBuiltIn'] = self._serialize.query("is_built_in", is_built_in, 'bool') + if scope is not None: + query_parameters['scope'] = self._serialize.query("scope", scope, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('[SynapseRoleDefinition]', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + list_role_definitions.metadata = {'url': '/roleDefinitions'} # type: ignore + + async def get_role_definition_by_id( + self, + role_definition_id: str, + **kwargs + ) -> "_models.SynapseRoleDefinition": + """Get role definition by role definition Id. + + :param role_definition_id: Synapse Built-In Role Definition Id. + :type role_definition_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SynapseRoleDefinition, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.SynapseRoleDefinition + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SynapseRoleDefinition"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.get_role_definition_by_id.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleDefinitionId': self._serialize.url("role_definition_id", role_definition_id, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('SynapseRoleDefinition', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get_role_definition_by_id.metadata = {'url': '/roleDefinitions/{roleDefinitionId}'} # type: ignore + + async def list_scopes( + self, + **kwargs + ) -> List[str]: + """List rbac scopes. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: list of str, or the result of cls(response) + :rtype: list[str] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[List[str]] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.list_scopes.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('[str]', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + list_scopes.metadata = {'url': '/rbacScopes'} # type: ignore diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/__init__.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/__init__.py index 4f97daad60f8..d72b64858947 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/__init__.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/__init__.py @@ -7,28 +7,46 @@ # -------------------------------------------------------------------------- try: + from ._models_py3 import CheckAccessDecision + from ._models_py3 import CheckPrincipalAccessRequest + from ._models_py3 import CheckPrincipalAccessResponse from ._models_py3 import ErrorContract from ._models_py3 import ErrorDetail from ._models_py3 import ErrorResponse + from ._models_py3 import RequiredAction from ._models_py3 import RoleAssignmentDetails - from ._models_py3 import RoleAssignmentOptions - from ._models_py3 import RolesListResponse - from ._models_py3 import SynapseRole + from ._models_py3 import RoleAssignmentDetailsList + from ._models_py3 import RoleAssignmentRequest + from ._models_py3 import SubjectInfo + from ._models_py3 import SynapseRbacPermission + from ._models_py3 import SynapseRoleDefinition except (SyntaxError, ImportError): + from ._models import CheckAccessDecision # type: ignore + from ._models import CheckPrincipalAccessRequest # type: ignore + from ._models import CheckPrincipalAccessResponse # type: ignore from ._models import ErrorContract # type: ignore from ._models import ErrorDetail # type: ignore from ._models import ErrorResponse # type: ignore + from ._models import RequiredAction # type: ignore from ._models import RoleAssignmentDetails # type: ignore - from ._models import RoleAssignmentOptions # type: ignore - from ._models import RolesListResponse # type: ignore - from ._models import SynapseRole # type: ignore + from ._models import RoleAssignmentDetailsList # type: ignore + from ._models import RoleAssignmentRequest # type: ignore + from ._models import SubjectInfo # type: ignore + from ._models import SynapseRbacPermission # type: ignore + from ._models import SynapseRoleDefinition # type: ignore __all__ = [ + 'CheckAccessDecision', + 'CheckPrincipalAccessRequest', + 'CheckPrincipalAccessResponse', 'ErrorContract', 'ErrorDetail', 'ErrorResponse', + 'RequiredAction', 'RoleAssignmentDetails', - 'RoleAssignmentOptions', - 'RolesListResponse', - 'SynapseRole', + 'RoleAssignmentDetailsList', + 'RoleAssignmentRequest', + 'SubjectInfo', + 'SynapseRbacPermission', + 'SynapseRoleDefinition', ] diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models.py index 27e6b122a134..4d7c06a51fa3 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models.py @@ -10,6 +10,88 @@ import msrest.serialization +class CheckAccessDecision(msrest.serialization.Model): + """Check access response details. + + :param access_decision: Access Decision. + :type access_decision: str + :param action_id: Action Id. + :type action_id: str + :param role_assignment: Role Assignment response details. + :type role_assignment: ~azure.synapse.accesscontrol.models.RoleAssignmentDetails + """ + + _attribute_map = { + 'access_decision': {'key': 'accessDecision', 'type': 'str'}, + 'action_id': {'key': 'actionId', 'type': 'str'}, + 'role_assignment': {'key': 'roleAssignment', 'type': 'RoleAssignmentDetails'}, + } + + def __init__( + self, + **kwargs + ): + super(CheckAccessDecision, self).__init__(**kwargs) + self.access_decision = kwargs.get('access_decision', None) + self.action_id = kwargs.get('action_id', None) + self.role_assignment = kwargs.get('role_assignment', None) + + +class CheckPrincipalAccessRequest(msrest.serialization.Model): + """Check access request details. + + All required parameters must be populated in order to send to Azure. + + :param subject: Required. Subject details. + :type subject: ~azure.synapse.accesscontrol.models.SubjectInfo + :param actions: Required. List of actions. + :type actions: list[~azure.synapse.accesscontrol.models.RequiredAction] + :param scope: Required. Scope at which the check access is done. + :type scope: str + """ + + _validation = { + 'subject': {'required': True}, + 'actions': {'required': True}, + 'scope': {'required': True}, + } + + _attribute_map = { + 'subject': {'key': 'subject', 'type': 'SubjectInfo'}, + 'actions': {'key': 'actions', 'type': '[RequiredAction]'}, + 'scope': {'key': 'scope', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(CheckPrincipalAccessRequest, self).__init__(**kwargs) + self.subject = kwargs['subject'] + self.actions = kwargs['actions'] + self.scope = kwargs['scope'] + + +class CheckPrincipalAccessResponse(msrest.serialization.Model): + """Check access response details. + + :param access_decisions: To check if the current user, group, or service principal has + permission to read artifacts in the specified workspace. + :type access_decisions: list[~azure.synapse.accesscontrol.models.CheckAccessDecision] + """ + + _attribute_map = { + 'access_decisions': {'key': 'AccessDecisions', 'type': '[CheckAccessDecision]'}, + } + + def __init__( + self, + **kwargs + ): + super(CheckPrincipalAccessResponse, self).__init__(**kwargs) + self.access_decisions = kwargs.get('access_decisions', None) + + class ErrorContract(msrest.serialization.Model): """Contains details when the response code indicates an error. @@ -101,21 +183,57 @@ def __init__( self.details = kwargs.get('details', None) +class RequiredAction(msrest.serialization.Model): + """Action Info. + + All required parameters must be populated in order to send to Azure. + + :param id: Required. Action Id. + :type id: str + :param is_data_action: Required. Is a data action or not. + :type is_data_action: bool + """ + + _validation = { + 'id': {'required': True}, + 'is_data_action': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'is_data_action': {'key': 'isDataAction', 'type': 'bool'}, + } + + def __init__( + self, + **kwargs + ): + super(RequiredAction, self).__init__(**kwargs) + self.id = kwargs['id'] + self.is_data_action = kwargs['is_data_action'] + + class RoleAssignmentDetails(msrest.serialization.Model): """Role Assignment response details. :param id: Role Assignment ID. :type id: str - :param role_id: Role ID of the Synapse Built-In Role. - :type role_id: str + :param role_definition_id: Role ID of the Synapse Built-In Role. + :type role_definition_id: str :param principal_id: Object ID of the AAD principal or security-group. :type principal_id: str + :param scope: Scope at the role assignment is created. + :type scope: str + :param principal_type: Type of the principal Id: User, Group or ServicePrincipal. + :type principal_type: str """ _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, - 'role_id': {'key': 'roleId', 'type': 'str'}, + 'role_definition_id': {'key': 'roleDefinitionId', 'type': 'str'}, 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'scope': {'key': 'scope', 'type': 'str'}, + 'principal_type': {'key': 'principalType', 'type': 'str'}, } def __init__( @@ -124,11 +242,36 @@ def __init__( ): super(RoleAssignmentDetails, self).__init__(**kwargs) self.id = kwargs.get('id', None) - self.role_id = kwargs.get('role_id', None) + self.role_definition_id = kwargs.get('role_definition_id', None) self.principal_id = kwargs.get('principal_id', None) + self.scope = kwargs.get('scope', None) + self.principal_type = kwargs.get('principal_type', None) + + +class RoleAssignmentDetailsList(msrest.serialization.Model): + """Role Assignment response details. + + :param count: Number of role assignments. + :type count: int + :param value: A list of role assignments. + :type value: list[~azure.synapse.accesscontrol.models.RoleAssignmentDetails] + """ + + _attribute_map = { + 'count': {'key': 'count', 'type': 'int'}, + 'value': {'key': 'value', 'type': '[RoleAssignmentDetails]'}, + } + + def __init__( + self, + **kwargs + ): + super(RoleAssignmentDetailsList, self).__init__(**kwargs) + self.count = kwargs.get('count', None) + self.value = kwargs.get('value', None) -class RoleAssignmentOptions(msrest.serialization.Model): +class RoleAssignmentRequest(msrest.serialization.Model): """Role Assignment request details. All required parameters must be populated in order to send to Azure. @@ -137,84 +280,134 @@ class RoleAssignmentOptions(msrest.serialization.Model): :type role_id: str :param principal_id: Required. Object ID of the AAD principal or security-group. :type principal_id: str + :param scope: Required. Scope at which the role assignment is created. + :type scope: str + :param principal_type: Type of the principal Id: User, Group or ServicePrincipal. + :type principal_type: str """ _validation = { 'role_id': {'required': True}, 'principal_id': {'required': True}, + 'scope': {'required': True}, } _attribute_map = { 'role_id': {'key': 'roleId', 'type': 'str'}, 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'scope': {'key': 'scope', 'type': 'str'}, + 'principal_type': {'key': 'principalType', 'type': 'str'}, } def __init__( self, **kwargs ): - super(RoleAssignmentOptions, self).__init__(**kwargs) + super(RoleAssignmentRequest, self).__init__(**kwargs) self.role_id = kwargs['role_id'] self.principal_id = kwargs['principal_id'] + self.scope = kwargs['scope'] + self.principal_type = kwargs.get('principal_type', None) -class RolesListResponse(msrest.serialization.Model): - """A list of Synapse roles available. +class SubjectInfo(msrest.serialization.Model): + """Subject details. All required parameters must be populated in order to send to Azure. - :param value: Required. List of Synapse roles. - :type value: list[~azure.synapse.accesscontrol.models.SynapseRole] - :param next_link: The link to the next page of results, if any remaining results exist. - :type next_link: str + :param principal_id: Required. Principal Id. + :type principal_id: str + :param group_ids: List of group Ids that the principalId is part of. + :type group_ids: list[str] """ _validation = { - 'value': {'required': True}, + 'principal_id': {'required': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SynapseRole]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'group_ids': {'key': 'groupIds', 'type': '[str]'}, } def __init__( self, **kwargs ): - super(RolesListResponse, self).__init__(**kwargs) - self.value = kwargs['value'] - self.next_link = kwargs.get('next_link', None) + super(SubjectInfo, self).__init__(**kwargs) + self.principal_id = kwargs['principal_id'] + self.group_ids = kwargs.get('group_ids', None) -class SynapseRole(msrest.serialization.Model): - """Synapse role details. +class SynapseRbacPermission(msrest.serialization.Model): + """Synapse role definition details. - All required parameters must be populated in order to send to Azure. + :param actions: List of actions. + :type actions: list[str] + :param not_actions: List of Not actions. + :type not_actions: list[str] + :param data_actions: List of data actions. + :type data_actions: list[str] + :param not_data_actions: List of Not data actions. + :type not_data_actions: list[str] + """ - :param id: Role ID. + _attribute_map = { + 'actions': {'key': 'actions', 'type': '[str]'}, + 'not_actions': {'key': 'notActions', 'type': '[str]'}, + 'data_actions': {'key': 'dataActions', 'type': '[str]'}, + 'not_data_actions': {'key': 'notDataActions', 'type': '[str]'}, + } + + def __init__( + self, + **kwargs + ): + super(SynapseRbacPermission, self).__init__(**kwargs) + self.actions = kwargs.get('actions', None) + self.not_actions = kwargs.get('not_actions', None) + self.data_actions = kwargs.get('data_actions', None) + self.not_data_actions = kwargs.get('not_data_actions', None) + + +class SynapseRoleDefinition(msrest.serialization.Model): + """Synapse role definition details. + + :param id: Role Definition ID. :type id: str :param name: Name of the Synapse role. :type name: str - :param is_built_in: Required. Is a built-in role or not. + :param is_built_in: Is a built-in role or not. :type is_built_in: bool + :param description: Description for the Synapse role. + :type description: str + :param permissions: Permissions for the Synapse role. + :type permissions: list[~azure.synapse.accesscontrol.models.SynapseRbacPermission] + :param scopes: Allowed scopes for the Synapse role. + :type scopes: list[str] + :param availability_status: Availability of the Synapse role. + :type availability_status: str """ - _validation = { - 'is_built_in': {'required': True}, - } - _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'is_built_in': {'key': 'isBuiltIn', 'type': 'bool'}, + 'description': {'key': 'description', 'type': 'str'}, + 'permissions': {'key': 'permissions', 'type': '[SynapseRbacPermission]'}, + 'scopes': {'key': 'scopes', 'type': '[str]'}, + 'availability_status': {'key': 'availabilityStatus', 'type': 'str'}, } def __init__( self, **kwargs ): - super(SynapseRole, self).__init__(**kwargs) + super(SynapseRoleDefinition, self).__init__(**kwargs) self.id = kwargs.get('id', None) self.name = kwargs.get('name', None) - self.is_built_in = kwargs['is_built_in'] + self.is_built_in = kwargs.get('is_built_in', None) + self.description = kwargs.get('description', None) + self.permissions = kwargs.get('permissions', None) + self.scopes = kwargs.get('scopes', None) + self.availability_status = kwargs.get('availability_status', None) diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models_py3.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models_py3.py index cd3c26b66397..dedf2611f1e9 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models_py3.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/models/_models_py3.py @@ -12,6 +12,98 @@ import msrest.serialization +class CheckAccessDecision(msrest.serialization.Model): + """Check access response details. + + :param access_decision: Access Decision. + :type access_decision: str + :param action_id: Action Id. + :type action_id: str + :param role_assignment: Role Assignment response details. + :type role_assignment: ~azure.synapse.accesscontrol.models.RoleAssignmentDetails + """ + + _attribute_map = { + 'access_decision': {'key': 'accessDecision', 'type': 'str'}, + 'action_id': {'key': 'actionId', 'type': 'str'}, + 'role_assignment': {'key': 'roleAssignment', 'type': 'RoleAssignmentDetails'}, + } + + def __init__( + self, + *, + access_decision: Optional[str] = None, + action_id: Optional[str] = None, + role_assignment: Optional["RoleAssignmentDetails"] = None, + **kwargs + ): + super(CheckAccessDecision, self).__init__(**kwargs) + self.access_decision = access_decision + self.action_id = action_id + self.role_assignment = role_assignment + + +class CheckPrincipalAccessRequest(msrest.serialization.Model): + """Check access request details. + + All required parameters must be populated in order to send to Azure. + + :param subject: Required. Subject details. + :type subject: ~azure.synapse.accesscontrol.models.SubjectInfo + :param actions: Required. List of actions. + :type actions: list[~azure.synapse.accesscontrol.models.RequiredAction] + :param scope: Required. Scope at which the check access is done. + :type scope: str + """ + + _validation = { + 'subject': {'required': True}, + 'actions': {'required': True}, + 'scope': {'required': True}, + } + + _attribute_map = { + 'subject': {'key': 'subject', 'type': 'SubjectInfo'}, + 'actions': {'key': 'actions', 'type': '[RequiredAction]'}, + 'scope': {'key': 'scope', 'type': 'str'}, + } + + def __init__( + self, + *, + subject: "SubjectInfo", + actions: List["RequiredAction"], + scope: str, + **kwargs + ): + super(CheckPrincipalAccessRequest, self).__init__(**kwargs) + self.subject = subject + self.actions = actions + self.scope = scope + + +class CheckPrincipalAccessResponse(msrest.serialization.Model): + """Check access response details. + + :param access_decisions: To check if the current user, group, or service principal has + permission to read artifacts in the specified workspace. + :type access_decisions: list[~azure.synapse.accesscontrol.models.CheckAccessDecision] + """ + + _attribute_map = { + 'access_decisions': {'key': 'AccessDecisions', 'type': '[CheckAccessDecision]'}, + } + + def __init__( + self, + *, + access_decisions: Optional[List["CheckAccessDecision"]] = None, + **kwargs + ): + super(CheckPrincipalAccessResponse, self).__init__(**kwargs) + self.access_decisions = access_decisions + + class ErrorContract(msrest.serialization.Model): """Contains details when the response code indicates an error. @@ -114,38 +206,107 @@ def __init__( self.details = details +class RequiredAction(msrest.serialization.Model): + """Action Info. + + All required parameters must be populated in order to send to Azure. + + :param id: Required. Action Id. + :type id: str + :param is_data_action: Required. Is a data action or not. + :type is_data_action: bool + """ + + _validation = { + 'id': {'required': True}, + 'is_data_action': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'is_data_action': {'key': 'isDataAction', 'type': 'bool'}, + } + + def __init__( + self, + *, + id: str, + is_data_action: bool, + **kwargs + ): + super(RequiredAction, self).__init__(**kwargs) + self.id = id + self.is_data_action = is_data_action + + class RoleAssignmentDetails(msrest.serialization.Model): """Role Assignment response details. :param id: Role Assignment ID. :type id: str - :param role_id: Role ID of the Synapse Built-In Role. - :type role_id: str + :param role_definition_id: Role ID of the Synapse Built-In Role. + :type role_definition_id: str :param principal_id: Object ID of the AAD principal or security-group. :type principal_id: str + :param scope: Scope at the role assignment is created. + :type scope: str + :param principal_type: Type of the principal Id: User, Group or ServicePrincipal. + :type principal_type: str """ _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, - 'role_id': {'key': 'roleId', 'type': 'str'}, + 'role_definition_id': {'key': 'roleDefinitionId', 'type': 'str'}, 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'scope': {'key': 'scope', 'type': 'str'}, + 'principal_type': {'key': 'principalType', 'type': 'str'}, } def __init__( self, *, id: Optional[str] = None, - role_id: Optional[str] = None, + role_definition_id: Optional[str] = None, principal_id: Optional[str] = None, + scope: Optional[str] = None, + principal_type: Optional[str] = None, **kwargs ): super(RoleAssignmentDetails, self).__init__(**kwargs) self.id = id - self.role_id = role_id + self.role_definition_id = role_definition_id self.principal_id = principal_id + self.scope = scope + self.principal_type = principal_type + + +class RoleAssignmentDetailsList(msrest.serialization.Model): + """Role Assignment response details. + + :param count: Number of role assignments. + :type count: int + :param value: A list of role assignments. + :type value: list[~azure.synapse.accesscontrol.models.RoleAssignmentDetails] + """ + + _attribute_map = { + 'count': {'key': 'count', 'type': 'int'}, + 'value': {'key': 'value', 'type': '[RoleAssignmentDetails]'}, + } + + def __init__( + self, + *, + count: Optional[int] = None, + value: Optional[List["RoleAssignmentDetails"]] = None, + **kwargs + ): + super(RoleAssignmentDetailsList, self).__init__(**kwargs) + self.count = count + self.value = value -class RoleAssignmentOptions(msrest.serialization.Model): +class RoleAssignmentRequest(msrest.serialization.Model): """Role Assignment request details. All required parameters must be populated in order to send to Azure. @@ -154,16 +315,23 @@ class RoleAssignmentOptions(msrest.serialization.Model): :type role_id: str :param principal_id: Required. Object ID of the AAD principal or security-group. :type principal_id: str + :param scope: Required. Scope at which the role assignment is created. + :type scope: str + :param principal_type: Type of the principal Id: User, Group or ServicePrincipal. + :type principal_type: str """ _validation = { 'role_id': {'required': True}, 'principal_id': {'required': True}, + 'scope': {'required': True}, } _attribute_map = { 'role_id': {'key': 'roleId', 'type': 'str'}, 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'scope': {'key': 'scope', 'type': 'str'}, + 'principal_type': {'key': 'principalType', 'type': 'str'}, } def __init__( @@ -171,77 +339,131 @@ def __init__( *, role_id: str, principal_id: str, + scope: str, + principal_type: Optional[str] = None, **kwargs ): - super(RoleAssignmentOptions, self).__init__(**kwargs) + super(RoleAssignmentRequest, self).__init__(**kwargs) self.role_id = role_id self.principal_id = principal_id + self.scope = scope + self.principal_type = principal_type -class RolesListResponse(msrest.serialization.Model): - """A list of Synapse roles available. +class SubjectInfo(msrest.serialization.Model): + """Subject details. All required parameters must be populated in order to send to Azure. - :param value: Required. List of Synapse roles. - :type value: list[~azure.synapse.accesscontrol.models.SynapseRole] - :param next_link: The link to the next page of results, if any remaining results exist. - :type next_link: str + :param principal_id: Required. Principal Id. + :type principal_id: str + :param group_ids: List of group Ids that the principalId is part of. + :type group_ids: list[str] """ _validation = { - 'value': {'required': True}, + 'principal_id': {'required': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SynapseRole]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'group_ids': {'key': 'groupIds', 'type': '[str]'}, } def __init__( self, *, - value: List["SynapseRole"], - next_link: Optional[str] = None, + principal_id: str, + group_ids: Optional[List[str]] = None, **kwargs ): - super(RolesListResponse, self).__init__(**kwargs) - self.value = value - self.next_link = next_link + super(SubjectInfo, self).__init__(**kwargs) + self.principal_id = principal_id + self.group_ids = group_ids -class SynapseRole(msrest.serialization.Model): - """Synapse role details. +class SynapseRbacPermission(msrest.serialization.Model): + """Synapse role definition details. - All required parameters must be populated in order to send to Azure. + :param actions: List of actions. + :type actions: list[str] + :param not_actions: List of Not actions. + :type not_actions: list[str] + :param data_actions: List of data actions. + :type data_actions: list[str] + :param not_data_actions: List of Not data actions. + :type not_data_actions: list[str] + """ + + _attribute_map = { + 'actions': {'key': 'actions', 'type': '[str]'}, + 'not_actions': {'key': 'notActions', 'type': '[str]'}, + 'data_actions': {'key': 'dataActions', 'type': '[str]'}, + 'not_data_actions': {'key': 'notDataActions', 'type': '[str]'}, + } - :param id: Role ID. + def __init__( + self, + *, + actions: Optional[List[str]] = None, + not_actions: Optional[List[str]] = None, + data_actions: Optional[List[str]] = None, + not_data_actions: Optional[List[str]] = None, + **kwargs + ): + super(SynapseRbacPermission, self).__init__(**kwargs) + self.actions = actions + self.not_actions = not_actions + self.data_actions = data_actions + self.not_data_actions = not_data_actions + + +class SynapseRoleDefinition(msrest.serialization.Model): + """Synapse role definition details. + + :param id: Role Definition ID. :type id: str :param name: Name of the Synapse role. :type name: str - :param is_built_in: Required. Is a built-in role or not. + :param is_built_in: Is a built-in role or not. :type is_built_in: bool + :param description: Description for the Synapse role. + :type description: str + :param permissions: Permissions for the Synapse role. + :type permissions: list[~azure.synapse.accesscontrol.models.SynapseRbacPermission] + :param scopes: Allowed scopes for the Synapse role. + :type scopes: list[str] + :param availability_status: Availability of the Synapse role. + :type availability_status: str """ - _validation = { - 'is_built_in': {'required': True}, - } - _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'is_built_in': {'key': 'isBuiltIn', 'type': 'bool'}, + 'description': {'key': 'description', 'type': 'str'}, + 'permissions': {'key': 'permissions', 'type': '[SynapseRbacPermission]'}, + 'scopes': {'key': 'scopes', 'type': '[str]'}, + 'availability_status': {'key': 'availabilityStatus', 'type': 'str'}, } def __init__( self, *, - is_built_in: bool, id: Optional[str] = None, name: Optional[str] = None, + is_built_in: Optional[bool] = None, + description: Optional[str] = None, + permissions: Optional[List["SynapseRbacPermission"]] = None, + scopes: Optional[List[str]] = None, + availability_status: Optional[str] = None, **kwargs ): - super(SynapseRole, self).__init__(**kwargs) + super(SynapseRoleDefinition, self).__init__(**kwargs) self.id = id self.name = name self.is_built_in = is_built_in + self.description = description + self.permissions = permissions + self.scopes = scopes + self.availability_status = availability_status diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/__init__.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/__init__.py index b4127a08ecec..dc7a8f54d689 100644 --- a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/__init__.py +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/__init__.py @@ -6,8 +6,10 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -from ._access_control_client_operations import AccessControlClientOperationsMixin +from ._role_assignments_operations import RoleAssignmentsOperations +from ._role_definitions_operations import RoleDefinitionsOperations __all__ = [ - 'AccessControlClientOperationsMixin', + 'RoleAssignmentsOperations', + 'RoleDefinitionsOperations', ] diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/_role_assignments_operations.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/_role_assignments_operations.py new file mode 100644 index 000000000000..9f3071c0f181 --- /dev/null +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/_role_assignments_operations.py @@ -0,0 +1,375 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import TYPE_CHECKING +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpRequest, HttpResponse + +from .. import models as _models + +if TYPE_CHECKING: + # pylint: disable=unused-import,ungrouped-imports + from typing import Any, Callable, Dict, Generic, List, Optional, TypeVar + + T = TypeVar('T') + ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +class RoleAssignmentsOperations(object): + """RoleAssignmentsOperations operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.synapse.accesscontrol.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer): + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + def check_principal_access( + self, + subject, # type: "_models.SubjectInfo" + actions, # type: List["_models.RequiredAction"] + scope, # type: str + **kwargs # type: Any + ): + # type: (...) -> "_models.CheckPrincipalAccessResponse" + """Check if the given principalId has access to perform list of actions at a given scope. + + :param subject: Subject details. + :type subject: ~azure.synapse.accesscontrol.models.SubjectInfo + :param actions: List of actions. + :type actions: list[~azure.synapse.accesscontrol.models.RequiredAction] + :param scope: Scope at which the check access is done. + :type scope: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CheckPrincipalAccessResponse, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.CheckPrincipalAccessResponse + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CheckPrincipalAccessResponse"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + + _request = _models.CheckPrincipalAccessRequest(subject=subject, actions=actions, scope=scope) + api_version = "2020-08-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json, text/json" + + # Construct URL + url = self.check_principal_access.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(_request, 'CheckPrincipalAccessRequest') + body_content_kwargs['content'] = body_content + request = self._client.post(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('CheckPrincipalAccessResponse', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + check_principal_access.metadata = {'url': '/checkAccessSynapseRbac'} # type: ignore + + def list_role_assignments( + self, + role_id=None, # type: Optional[str] + principal_id=None, # type: Optional[str] + scope=None, # type: Optional[str] + continuation_token_parameter=None, # type: Optional[str] + **kwargs # type: Any + ): + # type: (...) -> "_models.RoleAssignmentDetailsList" + """List role assignments. + + :param role_id: Synapse Built-In Role Id. + :type role_id: str + :param principal_id: Object ID of the AAD principal or security-group. + :type principal_id: str + :param scope: Scope of the Synapse Built-in Role. + :type scope: str + :param continuation_token_parameter: Continuation token. + :type continuation_token_parameter: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: RoleAssignmentDetailsList, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.RoleAssignmentDetailsList + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.RoleAssignmentDetailsList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.list_role_assignments.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + if role_id is not None: + query_parameters['roleId'] = self._serialize.query("role_id", role_id, 'str') + if principal_id is not None: + query_parameters['principalId'] = self._serialize.query("principal_id", principal_id, 'str') + if scope is not None: + query_parameters['scope'] = self._serialize.query("scope", scope, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + if continuation_token_parameter is not None: + header_parameters['x-ms-continuation'] = self._serialize.header("continuation_token_parameter", continuation_token_parameter, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + response_headers = {} + response_headers['x-ms-continuation']=self._deserialize('str', response.headers.get('x-ms-continuation')) + deserialized = self._deserialize('RoleAssignmentDetailsList', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, response_headers) + + return deserialized + list_role_assignments.metadata = {'url': '/roleAssignments'} # type: ignore + + def create_role_assignment( + self, + role_assignment_id, # type: str + role_id, # type: str + principal_id, # type: str + scope, # type: str + principal_type=None, # type: Optional[str] + **kwargs # type: Any + ): + # type: (...) -> "_models.RoleAssignmentDetails" + """Create role assignment. + + :param role_assignment_id: The ID of the role assignment. + :type role_assignment_id: str + :param role_id: Role ID of the Synapse Built-In Role. + :type role_id: str + :param principal_id: Object ID of the AAD principal or security-group. + :type principal_id: str + :param scope: Scope at which the role assignment is created. + :type scope: str + :param principal_type: Type of the principal Id: User, Group or ServicePrincipal. + :type principal_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: RoleAssignmentDetails, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.RoleAssignmentDetails + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.RoleAssignmentDetails"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + + _request = _models.RoleAssignmentRequest(role_id=role_id, principal_id=principal_id, scope=scope, principal_type=principal_type) + api_version = "2020-08-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json, text/json" + + # Construct URL + url = self.create_role_assignment.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleAssignmentId': self._serialize.url("role_assignment_id", role_assignment_id, 'str', min_length=1), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(_request, 'RoleAssignmentRequest') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('RoleAssignmentDetails', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create_role_assignment.metadata = {'url': '/roleAssignments/{roleAssignmentId}'} # type: ignore + + def get_role_assignment_by_id( + self, + role_assignment_id, # type: str + **kwargs # type: Any + ): + # type: (...) -> "_models.RoleAssignmentDetails" + """Get role assignment by role assignment Id. + + :param role_assignment_id: The ID of the role assignment. + :type role_assignment_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: RoleAssignmentDetails, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.RoleAssignmentDetails + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.RoleAssignmentDetails"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.get_role_assignment_by_id.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleAssignmentId': self._serialize.url("role_assignment_id", role_assignment_id, 'str', min_length=1), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('RoleAssignmentDetails', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get_role_assignment_by_id.metadata = {'url': '/roleAssignments/{roleAssignmentId}'} # type: ignore + + def delete_role_assignment_by_id( + self, + role_assignment_id, # type: str + scope=None, # type: Optional[str] + **kwargs # type: Any + ): + # type: (...) -> None + """Delete role assignment by role assignment Id. + + :param role_assignment_id: The ID of the role assignment. + :type role_assignment_id: str + :param scope: Scope of the Synapse Built-in Role. + :type scope: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.delete_role_assignment_by_id.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleAssignmentId': self._serialize.url("role_assignment_id", role_assignment_id, 'str', min_length=1), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + if scope is not None: + query_parameters['scope'] = self._serialize.query("scope", scope, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + if cls: + return cls(pipeline_response, None, {}) + + delete_role_assignment_by_id.metadata = {'url': '/roleAssignments/{roleAssignmentId}'} # type: ignore diff --git a/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/_role_definitions_operations.py b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/_role_definitions_operations.py new file mode 100644 index 000000000000..b8b145d62928 --- /dev/null +++ b/sdk/synapse/azure-synapse-accesscontrol/azure/synapse/accesscontrol/operations/_role_definitions_operations.py @@ -0,0 +1,214 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import TYPE_CHECKING +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpRequest, HttpResponse + +from .. import models as _models + +if TYPE_CHECKING: + # pylint: disable=unused-import,ungrouped-imports + from typing import Any, Callable, Dict, Generic, List, Optional, TypeVar + + T = TypeVar('T') + ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +class RoleDefinitionsOperations(object): + """RoleDefinitionsOperations operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.synapse.accesscontrol.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer): + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + def list_role_definitions( + self, + is_built_in=None, # type: Optional[bool] + scope=None, # type: Optional[str] + **kwargs # type: Any + ): + # type: (...) -> List["_models.SynapseRoleDefinition"] + """List role definitions. + + :param is_built_in: Is a Synapse Built-In Role or not. + :type is_built_in: bool + :param scope: Scope of the Synapse Built-in Role. + :type scope: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: list of SynapseRoleDefinition, or the result of cls(response) + :rtype: list[~azure.synapse.accesscontrol.models.SynapseRoleDefinition] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[List["_models.SynapseRoleDefinition"]] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.list_role_definitions.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + if is_built_in is not None: + query_parameters['isBuiltIn'] = self._serialize.query("is_built_in", is_built_in, 'bool') + if scope is not None: + query_parameters['scope'] = self._serialize.query("scope", scope, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('[SynapseRoleDefinition]', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + list_role_definitions.metadata = {'url': '/roleDefinitions'} # type: ignore + + def get_role_definition_by_id( + self, + role_definition_id, # type: str + **kwargs # type: Any + ): + # type: (...) -> "_models.SynapseRoleDefinition" + """Get role definition by role definition Id. + + :param role_definition_id: Synapse Built-In Role Definition Id. + :type role_definition_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SynapseRoleDefinition, or the result of cls(response) + :rtype: ~azure.synapse.accesscontrol.models.SynapseRoleDefinition + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SynapseRoleDefinition"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.get_role_definition_by_id.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + 'roleDefinitionId': self._serialize.url("role_definition_id", role_definition_id, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('SynapseRoleDefinition', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get_role_definition_by_id.metadata = {'url': '/roleDefinitions/{roleDefinitionId}'} # type: ignore + + def list_scopes( + self, + **kwargs # type: Any + ): + # type: (...) -> List[str] + """List rbac scopes. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: list of str, or the result of cls(response) + :rtype: list[str] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[List[str]] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2020-08-01-preview" + accept = "application/json, text/json" + + # Construct URL + url = self.list_scopes.metadata['url'] # type: ignore + path_format_arguments = { + 'endpoint': self._serialize.url("self._config.endpoint", self._config.endpoint, 'str', skip_quote=True), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorContract, response) + raise HttpResponseError(response=response, model=error) + + deserialized = self._deserialize('[str]', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + list_scopes.metadata = {'url': '/rbacScopes'} # type: ignore diff --git a/sdk/synapse/azure-synapse-managedprivateendpoints/CHANGELOG.md b/sdk/synapse/azure-synapse-managedprivateendpoints/CHANGELOG.md index 11e10e269f42..86e53635ebb0 100644 --- a/sdk/synapse/azure-synapse-managedprivateendpoints/CHANGELOG.md +++ b/sdk/synapse/azure-synapse-managedprivateendpoints/CHANGELOG.md @@ -1,5 +1,9 @@ # Release History +## 0.2.0 (2021-02-09) + +* Internal bugfixes (re-generated with latest generator) + ## 0.1.0 (2020-12-08) * Initial Release diff --git a/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/_version.py b/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/_version.py index eae7c95b6fbd..035146e99a22 100644 --- a/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/_version.py +++ b/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/_version.py @@ -6,4 +6,4 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -VERSION = "0.1.0" +VERSION = "0.2.0" diff --git a/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/aio/operations/_managed_private_endpoints_operations.py b/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/aio/operations/_managed_private_endpoints_operations.py index bb4e95b9d0c4..189729e0e12a 100644 --- a/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/aio/operations/_managed_private_endpoints_operations.py +++ b/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/aio/operations/_managed_private_endpoints_operations.py @@ -42,16 +42,16 @@ def __init__(self, client, config, serializer, deserializer) -> None: async def get( self, - managed_virtual_network_name: str, managed_private_endpoint_name: str, + managed_virtual_network_name: str = "default", **kwargs ) -> "_models.ManagedPrivateEndpoint": """Get Managed Private Endpoints. - :param managed_virtual_network_name: Managed virtual network name. - :type managed_virtual_network_name: str :param managed_private_endpoint_name: Managed private endpoint name. :type managed_private_endpoint_name: str + :param managed_virtual_network_name: Managed virtual network name. + :type managed_virtual_network_name: str :keyword callable cls: A custom type or function that will be passed the direct response :return: ManagedPrivateEndpoint, or the result of cls(response) :rtype: ~azure.synapse.managedprivateendpoints.models.ManagedPrivateEndpoint @@ -100,17 +100,17 @@ async def get( async def create( self, - managed_virtual_network_name: str, managed_private_endpoint_name: str, + managed_virtual_network_name: str = "default", properties: Optional["_models.ManagedPrivateEndpointProperties"] = None, **kwargs ) -> "_models.ManagedPrivateEndpoint": """Create Managed Private Endpoints. - :param managed_virtual_network_name: Managed virtual network name. - :type managed_virtual_network_name: str :param managed_private_endpoint_name: Managed private endpoint name. :type managed_private_endpoint_name: str + :param managed_virtual_network_name: Managed virtual network name. + :type managed_virtual_network_name: str :param properties: Managed private endpoint properties. :type properties: ~azure.synapse.managedprivateendpoints.models.ManagedPrivateEndpointProperties :keyword callable cls: A custom type or function that will be passed the direct response @@ -168,16 +168,16 @@ async def create( async def delete( self, - managed_virtual_network_name: str, managed_private_endpoint_name: str, + managed_virtual_network_name: str = "default", **kwargs ) -> None: """Delete Managed Private Endpoints. - :param managed_virtual_network_name: Managed virtual network name. - :type managed_virtual_network_name: str :param managed_private_endpoint_name: Managed private endpoint name. :type managed_private_endpoint_name: str + :param managed_virtual_network_name: Managed virtual network name. + :type managed_virtual_network_name: str :keyword callable cls: A custom type or function that will be passed the direct response :return: None, or the result of cls(response) :rtype: None @@ -221,7 +221,7 @@ async def delete( def list( self, - managed_virtual_network_name: str, + managed_virtual_network_name: str = "default", **kwargs ) -> AsyncIterable["_models.ManagedPrivateEndpointListResponse"]: """List Managed Private Endpoints. diff --git a/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/operations/_managed_private_endpoints_operations.py b/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/operations/_managed_private_endpoints_operations.py index 6f543af03d40..c3876d6ba7c1 100644 --- a/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/operations/_managed_private_endpoints_operations.py +++ b/sdk/synapse/azure-synapse-managedprivateendpoints/azure/synapse/managedprivateendpoints/operations/_managed_private_endpoints_operations.py @@ -46,17 +46,17 @@ def __init__(self, client, config, serializer, deserializer): def get( self, - managed_virtual_network_name, # type: str managed_private_endpoint_name, # type: str + managed_virtual_network_name="default", # type: str **kwargs # type: Any ): # type: (...) -> "_models.ManagedPrivateEndpoint" """Get Managed Private Endpoints. - :param managed_virtual_network_name: Managed virtual network name. - :type managed_virtual_network_name: str :param managed_private_endpoint_name: Managed private endpoint name. :type managed_private_endpoint_name: str + :param managed_virtual_network_name: Managed virtual network name. + :type managed_virtual_network_name: str :keyword callable cls: A custom type or function that will be passed the direct response :return: ManagedPrivateEndpoint, or the result of cls(response) :rtype: ~azure.synapse.managedprivateendpoints.models.ManagedPrivateEndpoint @@ -105,18 +105,18 @@ def get( def create( self, - managed_virtual_network_name, # type: str managed_private_endpoint_name, # type: str + managed_virtual_network_name="default", # type: str properties=None, # type: Optional["_models.ManagedPrivateEndpointProperties"] **kwargs # type: Any ): # type: (...) -> "_models.ManagedPrivateEndpoint" """Create Managed Private Endpoints. - :param managed_virtual_network_name: Managed virtual network name. - :type managed_virtual_network_name: str :param managed_private_endpoint_name: Managed private endpoint name. :type managed_private_endpoint_name: str + :param managed_virtual_network_name: Managed virtual network name. + :type managed_virtual_network_name: str :param properties: Managed private endpoint properties. :type properties: ~azure.synapse.managedprivateendpoints.models.ManagedPrivateEndpointProperties :keyword callable cls: A custom type or function that will be passed the direct response @@ -174,17 +174,17 @@ def create( def delete( self, - managed_virtual_network_name, # type: str managed_private_endpoint_name, # type: str + managed_virtual_network_name="default", # type: str **kwargs # type: Any ): # type: (...) -> None """Delete Managed Private Endpoints. - :param managed_virtual_network_name: Managed virtual network name. - :type managed_virtual_network_name: str :param managed_private_endpoint_name: Managed private endpoint name. :type managed_private_endpoint_name: str + :param managed_virtual_network_name: Managed virtual network name. + :type managed_virtual_network_name: str :keyword callable cls: A custom type or function that will be passed the direct response :return: None, or the result of cls(response) :rtype: None @@ -228,7 +228,7 @@ def delete( def list( self, - managed_virtual_network_name, # type: str + managed_virtual_network_name="default", # type: str **kwargs # type: Any ): # type: (...) -> Iterable["_models.ManagedPrivateEndpointListResponse"]