From bb4887d2ffe1fb70fb698f89fa6901fd2e002463 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?McCoy=20Pati=C3=B1o?= Date: Fri, 2 Oct 2020 13:24:23 -0700 Subject: [PATCH 1/5] Make role_assignment_name kwarg for create_role_assignment --- .../keyvault/administration/_access_control_client.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py index 03cf21ca5aa1..747a628a7972 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py @@ -3,6 +3,7 @@ # Licensed under the MIT License. # ------------------------------------ from typing import TYPE_CHECKING +from uuid import uuid4 from azure.core.tracing.decorator import distributed_trace @@ -27,18 +28,18 @@ class KeyVaultAccessControlClient(KeyVaultClientBase): # pylint:disable=protected-access @distributed_trace - def create_role_assignment(self, role_scope, role_assignment_name, role_definition_id, principal_id, **kwargs): - # type: (Union[str, KeyVaultRoleScope], Union[str, UUID], str, str, **Any) -> KeyVaultRoleAssignment + def create_role_assignment(self, role_scope, role_definition_id, principal_id, **kwargs): + # type: (Union[str, KeyVaultRoleScope], str, str, **Any) -> KeyVaultRoleAssignment """Create a role assignment. :param role_scope: scope the role assignment will apply over. :class:`KeyVaultRoleScope` defines common broad scopes. Specify a narrower scope as a string. :type role_scope: str or KeyVaultRoleScope - :param role_assignment_name: a name for the role assignment. Must be a UUID. - :type role_assignment_name: str or uuid.UUID :param str role_definition_id: ID of the role's definition :param str principal_id: Azure Active Directory object ID of the principal which will be assigned the role. The principal can be a user, service principal, or security group. + :keyword role_assignment_name: a name for the role assignment. Must be a UUID. + :type role_assignment_name: str or uuid.UUID :rtype: KeyVaultRoleAssignment """ create_parameters = self._client.role_assignments.models.RoleAssignmentCreateParameters( @@ -49,7 +50,7 @@ def create_role_assignment(self, role_scope, role_assignment_name, role_definiti assignment = self._client.role_assignments.create( vault_base_url=self._vault_url, scope=role_scope, - role_assignment_name=role_assignment_name, + role_assignment_name=kwargs.pop("role_assignment_name", uuid4()), parameters=create_parameters, **kwargs ) From dc75603325e9e09391d6847dfb81f45a3d11e2c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?McCoy=20Pati=C3=B1o?= Date: Fri, 2 Oct 2020 13:59:09 -0700 Subject: [PATCH 2/5] Fix async client and tests --- .../keyvault/administration/aio/_access_control_client.py | 8 ++++---- .../tests/test_access_control.py | 2 +- .../tests/test_access_control_async.py | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py index fcc0fa53ede6..b8aafb406700 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py @@ -3,6 +3,7 @@ # Licensed under the MIT License. # ------------------------------------ from typing import TYPE_CHECKING +from uuid import uuid4 from azure.core.tracing.decorator import distributed_trace from azure.core.tracing.decorator_async import distributed_trace_async @@ -31,7 +32,6 @@ class KeyVaultAccessControlClient(AsyncKeyVaultClientBase): async def create_role_assignment( self, role_scope: "Union[str, KeyVaultRoleScope]", - role_assignment_name: "Union[str, UUID]", role_definition_id: str, principal_id: str, **kwargs: "Any" @@ -41,11 +41,11 @@ async def create_role_assignment( :param role_scope: scope the role assignment will apply over. :class:`KeyVaultRoleScope` defines common broad scopes. Specify a narrower scope as a string. :type role_scope: str or KeyVaultRoleScope - :param role_assignment_name: a name for the role assignment. Must be a UUID. - :type role_assignment_name: str or uuid.UUID :param str role_definition_id: ID of the role's definition :param str principal_id: Azure Active Directory object ID of the principal which will be assigned the role. The principal can be a user, service principal, or security group. + :keyword role_assignment_name: a name for the role assignment. Must be a UUID. + :type role_assignment_name: str or uuid.UUID :rtype: KeyVaultRoleAssignment """ create_parameters = self._client.role_assignments.models.RoleAssignmentCreateParameters( @@ -56,7 +56,7 @@ async def create_role_assignment( assignment = await self._client.role_assignments.create( vault_base_url=self._vault_url, scope=role_scope, - role_assignment_name=role_assignment_name, + role_assignment_name=kwargs.pop("role_assignment_name", uuid4), parameters=create_parameters, **kwargs ) diff --git a/sdk/keyvault/azure-keyvault-administration/tests/test_access_control.py b/sdk/keyvault/azure-keyvault-administration/tests/test_access_control.py index d2bf339766a2..e5939966d22e 100644 --- a/sdk/keyvault/azure-keyvault-administration/tests/test_access_control.py +++ b/sdk/keyvault/azure-keyvault-administration/tests/test_access_control.py @@ -66,7 +66,7 @@ def test_role_assignment(self, client): principal_id = self.get_service_principal_id() name = self.get_replayable_uuid("some-uuid") - created = client.create_role_assignment(scope, name, definition.id, principal_id) + created = client.create_role_assignment(scope, definition.id, principal_id, role_assignment_name=name) assert created.name == name assert created.principal_id == principal_id assert created.role_definition_id == definition.id diff --git a/sdk/keyvault/azure-keyvault-administration/tests/test_access_control_async.py b/sdk/keyvault/azure-keyvault-administration/tests/test_access_control_async.py index d0cd50d36534..75985b090060 100644 --- a/sdk/keyvault/azure-keyvault-administration/tests/test_access_control_async.py +++ b/sdk/keyvault/azure-keyvault-administration/tests/test_access_control_async.py @@ -71,7 +71,7 @@ async def test_role_assignment(self, client): principal_id = self.get_service_principal_id() name = self.get_replayable_uuid("some-uuid") - created = await client.create_role_assignment(scope, name, definition.id, principal_id) + created = await client.create_role_assignment(scope, definition.id, principal_id, role_assignment_name=name) assert created.name == name assert created.principal_id == principal_id assert created.role_definition_id == definition.id From 0f3ad38ac1841885d1fbf42ebd8f86da573aea28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?McCoy=20Pati=C3=B1o?= Date: Fri, 2 Oct 2020 14:54:05 -0700 Subject: [PATCH 3/5] Fix default UUID setting, run black --- .../administration/_access_control_client.py | 24 +++++++++++---- .../aio/_access_control_client.py | 30 ++++++++++++++----- 2 files changed, 41 insertions(+), 13 deletions(-) diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py index 747a628a7972..7015922488b8 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py @@ -28,7 +28,9 @@ class KeyVaultAccessControlClient(KeyVaultClientBase): # pylint:disable=protected-access @distributed_trace - def create_role_assignment(self, role_scope, role_definition_id, principal_id, **kwargs): + def create_role_assignment( + self, role_scope, role_definition_id, principal_id, **kwargs + ): # type: (Union[str, KeyVaultRoleScope], str, str, **Any) -> KeyVaultRoleAssignment """Create a role assignment. @@ -50,7 +52,7 @@ def create_role_assignment(self, role_scope, role_definition_id, principal_id, * assignment = self._client.role_assignments.create( vault_base_url=self._vault_url, scope=role_scope, - role_assignment_name=kwargs.pop("role_assignment_name", uuid4()), + role_assignment_name=kwargs.pop("role_assignment_name", None) or uuid4(), parameters=create_parameters, **kwargs ) @@ -70,7 +72,10 @@ def delete_role_assignment(self, role_scope, role_assignment_name, **kwargs): :rtype: KeyVaultRoleAssignment """ assignment = self._client.role_assignments.delete( - vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs + vault_base_url=self._vault_url, + scope=role_scope, + role_assignment_name=str(role_assignment_name), + **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @@ -87,7 +92,10 @@ def get_role_assignment(self, role_scope, role_assignment_name, **kwargs): :rtype: KeyVaultRoleAssignment """ assignment = self._client.role_assignments.get( - vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs + vault_base_url=self._vault_url, + scope=role_scope, + role_assignment_name=str(role_assignment_name), + **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @@ -104,7 +112,9 @@ def list_role_assignments(self, role_scope, **kwargs): return self._client.role_assignments.list_for_scope( self._vault_url, role_scope, - cls=lambda result: [KeyVaultRoleAssignment._from_generated(a) for a in result], + cls=lambda result: [ + KeyVaultRoleAssignment._from_generated(a) for a in result + ], **kwargs ) @@ -121,6 +131,8 @@ def list_role_definitions(self, role_scope, **kwargs): return self._client.role_definitions.list( self._vault_url, role_scope, - cls=lambda result: [KeyVaultRoleDefinition._from_generated(d) for d in result], + cls=lambda result: [ + KeyVaultRoleDefinition._from_generated(d) for d in result + ], **kwargs ) diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py index b8aafb406700..94ae033d6da2 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py @@ -56,7 +56,7 @@ async def create_role_assignment( assignment = await self._client.role_assignments.create( vault_base_url=self._vault_url, scope=role_scope, - role_assignment_name=kwargs.pop("role_assignment_name", uuid4), + role_assignment_name=kwargs.pop("role_assignment_name", None) or uuid4(), parameters=create_parameters, **kwargs ) @@ -64,7 +64,10 @@ async def create_role_assignment( @distributed_trace_async async def delete_role_assignment( - self, role_scope: "Union[str, KeyVaultRoleScope]", role_assignment_name: "Union[str, UUID]", **kwargs: "Any" + self, + role_scope: "Union[str, KeyVaultRoleScope]", + role_assignment_name: "Union[str, UUID]", + **kwargs: "Any" ) -> KeyVaultRoleAssignment: """Delete a role assignment. @@ -77,13 +80,19 @@ async def delete_role_assignment( :rtype: KeyVaultRoleAssignment """ assignment = await self._client.role_assignments.delete( - vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs + vault_base_url=self._vault_url, + scope=role_scope, + role_assignment_name=str(role_assignment_name), + **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @distributed_trace_async async def get_role_assignment( - self, role_scope: "Union[str, KeyVaultRoleScope]", role_assignment_name: "Union[str, UUID]", **kwargs: "Any" + self, + role_scope: "Union[str, KeyVaultRoleScope]", + role_assignment_name: "Union[str, UUID]", + **kwargs: "Any" ) -> KeyVaultRoleAssignment: """Get a role assignment. @@ -95,7 +104,10 @@ async def get_role_assignment( :rtype: KeyVaultRoleAssignment """ assignment = await self._client.role_assignments.get( - vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs + vault_base_url=self._vault_url, + scope=role_scope, + role_assignment_name=str(role_assignment_name), + **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @@ -113,7 +125,9 @@ def list_role_assignments( return self._client.role_assignments.list_for_scope( self._vault_url, role_scope, - cls=lambda result: [KeyVaultRoleAssignment._from_generated(a) for a in result], + cls=lambda result: [ + KeyVaultRoleAssignment._from_generated(a) for a in result + ], **kwargs ) @@ -131,6 +145,8 @@ def list_role_definitions( return self._client.role_definitions.list( self._vault_url, role_scope, - cls=lambda result: [KeyVaultRoleDefinition._from_generated(d) for d in result], + cls=lambda result: [ + KeyVaultRoleDefinition._from_generated(d) for d in result + ], **kwargs ) From 00fad36b044b4037feb64ac4db3eb6915fbf8df2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?McCoy=20Pati=C3=B1o?= Date: Fri, 2 Oct 2020 15:18:46 -0700 Subject: [PATCH 4/5] Use *correct* black options --- .../administration/_access_control_client.py | 22 +++--------- .../aio/_access_control_client.py | 34 ++++--------------- 2 files changed, 12 insertions(+), 44 deletions(-) diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py index 7015922488b8..13b584874cfe 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py @@ -28,9 +28,7 @@ class KeyVaultAccessControlClient(KeyVaultClientBase): # pylint:disable=protected-access @distributed_trace - def create_role_assignment( - self, role_scope, role_definition_id, principal_id, **kwargs - ): + def create_role_assignment(self, role_scope, role_definition_id, principal_id, **kwargs): # type: (Union[str, KeyVaultRoleScope], str, str, **Any) -> KeyVaultRoleAssignment """Create a role assignment. @@ -72,10 +70,7 @@ def delete_role_assignment(self, role_scope, role_assignment_name, **kwargs): :rtype: KeyVaultRoleAssignment """ assignment = self._client.role_assignments.delete( - vault_base_url=self._vault_url, - scope=role_scope, - role_assignment_name=str(role_assignment_name), - **kwargs + vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @@ -92,10 +87,7 @@ def get_role_assignment(self, role_scope, role_assignment_name, **kwargs): :rtype: KeyVaultRoleAssignment """ assignment = self._client.role_assignments.get( - vault_base_url=self._vault_url, - scope=role_scope, - role_assignment_name=str(role_assignment_name), - **kwargs + vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @@ -112,9 +104,7 @@ def list_role_assignments(self, role_scope, **kwargs): return self._client.role_assignments.list_for_scope( self._vault_url, role_scope, - cls=lambda result: [ - KeyVaultRoleAssignment._from_generated(a) for a in result - ], + cls=lambda result: [KeyVaultRoleAssignment._from_generated(a) for a in result], **kwargs ) @@ -131,8 +121,6 @@ def list_role_definitions(self, role_scope, **kwargs): return self._client.role_definitions.list( self._vault_url, role_scope, - cls=lambda result: [ - KeyVaultRoleDefinition._from_generated(d) for d in result - ], + cls=lambda result: [KeyVaultRoleDefinition._from_generated(d) for d in result], **kwargs ) diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py index 94ae033d6da2..27ff1ed88864 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py @@ -30,11 +30,7 @@ class KeyVaultAccessControlClient(AsyncKeyVaultClientBase): @distributed_trace_async async def create_role_assignment( - self, - role_scope: "Union[str, KeyVaultRoleScope]", - role_definition_id: str, - principal_id: str, - **kwargs: "Any" + self, role_scope: "Union[str, KeyVaultRoleScope]", role_definition_id: str, principal_id: str, **kwargs: "Any" ) -> KeyVaultRoleAssignment: """Create a role assignment. @@ -64,10 +60,7 @@ async def create_role_assignment( @distributed_trace_async async def delete_role_assignment( - self, - role_scope: "Union[str, KeyVaultRoleScope]", - role_assignment_name: "Union[str, UUID]", - **kwargs: "Any" + self, role_scope: "Union[str, KeyVaultRoleScope]", role_assignment_name: "Union[str, UUID]", **kwargs: "Any" ) -> KeyVaultRoleAssignment: """Delete a role assignment. @@ -80,19 +73,13 @@ async def delete_role_assignment( :rtype: KeyVaultRoleAssignment """ assignment = await self._client.role_assignments.delete( - vault_base_url=self._vault_url, - scope=role_scope, - role_assignment_name=str(role_assignment_name), - **kwargs + vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @distributed_trace_async async def get_role_assignment( - self, - role_scope: "Union[str, KeyVaultRoleScope]", - role_assignment_name: "Union[str, UUID]", - **kwargs: "Any" + self, role_scope: "Union[str, KeyVaultRoleScope]", role_assignment_name: "Union[str, UUID]", **kwargs: "Any" ) -> KeyVaultRoleAssignment: """Get a role assignment. @@ -104,10 +91,7 @@ async def get_role_assignment( :rtype: KeyVaultRoleAssignment """ assignment = await self._client.role_assignments.get( - vault_base_url=self._vault_url, - scope=role_scope, - role_assignment_name=str(role_assignment_name), - **kwargs + vault_base_url=self._vault_url, scope=role_scope, role_assignment_name=str(role_assignment_name), **kwargs ) return KeyVaultRoleAssignment._from_generated(assignment) @@ -125,9 +109,7 @@ def list_role_assignments( return self._client.role_assignments.list_for_scope( self._vault_url, role_scope, - cls=lambda result: [ - KeyVaultRoleAssignment._from_generated(a) for a in result - ], + cls=lambda result: [KeyVaultRoleAssignment._from_generated(a) for a in result], **kwargs ) @@ -145,8 +127,6 @@ def list_role_definitions( return self._client.role_definitions.list( self._vault_url, role_scope, - cls=lambda result: [ - KeyVaultRoleDefinition._from_generated(d) for d in result - ], + cls=lambda result: [KeyVaultRoleDefinition._from_generated(d) for d in result], **kwargs ) From 0485402cd1979cbfed473cddc0d4dfc2ebc3d1d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?McCoy=20Pati=C3=B1o?= Date: Fri, 2 Oct 2020 16:13:23 -0700 Subject: [PATCH 5/5] Make pylint happy (wrt ungrouped imports) --- .../azure/keyvault/administration/_access_control_client.py | 1 + .../azure/keyvault/administration/aio/_access_control_client.py | 1 + 2 files changed, 2 insertions(+) diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py index 13b584874cfe..8c80c69032e5 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py @@ -11,6 +11,7 @@ from ._internal import KeyVaultClientBase if TYPE_CHECKING: + # pylint:disable=ungrouped-imports from typing import Any, Union from uuid import UUID from azure.core.paging import ItemPaged diff --git a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py index 27ff1ed88864..0104e25c2365 100644 --- a/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py +++ b/sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/aio/_access_control_client.py @@ -12,6 +12,7 @@ from .._internal import AsyncKeyVaultClientBase if TYPE_CHECKING: + # pylint:disable=ungrouped-imports from typing import Any, Union from uuid import UUID from azure.core.async_paging import AsyncItemPaged