Address review feedback for authorization commands

namratab · namratab · commit c4e0d6a6d0df · 2015-09-15T15:22:39.000-07:00
diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs
@@ -130,28 +130,26 @@ public PSRoleAssignment CreateRoleAssignment(FilterRoleAssignmentsOptions parame
         /// </summary>
         /// <param name="options">The filtering options</param>
         /// <param name="currentSubscription">The current subscription</param>
-        /// <param name="expandPrincipalGroups">If true, assignments to the specified (user) principal's groups are also returned, in addition to direct assignments to the user</param>
-        /// <param name="includeClassicAdmins">If true, the subscription classic administrators are also returned as assignments</param>
         /// <returns>The filtered role assignments</returns>
-        public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions options, string currentSubscription, bool expandPrincipalGroups = false, bool includeClassicAdmins = false)
+        public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions options, string currentSubscription)
         {
             List<PSRoleAssignment> result = new List<PSRoleAssignment>();
             ListAssignmentsFilterParameters parameters = new ListAssignmentsFilterParameters();
 
             if (options.ADObjectFilter.HasFilter)
             {
                 // Filter first by principal
-                if (expandPrincipalGroups)
+                if (options.ExpandPrincipalGroups)
                 {
                     PSADObject adObject = ActiveDirectoryClient.GetADObject(options.ADObjectFilter);
                     if (adObject == null)
                     {
-                        throw new KeyNotFoundException("The provided information does not map to an AD object.");
+                        throw new KeyNotFoundException(ProjectResources.PrincipalNotFound);
                     }
 
                     if (!(adObject is PSADUser))
                     {
-                        throw new InvalidOperationException("ExpandPrincipalGroups is only supported for a User principal");
+                        throw new InvalidOperationException(ProjectResources.ExpandGroupsNotSupported);
                     }
                     
                     parameters.AssignedToPrincipalId = adObject.Id;
@@ -188,7 +186,7 @@ public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions
                 result = result.Where(r => r.RoleDefinitionName.Equals(options.RoleDefinition, StringComparison.OrdinalIgnoreCase)).ToList();
             }
 
-            if (includeClassicAdmins)
+            if (options.IncludeClassicAdministrators)
             {
                 // Get classic administrator access assignments 
                 List<ClassicAdministrator> classicAdministrators = AuthorizationManagementClient.ClassicAdministrators.List().ClassicAdministrators.ToList(); 
diff --git a/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/FilterRoleAssignmentsOptions.cs b/src/ResourceManager/Resources/Commands.Resources/Models.Authorization/FilterRoleAssignmentsOptions.cs
@@ -53,5 +53,9 @@ public string Scope
         public ResourceIdentifier ResourceIdentifier { get; set; }
 
         public ADObjectFilterOptions ADObjectFilter { get; set; }
+
+        public bool ExpandPrincipalGroups { get; set; }
+
+        public bool IncludeClassicAdministrators { get; set; }
     }
 }
diff --git a/src/ResourceManager/Resources/Commands.Resources/Properties/Resources.Designer.cs b/src/ResourceManager/Resources/Commands.Resources/Properties/Resources.Designer.cs
diff --git a/src/ResourceManager/Resources/Commands.Resources/Properties/Resources.resx b/src/ResourceManager/Resources/Commands.Resources/Properties/Resources.resx
@@ -306,4 +306,10 @@
   <data name="DeploymentDoesntExist" xml:space="preserve">
     <value>Deployment '{0}' doesn't exist under resource group '{1}'</value>
   </data>
+  <data name="ExpandGroupsNotSupported" xml:space="preserve">
+    <value>ExpandPrincipalGroups is only supported for a User principal</value>
+  </data>
+  <data name="PrincipalNotFound" xml:space="preserve">
+    <value>Cannot find principal using the specified options</value>
+  </data>
 </root>
diff --git a/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/GetAzureRoleAssignmentCommand.cs b/src/ResourceManager/Resources/Commands.Resources/RoleAssignments/GetAzureRoleAssignmentCommand.cs
@@ -262,10 +262,12 @@ protected override void ProcessRecord()
                     ResourceName = ResourceName,
                     ResourceType = ResourceType,
                     Subscription = string.IsNullOrEmpty(ResourceGroupName) ? null : DefaultProfile.DefaultContext.Subscription.Id.ToString()
-                }
+                },
+                ExpandPrincipalGroups = ExpandPrincipalGroups.IsPresent,
+                IncludeClassicAdministrators = IncludeClassicAdministrators.IsPresent
             };
 
-            WriteObject(PoliciesClient.FilterRoleAssignments(options, DefaultProfile.DefaultContext.Subscription.Id.ToString(), ExpandPrincipalGroups.IsPresent, IncludeClassicAdministrators.IsPresent), true);
+            WriteObject(PoliciesClient.FilterRoleAssignments(options, DefaultProfile.DefaultContext.Subscription.Id.ToString()), true);
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -130,28 +130,26 @@ public PSRoleAssignment CreateRoleAssignment(FilterRoleAssignmentsOptions parame`
`130`	`130`	`/// </summary>`
`131`	`131`	`/// <param name="options">The filtering options</param>`
`132`	`132`	`/// <param name="currentSubscription">The current subscription</param>`
`133`		`- /// <param name="expandPrincipalGroups">If true, assignments to the specified (user) principal's groups are also returned, in addition to direct assignments to the user</param>`
`134`		`- /// <param name="includeClassicAdmins">If true, the subscription classic administrators are also returned as assignments</param>`
`135`	`133`	`/// <returns>The filtered role assignments</returns>`
`136`		`- public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions options, string currentSubscription, bool expandPrincipalGroups = false, bool includeClassicAdmins = false)`
	`134`	`+ public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions options, string currentSubscription)`
`137`	`135`	`{`
`138`	`136`	`List<PSRoleAssignment> result = new List<PSRoleAssignment>();`
`139`	`137`	`ListAssignmentsFilterParameters parameters = new ListAssignmentsFilterParameters();`
`140`	`138`
`141`	`139`	`if (options.ADObjectFilter.HasFilter)`
`142`	`140`	`{`
`143`	`141`	`// Filter first by principal`
`144`		`- if (expandPrincipalGroups)`
	`142`	`+ if (options.ExpandPrincipalGroups)`
`145`	`143`	`{`
`146`	`144`	`PSADObject adObject = ActiveDirectoryClient.GetADObject(options.ADObjectFilter);`
`147`	`145`	`if (adObject == null)`
`148`	`146`	`{`
`149`		`- throw new KeyNotFoundException("The provided information does not map to an AD object.");`
	`147`	`+ throw new KeyNotFoundException(ProjectResources.PrincipalNotFound);`
`150`	`148`	`}`
`151`	`149`
`152`	`150`	`if (!(adObject is PSADUser))`
`153`	`151`	`{`
`154`		`- throw new InvalidOperationException("ExpandPrincipalGroups is only supported for a User principal");`
	`152`	`+ throw new InvalidOperationException(ProjectResources.ExpandGroupsNotSupported);`
`155`	`153`	`}`
`156`	`154`
`157`	`155`	`parameters.AssignedToPrincipalId = adObject.Id;`
`@@ -188,7 +186,7 @@ public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions`
`188`	`186`	`result = result.Where(r => r.RoleDefinitionName.Equals(options.RoleDefinition, StringComparison.OrdinalIgnoreCase)).ToList();`
`189`	`187`	`}`
`190`	`188`
`191`		`- if (includeClassicAdmins)`
	`189`	`+ if (options.IncludeClassicAdministrators)`
`192`	`190`	`{`
`193`	`191`	`// Get classic administrator access assignments`
`194`	`192`	`List<ClassicAdministrator> classicAdministrators = AuthorizationManagementClient.ClassicAdministrators.List().ClassicAdministrators.ToList();`
Original file line number	Diff line number	Diff line change
`@@ -53,5 +53,9 @@ public string Scope`
`53`	`53`	`public ResourceIdentifier ResourceIdentifier { get; set; }`
`54`	`54`
`55`	`55`	`public ADObjectFilterOptions ADObjectFilter { get; set; }`
	`56`	`+`
	`57`	`+ public bool ExpandPrincipalGroups { get; set; }`
	`58`	`+`
	`59`	`+ public bool IncludeClassicAdministrators { get; set; }`
`56`	`60`	`}`
`57`	`61`	`}`
Original file line number	Diff line number	Diff line change
`@@ -262,10 +262,12 @@ protected override void ProcessRecord()`
`262`	`262`	`ResourceName = ResourceName,`
`263`	`263`	`ResourceType = ResourceType,`
`264`	`264`	`Subscription = string.IsNullOrEmpty(ResourceGroupName) ? null : DefaultProfile.DefaultContext.Subscription.Id.ToString()`
`265`		`- }`
	`265`	`+ },`
	`266`	`+ ExpandPrincipalGroups = ExpandPrincipalGroups.IsPresent,`
	`267`	`+ IncludeClassicAdministrators = IncludeClassicAdministrators.IsPresent`
`266`	`268`	`};`
`267`	`269`
`268`		`- WriteObject(PoliciesClient.FilterRoleAssignments(options, DefaultProfile.DefaultContext.Subscription.Id.ToString(), ExpandPrincipalGroups.IsPresent, IncludeClassicAdministrators.IsPresent), true);`
	`270`	`+ WriteObject(PoliciesClient.FilterRoleAssignments(options, DefaultProfile.DefaultContext.Subscription.Id.ToString()), true);`
`269`	`271`	`}`
`270`	`272`	`}`
`271`	`273`	`}`