Merge pull request Azure#1193 from surabhi-pandey/roledefinitionfix

RoleDefinition PUT and DELETE requests should use first assignable scope as the url scope

Author: markcowl

src/ResourceManager/Resources/Commands.Resources.Test/Commands.Resources.Test.csproj

@@ -71,7 +71,7 @@
       <HintPath>..\..\..\packages\Microsoft.Azure.KeyVault.Core.1.0.0\lib\net40\Microsoft.Azure.KeyVault.Core.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.Management.Authorization">
-      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.0.2\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
+      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.1.0\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.ResourceManager, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>

src/ResourceManager/Resources/Commands.Resources.Test/SessionRecords/Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleDefinitionTests/RdNegativeScenarios.json

@@ -28,10 +28,10 @@
           "no-cache"
         ],
         "x-ms-request-id": [
-          "86e78e03-f2ba-4bb8-85a8-4f35837e50bc"
+          "a25dd16d-774f-457e-967e-a38ee00e3f58"
         ],
         "x-ms-gateway-service-instanceid": [
-          "PASFE_IN_2"
+          "PASFE_IN_0"
         ],
         "X-Content-Type-Options": [
           "nosniff"
@@ -40,19 +40,19 @@
           "max-age=31536000; includeSubDomains"
         ],
         "x-ms-ratelimit-remaining-subscription-reads": [
-          "14999"
+          "14709"
         ],
         "x-ms-correlation-request-id": [
-          "ab17e75f-8b3e-4d04-ade8-fed4591c4440"
+          "8cc3a1ec-2204-4e59-9be6-c1d35950b4c2"
         ],
         "x-ms-routing-request-id": [
-          "CENTRALUS:20151015T013236Z:ab17e75f-8b3e-4d04-ade8-fed4591c4440"
+          "WESTUS:20151028T002132Z:8cc3a1ec-2204-4e59-9be6-c1d35950b4c2"
         ],
         "Cache-Control": [
           "no-cache"
         ],
         "Date": [
-          "Thu, 15 Oct 2015 01:32:36 GMT"
+          "Wed, 28 Oct 2015 00:21:32 GMT"
         ],
         "Set-Cookie": [
           "x-ms-gateway-slice=productionb; path=/"
@@ -94,7 +94,7 @@
           "no-cache"
         ],
         "x-ms-request-id": [
-          "70d9dd77-f9de-4a4f-b842-a9c418b17b84"
+          "9e94b46a-b9ac-4fc0-8650-5679ee3fdb0f"
         ],
         "x-ms-gateway-service-instanceid": [
           "PASFE_IN_2"
@@ -106,19 +106,19 @@
           "max-age=31536000; includeSubDomains"
         ],
         "x-ms-ratelimit-remaining-subscription-reads": [
-          "14998"
+          "14708"
         ],
         "x-ms-correlation-request-id": [
-          "92594bda-9940-43c5-bb8d-c55238a504da"
+          "ff7b0d49-beb6-4e7b-9a3f-ba09654c33d9"
         ],
         "x-ms-routing-request-id": [
-          "CENTRALUS:20151015T013236Z:92594bda-9940-43c5-bb8d-c55238a504da"
+          "WESTUS:20151028T002133Z:ff7b0d49-beb6-4e7b-9a3f-ba09654c33d9"
         ],
         "Cache-Control": [
           "no-cache"
         ],
         "Date": [
-          "Thu, 15 Oct 2015 01:32:36 GMT"
+          "Wed, 28 Oct 2015 00:21:32 GMT"
         ],
         "Set-Cookie": [
           "x-ms-gateway-slice=productionb; path=/"
@@ -160,7 +160,7 @@
           "no-cache"
         ],
         "x-ms-request-id": [
-          "1d0c3a9c-e40c-44ee-84ed-88c37a0a2e10"
+          "3fbaaa67-482e-4690-8a4e-055fa68f1b81"
         ],
         "x-ms-gateway-service-instanceid": [
           "PASFE_IN_2"
@@ -172,19 +172,19 @@
           "max-age=31536000; includeSubDomains"
         ],
         "x-ms-ratelimit-remaining-subscription-reads": [
-          "14997"
+          "14707"
         ],
         "x-ms-correlation-request-id": [
-          "41eb1391-cb2b-4926-9d4e-61c083799002"
+          "d69b4abb-595e-4897-8edb-2f23f9b395b3"
         ],
         "x-ms-routing-request-id": [
-          "CENTRALUS:20151015T013236Z:41eb1391-cb2b-4926-9d4e-61c083799002"
+          "WESTUS:20151028T002133Z:d69b4abb-595e-4897-8edb-2f23f9b395b3"
         ],
         "Cache-Control": [
           "no-cache"
         ],
         "Date": [
-          "Thu, 15 Oct 2015 01:32:36 GMT"
+          "Wed, 28 Oct 2015 00:21:32 GMT"
         ],
         "Set-Cookie": [
           "x-ms-gateway-slice=productionb; path=/"

src/ResourceManager/Resources/Commands.Resources.Test/SessionRecords/Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleDefinitionTests/RdPositiveScenarios.json

@@ -8,7 +8,7 @@
   <package id="Microsoft.Azure.Graph.RBAC" version="1.7.2-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.Insights" version="0.7.7-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.KeyVault.Core" version="1.0.0" targetFramework="net45" />
-  <package id="Microsoft.Azure.Management.Authorization" version="1.0.2" targetFramework="net45" />
+  <package id="Microsoft.Azure.Management.Authorization" version="1.1.0" targetFramework="net45" />
   <package id="Microsoft.Azure.Management.Resources" version="2.18.7-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.Test.Framework" version="1.0.5772.15967-prerelease" targetFramework="net45" />
   <package id="Microsoft.Azure.Test.HttpRecorder" version="1.0.5772.15967-prerelease" targetFramework="net45" />

src/ResourceManager/Resources/Commands.Resources.Test/SessionRecords/Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleDefinitionTests/RoleDefinitionCreateTests.json

@@ -69,7 +69,8 @@
       <HintPath>..\..\..\packages\Microsoft.Azure.Graph.RBAC.1.7.2-preview\lib\net40\Microsoft.Azure.Graph.RBAC.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.Management.Authorization">
-      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.0.2\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
+      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.1.0\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
+      <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.Azure.ResourceManager, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>

src/ResourceManager/Resources/Commands.Resources.Test/packages.config

@@ -335,12 +335,11 @@ public PSRoleDefinition GetRoleRoleDefinition(string name)
         public PSRoleDefinition RemoveRoleDefinition(Guid roleDefinitionId, string subscriptionId)
         {
             string id = roleDefinitionId.ToString();
-            string roleDefinitionFullyQualifiedId = AuthorizationHelper.GetRoleDefinitionFullyQualifiedId(subscriptionId, id);
 
             PSRoleDefinition roleDefinition = this.GetRoleDefinition(roleDefinitionId);
             if (roleDefinition != null)
             {
-                return AuthorizationManagementClient.RoleDefinitions.Delete(roleDefinitionFullyQualifiedId).RoleDefinition.ToPSRoleDefinition();
+                return AuthorizationManagementClient.RoleDefinitions.Delete(roleDefinitionId, roleDefinition.AssignableScopes.First()).RoleDefinition.ToPSRoleDefinition();
             }
             else
             {
@@ -356,8 +355,7 @@ public PSRoleDefinition RemoveRoleDefinition(Guid roleDefinitionId, string subsc
         public PSRoleDefinition RemoveRoleDefinition(string roleDefinitionName, string subscriptionId)
         {
             PSRoleDefinition roleDefinition = this.GetRoleRoleDefinition(roleDefinitionName);
-            string roleDefinitionFullyQualifiedId = AuthorizationHelper.GetRoleDefinitionFullyQualifiedId(subscriptionId, roleDefinition.Id);
-            return AuthorizationManagementClient.RoleDefinitions.Delete(roleDefinitionFullyQualifiedId).RoleDefinition.ToPSRoleDefinition();
+            return AuthorizationManagementClient.RoleDefinitions.Delete(Guid.Parse(roleDefinition.Id), roleDefinition.AssignableScopes.First()).RoleDefinition.ToPSRoleDefinition();
         }
 
         /// <summary>
@@ -392,6 +390,7 @@ public PSRoleDefinition UpdateRoleDefinition(PSRoleDefinition role, string subsc
             return
                 AuthorizationManagementClient.RoleDefinitions.CreateOrUpdate(
                     roleDefinitionId,
+                    roleDefinition.AssignableScopes.First(),
                     new RoleDefinitionCreateOrUpdateParameters()
                     {
                         RoleDefinition = new RoleDefinition()
@@ -449,7 +448,7 @@ public PSRoleDefinition CreateRoleDefinition(PSRoleDefinition roleDefinition)
             PSRoleDefinition roleDef = null;
             try
             {
-                roleDef = AuthorizationManagementClient.RoleDefinitions.CreateOrUpdate(newRoleDefinitionId, parameters).RoleDefinition.ToPSRoleDefinition();
+                roleDef = AuthorizationManagementClient.RoleDefinitions.CreateOrUpdate(newRoleDefinitionId, roleDefinition.AssignableScopes.First(), parameters).RoleDefinition.ToPSRoleDefinition();
             }
             catch (CloudException ce)
             {
@@ -476,7 +475,7 @@ private static void ValidateRoleDefinition(PSRoleDefinition roleDefinition)
                 throw new ArgumentException(ProjectResources.InvalidRoleDefinitionDescription);
             }
 
-            if (roleDefinition.AssignableScopes == null || !roleDefinition.AssignableScopes.Any())
+            if (roleDefinition.AssignableScopes == null || !roleDefinition.AssignableScopes.Any() || roleDefinition.AssignableScopes.Any(s => string.IsNullOrWhiteSpace(s)))
             {
                 throw new ArgumentException(ProjectResources.InvalidAssignableScopes);
             }

src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj

@@ -6,7 +6,7 @@
   <package id="Microsoft.Azure.Common.Dependencies" version="1.0.0" targetFramework="net45" />
   <package id="Microsoft.Azure.Gallery" version="2.6.2-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.Graph.RBAC" version="1.7.2-preview" targetFramework="net45" />
-  <package id="Microsoft.Azure.Management.Authorization" version="1.0.2" targetFramework="net45" />
+  <package id="Microsoft.Azure.Management.Authorization" version="1.1.0" targetFramework="net45" />
   <package id="Microsoft.Azure.Management.Resources" version="2.18.11-preview" targetFramework="net45" />
   <package id="Microsoft.Bcl" version="1.1.10" targetFramework="net45" />
   <package id="Microsoft.Bcl.Async" version="1.0.168" targetFramework="net45" />