Authorization: Add paging for role assignment list/get calls

Author: namratab

src/ResourceManager/Resources/Commands.Resources.Test/Commands.Resources.Test.csproj

@@ -71,7 +71,7 @@
       <HintPath>..\..\..\packages\Microsoft.Azure.KeyVault.Core.1.0.0\lib\net40\Microsoft.Azure.KeyVault.Core.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.Management.Authorization">
-      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.0.1\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
+      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.0.2\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.ResourceManager, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>
@@ -551,4 +551,4 @@
   <ItemGroup />
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <Import Project="..\..\..\packages\Microsoft.Bcl.Build.1.0.14\tools\Microsoft.Bcl.Build.targets" Condition="Exists('..\..\..\packages\Microsoft.Bcl.Build.1.0.14\tools\Microsoft.Bcl.Build.targets')" />
-</Project>
+</Project>

src/ResourceManager/Resources/Commands.Resources.Test/packages.config

@@ -8,7 +8,7 @@
   <package id="Microsoft.Azure.Graph.RBAC" version="1.7.2-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.Insights" version="0.7.7-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.KeyVault.Core" version="1.0.0" targetFramework="net45" />
-  <package id="Microsoft.Azure.Management.Authorization" version="1.0.0" targetFramework="net45" />
+  <package id="Microsoft.Azure.Management.Authorization" version="1.0.2" targetFramework="net45" />
   <package id="Microsoft.Azure.Management.Resources" version="2.18.7-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.Test.Framework" version="1.0.5715.36130-prerelease" targetFramework="net45" />
   <package id="Microsoft.Azure.Test.HttpRecorder" version="1.0.5715.36130-prerelease" targetFramework="net45" />

src/ResourceManager/Resources/Commands.Resources/Commands.Resources.csproj

@@ -69,8 +69,7 @@
       <HintPath>..\..\..\packages\Microsoft.Azure.Graph.RBAC.1.7.2-preview\lib\net40\Microsoft.Azure.Graph.RBAC.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.Management.Authorization">
-      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.0.1\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
-      <Private>True</Private>
+      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.0.2\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.ResourceManager, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>

src/ResourceManager/Resources/Commands.Resources/Models.Authorization/AuthorizationClient.cs

@@ -187,11 +187,16 @@ public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions
                     parameters.PrincipalId = string.IsNullOrEmpty(options.ADObjectFilter.Id) ? adObject.Id : Guid.Parse(options.ADObjectFilter.Id);
                 }
 
-                result.AddRange(AuthorizationManagementClient.RoleAssignments.List(parameters)
-                    .RoleAssignments
-                    .FilterRoleAssignmentsOnRoleId(options.RoleDefinitionId)
+                var tempResult = AuthorizationManagementClient.RoleAssignments.List(parameters);
+                result.AddRange(tempResult.RoleAssignments.FilterRoleAssignmentsOnRoleId(options.RoleDefinitionId)
                     .ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals));
 
+                while (!string.IsNullOrWhiteSpace(tempResult.NextLink))
+                {
+                    tempResult = AuthorizationManagementClient.RoleAssignments.ListNext(tempResult.NextLink);
+                    result.AddRange(tempResult.RoleAssignments.FilterRoleAssignmentsOnRoleId(options.RoleDefinitionId).ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals));
+                }
+
                 // Filter out by scope
                 if (!string.IsNullOrEmpty(options.Scope))
                 {
@@ -203,15 +208,27 @@ public List<PSRoleAssignment> FilterRoleAssignments(FilterRoleAssignmentsOptions
                 // Filter by scope and above directly
                 parameters.AtScope = true;
 
-                result.AddRange(AuthorizationManagementClient.RoleAssignments.ListForScope(options.Scope, parameters)
-                    .RoleAssignments
-                    .FilterRoleAssignmentsOnRoleId(options.RoleDefinitionId)
+                var tempResult = AuthorizationManagementClient.RoleAssignments.ListForScope(options.Scope, parameters);
+                result.AddRange(tempResult.RoleAssignments.FilterRoleAssignmentsOnRoleId(options.RoleDefinitionId)
                     .ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals));
+
+                while (!string.IsNullOrWhiteSpace(tempResult.NextLink))
+                {
+                    tempResult = AuthorizationManagementClient.RoleAssignments.ListForScopeNext(tempResult.NextLink);
+                    result.AddRange(tempResult.RoleAssignments.FilterRoleAssignmentsOnRoleId(options.RoleDefinitionId)
+                        .ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals));
+                }
             }
             else
             {
-                result.AddRange(AuthorizationManagementClient.RoleAssignments.List(parameters)
-                    .RoleAssignments.ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals));
+                var tempResult = AuthorizationManagementClient.RoleAssignments.List(parameters);
+                result.AddRange(tempResult.RoleAssignments.ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals));
+
+                while (!string.IsNullOrWhiteSpace(tempResult.NextLink))
+                {
+                    tempResult = AuthorizationManagementClient.RoleAssignments.ListNext(tempResult.NextLink);
+                    result.AddRange(tempResult.RoleAssignments.ToPSRoleAssignments(this, ActiveDirectoryClient, options.ExcludeAssignmentsForDeletedPrincipals));
+                }
             }
 
             if (!string.IsNullOrEmpty(options.RoleDefinitionName))
@@ -255,6 +272,7 @@ public IEnumerable<PSRoleAssignment> RemoveRoleAssignment(FilterRoleAssignmentsO
         {
             // Match role assignments at exact scope. Ideally, atmost 1 roleAssignment should match the criteria 
             // but an edge case can have multiple role assignments to the same role or multiple role assignments to different roles, with same name.
+            // The FilterRoleAssignments takes care of paging internally
             IEnumerable<PSRoleAssignment> roleAssignments = FilterRoleAssignments(options, currentSubscription: string.Empty)
                                                 .Where(ra => ra.Scope == options.Scope.TrimEnd('/'));
 

src/ResourceManager/Resources/Commands.Resources/packages.config

@@ -6,7 +6,7 @@
   <package id="Microsoft.Azure.Common.Dependencies" version="1.0.0" targetFramework="net45" />
   <package id="Microsoft.Azure.Gallery" version="2.6.2-preview" targetFramework="net45" />
   <package id="Microsoft.Azure.Graph.RBAC" version="1.7.2-preview" targetFramework="net45" />
-  <package id="Microsoft.Azure.Management.Authorization" version="1.0.1" targetFramework="net45" />
+  <package id="Microsoft.Azure.Management.Authorization" version="1.0.2" targetFramework="net45" />
   <package id="Microsoft.Azure.Management.Resources" version="2.18.11-preview" targetFramework="net45" />
   <package id="Microsoft.Bcl" version="1.1.10" targetFramework="net45" />
   <package id="Microsoft.Bcl.Async" version="1.0.168" targetFramework="net45" />