com.microsoft.azure.management.graphrbac.implementation.RoleAssignmentImpl Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure-mgmt-graph-rbac Show documentation
Show all versions of azure-mgmt-graph-rbac Show documentation
This package contains Microsoft Azure Graph RBAC Management SDK. This package has been deprecated. A replacement package com.azure.resourcemanager:azure-resourcemanager-authorization is available as of 31-March-2022. We strongly encourage you to upgrade to continue receiving updates. See Migration Guide https://aka.ms/java-track2-migration-guide for guidance on upgrading. Refer to our deprecation policy https://azure.github.io/azure-sdk/policies_support.html for more details.
/**
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for
* license information.
*/
package com.microsoft.azure.management.graphrbac.implementation;
import com.microsoft.azure.CloudException;
import com.microsoft.azure.management.apigeneration.LangDefinition;
import com.microsoft.azure.management.graphrbac.ActiveDirectoryGroup;
import com.microsoft.azure.management.graphrbac.ActiveDirectoryUser;
import com.microsoft.azure.management.graphrbac.BuiltInRole;
import com.microsoft.azure.management.graphrbac.RoleAssignment;
import com.microsoft.azure.management.graphrbac.RoleDefinition;
import com.microsoft.azure.management.graphrbac.ServicePrincipal;
import com.microsoft.azure.management.resources.ResourceGroup;
import com.microsoft.azure.management.resources.fluentcore.arm.models.Resource;
import com.microsoft.azure.management.resources.fluentcore.model.implementation.CreatableImpl;
import com.microsoft.azure.management.resources.fluentcore.utils.SdkContext;
import rx.Observable;
import rx.exceptions.Exceptions;
import rx.functions.Func1;
import rx.functions.Func2;
/**
* Implementation for ServicePrincipal and its parent interfaces.
*/
@LangDefinition(ContainerName = "/Microsoft.Azure.Management.Graph.RBAC.Fluent")
class RoleAssignmentImpl
extends CreatableImpl
implements
RoleAssignment,
RoleAssignment.Definition {
private GraphRbacManager manager;
// Active Directory identify info
private String objectId;
private String userName;
private String servicePrincipalName;
// role info
private String roleDefinitionId;
private String roleName;
RoleAssignmentImpl(String name, RoleAssignmentInner innerObject, GraphRbacManager manager) {
super(name, innerObject);
this.manager = manager;
}
@Override
public String id() {
return inner().id();
}
@Override
public boolean isInCreateMode() {
return inner().id() == null;
}
@Override
public Observable createResourceAsync() {
Observable objectIdObservable;
if (objectId != null) {
objectIdObservable = Observable.just(objectId);
} else if (userName != null) {
objectIdObservable = manager.users().getByNameAsync(userName)
.map(new Func1() {
@Override
public String call(ActiveDirectoryUser user) {
return user.id();
}
});
} else if (servicePrincipalName != null) {
objectIdObservable = manager.servicePrincipals().getByNameAsync(servicePrincipalName)
.map(new Func1() {
@Override
public String call(ServicePrincipal sp) {
return sp.id();
}
});
} else {
throw new IllegalArgumentException("Please pass a non-null value for either object Id, user, group, or service principal");
}
Observable roleDefinitionIdObservable;
if (roleDefinitionId != null) {
roleDefinitionIdObservable = Observable.just(roleDefinitionId);
} else if (roleName != null) {
roleDefinitionIdObservable = manager().roleDefinitions().getByScopeAndRoleNameAsync(scope(), roleName)
.map(new Func1() {
@Override
public String call(RoleDefinition roleDefinition) {
return roleDefinition.id();
}
});
} else {
throw new IllegalArgumentException("Please pass a non-null value for either role name or role definition ID");
}
return Observable.zip(objectIdObservable, roleDefinitionIdObservable, new Func2() {
@Override
public RoleAssignmentCreateParametersInner call(String objectId, String roleDefinitionId) {
return new RoleAssignmentCreateParametersInner()
.withPrincipalId(objectId).withRoleDefinitionId(roleDefinitionId);
}
}).flatMap(new Func1>() {
@Override
public Observable call(RoleAssignmentCreateParametersInner roleAssignmentPropertiesInner) {
return manager().roleInner().roleAssignments()
.createAsync(scope(), name(), roleAssignmentPropertiesInner)
.retryWhen(new Func1, Observable>() {
@Override
public Observable call(Observable observable) {
return observable.zipWith(Observable.range(1, 30), new Func2() {
@Override
public Integer call(Throwable throwable, Integer integer) {
if (throwable instanceof CloudException) {
CloudException cloudException = (CloudException) throwable;
if ((cloudException.body().code() != null && cloudException.body().code().equalsIgnoreCase("PrincipalNotFound"))
|| (cloudException.body().message() != null && cloudException.body().message().toLowerCase().contains("does not exist in the directory"))) {
// ref: https://github.com/Azure/azure-cli/blob/dev/src/command_modules/azure-cli-role/azure/cli/command_modules/role/custom.py#L1048-L1065
return integer;
} else {
throw Exceptions.propagate(throwable);
}
} else {
throw Exceptions.propagate(throwable);
}
}
}).flatMap(new Func1>() {
@Override
public Observable call(Integer i) {
return SdkContext.delayedEmitAsync(i, i * 1000);
}
});
}
});
}
}).map(innerToFluentMap(this));
}
@Override
protected Observable getInnerAsync() {
return manager.roleInner().roleAssignments().getAsync(scope(), name());
}
@Override
public GraphRbacManager manager() {
return manager;
}
@Override
public String scope() {
return inner().scope();
}
@Override
public String roleDefinitionId() {
return inner().roleDefinitionId();
}
@Override
public String principalId() {
return inner().principalId();
}
@Override
public RoleAssignmentImpl forObjectId(String objectId) {
this.objectId = objectId;
return this;
}
@Override
public RoleAssignmentImpl forUser(ActiveDirectoryUser user) {
this.objectId = user.id();
return this;
}
@Override
public RoleAssignmentImpl forUser(String name) {
this.userName = name;
return this;
}
@Override
public RoleAssignmentImpl forGroup(ActiveDirectoryGroup activeDirectoryGroup) {
this.objectId = activeDirectoryGroup.id();
return this;
}
@Override
public RoleAssignmentImpl forServicePrincipal(ServicePrincipal servicePrincipal) {
this.objectId = servicePrincipal.id();
return this;
}
@Override
public RoleAssignmentImpl forServicePrincipal(String servicePrincipalName) {
this.servicePrincipalName = servicePrincipalName;
return this;
}
@Override
public RoleAssignmentImpl withBuiltInRole(BuiltInRole role) {
this.roleName = role.toString();
return this;
}
@Override
public RoleAssignmentImpl withRoleDefinition(String roleDefinitionId) {
this.roleDefinitionId = roleDefinitionId;
return this;
}
@Override
public RoleAssignmentImpl withScope(String scope) {
this.inner().withScope(scope);
return this;
}
@Override
public RoleAssignmentImpl withResourceGroupScope(ResourceGroup resourceGroup) {
return withScope(resourceGroup.id());
}
@Override
public RoleAssignmentImpl withResourceScope(Resource resource) {
return withScope(resource.id());
}
@Override
public RoleAssignmentImpl withSubscriptionScope(String subscriptionId) {
return withScope("subscriptions/" + subscriptionId);
}
}