public async Task HandleAsync(AddRoleCommand command)
{
var groupId = GroupId.From(command.GroupId);
var group = await _groupRepository.GetAsync(groupId) ?? throw new GroupNotFoundException(groupId);
group.AddRole(UserId.From(command.UserId), RoleId.From(command.RoleId), RoleName.Create(command.Name));
}
public async Task Can_Create_A_Role()
{
// Arrange
var regionalEndpoint = RegionEndpoint.EUWest1;
var amazonIdentityManagementServiceClient = new AmazonIdentityManagementServiceClient(regionalEndpoint);
var amazonSecurityTokenServiceClient = new AmazonSecurityTokenServiceClient(regionalEndpoint);
var fakePolicyRepository = new FakePolicyTemplateRepository();
var identityManagementClient = new IdentityManagementServiceClient(new AmazonIdentityManagementServiceWrapper(amazonIdentityManagementServiceClient));
var awsIdentityClient = new AwsIdentityCommandClient(
amazonIdentityManagementServiceClient,
amazonSecurityTokenServiceClient,
fakePolicyRepository,
identityManagementClient
);
var roleName = RoleName.Create("test-role-do-delete-33");
var role = await awsIdentityClient.EnsureRoleExistsAsync(roleName);
try
{
// Act
// Assert
}
finally
{
await identityManagementClient.DeleteRoleAsync(roleName);
}
}
public async Task <IActionResult> SyncRole(string rolename)
{
var roleName = RoleName.Create(rolename);
await _awsIdentityCommandClient.SyncRole(roleName);
return(Ok());
}
private RoleRM CreateRole(Commands.V1.Role.Create cmd)
{
if (_repository.RoleExists(cmd.RoleName))
{
throw new InvalidOperationException($"Role with name {cmd.RoleName} already exists");
}
Role role = Role.Create(_roles++, RoleName.Create(cmd.RoleName), RoleDescription.Create(cmd.RoleDescription),
cmd.IsActive);
_repository.AddRole(role);
return(Conversions.GetRoleRM(role));
}
public async Task <IActionResult> Create([FromBody, SwaggerParameter("Create role request.", Required = true)]
CreateIAMRoleRequest input)
{
if (!_createIAMRoleRequestValidator.TryValidateCreateRoleRequest(input, out string validationError))
{
Log.Warning($"Create role called with invalid input. Validation error: {validationError}");
return(BadRequest(validationError));
}
var roleName = RoleName.Create(input.Name);
var role = await _awsIdentityCommandClient.PutRoleAsync(roleName);
return(Ok(new
{
RoleArn = role.Arn
}));
}
public async Task <Role> GetRoleByCapabilityName(string capabilityName)
{
var listRolesResponse = await _client.ListRolesAsync(new ListRolesRequest());
var roles = listRolesResponse.Roles;
var name = RoleName.Create(capabilityName);
foreach (var role in roles)
{
var listRoleTagsResponse =
await _client.ListRoleTagsAsync(new ListRoleTagsRequest { RoleName = role.RoleName });
if (listRoleTagsResponse.Tags.Any(t => t.Key == "capability" && t.Value == name) == false)
{
continue;
}
role.Tags = listRoleTagsResponse.Tags;
return(role);
}
return(null);
}
public async Task HandleAsync(ChangeRoleNameCommand command)
{
var group = await _groupRepository.GetAsync(GroupId.From(command.GroupId)) ??
throw new GroupNotFoundException(GroupId.From(command.GroupId));
group.RenameRole(UserId.From(command.UserId), RoleId.From(command.RoleId), RoleName.Create(command.Name));
}
public Task <Role> PutRoleAsync(RoleName roleName, Func <PolicyTemplate, string> policyTemplateFormatter = default)
{
return(Task.FromResult(new Role {
RoleName = RoleName.Create(roleName)
}));
}