internal void HandleExternalIdentities(SitePatchResource siteUpdate) { if (this.HandleRemoveAllExternalIdentitiesCase(siteUpdate)) { return; } else { // At this point one of the following condition is met: // // 1. User don't want touch the 'Site.Identity.UserAssignedIdentities' property // [this.userAssignedIdentities.Empty() == true] // 2. User want to add some identities to 'Site.Identity.UserAssignedIdentities' // [this.userAssignedIdentities.Empty() == false and this.webAppBase.Inner().Identity() != null] // 3. User want to remove some (not all) identities in 'Site.Identity.UserAssignedIdentities' // [this.userAssignedIdentities.Empty() == false and this.webAppBase.Inner().Identity() != null] // Note: The scenario where this.webAppBase.Inner().Identity() is null in #3 is already handled in // handleRemoveAllExternalIdentitiesCase method // 4. User want to add and remove (all or subset) some identities in 'Site.Identity.UserAssignedIdentities' // [this.userAssignedIdentities.Empty() == false and this.webAppBase.Inner().Identity() != null] // SiteInner siteInner = this.webAppBaseImpl.Inner; ManagedServiceIdentity currentIdentity = siteInner.Identity; siteUpdate.Identity = currentIdentity; if (this.userAssignedIdentities.Any()) { // At this point its guaranteed that 'currentIdentity' is not null so vmUpdate.Identity() is. siteUpdate.Identity.UserAssignedIdentities = this.userAssignedIdentities; } else { // User don't want to touch 'VM.Identity.UserAssignedIdentities' property if (currentIdentity != null) { // and currently there is identity exists or user want to manipulate some other properties of // identity, set identities to null so that it won't send over wire. currentIdentity.UserAssignedIdentities = null; } } } }
internal async override Task <SiteInner> UpdateInnerAsync(SitePatchResource siteUpdate, CancellationToken cancellationToken = default(CancellationToken)) { return(await Manager.Inner.WebApps.UpdateSlotAsync(ResourceGroupName, parent.Name, siteUpdate, Name, cancellationToken : cancellationToken)); }
/// <summary> /// Method that handle the case where user request indicates all it want to do is remove all identities associated /// with the virtual machine. /// </summary> /// <param name="siteUpdate">The vm update payload model.</param> /// <return>True if user indented to remove all the identities.</return> private bool HandleRemoveAllExternalIdentitiesCase(SitePatchResource siteUpdate) { SiteInner siteInner = (SiteInner)this.webAppBaseImpl.Inner; if (this.userAssignedIdentities.Any()) { int rmCount = 0; foreach (var v in this.userAssignedIdentities.Values) { if (v == null) { rmCount++; } else { break; } } bool containsRemoveOnly = rmCount > 0 && rmCount == this.userAssignedIdentities.Count; // Check if user request contains only request for removal of identities. if (containsRemoveOnly) { HashSet <string> currentIds = new HashSet <string>(); ManagedServiceIdentity currentIdentity = siteInner.Identity; if (currentIdentity != null && currentIdentity.UserAssignedIdentities != null) { foreach (String id in currentIdentity.UserAssignedIdentities.Keys) { currentIds.Add(id.ToLower()); } } HashSet <string> removeIds = new HashSet <string>(); foreach (var entrySet in this.userAssignedIdentities) { if (entrySet.Value == null) { removeIds.Add(entrySet.Key.ToLower()); } } var removeAllCurrentIds = currentIds.Count == removeIds.Count && !removeIds.Any(id => !currentIds.Contains(id)); // Java part looks like this -> && currentIds.ContainsAll(removeIds); if (removeAllCurrentIds) { // If so adjust the identity type [Setting type to SYSTEM_ASSIGNED orNONE will remove all the identities] if (currentIdentity == null || currentIdentity.Type == null) { siteUpdate.Identity = new ManagedServiceIdentity() { Type = ManagedServiceIdentityType.None }; } else if (currentIdentity.Type.Equals(ManagedServiceIdentityType.SystemAssigned)) { siteUpdate.Identity = currentIdentity; siteUpdate.Identity.Type = ManagedServiceIdentityType.SystemAssigned; } else if (currentIdentity.Type.Equals(ManagedServiceIdentityType.UserAssigned)) { siteUpdate.Identity = currentIdentity; siteUpdate.Identity.Type = ManagedServiceIdentityType.None; } // and set identities property in the payload model to null so that it won't be sent siteUpdate.Identity.UserAssignedIdentities = null; return(true); } else { // Check user is asking to remove identities though there is no identities currently associated if (currentIds.Count == 0 && removeIds.Count != 0 && currentIdentity == null) { // If so we are in a invalid state but we want to send user input to service and let service // handle it (ignore or error). siteUpdate.Identity = new ManagedServiceIdentity() { Type = ManagedServiceIdentityType.None, UserAssignedIdentities = null }; return(true); } } } } return(false); }