public PSKeyVaultPermission(KeyVaultPermission permission)
{
Actions = permission.Actions.ToArray();
NotActions = permission.NotActions.ToArray();
DataActions = permission.DataActions.Select(x => x.ToString()).ToArray();
NotDataActions = permission.NotDataActions.Select(x => x.ToString()).ToArray();
}
public async Task CreateOrUpdateRoleDefinition()
{
var description = Recording.GenerateAlphaNumericId("role");
var name = Recording.Random.NewGuid();
var originalPermissions = new KeyVaultPermission();
originalPermissions.DataActions.Add(KeyVaultDataAction.BackupHsmKeys);
KeyVaultRoleDefinition createdDefinition = await Client.CreateOrUpdateRoleDefinitionAsync(description, originalPermissions, KeyVaultRoleScope.Global, name);
RegisterForCleanup(createdDefinition);
Assert.That(createdDefinition.AssignableScopes, Is.EqualTo(new[] { KeyVaultRoleScope.Global }));
Assert.That(createdDefinition.Description, Is.EqualTo(description));
Assert.That(createdDefinition.Name, Is.EqualTo(name.ToString()));
Assert.That(createdDefinition.Permissions.First().DataActions, Is.EquivalentTo(originalPermissions.DataActions));
Assert.That(createdDefinition.Type, Is.EqualTo(KeyVaultRoleDefinitionType.MicrosoftAuthorizationRoleDefinitions));
var updatedpermissions = new KeyVaultPermission();
updatedpermissions.DataActions.Add(KeyVaultDataAction.CreateHsmKey);
updatedpermissions.DataActions.Add(KeyVaultDataAction.DownloadHsmSecurityDomain);
KeyVaultRoleDefinition updatedDefinition = await Client.CreateOrUpdateRoleDefinitionAsync(description, updatedpermissions, KeyVaultRoleScope.Global, name);
Assert.That(updatedDefinition.AssignableScopes, Is.EqualTo(new[] { KeyVaultRoleScope.Global }));
Assert.That(updatedDefinition.Description, Is.EqualTo(description));
Assert.That(updatedDefinition.Name, Is.EqualTo(name.ToString()));
Assert.That(updatedDefinition.Permissions.First().DataActions, Is.EquivalentTo(updatedpermissions.DataActions));
Assert.That(updatedDefinition.Type, Is.EqualTo(KeyVaultRoleDefinitionType.MicrosoftAuthorizationRoleDefinitions));
}
public PSKeyVaultPermission(KeyVaultPermission permission)
{
AllowedActions = permission.Actions.ToArray();
DeniedActions = permission.NotActions.ToArray();
AllowedDataActions = permission.DataActions.ToArray();
DeniedDataActions = permission.NotDataActions.ToArray();
}
public async Task DeleteRoleDefinition()
{
var description = Recording.GenerateAlphaNumericId("role");
var name = Recording.Random.NewGuid();
var originalPermissions = new KeyVaultPermission();
originalPermissions.DataActions.Add(KeyVaultDataAction.BackupHsmKeys);
KeyVaultRoleDefinition createdDefinition = await Client.CreateOrUpdateRoleDefinitionAsync(description, originalPermissions, KeyVaultRoleScope.Global, name);
await Client.DeleteRoleDefinitionAsync(name, KeyVaultRoleScope.Global);
List <KeyVaultRoleDefinition> results = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false);
Assert.That(!results.Any(r => r.Name.ToString().Equals(name.ToString())));
}
public static KeyVaultPermission ToSdkType(this PSKeyVaultPermission psPermission)
{
var sdkPermission = new KeyVaultPermission();
foreach (var x in psPermission.Actions)
{
sdkPermission.Actions.Add(x);
}
foreach (var x in psPermission.NotActions)
{
sdkPermission.NotActions.Add(x);
}
foreach (var x in psPermission.DataActions)
{
sdkPermission.DataActions.Add(x);
}
foreach (var x in psPermission.NotDataActions)
{
sdkPermission.NotDataActions.Add(x);
}
return(sdkPermission);
}
