public static async ValueTask <RoleAssignmentDetails> CreateResource(AccessControlClient client, TestRecording recording) { string roleID = (await client.GetRoleDefinitionsAsync().ToListAsync()).First(x => x.Name == "Workspace Admin").Id; string principalId = recording.Random.NewGuid().ToString(); return(await client.CreateRoleAssignmentAsync(new RoleAssignmentOptions(roleID, principalId))); }
public void AddAndRemoveRoleAssignmentSync() { // Environment variable with the Synapse workspace endpoint. string endpoint = TestEnvironment.EndpointUrl; AccessControlClient client = new AccessControlClient(new Uri(endpoint), new DefaultAzureCredential()); Pageable <SynapseRole> roles = client.GetRoleDefinitions(); SynapseRole role = roles.Single(role => role.Name == "Workspace Admin"); string principalId = Guid.NewGuid().ToString(); RoleAssignmentOptions request = new RoleAssignmentOptions(role.Id, principalId); Response <RoleAssignmentDetails> response = client.CreateRoleAssignment(request); RoleAssignmentDetails roleAssignmentAdded = response.Value; RoleAssignmentDetails roleAssignment = client.GetRoleAssignmentById(roleAssignmentAdded.Id); Debug.WriteLine($"Role {roleAssignment.RoleId} is assigned to {roleAssignment.PrincipalId}. Role assignment id: {roleAssignment.Id}"); IReadOnlyList <RoleAssignmentDetails> roleAssignments = client.GetRoleAssignments().Value; foreach (RoleAssignmentDetails assignment in roleAssignments) { Console.WriteLine(assignment.Id); } client.DeleteRoleAssignmentById(roleAssignment.Id); }
public async Task GetCallerRoleAssignment() { AccessControlClient client = CreateClient(); Response <IReadOnlyList <string> > assignments = await client.GetCallerRoleAssignmentsAsync(); Assert.GreaterOrEqual(assignments.Value.Count, 1); }
public void RoleAssignmentSample() { #region Snippet:CreateAccessControlClient // Replace the string below with your actual endpoint url. string endpoint = "<my-endpoint-url>"; /*@@*/ endpoint = TestEnvironment.EndpointUrl; AccessControlClient client = new AccessControlClient(endpoint: new Uri(endpoint), credential: new DefaultAzureCredential()); #endregion string principalId = TestEnvironment.PrincipalId; #region Snippet:CreateRoleAssignment Pageable <SynapseRole> roles = client.GetRoleDefinitions(); SynapseRole sqlAdminRole = roles.Single(role => role.Name == "Sql Admin"); RoleAssignmentOptions options = new RoleAssignmentOptions(sqlAdminRole.Id, principalId); RoleAssignmentDetails createdRoleAssignment = client.CreateRoleAssignment(options); #endregion #region Snippet:RetrieveRoleAssignment RoleAssignmentDetails retrievedRoleAssignment = client.GetRoleAssignmentById(createdRoleAssignment.Id); #endregion #region Snippet:ListRoleAssignments IReadOnlyList <RoleAssignmentDetails> roleAssignments = client.GetRoleAssignments().Value; foreach (RoleAssignmentDetails roleAssignment in roleAssignments) { Console.WriteLine(roleAssignment.Id); } #endregion #region Snippet:DeleteRoleAssignment client.DeleteRoleAssignmentById(retrievedRoleAssignment.Id); #endregion }
public async Task TesGetCallerRoleAssignments() { IEnumerable <string> expectedRoleIds = (await AccessControlClient.GetRoleDefinitionsAsync().ToEnumerableAsync()) .Where(role => role.IsBuiltIn) .Select(role => role.Id); Response <IReadOnlyList <string> > actualRoleIds = await AccessControlClient.GetCallerRoleAssignmentsAsync(); CollectionAssert.AreEquivalent(expectedRoleIds, actualRoleIds.Value); }
public async Task DeleteRoleAssignments() { AccessControlClient client = CreateClient(); RoleAssignmentDetails assignment = await DisposableClientRole.CreateResource(client, this.Recording); Response response = await client.DeleteRoleAssignmentByIdAsync(assignment.Id); response.AssertSuccess(); }
public FileSystemClient(IMongoDatabase database, int chunkSize = 1048576) { IMongoCollection <Element> elements = database.GetCollection <Element>(nameof(MDBFS) + '.' + nameof(Filesystem) + '.' + nameof(elements)); Files = new Files(elements, chunkSize); Directories = new Directories(elements, Files); AccessControl = new AccessControlClient(database, elements, Files, Directories); }
public async Task CreateRoleAssignment() { AccessControlClient client = CreateClient(); await using DisposableClientRole role = await DisposableClientRole.Create(client, this.Recording); Assert.NotNull(role.Assignment.Id); Assert.NotNull(role.Assignment.RoleId); Assert.NotNull(role.Assignment.PrincipalId); }
public async Task GetRoleAssignment() { AccessControlClient client = CreateClient(); await using DisposableClientRole role = await DisposableClientRole.Create(client, this.Recording); RoleAssignmentDetails roleAssignment = await client.GetRoleAssignmentByIdAsync(role.Assignment.Id); Assert.AreEqual(role.Assignment.RoleId, roleAssignment.RoleId); Assert.AreEqual(role.Assignment.PrincipalId, roleAssignment.PrincipalId); }
public SynapseAnalyticsRoleClient(string workspaceName, IAzureContext context) { if (context == null) { throw new SynapseException(Resources.InvalidDefaultSubscription); } string suffix = context.Environment.GetEndpoint(AzureEnvironment.ExtendedEndpoint.AzureSynapseAnalyticsEndpointSuffix); Uri uri = new Uri("https://" + workspaceName + "." + suffix); _accessControlClient = new AccessControlClient(uri, new AzureSessionCredential(context)); _activeDirectoryClient = new ActiveDirectoryClient(context); }
public void CreateClient() { // Environment variable with the Synapse workspace endpoint. string workspaceUrl = TestEnvironment.WorkspaceUrl; #region Snippet:CreateAccessControlClient // Create a new access control client using the default credential from Azure.Identity using environment variables previously set, // including AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID. AccessControlClient client = new AccessControlClient(endpoint: new Uri(workspaceUrl), credential: new DefaultAzureCredential()); #endregion this.client = client; }
public async Task TestGetRoleAssignment() { IReadOnlyList <RoleAssignmentDetails> roleAssignments = (await AccessControlClient.GetRoleAssignmentsAsync()).Value; CollectionAssert.IsNotEmpty(roleAssignments); foreach (RoleAssignmentDetails expectedRoleAssignment in roleAssignments) { RoleAssignmentDetails actualRoleAssignment = await AccessControlClient.GetRoleAssignmentByIdAsync(expectedRoleAssignment.Id); Assert.AreEqual(expectedRoleAssignment.Id, actualRoleAssignment.Id); Assert.AreEqual(expectedRoleAssignment.PrincipalId, actualRoleAssignment.PrincipalId); Assert.AreEqual(expectedRoleAssignment.RoleId, actualRoleAssignment.RoleId); } }
public async Task TestGetRoleDefinition() { List <SynapseRole> roles = await AccessControlClient.GetRoleDefinitionsAsync().ToEnumerableAsync(); CollectionAssert.IsNotEmpty(roles); foreach (SynapseRole expectedRole in roles) { SynapseRole actualRole = await AccessControlClient.GetRoleDefinitionByIdAsync(expectedRole.Id.ToString()); Assert.AreEqual(expectedRole.Name, actualRole.Name); Assert.AreEqual(expectedRole.Id, actualRole.Id); Assert.AreEqual(expectedRole.IsBuiltIn, actualRole.IsBuiltIn); } }
public async Task ListRoleAssignments() { AccessControlClient client = CreateClient(); await using DisposableClientRole role = await DisposableClientRole.Create(client, this.Recording); Response <IReadOnlyList <RoleAssignmentDetails> > roleAssignments = await client.GetRoleAssignmentsAsync(); foreach (RoleAssignmentDetails expected in roleAssignments.Value) { RoleAssignmentDetails actual = await client.GetRoleAssignmentByIdAsync(expected.Id); Assert.AreEqual(expected.Id, actual.Id); Assert.AreEqual(expected.PrincipalId, actual.PrincipalId); Assert.AreEqual(expected.RoleId, actual.RoleId); } Assert.GreaterOrEqual(roleAssignments.Value.Count, 1); }
public async Task DeleteRoleAssignments() { AccessControlClient client = CreateClient(); RoleAssignmentDetails assignment = await DisposableClientRole.CreateResource(client, this.Recording); Response response = await client.DeleteRoleAssignmentByIdAsync(assignment.Id); switch (response.Status) { case 200: case 204: break; default: Assert.Fail($"Unexpected status ${response.Status} returned"); break; } }
public void AddAndRemoveRoleAssignmentSync() { #region Snippet:CreateAccessControlClient // Replace the string below with your actual endpoint url. string endpoint = "<my-endpoint-url>"; /*@@*/ endpoint = TestEnvironment.EndpointUrl; AccessControlClient client = new AccessControlClient(new Uri(endpoint), new DefaultAzureCredential()); #endregion #region Snippet:PrepCreateRoleAssignment Pageable <SynapseRole> roles = client.GetRoleDefinitions(); SynapseRole role = roles.Single(role => role.Name == "Workspace Admin"); string roleID = role.Id; // Replace the string below with the ID you'd like to assign the role. string principalId = "<my-principal-id>"; /*@@*/ principalId = Guid.NewGuid().ToString(); #endregion #region Snippet:CreateRoleAssignment RoleAssignmentOptions request = new RoleAssignmentOptions(roleID, principalId); Response <RoleAssignmentDetails> response = client.CreateRoleAssignment(request); RoleAssignmentDetails roleAssignmentAdded = response.Value; #endregion #region Snippet:RetrieveRoleAssignment RoleAssignmentDetails roleAssignment = client.GetRoleAssignmentById(roleAssignmentAdded.Id); Console.WriteLine($"Role {roleAssignment.RoleId} is assigned to {roleAssignment.PrincipalId}."); #endregion #region Snippet:ListRoleAssignments Response <IReadOnlyList <RoleAssignmentDetails> > roleAssignments = client.GetRoleAssignments(); foreach (RoleAssignmentDetails assignment in roleAssignments.Value) { Console.WriteLine(assignment.Id); } #endregion #region Snippet:DeleteRoleAssignment client.DeleteRoleAssignmentById(roleAssignment.Id); #endregion }
public async Task TestCreateAndDeleteRoleAssignment() { string sqlAdminRoleId = "7af0c69a-a548-47d6-aea3-d00e69bd83aa"; string principalId = Recording.Random.NewGuid().ToString(); // Create role assignment. RoleAssignmentDetails actualRoleAssignment = await AccessControlClient.CreateRoleAssignmentAsync(new RoleAssignmentOptions(roleId : sqlAdminRoleId, principalId : principalId)); // Verify the role assignment exists. Assert.NotNull(actualRoleAssignment); Assert.AreEqual(sqlAdminRoleId, actualRoleAssignment.RoleId); Assert.AreEqual(principalId, actualRoleAssignment.PrincipalId); // Remove the role assignment. await AccessControlClient.DeleteRoleAssignmentByIdAsync(actualRoleAssignment.Id); // Verify the role assignment doesn't exist. actualRoleAssignment = (await AccessControlClient.GetRoleAssignmentsAsync()).Value.FirstOrDefault(ra => ra.PrincipalId == principalId); Assert.IsNull(actualRoleAssignment); }
public void SubmitSparkJobSync() { // Environment variable with the Synapse workspace endpoint. string workspaceUrl = TestEnvironment.WorkspaceUrl; #region Snippet:AccessControlSample1AccessControlClient AccessControlClient client = new AccessControlClient(new Uri(workspaceUrl), new DefaultAzureCredential()); #endregion #region Snippet:AccessControlSample1GetWorkspaceAdminRole SynapseRole role = client.GetRoleDefinitions().Single(role => role.Name == "Workspace Admin"); #endregion #region Snippet:AccessControlSample1AddRoleAssignment string principalId = Guid.NewGuid().ToString(); RoleAssignmentOptions request = new RoleAssignmentOptions(roleId: role.Id, principalId: principalId); RoleAssignmentDetails roleAssignmentAdded = client.CreateRoleAssignment(request); #endregion #region Snippet:AccessControlSample1GetRoleAssignment RoleAssignmentDetails roleAssignment = client.GetRoleAssignmentById(principalId); Debug.WriteLine($"Role {roleAssignment.RoleId} is assigned to {roleAssignment.PrincipalId}. Role assignment id: {roleAssignment.Id}"); #endregion #region Snippet:AccessControlSample1ListRoleAssignments IReadOnlyList <RoleAssignmentDetails> roleAssignments = client.GetRoleAssignments().Value; foreach (RoleAssignmentDetails assignment in roleAssignments) { Console.WriteLine(assignment.Id); } #endregion #region Snippet:AccessControlSample1RemoveRoleAssignment client.DeleteRoleAssignmentById(roleAssignment.Id); #endregion }
public override void StartTestRecording() { base.StartTestRecording(); AccessControlClient = CreateAccessControlClient(); }
public async Task TestGetCallerRoleAssignments() { Response <IReadOnlyList <string> > actualRoleIds = await AccessControlClient.GetCallerRoleAssignmentsAsync(); CollectionAssert.IsNotEmpty(actualRoleIds.Value); }
public static async ValueTask <DisposableClientRole> Create(AccessControlClient client, TestRecording recording) => new DisposableClientRole(client, await CreateResource(client, recording));
private DisposableClientRole(AccessControlClient client, RoleAssignmentDetails assignment) { _client = client; Assignment = assignment; }