public void AddRoleMember_ContainsBinding() { var policy = new Policy { Bindings = { new Binding { Role = "role", Members ={ "member" }, Condition = new Type.Expr { Description = "condition" } } } }; Assert.Throws <InvalidOperationException>(() => policy.AddRoleMember("role", "member2")); Assert.Throws <InvalidOperationException>(() => policy.AddRoleMember("role2", "member2")); }
public void AddRoleMember_NewRole() { var policy = new Policy { Bindings = { new Binding { Role = "other", Members ={ "x", "y", "z" } }, } }; var expected = new Policy { Bindings = { new Binding { Role = "other", Members ={ "x", "y", "z" } }, new Binding { Role = "target", Members ={ "d" } }, } }; Assert.True(policy.AddRoleMember("target", "d")); Assert.Equal(expected, policy); }
public Policy IamGrantAccess( string projectId = "my-project", string secretId = "my-secret", string member = "user:[email protected]") { // Create the client. SecretManagerServiceClient client = SecretManagerServiceClient.Create(); // Build the resource name. SecretName secretName = new SecretName(projectId, secretId); // Get current policy. Policy policy = client.GetIamPolicy(new GetIamPolicyRequest { ResourceAsResourceName = secretName, }); // Add the user to the list of bindings. policy.AddRoleMember("roles/secretmanager.secretAccessor", member); // Save the updated policy. policy = client.SetIamPolicy(new SetIamPolicyRequest { ResourceAsResourceName = secretName, Policy = policy, }); return(policy); }
public Policy IamAddMember( string projectId = "my-project", string locationId = "us-east1", string keyRingId = "my-key-ring", string keyId = "my-key", string member = "user:[email protected]") { // Create the client. KeyManagementServiceClient client = KeyManagementServiceClient.Create(); // Build the resource name. CryptoKeyName resourceName = new CryptoKeyName(projectId, locationId, keyRingId, keyId); // The resource name could also be a key ring. // var resourceName = new KeyRingName(projectId, locationId, keyRingId); // Get the current IAM policy. Policy policy = client.GetIamPolicy(resourceName); // Add the member to the policy. policy.AddRoleMember("roles/cloudkms.cryptoKeyEncrypterDecrypter", member); // Save the updated IAM policy. Policy result = client.SetIamPolicy(resourceName, policy); // Return the resulting policy. return(result); }
public void AddRoleMember_LaterVersion() { var policy = new Policy { Version = 2 }; Assert.Throws <InvalidOperationException>(() => policy.AddRoleMember("role", "member")); }
public void AddRoleMember_RoleExists_MemberExists() { var policy = new Policy { Bindings = { new Binding { Role = "other", Members ={ "x", "y", "z" } }, new Binding { Role = "target", Members ={ "a", "b", "c" } }, } }; var expected = policy.Clone(); Assert.False(policy.AddRoleMember("target", "b")); Assert.Equal(expected, policy); // No change }