Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

{synapse} az synapse module migration to Microsoft Graph #23098

Merged
merged 7 commits into from
Jul 20, 2022
Merged

{synapse} az synapse module migration to Microsoft Graph #23098

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
2a626d2
make changes to use ms graph
kevinzz6 Jun 22, 2022
c2cb2a0
fix comment
kevinzz6 Jul 5, 2022
a99506e
fix test issue
kevinzz6 Jul 6, 2022
0619377
fix pipeline test issue
kevinzz6 Jul 6, 2022
c5e38d7
remove unused error
kevinzz6 Jul 12, 2022
b574e2b
fix style error
kevinzz6 Jul 12, 2022
1adf91e
fix wrong usage
kevinzz6 Jul 13, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 3 additions & 10 deletions src/azure-cli/azure/cli/command_modules/synapse/manual/_client_factory.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -152,16 +152,9 @@ def cf_synapse_role_definitions(cli_ctx, workspace_name):


def cf_graph_client_factory(cli_ctx, **_):
from azure.cli.core._profile import Profile
from azure.cli.core.commands.client_factory import configure_common_settings
from azure.graphrbac import GraphRbacManagementClient
profile = Profile(cli_ctx=cli_ctx)
cred, _, tenant_id = profile.get_login_credentials(
resource=cli_ctx.cloud.endpoints.active_directory_graph_resource_id)
client = GraphRbacManagementClient(cred, tenant_id,
base_url=cli_ctx.cloud.endpoints.active_directory_graph_resource_id)
configure_common_settings(cli_ctx, client)
return client
from azure.cli.command_modules.role import graph_client_factory
graph_client = graph_client_factory(cli_ctx)
return graph_client


def cf_synapse_client_artifacts_factory(cli_ctx, workspace_name):
Expand Down
19 changes: 8 additions & 11 deletions src/azure-cli/azure/cli/command_modules/synapse/manual/operations/accesscontrol.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,7 @@
from knack.util import CLIError
from azure.cli.core.azclierror import InvalidArgumentValueError, ArgumentUsageError
from azure.cli.core.util import is_guid
from azure.graphrbac.models import GraphErrorException
from msrestazure.azure_exceptions import CloudError
from azure.cli.command_modules.role import GraphError
from .._client_factory import cf_synapse_role_assignments, cf_synapse_role_definitions, cf_graph_client_factory
from ..constant import ITEM_NAME_MAPPING
import azure.cli.command_modules.synapse.custom_help as cust_help
Expand Down Expand Up @@ -121,12 +120,12 @@ def _resolve_object_id(cmd, assignee, fallback_to_object_id=False):
client = cf_graph_client_factory(cmd.cli_ctx)
result = None
try:
result = list(client.users.list(filter="userPrincipalName eq '{0}' or mail eq '{0}' or displayName eq '{0}'"
.format(assignee)))
result = list(client.user_list(filter="userPrincipalName eq '{0}' or mail eq '{0}' or displayName eq '{0}'"
.format(assignee)))
if not result:
result = list(client.service_principals.list(filter="displayName eq '{}'".format(assignee)))
result = list(client.service_principal_list(filter="displayName eq '{}'".format(assignee)))
if not result:
result = list(client.groups.list(filter="mail eq '{}'".format(assignee)))
result = list(client.group_list(filter="mail eq '{}'".format(assignee)))
if not result and is_guid(assignee): # assume an object id, let us verify it
result = _get_object_stubs(client, [assignee])

Expand All @@ -141,20 +140,18 @@ def _resolve_object_id(cmd, assignee, fallback_to_object_id=False):
"Please using --assignee-object-id GUID to specify assignee accurately"
.format(assignee=assignee))

return result[0].object_id
except (CloudError, GraphErrorException):
return result[0]["id"]
except GraphError:
if fallback_to_object_id and is_guid(assignee):
return assignee
raise


def _get_object_stubs(graph_client, assignees):
from azure.graphrbac.models import GetObjectsParameters
result = []
assignees = list(assignees) # callers could pass in a set
for i in range(0, len(assignees), 1000):
params = GetObjectsParameters(include_directory_object_references=True, object_ids=assignees[i:i + 1000])
result += list(graph_client.objects.get_objects_by_object_ids(params))
result += list(graph_client.directory_object_get_by_ids(assignees[i:i + 1000]))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Has this code been tested?

This is not how directory_object_get_by_ids is used. See

azure-cli/src/azure-cli/azure/cli/command_modules/role/custom.py

Lines 1573 to 1586 in 33cbd01

def _get_object_stubs(graph_client, assignees):
result = []
assignees = list(assignees) # callers could pass in a set
# Per https://docs.microsoft.com/en-us/graph/api/directoryobject-getbyids
# > You can specify up to 1000 IDs.
for i in range(0, len(assignees), 1000):
body = {
"ids": assignees[i:i + 1000],
# According to https://docs.microsoft.com/en-us/graph/api/directoryobject-getbyids,
# directoryObject should work as all of the resource types defined in the directory, but it doesn't.
"types": ['user', 'group', 'servicePrincipal', 'directoryObjectPartnerReference']
}
result.extend(list(graph_client.directory_object_get_by_ids(body)))
return result

return result


Expand Down
Loading