File: disable_test_mgmt_authorization.py

package info (click to toggle)
python-azure 20250603%2Bgit-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 851,724 kB
  • sloc: python: 7,362,925; ansic: 804; javascript: 287; makefile: 195; sh: 145; xml: 109
file content (68 lines) | stat: -rw-r--r-- 2,566 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# coding: utf-8

#-------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for
# license information.
#--------------------------------------------------------------------------
import unittest

import azure.mgmt.authorization
from devtools_testutils import AzureMgmtTestCase, ResourceGroupPreparer

class MgmtAuthorizationTest(AzureMgmtTestCase):

    def setUp(self):
        super(MgmtAuthorizationTest, self).setUp()
        self.authorization_client = self.create_mgmt_client(
            azure.mgmt.authorization.AuthorizationManagementClient
        )

    @ResourceGroupPreparer()
    def test_authorization(self, resource_group, location):
        permissions = self.authorization_client.permissions.list_for_resource_group(
            resource_group.name
        )

        permissions = list(permissions)
        self.assertEqual(len(permissions), 1)
        self.assertEqual(permissions[0].actions[0], '*')

    @ResourceGroupPreparer()
    def test_role_definitions(self, resource_group, location):
        # Get "Contributor" built-in role as a RoleDefinition object
        role_name = 'Contributor'
        roles = list(self.authorization_client.role_definitions.list(
            resource_group.id,
            filter="roleName eq '{}'".format(role_name)
        ))
        assert len(roles) == 1

    @ResourceGroupPreparer()
    def test_role_assignment(self, resource_group, location):
        contributor_id = "b24988ac-6180-42a0-ab88-20f7382dd24c"  # Reserved UUID for contributor on Azure

        contributor_full_id = "/subscriptions/{}/providers/Microsoft.Authorization/roleDefinitions/{}".format(
            self.settings.SUBSCRIPTION_ID,
            contributor_id
        )

        role_name = "ddfe2dc0-9858-442f-aca3-ac215947a815"  # Consistent for testing, but not significant

        role_assignment = self.authorization_client.role_assignments.create(
            resource_group.id,
            role_name,
            {
                'role_definition_id': contributor_full_id,
                'principal_id': '6d33bfc8-e476-11e8-915d-f2801f1b9fd1'  # Should be service principal object ID
            }
        )

        self.authorization_client.role_assignments.delete(
            resource_group.id,
            role_assignment.name,
        )

#------------------------------------------------------------------------------
if __name__ == '__main__':
    unittest.main()