diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md index 8082e851adbd5..cd8c50e45d956 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md @@ -5,6 +5,8 @@ ### Breaking Changes - Changed `KeyVaultBackupClient.StartSelectiveRestore` and `StartSelectiveRestoreAsync` to `StartSelectiveKeyRestore` and `StartSelectiveKeyRestoreAsync`. +- Return only a `Response` from `KeyVaultAccessControlClient.DeleteRoleAssignment` and `DeleteRoleAssignmentAsync`. HTTP 404 responses no longer throw a `RequestFailedException`. +- Return only a `Response` from `KeyVaultAccessControlClient.DeleteRoleDefinition` and `DeleteRoleDefinitionAsync`. HTTP 404 responses no longer throw a `RequestFailedException`. ## 4.0.0-beta.5 (2021-05-11) diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs index 0cf9a1f7e73d5..e9c92adf2da54 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs @@ -23,10 +23,10 @@ public KeyVaultAccessControlClient(System.Uri vaultUri, Azure.Core.TokenCredenti public virtual System.Threading.Tasks.Task> CreateOrUpdateRoleDefinitionAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid? roleDefinitionName = default(System.Guid?), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.Response CreateRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleDefinitionId, string principalId, System.Guid? roleAssignmentName = default(System.Guid?), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task> CreateRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleDefinitionId, string principalId, System.Guid? roleAssignmentName = default(System.Guid?), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } - public virtual Azure.Response DeleteRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } - public virtual System.Threading.Tasks.Task> DeleteRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } - public virtual Azure.Response DeleteRoleDefinition(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } - public virtual System.Threading.Tasks.Task> DeleteRoleDefinitionAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Response DeleteRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task DeleteRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Response DeleteRoleDefinition(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task DeleteRoleDefinitionAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.Response GetRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task> GetRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.Pageable GetRoleAssignments(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md index bd991dccfe6f3..b9a10c226bef6 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md @@ -69,7 +69,7 @@ KeyVaultRoleAssignment fetchedAssignment = await client.GetRoleAssignmentAsync(K To remove a role assignment from a service principal, the role assignment must be deleted. Let's delete the `createdAssignment` from the previous example. ```C# Snippet:DeleteRoleAssignmentAsync -KeyVaultRoleAssignment deletedAssignment = await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); +await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); ``` diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md index c7c0b3d5f7790..0b22fabc498d0 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md @@ -61,7 +61,7 @@ KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRole To remove a role assignment from a service principal, the role assignment must be deleted. Let's delete the `createdAssignment` from the previous example. ```C# Snippet:DeleteRoleAssignment -KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); +client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); ``` diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs index 816713d54fafe..692dc94defc1a 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs @@ -62,7 +62,7 @@ internal HttpMessage CreateDeleteRequest(string vaultBaseUrl, string scope, stri /// The name of the role assignment to delete. /// The cancellation token to use. /// , , or is null. - public async Task> DeleteAsync(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default) + public async Task DeleteAsync(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default) { if (vaultBaseUrl == null) { @@ -82,12 +82,8 @@ public async Task> DeleteAsync(string vaultBase switch (message.Response.Status) { case 200: - { - KeyVaultRoleAssignment value = default; - using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); - value = KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment(document.RootElement); - return Response.FromValue(value, message.Response); - } + case 404: + return message.Response; default: throw await _clientDiagnostics.CreateRequestFailedExceptionAsync(message.Response).ConfigureAwait(false); } @@ -99,7 +95,7 @@ public async Task> DeleteAsync(string vaultBase /// The name of the role assignment to delete. /// The cancellation token to use. /// , , or is null. - public Response Delete(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default) + public Response Delete(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default) { if (vaultBaseUrl == null) { @@ -119,12 +115,8 @@ public Response Delete(string vaultBaseUrl, string scope switch (message.Response.Status) { case 200: - { - KeyVaultRoleAssignment value = default; - using var document = JsonDocument.Parse(message.Response.ContentStream); - value = KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment(document.RootElement); - return Response.FromValue(value, message.Response); - } + case 404: + return message.Response; default: throw _clientDiagnostics.CreateRequestFailedException(message.Response); } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs index b15ee7070316c..e14f72017c484 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs @@ -62,7 +62,7 @@ internal HttpMessage CreateDeleteRequest(string vaultBaseUrl, string scope, stri /// The name (GUID) of the role definition to delete. /// The cancellation token to use. /// , , or is null. - public async Task> DeleteAsync(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default) + public async Task DeleteAsync(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default) { if (vaultBaseUrl == null) { @@ -82,12 +82,8 @@ public async Task> DeleteAsync(string vaultBase switch (message.Response.Status) { case 200: - { - KeyVaultRoleDefinition value = default; - using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); - value = KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition(document.RootElement); - return Response.FromValue(value, message.Response); - } + case 404: + return message.Response; default: throw await _clientDiagnostics.CreateRequestFailedExceptionAsync(message.Response).ConfigureAwait(false); } @@ -99,7 +95,7 @@ public async Task> DeleteAsync(string vaultBase /// The name (GUID) of the role definition to delete. /// The cancellation token to use. /// , , or is null. - public Response Delete(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default) + public Response Delete(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default) { if (vaultBaseUrl == null) { @@ -119,12 +115,8 @@ public Response Delete(string vaultBaseUrl, string scope switch (message.Response.Status) { case 200: - { - KeyVaultRoleDefinition value = default; - using var document = JsonDocument.Parse(message.Response.ContentStream); - value = KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition(document.RootElement); - return Response.FromValue(value, message.Response); - } + case 404: + return message.Response; default: throw _clientDiagnostics.CreateRequestFailedException(message.Response); } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs index cf112096c512e..cef408daa2fb6 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs @@ -287,7 +287,7 @@ public virtual Response CreateOrUpdateRoleDefinition(Cre /// The name used of the role definition to delete. /// A controlling the request lifetime. /// A representing the result of the asynchronous operation. - public virtual async Task> DeleteRoleDefinitionAsync(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default) + public virtual async Task DeleteRoleDefinitionAsync(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default) { using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultAccessControlClient)}.{nameof(DeleteRoleDefinition)}"); scope.Start(); @@ -309,7 +309,7 @@ public virtual async Task> DeleteRoleDefinition /// /// A controlling the request lifetime. /// A containing the result of the operation. - public virtual Response DeleteRoleDefinition(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default) + public virtual Response DeleteRoleDefinition(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default) { using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultAccessControlClient)}.{nameof(DeleteRoleDefinition)}"); scope.Start(); @@ -538,7 +538,7 @@ public virtual async Task> GetRoleAssignmentAsy /// is null. /// is empty. /// A containing the result of the operation. - public virtual Response DeleteRoleAssignment(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default) + public virtual Response DeleteRoleAssignment(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default) { Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName)); @@ -565,7 +565,7 @@ public virtual Response DeleteRoleAssignment(KeyVaultRol /// is null. /// is empty. /// A containing the result of the asynchronous operation. - public virtual async Task> DeleteRoleAssignmentAsync(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default) + public virtual async Task DeleteRoleAssignmentAsync(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default) { Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName)); diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md index 1ad001fab78c6..79bd88075f97a 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md @@ -1,7 +1,7 @@ # Azure.Security.KeyVault.Administration -### AutoRest Configuration -> see https://aka.ms/autorest +## AutoRest Configuration +> See https://aka.ms/autorest Run `dotnet build /t:GenerateCode` in src directory to re-generate. @@ -13,3 +13,43 @@ input-file: namespace: Azure.Security.KeyVault.Administration include-csproj: disable ``` + +## Swagger customization + +These changes should eventually be included in the swagger or at least centralized in Azure/azure-rest-api-specs. + +### Ignore 404s for DELETE operations + +Treat HTTP 404 responses for DELETE operations for RBAC as non-errors. + +``` yaml +directive: +- where-operation: RoleAssignments_Delete + transform: > + $.responses["404"] = { + "description": "The resource to delete does not exist.", + "x-ms-error-response": false + }; + +- where-operation: RoleDefinitions_Delete + transform: > + $.responses["404"] = { + "description": "The resource to delete does not exist.", + "x-ms-error-response": false + }; +``` + +### Return void for DELETE operations + +Do not parse response bodies unnecessarily. + +``` yaml +directive: +- where-operation: RoleAssignments_Delete + transform: > + delete $.responses["200"].schema; + +- where-operation: RoleDefinitions_Delete + transform: > + delete $.responses["200"].schema; +``` diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs index 32ef39875c9e9..1af4790b27eed 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs @@ -6,6 +6,9 @@ using Azure.Core.TestFramework; using NUnit.Framework; using System.Linq; +using System; +using Azure.Security.KeyVault.Administration.Models; +using System.Text.Json; namespace Azure.Security.KeyVault.Administration.Tests { @@ -183,14 +186,33 @@ public async Task DeleteRoleAssignment() KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, _roleAssignmentId).ConfigureAwait(false); - KeyVaultRoleAssignment result = await Client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, assignment.Name).ConfigureAwait(false); + await Client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, assignment.Name).ConfigureAwait(false); + } - Assert.That(result.Id, Is.EqualTo(assignment.Id)); - Assert.That(result.Name, Is.EqualTo(assignment.Name)); - Assert.That(result.Type, Is.EqualTo(assignment.Type)); - Assert.That(result.Properties.PrincipalId, Is.EqualTo(assignment.Properties.PrincipalId)); - Assert.That(result.Properties.RoleDefinitionId, Is.EqualTo(assignment.Properties.RoleDefinitionId)); - Assert.That(result.Properties.Scope, Is.EqualTo(assignment.Properties.Scope)); + [RecordedTest] + public async Task DeleteNonexistentRoleAssignment() + { + Guid name = Recording.Random.NewGuid(); + + Response response = await Client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, name.ToString()); + Assert.AreEqual(404, response.Status); + + JsonDocument json = JsonDocument.Parse(response.Content); + KeyVaultServiceError error = KeyVaultServiceError.DeserializeKeyVaultServiceError(json.RootElement.GetProperty("error")); + Assert.AreEqual("RoleAssignmentNotFound", error.Code); + } + + [RecordedTest] + public async Task DeleteNonexistentRoleDefinition() + { + Guid name = Recording.Random.NewGuid(); + + Response response = await Client.DeleteRoleDefinitionAsync(KeyVaultRoleScope.Global, name); + Assert.AreEqual(404, response.Status); + + JsonDocument json = JsonDocument.Parse(response.Content); + KeyVaultServiceError error = KeyVaultServiceError.DeserializeKeyVaultServiceError(json.RootElement.GetProperty("error")); + Assert.AreEqual("RoleDefinitionNotFound", error.Code); } } } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleAssignment.json new file mode 100644 index 0000000000000..aecdfb8fbf965 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleAssignment.json @@ -0,0 +1,71 @@ +{ + "Entries": [ + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e56e5e38-dd68-e778-d488-98e8aec49da5?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "traceparent": "00-40a4144ac0fbaa479b1a54d70b02d0fb-0ab99ec7209e1f4b-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "902171723889c0467374dab9932f9fd1", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 401, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "0", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5acdff7a-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "0" + }, + "ResponseBody": [] + }, + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e56e5e38-dd68-e778-d488-98e8aec49da5?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "Authorization": "Sanitized", + "traceparent": "00-40a4144ac0fbaa479b1a54d70b02d0fb-0ab99ec7209e1f4b-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "902171723889c0467374dab9932f9fd1", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "143", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5c2fd1a4-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "0" + }, + "ResponseBody": { + "error": { + "code": "RoleAssignmentNotFound", + "message": "Requested role assignment not found (Activity ID: 5c2fd1a4-c7e4-11eb-9bc0-000d3aedb9e5)" + } + } + } + ], + "Variables": { + "AZURE_MANAGEDHSM_URL": "https://heathststhsm.managedhsm.azure.net/", + "RandomSeed": "1654469958" + } +} \ No newline at end of file diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleAssignmentAsync.json new file mode 100644 index 0000000000000..82a6f35a6b9a1 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleAssignmentAsync.json @@ -0,0 +1,71 @@ +{ + "Entries": [ + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/25a67e4b-a17f-ff6f-6ba3-d84fa74d6ed7?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "traceparent": "00-55b658462da40e4b8656f7ec717cb547-12ce4be1921aa448-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "1144b7fc28a512bbab6572239a20b170", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 401, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "0", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5cbc73d4-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "0" + }, + "ResponseBody": [] + }, + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/25a67e4b-a17f-ff6f-6ba3-d84fa74d6ed7?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "Authorization": "Sanitized", + "traceparent": "00-55b658462da40e4b8656f7ec717cb547-12ce4be1921aa448-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "1144b7fc28a512bbab6572239a20b170", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "143", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5cf9c018-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "1" + }, + "ResponseBody": { + "error": { + "code": "RoleAssignmentNotFound", + "message": "Requested role assignment not found (Activity ID: 5cf9c018-c7e4-11eb-9bc0-000d3aedb9e5)" + } + } + } + ], + "Variables": { + "AZURE_MANAGEDHSM_URL": "https://heathststhsm.managedhsm.azure.net/", + "RandomSeed": "716816795" + } +} \ No newline at end of file diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleDefinition.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleDefinition.json new file mode 100644 index 0000000000000..0a0b80e8bfa30 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleDefinition.json @@ -0,0 +1,71 @@ +{ + "Entries": [ + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions/4a6d5355-5b55-6805-efcd-958b2c610cb4?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "traceparent": "00-84081c576d69e048937d56ba212be37c-bf424e400afa9d46-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "5f23ed4cfd4c257e5e36f38fb6ba58fc", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 401, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "0", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5c564302-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "0" + }, + "ResponseBody": [] + }, + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions/4a6d5355-5b55-6805-efcd-958b2c610cb4?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "Authorization": "Sanitized", + "traceparent": "00-84081c576d69e048937d56ba212be37c-bf424e400afa9d46-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "5f23ed4cfd4c257e5e36f38fb6ba58fc", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "143", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5c9c0d38-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "0" + }, + "ResponseBody": { + "error": { + "code": "RoleDefinitionNotFound", + "message": "Requested role definition not found (Activity ID: 5c9c0d38-c7e4-11eb-9bc0-000d3aedb9e5)" + } + } + } + ], + "Variables": { + "AZURE_MANAGEDHSM_URL": "https://heathststhsm.managedhsm.azure.net/", + "RandomSeed": "1095211796" + } +} \ No newline at end of file diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleDefinitionAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleDefinitionAsync.json new file mode 100644 index 0000000000000..2235a796fa4e0 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteNonexistentRoleDefinitionAsync.json @@ -0,0 +1,71 @@ +{ + "Entries": [ + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions/12701021-b582-2d29-671f-e0417a07bda0?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "traceparent": "00-d176b5a371351742b984698e3b98ccb1-fc2475664571e14b-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "e6e0dfd77d1f6bb0c40a64a081a5e733", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 401, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "0", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5d153b72-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "0" + }, + "ResponseBody": [] + }, + { + "RequestUri": "https://heathststhsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions/12701021-b582-2d29-671f-e0417a07bda0?api-version=7.2", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "Authorization": "Sanitized", + "traceparent": "00-d176b5a371351742b984698e3b98ccb1-fc2475664571e14b-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210607.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "e6e0dfd77d1f6bb0c40a64a081a5e733", + "x-ms-return-client-request-id": "true" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "143", + "Content-Security-Policy": "default-src \u0027self\u0027", + "Content-Type": "application/json; charset=utf-8", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "5d3d9d56-c7e4-11eb-9bc0-000d3aedb9e5", + "x-ms-server-latency": "0" + }, + "ResponseBody": { + "error": { + "code": "RoleDefinitionNotFound", + "message": "Requested role definition not found (Activity ID: 5d3d9d56-c7e4-11eb-9bc0-000d3aedb9e5)" + } + } + } + ], + "Variables": { + "AZURE_MANAGEDHSM_URL": "https://heathststhsm.managedhsm.azure.net/", + "RandomSeed": "1313540010" + } +} \ No newline at end of file diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs index 07dd743a1ffe5..df687a9704ebf 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs @@ -105,12 +105,7 @@ public void CreateRoleAssignment() Console.WriteLine(fetchedAssignment.Properties.PrincipalId); Console.WriteLine(fetchedAssignment.Properties.RoleDefinitionId); - KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); - - Console.WriteLine(deletedAssignment.Name); - Console.WriteLine(deletedAssignment.Properties.PrincipalId); - Console.WriteLine(deletedAssignment.Properties.RoleDefinitionId); - + client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs index 0e39e4d31c6ca..7810343c7f699 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs @@ -118,7 +118,7 @@ public void CreateRoleAssignment() #endregion #region Snippet:DeleteRoleAssignment - KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); + client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion } @@ -154,7 +154,7 @@ public async Task CreateRoleAssignmentAsync() #endregion #region Snippet:DeleteRoleAssignmentAsync - KeyVaultRoleAssignment deletedAssignment = await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); + await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion } } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs index 023f6a6f04702..6c94739b8d8dc 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs @@ -362,8 +362,12 @@ internal KeyVaultCertificate() { } public System.Uri VaultUri { get { throw null; } } public string Version { get { throw null; } } public bool Equals(Azure.Security.KeyVault.Certificates.KeyVaultCertificateIdentifier other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] public override int GetHashCode() { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override string ToString() { throw null; } } public partial class KeyVaultCertificateWithPolicy : Azure.Security.KeyVault.Certificates.KeyVaultCertificate { diff --git a/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/KeyVaultCertificateIdentifier.cs b/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/KeyVaultCertificateIdentifier.cs index fe19e756a42a1..e2c407a33dc86 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/KeyVaultCertificateIdentifier.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/KeyVaultCertificateIdentifier.cs @@ -2,6 +2,7 @@ // Licensed under the MIT License. using System; +using System.ComponentModel; using Azure.Core; namespace Azure.Security.KeyVault.Certificates @@ -56,6 +57,7 @@ public KeyVaultCertificateIdentifier(Uri id) public string Version { get; } /// + [EditorBrowsable(EditorBrowsableState.Never)] public override bool Equals(object obj) => obj is KeyVaultCertificateIdentifier other && Equals(other); @@ -64,7 +66,13 @@ public bool Equals(KeyVaultCertificateIdentifier other) => SourceId.Equals(other.SourceId); /// + [EditorBrowsable(EditorBrowsableState.Never)] public override int GetHashCode() => SourceId.GetHashCode(); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override string ToString() => + base.ToString(); } } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs index 272f46bb080cc..cbd52c1673460 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs @@ -266,8 +266,12 @@ public KeyVaultKey(string name) { } public System.Uri VaultUri { get { throw null; } } public string Version { get { throw null; } } public bool Equals(Azure.Security.KeyVault.Keys.KeyVaultKeyIdentifier other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] public override int GetHashCode() { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override string ToString() { throw null; } } public partial class RecoverDeletedKeyOperation : Azure.Operation { diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyVaultKeyIdentifier.cs b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyVaultKeyIdentifier.cs index 8f2f6825a6ce9..f4647a3ac785f 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyVaultKeyIdentifier.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyVaultKeyIdentifier.cs @@ -2,6 +2,7 @@ // Licensed under the MIT License. using System; +using System.ComponentModel; using Azure.Core; namespace Azure.Security.KeyVault.Keys @@ -56,6 +57,7 @@ public KeyVaultKeyIdentifier(Uri id) public string Version { get; } /// + [EditorBrowsable(EditorBrowsableState.Never)] public override bool Equals(object obj) => obj is KeyVaultKeyIdentifier other && Equals(other); @@ -64,7 +66,13 @@ public bool Equals(KeyVaultKeyIdentifier other) => SourceId.Equals(other.SourceId); /// + [EditorBrowsable(EditorBrowsableState.Never)] public override int GetHashCode() => SourceId.GetHashCode(); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override string ToString() => + base.ToString(); } } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs index a730cb2a36d48..0e29f743d9c5e 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs @@ -39,8 +39,12 @@ public KeyVaultSecret(string name, string value) { } public System.Uri VaultUri { get { throw null; } } public string Version { get { throw null; } } public bool Equals(Azure.Security.KeyVault.Secrets.KeyVaultSecretIdentifier other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] public override int GetHashCode() { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override string ToString() { throw null; } } public partial class RecoverDeletedSecretOperation : Azure.Operation { diff --git a/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/KeyVaultSecretIdentifier.cs b/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/KeyVaultSecretIdentifier.cs index c95cb91c6d0b1..48cc2afb67dff 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/KeyVaultSecretIdentifier.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/KeyVaultSecretIdentifier.cs @@ -2,6 +2,7 @@ // Licensed under the MIT License. using System; +using System.ComponentModel; using Azure.Core; namespace Azure.Security.KeyVault.Secrets @@ -56,6 +57,7 @@ public KeyVaultSecretIdentifier(Uri id) public string Version { get; } /// + [EditorBrowsable(EditorBrowsableState.Never)] public override bool Equals(object obj) => obj is KeyVaultSecretIdentifier other && Equals(other); @@ -64,7 +66,13 @@ public bool Equals(KeyVaultSecretIdentifier other) => SourceId.Equals(other.SourceId); /// + [EditorBrowsable(EditorBrowsableState.Never)] public override int GetHashCode() => SourceId.GetHashCode(); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override string ToString() => + base.ToString(); } }