xdZddlmZddlmZddlmZddlmZddlmZddl m Z dZ d Z d Z Gd d eZy )z,Utilities for IAM commands to call IAM APIs.)absolute_import)division)unicode_literals) list_pager)apis)iam_utilcJtjdd}||jfS)Niamv1rGetClientInstanceMESSAGES_MODULEclients &lib/googlecloudsdk/api_lib/iam/util.pyGetClientAndMessagesrs%  ! !% .& '' ''cJtjdd}||jfS)Niamcredentialsr r rs r"GetIamCredentialsClientAndMessagesr s&  ! !"2D 9& '' ''rctj|j|jt j |dddddS)zReturns the testable permissions for a resource. Args: iam_client: The iam client. messages: The iam messages. resource: Resource reference. Returns: List of permissions. i)fullResourceNamepageSizeQueryTestablePermissions permissionsr) batch_sizemethodfieldbatch_size_attribute)r YieldFromListrQueryTestablePermissionsRequestrGetFullResourceName) iam_clientmessagesresources rGetTestablePermissionsr&%sR  ! !..#77A/ ' % ''rc4eZdZdZdZdZdZdZdZdZ y) PermissionsHelpera(Get different kinds of permissions list from permissions provided. Attributes: messages: The iam messages. source_permissions: A list of permissions to inspect. testable_permissions_map: A dict maps from permissions name string to Permission message provided by the API. c||_||_i|_|r,t|||D]}||j|j<yy)aiCreate a PermissionsHelper object. To get the testable permissions for the given resource and store as a dict. Args: iam_client: The iam client. messages: The iam messages. resource: Resource reference for the project/organization whose permissions are being inspected. permissions: A list of permissions to inspect. N)r$source_permissionstestable_permissions_mapr&name)selfr#r$r%r permissions r__init__zPermissionsHelper.__init__EsKDM)D$&D!.z8XN*9C%%joo6Orcg}|jD]g}||jvs|j|j|jjj j k(sW|j|i|S)z?Returns the TESTING permissions among the permissions provided.)r*r+customRolesSupportLevelr$ Permission&CustomRolesSupportLevelValueValuesEnumTESTINGappend)r-testing_permissionsr.s rGetTestingPermissionsz'PermissionsHelper.GetTestingPermissionsYso-- 55 5  ( ( 4 L L == # # J J 7  "":. . rcg}|jD]g}||jvs|j|j|jjj j k7sW|j|i|S)z=Returns the valid permissions among the permissions provided.r*r+r1r$r2r3 NOT_SUPPORTEDr5)r-valid_permissionsr.s rGetValidPermissionsz%PermissionsHelper.GetValidPermissionsdso-- 55 5  ( ( 4 L L == # # J J =    , . rcg}|jD]g}||jvs|j|j|jjj j k(sW|j|i|S)zEReturns the not supported permissions among the permissions provided.r9)r-not_supported_permissionsr.s rGetNotSupportedPermissionsz,PermissionsHelper.GetNotSupportedPermissionsoso "-- 55 5  ( ( 4 L L == # # J J =  "((4 . %$rc*g}|jD]}||jvs|j|j|jjj j k7sW|j|jsq|j||S)zDReturns the API disabled permissions among the permissions provided.) r*r+r1r$r2r3r: apiDisabledr5)r-api_disabled_permissionsr.s rGetApiDisabledPermissonsz*PermissionsHelper.GetApiDisabledPermissonszs!-- 55 5  ( ( 4 L L == # # J J =   ' ' 3 ? ? '' 3 . $#rclg}|jD]"}||jvs|j|$|S)zFReturns the not applicable permissions among the permissions provided.)r*r+r5)r-not_applicable_permissionsr.s rGetNotApplicablePermissionsz-PermissionsHelper.GetNotApplicablePermissionss<!#-- 488 8"))*5. &%rN) __name__ __module__ __qualname____doc__r/r7r<r?rCrFrrr(r(;s&D(   % $&rr(N)rJ __future__rrrapitools.base.pyrgooglecloudsdk.api_lib.utilrgooglecloudsdk.command_lib.iamrrrr&objectr(rKrrrQs9 3&'',3( ( ',Q&Q&r