sp-update

Azure · Jun 9, 2022 · 133b79d · 133b79d
1 parent afc06f4
commit 133b79d
Show file tree

Hide file tree

Showing 7 changed files with 830 additions and 261 deletions.
diff --git a/src/azure-cli/azure/cli/command_modules/role/_msgrpah/_graph_client.py b/src/azure-cli/azure/cli/command_modules/role/_msgrpah/_graph_client.py
@@ -95,7 +95,7 @@ def application_delete(self, id):
         result = self._send("DELETE", "/applications/{id}".format(id=id))
         return result
 
-    def application_patch(self, id, body):
+    def application_update(self, id, body):
         # https://docs.microsoft.com/en-us/graph/api/application-update
         result = self._send("PATCH", "/applications/{id}".format(id=id), body=body)
         return result
@@ -146,7 +146,7 @@ def service_principal_delete(self, id):
         result = self._send("DELETE", "/servicePrincipals/{id}".format(id=id))
         return result
 
-    def service_principal_patch(self, id, body):
+    def service_principal_update(self, id, body):
         # https://docs.microsoft.com/en-us/graph/api/serviceprincipal-update
         result = self._send("PATCH", "/servicePrincipals/{id}".format(id=id), body=body)
         return result
@@ -268,7 +268,7 @@ def user_delete(self, id_or_upn):
         result = self._send("DELETE", "/users/{}".format(id_or_upn))
         return result
 
-    def user_patch(self, id_or_upn, body):
+    def user_update(self, id_or_upn, body):
         # https://docs.microsoft.com/graph/api/user-update
         result = self._send("PATCH", "/users/{}".format(id_or_upn), body=body)
         return result

diff --git a/src/azure-cli/azure/cli/command_modules/role/commands.py b/src/azure-cli/azure/cli/command_modules/role/commands.py
@@ -111,7 +111,8 @@ def load_command_table(self, _):
         g.custom_command('list', 'list_service_principals', table_transformer=get_graph_object_transformer('sp'))
         g.custom_show_command('show', 'show_service_principal')
         g.generic_update_command('update', getter_name='show_service_principal', getter_type=role_custom,
-                                 setter_name='patch_service_principal', setter_type=role_custom)
+                                 setter_name='patch_service_principal', setter_type=role_custom,
+                                 custom_func_name='update_service_principal', custom_func_type=role_custom)
 
     with self.command_group('ad sp owner', client_factory=get_graph_client, exception_handler=graph_err_handler) as g:
         g.custom_command('list', 'list_service_principal_owners')

diff --git a/src/azure-cli/azure/cli/command_modules/role/custom.py b/src/azure-cli/azure/cli/command_modules/role/custom.py
@@ -721,7 +721,7 @@ def update_application(instance, display_name=None, identifier_uris=None,  # pyl
 def patch_application(cmd, identifier, parameters):
     graph_client = _graph_client_factory(cmd.cli_ctx)
     object_id = _resolve_application(graph_client, identifier)
-    return graph_client.application_patch(object_id, parameters)
+    return graph_client.application_update(object_id, parameters)
 
 
 def show_application(client, identifier):
@@ -788,15 +788,15 @@ def reset_application_credential(cmd, client, identifier, create_cert=False, cer
         raise CLIError("can't find an application matching '{}'".format(identifier))
     result = _reset_credential(
         cmd, app, client.application_add_password, client.application_remove_password,
-        client.application_patch, create_cert=create_cert, cert=cert, years=years,
+        client.application_update, create_cert=create_cert, cert=cert, years=years,
         end_date=end_date, keyvault=keyvault, append=append, display_name=display_name)
     result['tenant'] = client.tenant
     return result
 
 
 def delete_application_credential(cmd, client, identifier, key_id, cert=False):  # pylint: disable=unused-argument
     sp = show_application(client, identifier)
-    _delete_credential(sp, client.application_remove_password, client.application_patch,
+    _delete_credential(sp, client.application_remove_password, client.application_update,
                        key_id=key_id, cert=cert)
 
 
@@ -875,7 +875,7 @@ def add_permission(client, identifier, api, api_permissions):
         }
         required_resource_access_list.append(required_resource_access)
     body = {'requiredResourceAccess': required_resource_access_list}
-    client.application_patch(application[ID], body)
+    client.application_update(application[ID], body)
     logger.warning('Invoking `az ad app permission grant --id %s --api %s` is needed to make the '
                    'change effective', identifier, api)
 
@@ -916,7 +916,7 @@ def delete_permission(client, identifier, api, api_permissions=None):
         required_resource_access_list.remove(existing_required_resource_access)
 
     body = {'requiredResourceAccess': required_resource_access_list}
-    return client.application_patch(application[ID], body)
+    return client.application_update(application[ID], body)
 
 
 def list_permissions(cmd, identifier):
@@ -983,10 +983,15 @@ def create_service_principal(cmd, identifier):
     return _create_service_principal(cmd.cli_ctx, identifier)
 
 
+def update_service_principal(instance):  # pylint: disable=unused-argument
+    # Do not PATCH back properties retrieved with GET and leave everything else to generic update.
+    return {}
+
+
 def patch_service_principal(cmd, identifier, parameters):
     graph_client = _graph_client_factory(cmd.cli_ctx)
-    object_id = _resolve_service_principal(graph_client.service_principals, identifier)
-    return graph_client.service_principals.update(object_id, parameters)
+    object_id = _resolve_service_principal(graph_client, identifier)
+    return graph_client.service_principal_update(object_id, parameters)
 
 
 def _create_service_principal(cli_ctx, identifier, resolve_app=True):
@@ -1058,7 +1063,7 @@ def reset_service_principal_credential(cmd, client, identifier, create_cert=Fals
     result = _reset_credential(
         cmd, sp,
         client.service_principal_add_password, client.service_principal_remove_password,
-        client.service_principal_patch,
+        client.service_principal_update,
         create_cert=create_cert, cert=cert, years=years,
         end_date=end_date, keyvault=keyvault, append=append, display_name=display_name)
     result['tenant'] = client.tenant
@@ -1068,7 +1073,7 @@ def reset_service_principal_credential(cmd, client, identifier, create_cert=Fals
 def delete_service_principal_credential(cmd, client,  # pylint: disable=unused-argument
                                         identifier, key_id, cert=False):
     sp = show_service_principal(client, identifier)
-    _delete_credential(sp, client.service_principal_remove_password, client.service_principal_patch,
+    _delete_credential(sp, client.service_principal_remove_password, client.service_principal_update,
                        key_id=key_id, cert=cert)
 
 
@@ -1801,7 +1806,7 @@ def update_user(client, upn_or_object_id, display_name=None, force_change_passwo
     _set_user_properties(body, display_name=display_name, password=password, mail_nickname=mail_nickname,
                          force_change_password_next_sign_in=force_change_password_next_sign_in,
                          account_enabled=account_enabled)
-    return client.user_patch(upn_or_object_id, body)
+    return client.user_update(upn_or_object_id, body)
 
 
 def _set_user_properties(body, **kwargs):