def Run(self, args): with endpoint_util.MlEndpointOverrides(region=args.region): condition = iam_util.ValidateAndExtractCondition(args) iam_util.ValidateMutexConditionAndPrimitiveRoles( condition, args.role) return models_util.AddIamPolicyBindingWithCondition( models.ModelsClient(), args.model, args.member, args.role, condition)
def testValidateMutexConditionAndPrimitiveRoles_Error(self): condition = {'expression': 'expr', 'title': 'title'} role = 'roles/editor' with self.AssertRaisesExceptionRegexp( iam_util.IamPolicyBindingInvalidError, 'Binding with a condition and a primitive role is not allowed. ' 'Primitive roles are `roles/editor`, `roles/owner`, ' 'and `roles/viewer`.'): iam_util.ValidateMutexConditionAndPrimitiveRoles(condition, role)
def Run(self, args): """This is what gets called when the user runs this command. Args: args: an argparse namespace. All the arguments that were provided to this command invocation. Returns: The specified function with its description and configured filter. """ with endpoint_util.MlEndpointOverrides(region=args.region): condition = iam_util.ValidateAndExtractCondition(args) iam_util.ValidateMutexConditionAndPrimitiveRoles( condition, args.role) return models_util.RemoveIamPolicyBindingWithCondition( models.ModelsClient(), args.model, args.member, args.role, condition)
def testValidateMutexConditionAndPrimitiveRoles(self, condition, role): iam_util.ValidateMutexConditionAndPrimitiveRoles(condition, role)