Skip to content

Add Owners to GraphRbac #1961

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
amarzavery merged 3 commits into from
Nov 3, 2017
+219 −33
Merged

Add Owners to GraphRbac #1961

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
31a722f
Add Owners to GraphRbac
lmazuel Nov 2, 2017
d52fd12
DirectoryObject as readonly
lmazuel Nov 3, 2017
a6e371c
Add Discriminator
lmazuel Nov 3, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
252 changes: 219 additions & 33 deletions specification/graphrbac/data-plane/1.6/graphrbac.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -261,6 +261,92 @@
}
}
},
"/{tenantID}/applications/{applicationObjectId}/owners": {
"get": {
"tags": [
"ApplicationOwners"
],
"operationId": "Applications_ListOwners",
"summary": "Directory objects that are owners of the application.",
"description": "The owners are a set of non-admin users who are allowed to modify this object.",
"parameters": [
{
"name": "applicationObjectId",
"in": "path",
"required": true,
"type": "string",
"description": "The object ID of the application for which to get owners."
},
{
"$ref": "#/parameters/ApiVersionParameter"
},
{
"$ref": "#/parameters/tenantIDInPath"
}
],
"responses": {
"200": {
"description": "OK. The operation was successful.",
"schema": {
"$ref": "#/definitions/DirectoryObjectListResult"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"$ref": "#/definitions/GraphError"
}
}
},
"x-ms-pageable": {
"nextLinkName": null
}
}
},
"/{tenantID}/applications/{applicationObjectId}/$links/owners": {
"post": {
"tags": [
"ApplicationOwners"
],
"operationId": "Applications_AddOwner",
"description": "Add an owner to an application.",
"parameters": [
{
"name": "applicationObjectId",
"in": "path",
"required": true,
"type": "string",
"description": "The object ID of the application to which to add the owner."
},
{
"name": "parameters",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/ApplicationAddOwnerParameters"
},
"description": "The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd."
},
{
"$ref": "#/parameters/ApiVersionParameter"
},
{
"$ref": "#/parameters/tenantIDInPath"
}
],
"responses": {
"204": {
"description": "No Content. Indicates success. No response body is returned."
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"$ref": "#/definitions/GraphError"
}
}
}
}
},
"/{tenantID}/applications/{applicationObjectId}/keyCredentials": {
"get": {
"tags": [
Expand Down Expand Up @@ -949,6 +1035,48 @@
}
}
},
"/{tenantID}/servicePrincipals/{objectId}/owners": {
"get": {
"tags": [
"ServicePrincipalOwners"
],
"operationId": "ServicePrincipals_ListOwners",
"summary": "Directory objects that are owners of this service principal.",
"description": "The owners are a set of non-admin users who are allowed to modify this object.",
"parameters": [
{
"name": "objectId",
"in": "path",
"required": true,
"type": "string",
"description": "The object ID of the service principal for which to get owners."
},
{
"$ref": "#/parameters/ApiVersionParameter"
},
{
"$ref": "#/parameters/tenantIDInPath"
}
],
"responses": {
"200": {
"description": "OK. The operation was successful.",
"schema": {
"$ref": "#/definitions/DirectoryObjectListResult"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"$ref": "#/definitions/GraphError"
}
}
},
"x-ms-pageable": {
"nextLinkName": null
}
}
},
"/{tenantID}/servicePrincipals/{objectId}/keyCredentials": {
"get": {
"tags": [
Expand Down Expand Up @@ -1757,6 +1885,28 @@
},
"description": "Active Directory error message."
},
"DirectoryObject": {
"discriminator": "objectType",
"properties": {
"objectId": {
"type": "string",
"description": "The object ID.",
"readOnly": true
},
"objectType": {
"type": "string",
"description": "The object type.",
Copy link
Copy Markdown
Contributor

@amarzavery amarzavery Nov 3, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The object type. Possible values could be "User", "Application", "Group", "ServicePrincipal".

"readOnly": true
},
"deletionTimestamp": {
"type": "string",
"format": "date-time",
"description": "The time at which the directory object was deleted.",
"readOnly": true
}
},
"description": "Represents an Azure Active Directory object."
},
"KeyCredential": {
"properties": {
"startDate": {
Expand Down Expand Up @@ -1964,15 +2114,12 @@
"description": "Request parameters for updating an existing application."
},
"Application": {
"allOf": [
{
"$ref": "#/definitions/DirectoryObject"
}
],
"properties": {
"objectId": {
"type": "string",
"description": "The object ID."
},
"objectType": {
"type": "string",
"description": "The object type."
},
"appId": {
"type": "string",
"description": "The application ID."
Expand Down Expand Up @@ -2033,6 +2180,18 @@
},
"description": "Application list operation result."
},
"ApplicationAddOwnerParameters": {
"properties": {
"url": {
"type": "string",
"description": "A owner object URL, such as \"https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd\", where \"0b1f9851-1bf0-433f-aec3-cb9272f093dc\" is the tenantId and \"f260bbc4-c254-447b-94cf-293b5ec434dd\" is the objectId of the owner (user, application, servicePrincipal, group) to be added."
}
},
"required": [
"url"
],
"description": "Request parameters for adding a owner to an application."
},
"KeyCredentialListResult": {
"properties": {
"value": {
Expand All @@ -2045,6 +2204,18 @@
},
"description": "KeyCredential list operation result."
},
"DirectoryObjectListResult": {
"properties": {
"value": {
"type": "array",
"items": {
"$ref": "#/definitions/DirectoryObject"
},
"description": "A collection of DirectoryObject."
}
},
"description": "DirectoryObject list operation result."
},
"KeyCredentialsUpdateParameters": {
"properties": {
"value": {
Expand Down Expand Up @@ -2242,15 +2413,12 @@
"description": "Request parameters for creating a new group."
},
"ADGroup": {
"allOf": [
{
"$ref": "#/definitions/DirectoryObject"
}
],
"properties": {
"objectId": {
"type": "string",
"description": "The object ID."
},
"objectType": {
"type": "string",
"description": "The object type."
},
"displayName": {
"type": "string",
"description": "The display name of the group."
Expand All @@ -2264,6 +2432,7 @@
"description": "The primary email address of the group."
}
},
"x-ms-discriminator-value": "Group",
"description": "Active Directory group information."
},
"GroupListResult": {
Expand Down Expand Up @@ -2364,15 +2533,12 @@
"description": "Request parameters for creating a new service principal."
},
"ServicePrincipal": {
"allOf": [
{
"$ref": "#/definitions/DirectoryObject"
}
],
"properties": {
"objectId": {
"type": "string",
"description": "The object ID."
},
"objectType": {
"type": "string",
"description": "The object type."
},
"displayName": {
"type": "string",
"description": "The display name of the service principal."
Expand Down Expand Up @@ -2529,10 +2695,38 @@
"User": {
"allOf": [
{
"$ref": "#/definitions/UserBase"
"$ref": "#/definitions/DirectoryObject"
}
],
"properties": {
"immutableId": {
"type": "string",
"description": "This must be specified if you are using a federated domain for the user's userPrincipalName (UPN) property when creating a new user account. It is used to associate an on-premises Active Directory user account with their Azure AD user object."
},
"usageLocation": {
"type": "string",
"description": "A two letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: \"US\", \"JP\", and \"GB\"."
},
"givenName": {
"type": "string",
"description": "The given name for the user."
},
"surname": {
"type": "string",
"description": "The user's surname (family name or last name)."
},
"userType": {
"type": "string",
"description": "A string value that can be used to classify user types in your directory, such as 'Member' and 'Guest'.",
"enum": [
"Member",
"Guest"
],
"x-ms-enum": {
"name": "UserType",
"modelAsString": true
}
},
"accountEnabled": {
"type": "boolean",
"description": "Whether the account is enabled."
Expand All @@ -2553,14 +2747,6 @@
"type": "string",
"description": "The primary email address of the user."
},
"objectId": {
"type": "string",
"description": "The object ID."
},
"objectType": {
"type": "string",
"description": "The object type."
},
"signInNames": {
"type": "array",
"items": {
Expand Down