5nSrSSKJr SSKJr SSKJr SSKJr SSKJ r SSK J r SSK J r SS K Jr SS KJr SS KJr SS KJr SS KJr SS KJr SSKJr "SS\R05rSSjrSrSrSr\R<"SS5S5r\R<"SS5S5r Sr!Sr"Sr#Sr$g) z6Command line processing utilities for access policies.)absolute_import)division)unicode_literals)policies) organizations)concepts)deps) cache_util)concept_parsers) exceptions)log) properties) resourcesc\rSrSrSrg)DefaultPolicyResolutionError"N)__name__ __module__ __qualname____firstlineno____static_attributes__r?lib/googlecloudsdk/command_lib/accesscontextmanager/policies.pyrr"srrNctAURS5(a [R"UR5 U$)zBAdd the particular service filter message based on specified args.policy) IsSpecifiedrAccessPolicyValidatorr)refargsreqs rValidateAccessPolicyArgr"&s-  h$$T[[1 *rc[RRRn[R "SS[ R"U5/S9$)NrzThe ID of the access policy.)name help_text fallthroughs)rVALUESaccess_context_managerrr ResourceParameterAttributeConfigr PropertyFallthrough) property_s rGetAttributeConfigr,/sC66==)  2 2 .,,Y78 ::rc>[R"SS[5S9$)N#accesscontextmanager.accessPoliciesr) resource_nameaccessPoliciesId)r ResourceSpecr,rrrGetResourceSpecr27s!   +)+ --rc[RRS[5SR U5SS9R U5 g)zAdd a resource argument for an access policy. NOTE: Must be used only if it's the only resource arg in the command. Args: parser: the parser for the command. verb: str, the verb to describe the resource, such as 'to update'. rzThe access policy {}.T)requiredN)r ConceptParser ForResourcer2format AddToParser)parserverbs rAddResourceArgr;>sC++$$T* ,![(rzorganizations-by-domain cSU-n[[R"5RUSS95nU(d[ SR U55e[U5S:a[ SR X55e[RRUS RS S 9$![an[ SR X55eSnAff=f) aGet the organization for the given domain. The current user must have permission to list the organization. Args: domain: str, the domain (e.g. 'example.com') to look up the organization of, or None to just list the organizations for the current account. Returns: resources.Resource, a reference to a cloudresourcemanager.organizations resource Raises: DefaultPolicyResolutionError: if the number of organizations matching the given domain is not exactly 1, or searching organizations fails. zdomain:)filter_limitz2Unable to resolve organization for domain [{}]: {}Nz0No matching organizations found for domain [{}].z4Found more than one organization for domain [{}]. {}rz"cloudresourcemanager.organizations collection) listrClientList Exceptionrr7lenrREGISTRYParser$)domainr?orgserrs r_GetOrganizationrNNs$  '  $$&++G1+E FD  &:AA&I KK 4y1} &?FF       ! ! 1gllC " EE  &<CC   s,B(( C2C  Czpolicies-by-organizationc[[R"5RUSS95nU(d([ SR UR555e[U5S:a)[ SR UR5U55e[RRUSRS S 9nU$![a.n[ SR UR5U55eSnAff=f) aGet the access policy for the given organization. The current user must have permission to list the policies for the organization. Args: organization_ref: resources.Resource, a reference to a cloudresourcemanager.organizations resource to look up the policy for. Returns: resources.Resource, a reference to an accesscontextmanager.accessPolicies resource Raises: DefaultPolicyResolutionError: if the number of policies matching the given organization is not exactly 1, or listing policies fails. r>)r@z2Unable to resolve policy for organization [{}]: {}Nz0No matching policies found for organization [{}]rAz;Found more than one access policy for organization [{}]: {}rr.rB) rD policies_apirErFrGrr7NamerHrrIrJr$)organization_refrrM policy_refs r _GetPolicyrTts&+L'')../?q.IJH  &:AA  ! ! # % && 8}q &FMM  ! ! #X / 00!!''qk#H(J*  + &<CC  ! ! #S * +++s,C C: )C55C:z.iam.gserviceaccount.comzdeveloper.gserviceaccount.comcxURS5u pUR[5(d U[:XagU$)N@) partitionendswith _IAM_SUFFIX_DEVELOPER_DOMAIN)account_hosts r _GetDomainr^s5  %*!Q ]];4+<#<  +rcN[RRRR 5nU(d[ R "S5 g[U5nU(d[ R "SU5 g[R"SSS9n[X!5n[X#R5U45nSSS5 UR5$![a)n[ R "SU5 SnASSS5 gSnAff=f!,(df  WR5$=f)z:Gets the ID of the default policy for the current account.zIUnable to automatically resolve policy since account property is not set.Nz)Unable to resolve domain for account [%s]z resource://T)createz*Unable to automatically resolve policy: %s)rr'corer[Getr infor^meta_cache_utilGetCacherNrT RelativeNamerrQ)r[rKcacherRrSrMs rGetDefaultPolicyrhs    " " * * . . 0' HH  g & HH 8'B  d;u)%8e%B%B%D/13j <   ( hh;SA <;  <;  s0D&C DC?2D?DD D$)N)%__doc__ __future__rrr+googlecloudsdk.api_lib.accesscontextmanagerrrP+googlecloudsdk.api_lib.cloudresourcemanagerr googlecloudsdk.calliope.conceptsrr googlecloudsdk.command_lib.metar rdgooglecloudsdk.command_lib.util(googlecloudsdk.command_lib.util.conceptsr googlecloudsdk.corer r rrErrorrr"r,r2r; CacheResourcerNrTrYrZr^rhrrrrts=&'PE51I6D*#*):#3#3 :- )  3R8"E9"EJ 4b9#:#L) 3r