r7SrSSKJr SSKJr SSKJr SSKrSSKJr SSKJ r SSK J r SS K J r SS KJr SS KJr SS KJr S rSrSrSrSrSrSrSrSrSrSrSrSr Sr!Sr"Sr#Sr$Sr%Sr&S r'S!r(S"r)S#r*g)$z!The python hooks for IAM surface.)absolute_import)division)unicode_literalsN)util)apis) arg_parsers) exceptions)iam_util) arg_utils)logc&AURS5(ay[R"5up4URURR S5URR S5URR S5S9nXRlU$)aPython hook to add condition from --condition-from-file to request. Args: ref: A resource ref to the parsed resource. args: Parsed args namespace. request: The apitools request message to be modified. Returns: The modified apitools request message. condition_from_file descriptiontitle expression)rrr) IsSpecifiedrGetClientAndMessagesExprrget condition)refargsrequest_messagescondition_messages +lib/googlecloudsdk/command_lib/iam/hooks.py"UpdateRequestWithConditionFromFiler s  +,,++-KA ,,00?&&**73++// =& * .cJ[R"SSRUS95$)Nzcondition-from-filez{filename} must be a path to a YAML or JSON file containing the condition. `expression` and `title` are required keys. `description` is optional.filename)gcloud_exceptionsInvalidArgumentExceptionformatr!s r_ConditionFileFormatExceptionr&7s)  3 3&(&+  rc|[R"5"U5n[R"U[ U55nU$)z&Read condition from YAML or JSON file.)r FileContentsr ParseYamlOrJsonConditionr&)rrcondition_dicts rParseConditionFromFiler+@s<&&()<=)44./BC. rcAUR[UR5S- S/SQ:Xa9[RR SR UR 55 gg)N)iamservice-accountsenablezEnabled service account [{}]. command_pathlenr statusPrintr%service_accountresponsers rEnableIamAccountConfirmationr9Js] s4,,-1349 JJ'..t/C/CD rcAUR[UR5S- S/SQ:Xa9[RR SR UR 55 gg)Nr-)r.r/disablezDisabled service account [{}].r1r7s rDisableIamAccountConfirmationr<Vs] s4,,-1349 JJ(//0D0DE rcA[RRSRURUR 55 g)Nz,Enabled key [{0}] for service account [{1}].r r4r5r%iam_key iam_accountr7s rEnableIamKeyConfirmationrAbs4**4;; ,,((rcA[RRSRURUR 55 g)Nz-Disabled key [{0}] for service account [{1}].r>r7s rDisableIamKeyConfirmationrCks4**5<< ,,((rc0UR5UlU$)z)Add service account name to request name.) RelativeNamename)r unused_argsrs rSetServiceAccountResourcerHts!!#', .rcvAAURR(dSS/n[R"US5eU$)z.Validate the field mask for an update request.z--display-namez --descriptionz%Specify at least one field to update.)patchServiceAccountRequest updateMaskr#OneOfArgumentsRequiredException)rrGr update_fieldss rValidateUpdateFieldMaskrN{sB ;  + + 6 6%7M  ; ;>  .rc^U4SjnU$)zDSet requestedPolicyVersion to max supported in GetIamPolicy request.cX>AA[R"UT[R5 U$)N)r SetFieldInMessager !MAX_LIBRARY_IAM_SUPPORTED_VERSION)rrr api_fields rProcess-UseMaxRequestedPolicyVersion..Processs* T HFF Nr)rSrTs` rUseMaxRequestedPolicyVersionrWs .rc^U4SjnU$)z3Add ',version' to update_mask if it is not present.c>AA[R"UT5nSU;a UcSnOUS- n[R"UTU5 U$)z+The implementation of Process for the hook.versionz,version)r GetFieldValueFromMessagerQ)rrr update_maskupdate_mask_paths rrT3AddVersionToUpdateMaskIfNotPresent..ProcesssP T44W>NOK #   z!  )9;G NrrV)r]rTs` r"AddVersionToUpdateMaskIfNotPresentr_s  .rcdUR5(d[R"SS5eSU-$)N account_idzSAccount unique ID should be a number. Please double check your input and try again.zprojects/-/serviceAccounts/)isdigitr#r$)ras r"CreateFullServiceAccountNameFromIdrcs9       4 4   ' 33rc[R"5"U5R5nURS5$![Ra+n[R "SSR U55eSnAff=f)a+Generate public key data from a path. Args: path: (bytes) the public key file path given by the command. Raises: InvalidArgumentException: if the public key file path provided does not exist or is too large. Returns: A public key encoded using the UTF-8 charset. public_key_filez1{}. Please double check your input and try again.Nzutf-8)rr(stripArgumentTypeErrorr#r$r%encode)pathpublic_key_dataes rGeneratePublicKeyDataFromFilerlsr!..06<<>O    ((  & &  4 4;BB1E s)<A;&A66A;cfA[R"SS5n[X!U5 [X!U5 U$)zsAdd ExtraAttributesOAuth2Client and ExtendedAttributesOAuth2Client fields to create workforcePoolProvider requests.r.v1)rGetMessagesModule$SetExtraAttributesOauth2ClientFields'SetExtendedAttributesOauth2ClientFieldsrrrrs r2AddCreateExtraAndExtendedAttributesConfigToRequestrss2  # #E4 0(&wh?)'B .rcA[R"SS5nURb+UR(a[R"USS5 U$[ X!U5 U$)PAdd ExtraAttributesOAuth2Client fields to update workforcePoolProvider requests.r.rnNz1workforcePoolProvider.extraAttributesOauth2Client)rroclear_extra_attributes_configr rQrprrs r*AddClearableExtraAttributesConfigToRequestrws[  # #E4 0( ((4  , , ;  .)A .rcA[R"SS5nURb+UR(a[R"USS5 U$[ X!U5 U$)rur.rnNz4workforcePoolProvider.extendedAttributesOauth2Client)rro clear_extended_attributes_configr rQrqrrs r-AddClearableExtendedAttributesConfigToRequestrzs[  # #E4 0( ++7  / / >  .,G8D .rcURbURRnSUR;a#[R"USUR 5 OeSUR;a#[R"USUR 5 O2SUR;a"[R"USUR5 URb"[R"USUR5 URb"[R"USUR5 URb"[R"USUR5 URb#[R"US UR5 gg) z6Set ExtraAttributesOauth2Client fields in the request.Nzazure-ad-groups-mailz@workforcePoolProvider.extraAttributesOauth2Client.attributesTypeazure-ad-groups-idzazure-ad-groups-display-namez:workforcePoolProvider.extraAttributesOauth2Client.clientIdzNworkforcePoolProvider.extraAttributesOauth2Client.clientSecret.value.plainTextz;workforcePoolProvider.extraAttributesOauth2Client.issuerUrizHworkforcePoolProvider.extraAttributesOauth2Client.queryParameters.filter) extra_attributes_type@GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2ClientAttributesTypeValueValuesEnumr rQAZURE_AD_GROUPS_MAILAZURE_AD_GROUPS_IDAZURE_AD_GROUPS_DISPLAY_NAMEextra_attributes_client_id$extra_attributes_client_secret_valueextra_attributes_issuer_uriextra_attributes_filterrrr response_types rrprpsZ +QQoo!;!;;!!  L  , , !;!; ;!!  L  * * (4+E+E E!!  L  4 4  $$0 D ''  ..: X 11  %%1 E ((  !!- R $$.rc(URbHURRnSUR;a"[R"USUR 5 UR b"[R"USUR 5 URb"[R"USUR5 URb"[R"USUR5 URb#[R"USUR5 gg)z9Set ExtendedAttributesOauth2Client fields in the request.Nr|zCworkforcePoolProvider.extendedAttributesOauth2Client.attributesTypez=workforcePoolProvider.extendedAttributesOauth2Client.clientIdzQworkforcePoolProvider.extendedAttributesOauth2Client.clientSecret.value.plainTextz>workforcePoolProvider.extendedAttributesOauth2Client.issuerUrizKworkforcePoolProvider.extendedAttributesOauth2Client.queryParameters.filter) extended_attributes_typer~rr rQrextended_attributes_client_id'extended_attributes_client_secret_valueextended_attributes_issuer_uriextended_attributes_filterrs rrqrq,s "".QQoot<<<!!  O  * *  ''3 G **  11= [ 44  ((4 H ++  $$0 U ''1rc&/nUR(aURRS5nURb"UR(aURS5 URbURS5 UR bURS5 UR bURS5 URbURS5 URbURS5 U(aSRU5UlU$)zhAdds ExtraAttributesOauth2Client specific fieldmask entries to the update workforcePoolProvider request.,extraAttributesOauth2Clientz*extraAttributesOauth2Client.attributesTypez$extraAttributesOauth2Client.clientIdz8extraAttributesOauth2Client.clientSecret.value.plainTextz%extraAttributesOauth2Client.issuerUriz2extraAttributesOauth2Client.queryParameters.filter) rKsplitrvappendr}rrrrjoin unused_refrr mask_fieldss r!AddExtraAttributesConfigFieldMaskrRs+ $$**3/K ((4  , ,45 +CD $$0=> ..:B %%1>? !!-KL+.G .rc&/nUR(aURRS5nURb"UR(aURS5 URbURS5 UR bURS5 UR bURS5 URbURS5 URbURS5 U(aSRU5UlU$)zkAdds ExtendedAttributesOauth2Client specific fieldmask entries to the update workforcePoolProvider request.rextendedAttributesOauth2Clientz-extendedAttributesOauth2Client.attributesTypez'extendedAttributesOauth2Client.clientIdz;extendedAttributesOauth2Client.clientSecret.value.plainTextz(extendedAttributesOauth2Client.issuerUriz5extendedAttributesOauth2Client.queryParameters.filter) rKrryrrrrrrrrs r$AddExtendedAttributesConfigFieldMaskrms+ $$**3/K ++7  / /78 "".FG ''3@A 11=E ((4AB $$0NO+.G .rcAg)zClear the value for a flag.NrV)rs r ClearFlagrs rcZAUR(d[R"USS5 U$)z:Remove the flag from the request when it is not specified. hardDeleteN) hard_deleter rQ)rrrs rModifyHardDeleteFlagInRequestrs,     .rcT[R"SSUR5UlU$)zHook to erase the project identifier from the request. Args: unused_ref: The resource reference of the response. unused_args: The arguments of the command. request: The request of the command. Returns: The modified apitools request message. zprojects/[^/]+/z projects/-/)resubrF)rrGrs rEraseProjectHookrs")=',,G', .r)+__doc__ __future__rrrrgooglecloudsdk.api_lib.iamrgooglecloudsdk.api_lib.utilrgooglecloudsdk.callioperr r#googlecloudsdk.command_lib.iamr $googlecloudsdk.command_lib.util.apisr googlecloudsdk.corer rr&r+r9r<rArCrHrNrWr_rcrlrsrwrzrprqrrrrrrVrrrs(&' +,/C3:#.    (4),&&/d#L66  r