SrSSKJr SSKJr SSKJr SSKJr SSKJ r SSK J r SSK Jr S /rS /rS /rS rSSjrSrg )z$Helpers for testing IAM permissions.)absolute_import)division)unicode_literals)iam) projects_api)base) exceptionsz cloudkms.cryptoKeys.setIamPolicyz'privateca.certificateAuthorities.createzprivateca.certificates.createch[U5[U5- nU(a[R"X#S9eg)zDRaises an exception if the expected permissions are not all present.)resourcemissing_permissionsN)setr InsufficientPermissionException)actual_permissionsexpected_permissionsr diffs /lib/googlecloudsdk/command_lib/privateca/iam.py_CheckAllPermissionsr(s8 ! "S);%< <$  4 4 55 Nc[[R"U[5R[S5 U(a5[[ R "U[5R[S5 gg)a!Ensures that the current user has the required permissions to create a CA. Args: project_ref: The project where the new CA will be created. kms_key_ref: optional, The KMS key that will be used by the CA. Raises: InsufficientPermissionException: If the user is missing permissions. projectzKMS keyN)rrTestIamPermissions!_CA_CREATE_PERMISSIONS_ON_PROJECT permissionskms_iamTestCryptoKeyIamPermissions_CA_CREATE_PERMISSIONS_ON_KEY) project_ref kms_key_refs r*CheckCreateCertificateAuthorityPermissionsr1sZ%% 8::E+'4++ 6 88C %y2rc [R"SS9n[R"SS9nURR UR UR 5UR[S9S95n[UR[S5 g)zEnsures that the current user can issue a certificate from the given Pool. Args: issuing_ca_pool_ref: The CA pool that will create the certificate. Raises: InsufficientPermissionException: If the user is missing permissions. v1) api_version)r)r testIamPermissionsRequestz issuing CAN) privateca_baseGetClientInstanceGetMessagesModuleprojects_locations_caPoolsr:PrivatecaProjectsLocationsCaPoolsTestIamPermissionsRequest RelativeNameTestIamPermissionsRequest*_CERTIFICATE_CREATE_PERMISSIONS_ON_CA_POOLrr)issuing_ca_pool_refclientmessages test_responses r!CheckCreateCertificatePermissionsr0Fs  + + =&  - -$ ?(33FFII&335$,$F$FD%G%FJGH- }00A<Qr)N)__doc__ __future__rrrgooglecloudsdk.api_lib.cloudkmsrr+googlecloudsdk.api_lib.cloudresourcemanagerr googlecloudsdk.api_lib.privatecarr$$googlecloudsdk.command_lib.privatecar rrr+rrr0rrr8sU+&':DC;'! .%! /N-N*52*Qr