diff --git a/core/Microsoft.Mcp.Core/src/Models/Option/OptionDefinitions.cs b/core/Microsoft.Mcp.Core/src/Models/Option/OptionDefinitions.cs index 29ee428b26..4fef6d8a35 100644 --- a/core/Microsoft.Mcp.Core/src/Models/Option/OptionDefinitions.cs +++ b/core/Microsoft.Mcp.Core/src/Models/Option/OptionDefinitions.cs @@ -78,15 +78,4 @@ public static class RetryPolicy Required = false }; } - - public static class Authorization - { - public const string ScopeName = "scope"; - - public static readonly Option Scope = new($"--{ScopeName}") - { - Description = "Scope at which the role assignment or definition applies to, e.g., /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.", - Required = true, - }; - } } diff --git a/servers/Azure.Mcp.Server/changelog-entries/1781542129343.yaml b/servers/Azure.Mcp.Server/changelog-entries/1781542129343.yaml new file mode 100644 index 0000000000..72ce8f1bda --- /dev/null +++ b/servers/Azure.Mcp.Server/changelog-entries/1781542129343.yaml @@ -0,0 +1,3 @@ +changes: + - section: "Breaking Changes" + description: "Removed unused parameters from Authorization tools." diff --git a/tools/Azure.Mcp.Tools.Authorization/src/Commands/RoleAssignmentListCommand.cs b/tools/Azure.Mcp.Tools.Authorization/src/Commands/RoleAssignmentListCommand.cs index fbfcda7e2d..ad64f62cfd 100644 --- a/tools/Azure.Mcp.Tools.Authorization/src/Commands/RoleAssignmentListCommand.cs +++ b/tools/Azure.Mcp.Tools.Authorization/src/Commands/RoleAssignmentListCommand.cs @@ -2,14 +2,13 @@ // Licensed under the MIT License. using Azure.Mcp.Core.Commands.Subscription; +using Azure.Mcp.Core.Services.Azure.Subscription; using Azure.Mcp.Tools.Authorization.Models; using Azure.Mcp.Tools.Authorization.Options; using Azure.Mcp.Tools.Authorization.Services; using Microsoft.Extensions.Logging; using Microsoft.Mcp.Core.Commands; -using Microsoft.Mcp.Core.Extensions; using Microsoft.Mcp.Core.Models.Command; -using Microsoft.Mcp.Core.Models.Option; namespace Azure.Mcp.Tools.Authorization.Commands; @@ -27,38 +26,19 @@ List role assignments. This command retrieves and displays all Azure RBAC role a ReadOnly = true, Secret = false, LocalRequired = false)] -public sealed class RoleAssignmentListCommand(ILogger logger, IAuthorizationService authorizationService) : SubscriptionCommand +public sealed class RoleAssignmentListCommand(ILogger logger, IAuthorizationService authorizationService, ISubscriptionResolver subscriptionResolver) + : SubscriptionCommand(subscriptionResolver) { private readonly ILogger _logger = logger; private readonly IAuthorizationService _authorizationService = authorizationService; - protected override void RegisterOptions(Command command) + public override async Task ExecuteAsync(CommandContext context, RoleAssignmentListOptions options, CancellationToken cancellationToken) { - base.RegisterOptions(command); - command.Options.Add(OptionDefinitions.Authorization.Scope); - } - - protected override RoleAssignmentListOptions BindOptions(ParseResult parseResult) - { - var args = base.BindOptions(parseResult); - args.Scope = parseResult.GetValueOrDefault(OptionDefinitions.Authorization.Scope.Name); - return args; - } - - public override async Task ExecuteAsync(CommandContext context, ParseResult parseResult, CancellationToken cancellationToken) - { - if (!Validate(parseResult.CommandResult, context.Response).IsValid) - { - return context.Response; - } - - var options = BindOptions(parseResult); - try { var assignments = await _authorizationService.ListRoleAssignmentsAsync( options.Subscription!, - options.Scope!, + options.Scope, options.Tenant, options.RetryPolicy, cancellationToken); @@ -74,5 +54,5 @@ public override async Task ExecuteAsync(CommandContext context, return context.Response; } - internal record RoleAssignmentListCommandResult(List Assignments, bool AreResultsTruncated); + public sealed record RoleAssignmentListCommandResult(List Assignments, bool AreResultsTruncated); } diff --git a/tools/Azure.Mcp.Tools.Authorization/src/GlobalUsings.cs b/tools/Azure.Mcp.Tools.Authorization/src/GlobalUsings.cs deleted file mode 100644 index b41cc886b4..0000000000 --- a/tools/Azure.Mcp.Tools.Authorization/src/GlobalUsings.cs +++ /dev/null @@ -1,4 +0,0 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT License. - -global using System.CommandLine; diff --git a/tools/Azure.Mcp.Tools.Authorization/src/Options/RoleAssignmentListOptions.cs b/tools/Azure.Mcp.Tools.Authorization/src/Options/RoleAssignmentListOptions.cs index 1864e2899a..09964d2ea9 100644 --- a/tools/Azure.Mcp.Tools.Authorization/src/Options/RoleAssignmentListOptions.cs +++ b/tools/Azure.Mcp.Tools.Authorization/src/Options/RoleAssignmentListOptions.cs @@ -1,14 +1,22 @@ // Copyright (c) Microsoft Corporation. // Licensed under the MIT License. -using System.Text.Json.Serialization; -using Microsoft.Mcp.Core.Models.Option; +using Azure.Mcp.Core.Options; using Microsoft.Mcp.Core.Options; namespace Azure.Mcp.Tools.Authorization.Options; -public class RoleAssignmentListOptions : SubscriptionOptions +public sealed class RoleAssignmentListOptions : ISubscriptionOption { - [JsonPropertyName(OptionDefinitions.Authorization.ScopeName)] - public string? Scope { get; set; } + [Option(OptionDescriptions.Tenant)] + public string? Tenant { get; set; } + + [Option(OptionDescriptions.Subscription)] + public string? Subscription { get; set; } + + [Option(Name = "retry")] + public RetryPolicyOptions? RetryPolicy { get; set; } + + [Option("Scope at which the role assignment or definition applies to, e.g., /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.")] + public required string Scope { get; set; } } diff --git a/tools/Azure.Mcp.Tools.Authorization/tests/Azure.Mcp.Tools.Authorization.Tests/RoleAssignmentListCommandTests.cs b/tools/Azure.Mcp.Tools.Authorization/tests/Azure.Mcp.Tools.Authorization.Tests/RoleAssignmentListCommandTests.cs index 7cf4b7a03a..5ab061ffdd 100644 --- a/tools/Azure.Mcp.Tools.Authorization/tests/Azure.Mcp.Tools.Authorization.Tests/RoleAssignmentListCommandTests.cs +++ b/tools/Azure.Mcp.Tools.Authorization/tests/Azure.Mcp.Tools.Authorization.Tests/RoleAssignmentListCommandTests.cs @@ -3,18 +3,18 @@ using System.Net; using Azure.Mcp.Core.Services.Azure; +using Azure.Mcp.Tests.Commands; using Azure.Mcp.Tools.Authorization.Commands; using Azure.Mcp.Tools.Authorization.Models; using Azure.Mcp.Tools.Authorization.Services; using Microsoft.Mcp.Core.Options; -using Microsoft.Mcp.Tests.Client; using NSubstitute; using NSubstitute.ExceptionExtensions; using Xunit; namespace Azure.Mcp.Tools.Authorization.Tests; -public class RoleAssignmentListCommandTests : CommandUnitTestsBase +public class RoleAssignmentListCommandTests : SubscriptionCommandUnitTestsBase { [Fact] public async Task ExecuteAsync_ReturnsRoleAssignments_WhenRoleAssignmentsExist()