Removes the non-required subject type parameter from the UpdateSubject RPCs

Chronicle Team · copybara-github · commit fac30356a665 · 2021-10-19T20:48:32.000-07:00
PiperOrigin-RevId: 404431228
diff --git a/access_control/update_subject.py b/access_control/update_subject.py
@@ -42,44 +42,28 @@ def initialize_command_line_args(
   regions.add_argument_region(parser)
   parser.add_argument(
       "-n", "--name", type=str, required=True, help="subject ID")
-  parser.add_argument(
-      "-t",
-      "--type",
-      type=str,
-      required=True,
-      help=("the subject's type (ANALYST or IDP_GROUP)"))
   parser.add_argument(
       "-rs",
       "--roles",
       type=str,
       required=True,
       help=("the role(s) the subject must have after the update"))
 
-  # Sanity checks for the command-line arguments.
-
   # No need for a sanity check for the subject name and roles because these
   # arguments convert the provided input into strings and accept a wide range
   # of values. If the subject name isn't passed in, the error will be thrown
   # from the argparse library.
 
-  # Check the subject type.
-  parsed_args = parser.parse_args(args)
-  if parsed_args.type not in ("ANALYST", "IDP_GROUP"):
-    print("Error: invalid subject type")
-    return None
-
   return parser.parse_args(args)
 
 
 def update_subject(http_session: requests.AuthorizedSession, name: str,
-                   subject_type: str,
                    roles: Sequence[str]) -> Mapping[str, Sequence[Any]]:
   """Updates information about a subject.
 
   Args:
     http_session: Authorized session for HTTP requests.
     name: The ID of the subject to retrieve information about.
-    subject_type: The subject's type (ANALYST or IDP_GROUP).
     roles: The role(s) the subject must have after the update.
 
   Returns:
@@ -117,7 +101,6 @@ def update_subject(http_session: requests.AuthorizedSession, name: str,
   url = f"{CHRONICLE_API_BASE_URL}/v1/subjects/{name}"
   body = {
       "name": name,
-      "type": subject_type,
       "roles": roles,
   }
   update_fields = ["subject.roles"]
@@ -139,5 +122,4 @@ def update_subject(http_session: requests.AuthorizedSession, name: str,
   session = chronicle_auth.initialize_http_session(cli.credentials_file)
   print(
       json.dumps(
-          update_subject(session, cli.name, cli.type, cli.roles.split(",")),
-          indent=2))
+          update_subject(session, cli.name, cli.roles.split(",")), indent=2))
diff --git a/access_control/update_subject_test.py b/access_control/update_subject_test.py
@@ -28,20 +28,11 @@ class UpdateSubjectTest(unittest.TestCase):
 
   def test_initialize_command_line_args(self):
     actual = update_subject.initialize_command_line_args(
-        ["--name=test@test.com", "--type=ANALYST", "--roles="])
+        ["--name=test@test.com", "--roles="])
     self.assertEqual(
         actual,
         argparse.Namespace(
-            credentials_file=None,
-            name="test@test.com",
-            type="ANALYST",
-            roles="",
-            region="us"))
-
-  def test_initialize_command_line_args_invalid_type(self):
-    actual = update_subject.initialize_command_line_args(
-        ["--name=test@test.com", "--type=INVALID", "--roles="])
-    self.assertIsNone(actual)
+            credentials_file=None, name="test@test.com", roles="", region="us"))
 
   @mock.patch.object(requests, "AuthorizedSession", autospec=True)
   @mock.patch.object(requests.requests, "Response", autospec=True)
@@ -52,15 +43,14 @@ def test_update_subject_error(self, mock_response, mock_session):
         requests.requests.exceptions.HTTPError())
 
     with self.assertRaises(requests.requests.exceptions.HTTPError):
-      update_subject.update_subject(mock_session, "", "", [])
+      update_subject.update_subject(mock_session, "", [])
 
   @mock.patch.object(requests, "AuthorizedSession", autospec=True)
   @mock.patch.object(requests.requests, "Response", autospec=True)
   def test_update_subject(self, mock_response, mock_session):
     mock_session.request.return_value = mock_response
     type(mock_response).status_code = mock.PropertyMock(return_value=200)
     subject_id = "test@test.com"
-    subject_type = "ANALYST"
     roles = ["Test"]
     expected = {
         "subject": {
@@ -89,8 +79,7 @@ def test_update_subject(self, mock_response, mock_session):
         },
     }
     mock_response.json.return_value = expected
-    actual = update_subject.update_subject(mock_session, subject_id,
-                                           subject_type, roles)
+    actual = update_subject.update_subject(mock_session, subject_id, roles)
     self.assertEqual(actual, expected)
 
 
