Fix #1038 by adding admin.auth.policy.* API support (#1039)

* Fix #1038 by adding admin.auth.policy.* API support

* Update test comment

Author: seratch

integration_tests/env_variable_names.py

@@ -27,6 +27,8 @@
 SLACK_SDK_TEST_GRID_IDP_USERGROUP_ID_2 = "SLACK_SDK_TEST_GRID_IDP_USERGROUP_ID_2"
 SLACK_SDK_TEST_GRID_TEAM_ID = "SLACK_SDK_TEST_GRID_TEAM_ID"
 SLACK_SDK_TEST_GRID_USER_ID = "SLACK_SDK_TEST_GRID_USER_ID"
+# The following user must be a full member, who is not a primary owner
+SLACK_SDK_TEST_GRID_USER_ID_ADMIN_AUTH = "SLACK_SDK_TEST_GRID_USER_ID_ADMIN_AUTH"
 
 # Webhook
 SLACK_SDK_TEST_INCOMING_WEBHOOK_URL = "SLACK_SDK_TEST_INCOMING_WEBHOOK_URL"

integration_tests/web/test_admin_auth_policy.py

@@ -0,0 +1,69 @@
+import logging
+import os
+import unittest
+
+from integration_tests.env_variable_names import (
+    SLACK_SDK_TEST_GRID_ORG_ADMIN_USER_TOKEN, SLACK_SDK_TEST_GRID_USER_ID_ADMIN_AUTH,
+)
+from integration_tests.helpers import async_test
+from slack_sdk.web import WebClient
+from slack_sdk.web.async_client import AsyncWebClient
+
+
+class TestWebClient(unittest.TestCase):
+    """Runs integration tests with real Slack API"""
+
+    def setUp(self):
+        self.logger = logging.getLogger(__name__)
+        self.org_admin_token = os.environ[SLACK_SDK_TEST_GRID_ORG_ADMIN_USER_TOKEN]
+        self.sync_client: WebClient = WebClient(token=self.org_admin_token)
+        self.async_client: AsyncWebClient = AsyncWebClient(token=self.org_admin_token)
+        self.user_ids = [os.environ[SLACK_SDK_TEST_GRID_USER_ID_ADMIN_AUTH]]
+
+    def tearDown(self):
+        pass
+
+    def test_sync(self):
+        client = self.sync_client
+
+        list = client.admin_auth_policy_getEntities(policy_name="email_password", limit=3)
+        self.assertIsNotNone(list)
+
+        assignment = client.admin_auth_policy_assignEntities(
+            entity_ids=self.user_ids,
+            policy_name="email_password",
+            entity_type="USER",
+        )
+        self.assertIsNotNone(assignment)
+        self.assertEqual(list["entity_total_count"] + 1, assignment["entity_total_count"])
+
+        removal = client.admin_auth_policy_removeEntities(
+            entity_ids=self.user_ids,
+            policy_name="email_password",
+            entity_type="USER",
+        )
+        self.assertIsNotNone(removal)
+        self.assertEqual(list["entity_total_count"], removal["entity_total_count"])
+
+    @async_test
+    async def test_async(self):
+        client = self.async_client
+
+        list = await client.admin_auth_policy_getEntities(policy_name="email_password", limit=3)
+        self.assertIsNotNone(list)
+
+        assignment = await client.admin_auth_policy_assignEntities(
+            entity_ids=self.user_ids,
+            policy_name="email_password",
+            entity_type="USER",
+        )
+        self.assertIsNotNone(assignment)
+        self.assertEqual(list["entity_total_count"] + 1, assignment["entity_total_count"])
+
+        removal = await client.admin_auth_policy_removeEntities(
+            entity_ids=self.user_ids,
+            policy_name="email_password",
+            entity_type="USER",
+        )
+        self.assertIsNotNone(removal)
+        self.assertEqual(list["entity_total_count"], removal["entity_total_count"])

slack_sdk/web/async_client.py

@@ -182,6 +182,65 @@ async def admin_apps_uninstall(
             "admin.apps.uninstall", http_verb="POST", params=kwargs
         )
 
+    async def admin_auth_policy_getEntities(
+        self,
+        *,
+        policy_name: str,
+        cursor: Optional[str] = None,
+        entity_type: Optional[str] = None,
+        limit: Optional[int] = None,
+        **kwargs
+    ) -> AsyncSlackResponse:
+        """Fetch all the entities assigned to a particular authentication policy by name."""
+        kwargs.update({"policy_name": policy_name})
+        if cursor is not None:
+            kwargs.update({"cursor": cursor})
+        if entity_type is not None:
+            kwargs.update({"entity_type": entity_type})
+        if limit is not None:
+            kwargs.update({"limit": limit})
+        return await self.api_call(
+            "admin.auth.policy.getEntities", http_verb="POST", params=kwargs
+        )
+
+    async def admin_auth_policy_assignEntities(
+        self,
+        *,
+        entity_ids: Union[str, Sequence[str]],
+        policy_name: str,
+        entity_type: str,
+        **kwargs
+    ) -> AsyncSlackResponse:
+        """Assign entities to a particular authentication policy."""
+        if isinstance(entity_ids, (list, Tuple)):
+            kwargs.update({"entity_ids": ",".join(entity_ids)})
+        else:
+            kwargs.update({"entity_ids": entity_ids})
+        kwargs.update({"policy_name": policy_name})
+        kwargs.update({"entity_type": entity_type})
+        return await self.api_call(
+            "admin.auth.policy.assignEntities", http_verb="POST", params=kwargs
+        )
+
+    async def admin_auth_policy_removeEntities(
+        self,
+        *,
+        entity_ids: Union[str, Sequence[str]],
+        policy_name: str,
+        entity_type: str,
+        **kwargs
+    ) -> AsyncSlackResponse:
+        """Remove specified entities from a specified authentication policy."""
+        if isinstance(entity_ids, (list, Tuple)):
+            kwargs.update({"entity_ids": ",".join(entity_ids)})
+        else:
+            kwargs.update({"entity_ids": entity_ids})
+        kwargs.update({"policy_name": policy_name})
+        kwargs.update({"entity_type": entity_type})
+        return await self.api_call(
+            "admin.auth.policy.removeEntities", http_verb="POST", params=kwargs
+        )
+
     async def admin_barriers_create(
         self,
         *,

slack_sdk/web/client.py

@@ -165,6 +165,65 @@ def admin_apps_uninstall(
                 kwargs.update({"team_ids": team_ids})
         return self.api_call("admin.apps.uninstall", http_verb="POST", params=kwargs)
 
+    def admin_auth_policy_getEntities(
+        self,
+        *,
+        policy_name: str,
+        cursor: Optional[str] = None,
+        entity_type: Optional[str] = None,
+        limit: Optional[int] = None,
+        **kwargs
+    ) -> SlackResponse:
+        """Fetch all the entities assigned to a particular authentication policy by name."""
+        kwargs.update({"policy_name": policy_name})
+        if cursor is not None:
+            kwargs.update({"cursor": cursor})
+        if entity_type is not None:
+            kwargs.update({"entity_type": entity_type})
+        if limit is not None:
+            kwargs.update({"limit": limit})
+        return self.api_call(
+            "admin.auth.policy.getEntities", http_verb="POST", params=kwargs
+        )
+
+    def admin_auth_policy_assignEntities(
+        self,
+        *,
+        entity_ids: Union[str, Sequence[str]],
+        policy_name: str,
+        entity_type: str,
+        **kwargs
+    ) -> SlackResponse:
+        """Assign entities to a particular authentication policy."""
+        if isinstance(entity_ids, (list, Tuple)):
+            kwargs.update({"entity_ids": ",".join(entity_ids)})
+        else:
+            kwargs.update({"entity_ids": entity_ids})
+        kwargs.update({"policy_name": policy_name})
+        kwargs.update({"entity_type": entity_type})
+        return self.api_call(
+            "admin.auth.policy.assignEntities", http_verb="POST", params=kwargs
+        )
+
+    def admin_auth_policy_removeEntities(
+        self,
+        *,
+        entity_ids: Union[str, Sequence[str]],
+        policy_name: str,
+        entity_type: str,
+        **kwargs
+    ) -> SlackResponse:
+        """Remove specified entities from a specified authentication policy."""
+        if isinstance(entity_ids, (list, Tuple)):
+            kwargs.update({"entity_ids": ",".join(entity_ids)})
+        else:
+            kwargs.update({"entity_ids": entity_ids})
+        kwargs.update({"policy_name": policy_name})
+        kwargs.update({"entity_type": entity_type})
+        return self.api_call(
+            "admin.auth.policy.removeEntities", http_verb="POST", params=kwargs
+        )
+
     def admin_barriers_create(
         self,
         *,

slack_sdk/web/legacy_client.py

@@ -178,6 +178,65 @@ def admin_apps_uninstall(
                 kwargs.update({"team_ids": team_ids})
         return self.api_call("admin.apps.uninstall", http_verb="POST", params=kwargs)
 
+    def admin_auth_policy_getEntities(
+        self,
+        *,
+        policy_name: str,
+        cursor: Optional[str] = None,
+        entity_type: Optional[str] = None,
+        limit: Optional[int] = None,
+        **kwargs
+    ) -> Union[Future, SlackResponse]:
+        """Fetch all the entities assigned to a particular authentication policy by name."""
+        kwargs.update({"policy_name": policy_name})
+        if cursor is not None:
+            kwargs.update({"cursor": cursor})
+        if entity_type is not None:
+            kwargs.update({"entity_type": entity_type})
+        if limit is not None:
+            kwargs.update({"limit": limit})
+        return self.api_call(
+            "admin.auth.policy.getEntities", http_verb="POST", params=kwargs
+        )
+
+    def admin_auth_policy_assignEntities(
+        self,
+        *,
+        entity_ids: Union[str, Sequence[str]],
+        policy_name: str,
+        entity_type: str,
+        **kwargs
+    ) -> Union[Future, SlackResponse]:
+        """Assign entities to a particular authentication policy."""
+        if isinstance(entity_ids, (list, Tuple)):
+            kwargs.update({"entity_ids": ",".join(entity_ids)})
+        else:
+            kwargs.update({"entity_ids": entity_ids})
+        kwargs.update({"policy_name": policy_name})
+        kwargs.update({"entity_type": entity_type})
+        return self.api_call(
+            "admin.auth.policy.assignEntities", http_verb="POST", params=kwargs
+        )
+
+    def admin_auth_policy_removeEntities(
+        self,
+        *,
+        entity_ids: Union[str, Sequence[str]],
+        policy_name: str,
+        entity_type: str,
+        **kwargs
+    ) -> Union[Future, SlackResponse]:
+        """Remove specified entities from a specified authentication policy."""
+        if isinstance(entity_ids, (list, Tuple)):
+            kwargs.update({"entity_ids": ",".join(entity_ids)})
+        else:
+            kwargs.update({"entity_ids": entity_ids})
+        kwargs.update({"policy_name": policy_name})
+        kwargs.update({"entity_type": entity_type})
+        return self.api_call(
+            "admin.auth.policy.removeEntities", http_verb="POST", params=kwargs
+        )
+
     def admin_barriers_create(
         self,
         *,