Add receives_permissions_from field to Roles API

.generator/schemas/v2/openapi.yaml

@@ -49734,6 +49734,18 @@ components:
           description: The name of the role. The name is neither unique nor a stable
             identifier of the role.
           type: string
+        receives_permissions_from:
+          description: 'The managed role from which this role automatically inherits
+            new permissions.
+
+            Specify one of the following: "Datadog Admin Role", "Datadog Standard
+            Role", or "Datadog Read Only Role".
+
+            If empty or not specified, the role does not automatically inherit permissions
+            from any managed role.'
+          items:
+            type: string
+          type: array
         user_count:
           description: Number of users with that role.
           format: int64
@@ -49759,6 +49771,18 @@ components:
           description: Name of the new role that is cloned.
           example: cloned-role
           type: string
+        receives_permissions_from:
+          description: 'The managed role from which this role automatically inherits
+            new permissions.
+
+            Specify one of the following: "Datadog Admin Role", "Datadog Standard
+            Role", or "Datadog Read Only Role".
+
+            If empty or not specified, the role does not automatically inherit permissions
+            from any managed role.'
+          items:
+            type: string
+          type: array
       required:
       - name
       type: object
@@ -49787,6 +49811,18 @@ components:
           description: Name of the role.
           example: developers
           type: string
+        receives_permissions_from:
+          description: 'The managed role from which this role automatically inherits
+            new permissions.
+
+            Specify one of the following: "Datadog Admin Role", "Datadog Standard
+            Role", or "Datadog Read Only Role".
+
+            If empty or not specified, the role does not automatically inherit permissions
+            from any managed role.'
+          items:
+            type: string
+          type: array
       required:
       - name
       type: object
@@ -49908,6 +49944,18 @@ components:
         name:
           description: Name of the role.
           type: string
+        receives_permissions_from:
+          description: 'The managed role from which this role automatically inherits
+            new permissions.
+
+            Specify one of the following: "Datadog Admin Role", "Datadog Standard
+            Role", or "Datadog Read Only Role".
+
+            If empty or not specified, the role does not automatically inherit permissions
+            from any managed role.'
+          items:
+            type: string
+          type: array
         user_count:
           description: The user count.
           format: int32
@@ -104429,7 +104477,12 @@ tags:
 
     read access on a specific log index to a role can be done in Datadog from the
 
-    [Pipelines page](https://app.datadoghq.com/logs/pipelines).'
+    [Pipelines page](https://app.datadoghq.com/logs/pipelines).
+
+
+    Roles can also be managed in bulk through the Datadog UI, which provides
+
+    the capability to assign a single permission to multiple roles simultaneously.'
   name: Roles
 - description: Auto-generated tag Rum Audience Management
   name: Rum Audience Management

examples/v2/roles/CreateRole.rb

@@ -7,6 +7,7 @@
   data: DatadogAPIClient::V2::RoleCreateData.new({
     attributes: DatadogAPIClient::V2::RoleCreateAttributes.new({
       name: "developers",
+      receives_permissions_from: [],
     }),
     relationships: DatadogAPIClient::V2::RoleRelationships.new({
       permissions: DatadogAPIClient::V2::RelationshipToPermissions.new({

features/v2/roles.feature

@@ -6,7 +6,9 @@ Feature: Roles
   account assets can be granted to roles in the Datadog application without
   using this API. For example, granting read access on a specific log index
   to a role can be done in Datadog from the [Pipelines
-  page](https://app.datadoghq.com/logs/pipelines).
+  page](https://app.datadoghq.com/logs/pipelines).  Roles can also be
+  managed in bulk through the Datadog UI, which provides the capability to
+  assign a single permission to multiple roles simultaneously.
 
   Background:
     Given a valid "apiKeyAuth" key in the system
@@ -64,7 +66,7 @@ Feature: Roles
   Scenario: Create a new role by cloning an existing role returns "Not found" response
     Given new "CloneRole" request
     And request contains "role_id" parameter from "REPLACE.ME"
-    And body with value {"data": {"attributes": {"name": "cloned-role"}, "type": "roles"}}
+    And body with value {"data": {"attributes": {"name": "cloned-role", "receives_permissions_from": []}, "type": "roles"}}
     When the request is sent
     Then the response status is 404 Not found
 
@@ -81,14 +83,14 @@ Feature: Roles
   @generated @skip @team:DataDog/aaa-core-access
   Scenario: Create role returns "Bad Request" response
     Given new "CreateRole" request
-    And body with value {"data": {"attributes": {"name": "developers"}, "relationships": {"permissions": {"data": [{"type": "permissions"}]}}, "type": "roles"}}
+    And body with value {"data": {"attributes": {"name": "developers", "receives_permissions_from": []}, "relationships": {"permissions": {"data": [{"type": "permissions"}]}}, "type": "roles"}}
     When the request is sent
     Then the response status is 400 Bad Request
 
   @generated @skip @team:DataDog/aaa-core-access
   Scenario: Create role returns "OK" response
     Given new "CreateRole" request
-    And body with value {"data": {"attributes": {"name": "developers"}, "relationships": {"permissions": {"data": [{"type": "permissions"}]}}, "type": "roles"}}
+    And body with value {"data": {"attributes": {"name": "developers", "receives_permissions_from": []}, "relationships": {"permissions": {"data": [{"type": "permissions"}]}}, "type": "roles"}}
     When the request is sent
     Then the response status is 200 OK
 
@@ -335,6 +337,6 @@ Feature: Roles
   Scenario: Update a role returns "Unprocessable Entity" response
     Given new "UpdateRole" request
     And request contains "role_id" parameter from "REPLACE.ME"
-    And body with value {"data": {"attributes": {}, "id": "00000000-0000-1111-0000-000000000000", "relationships": {"permissions": {"data": [{"type": "permissions"}]}}, "type": "roles"}}
+    And body with value {"data": {"attributes": {"receives_permissions_from": []}, "id": "00000000-0000-1111-0000-000000000000", "relationships": {"permissions": {"data": [{"type": "permissions"}]}}, "type": "roles"}}
     When the request is sent
     Then the response status is 422 Unprocessable Entity

lib/datadog_api_client/v2/models/role_attributes.rb

@@ -30,6 +30,11 @@ class RoleAttributes
     # The name of the role. The name is neither unique nor a stable identifier of the role.
     attr_accessor :name
 
+    # The managed role from which this role automatically inherits new permissions.
+    # Specify one of the following: "Datadog Admin Role", "Datadog Standard Role", or "Datadog Read Only Role".
+    # If empty or not specified, the role does not automatically inherit permissions from any managed role.
+    attr_accessor :receives_permissions_from
+
     # Number of users with that role.
     attr_accessor :user_count
 
@@ -42,6 +47,7 @@ def self.attribute_map
         :'created_at' => :'created_at',
         :'modified_at' => :'modified_at',
         :'name' => :'name',
+        :'receives_permissions_from' => :'receives_permissions_from',
         :'user_count' => :'user_count'
       }
     end
@@ -53,6 +59,7 @@ def self.openapi_types
         :'created_at' => :'Time',
         :'modified_at' => :'Time',
         :'name' => :'String',
+        :'receives_permissions_from' => :'Array<String>',
         :'user_count' => :'Integer'
       }
     end
@@ -87,6 +94,12 @@ def initialize(attributes = {})
         self.name = attributes[:'name']
       end
 
+      if attributes.key?(:'receives_permissions_from')
+        if (value = attributes[:'receives_permissions_from']).is_a?(Array)
+          self.receives_permissions_from = value
+        end
+      end
+
       if attributes.key?(:'user_count')
         self.user_count = attributes[:'user_count']
       end
@@ -121,6 +134,7 @@ def ==(o)
           created_at == o.created_at &&
           modified_at == o.modified_at &&
           name == o.name &&
+          receives_permissions_from == o.receives_permissions_from &&
           user_count == o.user_count &&
           additional_properties == o.additional_properties
     end
@@ -129,7 +143,7 @@ def ==(o)
     # @return [Integer] Hash code
     # @!visibility private
     def hash
-      [created_at, modified_at, name, user_count, additional_properties].hash
+      [created_at, modified_at, name, receives_permissions_from, user_count, additional_properties].hash
     end
   end
 end

lib/datadog_api_client/v2/models/role_clone_attributes.rb

@@ -24,21 +24,28 @@ class RoleCloneAttributes
     # Name of the new role that is cloned.
     attr_reader :name
 
+    # The managed role from which this role automatically inherits new permissions.
+    # Specify one of the following: "Datadog Admin Role", "Datadog Standard Role", or "Datadog Read Only Role".
+    # If empty or not specified, the role does not automatically inherit permissions from any managed role.
+    attr_accessor :receives_permissions_from
+
     attr_accessor :additional_properties
 
     # Attribute mapping from ruby-style variable name to JSON key.
     # @!visibility private
     def self.attribute_map
       {
-        :'name' => :'name'
+        :'name' => :'name',
+        :'receives_permissions_from' => :'receives_permissions_from'
       }
     end
 
     # Attribute type mapping.
     # @!visibility private
     def self.openapi_types
       {
-        :'name' => :'String'
+        :'name' => :'String',
+        :'receives_permissions_from' => :'Array<String>'
       }
     end
 
@@ -63,6 +70,12 @@ def initialize(attributes = {})
       if attributes.key?(:'name')
         self.name = attributes[:'name']
       end
+
+      if attributes.key?(:'receives_permissions_from')
+        if (value = attributes[:'receives_permissions_from']).is_a?(Array)
+          self.receives_permissions_from = value
+        end
+      end
     end
 
     # Check to see if the all the properties in the model are valid
@@ -110,14 +123,15 @@ def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
           name == o.name &&
+          receives_permissions_from == o.receives_permissions_from &&
           additional_properties == o.additional_properties
     end
 
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     # @!visibility private
     def hash
-      [name, additional_properties].hash
+      [name, receives_permissions_from, additional_properties].hash
     end
   end
 end

lib/datadog_api_client/v2/models/role_create_attributes.rb

@@ -30,6 +30,11 @@ class RoleCreateAttributes
     # Name of the role.
     attr_reader :name
 
+    # The managed role from which this role automatically inherits new permissions.
+    # Specify one of the following: "Datadog Admin Role", "Datadog Standard Role", or "Datadog Read Only Role".
+    # If empty or not specified, the role does not automatically inherit permissions from any managed role.
+    attr_accessor :receives_permissions_from
+
     attr_accessor :additional_properties
 
     # Attribute mapping from ruby-style variable name to JSON key.
@@ -38,7 +43,8 @@ def self.attribute_map
       {
         :'created_at' => :'created_at',
         :'modified_at' => :'modified_at',
-        :'name' => :'name'
+        :'name' => :'name',
+        :'receives_permissions_from' => :'receives_permissions_from'
       }
     end
 
@@ -48,7 +54,8 @@ def self.openapi_types
       {
         :'created_at' => :'Time',
         :'modified_at' => :'Time',
-        :'name' => :'String'
+        :'name' => :'String',
+        :'receives_permissions_from' => :'Array<String>'
       }
     end
 
@@ -81,6 +88,12 @@ def initialize(attributes = {})
       if attributes.key?(:'name')
         self.name = attributes[:'name']
       end
+
+      if attributes.key?(:'receives_permissions_from')
+        if (value = attributes[:'receives_permissions_from']).is_a?(Array)
+          self.receives_permissions_from = value
+        end
+      end
     end
 
     # Check to see if the all the properties in the model are valid
@@ -130,14 +143,15 @@ def ==(o)
           created_at == o.created_at &&
           modified_at == o.modified_at &&
           name == o.name &&
+          receives_permissions_from == o.receives_permissions_from &&
           additional_properties == o.additional_properties
     end
 
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     # @!visibility private
     def hash
-      [created_at, modified_at, name, additional_properties].hash
+      [created_at, modified_at, name, receives_permissions_from, additional_properties].hash
     end
   end
 end

lib/datadog_api_client/v2/models/role_update_attributes.rb

@@ -30,6 +30,11 @@ class RoleUpdateAttributes
     # Name of the role.
     attr_accessor :name
 
+    # The managed role from which this role automatically inherits new permissions.
+    # Specify one of the following: "Datadog Admin Role", "Datadog Standard Role", or "Datadog Read Only Role".
+    # If empty or not specified, the role does not automatically inherit permissions from any managed role.
+    attr_accessor :receives_permissions_from
+
     # The user count.
     attr_reader :user_count
 
@@ -42,6 +47,7 @@ def self.attribute_map
         :'created_at' => :'created_at',
         :'modified_at' => :'modified_at',
         :'name' => :'name',
+        :'receives_permissions_from' => :'receives_permissions_from',
         :'user_count' => :'user_count'
       }
     end
@@ -53,6 +59,7 @@ def self.openapi_types
         :'created_at' => :'Time',
         :'modified_at' => :'Time',
         :'name' => :'String',
+        :'receives_permissions_from' => :'Array<String>',
         :'user_count' => :'Integer'
       }
     end
@@ -87,6 +94,12 @@ def initialize(attributes = {})
         self.name = attributes[:'name']
       end
 
+      if attributes.key?(:'receives_permissions_from')
+        if (value = attributes[:'receives_permissions_from']).is_a?(Array)
+          self.receives_permissions_from = value
+        end
+      end
+
       if attributes.key?(:'user_count')
         self.user_count = attributes[:'user_count']
       end
@@ -139,6 +152,7 @@ def ==(o)
           created_at == o.created_at &&
           modified_at == o.modified_at &&
           name == o.name &&
+          receives_permissions_from == o.receives_permissions_from &&
           user_count == o.user_count &&
           additional_properties == o.additional_properties
     end
@@ -147,7 +161,7 @@ def ==(o)
     # @return [Integer] Hash code
     # @!visibility private
     def hash
-      [created_at, modified_at, name, user_count, additional_properties].hash
+      [created_at, modified_at, name, receives_permissions_from, user_count, additional_properties].hash
     end
   end
 end