Class: Google::Cloud::Storage::Bucket::Acl

Inherits:
Object
  • Object
show all
Defined in:
lib/google/cloud/storage/bucket/acl.rb

Overview

# Bucket Access Control List

Represents a Bucket’s Access Control List.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.readers.each { |reader| puts reader }

Constant Summary collapse

RULES = 
{ "authenticatedRead" => "authenticatedRead",
"auth" => "authenticatedRead",
"auth_read" => "authenticatedRead",
"authenticated" => "authenticatedRead",
"authenticated_read" => "authenticatedRead",
"private" => "private",
"projectPrivate" => "projectPrivate",
"proj_private" => "projectPrivate",
"project_private" => "projectPrivate",
"publicRead" => "publicRead",
"public" => "publicRead",
"public_read" => "publicRead",
"publicReadWrite" => "publicReadWrite",
"public_write" => "publicReadWrite" }

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(bucket) ⇒ Acl

Must provide a valid Bucket object.



55
56
57
58
59
60
61
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 55

def initialize bucket
  @bucket = bucket.name
  @service = bucket.service
  @owners  = nil
  @writers = nil
  @readers = nil
end

Class Method Details

.predefined_rule_for(rule_name) ⇒ Object 



313
314
315
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 313

def self.predefined_rule_for rule_name
  RULES[rule_name.to_s]
end

Instance Method Details

#add_owner(entity) ⇒ Object

Grants owner permission to the bucket.

Examples:

Grant access to a user by prepending ‘“user-”` to an email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "[email protected]"
bucket.acl.add_owner "user-#{email}"

Grant access to a group by prepending ‘“group-”` to email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "[email protected]"
bucket.acl.add_owner "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId

    • user-email

    • group-groupId

    • group-email

    • domain-domain

    • project-team-projectId

    • allUsers

    • allAuthenticatedUsers



182
183
184
185
186
187
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 182

def add_owner entity
  gapi = @service.insert_bucket_acl @bucket, entity, "OWNER"
  entity = gapi.entity
  @owners.push entity unless @owners.nil?
  entity
end

#add_reader(entity) ⇒ Object

Grants reader permission to the bucket.

Examples:

Grant access to a user by prepending ‘“user-”` to an email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "[email protected]"
bucket.acl.add_reader "user-#{email}"

Grant access to a group by prepending ‘“group-”` to email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "[email protected]"
bucket.acl.add_reader "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId

    • user-email

    • group-groupId

    • group-email

    • domain-domain

    • project-team-projectId

    • allUsers

    • allAuthenticatedUsers



270
271
272
273
274
275
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 270

def add_reader entity
  gapi = @service.insert_bucket_acl @bucket, entity, "READER"
  entity = gapi.entity
  @readers.push entity unless @readers.nil?
  entity
end

#add_writer(entity) ⇒ Object

Grants writer permission to the bucket.

Examples:

Grant access to a user by prepending ‘“user-”` to an email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "[email protected]"
bucket.acl.add_writer "user-#{email}"

Grant access to a group by prepending ‘“group-”` to email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "[email protected]"
bucket.acl.add_writer "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId

    • user-email

    • group-groupId

    • group-email

    • domain-domain

    • project-team-projectId

    • allUsers

    • allAuthenticatedUsers



226
227
228
229
230
231
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 226

def add_writer entity
  gapi = @service.insert_bucket_acl @bucket, entity, "WRITER"
  entity = gapi.entity
  @writers.push entity unless @writers.nil?
  entity
end

#auth!Object Also known as: authenticatedRead!, auth_read!, authenticated!, authenticated_read!

Convenience method to apply the ‘authenticatedRead` predefined ACL rule to the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.auth!


333
334
335
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 333

def auth!
  update_predefined_acl! "authenticatedRead"
end

#delete(entity) ⇒ Object

Permanently deletes the entity from the bucket’s access control list.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "[email protected]"
bucket.acl.delete "user-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId

    • user-email

    • group-groupId

    • group-email

    • domain-domain

    • project-team-projectId

    • allUsers

    • allAuthenticatedUsers



304
305
306
307
308
309
310
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 304

def delete entity
  @service.delete_bucket_acl @bucket, entity
  @owners.delete entity  unless @owners.nil?
  @writers.delete entity unless @writers.nil?
  @readers.delete entity unless @readers.nil?
  true
end

#ownersArray<String>

Lists the owners of the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.owners.each { |owner| puts owner }

Returns:

  • (Array<String>) 


100
101
102
103
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 100

def owners
  reload! if @owners.nil?
  @owners
end

#private!Object

Convenience method to apply the ‘private` predefined ACL rule to the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.private!


355
356
357
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 355

def private!
  update_predefined_acl! "private"
end

#project_private!Object Also known as: projectPrivate!

Convenience method to apply the ‘projectPrivate` predefined ACL rule to the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.project_private!


373
374
375
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 373

def project_private!
  update_predefined_acl! "projectPrivate"
end

#public!Object Also known as: publicRead!, public_read!

Convenience method to apply the ‘publicRead` predefined ACL rule to the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.public!


392
393
394
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 392

def public!
  update_predefined_acl! "publicRead"
end

#public_write!Object Also known as: publicReadWrite!

Convenience method to apply the ‘publicReadWrite` predefined ACL rule to the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.public_write!


411
412
413
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 411

def public_write!
  update_predefined_acl! "publicReadWrite"
end

#readersArray<String>

Lists the readers of the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.readers.each { |reader| puts reader }

Returns:

  • (Array<String>) 


140
141
142
143
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 140

def readers
  reload! if @readers.nil?
  @readers
end

#reload!Object Also known as: refresh!

Reloads all Access Control List data for the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.reload!


76
77
78
79
80
81
82
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 76

def reload!
  gapi = @service.list_bucket_acls @bucket
  acls = Array(gapi.items)
  @owners  = entities_from_acls acls, "OWNER"
  @writers = entities_from_acls acls, "WRITER"
  @readers = entities_from_acls acls, "READER"
end

#writersArray<String>

Lists the owners of the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.writers.each { |writer| puts writer }

Returns:

  • (Array<String>) 


120
121
122
123
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 120

def writers
  reload! if @writers.nil?
  @writers
end