Class: Google::Cloud::Storage::Bucket::DefaultAcl

Inherits:
Object
  • Object
show all
Defined in:
lib/google/cloud/storage/bucket/acl.rb

Overview

Bucket Default Access Control List

Represents a Bucket's Default Access Control List.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.default_acl.readers.each { |reader| puts reader }

Instance Method Summary collapse

Instance Method Details

#add_owner(entity) ⇒ Object

Grants default owner permission to files in the bucket.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "heidi@example.net"
bucket.default_acl.add_owner "user-#{email}"

Grant access to a group by prepending "group-" to email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "authors@example.net"
bucket.default_acl.add_owner "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers


584
585
586
587
588
589
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 584

def add_owner entity
  gapi = @service.insert_default_acl @bucket, entity, "OWNER"
  entity = gapi.entity
  @owners.push entity unless @owners.nil?
  entity
end

#add_reader(entity) ⇒ Object

Grants default reader permission to files in the bucket.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "heidi@example.net"
bucket.default_acl.add_reader "user-#{email}"

Grant access to a group by prepending "group-" to email:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "authors@example.net"
bucket.default_acl.add_reader "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers


628
629
630
631
632
633
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 628

def add_reader entity
  gapi = @service.insert_default_acl @bucket, entity, "READER"
  entity = gapi.entity
  @readers.push entity unless @readers.nil?
  entity
end

#auth!Object Also known as: authenticatedRead!, auth_read!, authenticated!, authenticated_read!

Convenience method to apply the default authenticatedRead predefined ACL rule to files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.auth!


690
691
692
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 690

def auth!
  update_predefined_default_acl! "authenticatedRead"
end

#delete(entity) ⇒ Object

Permanently deletes the entity from the bucket's default access control list for files.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

email = "heidi@example.net"
bucket.default_acl.delete "user-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers


662
663
664
665
666
667
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 662

def delete entity
  @service.delete_default_acl @bucket, entity
  @owners.delete entity  unless @owners.nil?
  @readers.delete entity unless @readers.nil?
  true
end

#owner_full!Object Also known as: bucketOwnerFullControl!

Convenience method to apply the default bucketOwnerFullControl predefined ACL rule to files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.owner_full!


712
713
714
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 712

def owner_full!
  update_predefined_default_acl! "bucketOwnerFullControl"
end

#owner_read!Object Also known as: bucketOwnerRead!

Convenience method to apply the default bucketOwnerRead predefined ACL rule to files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.owner_read!


731
732
733
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 731

def owner_read!
  update_predefined_default_acl! "bucketOwnerRead"
end

#ownersArray<String>

Lists the default owners for files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.default_acl.owners.each { |owner| puts owner }

Returns:

  • (Array<String>) 


522
523
524
525
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 522

def owners
  reload! if @owners.nil?
  @owners
end

#private!Object

Convenience method to apply the default private predefined ACL rule to files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.private!


750
751
752
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 750

def private!
  update_predefined_default_acl! "private"
end

#project_private!Object Also known as: projectPrivate!

Convenience method to apply the default projectPrivate predefined ACL rule to files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.project_private!


768
769
770
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 768

def project_private!
  update_predefined_default_acl! "projectPrivate"
end

#public!Object Also known as: publicRead!, public_read!

Convenience method to apply the default publicRead predefined ACL rule to files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.acl.public!


787
788
789
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 787

def public!
  update_predefined_default_acl! "publicRead"
end

#readersArray<String>

Lists the default readers for files in the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.default_acl.readers.each { |reader| puts reader }

Returns:

  • (Array<String>) 


542
543
544
545
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 542

def readers
  reload! if @readers.nil?
  @readers
end

#reload!Object Also known as: refresh!

Reloads all Default Access Control List data for the bucket.

Examples:

require "google/cloud"

gcloud = Google::Cloud.new
storage = gcloud.storage

bucket = storage.bucket "my-bucket"

bucket.default_acl.reload!


493
494
495
496
497
498
499
500
501
502
503
504
 
# File 'lib/google/cloud/storage/bucket/acl.rb', line 493

def reload!
  gapi = @service.list_default_acls @bucket
  acls = Array(gapi.items).map do |acl|
    if acl.is_a? Google::Apis::StorageV1::ObjectAccessControl
      return acl
    end
    fail "Unknown ACL format: #{acl.class}" unless acl.is_a? Hash
    Google::Apis::StorageV1::ObjectAccessControl.from_json acl.to_json
  end
  @owners  = entities_from_acls acls, "OWNER"
  @readers = entities_from_acls acls, "READER"
end