Class: Google::Cloud::Storage::File::Acl

Inherits:
Object
  • Object
show all
Defined in:
lib/google/cloud/storage/file/acl.rb

Overview

File Access Control List

Represents a File's Access Control List.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.readers.each { |reader| puts reader }

Instance Method Summary collapse

Instance Method Details

#add_owner(entity, generation: nil) ⇒ Object

Grants owner permission to the file.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "heidi@example.net"
file.acl.add_owner "user-#{email}"

Grant access to a group by prepending "group-" to email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "authors@example.net"
file.acl.add_owner "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers
  • generation (Integer)

    When present, selects a specific revision of this object. Default is the latest version.



169
170
171
172
173
174
175
176
# File 'lib/google/cloud/storage/file/acl.rb', line 169

def add_owner entity, generation: nil
  options = { generation: generation }
  gapi = @service.insert_file_acl @bucket, @file, entity, "OWNER",
                                  options
  entity = gapi.entity
  @owners.push entity unless @owners.nil?
  entity
end

#add_reader(entity, generation: nil) ⇒ Object

Grants reader permission to the file.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "heidi@example.net"
file.acl.add_reader "user-#{email}"

Grant access to a group by prepending "group-" to email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "authors@example.net"
file.acl.add_reader "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers
  • generation (Integer)

    When present, selects a specific revision of this object. Default is the latest version.



218
219
220
221
222
223
224
225
# File 'lib/google/cloud/storage/file/acl.rb', line 218

def add_reader entity, generation: nil
  options = { generation: generation }
  gapi = @service.insert_file_acl @bucket, @file, entity, "READER",
                                  options
  entity = gapi.entity
  @readers.push entity unless @readers.nil?
  entity
end

#auth!Object Also known as: authenticatedRead!, auth_read!, authenticated!, authenticated_read!

Convenience method to apply the authenticatedRead predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.auth!


285
286
287
# File 'lib/google/cloud/storage/file/acl.rb', line 285

def auth!
  update_predefined_acl! "authenticatedRead"
end

#delete(entity, generation: nil) ⇒ Object

Permanently deletes the entity from the file's access control list.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "heidi@example.net"
file.acl.delete "user-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers
  • generation (Integer)

    When present, selects a specific revision of this object. Default is the latest version.



256
257
258
259
260
261
262
# File 'lib/google/cloud/storage/file/acl.rb', line 256

def delete entity, generation: nil
  options = { generation: generation }
  @service.delete_file_acl @bucket, @file, entity, options
  @owners.delete entity  unless @owners.nil?
  @readers.delete entity unless @readers.nil?
  true
end

#owner_full!Object Also known as: bucketOwnerFullControl!

Convenience method to apply the bucketOwnerFullControl predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.owner_full!


307
308
309
# File 'lib/google/cloud/storage/file/acl.rb', line 307

def owner_full!
  update_predefined_acl! "bucketOwnerFullControl"
end

#owner_read!Object Also known as: bucketOwnerRead!

Convenience method to apply the bucketOwnerRead predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.owner_read!


326
327
328
# File 'lib/google/cloud/storage/file/acl.rb', line 326

def owner_read!
  update_predefined_acl! "bucketOwnerRead"
end

#ownersArray<String>

Lists the owners of the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.owners.each { |owner| puts owner }

Returns:

  • (Array<String>)


104
105
106
107
# File 'lib/google/cloud/storage/file/acl.rb', line 104

def owners
  reload! if @owners.nil?
  @owners
end

#private!Object

Convenience method to apply the private predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.private!


345
346
347
# File 'lib/google/cloud/storage/file/acl.rb', line 345

def private!
  update_predefined_acl! "private"
end

#project_private!Object Also known as: projectPrivate!

Convenience method to apply the projectPrivate predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.project_private!


363
364
365
# File 'lib/google/cloud/storage/file/acl.rb', line 363

def project_private!
  update_predefined_acl! "projectPrivate"
end

#public!Object Also known as: publicRead!, public_read!

Convenience method to apply the publicRead predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.public!


382
383
384
# File 'lib/google/cloud/storage/file/acl.rb', line 382

def public!
  update_predefined_acl! "publicRead"
end

#readersArray<String>

Lists the readers of the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.readers.each { |reader| puts reader }

Returns:

  • (Array<String>)


124
125
126
127
# File 'lib/google/cloud/storage/file/acl.rb', line 124

def readers
  reload! if @readers.nil?
  @readers
end

#reload!Object Also known as: refresh!

Reloads all Access Control List data for the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.reload!


77
78
79
80
81
82
83
84
85
86
# File 'lib/google/cloud/storage/file/acl.rb', line 77

def reload!
  gapi = @service.list_file_acls @bucket, @file
  acls = Array(gapi.items).map do |acl|
    next acl if acl.is_a? Google::Apis::StorageV1::ObjectAccessControl
    fail "Unknown ACL format: #{acl.class}" unless acl.is_a? Hash
    Google::Apis::StorageV1::ObjectAccessControl.from_json acl.to_json
  end
  @owners  = entities_from_acls acls, "OWNER"
  @readers = entities_from_acls acls, "READER"
end