Class: Google::Cloud::Storage::File::Acl

Inherits:
Object
  • Object
show all
Defined in:
lib/google/cloud/storage/file/acl.rb

Overview

File Access Control List

Represents a File's Access Control List.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.readers.each { |reader| puts reader }

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#user_projectObject

A boolean value or a project ID string to indicate the project to be billed for operations on the bucket and its files. If this attribute is set to true, transit costs for operations on the bucket will be billed to the current project for this client. (See Project#project for the ID of the current project.) If this attribute is set to a project ID, and that project is authorized for the currently authenticated service account, transit costs will be billed to that project. This attribute is required with requester pays-enabled buckets. The default is nil.

In general, this attribute should be set when first retrieving the owning bucket by providing the user_project option to Project#bucket.

See also Bucket#requester_pays= and Bucket#requester_pays.



70
71
72
 
# File 'lib/google/cloud/storage/file/acl.rb', line 70

def user_project
  @user_project
end

Instance Method Details

#add_owner(entity, generation: nil) ⇒ Object

Grants owner permission to the file.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "heidi@example.net"
file.acl.add_owner "user-#{email}"

Grant access to a group by prepending "group-" to email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "authors@example.net"
file.acl.add_owner "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers
  • generation (Integer)

    When present, selects a specific revision of this object. Default is the latest version.



186
187
188
189
190
191
192
193
 
# File 'lib/google/cloud/storage/file/acl.rb', line 186

def add_owner entity, generation: nil
  gapi = @service.insert_file_acl @bucket, @file, entity, "OWNER",
                                  generation: generation,
                                  user_project: user_project
  entity = gapi.entity
  @owners.push entity unless @owners.nil?
  entity
end

#add_reader(entity, generation: nil) ⇒ Object

Grants reader permission to the file.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "heidi@example.net"
file.acl.add_reader "user-#{email}"

Grant access to a group by prepending "group-" to email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "authors@example.net"
file.acl.add_reader "group-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers
  • generation (Integer)

    When present, selects a specific revision of this object. Default is the latest version.



235
236
237
238
239
240
241
242
 
# File 'lib/google/cloud/storage/file/acl.rb', line 235

def add_reader entity, generation: nil
  gapi = @service.insert_file_acl @bucket, @file, entity, "READER",
                                  generation: generation,
                                  user_project: user_project
  entity = gapi.entity
  @readers.push entity unless @readers.nil?
  entity
end

#auth!Object Also known as: authenticatedRead!, auth_read!, authenticated!, authenticated_read!

Convenience method to apply the authenticatedRead predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.auth!


303
304
305
 
# File 'lib/google/cloud/storage/file/acl.rb', line 303

def auth!
  update_predefined_acl! "authenticatedRead"
end

#delete(entity, generation: nil) ⇒ Object

Permanently deletes the entity from the file's access control list.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
email = "heidi@example.net"
file.acl.delete "user-#{email}"

Parameters:

  • entity (String)

    The entity holding the permission, in one of the following forms:

    • user-userId
    • user-email
    • group-groupId
    • group-email
    • domain-domain
    • project-team-projectId
    • allUsers
    • allAuthenticatedUsers
  • generation (Integer)

    When present, selects a specific revision of this object. Default is the latest version.



273
274
275
276
277
278
279
280
 
# File 'lib/google/cloud/storage/file/acl.rb', line 273

def delete entity, generation: nil
  @service.delete_file_acl \
    @bucket, @file, entity,
    generation: generation, user_project: user_project
  @owners.delete entity  unless @owners.nil?
  @readers.delete entity unless @readers.nil?
  true
end

#owner_full!Object Also known as: bucketOwnerFullControl!

Convenience method to apply the bucketOwnerFullControl predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.owner_full!


325
326
327
 
# File 'lib/google/cloud/storage/file/acl.rb', line 325

def owner_full!
  update_predefined_acl! "bucketOwnerFullControl"
end

#owner_read!Object Also known as: bucketOwnerRead!

Convenience method to apply the bucketOwnerRead predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.owner_read!


344
345
346
 
# File 'lib/google/cloud/storage/file/acl.rb', line 344

def owner_read!
  update_predefined_acl! "bucketOwnerRead"
end

#ownersArray<String>

Lists the owners of the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.owners.each { |owner| puts owner }

Returns:

  • (Array<String>) 


121
122
123
124
 
# File 'lib/google/cloud/storage/file/acl.rb', line 121

def owners
  reload! if @owners.nil?
  @owners
end

#private!Object

Convenience method to apply the private predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.private!


363
364
365
 
# File 'lib/google/cloud/storage/file/acl.rb', line 363

def private!
  update_predefined_acl! "private"
end

#project_private!Object Also known as: projectPrivate!

Convenience method to apply the projectPrivate predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.project_private!


381
382
383
 
# File 'lib/google/cloud/storage/file/acl.rb', line 381

def project_private!
  update_predefined_acl! "projectPrivate"
end

#public!Object Also known as: publicRead!, public_read!

Convenience method to apply the publicRead predefined ACL rule to the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.public!


400
401
402
 
# File 'lib/google/cloud/storage/file/acl.rb', line 400

def public!
  update_predefined_acl! "publicRead"
end

#readersArray<String>

Lists the readers of the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.readers.each { |reader| puts reader }

Returns:

  • (Array<String>) 


141
142
143
144
 
# File 'lib/google/cloud/storage/file/acl.rb', line 141

def readers
  reload! if @readers.nil?
  @readers
end

#reload!Object Also known as: refresh!

Reloads all Access Control List data for the file.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.acl.reload!


97
98
99
100
101
102
103
 
# File 'lib/google/cloud/storage/file/acl.rb', line 97

def reload!
  gapi = @service.list_file_acls @bucket, @file,
                                 user_project: user_project
  acls = Array(gapi.items)
  @owners  = entities_from_acls acls, "OWNER"
  @readers = entities_from_acls acls, "READER"
end