Class: Google::Cloud::Storage::Bucket

Inherits:

Object

• Object
• Google::Cloud::Storage::Bucket

Defined in:

lib/google/cloud/storage/bucket.rb,
lib/google/cloud/storage/bucket/acl.rb,
lib/google/cloud/storage/bucket/cors.rb,
lib/google/cloud/storage/bucket/list.rb

Overview

Bucket

Represents a Storage bucket. Belongs to a Project and has many Files.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
file = bucket.file "path/to/my-file.ext"

Direct Known Subclasses

Updater

Defined Under Namespace

Classes: Acl, Cors, DefaultAcl, List, Updater

Instance Attribute Summary

• #user_project ⇒ Object

  A boolean value or a project ID string to indicate the project to be billed for operations on the bucket and its files.

Instance Method Summary

• #acl ⇒ Object

  The Bucket::Acl instance used to control access to the bucket.

• #api_url ⇒ Object

  A URL that can be used to access the bucket using the REST API.

• #compose(sources, destination, acl: nil, encryption_key: nil) {|file| ... } ⇒ Google::Cloud::Storage::File (also: #compose_file, #combine)

  Concatenates a list of existing files in the bucket into a new file in the bucket.

• #cors {|cors| ... } ⇒ Object

  Returns the current CORS configuration for a static website served from the bucket.

• #create_file(file, path = nil, acl: nil, cache_control: nil, content_disposition: nil, content_encoding: nil, content_language: nil, content_type: nil, crc32c: nil, md5: nil, metadata: nil, storage_class: nil, encryption_key: nil) ⇒ Google::Cloud::Storage::File (also: #upload_file, #new_file)

  Creates a new File object by providing a path to a local file (or any IO or IO-ish object) to upload, along with the path at which to store it in the bucket.

• #create_notification(topic, custom_attrs: nil, event_types: nil, prefix: nil, payload: nil) ⇒ Google::Cloud::Storage::Notification (also: #new_notification)

  Creates a new Pub/Sub notification subscription for the bucket.

• #created_at ⇒ Object

  Creation time of the bucket.

• #default_acl ⇒ Object

  The Bucket::DefaultAcl instance used to control access to the bucket's files.

• #delete ⇒ Boolean

  Permanently deletes the bucket.

• #exists? ⇒ Boolean

  Determines whether the bucket exists in the Storage service.

• #file(path, generation: nil, skip_lookup: nil, encryption_key: nil) ⇒ Google::Cloud::Storage::File^? (also: #find_file)

  Retrieves a file matching the path.

• #files(prefix: nil, delimiter: nil, token: nil, max: nil, versions: nil) ⇒ Array<Google::Cloud::Storage::File> (also: #find_files)

  Retrieves a list of files matching the criteria.

• #id ⇒ Object

  The ID of the bucket.

• #kind ⇒ Object

  The kind of item this is.

• #labels ⇒ Object

  A hash of user-provided labels.

• #labels=(labels) ⇒ Object

  Updates the hash of user-provided labels.

• #location ⇒ Object

  The location of the bucket.

• #logging_bucket ⇒ Object

  The destination bucket name for the bucket's logs.

• #logging_bucket=(logging_bucket) ⇒ Object

  Updates the destination bucket for the bucket's logs.

• #logging_prefix ⇒ Object

  The logging object prefix for the bucket's logs.

• #logging_prefix=(logging_prefix) ⇒ Object

  Updates the logging object prefix.

• #name ⇒ Object

  The name of the bucket.

• #notification(id) ⇒ Google::Cloud::Storage::Notification^? (also: #find_notification)

  Retrieves a Pub/Sub notification subscription for the bucket.

• #notifications ⇒ Array<Google::Cloud::Storage::Notification> (also: #find_notifications)

  Retrieves the entire list of Pub/Sub notification subscriptions for the bucket.

• #policy(force: nil) {|policy| ... } ⇒ Policy

  Gets and updates the Cloud IAM access control policy for this bucket.

• #policy=(new_policy) ⇒ Policy

  Updates the Cloud IAM access control policy for this bucket.

• #post_object(path, policy: nil, issuer: nil, client_email: nil, signing_key: nil, private_key: nil) ⇒ PostObject

  Generate a PostObject that includes the fields and url to upload objects via html forms.

• #reload! ⇒ Object (also: #refresh!)

  Reloads the bucket with current data from the Storage service.

• #requester_pays ⇒ Boolean^? (also: #requester_pays?)

  Indicates that a client accessing the bucket or a file it contains must assume the transit costs related to the access.

• #requester_pays=(new_requester_pays) ⇒ Object

  Enables requester pays for the bucket.

• #signed_url(path, method: nil, expires: nil, content_type: nil, content_md5: nil, headers: nil, issuer: nil, client_email: nil, signing_key: nil, private_key: nil, query: nil) ⇒ Object

  Access without authentication can be granted to a File for a specified period of time.

• #storage_class ⇒ Object

  The bucket's storage class.

• #storage_class=(new_storage_class) ⇒ Object

  Updates the bucket's storage class.

• #test_permissions(*permissions) ⇒ Array<String>

  Tests the specified permissions against the Cloud IAM access control policy.

• #update {|bucket| ... } ⇒ Object

  Updates the bucket with changes made in the given block in a single PATCH request.

• #versioning=(new_versioning) ⇒ Boolean

  Updates whether Object Versioning is enabled for the bucket.

• #versioning? ⇒ Boolean

  Whether Object Versioning is enabled for the bucket.

• #website_404 ⇒ Object

  The page returned from a static website served from the bucket when a site visitor requests a resource that does not exist.

• #website_404=(website_404) ⇒ Object

  Updates the page returned from a static website served from the bucket when a site visitor requests a resource that does not exist.

• #website_main ⇒ Object

  The index page returned from a static website served from the bucket when a site visitor requests the top level directory.

• #website_main=(website_main) ⇒ Object

  Updates the index page returned from a static website served from the bucket when a site visitor requests the top level directory.

Instance Attribute Details

#user_project ⇒ Object

A boolean value or a project ID string to indicate the project to be billed for operations on the bucket and its files. If this attribute is set to true, transit costs for operations on the bucket will be billed to the current project for this client. (See Project#project for the ID of the current project.) If this attribute is set to a project ID, and that project is authorized for the currently authenticated service account, transit costs will be billed to that project. This attribute is required with requester pays-enabled buckets. The default is nil.

In general, this attribute should be set when first retrieving the bucket by providing the user_project option to Project#bucket.

See also #requester_pays= and #requester_pays.

Examples:

Setting a non-default project:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "other-project-bucket", user_project: true
files = bucket.files # Billed to current project
bucket.user_project = "my-other-project"
files = bucket.files # Billed to "my-other-project"

# File 'lib/google/cloud/storage/bucket.rb', line 76

def user_project
  @user_project
end

Instance Method Details

#acl ⇒ Object

The Bucket::Acl instance used to control access to the bucket.

A bucket has owners, writers, and readers. Permissions can be granted to an individual user's email address, a group's email address, as well as many predefined lists.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

email = "heidi@example.net"
bucket.acl.add_reader "user-#{email}"

Grant access to a group by prepending "group-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

email = "authors@example.net"
bucket.acl.add_reader "group-#{email}"

Or, grant access via a predefined permissions list:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

bucket.acl.public!

See Also:

• Access Control guide

# File 'lib/google/cloud/storage/bucket.rb', line 1073

def acl
  @acl ||= Bucket::Acl.new self
end

#api_url ⇒ Object

A URL that can be used to access the bucket using the REST API.

# File 'lib/google/cloud/storage/bucket.rb', line 107

def api_url
  @gapi.self_link
end

#compose(sources, destination, acl: nil, encryption_key: nil) {|file| ... } ⇒ Google::Cloud::Storage::File Also known as: compose_file, combine

Concatenates a list of existing files in the bucket into a new file in the bucket. There is a limit (currently 32) to the number of files that can be composed in a single operation.

To compose files encrypted with a customer-supplied encryption key, use the encryption_key option. All source files must have been encrypted with the same key, and the resulting destination file will also be encrypted with the same key.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

sources = ["path/to/my-file-1.ext", "path/to/my-file-2.ext"]

new_file = bucket.compose sources, "path/to/new-file.ext"

Set the properties of the new file in a block:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

sources = ["path/to/my-file-1.ext", "path/to/my-file-2.ext"]

new_file = bucket.compose sources, "path/to/new-file.ext" do |f|
  f.cache_control = "private, max-age=0, no-cache"
  f.content_disposition = "inline; filename=filename.ext"
  f.content_encoding = "deflate"
  f.content_language = "de"
  f.content_type = "application/json"
end

Specify the generation of source files (but skip retrieval):

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file_1 = bucket.file "path/to/my-file-1.ext",
                     generation: 1490390259479000, skip_lookup: true
file_2 = bucket.file "path/to/my-file-2.ext",
                     generation: 1490310974144000, skip_lookup: true

new_file = bucket.compose [file_1, file_2], "path/to/new-file.ext"

Parameters:

• sources (Array<String, Google::Cloud::Storage::File>) —

  The list of source file names or objects that will be concatenated into a single file.

• destination (String) —

  The name of the new file.

• acl (String) —

  A predefined set of access controls to apply to this file.

  Acceptable values are:

  • auth, auth_read, authenticated, authenticated_read, authenticatedRead - File owner gets OWNER access, and allAuthenticatedUsers get READER access.
  • owner_full, bucketOwnerFullControl - File owner gets OWNER access, and project team owners get OWNER access.
  • owner_read, bucketOwnerRead - File owner gets OWNER access, and project team owners get READER access.
  • private - File owner gets OWNER access.
  • project_private, projectPrivate - File owner gets OWNER access, and project team members get access according to their roles.
  • public, public_read, publicRead - File owner gets OWNER access, and allUsers get READER access.
• encryption_key (String, nil) —

  Optional. The customer-supplied, AES-256 encryption key used to encrypt the source files, if one was used. All source files must have been encrypted with the same key, and the resulting destination file will also be encrypted with the key.

Yields:

• (file) —

  A block yielding a delegate file object for setting the properties of the destination file.

Returns:

• (Google::Cloud::Storage::File) —

  The new file.

# File 'lib/google/cloud/storage/bucket.rb', line 795

def compose sources, destination, acl: nil, encryption_key: nil
  ensure_service!
  sources = Array sources
  if sources.size < 2
    fail ArgumentError, "must provide at least two source files"
  end

  options = { acl: File::Acl.predefined_rule_for(acl),
              key: encryption_key,
              user_project: user_project }
  destination_gapi = nil
  if block_given?
    destination_gapi = Google::Apis::StorageV1::Object.new
    updater = File::Updater.new destination_gapi
    yield updater
    updater.check_for_changed_metadata!
  end
  gapi = service.compose_file name, sources, destination,
                              destination_gapi, options
  File.from_gapi gapi, service, user_project: user_project
end

#cors {|cors| ... } ⇒ Object

Returns the current CORS configuration for a static website served from the bucket.

The return value is a frozen (unmodifiable) array of hashes containing the attributes specified for the Bucket resource field cors.

This method also accepts a block for updating the bucket's CORS rules. See Cors for details.

Examples:

Retrieving the bucket's CORS rules.

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
bucket.cors.size #=> 2
rule = bucket.cors.first
rule.origin #=> ["http://example.org"]
rule.methods #=> ["GET","POST","DELETE"]
rule.headers #=> ["X-My-Custom-Header"]
rule.max_age #=> 3600

Updating the bucket's CORS rules inside a block.

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-todo-app"

bucket.update do |b|
  b.cors do |c|
    c.add_rule ["http://example.org", "https://example.org"],
               "*",
               headers: ["X-My-Custom-Header"],
               max_age: 3600
  end
end

Yields:

• (cors) —

  a block for setting CORS rules

Yield Parameters:

• cors (Bucket::Cors) —

  the object accepting CORS rules

See Also:

• Cross-Origin Resource Sharing (CORS)

# File 'lib/google/cloud/storage/bucket.rb', line 162

def cors
  cors_builder = Bucket::Cors.from_gapi @gapi.cors_configurations
  if block_given?
    yield cors_builder
    if cors_builder.changed?
      @gapi.cors_configurations = cors_builder.to_gapi
      patch_gapi! :cors_configurations
    end
  end
  cors_builder.freeze # always return frozen objects
end

#create_file(file, path = nil, acl: nil, cache_control: nil, content_disposition: nil, content_encoding: nil, content_language: nil, content_type: nil, crc32c: nil, md5: nil, metadata: nil, storage_class: nil, encryption_key: nil) ⇒ Google::Cloud::Storage::File Also known as: upload_file, new_file

Creates a new File object by providing a path to a local file (or any IO or IO-ish object) to upload, along with the path at which to store it in the bucket.

Customer-supplied encryption keys

By default, Google Cloud Storage manages server-side encryption keys on your behalf. However, a customer-supplied encryption key can be provided with the encryption_key option. If given, the same key must be provided to subsequently download or copy the file. If you use customer-supplied encryption keys, you must securely manage your keys and ensure that they are not lost. Also, please note that file metadata is not encrypted, with the exception of the CRC32C checksum and MD5 hash. The names of files and buckets are also not encrypted, and you can read or update the metadata of an encrypted file without providing the encryption key.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

bucket.create_file "path/to/local.file.ext"

Specifying a destination path:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

bucket.create_file "path/to/local.file.ext",
                   "destination/path/file.ext"

Providing a customer-supplied encryption key:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

# Key generation shown for example purposes only. Write your own.
cipher = OpenSSL::Cipher.new "aes-256-cfb"
cipher.encrypt
key = cipher.random_key

bucket.create_file "path/to/local.file.ext",
                   "destination/path/file.ext",
                   encryption_key: key

# Store your key and hash securely for later use.
file = bucket.file "destination/path/file.ext",
                   encryption_key: key

Parameters:

• file (String, IO) —

  Path of the file on the filesystem to upload. Can be an IO object, or IO-ish object like StringIO. (If the IO object does not have path, a path argument must be also be provided.)

• path (String) (defaults to: nil) —

  Path to store the file in Google Cloud Storage.

• acl (String) —

  A predefined set of access controls to apply to this file.

  Acceptable values are:

  • auth, auth_read, authenticated, authenticated_read, authenticatedRead - File owner gets OWNER access, and allAuthenticatedUsers get READER access.
  • owner_full, bucketOwnerFullControl - File owner gets OWNER access, and project team owners get OWNER access.
  • owner_read, bucketOwnerRead - File owner gets OWNER access, and project team owners get READER access.
  • private - File owner gets OWNER access.
  • project_private, projectPrivate - File owner gets OWNER access, and project team members get access according to their roles.
  • public, public_read, publicRead - File owner gets OWNER access, and allUsers get READER access.
• cache_control (String) —

  The Cache-Control response header to be returned when the file is downloaded.

• content_disposition (String) —

  The Content-Disposition response header to be returned when the file is downloaded.

• content_encoding (String) —

  The Content-Encoding response header to be returned when the file is downloaded.

• content_language (String) —

  The Content-Language response header to be returned when the file is downloaded.

• content_type (String) —

  The Content-Type response header to be returned when the file is downloaded.

• crc32c (String) —

  The CRC32c checksum of the file data, as described in RFC 4960, Appendix B. If provided, Cloud Storage will only create the file if the value matches the value calculated by the service. See Validation for more information.

• md5 (String) —

  The MD5 hash of the file data. If provided, Cloud Storage will only create the file if the value matches the value calculated by the service. See Validation for more information.

• metadata (Hash) —

  A hash of custom, user-provided web-safe keys and arbitrary string values that will returned with requests for the file as "x-goog-meta-" response headers.

• storage_class (Symbol, String) —

  Storage class of the file. Determines how the file is stored and determines the SLA and the cost of storage. Accepted values include :multi_regional, :regional, :nearline, and :coldline, as well as the equivalent strings returned by #storage_class. For more information, see Storage Classes and Per-Object Storage Class. The default value is the default storage class for the bucket.

• encryption_key (String) —

  Optional. A customer-supplied, AES-256 encryption key that will be used to encrypt the file.

Returns:

• (Google::Cloud::Storage::File)

# File 'lib/google/cloud/storage/bucket.rb', line 685

def create_file file, path = nil, acl: nil, cache_control: nil,
                content_disposition: nil, content_encoding: nil,
                content_language: nil, content_type: nil,
                crc32c: nil, md5: nil, metadata: nil,
                storage_class: nil, encryption_key: nil
  ensure_service!
  options = { acl: File::Acl.predefined_rule_for(acl), md5: md5,
              cache_control: cache_control, content_type: content_type,
              content_disposition: content_disposition, crc32c: crc32c,
              content_encoding: content_encoding, metadata: metadata,
              content_language: content_language, key: encryption_key,
              storage_class: storage_class_for(storage_class),
              user_project: user_project }
  ensure_io_or_file_exists! file
  path ||= file.path if file.respond_to? :path
  path ||= file if file.is_a? String
  fail ArgumentError, "must provide path" if path.nil?

  gapi = service.insert_file name, file, path, options
  File.from_gapi gapi, service, user_project: user_project
end

#create_notification(topic, custom_attrs: nil, event_types: nil, prefix: nil, payload: nil) ⇒ Google::Cloud::Storage::Notification Also known as: new_notification

Creates a new Pub/Sub notification subscription for the bucket.

Examples:

require "google/cloud/pubsub"
require "google/cloud/storage"

pubsub = Google::Cloud::Pubsub.new
topic = pubsub.create_topic "my-topic"
topic.policy do |p|
  p.add "roles/pubsub.publisher",
        "serviceAccount:my-project" \
        "@gs-project-accounts.iam.gserviceaccount.com"
end

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

notification = bucket.create_notification topic.name

Parameters:

• topic (String) —

  The name of the Cloud PubSub topic to which the notification subscription will publish.

• custom_attrs (Hash(String => String)) —

  The custom attributes for the notification. An optional list of additional attributes to attach to each Cloud Pub/Sub message published for the notification subscription.

• event_types (Symbol, String, Array<Symbol, String>) —

  The event types for the notification subscription. If provided, messages will only be sent for the listed event types. If empty, messages will be sent for all event types.

  Acceptable values are:

  • :finalize - Sent when a new object (or a new generation of an existing object) is successfully created in the bucket. This includes copying or rewriting an existing object. A failed upload does not trigger this event.
  • :update - Sent when the metadata of an existing object changes.
  • :delete - Sent when an object has been permanently deleted. This includes objects that are overwritten or are deleted as part of the bucket's lifecycle configuration. For buckets with object versioning enabled, this is not sent when an object is archived (see OBJECT_ARCHIVE), even if archival occurs via the File#delete method.
  • :archive - Only sent when the bucket has enabled object versioning. This event indicates that the live version of an object has become an archived version, either because it was archived or because it was overwritten by the upload of an object of the same name.
• prefix (String) —

  The file name prefix for the notification subscription. If provided, the notification will only be applied to file names that begin with this prefix.

• payload (Symbol, String, Boolean) —

  The desired content of the Pub/Sub message payload. Acceptable values are:

  • :json or true - The Pub/Sub message payload will be a UTF-8 string containing the resource representation of the file's metadata.
  • :none or false - No payload is included with the notification.

  The default value is :json.

Returns:

• (Google::Cloud::Storage::Notification)

See Also:

• Cloud Pub/Sub Notifications for Google Cloud

# File 'lib/google/cloud/storage/bucket.rb', line 1374

def create_notification topic, custom_attrs: nil, event_types: nil,
                        prefix: nil, payload: nil
  ensure_service!
  options = { custom_attrs: custom_attrs, event_types: event_types,
              prefix: prefix, payload: payload,
              user_project: user_project }

  gapi = service.insert_notification name, topic, options
  Notification.from_gapi name, gapi, service, user_project: user_project
end

#created_at ⇒ Object

Creation time of the bucket.

# File 'lib/google/cloud/storage/bucket.rb', line 113

def created_at
  @gapi.time_created
end

#default_acl ⇒ Object

The Bucket::DefaultAcl instance used to control access to the bucket's files.

A bucket's files have owners, writers, and readers. Permissions can be granted to an individual user's email address, a group's email address, as well as many predefined lists.

Examples:

Grant access to a user by prepending "user-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

email = "heidi@example.net"
bucket.default_acl.add_reader "user-#{email}"

Grant access to a group by prepending "group-" to an email

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

email = "authors@example.net"
bucket.default_acl.add_reader "group-#{email}"

Or, grant access via a predefined permissions list:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

bucket.default_acl.public!

See Also:

• Access Control guide

# File 'lib/google/cloud/storage/bucket.rb', line 1117

def default_acl
  @default_acl ||= Bucket::DefaultAcl.new self
end

#delete ⇒ Boolean

Permanently deletes the bucket. The bucket must be empty before it can be deleted.

The API call to delete the bucket may be retried under certain conditions. See Google::Cloud#storage to control this behavior.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
bucket.delete

Returns:

• (Boolean) —

  Returns true if the bucket was deleted.

# File 'lib/google/cloud/storage/bucket.rb', line 448

def delete
  ensure_service!
  service.delete_bucket name, user_project: user_project
  true
end

#exists? ⇒ Boolean

Determines whether the bucket exists in the Storage service.

Returns:

• (Boolean)

# File 'lib/google/cloud/storage/bucket.rb', line 1399

def exists?
  # Always true if we have a grpc object
  return true unless lazy?
  # If we have a value, return it
  return @exists unless @exists.nil?
  ensure_gapi!
  @exists = true
rescue Google::Cloud::NotFoundError
  @exists = false
end

#file(path, generation: nil, skip_lookup: nil, encryption_key: nil) ⇒ Google::Cloud::Storage::File^? Also known as: find_file

Retrieves a file matching the path.

If a customer-supplied encryption key was used with #create_file, the encryption_key option must be provided or else the file's CRC32C checksum and MD5 hash will not be returned.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
puts file.name

Parameters:

• path (String) —

  Name (path) of the file.

• generation (Integer) —

  When present, selects a specific revision of this object. Default is the latest version.

• skip_lookup (Boolean) —

  Optionally create a Bucket object without verifying the bucket resource exists on the Storage service. Calls made on this object will raise errors if the bucket resource does not exist. Default is false.

• encryption_key (String) —

  Optional. The customer-supplied, AES-256 encryption key used to encrypt the file, if one was provided to #create_file. (Not used if skip_lookup is also set.)

Returns:

• (Google::Cloud::Storage::File, nil) —

  Returns nil if file does not exist

# File 'lib/google/cloud/storage/bucket.rb', line 546

def file path, generation: nil, skip_lookup: nil, encryption_key: nil
  ensure_service!
  if skip_lookup
    return File.new_lazy name, path, service,
                         generation: generation,
                         user_project: user_project
  end
  gapi = service.get_file name, path, generation: generation,
                                      key: encryption_key,
                                      user_project: user_project
  File.from_gapi gapi, service, user_project: user_project
rescue Google::Cloud::NotFoundError
  nil
end

#files(prefix: nil, delimiter: nil, token: nil, max: nil, versions: nil) ⇒ Array<Google::Cloud::Storage::File> Also known as: find_files

Retrieves a list of files matching the criteria.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
files = bucket.files
files.each do |file|
  puts file.name
end

Retrieve all files: (See File::List#all)

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
files = bucket.files
files.all do |file|
  puts file.name
end

Parameters:

• prefix (String) —

  Filter results to files whose names begin with this prefix.

• delimiter (String) —

  Returns results in a directory-like mode. items will contain only objects whose names, aside from the prefix, do not contain delimiter. Objects whose names, aside from the prefix, contain delimiter will have their name, truncated after the delimiter, returned in prefixes. Duplicate prefixes are omitted.

• token (String) —

  A previously-returned page token representing part of the larger set of results to view.

• max (Integer) —

  Maximum number of items plus prefixes to return. As duplicate prefixes are omitted, fewer total results may be returned than requested. The default value of this parameter is 1,000 items.

• versions (Boolean) —

  If true, lists all versions of an object as distinct results. The default is false. For more information, see Object Versioning .

Returns:

• (Array<Google::Cloud::Storage::File>) —

  (See File::List)

# File 'lib/google/cloud/storage/bucket.rb', line 501

def files prefix: nil, delimiter: nil, token: nil, max: nil,
          versions: nil
  ensure_service!
  gapi = service.list_files name, prefix: prefix, delimiter: delimiter,
                                  token: token, max: max,
                                  versions: versions,
                                  user_project: user_project
  File::List.from_gapi gapi, service, name, prefix, delimiter, max,
                       versions, user_project: user_project
end

#id ⇒ Object

The ID of the bucket.

# File 'lib/google/cloud/storage/bucket.rb', line 95

def id
  @gapi.id
end

#kind ⇒ Object

The kind of item this is. For buckets, this is always storage#bucket.

# File 'lib/google/cloud/storage/bucket.rb', line 89

def kind
  @gapi.kind
end

#labels ⇒ Object

A hash of user-provided labels. The hash is frozen and changes are not allowed.

# File 'lib/google/cloud/storage/bucket.rb', line 313

def labels
  m = @gapi.labels
  m = m.to_h if m.respond_to? :to_h
  m.dup.freeze
end

#labels=(labels) ⇒ Object

Updates the hash of user-provided labels.

# File 'lib/google/cloud/storage/bucket.rb', line 321

def labels= labels
  @gapi.labels = labels
  patch_gapi! :labels
end

#location ⇒ Object

The location of the bucket. Object data for objects in the bucket resides in physical storage within this region. Defaults to US. See the developer's guide for the authoritative list.

See Also:

• https://cloud.google.com/storage/docs/concepts-techniques

# File 'lib/google/cloud/storage/bucket.rb', line 181

def location
  @gapi.location
end

#logging_bucket ⇒ Object

The destination bucket name for the bucket's logs.

See Also:

• Access Logs

# File 'lib/google/cloud/storage/bucket.rb', line 190

def logging_bucket
  @gapi.logging.log_bucket if @gapi.logging
end

#logging_bucket=(logging_bucket) ⇒ Object

Updates the destination bucket for the bucket's logs.

Parameters:

• logging_bucket (String) —

  The bucket to hold the logging output

See Also:

• Access Logs

# File 'lib/google/cloud/storage/bucket.rb', line 201

def logging_bucket= logging_bucket
  @gapi.logging ||= Google::Apis::StorageV1::Bucket::Logging.new
  @gapi.logging.log_bucket = logging_bucket
  patch_gapi! :logging
end

#logging_prefix ⇒ Object

The logging object prefix for the bucket's logs. For more information,

See Also:

• Access Logs

# File 'lib/google/cloud/storage/bucket.rb', line 212

def logging_prefix
  @gapi.logging.log_object_prefix if @gapi.logging
end

#logging_prefix=(logging_prefix) ⇒ Object

Updates the logging object prefix. This prefix will be used to create log object names for the bucket. It can be at most 900 characters and must be a valid object name. By default, the object prefix is the name of the bucket for which the logs are enabled.

See Also:

• Access Logs

# File 'lib/google/cloud/storage/bucket.rb', line 226

def logging_prefix= logging_prefix
  @gapi.logging ||= Google::Apis::StorageV1::Bucket::Logging.new
  @gapi.logging.log_object_prefix = logging_prefix
  patch_gapi! :logging
end

#name ⇒ Object

The name of the bucket.

# File 'lib/google/cloud/storage/bucket.rb', line 101

def name
  @gapi.name
end

#notification(id) ⇒ Google::Cloud::Storage::Notification^? Also known as: find_notification

Retrieves a Pub/Sub notification subscription for the bucket.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

notification = bucket.notification "1"
puts notification.id

Parameters:

• id (String) —

  The Notification ID.

Returns:

• (Google::Cloud::Storage::Notification, nil) —

  Returns nil if the notification does not exist

See Also:

• Cloud Pub/Sub Notifications for Google Cloud

# File 'lib/google/cloud/storage/bucket.rb', line 1296

def notification id
  ensure_service!
  gapi = service.get_notification name, id, user_project: user_project
  Notification.from_gapi name, gapi, service, user_project: user_project
rescue Google::Cloud::NotFoundError
  nil
end

#notifications ⇒ Array<Google::Cloud::Storage::Notification> Also known as: find_notifications

Retrieves the entire list of Pub/Sub notification subscriptions for the bucket.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
notifications = bucket.notifications
notifications.each do |notification|
  puts notification.id
end

Returns:

• (Array<Google::Cloud::Storage::Notification>)

See Also:

• Cloud Pub/Sub Notifications for Google Cloud

# File 'lib/google/cloud/storage/bucket.rb', line 1265

def notifications
  ensure_service!
  gapi = service.list_notifications name, user_project: user_project
  Array(gapi.items).map do |gapi_object|
    Notification.from_gapi name, gapi_object, service,
                           user_project: user_project
  end
end

#policy(force: nil) {|policy| ... } ⇒ Policy

Gets and updates the Cloud IAM access control policy for this bucket.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

policy = bucket.policy

Retrieve the latest policy and update it in a block:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

bucket.policy do |p|
  p.add "roles/owner", "user:owner@example.com"
end

Parameters:

• force (Boolean) —

  [Deprecated] Force the latest policy to be retrieved from the Storage service when true. Deprecated because the latest policy is now always retrieved. The default is nil.

Yields:

• (policy) —

  A block for updating the policy. The latest policy will be read from the service and passed to the block. After the block completes, the modified policy will be written to the service.

Yield Parameters:

• policy (Policy) —

  the current Cloud IAM Policy for this bucket

Returns:

• (Policy) —

  the current Cloud IAM Policy for this bucket

See Also:

• Managing Policies
• Buckets: setIamPolicy

# File 'lib/google/cloud/storage/bucket.rb', line 1162

def policy force: nil
  warn "DEPRECATED: 'force' in Bucket#policy" unless force.nil?
  ensure_service!
  gapi = service.get_bucket_policy name, user_project: user_project
  policy = Policy.from_gapi gapi
  return policy unless block_given?
  yield policy
  self.policy = policy
end

#policy=(new_policy) ⇒ Policy

Updates the Cloud IAM access control policy for this bucket. The policy should be read from #policy. See Policy for an explanation of the policy etag property and how to modify policies.

You can also update the policy by passing a block to #policy, which will call this method internally after the block completes.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

policy = bucket.policy # API call

policy.add "roles/owner", "user:owner@example.com"

bucket.policy = policy # API call

Parameters:

• new_policy (Policy) —

  a new or modified Cloud IAM Policy for this bucket

Returns:

• (Policy) —

  The policy returned by the API update operation.

See Also:

• Managing Policies
• Buckets: setIamPolicy

# File 'lib/google/cloud/storage/bucket.rb', line 1204

def policy= new_policy
  ensure_service!
  gapi = service.set_bucket_policy name, new_policy.to_gapi,
                                   user_project: user_project
  Policy.from_gapi gapi
end

#post_object(path, policy: nil, issuer: nil, client_email: nil, signing_key: nil, private_key: nil) ⇒ PostObject

Generate a PostObject that includes the fields and url to upload objects via html forms.

Generating a PostObject requires service account credentials, either by connecting with a service account when calling Google::Cloud.storage, or by passing in the service account issuer and signing_key values. Although the private key can be passed as a string for convenience, creating and storing an instance of # OpenSSL::PKey::RSA is more efficient when making multiple calls to post_object.

A SignedUrlUnavailable is raised if the service account credentials are missing. Service account credentials are acquired by following the steps in Service Account Authentication.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
post = bucket.post_object "avatars/heidi/400x400.png"

post.url #=> "https://storage.googleapis.com"
post.fields[:key] #=> "my-todo-app/avatars/heidi/400x400.png"
post.fields[:GoogleAccessId] #=> "0123456789@gserviceaccount.com"
post.fields[:signature] #=> "ABC...XYZ="
post.fields[:policy] #=> "ABC...XYZ="

Using a policy to define the upload authorization:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

policy = {
  expiration: (Time.now + 3600).iso8601,
  conditions: [
    ["starts-with", "$key", ""],
    {acl: "bucket-owner-read"},
    {bucket: "travel-maps"},
    {success_action_redirect: "http://example.com/success.html"},
    ["eq", "$Content-Type", "image/jpeg"],
    ["content-length-range", 0, 1000000]
  ]
}

bucket = storage.bucket "my-todo-app"
post = bucket.post_object "avatars/heidi/400x400.png",
                           policy: policy

post.url #=> "https://storage.googleapis.com"
post.fields[:key] #=> "my-todo-app/avatars/heidi/400x400.png"
post.fields[:GoogleAccessId] #=> "0123456789@gserviceaccount.com"
post.fields[:signature] #=> "ABC...XYZ="
post.fields[:policy] #=> "ABC...XYZ="

Using the issuer and signing_key options:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
key = OpenSSL::PKey::RSA.new
post = bucket.post_object "avatars/heidi/400x400.png",
                          issuer: "service-account@gcloud.com",
                          signing_key: key

post.url #=> "https://storage.googleapis.com"
post.fields[:key] #=> "my-todo-app/avatars/heidi/400x400.png"
post.fields[:GoogleAccessId] #=> "0123456789@gserviceaccount.com"
post.fields[:signature] #=> "ABC...XYZ="
post.fields[:policy] #=> "ABC...XYZ="

Parameters:

• path (String) —

  Path to the file in Google Cloud Storage.

• policy (Hash) —

  The security policy that describes what can and cannot be uploaded in the form. When provided, the PostObject fields will include a Signature based on the JSON representation of this Hash and the same policy in Base64 format. If you do not provide a security policy, requests are considered to be anonymous and will only work with buckets that have granted WRITE or FULL_CONTROL permission to anonymous users. See Policy Document for more information.

• issuer (String) —

  Service Account's Client Email.

• client_email (String) —

  Service Account's Client Email.

• signing_key (OpenSSL::PKey::RSA, String) —

  Service Account's Private Key.

• private_key (OpenSSL::PKey::RSA, String) —

  Service Account's Private Key.

Returns:

• (PostObject)

See Also:

• https://cloud.google.com/storage/docs/xml-api/post-object

# File 'lib/google/cloud/storage/bucket.rb', line 1023

def post_object path, policy: nil, issuer: nil,
                client_email: nil, signing_key: nil,
                private_key: nil
  ensure_service!

  signer = File::Signer.from_bucket self, path
  signer.post_object issuer: issuer, client_email: client_email,
                     signing_key: signing_key, private_key: private_key,
                     policy: policy
end

#reload! ⇒ Object Also known as: refresh!

Reloads the bucket with current data from the Storage service.

# File 'lib/google/cloud/storage/bucket.rb', line 1388

def reload!
  ensure_service!
  @gapi = service.get_bucket name, user_project: user_project
  # If NotFound then lazy will never be unset
  @lazy = nil
  self
end

#requester_pays ⇒ Boolean^? Also known as: requester_pays?

Indicates that a client accessing the bucket or a file it contains must assume the transit costs related to the access. The requester must pass the user_project option to Project#bucket and Project#buckets to indicate the project to which the access costs should be billed.

Returns:

• (Boolean, nil) —

  Returns true if requester pays is enabled for the bucket.

# File 'lib/google/cloud/storage/bucket.rb', line 349

def requester_pays
  @gapi.billing.requester_pays if @gapi.billing
end

#requester_pays=(new_requester_pays) ⇒ Object

Enables requester pays for the bucket. If enabled, a client accessing the bucket or a file it contains must assume the transit costs related to the access. The requester must pass the user_project option to Project#bucket and Project#buckets to indicate the project to which the access costs should be billed.

Examples:

Enable requester pays for a bucket:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

bucket.requester_pays = true # API call
# Other projects must now provide `user_project` option when calling
# Project#bucket or Project#buckets to access this bucket.

Parameters:

• new_requester_pays (Boolean) —

  When set to true, requester pays is enabled for the bucket.

# File 'lib/google/cloud/storage/bucket.rb', line 375

def requester_pays= new_requester_pays
  @gapi.billing ||= Google::Apis::StorageV1::Bucket::Billing.new
  @gapi.billing.requester_pays = new_requester_pays
  patch_gapi! :billing
end

#signed_url(path, method: nil, expires: nil, content_type: nil, content_md5: nil, headers: nil, issuer: nil, client_email: nil, signing_key: nil, private_key: nil, query: nil) ⇒ Object

Access without authentication can be granted to a File for a specified period of time. This URL uses a cryptographic signature of your credentials to access the file identified by path. A URL can be created for paths that do not yet exist. For instance, a URL can be created to PUT file contents to.

Generating a URL requires service account credentials, either by connecting with a service account when calling Google::Cloud.storage, or by passing in the service account issuer and signing_key values. Although the private key can be passed as a string for convenience, creating and storing an instance of OpenSSL::PKey::RSA is more efficient when making multiple calls to signed_url.

A SignedUrlUnavailable is raised if the service account credentials are missing. Service account credentials are acquired by following the steps in Service Account Authentication.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
shared_url = bucket.signed_url "avatars/heidi/400x400.png"

Any of the option parameters may be specified:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
shared_url = bucket.signed_url "avatars/heidi/400x400.png",
                               method: "PUT",
                               content_type: "image/png",
                               expires: 300 # 5 minutes from now

Using the issuer and signing_key options:

require "google/cloud/storage"

storage = Google::Cloud.storage

bucket = storage.bucket "my-todo-app"
key = OpenSSL::PKey::RSA.new "-----BEGIN PRIVATE KEY-----\n..."
shared_url = bucket.signed_url "avatars/heidi/400x400.png",
                               issuer: "service-account@gcloud.com",
                               signing_key: key

Using the headers option:

require "google/cloud/storage"

storage = Google::Cloud.storage

bucket = storage.bucket "my-todo-app"
shared_url = bucket.signed_url "avatars/heidi/400x400.png",
                               headers: {
                                 "x-goog-acl" => "private",
                                 "x-goog-meta-foo" => "bar,baz"
                               }

Parameters:

• path (String) —

  Path to the file in Google Cloud Storage.

• method (String) —

  The HTTP verb to be used with the signed URL. Signed URLs can be used with GET, HEAD, PUT, and DELETE requests. Default is GET.

• expires (Integer) —

  The number of seconds until the URL expires. Default is 300/5 minutes.

• content_type (String) —

  When provided, the client (browser) must send this value in the HTTP header. e.g. text/plain

• content_md5 (String) —

  The MD5 digest value in base64. If you provide this in the string, the client (usually a browser) must provide this HTTP header with this same value in its request.

• headers (Hash) —

  Google extension headers (custom HTTP headers that begin with x-goog-) that must be included in requests that use the signed URL.

• issuer (String) —

  Service Account's Client Email.

• client_email (String) —

  Service Account's Client Email.

• signing_key (OpenSSL::PKey::RSA, String) —

  Service Account's Private Key.

• private_key (OpenSSL::PKey::RSA, String) —

  Service Account's Private Key.

• query (Hash) —

  Query string parameters to include in the signed URL. The given parameters are not verified by the signature.

  Parameters such as response-content-disposition and response-content-type can alter the behavior of the response when using the URL, but only when the file resource is missing the corresponding values. (These values can be permanently set using File#content_disposition= and File#content_type=.)

See Also:

• Access Control Signed URLs guide

# File 'lib/google/cloud/storage/bucket.rb', line 913

def signed_url path, method: nil, expires: nil, content_type: nil,
               content_md5: nil, headers: nil, issuer: nil,
               client_email: nil, signing_key: nil, private_key: nil,
               query: nil
  ensure_service!
  signer = File::Signer.from_bucket self, path
  signer.signed_url method: method, expires: expires, headers: headers,
                    content_type: content_type,
                    content_md5: content_md5, issuer: issuer,
                    client_email: client_email,
                    signing_key: signing_key, private_key: private_key,
                    query: query
end

#storage_class ⇒ Object

The bucket's storage class. This defines how objects in the bucket are stored and determines the SLA and the cost of storage. Values include MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, and DURABLE_REDUCED_AVAILABILITY.

# File 'lib/google/cloud/storage/bucket.rb', line 237

def storage_class
  @gapi.storage_class
end

#storage_class=(new_storage_class) ⇒ Object

Updates the bucket's storage class. This defines how objects in the bucket are stored and determines the SLA and the cost of storage. Accepted values include :multi_regional, :regional, :nearline, and :coldline, as well as the equivalent strings returned by #storage_class. For more information, see Storage Classes.

Parameters:

• new_storage_class (Symbol, String) —

  Storage class of the bucket.

# File 'lib/google/cloud/storage/bucket.rb', line 249

def storage_class= new_storage_class
  @gapi.storage_class = storage_class_for(new_storage_class)
  patch_gapi! :storage_class
end

#test_permissions(*permissions) ⇒ Array<String>

Tests the specified permissions against the Cloud IAM access control policy.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"

permissions = bucket.test_permissions "storage.buckets.get",
                                      "storage.buckets.delete"
permissions.include? "storage.buckets.get"    #=> true
permissions.include? "storage.buckets.delete" #=> false

Parameters:

• permissions (String, Array<String>) —

  The set of permissions against which to check access. Permissions must be of the format storage.resource.capability, where resource is one of buckets or objects.

Returns:

• (Array<String>) —

  The permissions held by the caller.

See Also:

• Managing Policies

# File 'lib/google/cloud/storage/bucket.rb', line 1237

def test_permissions *permissions
  permissions = Array(permissions).flatten
  ensure_service!
  gapi = service.test_bucket_permissions name, permissions,
                                         user_project: user_project
  gapi.permissions
end

#update {|bucket| ... } ⇒ Object

Updates the bucket with changes made in the given block in a single PATCH request. The following attributes may be set: #cors, #logging_bucket=, #logging_prefix=, #versioning=, #website_main=, #website_404=, and #requester_pays=.

In addition, the #cors configuration accessible in the block is completely mutable and will be included in the request. (See Cors)

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
bucket.update do |b|
  b.website_main = "index.html"
  b.website_404 = "not_found.html"
  b.cors[0].methods = ["GET","POST","DELETE"]
  b.cors[1].headers << "X-Another-Custom-Header"
end

New CORS rules can also be added in a nested block:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-todo-app"

bucket.update do |b|
  b.cors do |c|
    c.add_rule ["http://example.org", "https://example.org"],
               "*",
               headers: ["X-My-Custom-Header"],
               max_age: 300
  end
end

Yields:

• (bucket) —

  a block yielding a delegate object for updating the file

# File 'lib/google/cloud/storage/bucket.rb', line 422

def update
  updater = Updater.new @gapi
  yield updater
  # Add check for mutable cors
  updater.check_for_changed_labels!
  updater.check_for_mutable_cors!
  patch_gapi! updater.updates unless updater.updates.empty?
end

#versioning=(new_versioning) ⇒ Boolean

Updates whether Object Versioning is enabled for the bucket.

Returns:

• (Boolean)

# File 'lib/google/cloud/storage/bucket.rb', line 269

def versioning= new_versioning
  @gapi.versioning ||= Google::Apis::StorageV1::Bucket::Versioning.new
  @gapi.versioning.enabled = new_versioning
  patch_gapi! :versioning
end

#versioning? ⇒ Boolean

Whether Object Versioning is enabled for the bucket.

Returns:

• (Boolean)

# File 'lib/google/cloud/storage/bucket.rb', line 258

def versioning?
  @gapi.versioning.enabled? unless @gapi.versioning.nil?
end

#website_404 ⇒ Object

The page returned from a static website served from the bucket when a site visitor requests a resource that does not exist.

See Also:

• How to Host a Static Website

# File 'lib/google/cloud/storage/bucket.rb', line 306

def website_404
  @gapi.website.not_found_page if @gapi.website
end

#website_404=(website_404) ⇒ Object

Updates the page returned from a static website served from the bucket when a site visitor requests a resource that does not exist.

See Also:

• How to Host a Static Website

# File 'lib/google/cloud/storage/bucket.rb', line 333

def website_404= website_404
  @gapi.website ||= Google::Apis::StorageV1::Bucket::Website.new
  @gapi.website.not_found_page = website_404
  patch_gapi! :website
end

#website_main ⇒ Object

The index page returned from a static website served from the bucket when a site visitor requests the top level directory.

See Also:

• How to Host a Static Website

# File 'lib/google/cloud/storage/bucket.rb', line 282

def website_main
  @gapi.website.main_page_suffix if @gapi.website
end

#website_main=(website_main) ⇒ Object

Updates the index page returned from a static website served from the bucket when a site visitor requests the top level directory.

See Also:

• How to Host a Static Website

# File 'lib/google/cloud/storage/bucket.rb', line 293

def website_main= website_main
  @gapi.website ||= Google::Apis::StorageV1::Bucket::Website.new
  @gapi.website.main_page_suffix = website_main
  patch_gapi! :website
end