googleapis
diff --git a/‎[refs]‎
Lines changed: 1 addition & 1 deletion b/‎[refs]‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎…in/java/com/google/gcloud/IamPolicy.java‎ ‎…ava/com/google/gcloud/BaseIamPolicy.java‎trunk/gcloud-java-core/src/main/java/com/google/gcloud/IamPolicy.java renamed to trunk/gcloud-java-core/src/main/java/com/google/gcloud/BaseIamPolicy.java
Lines changed: 51 additions & 194 deletions b/‎…in/java/com/google/gcloud/IamPolicy.java‎ ‎…ava/com/google/gcloud/BaseIamPolicy.java‎trunk/gcloud-java-core/src/main/java/com/google/gcloud/IamPolicy.java renamed to trunk/gcloud-java-core/src/main/java/com/google/gcloud/BaseIamPolicy.java
Lines changed: 51 additions & 194 deletions
diff --git a/‎trunk/gcloud-java-core/src/test/java/com/google/gcloud/BaseIamPolicyTest.java‎
Lines changed: 50 additions & 0 deletions b/‎trunk/gcloud-java-core/src/test/java/com/google/gcloud/BaseIamPolicyTest.java‎
Lines changed: 50 additions & 0 deletions
@@ -1,5 +1,5 @@
 ---
-refs/heads/master: c96469b6a135619708f08526c2f0d5cc50396c80
+refs/heads/master: e44e12a2b996d1649704a9ce124f670c23bd6c7e
 refs/heads/travis: e21ee7b88a5edc3f3d8c71f90c3fc32abf7e8dd6
 refs/heads/gh-pages: d1b373c30c176edc08692348167bec3a244bb823
 refs/heads/bigquery: 762fa5830e6c398c0396177e3e7fd243bd62cfc3
 
@@ -21,29 +21,28 @@
 import com.google.common.collect.ImmutableList;
 
 import java.io.Serializable;
-import java.util.Arrays;
-import java.util.LinkedList;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.Objects;
 
 /**
- * An Identity and Access Management (IAM) policy. It is used to specify access control policies for
- * Cloud Platform resources. A Policy consists of a list of ACLs (also known as bindings in Cloud
- * IAM documentation). An ACL binds a list of identities to a role, where the identities can be user
- * accounts, Google groups, Google domains, and service accounts. A role is a named list of
- * permissions defined by IAM.
+ * Base class for Identity and Access Management (IAM) policies. IAM policies are used to specify
+ * access settings for Cloud Platform resources. A Policy consists of a list of bindings. An binding
+ * assigns a list of identities to a role, where the identities can be user accounts, Google groups,
+ * Google domains, and service accounts. A role is a named list of permissions defined by IAM.
  *
  * @see <a href="https://cloud.google.com/iam/reference/rest/v1/Policy">Policy</a>
  */
-public class IamPolicy implements Serializable {
+public abstract class BaseIamPolicy<R> implements Serializable {
 
-  static final long serialVersionUID = 1114489978726897720L;
+  private static final long serialVersionUID = 1114489978726897720L;
 
-  private final List<Acl> acls;
+  private final Map<R, List<Identity>> bindings;
   private final String etag;
   private final int version;
 
-  public static class Identity implements Serializable {
+  public static final class Identity implements Serializable {
 
     private static final long serialVersionUID = 30811617560110848L;
 
@@ -85,7 +84,7 @@ public enum Type {
       DOMAIN
     }
 
-    Identity(Type type, String id) {
+    private Identity(Type type, String id) {
       this.type = type;
       this.id = id;
     }
@@ -178,177 +177,38 @@ public boolean equals(Object obj) {
     }
   }
 
-  /**
-   * An ACL binds a list of identities to a role, where the identities can be user accounts, Google
-   * groups, Google domains, and service accounts. A role is a named list of permissions defined by
-   * IAM.
-   *
-   * @see <a href="https://cloud.google.com/iam/reference/rest/v1/Policy#Binding">Binding</a>
-   */
-  public static class Acl implements Serializable {
-
-    private static final long serialVersionUID = 3954282899483745158L;
-
-    private final List<Identity> identities;
-    private final String role;
-
-    /**
-     * An ACL builder.
-     */
-    public static class Builder {
-      private final List<Identity> members = new LinkedList<>();
-      private String role;
-
-      Builder(String role) {
-        this.role = role;
-      }
-
-      /**
-       * Sets the role associated with this ACL.
-       */
-      public Builder role(String role) {
-        this.role = role;
-        return this;
-      }
-
-      /**
-       * Replaces the builder's list of identities with the given list.
-       */
-      public Builder identities(List<Identity> identities) {
-        this.members.clear();
-        this.members.addAll(identities);
-        return this;
-      }
-
-      /**
-       * Adds one or more identities to the list of identities associated with the ACL.
-       */
-      public Builder addIdentity(Identity first, Identity... others) {
-        members.add(first);
-        members.addAll(Arrays.asList(others));
-        return this;
-      }
-
-      /**
-       * Removes the specified identity from the ACL.
-       */
-      public Builder removeIdentity(Identity identity) {
-        members.remove(identity);
-        return this;
-      }
-
-      public Acl build() {
-        return new Acl(this);
-      }
-    }
-
-    Acl(Builder builder) {
-      identities = ImmutableList.copyOf(checkNotNull(builder.members));
-      role = checkNotNull(builder.role);
-    }
-
-    /**
-     * Returns the list of identities associated with this ACL.
-     */
-    public List<Identity> identities() {
-      return identities;
-    }
-
-    /**
-     * Returns the role associated with this ACL.
-     */
-    public String role() {
-      return role;
-    }
-
-    /**
-     * Returns an ACL builder for the specific role type.
-     *
-     * @param role string representing the role, without the "roles/" prefix.  An example of a valid
-     *     legacy role is "viewer". An example of a valid service-specific role is
-     *     "pubsub.publisher".
-     */
-    public static Builder builder(String role) {
-      return new Builder(role);
-    }
-
-    /**
-     * Returns an ACL for the role type and list of identities provided.
-     *
-     * @param role string representing the role, without the "roles/" prefix.  An example of a valid
-     *     legacy role is "viewer". An example of a valid service-specific role is
-     *     "pubsub.publisher".
-     * @param members list of identities associated with the role.
-     */
-    public static Acl of(String role, List<Identity> members) {
-      return new Acl(new Builder(role).identities(members));
-    }
-
-    /**
-     * Returns an ACL for the role type and identities provided.
-     *
-     * @param role string representing the role, without the "roles/" prefix.  An example of a valid
-     *     legacy role is "viewer". An example of a valid service-specific role is
-     *     "pubsub.publisher".
-     * @param first identity associated with the role.
-     * @param others any other identities associated with the role.
-     */
-    public static Acl of(String role, Identity first, Identity... others) {
-      return new Acl(new Builder(role).addIdentity(first, others));
-    }
-
-    public Builder toBuilder() {
-      return new Builder(role).identities(identities);
-    }
-
-    @Override
-    public int hashCode() {
-      return Objects.hash(identities, role);
-    }
-
-    @Override
-    public boolean equals(Object obj) {
-      if (!(obj instanceof Acl)) {
-        return false;
-      }
-      Acl other = (Acl) obj;
-      return Objects.equals(identities, other.identities()) && Objects.equals(role, other.role());
-    }
-  }
-
   /**
    * Builder for an IAM Policy.
    */
-  public static class Builder {
+  protected abstract static class BaseBuilder<R, B extends BaseBuilder<R, B>> {
 
-    private final List<Acl> acls = new LinkedList<>();
+    private final Map<R, List<Identity>> bindings = new HashMap<>();
     private String etag;
     private int version;
 
     /**
-     * Replaces the builder's list of ACLs with the given list of ACLs.
+     * Replaces the builder's list of bindings with the given list of bindings.
      */
-    public Builder acls(List<Acl> acls) {
-      this.acls.clear();
-      this.acls.addAll(acls);
-      return this;
+    public B bindings(Map<R, List<Identity>> bindings) {
+      this.bindings.clear();
+      this.bindings.putAll(bindings);
+      return self();
     }
 
     /**
-     * Adds one or more ACLs to the policy.
+     * Adds one or more bindings to the policy.
      */
-    public Builder addAcl(Acl first, Acl... others) {
-      acls.add(first);
-      acls.addAll(Arrays.asList(others));
-      return this;
+    public B addBinding(R role, List<Identity> identities) {
+      bindings.put(role, ImmutableList.copyOf(identities));
+      return self();
     }
 
     /**
      * Removes the specified ACL.
      */
-    public Builder removeAcl(Acl acl) {
-      acls.remove(acl);
-      return this;
+    public B removeBinding(R role) {
+      bindings.remove(role);
+      return self();
     }
 
     /**
@@ -362,35 +222,40 @@ public Builder removeAcl(Acl acl) {
      * applied to the same version of the policy.  If no etag is provided in the call to
      * setIamPolicy, then the existing policy is overwritten blindly.
      */
-    public Builder etag(String etag) {
+    protected B etag(String etag) {
       this.etag = etag;
-      return this;
+      return self();
     }
 
     /**
-     * Sets the version of the policy. The default version is 0.
+     * Sets the version of the policy. The default version is 0, meaning roles that are in alpha
+     * (non-legacy) roles are not permitted. If the version is 1, you may use roles other than
+     * "owner", "editor", and "viewer".
      */
-    public Builder version(int version) {
+    protected B version(int version) {
       this.version = version;
-      return this;
+      return self();
     }
 
-    public IamPolicy build() {
-      return new IamPolicy(this);
+    @SuppressWarnings("unchecked")
+    private B self() {
+      return (B) this;
     }
+
+    public abstract BaseIamPolicy<R> build();
   }
 
-  IamPolicy(Builder builder) {
-    acls = ImmutableList.copyOf(builder.acls);
-    etag = builder.etag;
-    version = builder.version;
+  protected BaseIamPolicy(BaseBuilder<R, ? extends BaseBuilder<R, ?>> builder) {
+    this.bindings = builder.bindings;
+    this.etag = builder.etag;
+    this.version = builder.version;
   }
 
   /**
    * The list of ACLs specified in the policy.
    */
-  public List<Acl> acls() {
-    return acls;
+  public Map<R, List<Identity>> bindings() {
+    return bindings;
   }
 
   /**
@@ -415,26 +280,18 @@ public int version() {
     return version;
   }
 
-  @Override
-  public int hashCode() {
-    return Objects.hash(acls, etag, version);
+  public int baseHashCode() {
+    return Objects.hash(bindings, etag, version);
   }
 
-  @Override
-  public boolean equals(Object obj) {
-    if (!(obj instanceof IamPolicy)) {
+  public boolean baseEquals(Object obj) {
+    if (!(obj instanceof BaseIamPolicy)) {
       return false;
     }
-    IamPolicy other = (IamPolicy) obj;
-    return Objects.equals(acls, other.acls()) && Objects.equals(etag, other.etag())
+    @SuppressWarnings("rawtypes")
+    BaseIamPolicy other = (BaseIamPolicy) obj;
+    return Objects.equals(bindings, other.bindings())
+        && Objects.equals(etag, other.etag())
         && Objects.equals(version, other.version());
   }
-
-  public static Builder builder() {
-    return new Builder();
-  }
-
-  public Builder toBuilder() {
-    return new Builder().acls(acls).etag(etag).version(version);
-  }
 }
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2015 Google Inc. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.gcloud;
+
+import static org.junit.Assert.assertEquals;
+
+import com.google.gcloud.BaseIamPolicy.Identity;
+
+import org.junit.Test;
+
+public class BaseIamPolicyTest {
+
+  private static final Identity ALL_USERS = Identity.allUsers();
+  private static final Identity ALL_AUTH_USERS = Identity.allAuthenticatedUsers();
+  private static final Identity USER = Identity.user("[email protected]");
+  private static final Identity SERVICE_ACCOUNT =
+      Identity.serviceAccount("[email protected]");
+  private static final Identity GROUP = Identity.group("[email protected]");
+  private static final Identity DOMAIN = Identity.domain("google.com");
+
+  @Test
+  public void testIdentityOf() {
+    assertEquals(Identity.Type.ALL_USERS, ALL_USERS.type());
+    assertEquals(null, ALL_USERS.id());
+    assertEquals(Identity.Type.ALL_AUTHENTICATED_USERS, ALL_AUTH_USERS.type());
+    assertEquals(null, ALL_AUTH_USERS.id());
+    assertEquals(Identity.Type.USER, USER.type());
+    assertEquals("[email protected]", USER.id());
+    assertEquals(Identity.Type.SERVICE_ACCOUNT, SERVICE_ACCOUNT.type());
+    assertEquals("[email protected]", SERVICE_ACCOUNT.id());
+    assertEquals(Identity.Type.GROUP, GROUP.type());
+    assertEquals("[email protected]", GROUP.id());
+    assertEquals(Identity.Type.DOMAIN, DOMAIN.type());
+    assertEquals("google.com", DOMAIN.id());
+  }
+}