Skip to content

Commit 604bb1d

Browse files
rybosomegarrettjonesgoogle
rybosome
authored and
garrettjonesgoogle
committed
---
yaml --- r: 7981 b: refs/heads/tswast-patch-1 c: 64b47ab h: refs/heads/master i: 7979: dc032f5
1 parent 568ccbf commit 604bb1d

14 files changed

Lines changed: 823 additions & 95 deletions

File tree

[refs]

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,5 +57,5 @@ refs/tags/v0.18.0: 9d193c4c4b9d1c6f21515dd8e50836b9194ec9bb
5757
refs/tags/v0.19.0: e67b56e4d8dad5f9a7b38c9b2107c23c828f2ed5
5858
refs/tags/v0.20.0: 839f7fb7156535146aa1cb2c5aadd8d375d854e8
5959
refs/tags/v0.20.1: 370471f437f1f4f68a11e068df5cd6bf39edb1fa
60-
refs/heads/tswast-patch-1: 56d0a30a6847cae19c8dc74324b9b4935159ba2c
60+
refs/heads/tswast-patch-1: 64b47ab15cfa89d50305440e553bac344cb36634
6161
refs/heads/pubsub-streaming-pull: 19262b752ee874eb2ca3b950eb2aef44d5a5267b

branches/tswast-patch-1/google-cloud-contrib/google-cloud-nio/src/test/java/com/google/cloud/storage/contrib/nio/FakeStorageRpc.java

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,9 @@
1919
import com.google.api.services.storage.model.Bucket;
2020
import com.google.api.services.storage.model.BucketAccessControl;
2121
import com.google.api.services.storage.model.ObjectAccessControl;
22+
import com.google.api.services.storage.model.Policy;
2223
import com.google.api.services.storage.model.StorageObject;
24+
import com.google.api.services.storage.model.TestIamPermissionsResponse;
2325
import com.google.cloud.storage.Storage;
2426
import com.google.cloud.storage.StorageException;
2527
import com.google.cloud.storage.spi.v1.RpcBatch;
@@ -61,6 +63,7 @@
6163
* <li>continueRewrite
6264
* <li>createBatch
6365
* <li>checksums, etags
66+
* <li>IAM operations</li>
6467
* </ul>
6568
* </ul>
6669
*/
@@ -443,4 +446,19 @@ private static boolean processedAsFolder(StorageObject so, String delimiter, Str
443446
folders.put(folderName, fakeFolder);
444447
return true;
445448
}
449+
450+
@Override
451+
public Policy getIamPolicy(String bucket) {
452+
throw new UnsupportedOperationException();
453+
}
454+
455+
@Override
456+
public Policy setIamPolicy(String bucket, Policy policy) {
457+
throw new UnsupportedOperationException();
458+
}
459+
460+
@Override
461+
public TestIamPermissionsResponse testIamPermissions(String bucket, List<String> permissions) {
462+
throw new UnsupportedOperationException();
463+
}
446464
}

branches/tswast-patch-1/google-cloud-core/src/main/java/com/google/cloud/Policy.java

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,6 @@ public final Builder removeIdentity(Role role, Identity first, Identity... other
202202
return this;
203203
}
204204

205-
206205
/**
207206
* Sets the policy's etag.
208207
*
@@ -214,7 +213,7 @@ public final Builder removeIdentity(Role role, Identity first, Identity... other
214213
* applied to the same version of the policy. If no etag is provided in the call to
215214
* setIamPolicy, then the existing policy is overwritten blindly.
216215
*/
217-
protected final Builder setEtag(String etag) {
216+
public final Builder setEtag(String etag) {
218217
this.etag = etag;
219218
return this;
220219
}

branches/tswast-patch-1/google-cloud-pubsub/src/main/java/com/google/cloud/pubsub/spi/v1/PagedResponseWrappers.java

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -392,4 +392,16 @@ protected ListSnapshotsFixedSizeCollection createCollection(
392392
return new ListSnapshotsFixedSizeCollection(pages, collectionSize);
393393
}
394394
}
395+
396+
public static class ListSnapshotsPagedResponse
397+
extends PagedListResponseImpl<ListSnapshotsRequest, ListSnapshotsResponse, Snapshot> {
398+
399+
public ListSnapshotsPagedResponse(
400+
UnaryCallable<ListSnapshotsRequest, ListSnapshotsResponse> callable,
401+
PagedListDescriptor<ListSnapshotsRequest, ListSnapshotsResponse, Snapshot> pageDescriptor,
402+
ListSnapshotsRequest request,
403+
CallContext context) {
404+
super(callable, pageDescriptor, request, context);
405+
}
406+
}
395407
}

branches/tswast-patch-1/google-cloud-storage/src/main/java/com/google/cloud/storage/PolicyHelper.java

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
/*
2+
* Copyright 2017 Google Inc. All Rights Reserved.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
package com.google.cloud.storage;
18+
19+
import java.util.ArrayList;
20+
import java.util.List;
21+
import java.util.Map;
22+
import java.util.Set;
23+
24+
import com.google.api.services.storage.model.Policy.Bindings;
25+
import com.google.cloud.Identity;
26+
import com.google.cloud.Policy;
27+
import com.google.cloud.Role;
28+
29+
/**
30+
* Helper for converting between the Policy model provided by the API and the Policy model provided
31+
* by this library.
32+
*/
33+
class PolicyHelper {
34+
35+
static Policy convertFromApiPolicy(com.google.api.services.storage.model.Policy apiPolicy) {
36+
Policy.Builder policyBuilder = Policy.newBuilder();
37+
for (Bindings binding : apiPolicy.getBindings()) {
38+
for (String member : binding.getMembers()) {
39+
policyBuilder.addIdentity(Role.of(binding.getRole()), Identity.valueOf(member));
40+
}
41+
}
42+
return policyBuilder.setEtag(apiPolicy.getEtag()).build();
43+
}
44+
45+
static com.google.api.services.storage.model.Policy convertToApiPolicy(Policy policy) {
46+
List<Bindings> bindings = new ArrayList<>(policy.getBindings().size());
47+
for (Map.Entry<Role, Set<Identity>> entry : policy.getBindings().entrySet()) {
48+
List<String> members = new ArrayList<>(entry.getValue().size());
49+
for (Identity identity : entry.getValue()) {
50+
members.add(identity.strValue());
51+
}
52+
bindings.add(new Bindings().setMembers(members).setRole(entry.getKey().getValue()));
53+
}
54+
return new com.google.api.services.storage.model.Policy()
55+
.setBindings(bindings)
56+
.setEtag(policy.getEtag());
57+
}
58+
59+
private PolicyHelper() {
60+
// Intentionally left blank.
61+
}
62+
}

branches/tswast-patch-1/google-cloud-storage/src/main/java/com/google/cloud/storage/Storage.java

Lines changed: 71 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,25 @@
2020
import static com.google.common.base.Preconditions.checkNotNull;
2121

2222
import com.google.api.gax.core.Page;
23+
import java.io.InputStream;
24+
import java.io.Serializable;
25+
import java.net.URL;
26+
import java.security.Key;
27+
import java.util.Arrays;
28+
import java.util.Collections;
29+
import java.util.LinkedHashSet;
30+
import java.util.LinkedList;
31+
import java.util.List;
32+
import java.util.Objects;
33+
import java.util.Set;
34+
import java.util.concurrent.TimeUnit;
35+
2336
import com.google.auth.ServiceAccountSigner;
2437
import com.google.auth.ServiceAccountSigner.SigningException;
2538
import com.google.cloud.FieldSelector;
2639
import com.google.cloud.FieldSelector.Helper;
40+
import com.google.cloud.GcpLaunchStage;
41+
import com.google.cloud.Policy;
2742
import com.google.cloud.ReadChannel;
2843
import com.google.cloud.Service;
2944
import com.google.cloud.WriteChannel;
@@ -35,19 +50,6 @@
3550
import com.google.common.collect.Lists;
3651
import com.google.common.io.BaseEncoding;
3752

38-
import java.io.InputStream;
39-
import java.io.Serializable;
40-
import java.net.URL;
41-
import java.security.Key;
42-
import java.util.Arrays;
43-
import java.util.Collections;
44-
import java.util.LinkedHashSet;
45-
import java.util.LinkedList;
46-
import java.util.List;
47-
import java.util.Objects;
48-
import java.util.Set;
49-
import java.util.concurrent.TimeUnit;
50-
5153
/**
5254
* An interface for Google Cloud Storage.
5355
*
@@ -2369,4 +2371,60 @@ public static Builder newBuilder() {
23692371
* @throws StorageException upon failure
23702372
*/
23712373
List<Acl> listAcls(BlobId blob);
2374+
2375+
/**
2376+
* Gets the IAM policy for the provided bucket.
2377+
*
2378+
* <p>Example of getting the IAM policy for a bucket.
2379+
* <pre> {@code
2380+
* String bucketName = "my_unique_bucket";
2381+
* Policy policy = storage.getIamPolicy(bucketName);
2382+
* }</pre>
2383+
*
2384+
* @throws StorageException upon failure
2385+
*/
2386+
@GcpLaunchStage.Alpha
2387+
Policy getIamPolicy(String bucket);
2388+
2389+
/**
2390+
* Updates the IAM policy on the specified bucket.
2391+
*
2392+
* <p>Example of updating the IAM policy on a bucket.
2393+
* <pre>{@code
2394+
* // We want to make all objects in our bucket publicly readable.
2395+
* String bucketName = "my_unique_bucket";
2396+
* Policy currentPolicy = storage.getIamPolicy(bucketName);
2397+
* Policy updatedPolicy =
2398+
* storage.setIamPolicy(
2399+
* bucketName,
2400+
* currentPolicy.toBuilder()
2401+
* .addIdentity(StorageRoles.objectViewer(), Identity.allUsers())
2402+
* .build());
2403+
* }</pre>
2404+
*
2405+
* @throws StorageException upon failure
2406+
*/
2407+
@GcpLaunchStage.Alpha
2408+
Policy setIamPolicy(String bucket, Policy policy);
2409+
2410+
/**
2411+
* Tests whether the caller holds the permissions on the specified bucket. Returns a list of
2412+
* booleans in the same placement and order in which the permissions were specified.
2413+
*
2414+
* <p>Example of testing permissions on a bucket.
2415+
* <pre> {@code
2416+
* String bucketName = "my_unique_bucket";
2417+
* List<Boolean> response =
2418+
* storage.testIamPermissions(
2419+
* bucket,
2420+
* ImmutableList.of("storage.buckets.get", "storage.buckets.getIamPolicy"));
2421+
* for (boolean hasPermission : response) {
2422+
* // Do something with permission test response
2423+
* }
2424+
* }</pre>
2425+
*
2426+
* @throws StorageException upon failure
2427+
*/
2428+
@GcpLaunchStage.Alpha
2429+
List<Boolean> testIamPermissions(String bucket, List<String> permissions);
23722430
}

branches/tswast-patch-1/google-cloud-storage/src/main/java/com/google/cloud/storage/StorageImpl.java

Lines changed: 72 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@
1717
package com.google.cloud.storage;
1818

1919
import static com.google.cloud.RetryHelper.runWithRetries;
20+
import static com.google.cloud.storage.PolicyHelper.convertFromApiPolicy;
21+
import static com.google.cloud.storage.PolicyHelper.convertToApiPolicy;
2022
import static com.google.cloud.storage.spi.v1.StorageRpc.Option.DELIMITER;
2123
import static com.google.cloud.storage.spi.v1.StorageRpc.Option.IF_GENERATION_MATCH;
2224
import static com.google.cloud.storage.spi.v1.StorageRpc.Option.IF_GENERATION_NOT_MATCH;
@@ -31,15 +33,32 @@
3133
import static com.google.common.base.Preconditions.checkState;
3234
import static java.nio.charset.StandardCharsets.UTF_8;
3335

36+
import java.io.ByteArrayInputStream;
37+
import java.io.InputStream;
38+
import java.io.UnsupportedEncodingException;
39+
import java.net.MalformedURLException;
40+
import java.net.URL;
41+
import java.net.URLEncoder;
42+
import java.util.Arrays;
43+
import java.util.Collections;
44+
import java.util.EnumMap;
45+
import java.util.List;
46+
import java.util.Map;
47+
import java.util.Set;
48+
import java.util.concurrent.Callable;
49+
import java.util.concurrent.TimeUnit;
50+
3451
import com.google.api.gax.core.Page;
3552
import com.google.api.services.storage.model.BucketAccessControl;
3653
import com.google.api.services.storage.model.ObjectAccessControl;
3754
import com.google.api.services.storage.model.StorageObject;
55+
import com.google.api.services.storage.model.TestIamPermissionsResponse;
3856
import com.google.auth.ServiceAccountSigner;
3957
import com.google.cloud.BaseService;
4058
import com.google.cloud.BatchResult;
4159
import com.google.cloud.PageImpl;
4260
import com.google.cloud.PageImpl.NextPageFetcher;
61+
import com.google.cloud.Policy;
4362
import com.google.cloud.ReadChannel;
4463
import com.google.cloud.RetryHelper.RetryHelperException;
4564
import com.google.cloud.storage.Acl.Entity;
@@ -49,6 +68,7 @@
4968
import com.google.common.base.Function;
5069
import com.google.common.collect.ImmutableList;
5170
import com.google.common.collect.ImmutableMap;
71+
import com.google.common.collect.ImmutableSet;
5272
import com.google.common.collect.Iterables;
5373
import com.google.common.collect.Lists;
5474
import com.google.common.collect.Maps;
@@ -57,20 +77,6 @@
5777
import com.google.common.net.UrlEscapers;
5878
import com.google.common.primitives.Ints;
5979

60-
import java.io.ByteArrayInputStream;
61-
import java.io.InputStream;
62-
import java.io.UnsupportedEncodingException;
63-
import java.net.MalformedURLException;
64-
import java.net.URL;
65-
import java.net.URLEncoder;
66-
import java.util.Arrays;
67-
import java.util.Collections;
68-
import java.util.EnumMap;
69-
import java.util.List;
70-
import java.util.Map;
71-
import java.util.concurrent.Callable;
72-
import java.util.concurrent.TimeUnit;
73-
7480
final class StorageImpl extends BaseService<StorageOptions> implements Storage {
7581

7682
private static final byte[] EMPTY_BYTE_ARRAY = {};
@@ -854,6 +860,58 @@ public List<ObjectAccessControl> call() {
854860
throw StorageException.translateAndThrow(e);
855861
}
856862
}
863+
864+
@Override
865+
public Policy getIamPolicy(final String bucket) {
866+
try {
867+
return convertFromApiPolicy(runWithRetries(new Callable<com.google.api.services.storage.model.Policy>() {
868+
@Override
869+
public com.google.api.services.storage.model.Policy call() {
870+
return storageRpc.getIamPolicy(bucket);
871+
}
872+
}, getOptions().getRetrySettings(), EXCEPTION_HANDLER, getOptions().getClock()));
873+
} catch (RetryHelperException e){
874+
throw StorageException.translateAndThrow(e);
875+
}
876+
}
877+
878+
@Override
879+
public Policy setIamPolicy(final String bucket, final Policy policy) {
880+
try {
881+
return convertFromApiPolicy(runWithRetries(new Callable<com.google.api.services.storage.model.Policy>() {
882+
@Override
883+
public com.google.api.services.storage.model.Policy call() {
884+
return storageRpc.setIamPolicy(bucket, convertToApiPolicy(policy));
885+
}
886+
}, getOptions().getRetrySettings(), EXCEPTION_HANDLER, getOptions().getClock()));
887+
} catch (RetryHelperException e) {
888+
throw StorageException.translateAndThrow(e);
889+
}
890+
}
891+
892+
@Override
893+
public List<Boolean> testIamPermissions(final String bucket, final List<String> permissions) {
894+
try {
895+
TestIamPermissionsResponse response = runWithRetries(new Callable<TestIamPermissionsResponse>() {
896+
@Override
897+
public TestIamPermissionsResponse call() {
898+
return storageRpc.testIamPermissions(bucket, permissions);
899+
}
900+
}, getOptions().getRetrySettings(), EXCEPTION_HANDLER, getOptions().getClock());
901+
final Set<String> heldPermissions =
902+
response.getPermissions() != null
903+
? ImmutableSet.copyOf(response.getPermissions())
904+
: ImmutableSet.<String>of();
905+
return Lists.transform(permissions, new Function<String, Boolean>() {
906+
@Override
907+
public Boolean apply(String permission) {
908+
return heldPermissions.contains(permission);
909+
}
910+
});
911+
} catch (RetryHelperException e) {
912+
throw StorageException.translateAndThrow(e);
913+
}
914+
}
857915

858916
private static <T> void addToOptionMap(StorageRpc.Option option, T defaultValue,
859917
Map<StorageRpc.Option, Object> map) {

0 commit comments

Comments
 (0)