class Google::Cloud::Storage::Policy::Binding

end
})
}
expression: expr
description: “description of condition”,
title: “my-condition”,
condition: {
members: [“user:owner@example.com”],
role: “roles/storage.admin”,
p.bindings.insert({
expr = “resource.name.startsWith("projects/_/buckets/bucket-name/objects/prefix-a-")”
p.version = 3 # Must be explicitly set to opt-in to support for conditions.
p.version # the value is 1
bucket.policy requested_policy_version: 3 do |p|
bucket.uniform_bucket_level_access = true
bucket = storage.bucket “my-bucket”
storage = Google::Cloud::Storage.new
require “google/cloud/storage”
@example Updating a Policy from version 1 to version 3:
end
puts binding.role
policy.bindings.each do |binding|
policy = bucket.policy requested_policy_version: 3
bucket = storage.bucket “my-bucket”
storage = Google::Cloud::Storage.new
require “google/cloud/storage”
@example
conditions, are examined independently.
access via current binding. Different bindings, including their
no condition. NOTE: An unsatisfied condition will not allow user
condition that is associated with this binding, or ‘nil` if there is
@attr [Google::Cloud::Storage::Policy::Condition, nil] condition The
`example.com`. Required.
all the users of that domain. For example, `google.com` or
* `domain:{domain}`: The G Suite domain (primary) that represents
For example, `admins@example.com`.
* `group:{emailid}`: An email address that represents a Google group.
service account. For example, `my-other-app@appspot.gserviceaccount.com`.
* `serviceAccount:{emailid}`: An email address that represents a
Google account. For example, `alice@example.com`.
* `user:{emailid}`: An email address that represents a specific
account.
anyone who is authenticated with a Google account or a service
* `allAuthenticatedUsers`: A special identifier that represents
the internet; with or without a Google account.
* `allUsers`: A special identifier that represents anyone who is on
following values. Required.
access for a Cloud Platform resource. members can have the
@attr [Array<String>] members Specifies the identities requesting
`roles/viewer`, `roles/editor`, or `roles/owner`. Required.
@attr [String] role Role that is assigned to members. For example,
@see cloud.google.com/iam/docs/overview Cloud IAM Overview
Value object associating members and an optional condition with a role.
# Binding
#

def <=> other

Other tags:

Private

def <=> other
  return nil unless other.is_a? Binding
  ret = role <=> other.role
  return ret unless ret.zero?
  ret = members <=> other.members
  return ret unless ret.zero?
  condition&.to_gapi <=> other.condition&.to_gapi
end

def condition= new_condition

Parameters:

expression (String) -- Defines an attribute-based logic
description (String) -- Used to document the condition. Optional.
title (String) -- Used to identify the condition. Required.
new_condition (Google::Cloud::Storage::Policy::Condition) -- The

Overloads:

condition=(title:, description: nil, expression:)

def condition= new_condition
  new_condition = Condition.new(**new_condition) if new_condition.is_a? Hash
  if new_condition && !new_condition.is_a?(Condition)
    raise ArgumentError, "expected Condition, not #{new_condition.inspect}"
  end
  @condition = new_condition
end

def eql? other

Other tags:

Private

def eql? other
  role.eql?(other.role) &&
    members.eql?(other.members) &&
    condition&.to_gapi.eql?(other.condition&.to_gapi)
end

def hash

Other tags:

Private

def hash
  [
    @role,
    @members,
    @condition&.to_gapi
  ].hash
end

def initialize role:, members:, condition: nil

Parameters:

condition (Google::Cloud::Storage::Policy::Condition) -- The
members (Array) -- Specifies the identities requesting
role (String) -- Role that is assigned to members. For example,

def initialize role:, members:, condition: nil
  @role = String role
  @members = Array members
  raise ArgumentError, "members is empty, must be provided" if @members.empty?
  condition = Condition.new(**condition) if condition.is_a? Hash
  if condition && !(condition.is_a? Condition)
    raise ArgumentError, "expected Condition, not #{condition.inspect}"
  end
  @condition = condition
end

def members= new_members

Parameters:

new_members (Array) -- Specifies the identities requesting

def members= new_members
  new_members = Array new_members
  raise ArgumentError, "members is empty, must be provided" if new_members.empty?
  @members = new_members
end

def role= new_role

Parameters:

new_role (String) -- Role that is assigned to members. For example,

def role= new_role
  @role = String new_role
end

def to_gapi

Other tags:

Private

def to_gapi
  params = {
    role: @role,
    members: @members,
    condition: @condition&.to_gapi
  }.delete_if { |_, v| v.nil? }
  Google::Apis::StorageV1::Policy::Binding.new(**params)
end

Modules

Classes

class Google::Cloud::Storage::Policy::Binding

def <=> other

def condition= new_condition

def eql? other

def hash

def initialize role:, members:, condition: nil

def members= new_members

def role= new_role

def to_gapi

Namespace

Instance Methods

Defined in