use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITBucketSnippets method testAddBucketIamMemeber.
@Test
public void testAddBucketIamMemeber() {
// Test a member is added to Bucket-level IAM
Policy policy = storage.getIamPolicy(BUCKET);
policy = storage.setIamPolicy(BUCKET, policy.toBuilder().removeRole(StorageRoles.admin()).build());
assertNull(policy.getBindings().get(StorageRoles.admin()));
Policy snippetPolicy = bucketIamSnippets.addBucketIamMember(BUCKET, StorageRoles.admin(), Identity.user(USER_EMAIL));
assertTrue(snippetPolicy.getBindings().get(StorageRoles.admin()).contains(Identity.user(USER_EMAIL)));
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITBucketSnippets method testListBucketIamMembers.
@Test
public void testListBucketIamMembers() {
// Test an added Bucket-level IAM member is listed
Policy policy = storage.getIamPolicy(BUCKET);
policy = storage.setIamPolicy(BUCKET, policy.toBuilder().removeRole(StorageRoles.admin()).build());
assertNull(policy.getBindings().get(StorageRoles.admin()));
policy = storage.setIamPolicy(BUCKET, policy.toBuilder().addIdentity(StorageRoles.admin(), Identity.user(USER_EMAIL)).build());
assertTrue(policy.getBindings().get(StorageRoles.admin()).contains(Identity.user(USER_EMAIL)));
Policy snippetPolicy = bucketIamSnippets.listBucketIamMembers(BUCKET);
assertTrue(snippetPolicy.getBindings().get(StorageRoles.admin()).contains(Identity.user(USER_EMAIL)));
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class PolicyMarshallerTest method testToAndFromPb.
@Test
public void testToAndFromPb() {
assertEquals(FULL_POLICY, PolicyMarshaller.INSTANCE.fromPb(PolicyMarshaller.INSTANCE.toPb(FULL_POLICY)));
assertEquals(SIMPLE_POLICY, PolicyMarshaller.INSTANCE.fromPb(PolicyMarshaller.INSTANCE.toPb(SIMPLE_POLICY)));
com.google.api.services.cloudresourcemanager.model.Policy policyPb = new com.google.api.services.cloudresourcemanager.model.Policy();
Policy policy = PolicyMarshaller.INSTANCE.fromPb(policyPb);
assertTrue(policy.getBindings().isEmpty());
assertNull(policy.getEtag());
assertEquals(0, policy.getVersion());
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ResourceManagerImplTest method testReplacePolicy.
@Test
public void testReplacePolicy() {
try {
RESOURCE_MANAGER.replacePolicy("nonexistent-project", POLICY);
fail("Project doesn't exist.");
} catch (ResourceManagerException e) {
assertEquals(403, e.getCode());
assertTrue(e.getMessage().endsWith("project was not found."));
}
RESOURCE_MANAGER.create(PARTIAL_PROJECT);
Policy oldPolicy = RESOURCE_MANAGER.getPolicy(PARTIAL_PROJECT.getProjectId());
RESOURCE_MANAGER.replacePolicy(PARTIAL_PROJECT.getProjectId(), POLICY);
try {
RESOURCE_MANAGER.replacePolicy(PARTIAL_PROJECT.getProjectId(), oldPolicy);
fail("Policy with an invalid etag didn't cause error.");
} catch (ResourceManagerException e) {
assertEquals(409, e.getCode());
assertTrue(e.getMessage().contains("Policy etag mismatch"));
}
String originalEtag = RESOURCE_MANAGER.getPolicy(PARTIAL_PROJECT.getProjectId()).getEtag();
Policy newPolicy = RESOURCE_MANAGER.replacePolicy(PARTIAL_PROJECT.getProjectId(), POLICY);
assertEquals(POLICY.getBindings(), newPolicy.getBindings());
assertNotNull(newPolicy.getEtag());
assertNotEquals(originalEtag, newPolicy.getEtag());
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class StorageImplTest method testSetIamPolicy.
@Test
public void testSetIamPolicy() {
com.google.api.services.storage.model.Policy preCommitApiPolicy = new com.google.api.services.storage.model.Policy().setBindings(ImmutableList.of(new Bindings().setMembers(ImmutableList.of("allUsers")).setRole("roles/storage.objectViewer"), new Bindings().setMembers(ImmutableList.of("user:test1@gmail.com", "user:test2@gmail.com")).setRole("roles/storage.objectAdmin"), new Bindings().setMembers(ImmutableList.of("group:test-group@gmail.com")).setRole("roles/storage.admin"))).setEtag(POLICY_ETAG1);
// postCommitApiPolicy is identical but for the etag, which has been updated.
com.google.api.services.storage.model.Policy postCommitApiPolicy = new com.google.api.services.storage.model.Policy().setBindings(ImmutableList.of(new Bindings().setMembers(ImmutableList.of("allUsers")).setRole("roles/storage.objectViewer"), new Bindings().setMembers(ImmutableList.of("user:test1@gmail.com", "user:test2@gmail.com")).setRole("roles/storage.objectAdmin"), new Bindings().setMembers(ImmutableList.of("group:test-group@gmail.com")).setRole("roles/storage.admin"))).setEtag(POLICY_ETAG2);
Policy postCommitLibPolicy = Policy.newBuilder().addIdentity(StorageRoles.objectViewer(), Identity.allUsers()).addIdentity(StorageRoles.objectAdmin(), Identity.user("test1@gmail.com"), Identity.user("test2@gmail.com")).addIdentity(StorageRoles.admin(), Identity.group("test-group@gmail.com")).setEtag(POLICY_ETAG2).build();
EasyMock.expect(storageRpcMock.getIamPolicy(BUCKET_NAME1)).andReturn(API_POLICY1);
EasyMock.expect(storageRpcMock.setIamPolicy(eq(BUCKET_NAME1), eqApiPolicy(preCommitApiPolicy))).andReturn(postCommitApiPolicy);
EasyMock.replay(storageRpcMock);
initializeService();
Policy currentPolicy = storage.getIamPolicy(BUCKET_NAME1);
Policy updatedPolicy = storage.setIamPolicy(BUCKET_NAME1, currentPolicy.toBuilder().addIdentity(StorageRoles.admin(), Identity.group("test-group@gmail.com")).build());
assertEquals(updatedPolicy, postCommitLibPolicy);
}
Aggregations