use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ResourceManagerImplTest method testGetPolicy.
@Test
public void testGetPolicy() {
assertNull(RESOURCE_MANAGER.getPolicy(COMPLETE_PROJECT.getProjectId()));
RESOURCE_MANAGER.create(COMPLETE_PROJECT);
RESOURCE_MANAGER.replacePolicy(COMPLETE_PROJECT.getProjectId(), POLICY);
Policy retrieved = RESOURCE_MANAGER.getPolicy(COMPLETE_PROJECT.getProjectId());
assertEquals(POLICY.getBindings(), retrieved.getBindings());
assertNotNull(retrieved.getEtag());
assertEquals(0, retrieved.getVersion());
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITStorageTest method testBucketPolicy.
@Test
public void testBucketPolicy() {
String projectId = remoteStorageHelper.getOptions().getProjectId();
Identity projectOwner = Identity.projectOwner(projectId);
Identity projectEditor = Identity.projectEditor(projectId);
Identity projectViewer = Identity.projectViewer(projectId);
Map<com.google.cloud.Role, Set<Identity>> bindingsWithoutPublicRead = ImmutableMap.of(StorageRoles.legacyBucketOwner(), (Set<Identity>) newHashSet(projectOwner, projectEditor), StorageRoles.legacyBucketReader(), newHashSet(projectViewer));
Map<com.google.cloud.Role, Set<Identity>> bindingsWithPublicRead = ImmutableMap.of(StorageRoles.legacyBucketOwner(), (Set<Identity>) newHashSet(projectOwner, projectEditor), StorageRoles.legacyBucketReader(), newHashSet(projectViewer), StorageRoles.legacyObjectReader(), newHashSet(Identity.allUsers()));
// Validate getting policy.
Policy currentPolicy = storage.getIamPolicy(BUCKET);
assertEquals(bindingsWithoutPublicRead, currentPolicy.getBindings());
// Validate updating policy.
Policy updatedPolicy = storage.setIamPolicy(BUCKET, currentPolicy.toBuilder().addIdentity(StorageRoles.legacyObjectReader(), Identity.allUsers()).build());
assertEquals(bindingsWithPublicRead, updatedPolicy.getBindings());
Policy revertedPolicy = storage.setIamPolicy(BUCKET, updatedPolicy.toBuilder().removeIdentity(StorageRoles.legacyObjectReader(), Identity.allUsers()).build());
assertEquals(bindingsWithoutPublicRead, revertedPolicy.getBindings());
// Validate testing permissions.
List<Boolean> expectedPermissions = ImmutableList.of(true, true);
assertEquals(expectedPermissions, storage.testIamPermissions(BUCKET, ImmutableList.of("storage.buckets.getIamPolicy", "storage.buckets.setIamPolicy")));
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class PolicyHelper method convertToApiPolicy.
static com.google.api.services.storage.model.Policy convertToApiPolicy(Policy policy) {
List<Bindings> bindings = new ArrayList<>(policy.getBindings().size());
for (Map.Entry<Role, Set<Identity>> entry : policy.getBindings().entrySet()) {
List<String> members = new ArrayList<>(entry.getValue().size());
for (Identity identity : entry.getValue()) {
members.add(identity.strValue());
}
bindings.add(new Bindings().setMembers(members).setRole(entry.getKey().getValue()));
}
return new com.google.api.services.storage.model.Policy().setBindings(bindings).setEtag(policy.getEtag());
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class PolicyHelperTest method testEquivalence.
@Test
public void testEquivalence() {
Policy libPolicy = Policy.newBuilder().addIdentity(StorageRoles.objectViewer(), Identity.allUsers()).addIdentity(StorageRoles.objectAdmin(), Identity.user("test1@gmail.com"), Identity.user("test2@gmail.com")).setEtag(ETAG).build();
com.google.api.services.storage.model.Policy apiPolicy = new com.google.api.services.storage.model.Policy().setBindings(ImmutableList.of(new Bindings().setMembers(ImmutableList.of("allUsers")).setRole("roles/storage.objectViewer"), new Bindings().setMembers(ImmutableList.of("user:test1@gmail.com", "user:test2@gmail.com")).setRole("roles/storage.objectAdmin"))).setEtag(ETAG);
Policy actualLibPolicy = PolicyHelper.convertFromApiPolicy(apiPolicy);
com.google.api.services.storage.model.Policy actualApiPolicy = PolicyHelper.convertToApiPolicy(libPolicy);
assertEquals(libPolicy, actualLibPolicy);
assertTrue(new ApiPolicyMatcher(apiPolicy).matches(actualApiPolicy));
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class PolicyMarshaller method toPb.
@Override
protected com.google.api.services.cloudresourcemanager.model.Policy toPb(Policy policy) {
com.google.api.services.cloudresourcemanager.model.Policy policyPb = new com.google.api.services.cloudresourcemanager.model.Policy();
List<Binding> bindingPbList = new LinkedList<>();
for (Map.Entry<Role, Set<Identity>> binding : policy.getBindings().entrySet()) {
Binding bindingPb = new Binding();
bindingPb.setRole(binding.getKey().getValue());
bindingPb.setMembers(Lists.transform(new ArrayList<>(binding.getValue()), new Function<Identity, String>() {
@Override
public String apply(Identity identity) {
return IDENTITY_STR_VALUE_FUNCTION.apply(identity);
}
}));
bindingPbList.add(bindingPb);
}
policyPb.setBindings(bindingPbList);
policyPb.setEtag(policy.getEtag());
policyPb.setVersion(policy.getVersion());
return policyPb;
}
Aggregations