Examples with Policy com.google.cloud.Policy used on opensource projects

Example 11 with Policy

use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.

the class ResourceManagerImplTest method testGetPolicy.

@Test
public void testGetPolicy() {
    assertNull(RESOURCE_MANAGER.getPolicy(COMPLETE_PROJECT.getProjectId()));
    RESOURCE_MANAGER.create(COMPLETE_PROJECT);
    RESOURCE_MANAGER.replacePolicy(COMPLETE_PROJECT.getProjectId(), POLICY);
    Policy retrieved = RESOURCE_MANAGER.getPolicy(COMPLETE_PROJECT.getProjectId());
    assertEquals(POLICY.getBindings(), retrieved.getBindings());
    assertNotNull(retrieved.getEtag());
    assertEquals(0, retrieved.getVersion());
}

Example 12 with Policy

use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.

the class ITStorageTest method testBucketPolicy.

@Test
public void testBucketPolicy() {
    String projectId = remoteStorageHelper.getOptions().getProjectId();
    Identity projectOwner = Identity.projectOwner(projectId);
    Identity projectEditor = Identity.projectEditor(projectId);
    Identity projectViewer = Identity.projectViewer(projectId);
    Map<com.google.cloud.Role, Set<Identity>> bindingsWithoutPublicRead = ImmutableMap.of(StorageRoles.legacyBucketOwner(), (Set<Identity>) newHashSet(projectOwner, projectEditor), StorageRoles.legacyBucketReader(), newHashSet(projectViewer));
    Map<com.google.cloud.Role, Set<Identity>> bindingsWithPublicRead = ImmutableMap.of(StorageRoles.legacyBucketOwner(), (Set<Identity>) newHashSet(projectOwner, projectEditor), StorageRoles.legacyBucketReader(), newHashSet(projectViewer), StorageRoles.legacyObjectReader(), newHashSet(Identity.allUsers()));
    // Validate getting policy.
    Policy currentPolicy = storage.getIamPolicy(BUCKET);
    assertEquals(bindingsWithoutPublicRead, currentPolicy.getBindings());
    // Validate updating policy.
    Policy updatedPolicy = storage.setIamPolicy(BUCKET, currentPolicy.toBuilder().addIdentity(StorageRoles.legacyObjectReader(), Identity.allUsers()).build());
    assertEquals(bindingsWithPublicRead, updatedPolicy.getBindings());
    Policy revertedPolicy = storage.setIamPolicy(BUCKET, updatedPolicy.toBuilder().removeIdentity(StorageRoles.legacyObjectReader(), Identity.allUsers()).build());
    assertEquals(bindingsWithoutPublicRead, revertedPolicy.getBindings());
    // Validate testing permissions.
    List<Boolean> expectedPermissions = ImmutableList.of(true, true);
    assertEquals(expectedPermissions, storage.testIamPermissions(BUCKET, ImmutableList.of("storage.buckets.getIamPolicy", "storage.buckets.setIamPolicy")));
}

Example 13 with Policy

use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.

the class PolicyHelper method convertToApiPolicy.

static com.google.api.services.storage.model.Policy convertToApiPolicy(Policy policy) {
    List<Bindings> bindings = new ArrayList<>(policy.getBindings().size());
    for (Map.Entry<Role, Set<Identity>> entry : policy.getBindings().entrySet()) {
        List<String> members = new ArrayList<>(entry.getValue().size());
        for (Identity identity : entry.getValue()) {
            members.add(identity.strValue());
        }
        bindings.add(new Bindings().setMembers(members).setRole(entry.getKey().getValue()));
    }
    return new com.google.api.services.storage.model.Policy().setBindings(bindings).setEtag(policy.getEtag());
}

Example 14 with Policy

use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.

the class PolicyHelperTest method testEquivalence.

@Test
public void testEquivalence() {
    Policy libPolicy = Policy.newBuilder().addIdentity(StorageRoles.objectViewer(), Identity.allUsers()).addIdentity(StorageRoles.objectAdmin(), Identity.user("test1@gmail.com"), Identity.user("test2@gmail.com")).setEtag(ETAG).build();
    com.google.api.services.storage.model.Policy apiPolicy = new com.google.api.services.storage.model.Policy().setBindings(ImmutableList.of(new Bindings().setMembers(ImmutableList.of("allUsers")).setRole("roles/storage.objectViewer"), new Bindings().setMembers(ImmutableList.of("user:test1@gmail.com", "user:test2@gmail.com")).setRole("roles/storage.objectAdmin"))).setEtag(ETAG);
    Policy actualLibPolicy = PolicyHelper.convertFromApiPolicy(apiPolicy);
    com.google.api.services.storage.model.Policy actualApiPolicy = PolicyHelper.convertToApiPolicy(libPolicy);
    assertEquals(libPolicy, actualLibPolicy);
    assertTrue(new ApiPolicyMatcher(apiPolicy).matches(actualApiPolicy));
}

Example 15 with Policy

use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.

the class PolicyMarshaller method toPb.

@Override
protected com.google.api.services.cloudresourcemanager.model.Policy toPb(Policy policy) {
    com.google.api.services.cloudresourcemanager.model.Policy policyPb = new com.google.api.services.cloudresourcemanager.model.Policy();
    List<Binding> bindingPbList = new LinkedList<>();
    for (Map.Entry<Role, Set<Identity>> binding : policy.getBindings().entrySet()) {
        Binding bindingPb = new Binding();
        bindingPb.setRole(binding.getKey().getValue());
        bindingPb.setMembers(Lists.transform(new ArrayList<>(binding.getValue()), new Function<Identity, String>() {

            @Override
            public String apply(Identity identity) {
                return IDENTITY_STR_VALUE_FUNCTION.apply(identity);
            }
        }));
        bindingPbList.add(bindingPb);
    }
    policyPb.setBindings(bindingPbList);
    policyPb.setEtag(policy.getEtag());
    policyPb.setVersion(policy.getVersion());
    return policyPb;
}