Class: Gcloud::Bigquery::Dataset::Access

Inherits:

Object

• Object
• Gcloud::Bigquery::Dataset::Access

Defined in:

lib/gcloud/bigquery/dataset/access.rb

Overview

# Dataset Access Control

Represents the Access rules for a Gcloud::Bigquery::Dataset.

Examples:

require "gcloud"

gcloud = Gcloud.new
bigquery = gcloud.bigquery
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_group "owners@example.com"
  access.add_writer_user "writer@example.com"
  access.remove_writer_user "readers@example.com"
  access.add_reader_special :all
  access.add_reader_view other_dataset_view_object
end

See Also:

• BigQuery Access Control

Constant Summary

ROLES =

{ "reader" => "READER",
"writer" => "WRITER",
"owner"  => "OWNER" }

SCOPES =

{ "user"           => :user_by_email,
"user_by_email"  => :user_by_email,
"userByEmail"    => :user_by_email,
"group"          => :group_by_email,
"group_by_email" => :group_by_email,
"groupByEmail"   => :group_by_email,
"domain"         => :domain,
"special"        => :special_group,
"special_group"  => :special_group,
"specialGroup"   => :special_group,
"view"           => :view }

GROUPS =

{ "owners"                  => "projectOwners",
"project_owners"          => "projectOwners",
"projectOwners"           => "projectOwners",
"readers"                 => "projectReaders",
"project_readers"         => "projectReaders",
"projectReaders"          => "projectReaders",
"writers"                 => "projectWriters",
"project_writers"         => "projectWriters",
"projectWriters"          => "projectWriters",
"all"                     => "allAuthenticatedUsers",
"all_authenticated_users" => "allAuthenticatedUsers",
"allAuthenticatedUsers"   => "allAuthenticatedUsers" }

Class Method Summary

• .from_gapi(gapi) ⇒ Object

Instance Method Summary

• #add_owner_domain(domain) ⇒ Object

  Add owner access to a domain.

• #add_owner_group(email) ⇒ Object

  Add owner access to a group.

• #add_owner_special(group) ⇒ Object

  Add owner access to a special group.

• #add_owner_user(email) ⇒ Object

  Add owner access to a user.

• #add_reader_domain(domain) ⇒ Object

  Add reader access to a domain.

• #add_reader_group(email) ⇒ Object

  Add reader access to a group.

• #add_reader_special(group) ⇒ Object

  Add reader access to a special group.

• #add_reader_user(email) ⇒ Object

  Add reader access to a user.

• #add_reader_view(view) ⇒ Object

  Add reader access to a view.

• #add_writer_domain(domain) ⇒ Object

  Add writer access to a domain.

• #add_writer_group(email) ⇒ Object

  Add writer access to a group.

• #add_writer_special(group) ⇒ Object

  Add writer access to a special group.

• #add_writer_user(email) ⇒ Object

  Add writer access to a user.

• #changed? ⇒ Boolean
• #empty? ⇒ Boolean
• #freeze ⇒ Object
• #initialize ⇒ Access constructor

  Initialized a new Access object.

• #owner_domain?(domain) ⇒ Boolean

  Checks owner access for a domain.

• #owner_group?(email) ⇒ Boolean

  Checks owner access for a group.

• #owner_special?(group) ⇒ Boolean

  Checks owner access for a special group.

• #owner_user?(email) ⇒ Boolean

  Checks owner access for a user.

• #reader_domain?(domain) ⇒ Boolean

  Checks reader access for a domain.

• #reader_group?(email) ⇒ Boolean

  Checks reader access for a group.

• #reader_special?(group) ⇒ Boolean

  Checks reader access for a special group.

• #reader_user?(email) ⇒ Boolean

  Checks reader access for a user.

• #reader_view?(view) ⇒ Boolean

  Checks reader access for a view.

• #remove_owner_domain(domain) ⇒ Object

  Remove owner access from a domain.

• #remove_owner_group(email) ⇒ Object

  Remove owner access from a group.

• #remove_owner_special(group) ⇒ Object

  Remove owner access from a special group.

• #remove_owner_user(email) ⇒ Object

  Remove owner access from a user.

• #remove_reader_domain(domain) ⇒ Object

  Remove reader access from a domain.

• #remove_reader_group(email) ⇒ Object

  Remove reader access from a group.

• #remove_reader_special(group) ⇒ Object

  Remove reader access from a special group.

• #remove_reader_user(email) ⇒ Object

  Remove reader access from a user.

• #remove_reader_view(view) ⇒ Object

  Remove reader access from a view.

• #remove_writer_domain(domain) ⇒ Object

  Remove writer access from a domain.

• #remove_writer_group(email) ⇒ Object

  Remove writer access from a group.

• #remove_writer_special(group) ⇒ Object

  Remove writer access from a special group.

• #remove_writer_user(email) ⇒ Object

  Remove writer access from a user.

• #to_a ⇒ Object
• #to_gapi ⇒ Object
• #writer_domain?(domain) ⇒ Boolean

  Checks writer access for a domain.

• #writer_group?(email) ⇒ Boolean

  Checks writer access for a group.

• #writer_special?(group) ⇒ Boolean

  Checks writer access for a special group.

• #writer_user?(email) ⇒ Boolean

  Checks writer access for a user.

Constructor Details

#initialize ⇒ Access

Initialized a new Access object. Must provide a valid Google::Apis::BigqueryV2::Dataset object. Access will mutate the gapi object.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 80

def initialize
  @rules = [] # easiest to do this in the constructor
  @original_rules_hashes = @rules.map(&:to_h)
end

Class Method Details

.from_gapi(gapi) ⇒ Object

# File 'lib/gcloud/bigquery/dataset/access.rb', line 367

def self.from_gapi gapi
  rules = Array gapi.access
  new.tap do |s|
    s.instance_variable_set :@rules, rules
    s.instance_variable_set :@original_rules_hashes,
                            rules.map(&:to_h)
    s.instance_variable_set :@dataset_reference,
                            gapi.dataset_reference
  end
end

Instance Method Details

#add_owner_domain(domain) ⇒ Object

Add owner access to a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 183

def add_owner_domain domain
  add_access_role_scope_value :owner, :domain, domain
end

#add_owner_group(email) ⇒ Object

Add owner access to a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 177

def add_owner_group email
  add_access_role_scope_value :owner, :group, email
end

#add_owner_special(group) ⇒ Object

Add owner access to a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 190

def add_owner_special group
  add_access_role_scope_value :owner, :special, group
end

#add_owner_user(email) ⇒ Object

Add owner access to a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 171

def add_owner_user email
  add_access_role_scope_value :owner, :user, email
end

#add_reader_domain(domain) ⇒ Object

Add reader access to a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 122

def add_reader_domain domain
  add_access_role_scope_value :reader, :domain, domain
end

#add_reader_group(email) ⇒ Object

Add reader access to a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 116

def add_reader_group email
  add_access_role_scope_value :reader, :group, email
end

#add_reader_special(group) ⇒ Object

Add reader access to a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 129

def add_reader_special group
  add_access_role_scope_value :reader, :special, group
end

#add_reader_user(email) ⇒ Object

Add reader access to a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 110

def add_reader_user email
  add_access_role_scope_value :reader, :user, email
end

#add_reader_view(view) ⇒ Object

Add reader access to a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 140

def add_reader_view view
  add_access_view view
end

#add_writer_domain(domain) ⇒ Object

Add writer access to a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 158

def add_writer_domain domain
  add_access_role_scope_value :writer, :domain, domain
end

#add_writer_group(email) ⇒ Object

Add writer access to a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 152

def add_writer_group email
  add_access_role_scope_value :writer, :group, email
end

#add_writer_special(group) ⇒ Object

Add writer access to a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 165

def add_writer_special group
  add_access_role_scope_value :writer, :special, group
end

#add_writer_user(email) ⇒ Object

Add writer access to a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 146

def add_writer_user email
  add_access_role_scope_value :writer, :user, email
end

#changed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 86

def changed?
  @original_rules_hashes != @rules.map(&:to_h)
end

#empty? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 91

def empty?
  @rules.empty?
end

#freeze ⇒ Object

# File 'lib/gcloud/bigquery/dataset/access.rb', line 96

def freeze
  @rules = @rules.map(&:dup).map(&:freeze)
  @rules.freeze
  super
end

#owner_domain?(domain) ⇒ Boolean

Checks owner access for a domain.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 355

def owner_domain? domain
  lookup_access_role_scope_value :owner, :domain, domain
end

#owner_group?(email) ⇒ Boolean

Checks owner access for a group.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 349

def owner_group? email
  lookup_access_role_scope_value :owner, :group, email
end

#owner_special?(group) ⇒ Boolean

Checks owner access for a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 362

def owner_special? group
  lookup_access_role_scope_value :owner, :special, group
end

#owner_user?(email) ⇒ Boolean

Checks owner access for a user.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 343

def owner_user? email
  lookup_access_role_scope_value :owner, :user, email
end

#reader_domain?(domain) ⇒ Boolean

Checks reader access for a domain.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 294

def reader_domain? domain
  lookup_access_role_scope_value :reader, :domain, domain
end

#reader_group?(email) ⇒ Boolean

Checks reader access for a group.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 288

def reader_group? email
  lookup_access_role_scope_value :reader, :group, email
end

#reader_special?(group) ⇒ Boolean

Checks reader access for a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 301

def reader_special? group
  lookup_access_role_scope_value :reader, :special, group
end

#reader_user?(email) ⇒ Boolean

Checks reader access for a user.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 282

def reader_user? email
  lookup_access_role_scope_value :reader, :user, email
end

#reader_view?(view) ⇒ Boolean

Checks reader access for a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 312

def reader_view? view
  lookup_access_view view
end

#remove_owner_domain(domain) ⇒ Object

Remove owner access from a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 269

def remove_owner_domain domain
  remove_access_role_scope_value :owner, :domain, domain
end

#remove_owner_group(email) ⇒ Object

Remove owner access from a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 263

def remove_owner_group email
  remove_access_role_scope_value :owner, :group, email
end

#remove_owner_special(group) ⇒ Object

Remove owner access from a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 276

def remove_owner_special group
  remove_access_role_scope_value :owner, :special, group
end

#remove_owner_user(email) ⇒ Object

Remove owner access from a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 257

def remove_owner_user email
  remove_access_role_scope_value :owner, :user, email
end

#remove_reader_domain(domain) ⇒ Object

Remove reader access from a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 208

def remove_reader_domain domain
  remove_access_role_scope_value :reader, :domain, domain
end

#remove_reader_group(email) ⇒ Object

Remove reader access from a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 202

def remove_reader_group email
  remove_access_role_scope_value :reader, :group, email
end

#remove_reader_special(group) ⇒ Object

Remove reader access from a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 215

def remove_reader_special group
  remove_access_role_scope_value :reader, :special, group
end

#remove_reader_user(email) ⇒ Object

Remove reader access from a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 196

def remove_reader_user email
  remove_access_role_scope_value :reader, :user, email
end

#remove_reader_view(view) ⇒ Object

Remove reader access from a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 226

def remove_reader_view view
  remove_access_view view
end

#remove_writer_domain(domain) ⇒ Object

Remove writer access from a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 244

def remove_writer_domain domain
  remove_access_role_scope_value :writer, :domain, domain
end

#remove_writer_group(email) ⇒ Object

Remove writer access from a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 238

def remove_writer_group email
  remove_access_role_scope_value :writer, :group, email
end

#remove_writer_special(group) ⇒ Object

Remove writer access from a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 251

def remove_writer_special group
  remove_access_role_scope_value :writer, :special, group
end

#remove_writer_user(email) ⇒ Object

Remove writer access from a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 232

def remove_writer_user email
  remove_access_role_scope_value :writer, :user, email
end

#to_a ⇒ Object

# File 'lib/gcloud/bigquery/dataset/access.rb', line 104

def to_a
  @rules.map(&:to_h)
end

#to_gapi ⇒ Object

# File 'lib/gcloud/bigquery/dataset/access.rb', line 379

def to_gapi
  @rules
end

#writer_domain?(domain) ⇒ Boolean

Checks writer access for a domain.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 330

def writer_domain? domain
  lookup_access_role_scope_value :writer, :domain, domain
end

#writer_group?(email) ⇒ Boolean

Checks writer access for a group.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 324

def writer_group? email
  lookup_access_role_scope_value :writer, :group, email
end

#writer_special?(group) ⇒ Boolean

Checks writer access for a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 337

def writer_special? group
  lookup_access_role_scope_value :writer, :special, group
end

#writer_user?(email) ⇒ Boolean

Checks writer access for a user.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 318

def writer_user? email
  lookup_access_role_scope_value :writer, :user, email
end