.setPolicy( com.google.iam.v1.Policy.newBuilder() .addBindings( com.google.iam.v1.Binding.newBuilder() .setRole("roles/bigtable.user") .addBindings( com.google.iam.v1.Binding.newBuilder() .setRole("roles/bigtable.user") .addMembers("user:someone@example.com")) .setEtag(ByteString.copyFromUtf8("my-etag")) .build();
@Override protected com.google.iam.v1.Policy toPb(Policy policy) { com.google.iam.v1.Policy.Builder policyBuilder = com.google.iam.v1.Policy.newBuilder(); List<com.google.iam.v1.Binding> bindingPbList = new LinkedList<>(); for (Map.Entry<Role, Set<Identity>> binding : policy.getBindings().entrySet()) { com.google.iam.v1.Binding.Builder bindingBuilder = com.google.iam.v1.Binding.newBuilder(); bindingBuilder.setRole(binding.getKey().getValue()); bindingBuilder.addAllMembers( Lists.transform( new ArrayList<>(binding.getValue()), new Function<Identity, String>() { @Override public String apply(Identity identity) { return IDENTITY_STR_VALUE_FUNCTION.apply(identity); } })); bindingPbList.add(bindingBuilder.build()); } policyBuilder.addAllBindings(bindingPbList); if (policy.etag != null) { policyBuilder.setEtag(ByteString.copyFrom(BaseEncoding.base64().decode(policy.etag))); } policyBuilder.setVersion(policy.version); return policyBuilder.build(); } }
@Override protected com.google.iam.v1.Policy toPb(Policy policy) { com.google.iam.v1.Policy.Builder policyBuilder = com.google.iam.v1.Policy.newBuilder(); List<com.google.iam.v1.Binding> bindingPbList = new LinkedList<>(); for (Map.Entry<Role, Set<Identity>> binding : policy.getBindings().entrySet()) { com.google.iam.v1.Binding.Builder bindingBuilder = com.google.iam.v1.Binding.newBuilder(); bindingBuilder.setRole(binding.getKey().getValue()); bindingBuilder.addAllMembers( Lists.transform( new ArrayList<>(binding.getValue()), new Function<Identity, String>() { @Override public String apply(Identity identity) { return IDENTITY_STR_VALUE_FUNCTION.apply(identity); } })); bindingPbList.add(bindingBuilder.build()); } policyBuilder.addAllBindings(bindingPbList); if (policy.etag != null) { policyBuilder.setEtag(ByteString.copyFrom(BaseEncoding.base64().decode(policy.etag))); } policyBuilder.setVersion(policy.version); return policyBuilder.build(); } }
.mergeFrom(iamPolicy) .addBindings(newBinding) .build();
.mergeFrom(iamPolicy) .addBindings(newBinding) .build();
.addAllBindings(newBindings) .build();
.addAllBindings(newBindings) .build();
Policy newPolicy = topicAdminClient.setIamPolicy( topic.toString(), policy.toBuilder().addBindings(binding).build()); assertTrue(newPolicy.getBindingsList().contains(binding)); String permissionName = "pubsub.topics.get";
@Test public void testGetIamPolicy() { // Setup com.google.iam.v1.GetIamPolicyRequest expectedRequest = com.google.iam.v1.GetIamPolicyRequest.newBuilder() .setResource(NameUtil.formatInstanceName(PROJECT_ID, INSTANCE_ID)) .build(); com.google.iam.v1.Policy expectedResponse = com.google.iam.v1.Policy.newBuilder() .addBindings( com.google.iam.v1.Binding.newBuilder() .setRole("roles/bigtable.user") .addMembers("user:someone@example.com")) .setEtag(ByteString.copyFromUtf8("my-etag")) .build(); Mockito.when(mockGetIamPolicyCallable.futureCall(expectedRequest)) .thenReturn(ApiFutures.immediateFuture(expectedResponse)); // Execute Policy actualResult = adminClient.getIamPolicy(INSTANCE_ID); // Verify assertThat(actualResult) .isEqualTo( Policy.newBuilder() .addIdentity(Role.of("bigtable.user"), Identity.user("someone@example.com")) .setEtag(BaseEncoding.base64().encode("my-etag".getBytes())) .build()); }
private static void ensureKmsKeyRingIamPermissionsForTests( IAMPolicyGrpc.IAMPolicyBlockingStub iamStub, String projectId, String location, String keyRingName) throws StatusRuntimeException { ServiceAccount serviceAccount = storage.getServiceAccount(projectId); String kmsKeyRingResourcePath = KeyRingName.of(projectId, location, keyRingName).toString(); Binding binding = Binding.newBuilder() .setRole("roles/cloudkms.cryptoKeyEncrypterDecrypter") .addMembers("serviceAccount:" + serviceAccount.getEmail()) .build(); com.google.iam.v1.Policy policy = com.google.iam.v1.Policy.newBuilder().addBindings(binding).build(); SetIamPolicyRequest setIamPolicyRequest = SetIamPolicyRequest.newBuilder() .setResource(kmsKeyRingResourcePath) .setPolicy(policy) .build(); requestParamsHeader.put(requestParamsKey, "parent=" + kmsKeyRingResourcePath); iamStub = MetadataUtils.attachHeaders(iamStub, requestParamsHeader); iamStub.setIamPolicy(setIamPolicyRequest); }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("21"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockInstanceAdmin.addResponse(expectedResponse); String formattedResource = InstanceName.format("[PROJECT]", "[INSTANCE]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(formattedResource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockInstanceAdmin.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(formattedResource, actualRequest.getResource()); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("21"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockSecurityCenter.addResponse(expectedResponse); SourceName resource = SourceName.of("[ORGANIZATION]", "[SOURCE]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(resource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockSecurityCenter.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(resource, SourceName.parse(actualRequest.getResource())); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("21"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockIAMPolicy.addResponse(expectedResponse); KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(resource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockIAMPolicy.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(Objects.toString(resource), Objects.toString(actualRequest.getResource())); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("21"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockCloudTasks.addResponse(expectedResponse); QueueName resource = QueueName.of("[PROJECT]", "[LOCATION]", "[QUEUE]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(resource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockCloudTasks.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(Objects.toString(resource), Objects.toString(actualRequest.getResource())); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }
@Test public void testTopicPolicy() { ProjectTopicName topicName = ProjectTopicName.of(projectId, formatForTest("testing-topic-policy")); topicAdminClient.createTopic(topicName); Policy policy = topicAdminClient.getIamPolicy(topicName.toString()); Binding binding = Binding.newBuilder().setRole("roles/viewer").addMembers("allAuthenticatedUsers").build(); Policy newPolicy = topicAdminClient.setIamPolicy( topicName.toString(), policy.toBuilder().addBindings(binding).build()); assertThat(newPolicy.getBindingsList()).contains(binding); String permissionName = "pubsub.topics.get"; List<String> permissions = topicAdminClient .testIamPermissions(topicName.toString(), Collections.singletonList(permissionName)) .getPermissionsList(); assertThat(permissions).contains(permissionName); topicAdminClient.deleteTopic(topicName); }
/** Example of replacing a subscription policy. */ public Policy replaceSubscriptionPolicy(String subscriptionId) throws Exception { // [START pubsub_set_subscription_policy] try (SubscriptionAdminClient subscriptionAdminClient = SubscriptionAdminClient.create()) { ProjectSubscriptionName subscriptionName = ProjectSubscriptionName.of(projectId, subscriptionId); Policy policy = subscriptionAdminClient.getIamPolicy(subscriptionName.toString()); // Create a role => members binding Binding binding = Binding.newBuilder() .setRole(Role.viewer().toString()) .addMembers(Identity.allAuthenticatedUsers().toString()) .build(); // Update policy Policy updatedPolicy = policy.toBuilder().addBindings(binding).build(); updatedPolicy = subscriptionAdminClient.setIamPolicy(subscriptionName.toString(), updatedPolicy); return updatedPolicy; } // [END pubsub_set_subscription_policy] }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("21"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockIAMPolicy.addResponse(expectedResponse); String formattedResource = ProjectTopicName.format("[PROJECT]", "[TOPIC]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(formattedResource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockIAMPolicy.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(formattedResource, actualRequest.getResource()); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("etag3123477"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockBigtableInstanceAdmin.addResponse(expectedResponse); String formattedResource = InstanceName.format("[PROJECT]", "[INSTANCE]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(formattedResource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockBigtableInstanceAdmin.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(formattedResource, actualRequest.getResource()); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("21"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockDeviceManager.addResponse(expectedResponse); RegistryName resource = RegistryName.of("[PROJECT]", "[LOCATION]", "[REGISTRY]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(resource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockDeviceManager.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(Objects.toString(resource), Objects.toString(actualRequest.getResource())); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }
@Test @SuppressWarnings("all") public void setIamPolicyTest() { int version = 351608024; ByteString etag = ByteString.copyFromUtf8("21"); Policy expectedResponse = Policy.newBuilder().setVersion(version).setEtag(etag).build(); mockContainerAnalysisV1Beta1.addResponse(expectedResponse); IamResourceName resource = NoteName.of("[PROJECT]", "[NOTE]"); Policy policy = Policy.newBuilder().build(); Policy actualResponse = client.setIamPolicy(resource, policy); Assert.assertEquals(expectedResponse, actualResponse); List<GeneratedMessageV3> actualRequests = mockContainerAnalysisV1Beta1.getRequests(); Assert.assertEquals(1, actualRequests.size()); SetIamPolicyRequest actualRequest = (SetIamPolicyRequest) actualRequests.get(0); Assert.assertEquals(resource, IamResourceNames.parse(actualRequest.getResource())); Assert.assertEquals(policy, actualRequest.getPolicy()); Assert.assertTrue( channelProvider.isHeaderSent( ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern())); }