/** Example of adding a member to the Bucket-level IAM */ public Policy addBucketIamMember(String bucketName, Role role, Identity identity) { // [START add_bucket_iam_member] // Initialize a Cloud Storage client Storage storage = StorageOptions.getDefaultInstance().getService(); // Get IAM Policy for a bucket Policy policy = storage.getIamPolicy(bucketName); // Add identity to Bucket-level IAM role Policy updatedPolicy = storage.setIamPolicy(bucketName, policy.toBuilder().addIdentity(role, identity).build()); if (updatedPolicy.getBindings().get(role).contains(identity)) { System.out.printf("Added %s with role %s to %s\n", identity, role, bucketName); } // [END add_bucket_iam_member] return updatedPolicy; }
/** Example of removing a member from the Bucket-level IAM */ public Policy removeBucketIamMember(String bucketName, Role role, Identity identity) { // [START remove_bucket_iam_member] // Initialize a Cloud Storage client Storage storage = StorageOptions.getDefaultInstance().getService(); // Get IAM Policy for a bucket Policy policy = storage.getIamPolicy(bucketName); // Remove an identity from a Bucket-level IAM role Policy updatedPolicy = storage.setIamPolicy(bucketName, policy.toBuilder().removeIdentity(role, identity).build()); if (updatedPolicy.getBindings().get(role) == null || !updatedPolicy.getBindings().get(role).contains(identity)) { System.out.printf("Removed %s with role %s from %s\n", identity, role, bucketName); } // [END remove_bucket_iam_member] return updatedPolicy; } }
public static void main(String... args) { // Create Resource Manager service object // By default, credentials are inferred from the runtime environment. ResourceManager resourceManager = ResourceManagerOptions.getDefaultInstance().getService(); // Get a project from the server String projectId = "some-project-id"; // Use an existing project's ID Project project = resourceManager.get(projectId); // Get the project's policy Policy policy = project.getPolicy(); // Add a viewer Policy.Builder modifiedPolicy = policy.toBuilder(); Identity newViewer = Identity.user("<insert user's email address here>"); modifiedPolicy.addIdentity(Role.viewer(), newViewer); // Write policy Policy updatedPolicy = project.replacePolicy(modifiedPolicy.build()); // Print policy System.out.printf("Updated policy for %s: %n%s%n", projectId, updatedPolicy); } }
Map<Role, Set<Identity>> editorBinding = ImmutableMap.<Role, Set<Identity>>builder().put(EDITOR, BINDINGS.get(EDITOR)).build(); Policy policy = FULL_POLICY.toBuilder().setBindings(editorBinding).build(); assertEquals(editorBinding, policy.getBindings()); assertEquals("etag", policy.getEtag()); assertEquals(1, policy.getVersion()); policy = SIMPLE_POLICY.toBuilder().removeRole(EDITOR).build(); assertEquals(ImmutableMap.of(VIEWER, BINDINGS.get(VIEWER)), policy.getBindings()); assertNull(policy.getEtag()); policy = policy .toBuilder() .removeIdentity(VIEWER, USER, ALL_USERS) .addIdentity(VIEWER, DOMAIN, GROUP)
BUCKET_NAME1, currentPolicy .toBuilder() .addIdentity(StorageRoles.admin(), Identity.group("test-group@gmail.com")) .build());
@Test public void testEqualsHashCode() { assertNotNull(FULL_POLICY); Policy emptyPolicy = Policy.newBuilder().build(); Policy anotherPolicy = Policy.newBuilder().build(); assertEquals(emptyPolicy, anotherPolicy); assertEquals(emptyPolicy.hashCode(), anotherPolicy.hashCode()); assertNotEquals(FULL_POLICY, SIMPLE_POLICY); assertNotEquals(FULL_POLICY.hashCode(), SIMPLE_POLICY.hashCode()); Policy copy = SIMPLE_POLICY.toBuilder().build(); assertEquals(SIMPLE_POLICY, copy); assertEquals(SIMPLE_POLICY.hashCode(), copy.hashCode()); }