Class: Google::Apis::CloudsearchV1::PrincipalProto

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/cloudsearch_v1/classes.rb,
lib/google/apis/cloudsearch_v1/representations.rb,
lib/google/apis/cloudsearch_v1/representations.rb

Overview

A Principal represents something to which permissions are assigned, often but not always a user or group of some kind. It is most appropriate for use in ACLs and authorization checks. Callers should prefer to use the wrapper classes in google3/security/credentials/public/principal.h google3/java/com/ google/security/credentials/Principal.java google3/security/credentials/go/ principal.go unless direct proto access is essential. If you update this protocol buffer, please update the wrapper classes as well.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ PrincipalProto

Returns a new instance of PrincipalProto.



12898
12899
12900
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12898

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#all_authenticated_usersGoogle::Apis::CloudsearchV1::AllAuthenticatedUsersProto

Represents a principal who has authenticated as any kind of user which the application understands. This is typically used for "wiki-like" security, where anyone is allowed access so long as they can be held accountable for that access. Since the purpose is knowing whom to blame, it is up to the application to decide what kinds of users it knows how to blame. For example, an application might choose to include GAIA users in "all authenticated users", but not include MDB users. Nothing here. Corresponds to the JSON property allAuthenticatedUsers

Returns:



12713
12714
12715
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12713

def all_authenticated_users
  @all_authenticated_users
end

#cap_token_holderGoogle::Apis::CloudsearchV1::CapTokenHolderProto

Represents a principal which possesses a particular secret string whose cryptographic hash is specified here. CapTokens ("Capability Tokens") are used in ACLProto. It's expected that ACLs with CapTokenHolders will strongly enforce them by Keystore-wrapping crypto keys for the corresponding CapTokens. Corresponds to the JSON property capTokenHolder

Returns:



12721
12722
12723
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12721

def cap_token_holder
  @cap_token_holder
end

#chatGoogle::Apis::CloudsearchV1::ChatProto

Represents the invitees or other users associated with a Babel Chat (see http:/ /goto/babel). Corresponds to GroupType CHAT in //social/graph/storage/proto/ data.proto. Corresponds to the JSON property chat

Returns:



12728
12729
12730
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12728

def chat
  @chat
end

#circleGoogle::Apis::CloudsearchV1::CircleProto

Represents a Google+ Circle. Currently (12/2011), a Circle is identical to the ContactGroup with matching parameters, but Circle must only be used for true Circles and not other Focus groups, and should be preferred over ContactGroup where applicable. Soon it may become more efficient to check membership in a Circle than in a ContactGroup (see http://go/superglue). Support for this principal type is currently (12/2011) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property circle

Returns:



12739
12740
12741
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12739

def circle
  @circle
end

#cloud_principalGoogle::Apis::CloudsearchV1::CloudPrincipalProto

Principal associated with a Cloud Principal representing third party user. Corresponds to the JSON property cloudPrincipal

Returns:



12744
12745
12746
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12744

def cloud_principal
  @cloud_principal
end

#contact_groupGoogle::Apis::CloudsearchV1::ContactGroupProto

A group of contacts for a given user, as described in http://cs/p#google3/ focus/backend/proto/backend.proto Historically (and in still-existing ACLs), this was used to represent Google+ circles as well as contact groups, but this use is now deprecated. New code should use the CIRCLE principal type to represent Google+ circles. Corresponds to the JSON property contactGroup

Returns:



12753
12754
12755
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12753

def contact_group
  @contact_group
end

#email_ownerGoogle::Apis::CloudsearchV1::EmailOwnerProto

Represents a verified owner of the given email address. Note that a single address may have many owners, and a single user may own many addresses. (All lower-case, in display form -- see com.google.gaia.client.GaiaEmail) Corresponds to the JSON property emailOwner

Returns:



12760
12761
12762
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12760

def email_owner
  @email_owner
end

#eventGoogle::Apis::CloudsearchV1::EventProto

Represents the invitees or other users associated with a Google+ Event (see http://goto/events-backend-design). Corresponds to the JSON property event

Returns:



12766
12767
12768
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12766

def event
  @event
end

#gaia_groupGoogle::Apis::CloudsearchV1::GaiaGroupProto

scope = GAIA_GROUP Corresponds to the JSON property gaiaGroup

Returns:



12771
12772
12773
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12771

def gaia_group
  @gaia_group
end

#gaia_userGoogle::Apis::CloudsearchV1::GaiaUserProto

A Gaia account, which may represent a user, device, service account, etc. For prod (@prod.google.com) accounts, use MdbUserProto instead. Corresponds to the JSON property gaiaUser

Returns:



12777
12778
12779
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12777

def gaia_user
  @gaia_user
end

#hostGoogle::Apis::CloudsearchV1::HostProto

Represents a single host. Optionally, the MDB owner of the host can be specified. Corresponds to the JSON property host

Returns:



12783
12784
12785
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12783

def host
  @host
end

#ldap_groupGoogle::Apis::CloudsearchV1::LdapGroupProto

scope = LDAP_GROUP Corresponds to the JSON property ldapGroup

Returns:



12788
12789
12790
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12788

def ldap_group
  @ldap_group
end

#ldap_userGoogle::Apis::CloudsearchV1::LdapUserProto

scope = LDAP_USER Corresponds to the JSON property ldapUser

Returns:



12793
12794
12795
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12793

def ldap_user
  @ldap_user
end

#mdb_groupGoogle::Apis::CloudsearchV1::MdbGroupProto

An entity from the MDB namespace that is to be interpreted as a group. If using this for authorization, you should do an exact match of the peer role against group_name or any of the names in the Chubby expansion of the MDB group named group_name. Corresponds to the JSON property mdbGroup

Returns:



12801
12802
12803
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12801

def mdb_group
  @mdb_group
end

#mdb_userGoogle::Apis::CloudsearchV1::MdbUserProto

An entity from the MDB namespace that is to be interpreted as a user. If using this for authorization, you should only do an exact match on the peer role against user_name. Corresponds to the JSON property mdbUser

Returns:



12808
12809
12810
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12808

def mdb_user
  @mdb_user
end

#oauth_consumerGoogle::Apis::CloudsearchV1::OAuthConsumerProto

Represents an OAuth consumer, a/k/a AuthSub target. These principals are identified by domain name (e.g., example.com). Historically, Dasher domain GAIA group IDs have been used instead, but that doesn't work: http://go/tricky- gaia-ids Corresponds to the JSON property oauthConsumer

Returns:



12816
12817
12818
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12816

def oauth_consumer
  @oauth_consumer
end

#postini_userGoogle::Apis::CloudsearchV1::PostiniUserProto

See http://s/?fileprint=//depot/google3/security/authentication/postini/ auth_token.proto Corresponds to the JSON property postiniUser

Returns:



12822
12823
12824
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12822

def postini_user
  @postini_user
end

#rbac_roleGoogle::Apis::CloudsearchV1::RbacRoleProto

Principal associated with a given RBAC role. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx-rbacz- design). Corresponds to the JSON property rbacRole

Returns:



12829
12830
12831
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12829

def rbac_role
  @rbac_role
end

#rbac_subjectGoogle::Apis::CloudsearchV1::RbacSubjectProto

Principal associated with a given RBAC subject. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx- rbacz-design). Corresponds to the JSON property rbacSubject

Returns:



12836
12837
12838
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12836

def rbac_subject
  @rbac_subject
end

#resource_roleGoogle::Apis::CloudsearchV1::ResourceRoleProto

A type of sharing target that points to some resource's ACL. Used to refer to the set of Principals that have the given privilege ('role_id') for the given resource ('application_id', 'object_id', 'object_part'). The meaning of ' role_id' is interpreted only by implementations of AclRpcService and is usually dependent on 'application_id' All fields except object_part are required. If present, object_part must be non-empty. Corresponds to the JSON property resourceRole

Returns:



12846
12847
12848
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12846

def resource_role
  @resource_role
end

#scopeString

This is only optional because required enums cannot be extended. Currently required. Corresponds to the JSON property scope

Returns:

  • (String) 


12852
12853
12854
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12852

def scope
  @scope
end

#signing_key_possessorGoogle::Apis::CloudsearchV1::SigningKeyPossessorProto

Represents a principal who possesses a signing key corresponding to the verification key or keyset described here. Corresponds to the JSON property signingKeyPossessor

Returns:



12858
12859
12860
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12858

def signing_key_possessor
  @signing_key_possessor
end

#simple_secret_holderGoogle::Apis::CloudsearchV1::SimpleSecretHolderProto

Represents a principal which possesses a particular, presumably secret, string. Useful for things like "auth keys," used for anonymous sharing. Since representing this principal with the actual secret included reveals the secret, it's best if the requisite condition is enforced in some other way, for example via Keystore wrapping attributes (Keystore will unwrap only if the specified secret, aka "attribute", is presented). All that's stored here is an identifying label. Corresponds to the JSON property simpleSecretHolder

Returns:



12869
12870
12871
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12869

def simple_secret_holder
  @simple_secret_holder
end

#social_graph_nodeGoogle::Apis::CloudsearchV1::SocialGraphNodeProto

Represents a user pseudonym. Pseudonyms are linked accounts on Google and third-party services (e.g. YouTube or Twitter) and are described by a Social Graph Node. Corresponds to the JSON property socialGraphNode

Returns:



12876
12877
12878
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12876

def social_graph_node
  @social_graph_node
end

#squareGoogle::Apis::CloudsearchV1::SquareProto

Represents the set of members (of a given type) in a Google+ Square (see http:/ /go/squares). A Square with default member_type is currently (1/2012) identical to the GaiaGroup with the same ID, but that is expected to change soon (see http://go/superglue). Support for this principal type is currently ( 1/2012) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property square

Returns:



12885
12886
12887
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12885

def square
  @square
end

#youtube_userGoogle::Apis::CloudsearchV1::YoutubeUserProto

scope = YOUTUBE_USER Corresponds to the JSON property youtubeUser

Returns:



12890
12891
12892
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12890

def youtube_user
  @youtube_user
end

#zwieback_sessionGoogle::Apis::CloudsearchV1::ZwiebackSessionProto

See go/zwieback. New uses of Zwieback sessions must be approved via go/ zwieback-request. Corresponds to the JSON property zwiebackSession

Returns:



12896
12897
12898
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12896

def zwieback_session
  @zwieback_session
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



12903
12904
12905
12906
12907
12908
12909
12910
12911
12912
12913
12914
12915
12916
12917
12918
12919
12920
12921
12922
12923
12924
12925
12926
12927
12928
12929
12930
12931
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12903

def update!(**args)
  @all_authenticated_users = args[:all_authenticated_users] if args.key?(:all_authenticated_users)
  @cap_token_holder = args[:cap_token_holder] if args.key?(:cap_token_holder)
  @chat = args[:chat] if args.key?(:chat)
  @circle = args[:circle] if args.key?(:circle)
  @cloud_principal = args[:cloud_principal] if args.key?(:cloud_principal)
  @contact_group = args[:contact_group] if args.key?(:contact_group)
  @email_owner = args[:email_owner] if args.key?(:email_owner)
  @event = args[:event] if args.key?(:event)
  @gaia_group = args[:gaia_group] if args.key?(:gaia_group)
  @gaia_user = args[:gaia_user] if args.key?(:gaia_user)
  @host = args[:host] if args.key?(:host)
  @ldap_group = args[:ldap_group] if args.key?(:ldap_group)
  @ldap_user = args[:ldap_user] if args.key?(:ldap_user)
  @mdb_group = args[:mdb_group] if args.key?(:mdb_group)
  @mdb_user = args[:mdb_user] if args.key?(:mdb_user)
  @oauth_consumer = args[:oauth_consumer] if args.key?(:oauth_consumer)
  @postini_user = args[:postini_user] if args.key?(:postini_user)
  @rbac_role = args[:rbac_role] if args.key?(:rbac_role)
  @rbac_subject = args[:rbac_subject] if args.key?(:rbac_subject)
  @resource_role = args[:resource_role] if args.key?(:resource_role)
  @scope = args[:scope] if args.key?(:scope)
  @signing_key_possessor = args[:signing_key_possessor] if args.key?(:signing_key_possessor)
  @simple_secret_holder = args[:simple_secret_holder] if args.key?(:simple_secret_holder)
  @social_graph_node = args[:social_graph_node] if args.key?(:social_graph_node)
  @square = args[:square] if args.key?(:square)
  @youtube_user = args[:youtube_user] if args.key?(:youtube_user)
  @zwieback_session = args[:zwieback_session] if args.key?(:zwieback_session)
end