Class: Google::Apis::CloudsearchV1::PrincipalProto

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/cloudsearch_v1/classes.rb,
lib/google/apis/cloudsearch_v1/representations.rb,
lib/google/apis/cloudsearch_v1/representations.rb

Overview

A Principal represents something to which permissions are assigned, often but not always a user or group of some kind. It is most appropriate for use in ACLs and authorization checks. Callers should prefer to use the wrapper classes in google3/security/credentials/public/principal.h google3/java/com/ google/security/credentials/Principal.java google3/security/credentials/go/ principal.go unless direct proto access is essential. If you update this protocol buffer, please update the wrapper classes as well.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ PrincipalProto

Returns a new instance of PrincipalProto.



12973
12974
12975
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12973

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#all_authenticated_usersGoogle::Apis::CloudsearchV1::AllAuthenticatedUsersProto

Represents a principal who has authenticated as any kind of user which the application understands. This is typically used for "wiki-like" security, where anyone is allowed access so long as they can be held accountable for that access. Since the purpose is knowing whom to blame, it is up to the application to decide what kinds of users it knows how to blame. For example, an application might choose to include GAIA users in "all authenticated users", but not include MDB users. Nothing here. Corresponds to the JSON property allAuthenticatedUsers

Returns:



12788
12789
12790
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12788

def all_authenticated_users
  @all_authenticated_users
end

#cap_token_holderGoogle::Apis::CloudsearchV1::CapTokenHolderProto

Represents a principal which possesses a particular secret string whose cryptographic hash is specified here. CapTokens ("Capability Tokens") are used in ACLProto. It's expected that ACLs with CapTokenHolders will strongly enforce them by Keystore-wrapping crypto keys for the corresponding CapTokens. Corresponds to the JSON property capTokenHolder

Returns:



12796
12797
12798
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12796

def cap_token_holder
  @cap_token_holder
end

#chatGoogle::Apis::CloudsearchV1::ChatProto

Represents the invitees or other users associated with a Babel Chat (see http:/ /goto/babel). Corresponds to GroupType CHAT in //social/graph/storage/proto/ data.proto. Corresponds to the JSON property chat

Returns:



12803
12804
12805
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12803

def chat
  @chat
end

#circleGoogle::Apis::CloudsearchV1::CircleProto

Represents a Google+ Circle. Currently (12/2011), a Circle is identical to the ContactGroup with matching parameters, but Circle must only be used for true Circles and not other Focus groups, and should be preferred over ContactGroup where applicable. Soon it may become more efficient to check membership in a Circle than in a ContactGroup (see http://go/superglue). Support for this principal type is currently (12/2011) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property circle

Returns:



12814
12815
12816
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12814

def circle
  @circle
end

#cloud_principalGoogle::Apis::CloudsearchV1::CloudPrincipalProto

Principal associated with a Cloud Principal representing third party user. Corresponds to the JSON property cloudPrincipal

Returns:



12819
12820
12821
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12819

def cloud_principal
  @cloud_principal
end

#contact_groupGoogle::Apis::CloudsearchV1::ContactGroupProto

A group of contacts for a given user, as described in http://cs/p#google3/ focus/backend/proto/backend.proto Historically (and in still-existing ACLs), this was used to represent Google+ circles as well as contact groups, but this use is now deprecated. New code should use the CIRCLE principal type to represent Google+ circles. Corresponds to the JSON property contactGroup

Returns:



12828
12829
12830
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12828

def contact_group
  @contact_group
end

#email_ownerGoogle::Apis::CloudsearchV1::EmailOwnerProto

Represents a verified owner of the given email address. Note that a single address may have many owners, and a single user may own many addresses. (All lower-case, in display form -- see com.google.gaia.client.GaiaEmail) Corresponds to the JSON property emailOwner

Returns:



12835
12836
12837
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12835

def email_owner
  @email_owner
end

#eventGoogle::Apis::CloudsearchV1::EventProto

Represents the invitees or other users associated with a Google+ Event (see http://goto/events-backend-design). Corresponds to the JSON property event

Returns:



12841
12842
12843
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12841

def event
  @event
end

#gaia_groupGoogle::Apis::CloudsearchV1::GaiaGroupProto

scope = GAIA_GROUP Corresponds to the JSON property gaiaGroup

Returns:



12846
12847
12848
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12846

def gaia_group
  @gaia_group
end

#gaia_userGoogle::Apis::CloudsearchV1::GaiaUserProto

A Gaia account, which may represent a user, device, service account, etc. For prod (@prod.google.com) accounts, use MdbUserProto instead. Corresponds to the JSON property gaiaUser

Returns:



12852
12853
12854
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12852

def gaia_user
  @gaia_user
end

#hostGoogle::Apis::CloudsearchV1::HostProto

Represents a single host. Optionally, the MDB owner of the host can be specified. Corresponds to the JSON property host

Returns:



12858
12859
12860
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12858

def host
  @host
end

#ldap_groupGoogle::Apis::CloudsearchV1::LdapGroupProto

scope = LDAP_GROUP Corresponds to the JSON property ldapGroup

Returns:



12863
12864
12865
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12863

def ldap_group
  @ldap_group
end

#ldap_userGoogle::Apis::CloudsearchV1::LdapUserProto

scope = LDAP_USER Corresponds to the JSON property ldapUser

Returns:



12868
12869
12870
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12868

def ldap_user
  @ldap_user
end

#mdb_groupGoogle::Apis::CloudsearchV1::MdbGroupProto

An entity from the MDB namespace that is to be interpreted as a group. If using this for authorization, you should do an exact match of the peer role against group_name or any of the names in the Chubby expansion of the MDB group named group_name. Corresponds to the JSON property mdbGroup

Returns:



12876
12877
12878
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12876

def mdb_group
  @mdb_group
end

#mdb_userGoogle::Apis::CloudsearchV1::MdbUserProto

An entity from the MDB namespace that is to be interpreted as a user. If using this for authorization, you should only do an exact match on the peer role against user_name. Corresponds to the JSON property mdbUser

Returns:



12883
12884
12885
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12883

def mdb_user
  @mdb_user
end

#oauth_consumerGoogle::Apis::CloudsearchV1::OAuthConsumerProto

Represents an OAuth consumer, a/k/a AuthSub target. These principals are identified by domain name (e.g., example.com). Historically, Dasher domain GAIA group IDs have been used instead, but that doesn't work: http://go/tricky- gaia-ids Corresponds to the JSON property oauthConsumer

Returns:



12891
12892
12893
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12891

def oauth_consumer
  @oauth_consumer
end

#postini_userGoogle::Apis::CloudsearchV1::PostiniUserProto

See http://s/?fileprint=//depot/google3/security/authentication/postini/ auth_token.proto Corresponds to the JSON property postiniUser

Returns:



12897
12898
12899
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12897

def postini_user
  @postini_user
end

#rbac_roleGoogle::Apis::CloudsearchV1::RbacRoleProto

Principal associated with a given RBAC role. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx-rbacz- design). Corresponds to the JSON property rbacRole

Returns:



12904
12905
12906
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12904

def rbac_role
  @rbac_role
end

#rbac_subjectGoogle::Apis::CloudsearchV1::RbacSubjectProto

Principal associated with a given RBAC subject. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx- rbacz-design). Corresponds to the JSON property rbacSubject

Returns:



12911
12912
12913
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12911

def rbac_subject
  @rbac_subject
end

#resource_roleGoogle::Apis::CloudsearchV1::ResourceRoleProto

A type of sharing target that points to some resource's ACL. Used to refer to the set of Principals that have the given privilege ('role_id') for the given resource ('application_id', 'object_id', 'object_part'). The meaning of ' role_id' is interpreted only by implementations of AclRpcService and is usually dependent on 'application_id' All fields except object_part are required. If present, object_part must be non-empty. Corresponds to the JSON property resourceRole

Returns:



12921
12922
12923
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12921

def resource_role
  @resource_role
end

#scopeString

This is only optional because required enums cannot be extended. Currently required. Corresponds to the JSON property scope

Returns:

  • (String) 


12927
12928
12929
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12927

def scope
  @scope
end

#signing_key_possessorGoogle::Apis::CloudsearchV1::SigningKeyPossessorProto

Represents a principal who possesses a signing key corresponding to the verification key or keyset described here. Corresponds to the JSON property signingKeyPossessor

Returns:



12933
12934
12935
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12933

def signing_key_possessor
  @signing_key_possessor
end

#simple_secret_holderGoogle::Apis::CloudsearchV1::SimpleSecretHolderProto

Represents a principal which possesses a particular, presumably secret, string. Useful for things like "auth keys," used for anonymous sharing. Since representing this principal with the actual secret included reveals the secret, it's best if the requisite condition is enforced in some other way, for example via Keystore wrapping attributes (Keystore will unwrap only if the specified secret, aka "attribute", is presented). All that's stored here is an identifying label. Corresponds to the JSON property simpleSecretHolder

Returns:



12944
12945
12946
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12944

def simple_secret_holder
  @simple_secret_holder
end

#social_graph_nodeGoogle::Apis::CloudsearchV1::SocialGraphNodeProto

Represents a user pseudonym. Pseudonyms are linked accounts on Google and third-party services (e.g. YouTube or Twitter) and are described by a Social Graph Node. Corresponds to the JSON property socialGraphNode

Returns:



12951
12952
12953
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12951

def social_graph_node
  @social_graph_node
end

#squareGoogle::Apis::CloudsearchV1::SquareProto

Represents the set of members (of a given type) in a Google+ Square (see http:/ /go/squares). A Square with default member_type is currently (1/2012) identical to the GaiaGroup with the same ID, but that is expected to change soon (see http://go/superglue). Support for this principal type is currently ( 1/2012) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property square

Returns:



12960
12961
12962
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12960

def square
  @square
end

#youtube_userGoogle::Apis::CloudsearchV1::YoutubeUserProto

scope = YOUTUBE_USER Corresponds to the JSON property youtubeUser

Returns:



12965
12966
12967
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12965

def youtube_user
  @youtube_user
end

#zwieback_sessionGoogle::Apis::CloudsearchV1::ZwiebackSessionProto

See go/zwieback. New uses of Zwieback sessions must be approved via go/ zwieback-request. Corresponds to the JSON property zwiebackSession

Returns:



12971
12972
12973
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12971

def zwieback_session
  @zwieback_session
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



12978
12979
12980
12981
12982
12983
12984
12985
12986
12987
12988
12989
12990
12991
12992
12993
12994
12995
12996
12997
12998
12999
13000
13001
13002
13003
13004
13005
13006
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12978

def update!(**args)
  @all_authenticated_users = args[:all_authenticated_users] if args.key?(:all_authenticated_users)
  @cap_token_holder = args[:cap_token_holder] if args.key?(:cap_token_holder)
  @chat = args[:chat] if args.key?(:chat)
  @circle = args[:circle] if args.key?(:circle)
  @cloud_principal = args[:cloud_principal] if args.key?(:cloud_principal)
  @contact_group = args[:contact_group] if args.key?(:contact_group)
  @email_owner = args[:email_owner] if args.key?(:email_owner)
  @event = args[:event] if args.key?(:event)
  @gaia_group = args[:gaia_group] if args.key?(:gaia_group)
  @gaia_user = args[:gaia_user] if args.key?(:gaia_user)
  @host = args[:host] if args.key?(:host)
  @ldap_group = args[:ldap_group] if args.key?(:ldap_group)
  @ldap_user = args[:ldap_user] if args.key?(:ldap_user)
  @mdb_group = args[:mdb_group] if args.key?(:mdb_group)
  @mdb_user = args[:mdb_user] if args.key?(:mdb_user)
  @oauth_consumer = args[:oauth_consumer] if args.key?(:oauth_consumer)
  @postini_user = args[:postini_user] if args.key?(:postini_user)
  @rbac_role = args[:rbac_role] if args.key?(:rbac_role)
  @rbac_subject = args[:rbac_subject] if args.key?(:rbac_subject)
  @resource_role = args[:resource_role] if args.key?(:resource_role)
  @scope = args[:scope] if args.key?(:scope)
  @signing_key_possessor = args[:signing_key_possessor] if args.key?(:signing_key_possessor)
  @simple_secret_holder = args[:simple_secret_holder] if args.key?(:simple_secret_holder)
  @social_graph_node = args[:social_graph_node] if args.key?(:social_graph_node)
  @square = args[:square] if args.key?(:square)
  @youtube_user = args[:youtube_user] if args.key?(:youtube_user)
  @zwieback_session = args[:zwieback_session] if args.key?(:zwieback_session)
end