Class: Google::Apis::CloudsearchV1::PrincipalProto

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/cloudsearch_v1/classes.rb,
lib/google/apis/cloudsearch_v1/representations.rb,
lib/google/apis/cloudsearch_v1/representations.rb

Overview

A Principal represents something to which permissions are assigned, often but not always a user or group of some kind. It is most appropriate for use in ACLs and authorization checks. Callers should prefer to use the wrapper classes in google3/security/credentials/public/principal.h google3/java/com/ google/security/credentials/Principal.java google3/security/credentials/go/ principal.go unless direct proto access is essential. If you update this protocol buffer, please update the wrapper classes as well.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ PrincipalProto

Returns a new instance of PrincipalProto.



12991
12992
12993
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12991

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#all_authenticated_usersGoogle::Apis::CloudsearchV1::AllAuthenticatedUsersProto

Represents a principal who has authenticated as any kind of user which the application understands. This is typically used for "wiki-like" security, where anyone is allowed access so long as they can be held accountable for that access. Since the purpose is knowing whom to blame, it is up to the application to decide what kinds of users it knows how to blame. For example, an application might choose to include GAIA users in "all authenticated users", but not include MDB users. Nothing here. Corresponds to the JSON property allAuthenticatedUsers

Returns:



12806
12807
12808
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12806

def all_authenticated_users
  @all_authenticated_users
end

#cap_token_holderGoogle::Apis::CloudsearchV1::CapTokenHolderProto

Represents a principal which possesses a particular secret string whose cryptographic hash is specified here. CapTokens ("Capability Tokens") are used in ACLProto. It's expected that ACLs with CapTokenHolders will strongly enforce them by Keystore-wrapping crypto keys for the corresponding CapTokens. Corresponds to the JSON property capTokenHolder

Returns:



12814
12815
12816
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12814

def cap_token_holder
  @cap_token_holder
end

#chatGoogle::Apis::CloudsearchV1::ChatProto

Represents the invitees or other users associated with a Babel Chat (see http:/ /goto/babel). Corresponds to GroupType CHAT in //social/graph/storage/proto/ data.proto. Corresponds to the JSON property chat

Returns:



12821
12822
12823
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12821

def chat
  @chat
end

#circleGoogle::Apis::CloudsearchV1::CircleProto

Represents a Google+ Circle. Currently (12/2011), a Circle is identical to the ContactGroup with matching parameters, but Circle must only be used for true Circles and not other Focus groups, and should be preferred over ContactGroup where applicable. Soon it may become more efficient to check membership in a Circle than in a ContactGroup (see http://go/superglue). Support for this principal type is currently (12/2011) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property circle

Returns:



12832
12833
12834
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12832

def circle
  @circle
end

#cloud_principalGoogle::Apis::CloudsearchV1::CloudPrincipalProto

Principal associated with a Cloud Principal representing third party user. Corresponds to the JSON property cloudPrincipal

Returns:



12837
12838
12839
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12837

def cloud_principal
  @cloud_principal
end

#contact_groupGoogle::Apis::CloudsearchV1::ContactGroupProto

A group of contacts for a given user, as described in http://cs/p#google3/ focus/backend/proto/backend.proto Historically (and in still-existing ACLs), this was used to represent Google+ circles as well as contact groups, but this use is now deprecated. New code should use the CIRCLE principal type to represent Google+ circles. Corresponds to the JSON property contactGroup

Returns:



12846
12847
12848
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12846

def contact_group
  @contact_group
end

#email_ownerGoogle::Apis::CloudsearchV1::EmailOwnerProto

Represents a verified owner of the given email address. Note that a single address may have many owners, and a single user may own many addresses. (All lower-case, in display form -- see com.google.gaia.client.GaiaEmail) Corresponds to the JSON property emailOwner

Returns:



12853
12854
12855
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12853

def email_owner
  @email_owner
end

#eventGoogle::Apis::CloudsearchV1::EventProto

Represents the invitees or other users associated with a Google+ Event (see http://goto/events-backend-design). Corresponds to the JSON property event

Returns:



12859
12860
12861
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12859

def event
  @event
end

#gaia_groupGoogle::Apis::CloudsearchV1::GaiaGroupProto

scope = GAIA_GROUP Corresponds to the JSON property gaiaGroup

Returns:



12864
12865
12866
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12864

def gaia_group
  @gaia_group
end

#gaia_userGoogle::Apis::CloudsearchV1::GaiaUserProto

A Gaia account, which may represent a user, device, service account, etc. For prod (@prod.google.com) accounts, use MdbUserProto instead. Corresponds to the JSON property gaiaUser

Returns:



12870
12871
12872
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12870

def gaia_user
  @gaia_user
end

#hostGoogle::Apis::CloudsearchV1::HostProto

Represents a single host. Optionally, the MDB owner of the host can be specified. Corresponds to the JSON property host

Returns:



12876
12877
12878
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12876

def host
  @host
end

#ldap_groupGoogle::Apis::CloudsearchV1::LdapGroupProto

scope = LDAP_GROUP Corresponds to the JSON property ldapGroup

Returns:



12881
12882
12883
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12881

def ldap_group
  @ldap_group
end

#ldap_userGoogle::Apis::CloudsearchV1::LdapUserProto

scope = LDAP_USER Corresponds to the JSON property ldapUser

Returns:



12886
12887
12888
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12886

def ldap_user
  @ldap_user
end

#mdb_groupGoogle::Apis::CloudsearchV1::MdbGroupProto

An entity from the MDB namespace that is to be interpreted as a group. If using this for authorization, you should do an exact match of the peer role against group_name or any of the names in the Chubby expansion of the MDB group named group_name. Corresponds to the JSON property mdbGroup

Returns:



12894
12895
12896
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12894

def mdb_group
  @mdb_group
end

#mdb_userGoogle::Apis::CloudsearchV1::MdbUserProto

An entity from the MDB namespace that is to be interpreted as a user. If using this for authorization, you should only do an exact match on the peer role against user_name. Corresponds to the JSON property mdbUser

Returns:



12901
12902
12903
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12901

def mdb_user
  @mdb_user
end

#oauth_consumerGoogle::Apis::CloudsearchV1::OAuthConsumerProto

Represents an OAuth consumer, a/k/a AuthSub target. These principals are identified by domain name (e.g., example.com). Historically, Dasher domain GAIA group IDs have been used instead, but that doesn't work: http://go/tricky- gaia-ids Corresponds to the JSON property oauthConsumer

Returns:



12909
12910
12911
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12909

def oauth_consumer
  @oauth_consumer
end

#postini_userGoogle::Apis::CloudsearchV1::PostiniUserProto

See http://s/?fileprint=//depot/google3/security/authentication/postini/ auth_token.proto Corresponds to the JSON property postiniUser

Returns:



12915
12916
12917
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12915

def postini_user
  @postini_user
end

#rbac_roleGoogle::Apis::CloudsearchV1::RbacRoleProto

Principal associated with a given RBAC role. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx-rbacz- design). Corresponds to the JSON property rbacRole

Returns:



12922
12923
12924
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12922

def rbac_role
  @rbac_role
end

#rbac_subjectGoogle::Apis::CloudsearchV1::RbacSubjectProto

Principal associated with a given RBAC subject. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx- rbacz-design). Corresponds to the JSON property rbacSubject

Returns:



12929
12930
12931
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12929

def rbac_subject
  @rbac_subject
end

#resource_roleGoogle::Apis::CloudsearchV1::ResourceRoleProto

A type of sharing target that points to some resource's ACL. Used to refer to the set of Principals that have the given privilege ('role_id') for the given resource ('application_id', 'object_id', 'object_part'). The meaning of ' role_id' is interpreted only by implementations of AclRpcService and is usually dependent on 'application_id' All fields except object_part are required. If present, object_part must be non-empty. Corresponds to the JSON property resourceRole

Returns:



12939
12940
12941
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12939

def resource_role
  @resource_role
end

#scopeString

This is only optional because required enums cannot be extended. Currently required. Corresponds to the JSON property scope

Returns:

  • (String) 


12945
12946
12947
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12945

def scope
  @scope
end

#signing_key_possessorGoogle::Apis::CloudsearchV1::SigningKeyPossessorProto

Represents a principal who possesses a signing key corresponding to the verification key or keyset described here. Corresponds to the JSON property signingKeyPossessor

Returns:



12951
12952
12953
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12951

def signing_key_possessor
  @signing_key_possessor
end

#simple_secret_holderGoogle::Apis::CloudsearchV1::SimpleSecretHolderProto

Represents a principal which possesses a particular, presumably secret, string. Useful for things like "auth keys," used for anonymous sharing. Since representing this principal with the actual secret included reveals the secret, it's best if the requisite condition is enforced in some other way, for example via Keystore wrapping attributes (Keystore will unwrap only if the specified secret, aka "attribute", is presented). All that's stored here is an identifying label. Corresponds to the JSON property simpleSecretHolder

Returns:



12962
12963
12964
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12962

def simple_secret_holder
  @simple_secret_holder
end

#social_graph_nodeGoogle::Apis::CloudsearchV1::SocialGraphNodeProto

Represents a user pseudonym. Pseudonyms are linked accounts on Google and third-party services (e.g. YouTube or Twitter) and are described by a Social Graph Node. Corresponds to the JSON property socialGraphNode

Returns:



12969
12970
12971
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12969

def social_graph_node
  @social_graph_node
end

#squareGoogle::Apis::CloudsearchV1::SquareProto

Represents the set of members (of a given type) in a Google+ Square (see http:/ /go/squares). A Square with default member_type is currently (1/2012) identical to the GaiaGroup with the same ID, but that is expected to change soon (see http://go/superglue). Support for this principal type is currently ( 1/2012) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property square

Returns:



12978
12979
12980
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12978

def square
  @square
end

#youtube_userGoogle::Apis::CloudsearchV1::YoutubeUserProto

scope = YOUTUBE_USER Corresponds to the JSON property youtubeUser

Returns:



12983
12984
12985
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12983

def youtube_user
  @youtube_user
end

#zwieback_sessionGoogle::Apis::CloudsearchV1::ZwiebackSessionProto

See go/zwieback. New uses of Zwieback sessions must be approved via go/ zwieback-request. Corresponds to the JSON property zwiebackSession

Returns:



12989
12990
12991
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12989

def zwieback_session
  @zwieback_session
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



12996
12997
12998
12999
13000
13001
13002
13003
13004
13005
13006
13007
13008
13009
13010
13011
13012
13013
13014
13015
13016
13017
13018
13019
13020
13021
13022
13023
13024
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12996

def update!(**args)
  @all_authenticated_users = args[:all_authenticated_users] if args.key?(:all_authenticated_users)
  @cap_token_holder = args[:cap_token_holder] if args.key?(:cap_token_holder)
  @chat = args[:chat] if args.key?(:chat)
  @circle = args[:circle] if args.key?(:circle)
  @cloud_principal = args[:cloud_principal] if args.key?(:cloud_principal)
  @contact_group = args[:contact_group] if args.key?(:contact_group)
  @email_owner = args[:email_owner] if args.key?(:email_owner)
  @event = args[:event] if args.key?(:event)
  @gaia_group = args[:gaia_group] if args.key?(:gaia_group)
  @gaia_user = args[:gaia_user] if args.key?(:gaia_user)
  @host = args[:host] if args.key?(:host)
  @ldap_group = args[:ldap_group] if args.key?(:ldap_group)
  @ldap_user = args[:ldap_user] if args.key?(:ldap_user)
  @mdb_group = args[:mdb_group] if args.key?(:mdb_group)
  @mdb_user = args[:mdb_user] if args.key?(:mdb_user)
  @oauth_consumer = args[:oauth_consumer] if args.key?(:oauth_consumer)
  @postini_user = args[:postini_user] if args.key?(:postini_user)
  @rbac_role = args[:rbac_role] if args.key?(:rbac_role)
  @rbac_subject = args[:rbac_subject] if args.key?(:rbac_subject)
  @resource_role = args[:resource_role] if args.key?(:resource_role)
  @scope = args[:scope] if args.key?(:scope)
  @signing_key_possessor = args[:signing_key_possessor] if args.key?(:signing_key_possessor)
  @simple_secret_holder = args[:simple_secret_holder] if args.key?(:simple_secret_holder)
  @social_graph_node = args[:social_graph_node] if args.key?(:social_graph_node)
  @square = args[:square] if args.key?(:square)
  @youtube_user = args[:youtube_user] if args.key?(:youtube_user)
  @zwieback_session = args[:zwieback_session] if args.key?(:zwieback_session)
end