Class: Google::Apis::CloudsearchV1::PrincipalProto

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/cloudsearch_v1/classes.rb,
lib/google/apis/cloudsearch_v1/representations.rb,
lib/google/apis/cloudsearch_v1/representations.rb

Overview

A Principal represents something to which permissions are assigned, often but not always a user or group of some kind. It is most appropriate for use in ACLs and authorization checks. Callers should prefer to use the wrapper classes in google3/security/credentials/public/principal.h google3/java/com/ google/security/credentials/Principal.java google3/security/credentials/go/ principal.go unless direct proto access is essential. If you update this protocol buffer, please update the wrapper classes as well.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ PrincipalProto

Returns a new instance of PrincipalProto.



12982
12983
12984
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12982

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#all_authenticated_usersGoogle::Apis::CloudsearchV1::AllAuthenticatedUsersProto

Represents a principal who has authenticated as any kind of user which the application understands. This is typically used for "wiki-like" security, where anyone is allowed access so long as they can be held accountable for that access. Since the purpose is knowing whom to blame, it is up to the application to decide what kinds of users it knows how to blame. For example, an application might choose to include GAIA users in "all authenticated users", but not include MDB users. Nothing here. Corresponds to the JSON property allAuthenticatedUsers

Returns:



12797
12798
12799
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12797

def all_authenticated_users
  @all_authenticated_users
end

#cap_token_holderGoogle::Apis::CloudsearchV1::CapTokenHolderProto

Represents a principal which possesses a particular secret string whose cryptographic hash is specified here. CapTokens ("Capability Tokens") are used in ACLProto. It's expected that ACLs with CapTokenHolders will strongly enforce them by Keystore-wrapping crypto keys for the corresponding CapTokens. Corresponds to the JSON property capTokenHolder

Returns:



12805
12806
12807
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12805

def cap_token_holder
  @cap_token_holder
end

#chatGoogle::Apis::CloudsearchV1::ChatProto

Represents the invitees or other users associated with a Babel Chat (see http:/ /goto/babel). Corresponds to GroupType CHAT in //social/graph/storage/proto/ data.proto. Corresponds to the JSON property chat

Returns:



12812
12813
12814
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12812

def chat
  @chat
end

#circleGoogle::Apis::CloudsearchV1::CircleProto

Represents a Google+ Circle. Currently (12/2011), a Circle is identical to the ContactGroup with matching parameters, but Circle must only be used for true Circles and not other Focus groups, and should be preferred over ContactGroup where applicable. Soon it may become more efficient to check membership in a Circle than in a ContactGroup (see http://go/superglue). Support for this principal type is currently (12/2011) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property circle

Returns:



12823
12824
12825
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12823

def circle
  @circle
end

#cloud_principalGoogle::Apis::CloudsearchV1::CloudPrincipalProto

Principal associated with a Cloud Principal representing third party user. Corresponds to the JSON property cloudPrincipal

Returns:



12828
12829
12830
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12828

def cloud_principal
  @cloud_principal
end

#contact_groupGoogle::Apis::CloudsearchV1::ContactGroupProto

A group of contacts for a given user, as described in http://cs/p#google3/ focus/backend/proto/backend.proto Historically (and in still-existing ACLs), this was used to represent Google+ circles as well as contact groups, but this use is now deprecated. New code should use the CIRCLE principal type to represent Google+ circles. Corresponds to the JSON property contactGroup

Returns:



12837
12838
12839
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12837

def contact_group
  @contact_group
end

#email_ownerGoogle::Apis::CloudsearchV1::EmailOwnerProto

Represents a verified owner of the given email address. Note that a single address may have many owners, and a single user may own many addresses. (All lower-case, in display form -- see com.google.gaia.client.GaiaEmail) Corresponds to the JSON property emailOwner

Returns:



12844
12845
12846
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12844

def email_owner
  @email_owner
end

#eventGoogle::Apis::CloudsearchV1::EventProto

Represents the invitees or other users associated with a Google+ Event (see http://goto/events-backend-design). Corresponds to the JSON property event

Returns:



12850
12851
12852
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12850

def event
  @event
end

#gaia_groupGoogle::Apis::CloudsearchV1::GaiaGroupProto

scope = GAIA_GROUP Corresponds to the JSON property gaiaGroup

Returns:



12855
12856
12857
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12855

def gaia_group
  @gaia_group
end

#gaia_userGoogle::Apis::CloudsearchV1::GaiaUserProto

A Gaia account, which may represent a user, device, service account, etc. For prod (@prod.google.com) accounts, use MdbUserProto instead. Corresponds to the JSON property gaiaUser

Returns:



12861
12862
12863
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12861

def gaia_user
  @gaia_user
end

#hostGoogle::Apis::CloudsearchV1::HostProto

Represents a single host. Optionally, the MDB owner of the host can be specified. Corresponds to the JSON property host

Returns:



12867
12868
12869
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12867

def host
  @host
end

#ldap_groupGoogle::Apis::CloudsearchV1::LdapGroupProto

scope = LDAP_GROUP Corresponds to the JSON property ldapGroup

Returns:



12872
12873
12874
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12872

def ldap_group
  @ldap_group
end

#ldap_userGoogle::Apis::CloudsearchV1::LdapUserProto

scope = LDAP_USER Corresponds to the JSON property ldapUser

Returns:



12877
12878
12879
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12877

def ldap_user
  @ldap_user
end

#mdb_groupGoogle::Apis::CloudsearchV1::MdbGroupProto

An entity from the MDB namespace that is to be interpreted as a group. If using this for authorization, you should do an exact match of the peer role against group_name or any of the names in the Chubby expansion of the MDB group named group_name. Corresponds to the JSON property mdbGroup

Returns:



12885
12886
12887
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12885

def mdb_group
  @mdb_group
end

#mdb_userGoogle::Apis::CloudsearchV1::MdbUserProto

An entity from the MDB namespace that is to be interpreted as a user. If using this for authorization, you should only do an exact match on the peer role against user_name. Corresponds to the JSON property mdbUser

Returns:



12892
12893
12894
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12892

def mdb_user
  @mdb_user
end

#oauth_consumerGoogle::Apis::CloudsearchV1::OAuthConsumerProto

Represents an OAuth consumer, a/k/a AuthSub target. These principals are identified by domain name (e.g., example.com). Historically, Dasher domain GAIA group IDs have been used instead, but that doesn't work: http://go/tricky- gaia-ids Corresponds to the JSON property oauthConsumer

Returns:



12900
12901
12902
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12900

def oauth_consumer
  @oauth_consumer
end

#postini_userGoogle::Apis::CloudsearchV1::PostiniUserProto

See http://s/?fileprint=//depot/google3/security/authentication/postini/ auth_token.proto Corresponds to the JSON property postiniUser

Returns:



12906
12907
12908
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12906

def postini_user
  @postini_user
end

#rbac_roleGoogle::Apis::CloudsearchV1::RbacRoleProto

Principal associated with a given RBAC role. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx-rbacz- design). Corresponds to the JSON property rbacRole

Returns:



12913
12914
12915
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12913

def rbac_role
  @rbac_role
end

#rbac_subjectGoogle::Apis::CloudsearchV1::RbacSubjectProto

Principal associated with a given RBAC subject. This principal is used by Sphinx Provisioning Service for RBAC (go/cedi-auth) provisionable (go/sphinx- rbacz-design). Corresponds to the JSON property rbacSubject

Returns:



12920
12921
12922
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12920

def rbac_subject
  @rbac_subject
end

#resource_roleGoogle::Apis::CloudsearchV1::ResourceRoleProto

A type of sharing target that points to some resource's ACL. Used to refer to the set of Principals that have the given privilege ('role_id') for the given resource ('application_id', 'object_id', 'object_part'). The meaning of ' role_id' is interpreted only by implementations of AclRpcService and is usually dependent on 'application_id' All fields except object_part are required. If present, object_part must be non-empty. Corresponds to the JSON property resourceRole

Returns:



12930
12931
12932
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12930

def resource_role
  @resource_role
end

#scopeString

This is only optional because required enums cannot be extended. Currently required. Corresponds to the JSON property scope

Returns:

  • (String) 


12936
12937
12938
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12936

def scope
  @scope
end

#signing_key_possessorGoogle::Apis::CloudsearchV1::SigningKeyPossessorProto

Represents a principal who possesses a signing key corresponding to the verification key or keyset described here. Corresponds to the JSON property signingKeyPossessor

Returns:



12942
12943
12944
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12942

def signing_key_possessor
  @signing_key_possessor
end

#simple_secret_holderGoogle::Apis::CloudsearchV1::SimpleSecretHolderProto

Represents a principal which possesses a particular, presumably secret, string. Useful for things like "auth keys," used for anonymous sharing. Since representing this principal with the actual secret included reveals the secret, it's best if the requisite condition is enforced in some other way, for example via Keystore wrapping attributes (Keystore will unwrap only if the specified secret, aka "attribute", is presented). All that's stored here is an identifying label. Corresponds to the JSON property simpleSecretHolder

Returns:



12953
12954
12955
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12953

def simple_secret_holder
  @simple_secret_holder
end

#social_graph_nodeGoogle::Apis::CloudsearchV1::SocialGraphNodeProto

Represents a user pseudonym. Pseudonyms are linked accounts on Google and third-party services (e.g. YouTube or Twitter) and are described by a Social Graph Node. Corresponds to the JSON property socialGraphNode

Returns:



12960
12961
12962
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12960

def social_graph_node
  @social_graph_node
end

#squareGoogle::Apis::CloudsearchV1::SquareProto

Represents the set of members (of a given type) in a Google+ Square (see http:/ /go/squares). A Square with default member_type is currently (1/2012) identical to the GaiaGroup with the same ID, but that is expected to change soon (see http://go/superglue). Support for this principal type is currently ( 1/2012) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property square

Returns:



12969
12970
12971
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12969

def square
  @square
end

#youtube_userGoogle::Apis::CloudsearchV1::YoutubeUserProto

scope = YOUTUBE_USER Corresponds to the JSON property youtubeUser

Returns:



12974
12975
12976
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12974

def youtube_user
  @youtube_user
end

#zwieback_sessionGoogle::Apis::CloudsearchV1::ZwiebackSessionProto

See go/zwieback. New uses of Zwieback sessions must be approved via go/ zwieback-request. Corresponds to the JSON property zwiebackSession

Returns:



12980
12981
12982
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12980

def zwieback_session
  @zwieback_session
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



12987
12988
12989
12990
12991
12992
12993
12994
12995
12996
12997
12998
12999
13000
13001
13002
13003
13004
13005
13006
13007
13008
13009
13010
13011
13012
13013
13014
13015
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 12987

def update!(**args)
  @all_authenticated_users = args[:all_authenticated_users] if args.key?(:all_authenticated_users)
  @cap_token_holder = args[:cap_token_holder] if args.key?(:cap_token_holder)
  @chat = args[:chat] if args.key?(:chat)
  @circle = args[:circle] if args.key?(:circle)
  @cloud_principal = args[:cloud_principal] if args.key?(:cloud_principal)
  @contact_group = args[:contact_group] if args.key?(:contact_group)
  @email_owner = args[:email_owner] if args.key?(:email_owner)
  @event = args[:event] if args.key?(:event)
  @gaia_group = args[:gaia_group] if args.key?(:gaia_group)
  @gaia_user = args[:gaia_user] if args.key?(:gaia_user)
  @host = args[:host] if args.key?(:host)
  @ldap_group = args[:ldap_group] if args.key?(:ldap_group)
  @ldap_user = args[:ldap_user] if args.key?(:ldap_user)
  @mdb_group = args[:mdb_group] if args.key?(:mdb_group)
  @mdb_user = args[:mdb_user] if args.key?(:mdb_user)
  @oauth_consumer = args[:oauth_consumer] if args.key?(:oauth_consumer)
  @postini_user = args[:postini_user] if args.key?(:postini_user)
  @rbac_role = args[:rbac_role] if args.key?(:rbac_role)
  @rbac_subject = args[:rbac_subject] if args.key?(:rbac_subject)
  @resource_role = args[:resource_role] if args.key?(:resource_role)
  @scope = args[:scope] if args.key?(:scope)
  @signing_key_possessor = args[:signing_key_possessor] if args.key?(:signing_key_possessor)
  @simple_secret_holder = args[:simple_secret_holder] if args.key?(:simple_secret_holder)
  @social_graph_node = args[:social_graph_node] if args.key?(:social_graph_node)
  @square = args[:square] if args.key?(:square)
  @youtube_user = args[:youtube_user] if args.key?(:youtube_user)
  @zwieback_session = args[:zwieback_session] if args.key?(:zwieback_session)
end