Class: Google::Apis::CloudsearchV1::PrincipalProto

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/cloudsearch_v1/classes.rb,
lib/google/apis/cloudsearch_v1/representations.rb,
lib/google/apis/cloudsearch_v1/representations.rb

Overview

A Principal represents something to which permissions are assigned, often but not always a user or group of some kind. It is most appropriate for use in ACLs and authorization checks. Callers should prefer to use the wrapper classes in google3/security/credentials/public/principal.h google3/java/com/ google/security/credentials/Principal.java google3/security/credentials/go/ principal.go unless direct proto access is essential. If you update this protocol buffer, please update the wrapper classes as well. LINT.IfChange

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ PrincipalProto

Returns a new instance of PrincipalProto.



15912
15913
15914
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15912

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#all_authenticated_usersGoogle::Apis::CloudsearchV1::AllAuthenticatedUsersProto

Represents a principal who has authenticated as any kind of user which the application understands. This is typically used for "wiki-like" security, where anyone is allowed access so long as they can be held accountable for that access. Since the purpose is knowing whom to blame, it is up to the application to decide what kinds of users it knows how to blame. For example, an application might choose to include GAIA users in "all authenticated users", but not include MDB users. Nothing here. Corresponds to the JSON property allAuthenticatedUsers

Returns:



15729
15730
15731
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15729

def all_authenticated_users
  @all_authenticated_users
end

#cap_token_holderGoogle::Apis::CloudsearchV1::CapTokenHolderProto

Represents a principal which possesses a particular secret string whose cryptographic hash is specified here. CapTokens ("Capability Tokens") are used in ACLProto. It's expected that ACLs with CapTokenHolders will strongly enforce them by Keystore-wrapping crypto keys for the corresponding CapTokens. Corresponds to the JSON property capTokenHolder

Returns:



15737
15738
15739
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15737

def cap_token_holder
  @cap_token_holder
end

#chatGoogle::Apis::CloudsearchV1::ChatProto

Represents the invitees or other users associated with a Babel Chat (see http:/ /goto/babel). Corresponds to GroupType CHAT in //social/graph/storage/proto/ data.proto. Corresponds to the JSON property chat

Returns:



15744
15745
15746
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15744

def chat
  @chat
end

#circleGoogle::Apis::CloudsearchV1::CircleProto

Represents a Google+ Circle. Currently (12/2011), a Circle is identical to the ContactGroup with matching parameters, but Circle must only be used for true Circles and not other Focus groups, and should be preferred over ContactGroup where applicable. Soon it may become more efficient to check membership in a Circle than in a ContactGroup (see http://go/superglue). Support for this principal type is currently (12/2011) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property circle

Returns:



15755
15756
15757
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15755

def circle
  @circle
end

#cloud_principalGoogle::Apis::CloudsearchV1::CloudPrincipalProto

Principal associated with a Cloud Principal representing third party user. Corresponds to the JSON property cloudPrincipal

Returns:



15760
15761
15762
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15760

def cloud_principal
  @cloud_principal
end

#contact_groupGoogle::Apis::CloudsearchV1::ContactGroupProto

A group of contacts for a given user, as described in http://cs/p#google3/ focus/backend/proto/backend.proto Historically (and in still-existing ACLs), this was used to represent Google+ circles as well as contact groups, but this use is now deprecated. New code should use the CIRCLE principal type to represent Google+ circles. Corresponds to the JSON property contactGroup

Returns:



15769
15770
15771
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15769

def contact_group
  @contact_group
end

#email_ownerGoogle::Apis::CloudsearchV1::EmailOwnerProto

Represents a verified owner of the given email address. Note that a single address may have many owners, and a single user may own many addresses. (All lower-case, in display form -- see com.google.gaia.client.GaiaEmail) Corresponds to the JSON property emailOwner

Returns:



15776
15777
15778
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15776

def email_owner
  @email_owner
end

#eventGoogle::Apis::CloudsearchV1::EventProto

Represents the invitees or other users associated with a Google+ Event (see http://goto/events-backend-design). Corresponds to the JSON property event

Returns:



15782
15783
15784
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15782

def event
  @event
end

#gaia_groupGoogle::Apis::CloudsearchV1::GaiaGroupProto

scope = GAIA_GROUP Corresponds to the JSON property gaiaGroup

Returns:



15787
15788
15789
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15787

def gaia_group
  @gaia_group
end

#gaia_userGoogle::Apis::CloudsearchV1::GaiaUserProto

A Gaia account, which may represent a user, device, service account, etc. For prod (@prod.google.com) accounts, use MdbUserProto instead. Corresponds to the JSON property gaiaUser

Returns:



15793
15794
15795
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15793

def gaia_user
  @gaia_user
end

#hostGoogle::Apis::CloudsearchV1::HostProto

Represents a single host. Optionally, the MDB owner of the host can be specified. Corresponds to the JSON property host

Returns:



15799
15800
15801
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15799

def host
  @host
end

#ldap_groupGoogle::Apis::CloudsearchV1::LdapGroupProto

scope = LDAP_GROUP Corresponds to the JSON property ldapGroup

Returns:



15804
15805
15806
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15804

def ldap_group
  @ldap_group
end

#ldap_userGoogle::Apis::CloudsearchV1::LdapUserProto

scope = LDAP_USER Corresponds to the JSON property ldapUser

Returns:



15809
15810
15811
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15809

def ldap_user
  @ldap_user
end

#mdb_groupGoogle::Apis::CloudsearchV1::MdbGroupProto

An entity from the MDB namespace that is to be interpreted as a group. If using this for authorization, you should do an exact match of the peer role against group_name or any of the names in the Chubby expansion of the MDB group named group_name. Corresponds to the JSON property mdbGroup

Returns:



15817
15818
15819
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15817

def mdb_group
  @mdb_group
end

#mdb_userGoogle::Apis::CloudsearchV1::MdbUserProto

An entity from the MDB namespace that is to be interpreted as a user. If using this for authorization, you should only do an exact match on the peer role against user_name. Corresponds to the JSON property mdbUser

Returns:



15824
15825
15826
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15824

def mdb_user
  @mdb_user
end

#oauth_consumerGoogle::Apis::CloudsearchV1::OAuthConsumerProto

Represents an OAuth consumer, a/k/a AuthSub target. These principals are identified by domain name (e.g., example.com). Historically, Dasher domain GAIA group IDs have been used instead, but that doesn't work: http://go/tricky- gaia-ids Corresponds to the JSON property oauthConsumer

Returns:



15832
15833
15834
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15832

def oauth_consumer
  @oauth_consumer
end

#postini_userGoogle::Apis::CloudsearchV1::PostiniUserProto

See http://s/?fileprint=//depot/google3/security/authentication/postini/ auth_token.proto Corresponds to the JSON property postiniUser

Returns:



15838
15839
15840
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15838

def postini_user
  @postini_user
end

#rbac_roleGoogle::Apis::CloudsearchV1::RbacRoleProto

Principal associated with a given RBAC role. This principal is used by Sphinx Provisioning Service for RBAC provisionable (go/sphinx-rbacz). Corresponds to the JSON property rbacRole

Returns:



15844
15845
15846
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15844

def rbac_role
  @rbac_role
end

#rbac_subjectGoogle::Apis::CloudsearchV1::RbacSubjectProto

Principal associated with a given RBAC subject. This principal is used by Sphinx Provisioning Service for RBAC provisionable (go/sphinx-rbacz). Corresponds to the JSON property rbacSubject

Returns:



15850
15851
15852
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15850

def rbac_subject
  @rbac_subject
end

#resource_roleGoogle::Apis::CloudsearchV1::ResourceRoleProto

A type of sharing target that points to some resource's ACL. Used to refer to the set of Principals that have the given privilege ('role_id') for the given resource ('application_id', 'object_id', 'object_part'). The meaning of ' role_id' is interpreted only by implementations of AclRpcService and is usually dependent on 'application_id' All fields except object_part are required. If present, object_part must be non-empty. Corresponds to the JSON property resourceRole

Returns:



15860
15861
15862
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15860

def resource_role
  @resource_role
end

#scopeString

This is only optional because required enums cannot be extended. Currently required. Corresponds to the JSON property scope

Returns:

  • (String) 


15866
15867
15868
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15866

def scope
  @scope
end

#signing_key_possessorGoogle::Apis::CloudsearchV1::SigningKeyPossessorProto

Represents a principal who possesses a signing key corresponding to the verification key or keyset described here. Corresponds to the JSON property signingKeyPossessor

Returns:



15872
15873
15874
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15872

def signing_key_possessor
  @signing_key_possessor
end

#simple_secret_holderGoogle::Apis::CloudsearchV1::SimpleSecretHolderProto

Represents a principal which possesses a particular, presumably secret, string. Useful for things like "auth keys," used for anonymous sharing. Since representing this principal with the actual secret included reveals the secret, it's best if the requisite condition is enforced in some other way, for example via Keystore wrapping attributes (Keystore will unwrap only if the specified secret, aka "attribute", is presented). All that's stored here is an identifying label. Corresponds to the JSON property simpleSecretHolder

Returns:



15883
15884
15885
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15883

def simple_secret_holder
  @simple_secret_holder
end

#social_graph_nodeGoogle::Apis::CloudsearchV1::SocialGraphNodeProto

Represents a user pseudonym. Pseudonyms are linked accounts on Google and third-party services (e.g. YouTube or Twitter) and are described by a Social Graph Node. Corresponds to the JSON property socialGraphNode

Returns:



15890
15891
15892
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15890

def social_graph_node
  @social_graph_node
end

#squareGoogle::Apis::CloudsearchV1::SquareProto

Represents the set of members (of a given type) in a Google+ Square (see http:/ /go/squares). A Square with default member_type is currently (1/2012) identical to the GaiaGroup with the same ID, but that is expected to change soon (see http://go/superglue). Support for this principal type is currently ( 1/2012) incomplete -- e.g., Keystore does not support it yet (see b/5703421). Corresponds to the JSON property square

Returns:



15899
15900
15901
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15899

def square
  @square
end

#youtube_userGoogle::Apis::CloudsearchV1::YoutubeUserProto

scope = YOUTUBE_USER Corresponds to the JSON property youtubeUser

Returns:



15904
15905
15906
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15904

def youtube_user
  @youtube_user
end

#zwieback_sessionGoogle::Apis::CloudsearchV1::ZwiebackSessionProto

See go/zwieback. New uses of Zwieback sessions must be approved via go/ zwieback-request. Corresponds to the JSON property zwiebackSession

Returns:



15910
15911
15912
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15910

def zwieback_session
  @zwieback_session
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



15917
15918
15919
15920
15921
15922
15923
15924
15925
15926
15927
15928
15929
15930
15931
15932
15933
15934
15935
15936
15937
15938
15939
15940
15941
15942
15943
15944
15945
 
# File 'lib/google/apis/cloudsearch_v1/classes.rb', line 15917

def update!(**args)
  @all_authenticated_users = args[:all_authenticated_users] if args.key?(:all_authenticated_users)
  @cap_token_holder = args[:cap_token_holder] if args.key?(:cap_token_holder)
  @chat = args[:chat] if args.key?(:chat)
  @circle = args[:circle] if args.key?(:circle)
  @cloud_principal = args[:cloud_principal] if args.key?(:cloud_principal)
  @contact_group = args[:contact_group] if args.key?(:contact_group)
  @email_owner = args[:email_owner] if args.key?(:email_owner)
  @event = args[:event] if args.key?(:event)
  @gaia_group = args[:gaia_group] if args.key?(:gaia_group)
  @gaia_user = args[:gaia_user] if args.key?(:gaia_user)
  @host = args[:host] if args.key?(:host)
  @ldap_group = args[:ldap_group] if args.key?(:ldap_group)
  @ldap_user = args[:ldap_user] if args.key?(:ldap_user)
  @mdb_group = args[:mdb_group] if args.key?(:mdb_group)
  @mdb_user = args[:mdb_user] if args.key?(:mdb_user)
  @oauth_consumer = args[:oauth_consumer] if args.key?(:oauth_consumer)
  @postini_user = args[:postini_user] if args.key?(:postini_user)
  @rbac_role = args[:rbac_role] if args.key?(:rbac_role)
  @rbac_subject = args[:rbac_subject] if args.key?(:rbac_subject)
  @resource_role = args[:resource_role] if args.key?(:resource_role)
  @scope = args[:scope] if args.key?(:scope)
  @signing_key_possessor = args[:signing_key_possessor] if args.key?(:signing_key_possessor)
  @simple_secret_holder = args[:simple_secret_holder] if args.key?(:simple_secret_holder)
  @social_graph_node = args[:social_graph_node] if args.key?(:social_graph_node)
  @square = args[:square] if args.key?(:square)
  @youtube_user = args[:youtube_user] if args.key?(:youtube_user)
  @zwieback_session = args[:zwieback_session] if args.key?(:zwieback_session)
end