Class: Google::Cloud::Bigquery::Dataset::Access

Inherits:

Object

• Object
• Google::Cloud::Bigquery::Dataset::Access

Defined in:

lib/google/cloud/bigquery/dataset/access.rb

Overview

Dataset Access Control

Represents the access control rules for a Google::Cloud::Bigquery::Dataset.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_group "owners@example.com"
  access.add_writer_user "writer@example.com"
  access.remove_writer_user "readers@example.com"
  access.add_reader_special :all_users
end

See Also:

• BigQuery Access Control

Instance Method Summary

• #add_owner_domain(domain) ⇒ Object

  Add owner access to a domain.

• #add_owner_group(email) ⇒ Object

  Add owner access to a group.

• #add_owner_iam_member(identity) ⇒ Object

  Add owner access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #add_owner_special(group) ⇒ Object

  Add owner access to a special group.

• #add_owner_user(email) ⇒ Object

  Add owner access to a user.

• #add_reader_domain(domain) ⇒ Object

  Add reader access to a domain.

• #add_reader_group(email) ⇒ Object

  Add reader access to a group.

• #add_reader_iam_member(identity) ⇒ Object

  Add reader access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #add_reader_routine(routine) ⇒ Object

  Add access to a routine from a different dataset.

• #add_reader_special(group) ⇒ Object

  Add reader access to a special group.

• #add_reader_user(email) ⇒ Object

  Add reader access to a user.

• #add_reader_view(view) ⇒ Object

  Add reader access to a view.

• #add_writer_domain(domain) ⇒ Object

  Add writer access to a domain.

• #add_writer_group(email) ⇒ Object

  Add writer access to a group.

• #add_writer_iam_member(identity) ⇒ Object

  Add writer access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #add_writer_special(group) ⇒ Object

  Add writer access to a special group.

• #add_writer_user(email) ⇒ Object

  Add writer access to a user.

• #owner_domain?(domain) ⇒ Boolean

  Checks owner access for a domain.

• #owner_group?(email) ⇒ Boolean

  Checks owner access for a group.

• #owner_iam_member?(identity) ⇒ Boolean

  Checks owner access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #owner_special?(group) ⇒ Boolean

  Checks owner access for a special group.

• #owner_user?(email) ⇒ Boolean

  Checks owner access for a user.

• #reader_domain?(domain) ⇒ Boolean

  Checks reader access for a domain.

• #reader_group?(email) ⇒ Boolean

  Checks reader access for a group.

• #reader_iam_member?(identity) ⇒ Boolean

  Checks reader access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #reader_routine?(routine) ⇒ Boolean

  Checks access for a routine from a different dataset.

• #reader_special?(group) ⇒ Boolean

  Checks reader access for a special group.

• #reader_user?(email) ⇒ Boolean

  Checks reader access for a user.

• #reader_view?(view) ⇒ Boolean

  Checks reader access for a view.

• #remove_owner_domain(domain) ⇒ Object

  Remove owner access from a domain.

• #remove_owner_group(email) ⇒ Object

  Remove owner access from a group.

• #remove_owner_iam_member(identity) ⇒ Object

  Remove owner access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #remove_owner_special(group) ⇒ Object

  Remove owner access from a special group.

• #remove_owner_user(email) ⇒ Object

  Remove owner access from a user.

• #remove_reader_domain(domain) ⇒ Object

  Remove reader access from a domain.

• #remove_reader_group(email) ⇒ Object

  Remove reader access from a group.

• #remove_reader_iam_member(identity) ⇒ Object

  Remove reader access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #remove_reader_routine(routine) ⇒ Object

  Remove reader access from a routine from a different dataset.

• #remove_reader_special(group) ⇒ Object

  Remove reader access from a special group.

• #remove_reader_user(email) ⇒ Object

  Remove reader access from a user.

• #remove_reader_view(view) ⇒ Object

  Remove reader access from a view.

• #remove_writer_domain(domain) ⇒ Object

  Remove writer access from a domain.

• #remove_writer_group(email) ⇒ Object

  Remove writer access from a group.

• #remove_writer_iam_member(identity) ⇒ Object

  Remove writer access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #remove_writer_special(group) ⇒ Object

  Remove writer access from a special group.

• #remove_writer_user(email) ⇒ Object

  Remove writer access from a user.

• #writer_domain?(domain) ⇒ Boolean

  Checks writer access for a domain.

• #writer_group?(email) ⇒ Boolean

  Checks writer access for a group.

• #writer_iam_member?(identity) ⇒ Boolean

  Checks writer access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

• #writer_special?(group) ⇒ Boolean

  Checks writer access for a special group.

• #writer_user?(email) ⇒ Boolean

  Checks writer access for a user.

Instance Method Details

#add_owner_domain(domain) ⇒ Object

Add owner access to a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_domain "example.com"
end

Parameters:

• domain (String) —

  A Cloud Identity domain.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 442

def add_owner_domain domain
  add_access_role_scope_value :owner, :domain, domain
end

#add_owner_group(email) ⇒ Object

Add owner access to a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_group "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 402

def add_owner_group email
  add_access_role_scope_value :owner, :group, email
end

#add_owner_iam_member(identity) ⇒ Object

Add owner access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_iam_member "entity@example.com"
end

Parameters:

• identity (String) —

  The identity reference.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 422

def add_owner_iam_member identity
  add_access_role_scope_value :owner, :iam_member, identity
end

#add_owner_special(group) ⇒ Object

Add owner access to a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_special :all_users
end

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 462

def add_owner_special group
  add_access_role_scope_value :owner, :special, group
end

#add_owner_user(email) ⇒ Object

Add owner access to a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_user "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 383

def add_owner_user email
  add_access_role_scope_value :owner, :user, email
end

#add_reader_domain(domain) ⇒ Object

Add reader access to a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_domain "example.com"
end

Parameters:

• domain (String) —

  A Cloud Identity domain.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 192

def add_reader_domain domain
  add_access_role_scope_value :reader, :domain, domain
end

#add_reader_group(email) ⇒ Object

Add reader access to a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_group "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 152

def add_reader_group email
  add_access_role_scope_value :reader, :group, email
end

#add_reader_iam_member(identity) ⇒ Object

Add reader access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_iam_member "entity@example.com"
end

Parameters:

• identity (String) —

  The identity reference.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 172

def add_reader_iam_member identity
  add_access_role_scope_value :reader, :iam_member, identity
end

#add_reader_routine(routine) ⇒ Object

Add access to a routine from a different dataset. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

routine = other_dataset.routine "my_routine"

dataset.access do |access|
  access.add_reader_routine routine
end

Parameters:

• routine (Google::Cloud::Bigquery::Routine) —

  A routine object.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 239

def add_reader_routine routine
  add_access_routine routine
end

#add_reader_special(group) ⇒ Object

Add reader access to a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_special :all_users
end

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 212

def add_reader_special group
  add_access_role_scope_value :reader, :special, group
end

#add_reader_user(email) ⇒ Object

Add reader access to a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_user "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 133

def add_reader_user email
  add_access_role_scope_value :reader, :user, email
end

#add_reader_view(view) ⇒ Object

Add reader access to a view.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

view = other_dataset.table "my_view", skip_lookup: true

dataset.access do |access|
  access.add_reader_view view
end

Parameters:

• view (Google::Cloud::Bigquery::Table, String) —

  A table object, or a string identifier as specified by the Standard SQL Query Reference (project-name.dataset_id.table_id) or the Legacy SQL Query Reference (project-name:dataset_id.table_id).

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 266

def add_reader_view view
  add_access_view view
end

#add_writer_domain(domain) ⇒ Object

Add writer access to a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_domain "example.com"
end

Parameters:

• domain (String) —

  A Cloud Identity domain.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 344

def add_writer_domain domain
  add_access_role_scope_value :writer, :domain, domain
end

#add_writer_group(email) ⇒ Object

Add writer access to a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_group "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 304

def add_writer_group email
  add_access_role_scope_value :writer, :group, email
end

#add_writer_iam_member(identity) ⇒ Object

Add writer access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_iam_member "entity@example.com"
end

Parameters:

• identity (String) —

  The identity reference.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 324

def add_writer_iam_member identity
  add_access_role_scope_value :writer, :iam_member, identity
end

#add_writer_special(group) ⇒ Object

Add writer access to a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_special :all_users
end

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 364

def add_writer_special group
  add_access_role_scope_value :writer, :special, group
end

#add_writer_user(email) ⇒ Object

Add writer access to a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_user "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 285

def add_writer_user email
  add_access_role_scope_value :writer, :user, email
end

#owner_domain?(domain) ⇒ Boolean

Checks owner access for a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_domain? "example.com" #=> false

Parameters:

• domain (String) —

  A Cloud Identity domain.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1117

def owner_domain? domain
  lookup_access_role_scope_value :owner, :domain, domain
end

#owner_group?(email) ⇒ Boolean

Checks owner access for a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_group? "entity@example.com" #=> false

Parameters:

• email (String) —

  The email address for the entity.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1079

def owner_group? email
  lookup_access_role_scope_value :owner, :group, email
end

#owner_iam_member?(identity) ⇒ Boolean

Checks owner access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_iam_member? "entity@example.com" #=> false

Parameters:

• identity (String) —

  The identity reference.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1098

def owner_iam_member? identity
  lookup_access_role_scope_value :owner, :iam_member, identity
end

#owner_special?(group) ⇒ Boolean

Checks owner access for a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_special? :all_users #=> false

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1136

def owner_special? group
  lookup_access_role_scope_value :owner, :special, group
end

#owner_user?(email) ⇒ Boolean

Checks owner access for a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_user? "entity@example.com" #=> false

Parameters:

• email (String) —

  The email address for the entity.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1061

def owner_user? email
  lookup_access_role_scope_value :owner, :user, email
end

#reader_domain?(domain) ⇒ Boolean

Checks reader access for a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_domain? "example.com" #=> false

Parameters:

• domain (String) —

  A Cloud Identity domain.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 879

def reader_domain? domain
  lookup_access_role_scope_value :reader, :domain, domain
end

#reader_group?(email) ⇒ Boolean

Checks reader access for a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_group? "entity@example.com" #=> false

Parameters:

• email (String) —

  The email address for the entity.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 841

def reader_group? email
  lookup_access_role_scope_value :reader, :group, email
end

#reader_iam_member?(identity) ⇒ Boolean

Checks reader access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_iam_member? "entity@example.com" #=> false

Parameters:

• identity (String) —

  The identity reference.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 860

def reader_iam_member? identity
  lookup_access_role_scope_value :reader, :iam_member, identity
end

#reader_routine?(routine) ⇒ Boolean

Checks access for a routine from a different dataset. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

routine = other_dataset.routine "my_routine", skip_lookup: true

access = dataset.access
access.reader_routine? routine #=> false

Parameters:

• routine (Google::Cloud::Bigquery::Routine) —

  A routine object.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 924

def reader_routine? routine
  lookup_access_routine routine
end

#reader_special?(group) ⇒ Boolean

Checks reader access for a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_special? :all_users #=> false

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 898

def reader_special? group
  lookup_access_role_scope_value :reader, :special, group
end

#reader_user?(email) ⇒ Boolean

Checks reader access for a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_user? "entity@example.com" #=> false

Parameters:

• email (String) —

  The email address for the entity.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 823

def reader_user? email
  lookup_access_role_scope_value :reader, :user, email
end

#reader_view?(view) ⇒ Boolean

Checks reader access for a view.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

view = other_dataset.table "my_view", skip_lookup: true

access = dataset.access
access.reader_view? view #=> false

Parameters:

• view (Google::Cloud::Bigquery::Table, String) —

  A table object, or a string identifier as specified by the Standard SQL Query Reference (project-name.dataset_id.table_id) or the Legacy SQL Query Reference (project-name:dataset_id.table_id).

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 950

def reader_view? view
  lookup_access_view view
end

#remove_owner_domain(domain) ⇒ Object

Remove owner access from a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_domain "example.com"
end

Parameters:

• domain (String) —

  A Cloud Identity domain.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 785

def remove_owner_domain domain
  remove_access_role_scope_value :owner, :domain, domain
end

#remove_owner_group(email) ⇒ Object

Remove owner access from a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_group "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 745

def remove_owner_group email
  remove_access_role_scope_value :owner, :group, email
end

#remove_owner_iam_member(identity) ⇒ Object

Remove owner access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_iam_member "entity@example.com"
end

Parameters:

• identity (String) —

  The identity reference.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 765

def remove_owner_iam_member identity
  remove_access_role_scope_value :owner, :iam_member, identity
end

#remove_owner_special(group) ⇒ Object

Remove owner access from a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_special :all_users
end

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 805

def remove_owner_special group
  remove_access_role_scope_value :owner, :special, group
end

#remove_owner_user(email) ⇒ Object

Remove owner access from a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_user "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 726

def remove_owner_user email
  remove_access_role_scope_value :owner, :user, email
end

#remove_reader_domain(domain) ⇒ Object

Remove reader access from a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_domain "example.com"
end

Parameters:

• domain (String) —

  A Cloud Identity domain.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 540

def remove_reader_domain domain
  remove_access_role_scope_value :reader, :domain, domain
end

#remove_reader_group(email) ⇒ Object

Remove reader access from a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_group "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 500

def remove_reader_group email
  remove_access_role_scope_value :reader, :group, email
end

#remove_reader_iam_member(identity) ⇒ Object

Remove reader access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_iam_member "entity@example.com"
end

Parameters:

• identity (String) —

  The identity reference.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 520

def remove_reader_iam_member identity
  remove_access_role_scope_value :reader, :iam_member, identity
end

#remove_reader_routine(routine) ⇒ Object

Remove reader access from a routine from a different dataset.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

routine = other_dataset.routine "my_routine", skip_lookup: true

dataset.access do |access|
  access.remove_reader_routine routine
end

Parameters:

• routine (Google::Cloud::Bigquery::Routine) —

  A routine object.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 582

def remove_reader_routine routine
  remove_access_routine routine
end

#remove_reader_special(group) ⇒ Object

Remove reader access from a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_special :all_users
end

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 560

def remove_reader_special group
  remove_access_role_scope_value :reader, :special, group
end

#remove_reader_user(email) ⇒ Object

Remove reader access from a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_user "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 481

def remove_reader_user email
  remove_access_role_scope_value :reader, :user, email
end

#remove_reader_view(view) ⇒ Object

Remove reader access from a view.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

view = other_dataset.table "my_view", skip_lookup: true

dataset.access do |access|
  access.remove_reader_view view
end

Parameters:

• view (Google::Cloud::Bigquery::Table, String) —

  A table object, or a string identifier as specified by the Standard SQL Query Reference (project-name.dataset_id.table_id) or the Legacy SQL Query Reference (project-name:dataset_id.table_id).

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 609

def remove_reader_view view
  remove_access_view view
end

#remove_writer_domain(domain) ⇒ Object

Remove writer access from a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_domain "example.com"
end

Parameters:

• domain (String) —

  A Cloud Identity domain.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 687

def remove_writer_domain domain
  remove_access_role_scope_value :writer, :domain, domain
end

#remove_writer_group(email) ⇒ Object

Remove writer access from a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_group "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 647

def remove_writer_group email
  remove_access_role_scope_value :writer, :group, email
end

#remove_writer_iam_member(identity) ⇒ Object

Remove writer access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_iam_member "entity@example.com"
end

Parameters:

• identity (String) —

  The identity reference.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 667

def remove_writer_iam_member identity
  remove_access_role_scope_value :writer, :iam_member, identity
end

#remove_writer_special(group) ⇒ Object

Remove writer access from a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_special :all_users
end

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 707

def remove_writer_special group
  remove_access_role_scope_value :writer, :special, group
end

#remove_writer_user(email) ⇒ Object

Remove writer access from a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_user "entity@example.com"
end

Parameters:

• email (String) —

  The email address for the entity.

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 628

def remove_writer_user email
  remove_access_role_scope_value :writer, :user, email
end

#writer_domain?(domain) ⇒ Boolean

Checks writer access for a domain.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_domain? "example.com" #=> false

Parameters:

• domain (String) —

  A Cloud Identity domain.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1024

def writer_domain? domain
  lookup_access_role_scope_value :writer, :domain, domain
end

#writer_group?(email) ⇒ Boolean

Checks writer access for a group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_group? "entity@example.com" #=> false

Parameters:

• email (String) —

  The email address for the entity.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 986

def writer_group? email
  lookup_access_role_scope_value :writer, :group, email
end

#writer_iam_member?(identity) ⇒ Boolean

Checks writer access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_iam_member? "entity@example.com" #=> false

Parameters:

• identity (String) —

  The identity reference.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1005

def writer_iam_member? identity
  lookup_access_role_scope_value :writer, :iam_member, identity
end

#writer_special?(group) ⇒ Boolean

Checks writer access for a special group.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_special? :all_users #=> false

Parameters:

• group (String) —

  Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 1043

def writer_special? group
  lookup_access_role_scope_value :writer, :special, group
end

#writer_user?(email) ⇒ Boolean

Checks writer access for a user.

Examples:

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_user? "entity@example.com" #=> false

Parameters:

• email (String) —

  The email address for the entity.

Returns:

• (Boolean)

# File 'lib/google/cloud/bigquery/dataset/access.rb', line 968

def writer_user? email
  lookup_access_role_scope_value :writer, :user, email
end