Class: Google::Cloud::Storage::Policy::Bindings

Inherits:

Object

• Object
• Google::Cloud::Storage::Policy::Bindings

Includes:

Enumerable

Defined in:

lib/google/cloud/storage/policy/bindings.rb

Overview

Bindings

Enumerable object for managing Cloud IAM bindings associated with a bucket.

Examples:

Updating a Policy from version 1 to version 3:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

bucket.uniform_bucket_level_access = true

bucket.policy requested_policy_version: 3 do |p|
  p.version # the value is 1
  p.version = 3 # Must be explicitly set to opt-in to support for conditions.

  expr = "resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")"
  p.bindings.insert({
                      role: "roles/storage.admin",
                      members: ["user:owner@example.com"],
                      condition: {
                        title: "my-condition",
                        description: "description of condition",
                        expression: expr
                      }
                    })
end

See Also:

• Cloud IAM Overview

Instance Method Summary

• #each {|binding| ... } ⇒ Enumerator

  Calls the block once for each binding in the collection, passing a Binding object as parameter.

• #insert(*bindings) ⇒ Bindings

  Adds a binding or bindings to the collection.

• #remove(*bindings) ⇒ Bindings

  Deletes the binding or bindings from the collection that are equal to the arguments.

Instance Method Details

#each {|binding| ... } ⇒ Enumerator

Calls the block once for each binding in the collection, passing a Google::Cloud::Storage::Policy::Binding object as parameter. A Google::Cloud::Storage::Policy::Binding object is passed even when the arguments to #insert were hash objects.

If no block is given, an enumerator is returned instead.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

policy = bucket.policy requested_policy_version: 3
policy.bindings.each do |binding|
  puts binding.role
end

Yields:

• (binding) —

  A binding in this bindings collection.

Yield Parameters:

• binding (Google::Cloud::Storage::Policy::Binding) —

  A binding object, even when the arguments to #insert were hash objects.

Returns:

• (Enumerator)

# File 'lib/google/cloud/storage/policy/bindings.rb', line 171

def each &block
  return enum_for :each unless block_given?

  @bindings.each(&block)
end

#insert(*bindings) ⇒ Bindings

Adds a binding or bindings to the collection. The arguments may be Google::Cloud::Storage::Policy::Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.

Examples:

Updating a Policy from version 1 to version 3:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

bucket.uniform_bucket_level_access = true

bucket.policy requested_policy_version: 3 do |p|
  p.version # the value is 1
  p.version = 3 # Must be explicitly set to opt-in to support for conditions.

  expr = "resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")"
  p.bindings.insert({
                      role: "roles/storage.admin",
                      members: ["user:owner@example.com"],
                      condition: {
                        title: "my-condition",
                        description: "description of condition",
                        expression: expr
                      }
                    })
end

Parameters:

• bindings (Google::Cloud::Storage::Policy::Binding, Hash) —

  One or more bindings to be added to the policy owning the collection. The arguments may be Google::Cloud::Storage::Policy::Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.

Returns:

• (Bindings) —

  self for chaining.

# File 'lib/google/cloud/storage/policy/bindings.rb', line 100

def insert *bindings
  bindings = coerce_bindings(*bindings)
  @bindings += bindings
  self
end

#remove(*bindings) ⇒ Bindings

Deletes the binding or bindings from the collection that are equal to the arguments. The specification arguments may be Google::Cloud::Storage::Policy::Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.

Examples:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

bucket.policy requested_policy_version: 3 do |p|
  expr = "resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")"
  p.bindings.remove({
                      role: "roles/storage.admin",
                      members: ["user:owner@example.com"],
                      condition: {
                        title: "my-condition",
                        description: "description of condition",
                        expression: expr
                      }
                    })
end

Parameters:

• bindings (Google::Cloud::Storage::Policy::Binding, Hash) —

  One or more specifications for bindings to be removed from the collection. The arguments may be Google::Cloud::Storage::Policy::Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.

Returns:

• (Bindings) —

  self for chaining.

# File 'lib/google/cloud/storage/policy/bindings.rb', line 139

def remove *bindings
  bindings = coerce_bindings(*bindings)
  @bindings -= bindings
  self
end