gcloud 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. checksums.yaml +8 -8
  2. data/CHANGELOG.md +21 -0
  3. data/lib/gcloud.rb +0 -5
  4. data/lib/gcloud/bigquery.rb +31 -62
  5. data/lib/gcloud/bigquery/connection.rb +58 -35
  6. data/lib/gcloud/bigquery/dataset.rb +147 -18
  7. data/lib/gcloud/bigquery/dataset/access.rb +477 -0
  8. data/lib/gcloud/bigquery/dataset/list.rb +1 -1
  9. data/lib/gcloud/bigquery/errors.rb +2 -0
  10. data/lib/gcloud/bigquery/job.rb +30 -6
  11. data/lib/gcloud/bigquery/job/list.rb +1 -1
  12. data/lib/gcloud/bigquery/project.rb +47 -8
  13. data/lib/gcloud/bigquery/query_job.rb +1 -5
  14. data/lib/gcloud/bigquery/table.rb +185 -47
  15. data/lib/gcloud/bigquery/table/list.rb +1 -1
  16. data/lib/gcloud/bigquery/table/schema.rb +252 -0
  17. data/lib/gcloud/bigquery/view.rb +25 -0
  18. data/lib/gcloud/datastore/connection.rb +4 -0
  19. data/lib/gcloud/datastore/dataset.rb +5 -2
  20. data/lib/gcloud/datastore/errors.rb +1 -1
  21. data/lib/gcloud/datastore/properties.rb +1 -0
  22. data/lib/gcloud/datastore/proto.rb +3 -0
  23. data/lib/gcloud/errors.rb +23 -0
  24. data/lib/gcloud/gce.rb +62 -0
  25. data/lib/gcloud/pubsub/connection.rb +4 -0
  26. data/lib/gcloud/pubsub/errors.rb +2 -0
  27. data/lib/gcloud/pubsub/project.rb +5 -3
  28. data/lib/gcloud/pubsub/subscription/list.rb +1 -1
  29. data/lib/gcloud/pubsub/topic.rb +1 -1
  30. data/lib/gcloud/pubsub/topic/list.rb +1 -1
  31. data/lib/gcloud/storage.rb +16 -0
  32. data/lib/gcloud/storage/bucket.rb +31 -1
  33. data/lib/gcloud/storage/bucket/acl.rb +12 -10
  34. data/lib/gcloud/storage/bucket/list.rb +1 -1
  35. data/lib/gcloud/storage/connection.rb +4 -0
  36. data/lib/gcloud/storage/errors.rb +2 -0
  37. data/lib/gcloud/storage/file.rb +13 -0
  38. data/lib/gcloud/storage/file/acl.rb +6 -5
  39. data/lib/gcloud/storage/file/list.rb +1 -1
  40. data/lib/gcloud/storage/project.rb +4 -2
  41. data/lib/gcloud/version.rb +1 -1
  42. metadata +6 -2
data/lib/gcloud/bigquery/dataset/access.rb ADDED
@@ -0,0 +1,477 @@
1
+ #--
2
+ # Copyright 2015 Google Inc. All rights reserved.
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
15
+
16
+ module Gcloud
17
+ module Bigquery
18
+ class Dataset
19
+ ##
20
+ # = Dataset Access Control
21
+ #
22
+ # Represents the Access rules for a Dataset. See {BigQuery Access
23
+ # Control}[https://cloud.google.com/bigquery/access-control].
24
+ #
25
+ # require "gcloud"
26
+ #
27
+ # gcloud = Gcloud.new
28
+ # bigquery = gcloud.bigquery
29
+ # dataset = bigquery.dataset "my_dataset"
30
+ #
31
+ # dataset.access do |access|
32
+ # access.add_owner_group "owners@example.com"
33
+ # access.add_writer_user "writer@example.com"
34
+ # access.remove_writer_user "readers@example.com"
35
+ # access.add_reader_special :all
36
+ # access.add_reader_view other_dataset_view_object
37
+ # end
38
+ #
39
+ class Access
40
+ ROLES = { "reader" => "READER",
41
+ "writer" => "WRITER",
42
+ "owner" => "OWNER" } #:nodoc:
43
+
44
+ SCOPES = { "user" => "userByEmail",
45
+ "user_by_email" => "userByEmail",
46
+ "userByEmail" => "userByEmail",
47
+ "group" => "groupByEmail",
48
+ "group_by_email" => "groupByEmail",
49
+ "groupByEmail" => "groupByEmail",
50
+ "domain" => "domain",
51
+ "special" => "specialGroup",
52
+ "special_group" => "specialGroup",
53
+ "specialGroup" => "specialGroup",
54
+ "view" => "view" } #:nodoc:
55
+
56
+ GROUPS = { "owners" => "projectOwners",
57
+ "project_owners" => "projectOwners",
58
+ "projectOwners" => "projectOwners",
59
+ "readers" => "projectReaders",
60
+ "project_readers" => "projectReaders",
61
+ "projectReaders" => "projectReaders",
62
+ "writers" => "projectWriters",
63
+ "project_writers" => "projectWriters",
64
+ "projectWriters" => "projectWriters",
65
+ "all" => "allAuthenticatedUsers",
66
+ "all_authenticated_users" => "allAuthenticatedUsers",
67
+ "allAuthenticatedUsers" => "allAuthenticatedUsers" }
68
+
69
+ attr_reader :access #:nodoc:
70
+
71
+ ##
72
+ # Initialized a new Access object.
73
+ # Must provide a valid Dataset object.
74
+ def initialize access, context #:nodoc:
75
+ @original = access.dup
76
+ @access = access.dup
77
+ @context = context
78
+ end
79
+
80
+ def changed? #:nodoc:
81
+ @original != @access
82
+ end
83
+
84
+ ##
85
+ # Add reader access to a user.
86
+ def add_reader_user email
87
+ add_access_role_scope_value :reader, :user, email
88
+ end
89
+
90
+ ##
91
+ # Add reader access to a group.
92
+ def add_reader_group email
93
+ add_access_role_scope_value :reader, :group, email
94
+ end
95
+
96
+ ##
97
+ # Add reader access to a domain.
98
+ def add_reader_domain domain
99
+ add_access_role_scope_value :reader, :domain, domain
100
+ end
101
+
102
+ ##
103
+ # Add reader access to a special group.
104
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
105
+ def add_reader_special group
106
+ add_access_role_scope_value :reader, :special, group
107
+ end
108
+
109
+ ##
110
+ # Add reader access to a view.
111
+ # The view can be a Gcloud::Bigquery::View object,
112
+ # or a string identifier as specified by the
113
+ # {Query
114
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
115
+ # +project_name:datasetId.tableId+.
116
+ def add_reader_view view
117
+ add_access_role_scope_value :reader, :view, view
118
+ end
119
+
120
+ ##
121
+ # Add writer access to a user.
122
+ def add_writer_user email
123
+ add_access_role_scope_value :writer, :user, email
124
+ end
125
+
126
+ ##
127
+ # Add writer access to a group.
128
+ def add_writer_group email
129
+ add_access_role_scope_value :writer, :group, email
130
+ end
131
+
132
+ ##
133
+ # Add writer access to a domain.
134
+ def add_writer_domain domain
135
+ add_access_role_scope_value :writer, :domain, domain
136
+ end
137
+
138
+ ##
139
+ # Add writer access to a special group.
140
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
141
+ def add_writer_special group
142
+ add_access_role_scope_value :writer, :special, group
143
+ end
144
+
145
+ ##
146
+ # Add writer access to a view.
147
+ # The view can be a Gcloud::Bigquery::View object,
148
+ # or a string identifier as specified by the
149
+ # {Query
150
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
151
+ # +project_name:datasetId.tableId+.
152
+ def add_writer_view view
153
+ add_access_role_scope_value :writer, :view, view
154
+ end
155
+
156
+ ##
157
+ # Add owner access to a user.
158
+ def add_owner_user email
159
+ add_access_role_scope_value :owner, :user, email
160
+ end
161
+
162
+ ##
163
+ # Add owner access to a group.
164
+ def add_owner_group email
165
+ add_access_role_scope_value :owner, :group, email
166
+ end
167
+
168
+ ##
169
+ # Add owner access to a domain.
170
+ def add_owner_domain domain
171
+ add_access_role_scope_value :owner, :domain, domain
172
+ end
173
+
174
+ ##
175
+ # Add owner access to a special group.
176
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
177
+ def add_owner_special group
178
+ add_access_role_scope_value :owner, :special, group
179
+ end
180
+
181
+ ##
182
+ # Add owner access to a view.
183
+ # The view can be a Gcloud::Bigquery::View object,
184
+ # or a string identifier as specified by the
185
+ # {Query
186
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
187
+ # +project_name:datasetId.tableId+.
188
+ def add_owner_view view
189
+ add_access_role_scope_value :owner, :view, view
190
+ end
191
+
192
+ ##
193
+ # Remove reader access from a user.
194
+ def remove_reader_user email
195
+ remove_access_role_scope_value :reader, :user, email
196
+ end
197
+
198
+ ##
199
+ # Remove reader access from a group.
200
+ def remove_reader_group email
201
+ remove_access_role_scope_value :reader, :group, email
202
+ end
203
+
204
+ ##
205
+ # Remove reader access from a domain.
206
+ def remove_reader_domain domain
207
+ remove_access_role_scope_value :reader, :domain, domain
208
+ end
209
+
210
+ ##
211
+ # Remove reader access from a special group.
212
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
213
+ def remove_reader_special group
214
+ remove_access_role_scope_value :reader, :special, group
215
+ end
216
+
217
+ ##
218
+ # Remove reader access from a view.
219
+ # The view can be a Gcloud::Bigquery::View object,
220
+ # or a string identifier as specified by the
221
+ # {Query
222
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
223
+ # +project_name:datasetId.tableId+.
224
+ def remove_reader_view view
225
+ remove_access_role_scope_value :reader, :view, view
226
+ end
227
+
228
+ ##
229
+ # Remove writer access from a user.
230
+ def remove_writer_user email
231
+ remove_access_role_scope_value :writer, :user, email
232
+ end
233
+
234
+ ##
235
+ # Remove writer access from a group.
236
+ def remove_writer_group email
237
+ remove_access_role_scope_value :writer, :group, email
238
+ end
239
+
240
+ ##
241
+ # Remove writer access from a domain.
242
+ def remove_writer_domain domain
243
+ remove_access_role_scope_value :writer, :domain, domain
244
+ end
245
+
246
+ ##
247
+ # Remove writer access from a special group.
248
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
249
+ def remove_writer_special group
250
+ remove_access_role_scope_value :writer, :special, group
251
+ end
252
+
253
+ ##
254
+ # Remove writer access from a view.
255
+ # The view can be a Gcloud::Bigquery::View object,
256
+ # or a string identifier as specified by the
257
+ # {Query
258
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
259
+ # +project_name:datasetId.tableId+.
260
+ def remove_writer_view view
261
+ remove_access_role_scope_value :writer, :view, view
262
+ end
263
+
264
+ ##
265
+ # Remove owner access from a user.
266
+ def remove_owner_user email
267
+ remove_access_role_scope_value :owner, :user, email
268
+ end
269
+
270
+ ##
271
+ # Remove owner access from a group.
272
+ def remove_owner_group email
273
+ remove_access_role_scope_value :owner, :group, email
274
+ end
275
+
276
+ ##
277
+ # Remove owner access from a domain.
278
+ def remove_owner_domain domain
279
+ remove_access_role_scope_value :owner, :domain, domain
280
+ end
281
+
282
+ ##
283
+ # Remove owner access from a special group.
284
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
285
+ def remove_owner_special group
286
+ remove_access_role_scope_value :owner, :special, group
287
+ end
288
+
289
+ ##
290
+ # Remove owner access from a view.
291
+ # The view can be a Gcloud::Bigquery::View object,
292
+ # or a string identifier as specified by the
293
+ # {Query
294
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
295
+ # +project_name:datasetId.tableId+.
296
+ def remove_owner_view view
297
+ remove_access_role_scope_value :owner, :view, view
298
+ end
299
+
300
+ ##
301
+ # Checks reader access for a user.
302
+ def reader_user? email
303
+ lookup_access_role_scope_value :reader, :user, email
304
+ end
305
+
306
+ ##
307
+ # Checks reader access for a group.
308
+ def reader_group? email
309
+ lookup_access_role_scope_value :reader, :group, email
310
+ end
311
+
312
+ ##
313
+ # Checks reader access for a domain.
314
+ def reader_domain? domain
315
+ lookup_access_role_scope_value :reader, :domain, domain
316
+ end
317
+
318
+ ##
319
+ # Checks reader access for a special group.
320
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
321
+ def reader_special? group
322
+ lookup_access_role_scope_value :reader, :special, group
323
+ end
324
+
325
+ ##
326
+ # Checks reader access for a view.
327
+ # The view can be a Gcloud::Bigquery::View object,
328
+ # or a string identifier as specified by the
329
+ # {Query
330
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
331
+ # +project_name:datasetId.tableId+.
332
+ def reader_view? view
333
+ lookup_access_role_scope_value :reader, :view, view
334
+ end
335
+
336
+ ##
337
+ # Checks writer access for a user.
338
+ def writer_user? email
339
+ lookup_access_role_scope_value :writer, :user, email
340
+ end
341
+
342
+ ##
343
+ # Checks writer access for a group.
344
+ def writer_group? email
345
+ lookup_access_role_scope_value :writer, :group, email
346
+ end
347
+
348
+ ##
349
+ # Checks writer access for a domain.
350
+ def writer_domain? domain
351
+ lookup_access_role_scope_value :writer, :domain, domain
352
+ end
353
+
354
+ ##
355
+ # Checks writer access for a special group.
356
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
357
+ def writer_special? group
358
+ lookup_access_role_scope_value :writer, :special, group
359
+ end
360
+
361
+ ##
362
+ # Checks writer access for a view.
363
+ # The view can be a Gcloud::Bigquery::View object,
364
+ # or a string identifier as specified by the
365
+ # {Query
366
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
367
+ # +project_name:datasetId.tableId+.
368
+ def writer_view? view
369
+ lookup_access_role_scope_value :writer, :view, view
370
+ end
371
+
372
+ ##
373
+ # Checks owner access for a user.
374
+ def owner_user? email
375
+ lookup_access_role_scope_value :owner, :user, email
376
+ end
377
+
378
+ ##
379
+ # Checks owner access for a group.
380
+ def owner_group? email
381
+ lookup_access_role_scope_value :owner, :group, email
382
+ end
383
+
384
+ ##
385
+ # Checks owner access for a domain.
386
+ def owner_domain? domain
387
+ lookup_access_role_scope_value :owner, :domain, domain
388
+ end
389
+
390
+ ##
391
+ # Checks owner access for a special group.
392
+ # Accepted values are +owners+, +writers+, +readers+, and +all+.
393
+ def owner_special? group
394
+ lookup_access_role_scope_value :owner, :special, group
395
+ end
396
+
397
+ ##
398
+ # Checks owner access for a view.
399
+ # The view can be a Gcloud::Bigquery::View object,
400
+ # or a string identifier as specified by the
401
+ # {Query
402
+ # Reference}[https://cloud.google.com/bigquery/query-reference#from]:
403
+ # +project_name:datasetId.tableId+.
404
+ def owner_view? view
405
+ lookup_access_role_scope_value :owner, :view, view
406
+ end
407
+
408
+ protected
409
+
410
+ def validate_role role #:nodoc:
411
+ good_role = ROLES[role.to_s]
412
+ if good_role.nil?
413
+ fail ArgumentError "Unable to determine role for #{role}"
414
+ end
415
+ good_role
416
+ end
417
+
418
+ def validate_scope scope #:nodoc:
419
+ good_scope = SCOPES[scope.to_s]
420
+ if good_scope.nil?
421
+ fail ArgumentError "Unable to determine scope for #{scope}"
422
+ end
423
+ good_scope
424
+ end
425
+
426
+ def validate_special_group value #:nodoc:
427
+ good_value = GROUPS[value.to_s]
428
+ return good_value unless good_value.nil?
429
+ scope
430
+ end
431
+
432
+ def validate_view view #:nodoc:
433
+ if view.respond_to? :table_ref
434
+ view.table_ref
435
+ else
436
+ Connection.table_ref_from_s view, @context
437
+ end
438
+ end
439
+
440
+ def add_access_role_scope_value role, scope, value #:nodoc:
441
+ role = validate_role role
442
+ scope = validate_scope scope
443
+ # If scope is special group, make sure value is in the list
444
+ value = validate_special_group(value) if scope == "specialGroup"
445
+ # If scope is view, make sure value is in the right format
446
+ value = validate_view(value) if scope == "view"
447
+ # Remove any rules of this scope and value
448
+ access.reject! { |h| h[scope] == value }
449
+ # Add new rule for this role, scope, and value
450
+ access << { "role" => role, scope => value }
451
+ end
452
+
453
+ def remove_access_role_scope_value role, scope, value #:nodoc:
454
+ role = validate_role role
455
+ scope = validate_scope scope
456
+ # If scope is special group, make sure value is in the list
457
+ value = validate_special_group(value) if scope == "specialGroup"
458
+ # If scope is view, make sure value is in the right format
459
+ value = validate_view(value) if scope == "view"
460
+ # Remove any rules of this role, scope, and value
461
+ access.reject! { |h| h["role"] == role && h[scope] == value }
462
+ end
463
+
464
+ def lookup_access_role_scope_value role, scope, value #:nodoc:
465
+ role = validate_role role
466
+ scope = validate_scope scope
467
+ # If scope is special group, make sure value is in the list
468
+ value = validate_special_group(value) if scope == "specialGroup"
469
+ # If scope is view, make sure value is in the right format
470
+ value = validate_view(value) if scope == "view"
471
+ # Detect any rules of this role, scope, and value
472
+ !(!access.detect { |h| h["role"] == role && h[scope] == value })
473
+ end
474
+ end
475
+ end
476
+ end
477
+ end