google-cloud-bigquery 1.21.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. checksums.yaml +7 -0
  2. data/.yardopts +16 -0
  3. data/AUTHENTICATION.md +158 -0
  4. data/CHANGELOG.md +397 -0
  5. data/CODE_OF_CONDUCT.md +40 -0
  6. data/CONTRIBUTING.md +188 -0
  7. data/LICENSE +201 -0
  8. data/LOGGING.md +27 -0
  9. data/OVERVIEW.md +463 -0
  10. data/TROUBLESHOOTING.md +31 -0
  11. data/lib/google-cloud-bigquery.rb +139 -0
  12. data/lib/google/cloud/bigquery.rb +145 -0
  13. data/lib/google/cloud/bigquery/argument.rb +197 -0
  14. data/lib/google/cloud/bigquery/convert.rb +383 -0
  15. data/lib/google/cloud/bigquery/copy_job.rb +316 -0
  16. data/lib/google/cloud/bigquery/credentials.rb +50 -0
  17. data/lib/google/cloud/bigquery/data.rb +526 -0
  18. data/lib/google/cloud/bigquery/dataset.rb +2845 -0
  19. data/lib/google/cloud/bigquery/dataset/access.rb +1021 -0
  20. data/lib/google/cloud/bigquery/dataset/list.rb +162 -0
  21. data/lib/google/cloud/bigquery/encryption_configuration.rb +123 -0
  22. data/lib/google/cloud/bigquery/external.rb +2432 -0
  23. data/lib/google/cloud/bigquery/extract_job.rb +368 -0
  24. data/lib/google/cloud/bigquery/insert_response.rb +180 -0
  25. data/lib/google/cloud/bigquery/job.rb +657 -0
  26. data/lib/google/cloud/bigquery/job/list.rb +162 -0
  27. data/lib/google/cloud/bigquery/load_job.rb +1704 -0
  28. data/lib/google/cloud/bigquery/model.rb +740 -0
  29. data/lib/google/cloud/bigquery/model/list.rb +164 -0
  30. data/lib/google/cloud/bigquery/project.rb +1655 -0
  31. data/lib/google/cloud/bigquery/project/list.rb +161 -0
  32. data/lib/google/cloud/bigquery/query_job.rb +1695 -0
  33. data/lib/google/cloud/bigquery/routine.rb +1108 -0
  34. data/lib/google/cloud/bigquery/routine/list.rb +165 -0
  35. data/lib/google/cloud/bigquery/schema.rb +564 -0
  36. data/lib/google/cloud/bigquery/schema/field.rb +668 -0
  37. data/lib/google/cloud/bigquery/service.rb +589 -0
  38. data/lib/google/cloud/bigquery/standard_sql.rb +495 -0
  39. data/lib/google/cloud/bigquery/table.rb +3340 -0
  40. data/lib/google/cloud/bigquery/table/async_inserter.rb +520 -0
  41. data/lib/google/cloud/bigquery/table/list.rb +172 -0
  42. data/lib/google/cloud/bigquery/time.rb +65 -0
  43. data/lib/google/cloud/bigquery/version.rb +22 -0
  44. metadata +297 -0
data/lib/google/cloud/bigquery/dataset/access.rb ADDED
@@ -0,0 +1,1021 @@
1
+ # Copyright 2015 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Cloud
18
+ module Bigquery
19
+ class Dataset
20
+ ##
21
+ # # Dataset Access Control
22
+ #
23
+ # Represents the access control rules for a {Dataset}.
24
+ #
25
+ # @see https://cloud.google.com/bigquery/docs/access-control BigQuery
26
+ # Access Control
27
+ #
28
+ # @example
29
+ # require "google/cloud/bigquery"
30
+ #
31
+ # bigquery = Google::Cloud::Bigquery.new
32
+ # dataset = bigquery.dataset "my_dataset"
33
+ #
34
+ # dataset.access do |access|
35
+ # access.add_owner_group "owners@example.com"
36
+ # access.add_writer_user "writer@example.com"
37
+ # access.remove_writer_user "readers@example.com"
38
+ # access.add_reader_special :all_users
39
+ # end
40
+ #
41
+ class Access
42
+ # @private
43
+ ROLES = {
44
+ "reader" => "READER",
45
+ "writer" => "WRITER",
46
+ "owner" => "OWNER"
47
+ }.freeze
48
+
49
+ # @private
50
+ SCOPES = {
51
+ "user" => :user_by_email,
52
+ "user_by_email" => :user_by_email,
53
+ "userByEmail" => :user_by_email,
54
+ "group" => :group_by_email,
55
+ "group_by_email" => :group_by_email,
56
+ "groupByEmail" => :group_by_email,
57
+ "domain" => :domain,
58
+ "special" => :special_group,
59
+ "special_group" => :special_group,
60
+ "specialGroup" => :special_group,
61
+ "view" => :view
62
+ }.freeze
63
+
64
+ # @private
65
+ GROUPS = {
66
+ "owners" => "projectOwners",
67
+ "project_owners" => "projectOwners",
68
+ "projectOwners" => "projectOwners",
69
+ "readers" => "projectReaders",
70
+ "project_readers" => "projectReaders",
71
+ "projectReaders" => "projectReaders",
72
+ "writers" => "projectWriters",
73
+ "project_writers" => "projectWriters",
74
+ "projectWriters" => "projectWriters",
75
+ "all" => "allAuthenticatedUsers",
76
+ "all_authenticated_users" => "allAuthenticatedUsers",
77
+ "allAuthenticatedUsers" => "allAuthenticatedUsers",
78
+ "all_users" => "allUsers",
79
+ "allUsers" => "allUsers"
80
+ }.freeze
81
+
82
+ ##
83
+ # @private
84
+ # Initialized a new Access object.
85
+ # Must provide a valid Google::Apis::BigqueryV2::Dataset object.
86
+ # Access will mutate the gapi object.
87
+ def initialize
88
+ @rules = [] # easiest to do this in the constructor
89
+ @original_rules_hashes = @rules.map(&:to_h)
90
+ end
91
+
92
+ # @private
93
+ def changed?
94
+ @original_rules_hashes != @rules.map(&:to_h)
95
+ end
96
+
97
+ # @private
98
+ def empty?
99
+ @rules.empty?
100
+ end
101
+
102
+ # @private
103
+ def freeze
104
+ @rules = @rules.map(&:dup).map(&:freeze)
105
+ @rules.freeze
106
+ super
107
+ end
108
+
109
+ ##
110
+ # @private View the access rules as an array of hashes.
111
+ def to_a
112
+ @rules.map(&:to_h)
113
+ end
114
+
115
+ ##
116
+ # Add reader access to a user.
117
+ #
118
+ # @param [String] email The email address for the entity.
119
+ #
120
+ # @example
121
+ # require "google/cloud/bigquery"
122
+ #
123
+ # bigquery = Google::Cloud::Bigquery.new
124
+ # dataset = bigquery.dataset "my_dataset"
125
+ #
126
+ # dataset.access do |access|
127
+ # access.add_reader_user "entity@example.com"
128
+ # end
129
+ #
130
+ def add_reader_user email
131
+ add_access_role_scope_value :reader, :user, email
132
+ end
133
+
134
+ ##
135
+ # Add reader access to a group.
136
+ #
137
+ # @param [String] email The email address for the entity.
138
+ #
139
+ # @example
140
+ # require "google/cloud/bigquery"
141
+ #
142
+ # bigquery = Google::Cloud::Bigquery.new
143
+ # dataset = bigquery.dataset "my_dataset"
144
+ #
145
+ # dataset.access do |access|
146
+ # access.add_reader_group "entity@example.com"
147
+ # end
148
+ #
149
+ def add_reader_group email
150
+ add_access_role_scope_value :reader, :group, email
151
+ end
152
+
153
+ ##
154
+ # Add reader access to a domain.
155
+ #
156
+ # @param [String] domain A [Cloud Identity
157
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
158
+ #
159
+ # @example
160
+ # require "google/cloud/bigquery"
161
+ #
162
+ # bigquery = Google::Cloud::Bigquery.new
163
+ # dataset = bigquery.dataset "my_dataset"
164
+ #
165
+ # dataset.access do |access|
166
+ # access.add_reader_domain "example.com"
167
+ # end
168
+ #
169
+ def add_reader_domain domain
170
+ add_access_role_scope_value :reader, :domain, domain
171
+ end
172
+
173
+ ##
174
+ # Add reader access to a special group.
175
+ #
176
+ # @param [String] group Accepted values are `owners`, `writers`,
177
+ # `readers`, `all_authenticated_users`, and `all_users`.
178
+ #
179
+ # @example
180
+ # require "google/cloud/bigquery"
181
+ #
182
+ # bigquery = Google::Cloud::Bigquery.new
183
+ # dataset = bigquery.dataset "my_dataset"
184
+ #
185
+ # dataset.access do |access|
186
+ # access.add_reader_special :all_users
187
+ # end
188
+ #
189
+ def add_reader_special group
190
+ add_access_role_scope_value :reader, :special, group
191
+ end
192
+
193
+ ##
194
+ # Add reader access to a view.
195
+ #
196
+ # @param [Google::Cloud::Bigquery::Table, String] view A table object,
197
+ # or a string identifier as specified by the [Standard SQL Query
198
+ # Reference](https://cloud.google.com/bigquery/docs/reference/standard-sql/query-syntax#from-clause)
199
+ # (`project-name.dataset_id.table_id`) or the [Legacy SQL Query
200
+ # Reference](https://cloud.google.com/bigquery/query-reference#from)
201
+ # (`project-name:dataset_id.table_id`).
202
+ #
203
+ # @example
204
+ # require "google/cloud/bigquery"
205
+ #
206
+ # bigquery = Google::Cloud::Bigquery.new
207
+ # dataset = bigquery.dataset "my_dataset"
208
+ # other_dataset = bigquery.dataset "my_other_dataset"
209
+ #
210
+ # view = other_dataset.table "my_view"
211
+ #
212
+ # dataset.access do |access|
213
+ # access.add_reader_view view
214
+ # end
215
+ #
216
+ def add_reader_view view
217
+ add_access_view view
218
+ end
219
+
220
+ ##
221
+ # Add writer access to a user.
222
+ #
223
+ # @param [String] email The email address for the entity.
224
+ #
225
+ # @example
226
+ # require "google/cloud/bigquery"
227
+ #
228
+ # bigquery = Google::Cloud::Bigquery.new
229
+ # dataset = bigquery.dataset "my_dataset"
230
+ #
231
+ # dataset.access do |access|
232
+ # access.add_writer_user "entity@example.com"
233
+ # end
234
+ #
235
+ def add_writer_user email
236
+ add_access_role_scope_value :writer, :user, email
237
+ end
238
+
239
+ ##
240
+ # Add writer access to a group.
241
+ #
242
+ # @param [String] email The email address for the entity.
243
+ #
244
+ # @example
245
+ # require "google/cloud/bigquery"
246
+ #
247
+ # bigquery = Google::Cloud::Bigquery.new
248
+ # dataset = bigquery.dataset "my_dataset"
249
+ #
250
+ # dataset.access do |access|
251
+ # access.add_writer_group "entity@example.com"
252
+ # end
253
+ #
254
+ def add_writer_group email
255
+ add_access_role_scope_value :writer, :group, email
256
+ end
257
+
258
+ ##
259
+ # Add writer access to a domain.
260
+ #
261
+ # @param [String] domain A [Cloud Identity
262
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
263
+ #
264
+ # @example
265
+ # require "google/cloud/bigquery"
266
+ #
267
+ # bigquery = Google::Cloud::Bigquery.new
268
+ # dataset = bigquery.dataset "my_dataset"
269
+ #
270
+ # dataset.access do |access|
271
+ # access.add_writer_domain "example.com"
272
+ # end
273
+ #
274
+ def add_writer_domain domain
275
+ add_access_role_scope_value :writer, :domain, domain
276
+ end
277
+
278
+ ##
279
+ # Add writer access to a special group.
280
+ #
281
+ # @param [String] group Accepted values are `owners`, `writers`,
282
+ # `readers`, `all_authenticated_users`, and `all_users`.
283
+ #
284
+ # @example
285
+ # require "google/cloud/bigquery"
286
+ #
287
+ # bigquery = Google::Cloud::Bigquery.new
288
+ # dataset = bigquery.dataset "my_dataset"
289
+ #
290
+ # dataset.access do |access|
291
+ # access.add_writer_special :all_users
292
+ # end
293
+ #
294
+ def add_writer_special group
295
+ add_access_role_scope_value :writer, :special, group
296
+ end
297
+
298
+ ##
299
+ # Add owner access to a user.
300
+ #
301
+ # @param [String] email The email address for the entity.
302
+ #
303
+ # @example
304
+ # require "google/cloud/bigquery"
305
+ #
306
+ # bigquery = Google::Cloud::Bigquery.new
307
+ # dataset = bigquery.dataset "my_dataset"
308
+ #
309
+ # dataset.access do |access|
310
+ # access.add_owner_user "entity@example.com"
311
+ # end
312
+ #
313
+ def add_owner_user email
314
+ add_access_role_scope_value :owner, :user, email
315
+ end
316
+
317
+ ##
318
+ # Add owner access to a group.
319
+ #
320
+ # @param [String] email The email address for the entity.
321
+ #
322
+ # @example
323
+ # require "google/cloud/bigquery"
324
+ #
325
+ # bigquery = Google::Cloud::Bigquery.new
326
+ # dataset = bigquery.dataset "my_dataset"
327
+ #
328
+ # dataset.access do |access|
329
+ # access.add_owner_group "entity@example.com"
330
+ # end
331
+ #
332
+ def add_owner_group email
333
+ add_access_role_scope_value :owner, :group, email
334
+ end
335
+
336
+ ##
337
+ # Add owner access to a domain.
338
+ #
339
+ # @param [String] domain A [Cloud Identity
340
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
341
+ #
342
+ # @example
343
+ # require "google/cloud/bigquery"
344
+ #
345
+ # bigquery = Google::Cloud::Bigquery.new
346
+ # dataset = bigquery.dataset "my_dataset"
347
+ #
348
+ # dataset.access do |access|
349
+ # access.add_owner_domain "example.com"
350
+ # end
351
+ #
352
+ def add_owner_domain domain
353
+ add_access_role_scope_value :owner, :domain, domain
354
+ end
355
+
356
+ ##
357
+ # Add owner access to a special group.
358
+ #
359
+ # @param [String] group Accepted values are `owners`, `writers`,
360
+ # `readers`, `all_authenticated_users`, and `all_users`.
361
+ #
362
+ # @example
363
+ # require "google/cloud/bigquery"
364
+ #
365
+ # bigquery = Google::Cloud::Bigquery.new
366
+ # dataset = bigquery.dataset "my_dataset"
367
+ #
368
+ # dataset.access do |access|
369
+ # access.add_owner_special :all_users
370
+ # end
371
+ #
372
+ def add_owner_special group
373
+ add_access_role_scope_value :owner, :special, group
374
+ end
375
+
376
+ ##
377
+ # Remove reader access from a user.
378
+ #
379
+ # @param [String] email The email address for the entity.
380
+ #
381
+ # @example
382
+ # require "google/cloud/bigquery"
383
+ #
384
+ # bigquery = Google::Cloud::Bigquery.new
385
+ # dataset = bigquery.dataset "my_dataset"
386
+ #
387
+ # dataset.access do |access|
388
+ # access.remove_reader_user "entity@example.com"
389
+ # end
390
+ #
391
+ def remove_reader_user email
392
+ remove_access_role_scope_value :reader, :user, email
393
+ end
394
+
395
+ ##
396
+ # Remove reader access from a group.
397
+ #
398
+ # @param [String] email The email address for the entity.
399
+ #
400
+ # @example
401
+ # require "google/cloud/bigquery"
402
+ #
403
+ # bigquery = Google::Cloud::Bigquery.new
404
+ # dataset = bigquery.dataset "my_dataset"
405
+ #
406
+ # dataset.access do |access|
407
+ # access.remove_reader_group "entity@example.com"
408
+ # end
409
+ #
410
+ def remove_reader_group email
411
+ remove_access_role_scope_value :reader, :group, email
412
+ end
413
+
414
+ ##
415
+ # Remove reader access from a domain.
416
+ #
417
+ # @param [String] domain A [Cloud Identity
418
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
419
+ #
420
+ # @example
421
+ # require "google/cloud/bigquery"
422
+ #
423
+ # bigquery = Google::Cloud::Bigquery.new
424
+ # dataset = bigquery.dataset "my_dataset"
425
+ #
426
+ # dataset.access do |access|
427
+ # access.remove_reader_domain "example.com"
428
+ # end
429
+ #
430
+ def remove_reader_domain domain
431
+ remove_access_role_scope_value :reader, :domain, domain
432
+ end
433
+
434
+ ##
435
+ # Remove reader access from a special group.
436
+ #
437
+ # @param [String] group Accepted values are `owners`, `writers`,
438
+ # `readers`, `all_authenticated_users`, and `all_users`.
439
+ #
440
+ # @example
441
+ # require "google/cloud/bigquery"
442
+ #
443
+ # bigquery = Google::Cloud::Bigquery.new
444
+ # dataset = bigquery.dataset "my_dataset"
445
+ #
446
+ # dataset.access do |access|
447
+ # access.remove_reader_special :all_users
448
+ # end
449
+ #
450
+ def remove_reader_special group
451
+ remove_access_role_scope_value :reader, :special, group
452
+ end
453
+
454
+ ##
455
+ # Remove reader access from a view.
456
+ #
457
+ # @param [Google::Cloud::Bigquery::Table, String] view A table object,
458
+ # or a string identifier as specified by the [Standard SQL Query
459
+ # Reference](https://cloud.google.com/bigquery/docs/reference/standard-sql/query-syntax#from-clause)
460
+ # (`project-name.dataset_id.table_id`) or the [Legacy SQL Query
461
+ # Reference](https://cloud.google.com/bigquery/query-reference#from)
462
+ # (`project-name:dataset_id.table_id`).
463
+ #
464
+ # @example
465
+ # require "google/cloud/bigquery"
466
+ #
467
+ # bigquery = Google::Cloud::Bigquery.new
468
+ # dataset = bigquery.dataset "my_dataset"
469
+ # other_dataset = bigquery.dataset "my_other_dataset"
470
+ #
471
+ # view = other_dataset.table "my_view"
472
+ #
473
+ # dataset.access do |access|
474
+ # access.remove_reader_view view
475
+ # end
476
+ #
477
+ def remove_reader_view view
478
+ remove_access_view view
479
+ end
480
+
481
+ ##
482
+ # Remove writer access from a user.
483
+ #
484
+ # @param [String] email The email address for the entity.
485
+ #
486
+ # @example
487
+ # require "google/cloud/bigquery"
488
+ #
489
+ # bigquery = Google::Cloud::Bigquery.new
490
+ # dataset = bigquery.dataset "my_dataset"
491
+ #
492
+ # dataset.access do |access|
493
+ # access.remove_writer_user "entity@example.com"
494
+ # end
495
+ #
496
+ def remove_writer_user email
497
+ remove_access_role_scope_value :writer, :user, email
498
+ end
499
+
500
+ ##
501
+ # Remove writer access from a group.
502
+ #
503
+ # @param [String] email The email address for the entity.
504
+ #
505
+ # @example
506
+ # require "google/cloud/bigquery"
507
+ #
508
+ # bigquery = Google::Cloud::Bigquery.new
509
+ # dataset = bigquery.dataset "my_dataset"
510
+ #
511
+ # dataset.access do |access|
512
+ # access.remove_writer_group "entity@example.com"
513
+ # end
514
+ #
515
+ def remove_writer_group email
516
+ remove_access_role_scope_value :writer, :group, email
517
+ end
518
+
519
+ ##
520
+ # Remove writer access from a domain.
521
+ #
522
+ # @param [String] domain A [Cloud Identity
523
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
524
+ #
525
+ # @example
526
+ # require "google/cloud/bigquery"
527
+ #
528
+ # bigquery = Google::Cloud::Bigquery.new
529
+ # dataset = bigquery.dataset "my_dataset"
530
+ #
531
+ # dataset.access do |access|
532
+ # access.remove_writer_domain "example.com"
533
+ # end
534
+ #
535
+ def remove_writer_domain domain
536
+ remove_access_role_scope_value :writer, :domain, domain
537
+ end
538
+
539
+ ##
540
+ # Remove writer access from a special group.
541
+ #
542
+ # @param [String] group Accepted values are `owners`, `writers`,
543
+ # `readers`, `all_authenticated_users`, and `all_users`.
544
+ #
545
+ # @example
546
+ # require "google/cloud/bigquery"
547
+ #
548
+ # bigquery = Google::Cloud::Bigquery.new
549
+ # dataset = bigquery.dataset "my_dataset"
550
+ #
551
+ # dataset.access do |access|
552
+ # access.remove_writer_special :all_users
553
+ # end
554
+ #
555
+ def remove_writer_special group
556
+ remove_access_role_scope_value :writer, :special, group
557
+ end
558
+
559
+ ##
560
+ # Remove owner access from a user.
561
+ #
562
+ # @param [String] email The email address for the entity.
563
+ #
564
+ # @example
565
+ # require "google/cloud/bigquery"
566
+ #
567
+ # bigquery = Google::Cloud::Bigquery.new
568
+ # dataset = bigquery.dataset "my_dataset"
569
+ #
570
+ # dataset.access do |access|
571
+ # access.remove_owner_user "entity@example.com"
572
+ # end
573
+ #
574
+ def remove_owner_user email
575
+ remove_access_role_scope_value :owner, :user, email
576
+ end
577
+
578
+ ##
579
+ # Remove owner access from a group.
580
+ #
581
+ # @param [String] email The email address for the entity.
582
+ #
583
+ # @example
584
+ # require "google/cloud/bigquery"
585
+ #
586
+ # bigquery = Google::Cloud::Bigquery.new
587
+ # dataset = bigquery.dataset "my_dataset"
588
+ #
589
+ # dataset.access do |access|
590
+ # access.remove_owner_group "entity@example.com"
591
+ # end
592
+ #
593
+ def remove_owner_group email
594
+ remove_access_role_scope_value :owner, :group, email
595
+ end
596
+
597
+ ##
598
+ # Remove owner access from a domain.
599
+ #
600
+ # @param [String] domain A [Cloud Identity
601
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
602
+ #
603
+ # @example
604
+ # require "google/cloud/bigquery"
605
+ #
606
+ # bigquery = Google::Cloud::Bigquery.new
607
+ # dataset = bigquery.dataset "my_dataset"
608
+ #
609
+ # dataset.access do |access|
610
+ # access.remove_owner_domain "example.com"
611
+ # end
612
+ #
613
+ def remove_owner_domain domain
614
+ remove_access_role_scope_value :owner, :domain, domain
615
+ end
616
+
617
+ ##
618
+ # Remove owner access from a special group.
619
+ #
620
+ # @param [String] group Accepted values are `owners`, `writers`,
621
+ # `readers`, `all_authenticated_users`, and `all_users`.
622
+ #
623
+ # @example
624
+ # require "google/cloud/bigquery"
625
+ #
626
+ # bigquery = Google::Cloud::Bigquery.new
627
+ # dataset = bigquery.dataset "my_dataset"
628
+ #
629
+ # dataset.access do |access|
630
+ # access.remove_owner_special :all_users
631
+ # end
632
+ #
633
+ def remove_owner_special group
634
+ remove_access_role_scope_value :owner, :special, group
635
+ end
636
+
637
+ ##
638
+ # Checks reader access for a user.
639
+ #
640
+ # @param [String] email The email address for the entity.
641
+ #
642
+ # @example
643
+ # require "google/cloud/bigquery"
644
+ #
645
+ # bigquery = Google::Cloud::Bigquery.new
646
+ # dataset = bigquery.dataset "my_dataset"
647
+ #
648
+ # access = dataset.access
649
+ # access.reader_user? "entity@example.com" #=> false
650
+ #
651
+ def reader_user? email
652
+ lookup_access_role_scope_value :reader, :user, email
653
+ end
654
+
655
+ ##
656
+ # Checks reader access for a group.
657
+ #
658
+ # @param [String] email The email address for the entity.
659
+ #
660
+ # @example
661
+ # require "google/cloud/bigquery"
662
+ #
663
+ # bigquery = Google::Cloud::Bigquery.new
664
+ # dataset = bigquery.dataset "my_dataset"
665
+ #
666
+ # access = dataset.access
667
+ # access.reader_group? "entity@example.com" #=> false
668
+ #
669
+ def reader_group? email
670
+ lookup_access_role_scope_value :reader, :group, email
671
+ end
672
+
673
+ ##
674
+ # Checks reader access for a domain.
675
+ #
676
+ # @param [String] domain A [Cloud Identity
677
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
678
+ #
679
+ # @example
680
+ # require "google/cloud/bigquery"
681
+ #
682
+ # bigquery = Google::Cloud::Bigquery.new
683
+ # dataset = bigquery.dataset "my_dataset"
684
+ #
685
+ # access = dataset.access
686
+ # access.reader_domain? "example.com" #=> false
687
+ #
688
+ def reader_domain? domain
689
+ lookup_access_role_scope_value :reader, :domain, domain
690
+ end
691
+
692
+ ##
693
+ # Checks reader access for a special group.
694
+ #
695
+ # @param [String] group Accepted values are `owners`, `writers`,
696
+ # `readers`, `all_authenticated_users`, and `all_users`.
697
+ #
698
+ # @example
699
+ # require "google/cloud/bigquery"
700
+ #
701
+ # bigquery = Google::Cloud::Bigquery.new
702
+ # dataset = bigquery.dataset "my_dataset"
703
+ #
704
+ # access = dataset.access
705
+ # access.reader_special? :all_users #=> false
706
+ #
707
+ def reader_special? group
708
+ lookup_access_role_scope_value :reader, :special, group
709
+ end
710
+
711
+ ##
712
+ # Checks reader access for a view.
713
+ #
714
+ # @param [Google::Cloud::Bigquery::Table, String] view A table object,
715
+ # or a string identifier as specified by the [Standard SQL Query
716
+ # Reference](https://cloud.google.com/bigquery/docs/reference/standard-sql/query-syntax#from-clause)
717
+ # (`project-name.dataset_id.table_id`) or the [Legacy SQL Query
718
+ # Reference](https://cloud.google.com/bigquery/query-reference#from)
719
+ # (`project-name:dataset_id.table_id`).
720
+ #
721
+ # @example
722
+ # require "google/cloud/bigquery"
723
+ #
724
+ # bigquery = Google::Cloud::Bigquery.new
725
+ # dataset = bigquery.dataset "my_dataset"
726
+ # other_dataset = bigquery.dataset "my_other_dataset"
727
+ #
728
+ # view = other_dataset.table "my_view"
729
+ #
730
+ # access = dataset.access
731
+ # access.reader_view? view #=> false
732
+ #
733
+ def reader_view? view
734
+ lookup_access_view view
735
+ end
736
+
737
+ ##
738
+ # Checks writer access for a user.
739
+ #
740
+ # @param [String] email The email address for the entity.
741
+ #
742
+ # @example
743
+ # require "google/cloud/bigquery"
744
+ #
745
+ # bigquery = Google::Cloud::Bigquery.new
746
+ # dataset = bigquery.dataset "my_dataset"
747
+ #
748
+ # access = dataset.access
749
+ # access.writer_user? "entity@example.com" #=> false
750
+ #
751
+ def writer_user? email
752
+ lookup_access_role_scope_value :writer, :user, email
753
+ end
754
+
755
+ ##
756
+ # Checks writer access for a group.
757
+ #
758
+ # @param [String] email The email address for the entity.
759
+ #
760
+ # @example
761
+ # require "google/cloud/bigquery"
762
+ #
763
+ # bigquery = Google::Cloud::Bigquery.new
764
+ # dataset = bigquery.dataset "my_dataset"
765
+ #
766
+ # access = dataset.access
767
+ # access.writer_group? "entity@example.com" #=> false
768
+ #
769
+ def writer_group? email
770
+ lookup_access_role_scope_value :writer, :group, email
771
+ end
772
+
773
+ ##
774
+ # Checks writer access for a domain.
775
+ #
776
+ # @param [String] domain A [Cloud Identity
777
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
778
+ #
779
+ # @example
780
+ # require "google/cloud/bigquery"
781
+ #
782
+ # bigquery = Google::Cloud::Bigquery.new
783
+ # dataset = bigquery.dataset "my_dataset"
784
+ #
785
+ # access = dataset.access
786
+ # access.writer_domain? "example.com" #=> false
787
+ #
788
+ def writer_domain? domain
789
+ lookup_access_role_scope_value :writer, :domain, domain
790
+ end
791
+
792
+ ##
793
+ # Checks writer access for a special group.
794
+ #
795
+ # @param [String] group Accepted values are `owners`, `writers`,
796
+ # `readers`, `all_authenticated_users`, and `all_users`.
797
+ #
798
+ # @example
799
+ # require "google/cloud/bigquery"
800
+ #
801
+ # bigquery = Google::Cloud::Bigquery.new
802
+ # dataset = bigquery.dataset "my_dataset"
803
+ #
804
+ # access = dataset.access
805
+ # access.writer_special? :all_users #=> false
806
+ #
807
+ def writer_special? group
808
+ lookup_access_role_scope_value :writer, :special, group
809
+ end
810
+
811
+ ##
812
+ # Checks owner access for a user.
813
+ #
814
+ # @param [String] email The email address for the entity.
815
+ #
816
+ # @example
817
+ # require "google/cloud/bigquery"
818
+ #
819
+ # bigquery = Google::Cloud::Bigquery.new
820
+ # dataset = bigquery.dataset "my_dataset"
821
+ #
822
+ # access = dataset.access
823
+ # access.owner_user? "entity@example.com" #=> false
824
+ #
825
+ def owner_user? email
826
+ lookup_access_role_scope_value :owner, :user, email
827
+ end
828
+
829
+ ##
830
+ # Checks owner access for a group.
831
+ #
832
+ # @param [String] email The email address for the entity.
833
+ #
834
+ # @example
835
+ # require "google/cloud/bigquery"
836
+ #
837
+ # bigquery = Google::Cloud::Bigquery.new
838
+ # dataset = bigquery.dataset "my_dataset"
839
+ #
840
+ # access = dataset.access
841
+ # access.owner_group? "entity@example.com" #=> false
842
+ #
843
+ def owner_group? email
844
+ lookup_access_role_scope_value :owner, :group, email
845
+ end
846
+
847
+ ##
848
+ # Checks owner access for a domain.
849
+ #
850
+ # @param [String] domain A [Cloud Identity
851
+ # domain](https://cloud.google.com/iam/docs/overview#cloudid_name_domain).
852
+ #
853
+ # @example
854
+ # require "google/cloud/bigquery"
855
+ #
856
+ # bigquery = Google::Cloud::Bigquery.new
857
+ # dataset = bigquery.dataset "my_dataset"
858
+ #
859
+ # access = dataset.access
860
+ # access.owner_domain? "example.com" #=> false
861
+ #
862
+ def owner_domain? domain
863
+ lookup_access_role_scope_value :owner, :domain, domain
864
+ end
865
+
866
+ ##
867
+ # Checks owner access for a special group.
868
+ #
869
+ # @param [String] group Accepted values are `owners`, `writers`,
870
+ # `readers`, `all_authenticated_users`, and `all_users`.
871
+ #
872
+ # @example
873
+ # require "google/cloud/bigquery"
874
+ #
875
+ # bigquery = Google::Cloud::Bigquery.new
876
+ # dataset = bigquery.dataset "my_dataset"
877
+ #
878
+ # access = dataset.access
879
+ # access.owner_special? :all_users #=> false
880
+ #
881
+ def owner_special? group
882
+ lookup_access_role_scope_value :owner, :special, group
883
+ end
884
+
885
+ # @private
886
+ def self.from_gapi gapi
887
+ rules = Array gapi.access
888
+ new.tap do |s|
889
+ s.instance_variable_set :@rules, rules
890
+ s.instance_variable_set :@original_rules_hashes, rules.map(&:to_h)
891
+ s.instance_variable_set :@dataset_reference, gapi.dataset_reference
892
+ end
893
+ end
894
+
895
+ # @private
896
+ def to_gapi
897
+ @rules
898
+ end
899
+
900
+ protected
901
+
902
+ # @private
903
+ def validate_role role
904
+ good_role = ROLES[role.to_s]
905
+ raise ArgumentError "Unable to determine role for #{role}" if good_role.nil?
906
+ good_role
907
+ end
908
+
909
+ # @private
910
+ def validate_scope scope
911
+ good_scope = SCOPES[scope.to_s]
912
+ raise ArgumentError "Unable to determine scope for #{scope}" if good_scope.nil?
913
+ good_scope
914
+ end
915
+
916
+ # @private
917
+ def validate_special_group value
918
+ good_value = GROUPS[value.to_s]
919
+ return good_value unless good_value.nil?
920
+ value
921
+ end
922
+
923
+ # @private
924
+ def validate_view view
925
+ if view.respond_to? :table_ref
926
+ view.table_ref
927
+ else
928
+ Service.table_ref_from_s view, default_ref: @dataset_reference
929
+ end
930
+ end
931
+
932
+ # @private
933
+ def add_access_role_scope_value role, scope, value
934
+ role = validate_role role
935
+ scope = validate_scope scope
936
+ # If scope is special group, make sure value is in the list
937
+ value = validate_special_group value if scope == :special_group
938
+ # Remove any rules of this scope and value
939
+ @rules.reject!(&find_by_scope_and_value(scope, value))
940
+ # Add new rule for this role, scope, and value
941
+ opts = { role: role, scope => value }
942
+ @rules << Google::Apis::BigqueryV2::Dataset::Access.new(opts)
943
+ end
944
+
945
+ # @private
946
+ def add_access_view value
947
+ # scope is view, make sure value is in the right format
948
+ value = validate_view value
949
+ # Remove existing view rule, if any
950
+ @rules.reject!(&find_view(value))
951
+ # Add new rule for this role, scope, and value
952
+ opts = { view: value }
953
+ @rules << Google::Apis::BigqueryV2::Dataset::Access.new(opts)
954
+ end
955
+
956
+ # @private
957
+ def remove_access_role_scope_value role, scope, value
958
+ role = validate_role role
959
+ scope = validate_scope scope
960
+ # If scope is special group, make sure value is in the list
961
+ value = validate_special_group value if scope == :special_group
962
+ # Remove any rules of this role, scope, and value
963
+ @rules.reject!(
964
+ &find_by_role_and_scope_and_value(role, scope, value)
965
+ )
966
+ end
967
+
968
+ # @private
969
+ def remove_access_view value
970
+ # scope is view, make sure value is in the right format
971
+ value = validate_view value
972
+ # Remove existing view rule, if any
973
+ @rules.reject!(&find_view(value))
974
+ end
975
+
976
+ # @private
977
+ def lookup_access_role_scope_value role, scope, value
978
+ role = validate_role role
979
+ scope = validate_scope scope
980
+ # If scope is special group, make sure value is in the list
981
+ value = validate_special_group value if scope == :special_group
982
+ # Detect any rules of this role, scope, and value
983
+ !(!@rules.detect(&find_by_role_and_scope_and_value(role, scope, value)))
984
+ end
985
+
986
+ # @private
987
+ def lookup_access_view value
988
+ # scope is view, make sure value is in the right format
989
+ value = validate_view value
990
+ # Detect view rule, if any
991
+ !(!@rules.detect(&find_view(value)))
992
+ end
993
+
994
+ # @private
995
+ def find_by_role_and_scope_and_value role, scope, value
996
+ lambda do |a|
997
+ h = a.to_h
998
+ h[:role] == role && h[scope] == value
999
+ end
1000
+ end
1001
+
1002
+ # @private
1003
+ def find_by_scope_and_value scope, value
1004
+ lambda do |a|
1005
+ h = a.to_h
1006
+ h[scope] == value
1007
+ end
1008
+ end
1009
+
1010
+ # @private
1011
+ def find_view value
1012
+ lambda do |a|
1013
+ h = a.to_h
1014
+ h[:view].to_h == value.to_h
1015
+ end
1016
+ end
1017
+ end
1018
+ end
1019
+ end
1020
+ end
1021
+ end