google-cloud-bigquery 1.12.0 → 1.38.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +9 -28
- data/CHANGELOG.md +372 -1
- data/CONTRIBUTING.md +328 -116
- data/LOGGING.md +2 -2
- data/OVERVIEW.md +21 -20
- data/TROUBLESHOOTING.md +2 -8
- data/lib/google/cloud/bigquery/argument.rb +197 -0
- data/lib/google/cloud/bigquery/convert.rb +154 -170
- data/lib/google/cloud/bigquery/copy_job.rb +40 -23
- data/lib/google/cloud/bigquery/credentials.rb +5 -12
- data/lib/google/cloud/bigquery/data.rb +109 -18
- data/lib/google/cloud/bigquery/dataset/access.rb +322 -51
- data/lib/google/cloud/bigquery/dataset/list.rb +7 -13
- data/lib/google/cloud/bigquery/dataset.rb +960 -279
- data/lib/google/cloud/bigquery/external/avro_source.rb +107 -0
- data/lib/google/cloud/bigquery/external/bigtable_source/column.rb +404 -0
- data/lib/google/cloud/bigquery/external/bigtable_source/column_family.rb +945 -0
- data/lib/google/cloud/bigquery/external/bigtable_source.rb +230 -0
- data/lib/google/cloud/bigquery/external/csv_source.rb +481 -0
- data/lib/google/cloud/bigquery/external/data_source.rb +771 -0
- data/lib/google/cloud/bigquery/external/json_source.rb +170 -0
- data/lib/google/cloud/bigquery/external/parquet_source.rb +148 -0
- data/lib/google/cloud/bigquery/external/sheets_source.rb +166 -0
- data/lib/google/cloud/bigquery/external.rb +50 -2256
- data/lib/google/cloud/bigquery/extract_job.rb +217 -58
- data/lib/google/cloud/bigquery/insert_response.rb +1 -3
- data/lib/google/cloud/bigquery/job/list.rb +13 -20
- data/lib/google/cloud/bigquery/job.rb +286 -11
- data/lib/google/cloud/bigquery/load_job.rb +801 -133
- data/lib/google/cloud/bigquery/model/list.rb +5 -9
- data/lib/google/cloud/bigquery/model.rb +247 -16
- data/lib/google/cloud/bigquery/policy.rb +432 -0
- data/lib/google/cloud/bigquery/project/list.rb +6 -11
- data/lib/google/cloud/bigquery/project.rb +526 -243
- data/lib/google/cloud/bigquery/query_job.rb +584 -125
- data/lib/google/cloud/bigquery/routine/list.rb +165 -0
- data/lib/google/cloud/bigquery/routine.rb +1227 -0
- data/lib/google/cloud/bigquery/schema/field.rb +413 -63
- data/lib/google/cloud/bigquery/schema.rb +221 -48
- data/lib/google/cloud/bigquery/service.rb +186 -109
- data/lib/google/cloud/bigquery/standard_sql.rb +269 -53
- data/lib/google/cloud/bigquery/table/async_inserter.rb +86 -42
- data/lib/google/cloud/bigquery/table/list.rb +6 -11
- data/lib/google/cloud/bigquery/table.rb +1188 -326
- data/lib/google/cloud/bigquery/time.rb +6 -0
- data/lib/google/cloud/bigquery/version.rb +1 -1
- data/lib/google/cloud/bigquery.rb +18 -8
- data/lib/google-cloud-bigquery.rb +15 -13
- metadata +67 -40
@@ -35,7 +35,7 @@ module Google
|
|
35
35
|
# access.add_owner_group "owners@example.com"
|
36
36
|
# access.add_writer_user "writer@example.com"
|
37
37
|
# access.remove_writer_user "readers@example.com"
|
38
|
-
# access.add_reader_special :
|
38
|
+
# access.add_reader_special :all_users
|
39
39
|
# end
|
40
40
|
#
|
41
41
|
class Access
|
@@ -48,16 +48,19 @@ module Google
|
|
48
48
|
|
49
49
|
# @private
|
50
50
|
SCOPES = {
|
51
|
-
"
|
52
|
-
"user_by_email" => :user_by_email,
|
53
|
-
"userByEmail" => :user_by_email,
|
51
|
+
"domain" => :domain,
|
54
52
|
"group" => :group_by_email,
|
55
53
|
"group_by_email" => :group_by_email,
|
56
54
|
"groupByEmail" => :group_by_email,
|
57
|
-
"
|
55
|
+
"iam_member" => :iam_member,
|
56
|
+
"iamMember" => :iam_member,
|
57
|
+
"routine" => :routine,
|
58
58
|
"special" => :special_group,
|
59
59
|
"special_group" => :special_group,
|
60
60
|
"specialGroup" => :special_group,
|
61
|
+
"user" => :user_by_email,
|
62
|
+
"user_by_email" => :user_by_email,
|
63
|
+
"userByEmail" => :user_by_email,
|
61
64
|
"view" => :view
|
62
65
|
}.freeze
|
63
66
|
|
@@ -74,7 +77,9 @@ module Google
|
|
74
77
|
"projectWriters" => "projectWriters",
|
75
78
|
"all" => "allAuthenticatedUsers",
|
76
79
|
"all_authenticated_users" => "allAuthenticatedUsers",
|
77
|
-
"allAuthenticatedUsers" => "allAuthenticatedUsers"
|
80
|
+
"allAuthenticatedUsers" => "allAuthenticatedUsers",
|
81
|
+
"all_users" => "allUsers",
|
82
|
+
"allUsers" => "allUsers"
|
78
83
|
}.freeze
|
79
84
|
|
80
85
|
##
|
@@ -148,6 +153,26 @@ module Google
|
|
148
153
|
add_access_role_scope_value :reader, :group, email
|
149
154
|
end
|
150
155
|
|
156
|
+
##
|
157
|
+
# Add reader access to some other type of member that appears in the IAM
|
158
|
+
# Policy but isn't a user, group, domain, or special group.
|
159
|
+
#
|
160
|
+
# @param [String] identity The identity reference.
|
161
|
+
#
|
162
|
+
# @example
|
163
|
+
# require "google/cloud/bigquery"
|
164
|
+
#
|
165
|
+
# bigquery = Google::Cloud::Bigquery.new
|
166
|
+
# dataset = bigquery.dataset "my_dataset"
|
167
|
+
#
|
168
|
+
# dataset.access do |access|
|
169
|
+
# access.add_reader_iam_member "entity@example.com"
|
170
|
+
# end
|
171
|
+
#
|
172
|
+
def add_reader_iam_member identity
|
173
|
+
add_access_role_scope_value :reader, :iam_member, identity
|
174
|
+
end
|
175
|
+
|
151
176
|
##
|
152
177
|
# Add reader access to a domain.
|
153
178
|
#
|
@@ -172,7 +197,7 @@ module Google
|
|
172
197
|
# Add reader access to a special group.
|
173
198
|
#
|
174
199
|
# @param [String] group Accepted values are `owners`, `writers`,
|
175
|
-
# `readers`, and `
|
200
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
176
201
|
#
|
177
202
|
# @example
|
178
203
|
# require "google/cloud/bigquery"
|
@@ -181,13 +206,40 @@ module Google
|
|
181
206
|
# dataset = bigquery.dataset "my_dataset"
|
182
207
|
#
|
183
208
|
# dataset.access do |access|
|
184
|
-
# access.add_reader_special :
|
209
|
+
# access.add_reader_special :all_users
|
185
210
|
# end
|
186
211
|
#
|
187
212
|
def add_reader_special group
|
188
213
|
add_access_role_scope_value :reader, :special, group
|
189
214
|
end
|
190
215
|
|
216
|
+
##
|
217
|
+
# Add access to a routine from a different dataset. Queries executed
|
218
|
+
# against that routine will have read access to views/tables/routines
|
219
|
+
# in this dataset. Only UDF is supported for now. The role field is
|
220
|
+
# not required when this field is set. If that routine is updated by
|
221
|
+
# any user, access to the routine needs to be granted again via an
|
222
|
+
# update operation.
|
223
|
+
#
|
224
|
+
# @param [Google::Cloud::Bigquery::Routine] routine A routine object.
|
225
|
+
#
|
226
|
+
# @example
|
227
|
+
# require "google/cloud/bigquery"
|
228
|
+
#
|
229
|
+
# bigquery = Google::Cloud::Bigquery.new
|
230
|
+
# dataset = bigquery.dataset "my_dataset"
|
231
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
232
|
+
#
|
233
|
+
# routine = other_dataset.routine "my_routine"
|
234
|
+
#
|
235
|
+
# dataset.access do |access|
|
236
|
+
# access.add_reader_routine routine
|
237
|
+
# end
|
238
|
+
#
|
239
|
+
def add_reader_routine routine
|
240
|
+
add_access_routine routine
|
241
|
+
end
|
242
|
+
|
191
243
|
##
|
192
244
|
# Add reader access to a view.
|
193
245
|
#
|
@@ -203,9 +255,9 @@ module Google
|
|
203
255
|
#
|
204
256
|
# bigquery = Google::Cloud::Bigquery.new
|
205
257
|
# dataset = bigquery.dataset "my_dataset"
|
206
|
-
# other_dataset = bigquery.dataset "my_other_dataset"
|
258
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
207
259
|
#
|
208
|
-
# view = other_dataset.table "my_view"
|
260
|
+
# view = other_dataset.table "my_view", skip_lookup: true
|
209
261
|
#
|
210
262
|
# dataset.access do |access|
|
211
263
|
# access.add_reader_view view
|
@@ -253,6 +305,26 @@ module Google
|
|
253
305
|
add_access_role_scope_value :writer, :group, email
|
254
306
|
end
|
255
307
|
|
308
|
+
##
|
309
|
+
# Add writer access to some other type of member that appears in the IAM
|
310
|
+
# Policy but isn't a user, group, domain, or special group.
|
311
|
+
#
|
312
|
+
# @param [String] identity The identity reference.
|
313
|
+
#
|
314
|
+
# @example
|
315
|
+
# require "google/cloud/bigquery"
|
316
|
+
#
|
317
|
+
# bigquery = Google::Cloud::Bigquery.new
|
318
|
+
# dataset = bigquery.dataset "my_dataset"
|
319
|
+
#
|
320
|
+
# dataset.access do |access|
|
321
|
+
# access.add_writer_iam_member "entity@example.com"
|
322
|
+
# end
|
323
|
+
#
|
324
|
+
def add_writer_iam_member identity
|
325
|
+
add_access_role_scope_value :writer, :iam_member, identity
|
326
|
+
end
|
327
|
+
|
256
328
|
##
|
257
329
|
# Add writer access to a domain.
|
258
330
|
#
|
@@ -277,7 +349,7 @@ module Google
|
|
277
349
|
# Add writer access to a special group.
|
278
350
|
#
|
279
351
|
# @param [String] group Accepted values are `owners`, `writers`,
|
280
|
-
# `readers`, and `
|
352
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
281
353
|
#
|
282
354
|
# @example
|
283
355
|
# require "google/cloud/bigquery"
|
@@ -286,7 +358,7 @@ module Google
|
|
286
358
|
# dataset = bigquery.dataset "my_dataset"
|
287
359
|
#
|
288
360
|
# dataset.access do |access|
|
289
|
-
# access.add_writer_special :
|
361
|
+
# access.add_writer_special :all_users
|
290
362
|
# end
|
291
363
|
#
|
292
364
|
def add_writer_special group
|
@@ -331,6 +403,26 @@ module Google
|
|
331
403
|
add_access_role_scope_value :owner, :group, email
|
332
404
|
end
|
333
405
|
|
406
|
+
##
|
407
|
+
# Add owner access to some other type of member that appears in the IAM
|
408
|
+
# Policy but isn't a user, group, domain, or special group.
|
409
|
+
#
|
410
|
+
# @param [String] identity The identity reference.
|
411
|
+
#
|
412
|
+
# @example
|
413
|
+
# require "google/cloud/bigquery"
|
414
|
+
#
|
415
|
+
# bigquery = Google::Cloud::Bigquery.new
|
416
|
+
# dataset = bigquery.dataset "my_dataset"
|
417
|
+
#
|
418
|
+
# dataset.access do |access|
|
419
|
+
# access.add_owner_iam_member "entity@example.com"
|
420
|
+
# end
|
421
|
+
#
|
422
|
+
def add_owner_iam_member identity
|
423
|
+
add_access_role_scope_value :owner, :iam_member, identity
|
424
|
+
end
|
425
|
+
|
334
426
|
##
|
335
427
|
# Add owner access to a domain.
|
336
428
|
#
|
@@ -355,7 +447,7 @@ module Google
|
|
355
447
|
# Add owner access to a special group.
|
356
448
|
#
|
357
449
|
# @param [String] group Accepted values are `owners`, `writers`,
|
358
|
-
# `readers`, and `
|
450
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
359
451
|
#
|
360
452
|
# @example
|
361
453
|
# require "google/cloud/bigquery"
|
@@ -364,7 +456,7 @@ module Google
|
|
364
456
|
# dataset = bigquery.dataset "my_dataset"
|
365
457
|
#
|
366
458
|
# dataset.access do |access|
|
367
|
-
# access.add_owner_special :
|
459
|
+
# access.add_owner_special :all_users
|
368
460
|
# end
|
369
461
|
#
|
370
462
|
def add_owner_special group
|
@@ -409,6 +501,26 @@ module Google
|
|
409
501
|
remove_access_role_scope_value :reader, :group, email
|
410
502
|
end
|
411
503
|
|
504
|
+
##
|
505
|
+
# Remove reader access from some other type of member that appears in the IAM
|
506
|
+
# Policy but isn't a user, group, domain, or special group.
|
507
|
+
#
|
508
|
+
# @param [String] identity The identity reference.
|
509
|
+
#
|
510
|
+
# @example
|
511
|
+
# require "google/cloud/bigquery"
|
512
|
+
#
|
513
|
+
# bigquery = Google::Cloud::Bigquery.new
|
514
|
+
# dataset = bigquery.dataset "my_dataset"
|
515
|
+
#
|
516
|
+
# dataset.access do |access|
|
517
|
+
# access.remove_reader_iam_member "entity@example.com"
|
518
|
+
# end
|
519
|
+
#
|
520
|
+
def remove_reader_iam_member identity
|
521
|
+
remove_access_role_scope_value :reader, :iam_member, identity
|
522
|
+
end
|
523
|
+
|
412
524
|
##
|
413
525
|
# Remove reader access from a domain.
|
414
526
|
#
|
@@ -433,7 +545,7 @@ module Google
|
|
433
545
|
# Remove reader access from a special group.
|
434
546
|
#
|
435
547
|
# @param [String] group Accepted values are `owners`, `writers`,
|
436
|
-
# `readers`, and `
|
548
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
437
549
|
#
|
438
550
|
# @example
|
439
551
|
# require "google/cloud/bigquery"
|
@@ -442,13 +554,35 @@ module Google
|
|
442
554
|
# dataset = bigquery.dataset "my_dataset"
|
443
555
|
#
|
444
556
|
# dataset.access do |access|
|
445
|
-
# access.remove_reader_special :
|
557
|
+
# access.remove_reader_special :all_users
|
446
558
|
# end
|
447
559
|
#
|
448
560
|
def remove_reader_special group
|
449
561
|
remove_access_role_scope_value :reader, :special, group
|
450
562
|
end
|
451
563
|
|
564
|
+
##
|
565
|
+
# Remove reader access from a routine from a different dataset.
|
566
|
+
#
|
567
|
+
# @param [Google::Cloud::Bigquery::Routine] routine A routine object.
|
568
|
+
#
|
569
|
+
# @example
|
570
|
+
# require "google/cloud/bigquery"
|
571
|
+
#
|
572
|
+
# bigquery = Google::Cloud::Bigquery.new
|
573
|
+
# dataset = bigquery.dataset "my_dataset"
|
574
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
575
|
+
#
|
576
|
+
# routine = other_dataset.routine "my_routine", skip_lookup: true
|
577
|
+
#
|
578
|
+
# dataset.access do |access|
|
579
|
+
# access.remove_reader_routine routine
|
580
|
+
# end
|
581
|
+
#
|
582
|
+
def remove_reader_routine routine
|
583
|
+
remove_access_routine routine
|
584
|
+
end
|
585
|
+
|
452
586
|
##
|
453
587
|
# Remove reader access from a view.
|
454
588
|
#
|
@@ -464,9 +598,9 @@ module Google
|
|
464
598
|
#
|
465
599
|
# bigquery = Google::Cloud::Bigquery.new
|
466
600
|
# dataset = bigquery.dataset "my_dataset"
|
467
|
-
# other_dataset = bigquery.dataset "my_other_dataset"
|
601
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
468
602
|
#
|
469
|
-
# view = other_dataset.table "my_view"
|
603
|
+
# view = other_dataset.table "my_view", skip_lookup: true
|
470
604
|
#
|
471
605
|
# dataset.access do |access|
|
472
606
|
# access.remove_reader_view view
|
@@ -514,6 +648,26 @@ module Google
|
|
514
648
|
remove_access_role_scope_value :writer, :group, email
|
515
649
|
end
|
516
650
|
|
651
|
+
##
|
652
|
+
# Remove writer access from some other type of member that appears in the IAM
|
653
|
+
# Policy but isn't a user, group, domain, or special group.
|
654
|
+
#
|
655
|
+
# @param [String] identity The identity reference.
|
656
|
+
#
|
657
|
+
# @example
|
658
|
+
# require "google/cloud/bigquery"
|
659
|
+
#
|
660
|
+
# bigquery = Google::Cloud::Bigquery.new
|
661
|
+
# dataset = bigquery.dataset "my_dataset"
|
662
|
+
#
|
663
|
+
# dataset.access do |access|
|
664
|
+
# access.remove_writer_iam_member "entity@example.com"
|
665
|
+
# end
|
666
|
+
#
|
667
|
+
def remove_writer_iam_member identity
|
668
|
+
remove_access_role_scope_value :writer, :iam_member, identity
|
669
|
+
end
|
670
|
+
|
517
671
|
##
|
518
672
|
# Remove writer access from a domain.
|
519
673
|
#
|
@@ -538,7 +692,7 @@ module Google
|
|
538
692
|
# Remove writer access from a special group.
|
539
693
|
#
|
540
694
|
# @param [String] group Accepted values are `owners`, `writers`,
|
541
|
-
# `readers`, and `
|
695
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
542
696
|
#
|
543
697
|
# @example
|
544
698
|
# require "google/cloud/bigquery"
|
@@ -547,7 +701,7 @@ module Google
|
|
547
701
|
# dataset = bigquery.dataset "my_dataset"
|
548
702
|
#
|
549
703
|
# dataset.access do |access|
|
550
|
-
# access.remove_writer_special :
|
704
|
+
# access.remove_writer_special :all_users
|
551
705
|
# end
|
552
706
|
#
|
553
707
|
def remove_writer_special group
|
@@ -592,6 +746,26 @@ module Google
|
|
592
746
|
remove_access_role_scope_value :owner, :group, email
|
593
747
|
end
|
594
748
|
|
749
|
+
##
|
750
|
+
# Remove owner access from some other type of member that appears in the IAM
|
751
|
+
# Policy but isn't a user, group, domain, or special group.
|
752
|
+
#
|
753
|
+
# @param [String] identity The identity reference.
|
754
|
+
#
|
755
|
+
# @example
|
756
|
+
# require "google/cloud/bigquery"
|
757
|
+
#
|
758
|
+
# bigquery = Google::Cloud::Bigquery.new
|
759
|
+
# dataset = bigquery.dataset "my_dataset"
|
760
|
+
#
|
761
|
+
# dataset.access do |access|
|
762
|
+
# access.remove_owner_iam_member "entity@example.com"
|
763
|
+
# end
|
764
|
+
#
|
765
|
+
def remove_owner_iam_member identity
|
766
|
+
remove_access_role_scope_value :owner, :iam_member, identity
|
767
|
+
end
|
768
|
+
|
595
769
|
##
|
596
770
|
# Remove owner access from a domain.
|
597
771
|
#
|
@@ -616,7 +790,7 @@ module Google
|
|
616
790
|
# Remove owner access from a special group.
|
617
791
|
#
|
618
792
|
# @param [String] group Accepted values are `owners`, `writers`,
|
619
|
-
# `readers`, and `
|
793
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
620
794
|
#
|
621
795
|
# @example
|
622
796
|
# require "google/cloud/bigquery"
|
@@ -625,7 +799,7 @@ module Google
|
|
625
799
|
# dataset = bigquery.dataset "my_dataset"
|
626
800
|
#
|
627
801
|
# dataset.access do |access|
|
628
|
-
# access.remove_owner_special :
|
802
|
+
# access.remove_owner_special :all_users
|
629
803
|
# end
|
630
804
|
#
|
631
805
|
def remove_owner_special group
|
@@ -668,6 +842,25 @@ module Google
|
|
668
842
|
lookup_access_role_scope_value :reader, :group, email
|
669
843
|
end
|
670
844
|
|
845
|
+
##
|
846
|
+
# Checks reader access for some other type of member that appears in the IAM
|
847
|
+
# Policy but isn't a user, group, domain, or special group.
|
848
|
+
#
|
849
|
+
# @param [String] identity The identity reference.
|
850
|
+
#
|
851
|
+
# @example
|
852
|
+
# require "google/cloud/bigquery"
|
853
|
+
#
|
854
|
+
# bigquery = Google::Cloud::Bigquery.new
|
855
|
+
# dataset = bigquery.dataset "my_dataset"
|
856
|
+
#
|
857
|
+
# access = dataset.access
|
858
|
+
# access.reader_iam_member? "entity@example.com" #=> false
|
859
|
+
#
|
860
|
+
def reader_iam_member? identity
|
861
|
+
lookup_access_role_scope_value :reader, :iam_member, identity
|
862
|
+
end
|
863
|
+
|
671
864
|
##
|
672
865
|
# Checks reader access for a domain.
|
673
866
|
#
|
@@ -691,7 +884,7 @@ module Google
|
|
691
884
|
# Checks reader access for a special group.
|
692
885
|
#
|
693
886
|
# @param [String] group Accepted values are `owners`, `writers`,
|
694
|
-
# `readers`, and `
|
887
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
695
888
|
#
|
696
889
|
# @example
|
697
890
|
# require "google/cloud/bigquery"
|
@@ -700,12 +893,38 @@ module Google
|
|
700
893
|
# dataset = bigquery.dataset "my_dataset"
|
701
894
|
#
|
702
895
|
# access = dataset.access
|
703
|
-
# access.reader_special? :
|
896
|
+
# access.reader_special? :all_users #=> false
|
704
897
|
#
|
705
898
|
def reader_special? group
|
706
899
|
lookup_access_role_scope_value :reader, :special, group
|
707
900
|
end
|
708
901
|
|
902
|
+
##
|
903
|
+
# Checks access for a routine from a different dataset. Queries executed
|
904
|
+
# against that routine will have read access to views/tables/routines
|
905
|
+
# in this dataset. Only UDF is supported for now. The role field is
|
906
|
+
# not required when this field is set. If that routine is updated by
|
907
|
+
# any user, access to the routine needs to be granted again via an
|
908
|
+
# update operation.
|
909
|
+
#
|
910
|
+
# @param [Google::Cloud::Bigquery::Routine] routine A routine object.
|
911
|
+
#
|
912
|
+
# @example
|
913
|
+
# require "google/cloud/bigquery"
|
914
|
+
#
|
915
|
+
# bigquery = Google::Cloud::Bigquery.new
|
916
|
+
# dataset = bigquery.dataset "my_dataset"
|
917
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
918
|
+
#
|
919
|
+
# routine = other_dataset.routine "my_routine", skip_lookup: true
|
920
|
+
#
|
921
|
+
# access = dataset.access
|
922
|
+
# access.reader_routine? routine #=> false
|
923
|
+
#
|
924
|
+
def reader_routine? routine
|
925
|
+
lookup_access_routine routine
|
926
|
+
end
|
927
|
+
|
709
928
|
##
|
710
929
|
# Checks reader access for a view.
|
711
930
|
#
|
@@ -721,9 +940,9 @@ module Google
|
|
721
940
|
#
|
722
941
|
# bigquery = Google::Cloud::Bigquery.new
|
723
942
|
# dataset = bigquery.dataset "my_dataset"
|
724
|
-
# other_dataset = bigquery.dataset "my_other_dataset"
|
943
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
725
944
|
#
|
726
|
-
# view = other_dataset.table "my_view"
|
945
|
+
# view = other_dataset.table "my_view", skip_lookup: true
|
727
946
|
#
|
728
947
|
# access = dataset.access
|
729
948
|
# access.reader_view? view #=> false
|
@@ -768,6 +987,25 @@ module Google
|
|
768
987
|
lookup_access_role_scope_value :writer, :group, email
|
769
988
|
end
|
770
989
|
|
990
|
+
##
|
991
|
+
# Checks writer access for some other type of member that appears in the IAM
|
992
|
+
# Policy but isn't a user, group, domain, or special group.
|
993
|
+
#
|
994
|
+
# @param [String] identity The identity reference.
|
995
|
+
#
|
996
|
+
# @example
|
997
|
+
# require "google/cloud/bigquery"
|
998
|
+
#
|
999
|
+
# bigquery = Google::Cloud::Bigquery.new
|
1000
|
+
# dataset = bigquery.dataset "my_dataset"
|
1001
|
+
#
|
1002
|
+
# access = dataset.access
|
1003
|
+
# access.writer_iam_member? "entity@example.com" #=> false
|
1004
|
+
#
|
1005
|
+
def writer_iam_member? identity
|
1006
|
+
lookup_access_role_scope_value :writer, :iam_member, identity
|
1007
|
+
end
|
1008
|
+
|
771
1009
|
##
|
772
1010
|
# Checks writer access for a domain.
|
773
1011
|
#
|
@@ -791,7 +1029,7 @@ module Google
|
|
791
1029
|
# Checks writer access for a special group.
|
792
1030
|
#
|
793
1031
|
# @param [String] group Accepted values are `owners`, `writers`,
|
794
|
-
# `readers`, and `
|
1032
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
795
1033
|
#
|
796
1034
|
# @example
|
797
1035
|
# require "google/cloud/bigquery"
|
@@ -800,7 +1038,7 @@ module Google
|
|
800
1038
|
# dataset = bigquery.dataset "my_dataset"
|
801
1039
|
#
|
802
1040
|
# access = dataset.access
|
803
|
-
# access.writer_special? :
|
1041
|
+
# access.writer_special? :all_users #=> false
|
804
1042
|
#
|
805
1043
|
def writer_special? group
|
806
1044
|
lookup_access_role_scope_value :writer, :special, group
|
@@ -842,6 +1080,25 @@ module Google
|
|
842
1080
|
lookup_access_role_scope_value :owner, :group, email
|
843
1081
|
end
|
844
1082
|
|
1083
|
+
##
|
1084
|
+
# Checks owner access for some other type of member that appears in the IAM
|
1085
|
+
# Policy but isn't a user, group, domain, or special group.
|
1086
|
+
#
|
1087
|
+
# @param [String] identity The identity reference.
|
1088
|
+
#
|
1089
|
+
# @example
|
1090
|
+
# require "google/cloud/bigquery"
|
1091
|
+
#
|
1092
|
+
# bigquery = Google::Cloud::Bigquery.new
|
1093
|
+
# dataset = bigquery.dataset "my_dataset"
|
1094
|
+
#
|
1095
|
+
# access = dataset.access
|
1096
|
+
# access.owner_iam_member? "entity@example.com" #=> false
|
1097
|
+
#
|
1098
|
+
def owner_iam_member? identity
|
1099
|
+
lookup_access_role_scope_value :owner, :iam_member, identity
|
1100
|
+
end
|
1101
|
+
|
845
1102
|
##
|
846
1103
|
# Checks owner access for a domain.
|
847
1104
|
#
|
@@ -865,7 +1122,7 @@ module Google
|
|
865
1122
|
# Checks owner access for a special group.
|
866
1123
|
#
|
867
1124
|
# @param [String] group Accepted values are `owners`, `writers`,
|
868
|
-
# `readers`, and `
|
1125
|
+
# `readers`, `all_authenticated_users`, and `all_users`.
|
869
1126
|
#
|
870
1127
|
# @example
|
871
1128
|
# require "google/cloud/bigquery"
|
@@ -874,7 +1131,7 @@ module Google
|
|
874
1131
|
# dataset = bigquery.dataset "my_dataset"
|
875
1132
|
#
|
876
1133
|
# access = dataset.access
|
877
|
-
# access.owner_special? :
|
1134
|
+
# access.owner_special? :all_users #=> false
|
878
1135
|
#
|
879
1136
|
def owner_special? group
|
880
1137
|
lookup_access_role_scope_value :owner, :special, group
|
@@ -885,10 +1142,8 @@ module Google
|
|
885
1142
|
rules = Array gapi.access
|
886
1143
|
new.tap do |s|
|
887
1144
|
s.instance_variable_set :@rules, rules
|
888
|
-
s.instance_variable_set :@original_rules_hashes,
|
889
|
-
|
890
|
-
s.instance_variable_set :@dataset_reference,
|
891
|
-
gapi.dataset_reference
|
1145
|
+
s.instance_variable_set :@original_rules_hashes, rules.map(&:to_h)
|
1146
|
+
s.instance_variable_set :@dataset_reference, gapi.dataset_reference
|
892
1147
|
end
|
893
1148
|
end
|
894
1149
|
|
@@ -902,18 +1157,14 @@ module Google
|
|
902
1157
|
# @private
|
903
1158
|
def validate_role role
|
904
1159
|
good_role = ROLES[role.to_s]
|
905
|
-
if good_role.nil?
|
906
|
-
raise ArgumentError "Unable to determine role for #{role}"
|
907
|
-
end
|
1160
|
+
raise ArgumentError "Unable to determine role for #{role}" if good_role.nil?
|
908
1161
|
good_role
|
909
1162
|
end
|
910
1163
|
|
911
1164
|
# @private
|
912
1165
|
def validate_scope scope
|
913
1166
|
good_scope = SCOPES[scope.to_s]
|
914
|
-
if good_scope.nil?
|
915
|
-
raise ArgumentError "Unable to determine scope for #{scope}"
|
916
|
-
end
|
1167
|
+
raise ArgumentError "Unable to determine scope for #{scope}" if good_scope.nil?
|
917
1168
|
good_scope
|
918
1169
|
end
|
919
1170
|
|
@@ -943,7 +1194,17 @@ module Google
|
|
943
1194
|
@rules.reject!(&find_by_scope_and_value(scope, value))
|
944
1195
|
# Add new rule for this role, scope, and value
|
945
1196
|
opts = { role: role, scope => value }
|
946
|
-
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(opts)
|
1197
|
+
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(**opts)
|
1198
|
+
end
|
1199
|
+
|
1200
|
+
# @private
|
1201
|
+
def add_access_routine routine
|
1202
|
+
value = routine.routine_ref
|
1203
|
+
# Remove existing routine rule, if any
|
1204
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:routine, value))
|
1205
|
+
# Add new rule for this role, scope, and value
|
1206
|
+
opts = { routine: value }
|
1207
|
+
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(**opts)
|
947
1208
|
end
|
948
1209
|
|
949
1210
|
# @private
|
@@ -951,10 +1212,10 @@ module Google
|
|
951
1212
|
# scope is view, make sure value is in the right format
|
952
1213
|
value = validate_view value
|
953
1214
|
# Remove existing view rule, if any
|
954
|
-
@rules.reject!(&
|
1215
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:view, value))
|
955
1216
|
# Add new rule for this role, scope, and value
|
956
1217
|
opts = { view: value }
|
957
|
-
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(opts)
|
1218
|
+
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(**opts)
|
958
1219
|
end
|
959
1220
|
|
960
1221
|
# @private
|
@@ -969,12 +1230,18 @@ module Google
|
|
969
1230
|
)
|
970
1231
|
end
|
971
1232
|
|
1233
|
+
# @private
|
1234
|
+
def remove_access_routine routine
|
1235
|
+
# Remove existing routine rule, if any
|
1236
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:routine, routine.routine_ref))
|
1237
|
+
end
|
1238
|
+
|
972
1239
|
# @private
|
973
1240
|
def remove_access_view value
|
974
1241
|
# scope is view, make sure value is in the right format
|
975
1242
|
value = validate_view value
|
976
1243
|
# Remove existing view rule, if any
|
977
|
-
@rules.reject!(&
|
1244
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:view, value))
|
978
1245
|
end
|
979
1246
|
|
980
1247
|
# @private
|
@@ -984,9 +1251,13 @@ module Google
|
|
984
1251
|
# If scope is special group, make sure value is in the list
|
985
1252
|
value = validate_special_group value if scope == :special_group
|
986
1253
|
# Detect any rules of this role, scope, and value
|
987
|
-
!(!@rules.detect(
|
988
|
-
|
989
|
-
|
1254
|
+
!(!@rules.detect(&find_by_role_and_scope_and_value(role, scope, value)))
|
1255
|
+
end
|
1256
|
+
|
1257
|
+
# @private
|
1258
|
+
def lookup_access_routine routine
|
1259
|
+
# Detect routine rule, if any
|
1260
|
+
!(!@rules.detect(&find_by_scope_and_resource_ref(:routine, routine.routine_ref)))
|
990
1261
|
end
|
991
1262
|
|
992
1263
|
# @private
|
@@ -994,7 +1265,7 @@ module Google
|
|
994
1265
|
# scope is view, make sure value is in the right format
|
995
1266
|
value = validate_view value
|
996
1267
|
# Detect view rule, if any
|
997
|
-
!(!@rules.detect(&
|
1268
|
+
!(!@rules.detect(&find_by_scope_and_resource_ref(:view, value)))
|
998
1269
|
end
|
999
1270
|
|
1000
1271
|
# @private
|
@@ -1013,11 +1284,11 @@ module Google
|
|
1013
1284
|
end
|
1014
1285
|
end
|
1015
1286
|
|
1016
|
-
# @private
|
1017
|
-
def
|
1287
|
+
# @private Compare hash representations to find table_ref, routine_ref.
|
1288
|
+
def find_by_scope_and_resource_ref scope, value
|
1018
1289
|
lambda do |a|
|
1019
1290
|
h = a.to_h
|
1020
|
-
h[
|
1291
|
+
h[scope].to_h == value.to_h
|
1021
1292
|
end
|
1022
1293
|
end
|
1023
1294
|
end
|