google-cloud-bigquery 1.22.0 → 1.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +55 -0
- data/CONTRIBUTING.md +1 -1
- data/lib/google-cloud-bigquery.rb +1 -0
- data/lib/google/cloud/bigquery.rb +1 -1
- data/lib/google/cloud/bigquery/dataset/access.rb +293 -16
- data/lib/google/cloud/bigquery/external.rb +328 -3
- data/lib/google/cloud/bigquery/extract_job.rb +4 -8
- data/lib/google/cloud/bigquery/job.rb +35 -1
- data/lib/google/cloud/bigquery/load_job.rb +182 -28
- data/lib/google/cloud/bigquery/policy.rb +431 -0
- data/lib/google/cloud/bigquery/query_job.rb +9 -6
- data/lib/google/cloud/bigquery/routine.rb +127 -5
- data/lib/google/cloud/bigquery/service.rb +38 -1
- data/lib/google/cloud/bigquery/table.rb +111 -5
- data/lib/google/cloud/bigquery/version.rb +1 -1
- metadata +7 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 334d37be375f513da083f7338e1324413409a6c30554456c08290ed1337c2701
|
|
4
|
+
data.tar.gz: f21c7793b5a9f82d0c3840aa5915fd10ef43644ccc1d9ea996a63860fa8b16ed
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 187d0549552613c40f85001fdf82197db01af5b5e285dfd6f7615a64c62ed74807c0ea31ac560d2a1516dae0c91f14fcc08b143882fcf8437b8d7c964f256348
|
|
7
|
+
data.tar.gz: e6b80ed9ccff8ffb2f8537a009a6d41a7930ee080f50800001b0afa9f7706a85af58180d091051f34a2499d66ca15f5c084a74cbbff244d8c22d266fc62713db
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,60 @@
|
|
|
1
1
|
# Release History
|
|
2
2
|
|
|
3
|
+
### 1.27.0 / 2021-02-10
|
|
4
|
+
|
|
5
|
+
#### Features
|
|
6
|
+
|
|
7
|
+
* Add Job#reservation_usage
|
|
8
|
+
* Add Routine#determinism_level
|
|
9
|
+
* Add Routine#determinism_level
|
|
10
|
+
* Add Routine#determinism_level=
|
|
11
|
+
* Add Routine#determinism_level_deterministic?
|
|
12
|
+
* Add Routine#determinism_level_not_deterministic?
|
|
13
|
+
* Add Routine::Updater#determinism_level=
|
|
14
|
+
|
|
15
|
+
### 1.26.0 / 2021-01-13
|
|
16
|
+
|
|
17
|
+
#### Features
|
|
18
|
+
|
|
19
|
+
* Add support for Hive Partitioning
|
|
20
|
+
* Add hive partitioning options to External::DataSource
|
|
21
|
+
* Add hive partitioning options to LoadJob and LoadJob::Updater
|
|
22
|
+
* Replace google-api-client with google-apis-bigquery_v2
|
|
23
|
+
|
|
24
|
+
### 1.25.0 / 2020-11-16
|
|
25
|
+
|
|
26
|
+
#### Features
|
|
27
|
+
|
|
28
|
+
* Add routine (UDF) to Dataset::Access
|
|
29
|
+
* Add support for Table ACLS (IAM Policy)
|
|
30
|
+
* feat(bigquery): Add support for Table ACLS
|
|
31
|
+
* Add Bigquery::Policy
|
|
32
|
+
* Add Table#policy
|
|
33
|
+
* Add Table#test_iam_permissions
|
|
34
|
+
* Add Table#update_policy
|
|
35
|
+
|
|
36
|
+
### 1.24.0 / 2020-10-29
|
|
37
|
+
|
|
38
|
+
#### Features
|
|
39
|
+
|
|
40
|
+
* Add iamMember to Dataset::Access
|
|
41
|
+
|
|
42
|
+
#### Bug Fixes
|
|
43
|
+
|
|
44
|
+
* Ensure dense encoding of JSON responses
|
|
45
|
+
* Set query param prettyPrint=false for all requests.
|
|
46
|
+
* Upgrade google-api-client to ~> 0.47
|
|
47
|
+
|
|
48
|
+
#### Documentation
|
|
49
|
+
|
|
50
|
+
* Update supported types for time partition type
|
|
51
|
+
|
|
52
|
+
### 1.23.0 / 2020-09-17
|
|
53
|
+
|
|
54
|
+
#### Features
|
|
55
|
+
|
|
56
|
+
* quota_project can be set via library configuration ([#7627](https://www.github.com/googleapis/google-cloud-ruby/issues/7627))
|
|
57
|
+
|
|
3
58
|
### 1.22.0 / 2020-09-10
|
|
4
59
|
|
|
5
60
|
#### Features
|
data/CONTRIBUTING.md
CHANGED
|
@@ -133,6 +133,7 @@ Google::Cloud.configure.add_config! :bigquery do |config|
|
|
|
133
133
|
config.add_field! :credentials, default_creds, match: [String, Hash, Google::Auth::Credentials], allow_nil: true
|
|
134
134
|
config.add_alias! :keyfile, :credentials
|
|
135
135
|
config.add_field! :scope, nil, match: [String, Array]
|
|
136
|
+
config.add_field! :quota_project, nil, match: String
|
|
136
137
|
config.add_field! :retries, nil, match: Integer
|
|
137
138
|
config.add_field! :timeout, nil, match: Integer
|
|
138
139
|
config.add_field! :endpoint, nil, match: String
|
|
@@ -48,16 +48,19 @@ module Google
|
|
|
48
48
|
|
|
49
49
|
# @private
|
|
50
50
|
SCOPES = {
|
|
51
|
-
"
|
|
52
|
-
"user_by_email" => :user_by_email,
|
|
53
|
-
"userByEmail" => :user_by_email,
|
|
51
|
+
"domain" => :domain,
|
|
54
52
|
"group" => :group_by_email,
|
|
55
53
|
"group_by_email" => :group_by_email,
|
|
56
54
|
"groupByEmail" => :group_by_email,
|
|
57
|
-
"
|
|
55
|
+
"iam_member" => :iam_member,
|
|
56
|
+
"iamMember" => :iam_member,
|
|
57
|
+
"routine" => :routine,
|
|
58
58
|
"special" => :special_group,
|
|
59
59
|
"special_group" => :special_group,
|
|
60
60
|
"specialGroup" => :special_group,
|
|
61
|
+
"user" => :user_by_email,
|
|
62
|
+
"user_by_email" => :user_by_email,
|
|
63
|
+
"userByEmail" => :user_by_email,
|
|
61
64
|
"view" => :view
|
|
62
65
|
}.freeze
|
|
63
66
|
|
|
@@ -150,6 +153,26 @@ module Google
|
|
|
150
153
|
add_access_role_scope_value :reader, :group, email
|
|
151
154
|
end
|
|
152
155
|
|
|
156
|
+
##
|
|
157
|
+
# Add reader access to some other type of member that appears in the IAM
|
|
158
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
159
|
+
#
|
|
160
|
+
# @param [String] identity The identity reference.
|
|
161
|
+
#
|
|
162
|
+
# @example
|
|
163
|
+
# require "google/cloud/bigquery"
|
|
164
|
+
#
|
|
165
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
166
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
167
|
+
#
|
|
168
|
+
# dataset.access do |access|
|
|
169
|
+
# access.add_reader_iam_member "entity@example.com"
|
|
170
|
+
# end
|
|
171
|
+
#
|
|
172
|
+
def add_reader_iam_member identity
|
|
173
|
+
add_access_role_scope_value :reader, :iam_member, identity
|
|
174
|
+
end
|
|
175
|
+
|
|
153
176
|
##
|
|
154
177
|
# Add reader access to a domain.
|
|
155
178
|
#
|
|
@@ -190,6 +213,33 @@ module Google
|
|
|
190
213
|
add_access_role_scope_value :reader, :special, group
|
|
191
214
|
end
|
|
192
215
|
|
|
216
|
+
##
|
|
217
|
+
# Add access to a routine from a different dataset. Queries executed
|
|
218
|
+
# against that routine will have read access to views/tables/routines
|
|
219
|
+
# in this dataset. Only UDF is supported for now. The role field is
|
|
220
|
+
# not required when this field is set. If that routine is updated by
|
|
221
|
+
# any user, access to the routine needs to be granted again via an
|
|
222
|
+
# update operation.
|
|
223
|
+
#
|
|
224
|
+
# @param [Google::Cloud::Bigquery::Routine] routine A routine object.
|
|
225
|
+
#
|
|
226
|
+
# @example
|
|
227
|
+
# require "google/cloud/bigquery"
|
|
228
|
+
#
|
|
229
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
230
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
231
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
|
232
|
+
#
|
|
233
|
+
# routine = other_dataset.routine "my_routine"
|
|
234
|
+
#
|
|
235
|
+
# dataset.access do |access|
|
|
236
|
+
# access.add_reader_routine routine
|
|
237
|
+
# end
|
|
238
|
+
#
|
|
239
|
+
def add_reader_routine routine
|
|
240
|
+
add_access_routine routine
|
|
241
|
+
end
|
|
242
|
+
|
|
193
243
|
##
|
|
194
244
|
# Add reader access to a view.
|
|
195
245
|
#
|
|
@@ -205,9 +255,9 @@ module Google
|
|
|
205
255
|
#
|
|
206
256
|
# bigquery = Google::Cloud::Bigquery.new
|
|
207
257
|
# dataset = bigquery.dataset "my_dataset"
|
|
208
|
-
# other_dataset = bigquery.dataset "my_other_dataset"
|
|
258
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
|
209
259
|
#
|
|
210
|
-
# view = other_dataset.table "my_view"
|
|
260
|
+
# view = other_dataset.table "my_view", skip_lookup: true
|
|
211
261
|
#
|
|
212
262
|
# dataset.access do |access|
|
|
213
263
|
# access.add_reader_view view
|
|
@@ -255,6 +305,26 @@ module Google
|
|
|
255
305
|
add_access_role_scope_value :writer, :group, email
|
|
256
306
|
end
|
|
257
307
|
|
|
308
|
+
##
|
|
309
|
+
# Add writer access to some other type of member that appears in the IAM
|
|
310
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
311
|
+
#
|
|
312
|
+
# @param [String] identity The identity reference.
|
|
313
|
+
#
|
|
314
|
+
# @example
|
|
315
|
+
# require "google/cloud/bigquery"
|
|
316
|
+
#
|
|
317
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
318
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
319
|
+
#
|
|
320
|
+
# dataset.access do |access|
|
|
321
|
+
# access.add_writer_iam_member "entity@example.com"
|
|
322
|
+
# end
|
|
323
|
+
#
|
|
324
|
+
def add_writer_iam_member identity
|
|
325
|
+
add_access_role_scope_value :writer, :iam_member, identity
|
|
326
|
+
end
|
|
327
|
+
|
|
258
328
|
##
|
|
259
329
|
# Add writer access to a domain.
|
|
260
330
|
#
|
|
@@ -333,6 +403,26 @@ module Google
|
|
|
333
403
|
add_access_role_scope_value :owner, :group, email
|
|
334
404
|
end
|
|
335
405
|
|
|
406
|
+
##
|
|
407
|
+
# Add owner access to some other type of member that appears in the IAM
|
|
408
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
409
|
+
#
|
|
410
|
+
# @param [String] identity The identity reference.
|
|
411
|
+
#
|
|
412
|
+
# @example
|
|
413
|
+
# require "google/cloud/bigquery"
|
|
414
|
+
#
|
|
415
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
416
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
417
|
+
#
|
|
418
|
+
# dataset.access do |access|
|
|
419
|
+
# access.add_owner_iam_member "entity@example.com"
|
|
420
|
+
# end
|
|
421
|
+
#
|
|
422
|
+
def add_owner_iam_member identity
|
|
423
|
+
add_access_role_scope_value :owner, :iam_member, identity
|
|
424
|
+
end
|
|
425
|
+
|
|
336
426
|
##
|
|
337
427
|
# Add owner access to a domain.
|
|
338
428
|
#
|
|
@@ -411,6 +501,26 @@ module Google
|
|
|
411
501
|
remove_access_role_scope_value :reader, :group, email
|
|
412
502
|
end
|
|
413
503
|
|
|
504
|
+
##
|
|
505
|
+
# Remove reader access from some other type of member that appears in the IAM
|
|
506
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
507
|
+
#
|
|
508
|
+
# @param [String] identity The identity reference.
|
|
509
|
+
#
|
|
510
|
+
# @example
|
|
511
|
+
# require "google/cloud/bigquery"
|
|
512
|
+
#
|
|
513
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
514
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
515
|
+
#
|
|
516
|
+
# dataset.access do |access|
|
|
517
|
+
# access.remove_reader_iam_member "entity@example.com"
|
|
518
|
+
# end
|
|
519
|
+
#
|
|
520
|
+
def remove_reader_iam_member identity
|
|
521
|
+
remove_access_role_scope_value :reader, :iam_member, identity
|
|
522
|
+
end
|
|
523
|
+
|
|
414
524
|
##
|
|
415
525
|
# Remove reader access from a domain.
|
|
416
526
|
#
|
|
@@ -451,6 +561,28 @@ module Google
|
|
|
451
561
|
remove_access_role_scope_value :reader, :special, group
|
|
452
562
|
end
|
|
453
563
|
|
|
564
|
+
##
|
|
565
|
+
# Remove reader access from a routine from a different dataset.
|
|
566
|
+
#
|
|
567
|
+
# @param [Google::Cloud::Bigquery::Routine] routine A routine object.
|
|
568
|
+
#
|
|
569
|
+
# @example
|
|
570
|
+
# require "google/cloud/bigquery"
|
|
571
|
+
#
|
|
572
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
573
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
574
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
|
575
|
+
#
|
|
576
|
+
# routine = other_dataset.routine "my_routine", skip_lookup: true
|
|
577
|
+
#
|
|
578
|
+
# dataset.access do |access|
|
|
579
|
+
# access.remove_reader_routine routine
|
|
580
|
+
# end
|
|
581
|
+
#
|
|
582
|
+
def remove_reader_routine routine
|
|
583
|
+
remove_access_routine routine
|
|
584
|
+
end
|
|
585
|
+
|
|
454
586
|
##
|
|
455
587
|
# Remove reader access from a view.
|
|
456
588
|
#
|
|
@@ -466,9 +598,9 @@ module Google
|
|
|
466
598
|
#
|
|
467
599
|
# bigquery = Google::Cloud::Bigquery.new
|
|
468
600
|
# dataset = bigquery.dataset "my_dataset"
|
|
469
|
-
# other_dataset = bigquery.dataset "my_other_dataset"
|
|
601
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
|
470
602
|
#
|
|
471
|
-
# view = other_dataset.table "my_view"
|
|
603
|
+
# view = other_dataset.table "my_view", skip_lookup: true
|
|
472
604
|
#
|
|
473
605
|
# dataset.access do |access|
|
|
474
606
|
# access.remove_reader_view view
|
|
@@ -516,6 +648,26 @@ module Google
|
|
|
516
648
|
remove_access_role_scope_value :writer, :group, email
|
|
517
649
|
end
|
|
518
650
|
|
|
651
|
+
##
|
|
652
|
+
# Remove writer access from some other type of member that appears in the IAM
|
|
653
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
654
|
+
#
|
|
655
|
+
# @param [String] identity The identity reference.
|
|
656
|
+
#
|
|
657
|
+
# @example
|
|
658
|
+
# require "google/cloud/bigquery"
|
|
659
|
+
#
|
|
660
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
661
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
662
|
+
#
|
|
663
|
+
# dataset.access do |access|
|
|
664
|
+
# access.remove_writer_iam_member "entity@example.com"
|
|
665
|
+
# end
|
|
666
|
+
#
|
|
667
|
+
def remove_writer_iam_member identity
|
|
668
|
+
remove_access_role_scope_value :writer, :iam_member, identity
|
|
669
|
+
end
|
|
670
|
+
|
|
519
671
|
##
|
|
520
672
|
# Remove writer access from a domain.
|
|
521
673
|
#
|
|
@@ -594,6 +746,26 @@ module Google
|
|
|
594
746
|
remove_access_role_scope_value :owner, :group, email
|
|
595
747
|
end
|
|
596
748
|
|
|
749
|
+
##
|
|
750
|
+
# Remove owner access from some other type of member that appears in the IAM
|
|
751
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
752
|
+
#
|
|
753
|
+
# @param [String] identity The identity reference.
|
|
754
|
+
#
|
|
755
|
+
# @example
|
|
756
|
+
# require "google/cloud/bigquery"
|
|
757
|
+
#
|
|
758
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
759
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
760
|
+
#
|
|
761
|
+
# dataset.access do |access|
|
|
762
|
+
# access.remove_owner_iam_member "entity@example.com"
|
|
763
|
+
# end
|
|
764
|
+
#
|
|
765
|
+
def remove_owner_iam_member identity
|
|
766
|
+
remove_access_role_scope_value :owner, :iam_member, identity
|
|
767
|
+
end
|
|
768
|
+
|
|
597
769
|
##
|
|
598
770
|
# Remove owner access from a domain.
|
|
599
771
|
#
|
|
@@ -670,6 +842,25 @@ module Google
|
|
|
670
842
|
lookup_access_role_scope_value :reader, :group, email
|
|
671
843
|
end
|
|
672
844
|
|
|
845
|
+
##
|
|
846
|
+
# Checks reader access for some other type of member that appears in the IAM
|
|
847
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
848
|
+
#
|
|
849
|
+
# @param [String] identity The identity reference.
|
|
850
|
+
#
|
|
851
|
+
# @example
|
|
852
|
+
# require "google/cloud/bigquery"
|
|
853
|
+
#
|
|
854
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
855
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
856
|
+
#
|
|
857
|
+
# access = dataset.access
|
|
858
|
+
# access.reader_iam_member? "entity@example.com" #=> false
|
|
859
|
+
#
|
|
860
|
+
def reader_iam_member? identity
|
|
861
|
+
lookup_access_role_scope_value :reader, :iam_member, identity
|
|
862
|
+
end
|
|
863
|
+
|
|
673
864
|
##
|
|
674
865
|
# Checks reader access for a domain.
|
|
675
866
|
#
|
|
@@ -708,6 +899,32 @@ module Google
|
|
|
708
899
|
lookup_access_role_scope_value :reader, :special, group
|
|
709
900
|
end
|
|
710
901
|
|
|
902
|
+
##
|
|
903
|
+
# Checks access for a routine from a different dataset. Queries executed
|
|
904
|
+
# against that routine will have read access to views/tables/routines
|
|
905
|
+
# in this dataset. Only UDF is supported for now. The role field is
|
|
906
|
+
# not required when this field is set. If that routine is updated by
|
|
907
|
+
# any user, access to the routine needs to be granted again via an
|
|
908
|
+
# update operation.
|
|
909
|
+
#
|
|
910
|
+
# @param [Google::Cloud::Bigquery::Routine] routine A routine object.
|
|
911
|
+
#
|
|
912
|
+
# @example
|
|
913
|
+
# require "google/cloud/bigquery"
|
|
914
|
+
#
|
|
915
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
916
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
917
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
|
918
|
+
#
|
|
919
|
+
# routine = other_dataset.routine "my_routine", skip_lookup: true
|
|
920
|
+
#
|
|
921
|
+
# access = dataset.access
|
|
922
|
+
# access.reader_routine? routine #=> false
|
|
923
|
+
#
|
|
924
|
+
def reader_routine? routine
|
|
925
|
+
lookup_access_routine routine
|
|
926
|
+
end
|
|
927
|
+
|
|
711
928
|
##
|
|
712
929
|
# Checks reader access for a view.
|
|
713
930
|
#
|
|
@@ -723,9 +940,9 @@ module Google
|
|
|
723
940
|
#
|
|
724
941
|
# bigquery = Google::Cloud::Bigquery.new
|
|
725
942
|
# dataset = bigquery.dataset "my_dataset"
|
|
726
|
-
# other_dataset = bigquery.dataset "my_other_dataset"
|
|
943
|
+
# other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true
|
|
727
944
|
#
|
|
728
|
-
# view = other_dataset.table "my_view"
|
|
945
|
+
# view = other_dataset.table "my_view", skip_lookup: true
|
|
729
946
|
#
|
|
730
947
|
# access = dataset.access
|
|
731
948
|
# access.reader_view? view #=> false
|
|
@@ -770,6 +987,25 @@ module Google
|
|
|
770
987
|
lookup_access_role_scope_value :writer, :group, email
|
|
771
988
|
end
|
|
772
989
|
|
|
990
|
+
##
|
|
991
|
+
# Checks writer access for some other type of member that appears in the IAM
|
|
992
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
993
|
+
#
|
|
994
|
+
# @param [String] identity The identity reference.
|
|
995
|
+
#
|
|
996
|
+
# @example
|
|
997
|
+
# require "google/cloud/bigquery"
|
|
998
|
+
#
|
|
999
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
1000
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
1001
|
+
#
|
|
1002
|
+
# access = dataset.access
|
|
1003
|
+
# access.writer_iam_member? "entity@example.com" #=> false
|
|
1004
|
+
#
|
|
1005
|
+
def writer_iam_member? identity
|
|
1006
|
+
lookup_access_role_scope_value :writer, :iam_member, identity
|
|
1007
|
+
end
|
|
1008
|
+
|
|
773
1009
|
##
|
|
774
1010
|
# Checks writer access for a domain.
|
|
775
1011
|
#
|
|
@@ -844,6 +1080,25 @@ module Google
|
|
|
844
1080
|
lookup_access_role_scope_value :owner, :group, email
|
|
845
1081
|
end
|
|
846
1082
|
|
|
1083
|
+
##
|
|
1084
|
+
# Checks owner access for some other type of member that appears in the IAM
|
|
1085
|
+
# Policy but isn't a user, group, domain, or special group.
|
|
1086
|
+
#
|
|
1087
|
+
# @param [String] identity The identity reference.
|
|
1088
|
+
#
|
|
1089
|
+
# @example
|
|
1090
|
+
# require "google/cloud/bigquery"
|
|
1091
|
+
#
|
|
1092
|
+
# bigquery = Google::Cloud::Bigquery.new
|
|
1093
|
+
# dataset = bigquery.dataset "my_dataset"
|
|
1094
|
+
#
|
|
1095
|
+
# access = dataset.access
|
|
1096
|
+
# access.owner_iam_member? "entity@example.com" #=> false
|
|
1097
|
+
#
|
|
1098
|
+
def owner_iam_member? identity
|
|
1099
|
+
lookup_access_role_scope_value :owner, :iam_member, identity
|
|
1100
|
+
end
|
|
1101
|
+
|
|
847
1102
|
##
|
|
848
1103
|
# Checks owner access for a domain.
|
|
849
1104
|
#
|
|
@@ -942,12 +1197,22 @@ module Google
|
|
|
942
1197
|
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(opts)
|
|
943
1198
|
end
|
|
944
1199
|
|
|
1200
|
+
# @private
|
|
1201
|
+
def add_access_routine routine
|
|
1202
|
+
value = routine.routine_ref
|
|
1203
|
+
# Remove existing routine rule, if any
|
|
1204
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:routine, value))
|
|
1205
|
+
# Add new rule for this role, scope, and value
|
|
1206
|
+
opts = { routine: value }
|
|
1207
|
+
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(opts)
|
|
1208
|
+
end
|
|
1209
|
+
|
|
945
1210
|
# @private
|
|
946
1211
|
def add_access_view value
|
|
947
1212
|
# scope is view, make sure value is in the right format
|
|
948
1213
|
value = validate_view value
|
|
949
1214
|
# Remove existing view rule, if any
|
|
950
|
-
@rules.reject!(&
|
|
1215
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:view, value))
|
|
951
1216
|
# Add new rule for this role, scope, and value
|
|
952
1217
|
opts = { view: value }
|
|
953
1218
|
@rules << Google::Apis::BigqueryV2::Dataset::Access.new(opts)
|
|
@@ -965,12 +1230,18 @@ module Google
|
|
|
965
1230
|
)
|
|
966
1231
|
end
|
|
967
1232
|
|
|
1233
|
+
# @private
|
|
1234
|
+
def remove_access_routine routine
|
|
1235
|
+
# Remove existing routine rule, if any
|
|
1236
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:routine, routine.routine_ref))
|
|
1237
|
+
end
|
|
1238
|
+
|
|
968
1239
|
# @private
|
|
969
1240
|
def remove_access_view value
|
|
970
1241
|
# scope is view, make sure value is in the right format
|
|
971
1242
|
value = validate_view value
|
|
972
1243
|
# Remove existing view rule, if any
|
|
973
|
-
@rules.reject!(&
|
|
1244
|
+
@rules.reject!(&find_by_scope_and_resource_ref(:view, value))
|
|
974
1245
|
end
|
|
975
1246
|
|
|
976
1247
|
# @private
|
|
@@ -983,12 +1254,18 @@ module Google
|
|
|
983
1254
|
!(!@rules.detect(&find_by_role_and_scope_and_value(role, scope, value)))
|
|
984
1255
|
end
|
|
985
1256
|
|
|
1257
|
+
# @private
|
|
1258
|
+
def lookup_access_routine routine
|
|
1259
|
+
# Detect routine rule, if any
|
|
1260
|
+
!(!@rules.detect(&find_by_scope_and_resource_ref(:routine, routine.routine_ref)))
|
|
1261
|
+
end
|
|
1262
|
+
|
|
986
1263
|
# @private
|
|
987
1264
|
def lookup_access_view value
|
|
988
1265
|
# scope is view, make sure value is in the right format
|
|
989
1266
|
value = validate_view value
|
|
990
1267
|
# Detect view rule, if any
|
|
991
|
-
!(!@rules.detect(&
|
|
1268
|
+
!(!@rules.detect(&find_by_scope_and_resource_ref(:view, value)))
|
|
992
1269
|
end
|
|
993
1270
|
|
|
994
1271
|
# @private
|
|
@@ -1007,11 +1284,11 @@ module Google
|
|
|
1007
1284
|
end
|
|
1008
1285
|
end
|
|
1009
1286
|
|
|
1010
|
-
# @private
|
|
1011
|
-
def
|
|
1287
|
+
# @private Compare hash representations to find table_ref, routine_ref.
|
|
1288
|
+
def find_by_scope_and_resource_ref scope, value
|
|
1012
1289
|
lambda do |a|
|
|
1013
1290
|
h = a.to_h
|
|
1014
|
-
h[
|
|
1291
|
+
h[scope].to_h == value.to_h
|
|
1015
1292
|
end
|
|
1016
1293
|
end
|
|
1017
1294
|
end
|