google-cloud-bigtable 1.0.2 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d0176970ee72e39f0de396385bea3f8f41d46ba2016c81e6ce1cea93a1a7bf49
4
- data.tar.gz: fb2cb6fed3a4fb130f5f5e4d9590daaea5ef5134d68d3fc3a09a3ffdf342851d
3
+ metadata.gz: d5a23f16f0330f474a569b573e9651402b1494e0d6549a93bd09a92e74276866
4
+ data.tar.gz: 2f876607d84147ef39875f8fd476ee278fc0d31bad9e70db70d752eac33bc4fb
5
5
  SHA512:
6
- metadata.gz: ff1726e7db56ecd3d2d3b76ddc307ae3b8cc023a682fae5c9ef25bc3a13310d0f4541a7abd73aacc8174f1deb2415c910ba8383556e0c238cc0969a01e475748
7
- data.tar.gz: 6d67330c76ddde34ddcd79a6fc875d3d4c2795e87152157f0d4c7836e9336683943ec5c89cf53ac9ea88b0bc4a8af74b8b07ce1b53ba63544d5521c052c829ad
6
+ metadata.gz: 8cceac32a50ad779a690fe989ba58c6723e876a0125045e9c380740e550781710a4b7c4c79b5954029d9b334dc43a87b29624cd09d1a769c0960fa0fc7e3027e
7
+ data.tar.gz: afdb9a5c2ef03fd8471cc6fa1746ba2aecd8e96618dd3049a035ee42f6c5fbbc9439367c299101c59edf20731847eb0444b5937c72711a18d1de8c534fdc2759
@@ -1,5 +1,11 @@
1
1
  # Release History
2
2
 
3
+ ### 1.1.0 / 2020-02-10
4
+
5
+ #### Features
6
+
7
+ * Add Table-level IAM Policy support
8
+
3
9
  ### 1.0.2 / 2020-01-23
4
10
 
5
11
  #### Documentation
@@ -854,7 +854,7 @@ module Google
854
854
  # policy.add("roles/owner", "user:owner@example.com")
855
855
  # updated_policy = instance.update_policy(policy)
856
856
  #
857
- # puts update_policy.roles
857
+ # puts updated_policy.roles
858
858
  #
859
859
  def update_policy new_policy
860
860
  ensure_service!
@@ -884,7 +884,7 @@ module Google
884
884
  # * bigtable.tables.get
885
885
  # * bigtable.tables.list
886
886
  #
887
- # @return [Array<Strings>] The permissions that have access.
887
+ # @return [Array<String>] The permissions that are configured for the policy.
888
888
  #
889
889
  # @example
890
890
  # require "google/cloud/bigtable"
@@ -902,11 +902,8 @@ module Google
902
902
  #
903
903
  def test_iam_permissions *permissions
904
904
  ensure_service!
905
- grpc = service.test_instance_permissions(
906
- instance_id,
907
- Array(permissions).flatten
908
- )
909
- grpc.permissions
905
+ grpc = service.test_instance_permissions instance_id, permissions.flatten
906
+ grpc.permissions.to_a
910
907
  end
911
908
 
912
909
  # @private
@@ -19,7 +19,7 @@ module Google
19
19
  ##
20
20
  # # Policy
21
21
  #
22
- # Represents a Cloud IAM Policy for Bigtable instance resources.
22
+ # Represents a Cloud IAM Policy for Bigtable resources.
23
23
  #
24
24
  # A common pattern for updating a resource's metadata, such as its policy,
25
25
  # is to read the current data from the service, update the data locally,
@@ -640,6 +640,58 @@ module Google
640
640
  end
641
641
  end
642
642
 
643
+ ##
644
+ # Gets the access control policy for an table resource. Returns an empty
645
+ # policy if an table exists but does not have a policy set.
646
+ #
647
+ # @param table_id [String]
648
+ # Unique ID of the table for which the policy is being requested.
649
+ # @return [Google::Iam::V1::Policy]
650
+ #
651
+ def get_table_policy instance_id, table_id
652
+ execute do
653
+ tables.get_iam_policy table_path(instance_id, table_id)
654
+ end
655
+ end
656
+
657
+ ##
658
+ # Sets the access control policy on an table resource. Replaces any
659
+ # existing policy.
660
+ #
661
+ # @param table_id [String]
662
+ # Unique ID of the table the policy is for.
663
+ # @param policy [Google::Iam::V1::Policy | Hash]
664
+ # REQUIRED: The complete policy to be applied to the +resource+. The size of
665
+ # the policy is limited to a few 10s of KB. An empty policy is valid
666
+ # for Cloud Bigtable, but certain Cloud Platform services (such as Projects)
667
+ # might reject an empty policy.
668
+ # Alternatively, provide a hash similar to `Google::Iam::V1::Policy`.
669
+ # @return [Google::Iam::V1::Policy]
670
+ #
671
+ def set_table_policy instance_id, table_id, policy
672
+ execute do
673
+ tables.set_iam_policy table_path(instance_id, table_id), policy
674
+ end
675
+ end
676
+
677
+ ##
678
+ # Returns permissions that the caller has for the specified table resource.
679
+ #
680
+ # @param table_id [String]
681
+ # The table ID that the policy detail is being requested for.
682
+ # @param permissions [Array<String>]
683
+ # The set of permissions to check for the +resource+. Permissions with
684
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
685
+ # information see
686
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
687
+ # @return [Google::Iam::V1::TestIamPermissionsResponse]
688
+ #
689
+ def test_table_permissions instance_id, table_id, permissions
690
+ execute do
691
+ tables.test_iam_permissions table_path(instance_id, table_id), permissions
692
+ end
693
+ end
694
+
643
695
  def read_rows instance_id, table_id, app_profile_id: nil, rows: nil, filter: nil, rows_limit: nil
644
696
  # execute is not used because error handling is in ReadOperations#read_rows
645
697
  client.read_rows table_path(instance_id, table_id),
@@ -20,6 +20,7 @@ require "google/cloud/bigtable/table/cluster_state"
20
20
  require "google/cloud/bigtable/column_family_map"
21
21
  require "google/cloud/bigtable/gc_rule"
22
22
  require "google/cloud/bigtable/mutation_operations"
23
+ require "google/cloud/bigtable/policy"
23
24
  require "google/cloud/bigtable/read_operations"
24
25
 
25
26
  module Google
@@ -239,6 +240,117 @@ module Google
239
240
  granularity == :MILLIS
240
241
  end
241
242
 
243
+ ##
244
+ # Gets the [Cloud IAM](https://cloud.google.com/iam/) access control
245
+ # policy for the table.
246
+ #
247
+ # @see https://cloud.google.com/bigtable/docs/access-control
248
+ #
249
+ # @yield [policy] A block for updating the policy. The latest policy
250
+ # will be read from the Bigtable service and passed to the block. After
251
+ # the block completes, the modified policy will be written to the
252
+ # service.
253
+ # @yieldparam [Policy] policy the current Cloud IAM Policy for this
254
+ # table.
255
+ #
256
+ # @return [Policy] The current Cloud IAM Policy for the table.
257
+ #
258
+ # @example
259
+ # require "google/cloud/bigtable"
260
+ #
261
+ # bigtable = Google::Cloud::Bigtable.new
262
+ #
263
+ # table = bigtable.table("my-instance", "my-table", perform_lookup: true)
264
+ # policy = table.policy
265
+ #
266
+ # @example Update the policy by passing a block.
267
+ # require "google/cloud/bigtable"
268
+ #
269
+ # bigtable = Google::Cloud::Bigtable.new
270
+ #
271
+ # table = bigtable.table("my-instance", "my-table", perform_lookup: true)
272
+ #
273
+ # table.policy do |p|
274
+ # p.add("roles/owner", "user:owner@example.com")
275
+ # end # 2 API calls
276
+ #
277
+ def policy
278
+ ensure_service!
279
+ grpc = service.get_table_policy instance_id, name
280
+ policy = Policy.from_grpc grpc
281
+ return policy unless block_given?
282
+ yield policy
283
+ update_policy policy
284
+ end
285
+
286
+ ##
287
+ # Updates the [Cloud IAM](https://cloud.google.com/iam/) access control
288
+ # policy for the table. The policy should be read from {#policy}.
289
+ # See {Google::Cloud::Bigtable::Policy} for an explanation of the policy
290
+ # `etag` property and how to modify policies.
291
+ #
292
+ # You can also update the policy by passing a block to {#policy}, which
293
+ # will call this method internally after the block completes.
294
+ #
295
+ # @param new_policy [Policy] a new or modified Cloud IAM Policy for this
296
+ # table
297
+ #
298
+ # @return [Policy] The policy returned by the API update operation.
299
+ #
300
+ # @example
301
+ # require "google/cloud/bigtable"
302
+ #
303
+ # bigtable = Google::Cloud::Bigtable.new
304
+ #
305
+ # table = bigtable.table("my-instance", "my-table", perform_lookup: true)
306
+ #
307
+ # policy = table.policy
308
+ # policy.add("roles/owner", "user:owner@example.com")
309
+ # updated_policy = table.update_policy(policy)
310
+ #
311
+ # puts updated_policy.roles
312
+ #
313
+ def update_policy new_policy
314
+ ensure_service!
315
+ grpc = service.set_table_policy instance_id, name, new_policy.to_grpc
316
+ Policy.from_grpc grpc
317
+ end
318
+ alias policy= update_policy
319
+
320
+ ##
321
+ # Tests the specified permissions against the [Cloud
322
+ # IAM](https://cloud.google.com/iam/) access control policy.
323
+ #
324
+ # @see https://cloud.google.com/iam/docs/managing-policies Managing Policies
325
+ # @see https://cloud.google.com/bigtable/docs/access-control Access Control
326
+ #
327
+ # @param permissions [String, Array<String>] permissions The set of permissions to
328
+ # check access for. Permissions with wildcards (such as `*` or
329
+ # `bigtable.*`) are not allowed.
330
+ # See [Access Control](https://cloud.google.com/bigtable/docs/access-control).
331
+ #
332
+ # @return [Array<String>] The permissions that are configured for the policy.
333
+ #
334
+ # @example
335
+ # require "google/cloud/bigtable"
336
+ #
337
+ # bigtable = Google::Cloud::Bigtable.new
338
+ #
339
+ # table = bigtable.table("my-instance", "my-table", perform_lookup: true)
340
+ #
341
+ # permissions = table.test_iam_permissions(
342
+ # "bigtable.tables.delete",
343
+ # "bigtable.tables.get"
344
+ # )
345
+ # permissions.include? "bigtable.tables.delete" #=> false
346
+ # permissions.include? "bigtable.tables.get" #=> true
347
+ #
348
+ def test_iam_permissions *permissions
349
+ ensure_service!
350
+ grpc = service.test_table_permissions instance_id, name, permissions.flatten
351
+ grpc.permissions.to_a
352
+ end
353
+
242
354
  ##
243
355
  # Permanently deletes the table from a instance.
244
356
  #
@@ -16,7 +16,7 @@
16
16
  module Google
17
17
  module Cloud
18
18
  module Bigtable
19
- VERSION = "1.0.2".freeze
19
+ VERSION = "1.1.0".freeze
20
20
  end
21
21
  end
22
22
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-bigtable
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-01-23 00:00:00.000000000 Z
11
+ date: 2020-02-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: google-cloud-core