google-cloud-storage 0.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,815 @@
1
+ # Copyright 2015 Google Inc. All rights reserved.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Cloud
18
+ module Storage
19
+ class Bucket
20
+ ##
21
+ # # Bucket Access Control List
22
+ #
23
+ # Represents a Bucket's Access Control List.
24
+ #
25
+ # @example
26
+ # require "google/cloud"
27
+ #
28
+ # gcloud = Google::Cloud.new
29
+ # storage = gcloud.storage
30
+ #
31
+ # bucket = storage.bucket "my-bucket"
32
+ #
33
+ # bucket.acl.readers.each { |reader| puts reader }
34
+ #
35
+ class Acl
36
+ # @private
37
+ RULES = { "authenticatedRead" => "authenticatedRead",
38
+ "auth" => "authenticatedRead",
39
+ "auth_read" => "authenticatedRead",
40
+ "authenticated" => "authenticatedRead",
41
+ "authenticated_read" => "authenticatedRead",
42
+ "private" => "private",
43
+ "projectPrivate" => "projectPrivate",
44
+ "proj_private" => "projectPrivate",
45
+ "project_private" => "projectPrivate",
46
+ "publicRead" => "publicRead",
47
+ "public" => "publicRead",
48
+ "public_read" => "publicRead",
49
+ "publicReadWrite" => "publicReadWrite",
50
+ "public_write" => "publicReadWrite" }
51
+
52
+ ##
53
+ # @private Initialized a new Acl object.
54
+ # Must provide a valid Bucket object.
55
+ def initialize bucket
56
+ @bucket = bucket.name
57
+ @service = bucket.service
58
+ @owners = nil
59
+ @writers = nil
60
+ @readers = nil
61
+ end
62
+
63
+ ##
64
+ # Reloads all Access Control List data for the bucket.
65
+ #
66
+ # @example
67
+ # require "google/cloud"
68
+ #
69
+ # gcloud = Google::Cloud.new
70
+ # storage = gcloud.storage
71
+ #
72
+ # bucket = storage.bucket "my-bucket"
73
+ #
74
+ # bucket.acl.reload!
75
+ #
76
+ def reload!
77
+ gapi = @service.list_bucket_acls @bucket
78
+ acls = Array(gapi.items)
79
+ @owners = entities_from_acls acls, "OWNER"
80
+ @writers = entities_from_acls acls, "WRITER"
81
+ @readers = entities_from_acls acls, "READER"
82
+ end
83
+ alias_method :refresh!, :reload!
84
+
85
+ ##
86
+ # Lists the owners of the bucket.
87
+ #
88
+ # @return [Array<String>]
89
+ #
90
+ # @example
91
+ # require "google/cloud"
92
+ #
93
+ # gcloud = Google::Cloud.new
94
+ # storage = gcloud.storage
95
+ #
96
+ # bucket = storage.bucket "my-bucket"
97
+ #
98
+ # bucket.acl.owners.each { |owner| puts owner }
99
+ #
100
+ def owners
101
+ reload! if @owners.nil?
102
+ @owners
103
+ end
104
+
105
+ ##
106
+ # Lists the owners of the bucket.
107
+ #
108
+ # @return [Array<String>]
109
+ #
110
+ # @example
111
+ # require "google/cloud"
112
+ #
113
+ # gcloud = Google::Cloud.new
114
+ # storage = gcloud.storage
115
+ #
116
+ # bucket = storage.bucket "my-bucket"
117
+ #
118
+ # bucket.acl.writers.each { |writer| puts writer }
119
+ #
120
+ def writers
121
+ reload! if @writers.nil?
122
+ @writers
123
+ end
124
+
125
+ ##
126
+ # Lists the readers of the bucket.
127
+ #
128
+ # @return [Array<String>]
129
+ #
130
+ # @example
131
+ # require "google/cloud"
132
+ #
133
+ # gcloud = Google::Cloud.new
134
+ # storage = gcloud.storage
135
+ #
136
+ # bucket = storage.bucket "my-bucket"
137
+ #
138
+ # bucket.acl.readers.each { |reader| puts reader }
139
+ #
140
+ def readers
141
+ reload! if @readers.nil?
142
+ @readers
143
+ end
144
+
145
+ ##
146
+ # Grants owner permission to the bucket.
147
+ #
148
+ # @param [String] entity The entity holding the permission, in one of
149
+ # the following forms:
150
+ #
151
+ # * user-userId
152
+ # * user-email
153
+ # * group-groupId
154
+ # * group-email
155
+ # * domain-domain
156
+ # * project-team-projectId
157
+ # * allUsers
158
+ # * allAuthenticatedUsers
159
+ #
160
+ # @example Grant access to a user by prepending `"user-"` to an email:
161
+ # require "google/cloud"
162
+ #
163
+ # gcloud = Google::Cloud.new
164
+ # storage = gcloud.storage
165
+ #
166
+ # bucket = storage.bucket "my-bucket"
167
+ #
168
+ # email = "heidi@example.net"
169
+ # bucket.acl.add_owner "user-#{email}"
170
+ #
171
+ # @example Grant access to a group by prepending `"group-"` to email:
172
+ # require "google/cloud"
173
+ #
174
+ # gcloud = Google::Cloud.new
175
+ # storage = gcloud.storage
176
+ #
177
+ # bucket = storage.bucket "my-bucket"
178
+ #
179
+ # email = "authors@example.net"
180
+ # bucket.acl.add_owner "group-#{email}"
181
+ #
182
+ def add_owner entity
183
+ gapi = @service.insert_bucket_acl @bucket, entity, "OWNER"
184
+ entity = gapi.entity
185
+ @owners.push entity unless @owners.nil?
186
+ entity
187
+ end
188
+
189
+ ##
190
+ # Grants writer permission to the bucket.
191
+ #
192
+ # @param [String] entity The entity holding the permission, in one of
193
+ # the following forms:
194
+ #
195
+ # * user-userId
196
+ # * user-email
197
+ # * group-groupId
198
+ # * group-email
199
+ # * domain-domain
200
+ # * project-team-projectId
201
+ # * allUsers
202
+ # * allAuthenticatedUsers
203
+ #
204
+ # @example Grant access to a user by prepending `"user-"` to an email:
205
+ # require "google/cloud"
206
+ #
207
+ # gcloud = Google::Cloud.new
208
+ # storage = gcloud.storage
209
+ #
210
+ # bucket = storage.bucket "my-bucket"
211
+ #
212
+ # email = "heidi@example.net"
213
+ # bucket.acl.add_writer "user-#{email}"
214
+ #
215
+ # @example Grant access to a group by prepending `"group-"` to email:
216
+ # require "google/cloud"
217
+ #
218
+ # gcloud = Google::Cloud.new
219
+ # storage = gcloud.storage
220
+ #
221
+ # bucket = storage.bucket "my-bucket"
222
+ #
223
+ # email = "authors@example.net"
224
+ # bucket.acl.add_writer "group-#{email}"
225
+ #
226
+ def add_writer entity
227
+ gapi = @service.insert_bucket_acl @bucket, entity, "WRITER"
228
+ entity = gapi.entity
229
+ @writers.push entity unless @writers.nil?
230
+ entity
231
+ end
232
+
233
+ ##
234
+ # Grants reader permission to the bucket.
235
+ #
236
+ # @param [String] entity The entity holding the permission, in one of
237
+ # the following forms:
238
+ #
239
+ # * user-userId
240
+ # * user-email
241
+ # * group-groupId
242
+ # * group-email
243
+ # * domain-domain
244
+ # * project-team-projectId
245
+ # * allUsers
246
+ # * allAuthenticatedUsers
247
+ #
248
+ # @example Grant access to a user by prepending `"user-"` to an email:
249
+ # require "google/cloud"
250
+ #
251
+ # gcloud = Google::Cloud.new
252
+ # storage = gcloud.storage
253
+ #
254
+ # bucket = storage.bucket "my-bucket"
255
+ #
256
+ # email = "heidi@example.net"
257
+ # bucket.acl.add_reader "user-#{email}"
258
+ #
259
+ # @example Grant access to a group by prepending `"group-"` to email:
260
+ # require "google/cloud"
261
+ #
262
+ # gcloud = Google::Cloud.new
263
+ # storage = gcloud.storage
264
+ #
265
+ # bucket = storage.bucket "my-bucket"
266
+ #
267
+ # email = "authors@example.net"
268
+ # bucket.acl.add_reader "group-#{email}"
269
+ #
270
+ def add_reader entity
271
+ gapi = @service.insert_bucket_acl @bucket, entity, "READER"
272
+ entity = gapi.entity
273
+ @readers.push entity unless @readers.nil?
274
+ entity
275
+ end
276
+
277
+ ##
278
+ # Permanently deletes the entity from the bucket's access control
279
+ # list.
280
+ #
281
+ # @param [String] entity The entity holding the permission, in one of
282
+ # the following forms:
283
+ #
284
+ # * user-userId
285
+ # * user-email
286
+ # * group-groupId
287
+ # * group-email
288
+ # * domain-domain
289
+ # * project-team-projectId
290
+ # * allUsers
291
+ # * allAuthenticatedUsers
292
+ #
293
+ # @example
294
+ # require "google/cloud"
295
+ #
296
+ # gcloud = Google::Cloud.new
297
+ # storage = gcloud.storage
298
+ #
299
+ # bucket = storage.bucket "my-bucket"
300
+ #
301
+ # email = "heidi@example.net"
302
+ # bucket.acl.delete "user-#{email}"
303
+ #
304
+ def delete entity
305
+ @service.delete_bucket_acl @bucket, entity
306
+ @owners.delete entity unless @owners.nil?
307
+ @writers.delete entity unless @writers.nil?
308
+ @readers.delete entity unless @readers.nil?
309
+ true
310
+ end
311
+
312
+ # @private
313
+ def self.predefined_rule_for rule_name
314
+ RULES[rule_name.to_s]
315
+ end
316
+
317
+ # Predefined ACL helpers
318
+
319
+ ##
320
+ # Convenience method to apply the `authenticatedRead` predefined ACL
321
+ # rule to the bucket.
322
+ #
323
+ # @example
324
+ # require "google/cloud"
325
+ #
326
+ # gcloud = Google::Cloud.new
327
+ # storage = gcloud.storage
328
+ #
329
+ # bucket = storage.bucket "my-bucket"
330
+ #
331
+ # bucket.acl.auth!
332
+ #
333
+ def auth!
334
+ update_predefined_acl! "authenticatedRead"
335
+ end
336
+ alias_method :authenticatedRead!, :auth!
337
+ alias_method :auth_read!, :auth!
338
+ alias_method :authenticated!, :auth!
339
+ alias_method :authenticated_read!, :auth!
340
+
341
+ ##
342
+ # Convenience method to apply the `private` predefined ACL
343
+ # rule to the bucket.
344
+ #
345
+ # @example
346
+ # require "google/cloud"
347
+ #
348
+ # gcloud = Google::Cloud.new
349
+ # storage = gcloud.storage
350
+ #
351
+ # bucket = storage.bucket "my-bucket"
352
+ #
353
+ # bucket.acl.private!
354
+ #
355
+ def private!
356
+ update_predefined_acl! "private"
357
+ end
358
+
359
+ ##
360
+ # Convenience method to apply the `projectPrivate` predefined ACL
361
+ # rule to the bucket.
362
+ #
363
+ # @example
364
+ # require "google/cloud"
365
+ #
366
+ # gcloud = Google::Cloud.new
367
+ # storage = gcloud.storage
368
+ #
369
+ # bucket = storage.bucket "my-bucket"
370
+ #
371
+ # bucket.acl.project_private!
372
+ #
373
+ def project_private!
374
+ update_predefined_acl! "projectPrivate"
375
+ end
376
+ alias_method :projectPrivate!, :project_private!
377
+
378
+ ##
379
+ # Convenience method to apply the `publicRead` predefined ACL
380
+ # rule to the bucket.
381
+ #
382
+ # @example
383
+ # require "google/cloud"
384
+ #
385
+ # gcloud = Google::Cloud.new
386
+ # storage = gcloud.storage
387
+ #
388
+ # bucket = storage.bucket "my-bucket"
389
+ #
390
+ # bucket.acl.public!
391
+ #
392
+ def public!
393
+ update_predefined_acl! "publicRead"
394
+ end
395
+ alias_method :publicRead!, :public!
396
+ alias_method :public_read!, :public!
397
+
398
+ # Convenience method to apply the `publicReadWrite` predefined ACL
399
+ # rule to the bucket.
400
+ #
401
+ # @example
402
+ # require "google/cloud"
403
+ #
404
+ # gcloud = Google::Cloud.new
405
+ # storage = gcloud.storage
406
+ #
407
+ # bucket = storage.bucket "my-bucket"
408
+ #
409
+ # bucket.acl.public_write!
410
+ #
411
+ def public_write!
412
+ update_predefined_acl! "publicReadWrite"
413
+ end
414
+ alias_method :publicReadWrite!, :public_write!
415
+
416
+ protected
417
+
418
+ def clear!
419
+ @owners = nil
420
+ @writers = nil
421
+ @readers = nil
422
+ self
423
+ end
424
+
425
+ def update_predefined_acl! acl_role
426
+ @service.patch_bucket @bucket, predefined_acl: acl_role
427
+ clear!
428
+ end
429
+
430
+ def entities_from_acls acls, role
431
+ selected = acls.select { |acl| acl.role == role }
432
+ entities = selected.map(&:entity)
433
+ entities
434
+ end
435
+ end
436
+
437
+ ##
438
+ # # Bucket Default Access Control List
439
+ #
440
+ # Represents a Bucket's Default Access Control List.
441
+ #
442
+ # @example
443
+ # require "google/cloud"
444
+ #
445
+ # gcloud = Google::Cloud.new
446
+ # storage = gcloud.storage
447
+ #
448
+ # bucket = storage.bucket "my-bucket"
449
+ #
450
+ # bucket.default_acl.readers.each { |reader| puts reader }
451
+ #
452
+ class DefaultAcl
453
+ # @private
454
+ RULES = { "authenticatedRead" => "authenticatedRead",
455
+ "auth" => "authenticatedRead",
456
+ "auth_read" => "authenticatedRead",
457
+ "authenticated" => "authenticatedRead",
458
+ "authenticated_read" => "authenticatedRead",
459
+ "bucketOwnerFullControl" => "bucketOwnerFullControl",
460
+ "owner_full" => "bucketOwnerFullControl",
461
+ "bucketOwnerRead" => "bucketOwnerRead",
462
+ "owner_read" => "bucketOwnerRead",
463
+ "private" => "private",
464
+ "projectPrivate" => "projectPrivate",
465
+ "project_private" => "projectPrivate",
466
+ "publicRead" => "publicRead",
467
+ "public" => "publicRead",
468
+ "public_read" => "publicRead" }
469
+
470
+ ##
471
+ # @private Initialized a new DefaultAcl object.
472
+ # Must provide a valid Bucket object.
473
+ def initialize bucket
474
+ @bucket = bucket.name
475
+ @service = bucket.service
476
+ @owners = nil
477
+ @readers = nil
478
+ end
479
+
480
+ ##
481
+ # Reloads all Default Access Control List data for the bucket.
482
+ #
483
+ # @example
484
+ # require "google/cloud"
485
+ #
486
+ # gcloud = Google::Cloud.new
487
+ # storage = gcloud.storage
488
+ #
489
+ # bucket = storage.bucket "my-bucket"
490
+ #
491
+ # bucket.default_acl.reload!
492
+ #
493
+ def reload!
494
+ gapi = @service.list_default_acls @bucket
495
+ acls = Array(gapi.items).map do |acl|
496
+ if acl.is_a? Google::Apis::StorageV1::ObjectAccessControl
497
+ return acl
498
+ end
499
+ fail "Unknown ACL format: #{acl.class}" unless acl.is_a? Hash
500
+ Google::Apis::StorageV1::ObjectAccessControl.from_json acl.to_json
501
+ end
502
+ @owners = entities_from_acls acls, "OWNER"
503
+ @readers = entities_from_acls acls, "READER"
504
+ end
505
+ alias_method :refresh!, :reload!
506
+
507
+ ##
508
+ # Lists the default owners for files in the bucket.
509
+ #
510
+ # @return [Array<String>]
511
+ #
512
+ # @example
513
+ # require "google/cloud"
514
+ #
515
+ # gcloud = Google::Cloud.new
516
+ # storage = gcloud.storage
517
+ #
518
+ # bucket = storage.bucket "my-bucket"
519
+ #
520
+ # bucket.default_acl.owners.each { |owner| puts owner }
521
+ #
522
+ def owners
523
+ reload! if @owners.nil?
524
+ @owners
525
+ end
526
+
527
+ ##
528
+ # Lists the default readers for files in the bucket.
529
+ #
530
+ # @return [Array<String>]
531
+ #
532
+ # @example
533
+ # require "google/cloud"
534
+ #
535
+ # gcloud = Google::Cloud.new
536
+ # storage = gcloud.storage
537
+ #
538
+ # bucket = storage.bucket "my-bucket"
539
+ #
540
+ # bucket.default_acl.readers.each { |reader| puts reader }
541
+ #
542
+ def readers
543
+ reload! if @readers.nil?
544
+ @readers
545
+ end
546
+
547
+ ##
548
+ # Grants default owner permission to files in the bucket.
549
+ #
550
+ # @param [String] entity The entity holding the permission, in one of
551
+ # the following forms:
552
+ #
553
+ # * user-userId
554
+ # * user-email
555
+ # * group-groupId
556
+ # * group-email
557
+ # * domain-domain
558
+ # * project-team-projectId
559
+ # * allUsers
560
+ # * allAuthenticatedUsers
561
+ #
562
+ # @example Grant access to a user by prepending `"user-"` to an email:
563
+ # require "google/cloud"
564
+ #
565
+ # gcloud = Google::Cloud.new
566
+ # storage = gcloud.storage
567
+ #
568
+ # bucket = storage.bucket "my-bucket"
569
+ #
570
+ # email = "heidi@example.net"
571
+ # bucket.default_acl.add_owner "user-#{email}"
572
+ #
573
+ # @example Grant access to a group by prepending `"group-"` to email:
574
+ # require "google/cloud"
575
+ #
576
+ # gcloud = Google::Cloud.new
577
+ # storage = gcloud.storage
578
+ #
579
+ # bucket = storage.bucket "my-bucket"
580
+ #
581
+ # email = "authors@example.net"
582
+ # bucket.default_acl.add_owner "group-#{email}"
583
+ #
584
+ def add_owner entity
585
+ gapi = @service.insert_default_acl @bucket, entity, "OWNER"
586
+ entity = gapi.entity
587
+ @owners.push entity unless @owners.nil?
588
+ entity
589
+ end
590
+
591
+ ##
592
+ # Grants default reader permission to files in the bucket.
593
+ #
594
+ # @param [String] entity The entity holding the permission, in one of
595
+ # the following forms:
596
+ #
597
+ # * user-userId
598
+ # * user-email
599
+ # * group-groupId
600
+ # * group-email
601
+ # * domain-domain
602
+ # * project-team-projectId
603
+ # * allUsers
604
+ # * allAuthenticatedUsers
605
+ #
606
+ # @example Grant access to a user by prepending `"user-"` to an email:
607
+ # require "google/cloud"
608
+ #
609
+ # gcloud = Google::Cloud.new
610
+ # storage = gcloud.storage
611
+ #
612
+ # bucket = storage.bucket "my-bucket"
613
+ #
614
+ # email = "heidi@example.net"
615
+ # bucket.default_acl.add_reader "user-#{email}"
616
+ #
617
+ # @example Grant access to a group by prepending `"group-"` to email:
618
+ # require "google/cloud"
619
+ #
620
+ # gcloud = Google::Cloud.new
621
+ # storage = gcloud.storage
622
+ #
623
+ # bucket = storage.bucket "my-bucket"
624
+ #
625
+ # email = "authors@example.net"
626
+ # bucket.default_acl.add_reader "group-#{email}"
627
+ #
628
+ def add_reader entity
629
+ gapi = @service.insert_default_acl @bucket, entity, "READER"
630
+ entity = gapi.entity
631
+ @readers.push entity unless @readers.nil?
632
+ entity
633
+ end
634
+
635
+ ##
636
+ # Permanently deletes the entity from the bucket's default access
637
+ # control list for files.
638
+ #
639
+ # @param [String] entity The entity holding the permission, in one of
640
+ # the following forms:
641
+ #
642
+ # * user-userId
643
+ # * user-email
644
+ # * group-groupId
645
+ # * group-email
646
+ # * domain-domain
647
+ # * project-team-projectId
648
+ # * allUsers
649
+ # * allAuthenticatedUsers
650
+ #
651
+ # @example
652
+ # require "google/cloud"
653
+ #
654
+ # gcloud = Google::Cloud.new
655
+ # storage = gcloud.storage
656
+ #
657
+ # bucket = storage.bucket "my-bucket"
658
+ #
659
+ # email = "heidi@example.net"
660
+ # bucket.default_acl.delete "user-#{email}"
661
+ #
662
+ def delete entity
663
+ @service.delete_default_acl @bucket, entity
664
+ @owners.delete entity unless @owners.nil?
665
+ @readers.delete entity unless @readers.nil?
666
+ true
667
+ end
668
+
669
+ # @private
670
+ def self.predefined_rule_for rule_name
671
+ RULES[rule_name.to_s]
672
+ end
673
+
674
+ # Predefined ACL helpers
675
+
676
+ ##
677
+ # Convenience method to apply the default `authenticatedRead`
678
+ # predefined ACL rule to files in the bucket.
679
+ #
680
+ # @example
681
+ # require "google/cloud"
682
+ #
683
+ # gcloud = Google::Cloud.new
684
+ # storage = gcloud.storage
685
+ #
686
+ # bucket = storage.bucket "my-bucket"
687
+ #
688
+ # bucket.acl.auth!
689
+ #
690
+ def auth!
691
+ update_predefined_default_acl! "authenticatedRead"
692
+ end
693
+ alias_method :authenticatedRead!, :auth!
694
+ alias_method :auth_read!, :auth!
695
+ alias_method :authenticated!, :auth!
696
+ alias_method :authenticated_read!, :auth!
697
+
698
+ ##
699
+ # Convenience method to apply the default `bucketOwnerFullControl`
700
+ # predefined ACL rule to files in the bucket.
701
+ #
702
+ # @example
703
+ # require "google/cloud"
704
+ #
705
+ # gcloud = Google::Cloud.new
706
+ # storage = gcloud.storage
707
+ #
708
+ # bucket = storage.bucket "my-bucket"
709
+ #
710
+ # bucket.acl.owner_full!
711
+ #
712
+ def owner_full!
713
+ update_predefined_default_acl! "bucketOwnerFullControl"
714
+ end
715
+ alias_method :bucketOwnerFullControl!, :owner_full!
716
+
717
+ ##
718
+ # Convenience method to apply the default `bucketOwnerRead`
719
+ # predefined ACL rule to files in the bucket.
720
+ #
721
+ # @example
722
+ # require "google/cloud"
723
+ #
724
+ # gcloud = Google::Cloud.new
725
+ # storage = gcloud.storage
726
+ #
727
+ # bucket = storage.bucket "my-bucket"
728
+ #
729
+ # bucket.acl.owner_read!
730
+ #
731
+ def owner_read!
732
+ update_predefined_default_acl! "bucketOwnerRead"
733
+ end
734
+ alias_method :bucketOwnerRead!, :owner_read!
735
+
736
+ ##
737
+ # Convenience method to apply the default `private`
738
+ # predefined ACL rule to files in the bucket.
739
+ #
740
+ # @example
741
+ # require "google/cloud"
742
+ #
743
+ # gcloud = Google::Cloud.new
744
+ # storage = gcloud.storage
745
+ #
746
+ # bucket = storage.bucket "my-bucket"
747
+ #
748
+ # bucket.acl.private!
749
+ #
750
+ def private!
751
+ update_predefined_default_acl! "private"
752
+ end
753
+
754
+ ##
755
+ # Convenience method to apply the default `projectPrivate`
756
+ # predefined ACL rule to files in the bucket.
757
+ #
758
+ # @example
759
+ # require "google/cloud"
760
+ #
761
+ # gcloud = Google::Cloud.new
762
+ # storage = gcloud.storage
763
+ #
764
+ # bucket = storage.bucket "my-bucket"
765
+ #
766
+ # bucket.acl.project_private!
767
+ #
768
+ def project_private!
769
+ update_predefined_default_acl! "projectPrivate"
770
+ end
771
+ alias_method :projectPrivate!, :project_private!
772
+
773
+ ##
774
+ # Convenience method to apply the default `publicRead`
775
+ # predefined ACL rule to files in the bucket.
776
+ #
777
+ # @example
778
+ # require "google/cloud"
779
+ #
780
+ # gcloud = Google::Cloud.new
781
+ # storage = gcloud.storage
782
+ #
783
+ # bucket = storage.bucket "my-bucket"
784
+ #
785
+ # bucket.acl.public!
786
+ #
787
+ def public!
788
+ update_predefined_default_acl! "publicRead"
789
+ end
790
+ alias_method :publicRead!, :public!
791
+ alias_method :public_read!, :public!
792
+
793
+ protected
794
+
795
+ def clear!
796
+ @owners = nil
797
+ @readers = nil
798
+ self
799
+ end
800
+
801
+ def update_predefined_default_acl! acl_role
802
+ @service.patch_bucket @bucket, predefined_default_acl: acl_role
803
+ clear!
804
+ end
805
+
806
+ def entities_from_acls acls, role
807
+ selected = acls.select { |acl| acl.role == role }
808
+ entities = selected.map(&:entity)
809
+ entities
810
+ end
811
+ end
812
+ end
813
+ end
814
+ end
815
+ end