private void CreateBucket()
{
//objects in bucket are public by default
ObjectAccessControl defaultAccess = new ObjectAccessControl();
defaultAccess.Entity = "allUsers";
defaultAccess.Role = "READER";
Bucket bucket = new Bucket();
bucket.Name = Bucket;
bucket.DefaultObjectAcl = new List <ObjectAccessControl> {
defaultAccess
};
try
{
Client.CreateBucket(Project, bucket);
}
catch (GoogleApiException ex)
{
if (ex.Error.Code != BUCKET_EXISTS)
{
throw ex;
}
}
}
public static bool TryGetObjectAccessControl(this StoragePermissions permissions, StorageActor actor, out ObjectAccessControl ac)
{
if (permissions == StoragePermissions.None)
{
ac = null;
return(false);
}
ac = new ObjectAccessControl();
ac.Role = permissions == StoragePermissions.Read ? "READER" : "OWNER";
switch (actor.ActorType)
{
case StorageActorType.Authenticated:
ac.Entity = "allAuthenticatedUsers";
break;
case StorageActorType.Public:
ac.Entity = "allUsers";
break;
case StorageActorType.User:
ac.Entity = $"user-{actor.Id}";
ac.EntityId = actor.Id;
break;
case StorageActorType.Group:
ac.Entity = $"group-{actor.Id}";
ac.EntityId = actor.Id;
break;
default:
ac = null;
return(false);
}
return(true);
}
public static StoragePermissions GetStoragePermissions(this ObjectAccessControl ac)
{
if (StringComparer.OrdinalIgnoreCase.Equals("READER", ac.Role))
{
return(StoragePermissions.Read);
}
if (StringComparer.OrdinalIgnoreCase.Equals("OWNER", ac.Role))
{
return(StoragePermissions.Full);
}
return(StoragePermissions.None);
}
protected override void ProcessRecord()
{
base.ProcessRecord();
ObjectAccessControl defaultAcl = new ObjectAccessControl()
{
Role = Role.ToUpper(),
Entity = GetAclEntity(),
};
DefaultObjectAccessControlsResource.InsertRequest request = Service.DefaultObjectAccessControls.Insert(defaultAcl, Name);
ObjectAccessControl response = request.Execute();
WriteObject(response);
}
/// <summary>
/// Updates a default object ACL entry on the specified bucket.
/// Documentation https://developers.google.com/storage/v1/reference/defaultObjectAccessControls/update
/// Generation Note: This does not always build corectly. Google needs to standardise things I need to figuer out which ones are wrong.
/// </summary>
/// <param name="service">Authenticated Storage service.</param>
/// <param name="bucket">Name of a bucket.</param>
/// <param name="entity">The entity holding the permission. Can be user-userId, user-emailAddress, group-groupId, group-emailAddress, allUsers, or allAuthenticatedUsers.</param>
/// <param name="body">A valid Storage v1 body.</param>
/// <param name="optional">Optional paramaters.</param>
/// <returns>ObjectAccessControlResponse</returns>
public static ObjectAccessControl Update(StorageService service, string bucket, string entity, ObjectAccessControl body, DefaultObjectAccessControlsUpdateOptionalParms optional = null)
{
try
{
// Initial validation.
if (service == null)
{
throw new ArgumentNullException("service");
}
if (body == null)
{
throw new ArgumentNullException("body");
}
if (bucket == null)
{
throw new ArgumentNullException(bucket);
}
if (entity == null)
{
throw new ArgumentNullException(entity);
}
// Building the initial request.
var request = service.DefaultObjectAccessControls.Update(body, bucket, entity);
// Applying optional parameters to the request.
request = (DefaultObjectAccessControlsResource.UpdateRequest)SampleHelpers.ApplyOptionalParms(request, optional);
// Requesting data.
return(request.Execute());
}
catch (Exception ex)
{
throw new Exception("Request DefaultObjectAccessControls.Update failed.", ex);
}
}
/// <summary>
/// Updates a default object ACL entry on the specified bucket.
/// Documentation https://developers.google.com/storage/v1/reference/defaultObjectAccessControls/update
/// Generation Note: This does not always build corectly. Google needs to standardise things I need to figuer out which ones are wrong.
/// </summary>
/// <param name="service">Authenticated storage service.</param>
/// <param name="bucket">Name of a bucket.</param>
/// <param name="entity">The entity holding the permission. Can be user-userId, user-emailAddress, group-groupId, group-emailAddress, allUsers, or allAuthenticatedUsers.</param>
/// <param name="body">A valid storage v1 body.</param>
/// <returns>ObjectAccessControlResponse</returns>
public static ObjectAccessControl Update(storageService service, string bucket, string entity, ObjectAccessControl body)
{
try
{
// Initial validation.
if (service == null)
{
throw new ArgumentNullException("service");
}
if (body == null)
{
throw new ArgumentNullException("body");
}
if (bucket == null)
{
throw new ArgumentNullException(bucket);
}
if (entity == null)
{
throw new ArgumentNullException(entity);
}
// Make the request.
return(service.DefaultObjectAccessControls.Update(body, bucket, entity).Execute());
}
catch (Exception ex)
{
throw new Exception("Request DefaultObjectAccessControls.Update failed.", ex);
}
}
/// <summary>
/// Adjusts the ACL for an uploaded object so that a SQL instance can access it.
/// </summary>
public void AdjustAcl(Apis.Storage.v1.Data.Object bucketObject, string instanceEmail)
{
ObjectAccessControl body = new ObjectAccessControl();
body.Bucket = bucketObject.Bucket;
body.Entity = "user-" + instanceEmail;
body.Role = "OWNER";
body.Object__ = bucketObject.Name;
ObjectAccessControlsResource.InsertRequest aclRequest =
_bucketService.ObjectAccessControls.Insert(body, bucketObject.Bucket, bucketObject.Name);
try
{
aclRequest.Execute();
}
catch (Exception e)
{
DeleteObject(bucketObject);
_bucketService.Buckets.Delete(bucketObject.Bucket).Execute();
throw e;
}
}
protected override void ProcessRecord()
{
base.ProcessRecord();
ObjectAccessControl objAcl = new ObjectAccessControl()
{
Role = Role.ToUpper(),
Entity = GetAclEntity(),
};
ObjectAccessControlsResource.InsertRequest request = Service.ObjectAccessControls.Insert(objAcl, Bucket, ObjectName);
ObjectAccessControl response = request.Execute();
WriteObject(response);
}
