public void TestRemoveBucketConditionalIamBinding()
{
AddBucketConditionalIamBindingSample addBucketConditionalIamBindingSample = new AddBucketConditionalIamBindingSample();
RemoveBucketConditionalIamBindingSample removeBucketConditionalIamBindingSample = new RemoveBucketConditionalIamBindingSample();
ViewBucketIamMembersSample viewBucketIamMembersSample = new ViewBucketIamMembersSample();
EnableUniformBucketLevelAccessSample enableUniformBucketLevelAccessSample = new EnableUniformBucketLevelAccessSample();
DisableUniformBucketLevelAccessSample disableUniformBucketLevelAccessSample = new DisableUniformBucketLevelAccessSample();
string memberType = "serviceAccount";
string role = "roles/storage.objectViewer";
// Enable Uniform bucket level access.
enableUniformBucketLevelAccessSample.EnableUniformBucketLevelAccess(_fixture.BucketNameGeneric);
_fixture.SleepAfterBucketCreateUpdateDelete();
// Add Conditional Binding.
addBucketConditionalIamBindingSample.AddBucketConditionalIamBinding(_fixture.BucketNameGeneric,
role, $"{memberType}:{_fixture.ServiceAccountEmail}", "title", "description",
"resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")");
_fixture.SleepAfterBucketCreateUpdateDelete();
// Remove Conditional Binding.
removeBucketConditionalIamBindingSample.RemoveBucketConditionalIamBinding(_fixture.BucketNameGeneric,
role, "title", "description",
"resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")");
_fixture.SleepAfterBucketCreateUpdateDelete();
// Get Bucket Iam Members.
var policy = viewBucketIamMembersSample.ViewBucketIamMembers(_fixture.BucketNameGeneric);
Assert.DoesNotContain(policy.Bindings, c => c.Members.Contains($"{memberType}:{_fixture.ServiceAccountEmail}"));
// Disable Uniform bucket level access
disableUniformBucketLevelAccessSample.DisableUniformBucketLevelAccess(_fixture.BucketNameGeneric);
_fixture.SleepAfterBucketCreateUpdateDelete();
}
public void TestRemoveBucketIamMember()
{
string role = "roles/storage.objectViewer";
string memberType = "serviceAccount";
var addBucketIamMemberSample = new AddBucketIamMemberSample();
RemoveBucketIamMemberSample removeBucketIamMemberSample = new RemoveBucketIamMemberSample();
ViewBucketIamMembersSample viewBucketIamMembersSample = new ViewBucketIamMembersSample();
// Add bucket Iam member.
addBucketIamMemberSample.AddBucketIamMember(_bucketFixture.BucketNameGeneric, role, $"{memberType}:{_bucketFixture.ServiceAccountEmail}");
// Remove bucket Iam member.
removeBucketIamMemberSample.RemoveBucketIamMember(_bucketFixture.BucketNameGeneric, role, $"{memberType}:{_bucketFixture.ServiceAccountEmail}");
// Get bucket Iam member.
var result = viewBucketIamMembersSample.ViewBucketIamMembers(_bucketFixture.BucketNameGeneric);
Assert.DoesNotContain(result.Bindings.Where(b => b.Role == role).SelectMany(b => b.Members), m => m == $"{memberType}:{_bucketFixture.ServiceAccountEmail}");
}