public async Task SetBucketIamPolicy() { var projectId = _fixture.ProjectId; var bucketName = IdGenerator.FromGuid(); _fixture.RegisterBucketToDelete(bucketName); // Snippet: SetBucketIamPolicy(string, *, *) // Create a new bucket and an empty file within it StorageClient client = StorageClient.Create(); Bucket bucket = client.CreateBucket(projectId, bucketName); var obj = client.UploadObject(bucketName, "empty.txt", "text/plain", new MemoryStream()); // Demonstrate that without authentication, we can't download the object HttpClient httpClient = new HttpClient(); HttpResponseMessage response1 = await httpClient.GetAsync(obj.MediaLink); Console.WriteLine($"Response code before setting policy: {response1.StatusCode}"); // Fetch the current IAM policy, and modify it in memory to allow all users // to view objects. Policy policy = client.GetBucketIamPolicy(bucketName); string role = "roles/storage.objectViewer"; Policy.BindingsData binding = policy.Bindings .Where(b => b.Role == role) .FirstOrDefault(); if (binding == null) { binding = new Policy.BindingsData { Role = role, Members = new List <string>() }; policy.Bindings.Add(binding); } binding.Members.Add("allUsers"); // Update the IAM policy on the bucket. client.SetBucketIamPolicy(bucketName, policy); // Wait 10 seconds to allow the policy to be applied. // (Normally the policy change is visible pretty much immediately, but // 10 seconds makes this very reliable.) await Task.Delay(TimeSpan.FromSeconds(10)); // Download the object again: this time the response should be OK HttpResponseMessage response2 = await httpClient.GetAsync(obj.MediaLink); Console.WriteLine($"Response code after setting policy: {response2.StatusCode}"); // End snippet StorageSnippetFixture.SleepAfterBucketCreateDelete(); Assert.Equal(HttpStatusCode.Unauthorized, response1.StatusCode); Assert.Equal(HttpStatusCode.OK, response2.StatusCode); }
public void GetBucketIamPolicy() { var bucketName = _fixture.BucketName; // Snippet: GetBucketIamPolicy(string,*) StorageClient client = StorageClient.Create(); Policy policy = client.GetBucketIamPolicy(bucketName); foreach (Policy.BindingsData binding in policy.Bindings) { Console.WriteLine($"Role: {binding.Role}"); foreach (var permission in binding.Members) { Console.WriteLine($" {permission}"); } } // End snippet }