Google Cloud PHP shared dependency, providing functionality useful to all components. Client - Class PolicyBuilder (1.60.0)

Reference documentation and code samples for the Google Cloud PHP shared dependency, providing functionality useful to all components. Client class PolicyBuilder.

Helper class for creating valid IAM policies

Example:

use Google\Cloud\Core\Iam\PolicyBuilder;

$builder = new PolicyBuilder();
$builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);
$result = $builder->result();

Namespace

Google \ Cloud \ Core \ Iam

Methods

__construct

See also:

Example: ``` $policy = [ 'etag' => 'AgIc==', 'version' => 3, 'bindings' => [ [ 'role' => 'roles/admin', 'members' => [ 'user:admin@domain.com', 'user2:admin@domain.com' ], 'condition' => [ 'title' => 'match-prefix', 'description' => 'Applies to objects matching a prefix', 'expression' => 'resource.name.startsWith("projects/_/buckets/bucket-name/objects/prefix-a-")' ] ] ], ];

$builder = new PolicyBuilder($policy); ```

Parameter
Name Description
policy array

A policy array

setBindings

Override all stored bindings on the policy.

Example:

$builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com'
        ],
        'condition' => [
            'expression' =>
                'request.time < timestamp("2020-07-01T00:00:00.000Z")'
        ]
    ]
]);
Parameter
Name Description
bindings array

[optional] An array of bindings

Returns
Type Description
PolicyBuilder

addBinding

Add a new binding to the policy.

This method will fail with an InvalidOpereationException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

$builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);
Parameters
Name Description
role string

A valid role for the service

members array

An array of members to assign to the binding

Returns
Type Description
PolicyBuilder

removeBinding

Remove a binding from the policy.

This method will fail with a BadMethodCallException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

$builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com',
            'user2:admin@domain.com'
        ]
    ]
]);
$builder->removeBinding('roles/admin', [ 'user:admin@domain.com' ]);
Parameters
Name Description
role string

A valid role for the service

members array

An array of members to remove from the role

Returns
Type Description
PolicyBuilder

setEtag

Update the etag on the policy.

Example:

$builder->setEtag($oldPolicy['etag']);
Parameter
Name Description
etag string

used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that updates to existing policies make use of the etag to avoid race conditions.

Returns
Type Description
PolicyBuilder

setVersion

Update the version of the policy.

Example:

$builder->setVersion(1);
Parameter
Name Description
version int

Version of the Policy. Defaults to 0.

Returns
Type Description
PolicyBuilder

result

Create a policy array with data in the correct format.

Example:

$policy = $builder->result();
Returns
Type Description
array An array of policy data