BigQuery API - Class Google::Cloud::Bigquery::Dataset::Access (v1.41.0)

Reference documentation and code samples for the BigQuery API class Google::Cloud::Bigquery::Dataset::Access.

Dataset Access Control

Represents the access control rules for a Google::Cloud::Bigquery::Dataset.

Inherits

Object

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_group "owners@example.com"
  access.add_writer_user "writer@example.com"
  access.remove_writer_user "readers@example.com"
  access.add_reader_special :all_users
end

Methods

#add_owner_domain

def add_owner_domain(domain)

Add owner access to a domain.

Parameter

domain (String) — A Cloud Identity domain.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_domain "example.com"
end

#add_owner_group

def add_owner_group(email)

Add owner access to a group.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_group "entity@example.com"
end

#add_owner_iam_member

def add_owner_iam_member(identity)

Add owner access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_iam_member "entity@example.com"
end

#add_owner_special

def add_owner_special(group)

Add owner access to a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_special :all_users
end

#add_owner_user

def add_owner_user(email)

Add owner access to a user.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_user "entity@example.com"
end

#add_reader_domain

def add_reader_domain(domain)

Add reader access to a domain.

Parameter

domain (String) — A Cloud Identity domain.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_domain "example.com"
end

#add_reader_group

def add_reader_group(email)

Add reader access to a group.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_group "entity@example.com"
end

#add_reader_iam_member

def add_reader_iam_member(identity)

Add reader access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_iam_member "entity@example.com"
end

#add_reader_routine

def add_reader_routine(routine)

Add access to a routine from a different dataset. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation.

Parameter

routine (Google::Cloud::Bigquery::Routine) — A routine object.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

routine = other_dataset.routine "my_routine"

dataset.access do |access|
  access.add_reader_routine routine
end

#add_reader_special

def add_reader_special(group)

Add reader access to a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_special :all_users
end

#add_reader_user

def add_reader_user(email)

Add reader access to a user.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_reader_user "entity@example.com"
end

#add_reader_view

def add_reader_view(view)

Add reader access to a view.

Parameter

view (Google::Cloud::Bigquery::Table, String) — A table object, or a string identifier as specified by the Standard SQL Query Reference (project-name.dataset_id.table_id) or the Legacy SQL Query Reference (project-name:dataset_id.table_id).

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

view = other_dataset.table "my_view", skip_lookup: true

dataset.access do |access|
  access.add_reader_view view
end

#add_writer_domain

def add_writer_domain(domain)

Add writer access to a domain.

Parameter

domain (String) — A Cloud Identity domain.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_domain "example.com"
end

#add_writer_group

def add_writer_group(email)

Add writer access to a group.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_group "entity@example.com"
end

#add_writer_iam_member

def add_writer_iam_member(identity)

Add writer access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_iam_member "entity@example.com"
end

#add_writer_special

def add_writer_special(group)

Add writer access to a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_special :all_users
end

#add_writer_user

def add_writer_user(email)

Add writer access to a user.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_writer_user "entity@example.com"
end

#owner_domain?

def owner_domain?(domain) -> Boolean

Checks owner access for a domain.

Parameter

domain (String) — A Cloud Identity domain.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_domain? "example.com" #=> false

#owner_group?

def owner_group?(email) -> Boolean

Checks owner access for a group.

Parameter

email (String) — The email address for the entity.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_group? "entity@example.com" #=> false

#owner_iam_member?

def owner_iam_member?(identity) -> Boolean

Checks owner access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_iam_member? "entity@example.com" #=> false

#owner_special?

def owner_special?(group) -> Boolean

Checks owner access for a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_special? :all_users #=> false

#owner_user?

def owner_user?(email) -> Boolean

Checks owner access for a user.

Parameter

email (String) — The email address for the entity.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.owner_user? "entity@example.com" #=> false

#reader_domain?

def reader_domain?(domain) -> Boolean

Checks reader access for a domain.

Parameter

domain (String) — A Cloud Identity domain.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_domain? "example.com" #=> false

#reader_group?

def reader_group?(email) -> Boolean

Checks reader access for a group.

Parameter

email (String) — The email address for the entity.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_group? "entity@example.com" #=> false

#reader_iam_member?

def reader_iam_member?(identity) -> Boolean

Checks reader access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_iam_member? "entity@example.com" #=> false

#reader_routine?

def reader_routine?(routine) -> Boolean

Checks access for a routine from a different dataset. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation.

Parameter

routine (Google::Cloud::Bigquery::Routine) — A routine object.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

routine = other_dataset.routine "my_routine", skip_lookup: true

access = dataset.access
access.reader_routine? routine #=> false

#reader_special?

def reader_special?(group) -> Boolean

Checks reader access for a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_special? :all_users #=> false

#reader_user?

def reader_user?(email) -> Boolean

Checks reader access for a user.

Parameter

email (String) — The email address for the entity.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.reader_user? "entity@example.com" #=> false

#reader_view?

def reader_view?(view) -> Boolean

Checks reader access for a view.

Parameter

view (Google::Cloud::Bigquery::Table, String) — A table object, or a string identifier as specified by the Standard SQL Query Reference (project-name.dataset_id.table_id) or the Legacy SQL Query Reference (project-name:dataset_id.table_id).

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

view = other_dataset.table "my_view", skip_lookup: true

access = dataset.access
access.reader_view? view #=> false

#remove_owner_domain

def remove_owner_domain(domain)

Remove owner access from a domain.

Parameter

domain (String) — A Cloud Identity domain.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_domain "example.com"
end

#remove_owner_group

def remove_owner_group(email)

Remove owner access from a group.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_group "entity@example.com"
end

#remove_owner_iam_member

def remove_owner_iam_member(identity)

Remove owner access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_iam_member "entity@example.com"
end

#remove_owner_special

def remove_owner_special(group)

Remove owner access from a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_special :all_users
end

#remove_owner_user

def remove_owner_user(email)

Remove owner access from a user.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_owner_user "entity@example.com"
end

#remove_reader_domain

def remove_reader_domain(domain)

Remove reader access from a domain.

Parameter

domain (String) — A Cloud Identity domain.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_domain "example.com"
end

#remove_reader_group

def remove_reader_group(email)

Remove reader access from a group.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_group "entity@example.com"
end

#remove_reader_iam_member

def remove_reader_iam_member(identity)

Remove reader access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_iam_member "entity@example.com"
end

#remove_reader_routine

def remove_reader_routine(routine)

Remove reader access from a routine from a different dataset.

Parameter

routine (Google::Cloud::Bigquery::Routine) — A routine object.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

routine = other_dataset.routine "my_routine", skip_lookup: true

dataset.access do |access|
  access.remove_reader_routine routine
end

#remove_reader_special

def remove_reader_special(group)

Remove reader access from a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_special :all_users
end

#remove_reader_user

def remove_reader_user(email)

Remove reader access from a user.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_reader_user "entity@example.com"
end

#remove_reader_view

def remove_reader_view(view)

Remove reader access from a view.

Parameter

view (Google::Cloud::Bigquery::Table, String) — A table object, or a string identifier as specified by the Standard SQL Query Reference (project-name.dataset_id.table_id) or the Legacy SQL Query Reference (project-name:dataset_id.table_id).

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"
other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true

view = other_dataset.table "my_view", skip_lookup: true

dataset.access do |access|
  access.remove_reader_view view
end

#remove_writer_domain

def remove_writer_domain(domain)

Remove writer access from a domain.

Parameter

domain (String) — A Cloud Identity domain.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_domain "example.com"
end

#remove_writer_group

def remove_writer_group(email)

Remove writer access from a group.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_group "entity@example.com"
end

#remove_writer_iam_member

def remove_writer_iam_member(identity)

Remove writer access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_iam_member "entity@example.com"
end

#remove_writer_special

def remove_writer_special(group)

Remove writer access from a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_special :all_users
end

#remove_writer_user

def remove_writer_user(email)

Remove writer access from a user.

Parameter

email (String) — The email address for the entity.

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.remove_writer_user "entity@example.com"
end

#writer_domain?

def writer_domain?(domain) -> Boolean

Checks writer access for a domain.

Parameter

domain (String) — A Cloud Identity domain.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_domain? "example.com" #=> false

#writer_group?

def writer_group?(email) -> Boolean

Checks writer access for a group.

Parameter

email (String) — The email address for the entity.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_group? "entity@example.com" #=> false

#writer_iam_member?

def writer_iam_member?(identity) -> Boolean

Checks writer access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

Parameter

identity (String) — The identity reference.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_iam_member? "entity@example.com" #=> false

#writer_special?

def writer_special?(group) -> Boolean

Checks writer access for a special group.

Parameter

group (String) — Accepted values are owners, writers, readers, all_authenticated_users, and all_users.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_special? :all_users #=> false

#writer_user?

def writer_user?(email) -> Boolean

Checks writer access for a user.

Parameter

email (String) — The email address for the entity.

Returns

(Boolean)

Example

require "google/cloud/bigquery"

bigquery = Google::Cloud::Bigquery.new
dataset = bigquery.dataset "my_dataset"

access = dataset.access
access.writer_user? "entity@example.com" #=> false