Reference documentation and code samples for the BigQuery API class Google::Cloud::Bigquery::Dataset::Access.
Dataset Access Control
Represents the access control rules for a Google::Cloud::Bigquery::Dataset.
Inherits
- Object
Example
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_owner_group "owners@example.com" access.add_writer_user "writer@example.com" access.remove_writer_user "readers@example.com" access.add_reader_special :all_users end
Methods
#add_owner_domain
def add_owner_domain(domain)
Add owner access to a domain.
- domain (String) — A Cloud Identity domain.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_owner_domain "example.com" end
#add_owner_group
def add_owner_group(email)
Add owner access to a group.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_owner_group "entity@example.com" end
#add_owner_iam_member
def add_owner_iam_member(identity)
Add owner access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_owner_iam_member "entity@example.com" end
#add_owner_special
def add_owner_special(group)
Add owner access to a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_owner_special :all_users end
#add_owner_user
def add_owner_user(email)
Add owner access to a user.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_owner_user "entity@example.com" end
#add_reader_dataset
def add_reader_dataset(dataset)
Add reader access to a dataset.
- dataset (Google::Cloud::Bigquery::DatasetAccessEntry, Hash<String,String>) — A DatasetAccessEntry or a Hash object. Required
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true params = { dataset_id: other_dataset.dataset_id, project_id: other_dataset.project_id, target_types: ["VIEWS"] } dataset.access do |access| access.add_reader_dataset params end
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true dataset.access do |access| access.add_reader_dataset other_dataset.access_entry(target_types: ["VIEWS"]) end
#add_reader_domain
def add_reader_domain(domain)
Add reader access to a domain.
- domain (String) — A Cloud Identity domain.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_reader_domain "example.com" end
#add_reader_group
def add_reader_group(email)
Add reader access to a group.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_reader_group "entity@example.com" end
#add_reader_iam_member
def add_reader_iam_member(identity)
Add reader access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_reader_iam_member "entity@example.com" end
#add_reader_routine
def add_reader_routine(routine)
Add access to a routine from a different dataset. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation.
- routine (Google::Cloud::Bigquery::Routine) — A routine object.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true routine = other_dataset.routine "my_routine" dataset.access do |access| access.add_reader_routine routine end
#add_reader_special
def add_reader_special(group)
Add reader access to a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_reader_special :all_users end
#add_reader_user
def add_reader_user(email)
Add reader access to a user.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_reader_user "entity@example.com" end
#add_reader_view
def add_reader_view(view)
Add reader access to a view.
-
view (Google::Cloud::Bigquery::Table, String) — A table object,
or a string identifier as specified by the Standard SQL Query
Reference
(
project-name.dataset_id.table_id
) or the Legacy SQL Query Reference (project-name:dataset_id.table_id
).
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true view = other_dataset.table "my_view", skip_lookup: true dataset.access do |access| access.add_reader_view view end
#add_writer_domain
def add_writer_domain(domain)
Add writer access to a domain.
- domain (String) — A Cloud Identity domain.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_writer_domain "example.com" end
#add_writer_group
def add_writer_group(email)
Add writer access to a group.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_writer_group "entity@example.com" end
#add_writer_iam_member
def add_writer_iam_member(identity)
Add writer access to some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_writer_iam_member "entity@example.com" end
#add_writer_special
def add_writer_special(group)
Add writer access to a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_writer_special :all_users end
#add_writer_user
def add_writer_user(email)
Add writer access to a user.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.add_writer_user "entity@example.com" end
#owner_domain?
def owner_domain?(domain) -> Boolean
Checks owner access for a domain.
- domain (String) — A Cloud Identity domain.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.owner_domain? "example.com" #=> false
#owner_group?
def owner_group?(email) -> Boolean
Checks owner access for a group.
- email (String) — The email address for the entity.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.owner_group? "entity@example.com" #=> false
#owner_iam_member?
def owner_iam_member?(identity) -> Boolean
Checks owner access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.owner_iam_member? "entity@example.com" #=> false
#owner_special?
def owner_special?(group) -> Boolean
Checks owner access for a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.owner_special? :all_users #=> false
#owner_user?
def owner_user?(email) -> Boolean
Checks owner access for a user.
- email (String) — The email address for the entity.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.owner_user? "entity@example.com" #=> false
#reader_dataset?
def reader_dataset?(dataset) -> Boolean
Checks reader access for a dataset.
- dataset (Google::Cloud::Bigquery::DatasetAccessEntry, Hash<String,String>) — A DatasetAccessEntry or a Hash object. Required
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true params = { dataset_id: other_dataset.dataset_id, project_id: other_dataset.project_id, target_types: ["VIEWS"] } dataset.access.reader_dataset? params
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true dataset.access.reader_dataset? other_dataset.access_entry(target_types: ["VIEWS"])
#reader_domain?
def reader_domain?(domain) -> Boolean
Checks reader access for a domain.
- domain (String) — A Cloud Identity domain.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.reader_domain? "example.com" #=> false
#reader_group?
def reader_group?(email) -> Boolean
Checks reader access for a group.
- email (String) — The email address for the entity.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.reader_group? "entity@example.com" #=> false
#reader_iam_member?
def reader_iam_member?(identity) -> Boolean
Checks reader access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.reader_iam_member? "entity@example.com" #=> false
#reader_routine?
def reader_routine?(routine) -> Boolean
Checks access for a routine from a different dataset. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation.
- routine (Google::Cloud::Bigquery::Routine) — A routine object.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true routine = other_dataset.routine "my_routine", skip_lookup: true access = dataset.access access.reader_routine? routine #=> false
#reader_special?
def reader_special?(group) -> Boolean
Checks reader access for a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.reader_special? :all_users #=> false
#reader_user?
def reader_user?(email) -> Boolean
Checks reader access for a user.
- email (String) — The email address for the entity.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.reader_user? "entity@example.com" #=> false
#reader_view?
def reader_view?(view) -> Boolean
Checks reader access for a view.
-
view (Google::Cloud::Bigquery::Table, String) — A table object,
or a string identifier as specified by the Standard SQL Query
Reference
(
project-name.dataset_id.table_id
) or the Legacy SQL Query Reference (project-name:dataset_id.table_id
).
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true view = other_dataset.table "my_view", skip_lookup: true access = dataset.access access.reader_view? view #=> false
#remove_owner_domain
def remove_owner_domain(domain)
Remove owner access from a domain.
- domain (String) — A Cloud Identity domain.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_owner_domain "example.com" end
#remove_owner_group
def remove_owner_group(email)
Remove owner access from a group.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_owner_group "entity@example.com" end
#remove_owner_iam_member
def remove_owner_iam_member(identity)
Remove owner access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_owner_iam_member "entity@example.com" end
#remove_owner_special
def remove_owner_special(group)
Remove owner access from a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_owner_special :all_users end
#remove_owner_user
def remove_owner_user(email)
Remove owner access from a user.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_owner_user "entity@example.com" end
#remove_reader_dataset
def remove_reader_dataset(dataset)
Removes reader access of a dataset.
- dataset (Google::Cloud::Bigquery::DatasetAccessEntry, Hash<String,String>) — A DatasetAccessEntry or a Hash object. Required
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true params = { dataset_id: other_dataset.dataset_id, project_id: other_dataset.project_id, target_types: ["VIEWS"] } dataset.access do |access| access.remove_reader_dataset params end
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true dataset.access do |access| access.remove_reader_dataset other_dataset.access_entry(target_types: ["VIEWS"]) end
#remove_reader_domain
def remove_reader_domain(domain)
Remove reader access from a domain.
- domain (String) — A Cloud Identity domain.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_reader_domain "example.com" end
#remove_reader_group
def remove_reader_group(email)
Remove reader access from a group.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_reader_group "entity@example.com" end
#remove_reader_iam_member
def remove_reader_iam_member(identity)
Remove reader access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_reader_iam_member "entity@example.com" end
#remove_reader_routine
def remove_reader_routine(routine)
Remove reader access from a routine from a different dataset.
- routine (Google::Cloud::Bigquery::Routine) — A routine object.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true routine = other_dataset.routine "my_routine", skip_lookup: true dataset.access do |access| access.remove_reader_routine routine end
#remove_reader_special
def remove_reader_special(group)
Remove reader access from a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_reader_special :all_users end
#remove_reader_user
def remove_reader_user(email)
Remove reader access from a user.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_reader_user "entity@example.com" end
#remove_reader_view
def remove_reader_view(view)
Remove reader access from a view.
-
view (Google::Cloud::Bigquery::Table, String) — A table object,
or a string identifier as specified by the Standard SQL Query
Reference
(
project-name.dataset_id.table_id
) or the Legacy SQL Query Reference (project-name:dataset_id.table_id
).
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" other_dataset = bigquery.dataset "my_other_dataset", skip_lookup: true view = other_dataset.table "my_view", skip_lookup: true dataset.access do |access| access.remove_reader_view view end
#remove_writer_domain
def remove_writer_domain(domain)
Remove writer access from a domain.
- domain (String) — A Cloud Identity domain.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_writer_domain "example.com" end
#remove_writer_group
def remove_writer_group(email)
Remove writer access from a group.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_writer_group "entity@example.com" end
#remove_writer_iam_member
def remove_writer_iam_member(identity)
Remove writer access from some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_writer_iam_member "entity@example.com" end
#remove_writer_special
def remove_writer_special(group)
Remove writer access from a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_writer_special :all_users end
#remove_writer_user
def remove_writer_user(email)
Remove writer access from a user.
- email (String) — The email address for the entity.
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" dataset.access do |access| access.remove_writer_user "entity@example.com" end
#rules
def rules()
Returns the value of attribute rules.
#writer_domain?
def writer_domain?(domain) -> Boolean
Checks writer access for a domain.
- domain (String) — A Cloud Identity domain.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.writer_domain? "example.com" #=> false
#writer_group?
def writer_group?(email) -> Boolean
Checks writer access for a group.
- email (String) — The email address for the entity.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.writer_group? "entity@example.com" #=> false
#writer_iam_member?
def writer_iam_member?(identity) -> Boolean
Checks writer access for some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.
- identity (String) — The identity reference.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.writer_iam_member? "entity@example.com" #=> false
#writer_special?
def writer_special?(group) -> Boolean
Checks writer access for a special group.
-
group (String) — Accepted values are
owners
,writers
,readers
,all_authenticated_users
, andall_users
.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.writer_special? :all_users #=> false
#writer_user?
def writer_user?(email) -> Boolean
Checks writer access for a user.
- email (String) — The email address for the entity.
- (Boolean)
require "google/cloud/bigquery" bigquery = Google::Cloud::Bigquery.new dataset = bigquery.dataset "my_dataset" access = dataset.access access.writer_user? "entity@example.com" #=> false