Bucket Access Control List
Represents a Bucket's Access Control List.
Inherits
- Object
Example
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.readers.each { |reader| puts reader }
Methods
#add_owner
def add_owner(entity) -> String
Grants owner permission to the bucket.
-
entity (String) —
The entity holding the permission, in one of the following forms:
- user-userId
- user-email
- group-groupId
- group-email
- domain-domain
- project-team-projectId
- allUsers
- allAuthenticatedUsers
- (String) — The entity.
Grant access to a user by prepending "user-"
to an email:
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" email = "heidi@example.net" bucket.acl.add_owner "user-#{email}"
Grant access to a group by prepending "group-"
to email:
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" email = "authors@example.net" bucket.acl.add_owner "group-#{email}"
#add_reader
def add_reader(entity) -> String
Grants reader permission to the bucket.
-
entity (String) —
The entity holding the permission, in one of the following forms:
- user-userId
- user-email
- group-groupId
- group-email
- domain-domain
- project-team-projectId
- allUsers
- allAuthenticatedUsers
- (String) — The entity.
Grant access to a user by prepending "user-"
to an email:
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" email = "heidi@example.net" bucket.acl.add_reader "user-#{email}"
Grant access to a group by prepending "group-"
to email:
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" email = "authors@example.net" bucket.acl.add_reader "group-#{email}"
#add_writer
def add_writer(entity) -> String
Grants writer permission to the bucket.
-
entity (String) —
The entity holding the permission, in one of the following forms:
- user-userId
- user-email
- group-groupId
- group-email
- domain-domain
- project-team-projectId
- allUsers
- allAuthenticatedUsers
- (String) — The entity.
Grant access to a user by prepending "user-"
to an email:
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" email = "heidi@example.net" bucket.acl.add_writer "user-#{email}"
Grant access to a group by prepending "group-"
to email:
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" email = "authors@example.net" bucket.acl.add_writer "group-#{email}"
#auth!
def auth!()
Convenience method to apply the authenticatedRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.auth!
#auth_read!
def auth_read!()
Convenience method to apply the authenticatedRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.auth!
#authenticated!
def authenticated!()
Convenience method to apply the authenticatedRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.auth!
#authenticatedRead!
def authenticatedRead!()
Convenience method to apply the authenticatedRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.auth!
#authenticated_read!
def authenticated_read!()
Convenience method to apply the authenticatedRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.auth!
#delete
def delete(entity) -> Boolean
Permanently deletes the entity from the bucket's access control list.
-
entity (String) —
The entity holding the permission, in one of the following forms:
- user-userId
- user-email
- group-groupId
- group-email
- domain-domain
- project-team-projectId
- allUsers
- allAuthenticatedUsers
- (Boolean)
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" email = "heidi@example.net" bucket.acl.delete "user-#{email}"
#owners
def owners() -> Array<String>
Lists the owners of the bucket.
- (Array<String>)
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.owners.each { |owner| puts owner }
#private!
def private!()
Convenience method to apply the private
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.private!
#projectPrivate!
def projectPrivate!()
Convenience method to apply the projectPrivate
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.project_private!
#project_private!
def project_private!()
Convenience method to apply the projectPrivate
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.project_private!
#public!
def public!()
Convenience method to apply the publicRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.public!
#publicRead!
def publicRead!()
Convenience method to apply the publicRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.public!
#publicReadWrite!
def publicReadWrite!()
Convenience method to apply the publicReadWrite
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.public_write!
#public_read!
def public_read!()
Convenience method to apply the publicRead
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.public!
#public_write!
def public_write!()
Convenience method to apply the publicReadWrite
predefined ACL
rule to the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.public_write!
#readers
def readers() -> Array<String>
Lists the readers of the bucket.
- (Array<String>)
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.readers.each { |reader| puts reader }
#refresh!
def refresh!()
Reloads all Access Control List data for the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.reload!
#reload!
def reload!()
Reloads all Access Control List data for the bucket.
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.reload!
#user_project
def user_project()
A boolean value or a project ID string to indicate the project to
be billed for operations on the bucket and its files. If this
attribute is set to true
, transit costs for operations on the
bucket will be billed to the current project for this client. (See
Project#project for the ID of the current project.) If this
attribute is set to a project ID, and that project is authorized for
the currently authenticated service account, transit costs will be
billed to that project. This attribute is required with requester
pays-enabled buckets. The default is nil
.
In general, this attribute should be set when first retrieving the
owning bucket by providing the user_project
option to
Project#bucket.
See also #requester_pays= and #requester_pays.
#user_project=
def user_project=(value)
A boolean value or a project ID string to indicate the project to
be billed for operations on the bucket and its files. If this
attribute is set to true
, transit costs for operations on the
bucket will be billed to the current project for this client. (See
Project#project for the ID of the current project.) If this
attribute is set to a project ID, and that project is authorized for
the currently authenticated service account, transit costs will be
billed to that project. This attribute is required with requester
pays-enabled buckets. The default is nil
.
In general, this attribute should be set when first retrieving the
owning bucket by providing the user_project
option to
Project#bucket.
See also #requester_pays= and #requester_pays.
#writers
def writers() -> Array<String>
Lists the owners of the bucket.
- (Array<String>)
require "google/cloud/storage" storage = Google::Cloud::Storage.new bucket = storage.bucket "my-bucket" bucket.acl.writers.each { |writer| puts writer }