RELAX NG Compact Syntax Format Schema

The following describes the exact formatting requirements of the Google ACL XML.

namespace rng = "http://relaxng.org/ns/structure/1.0"

LengthLimitedString = xsd:string { minLength = "0" maxLength = "1024" }
LengthLimitedIdString = xsd:string { minLength = "0" maxLength = "1024" pattern = "[a-fA-F0-9\s]*" }
ScopeStringById =
  xsd:string {
    pattern =
      "([Uu][Ss][Ee][Rr][Bb][Yy][Ii][Dd])|([Gg][Rr][Oo][Uu][Pp][Bb][Yy][Ii][Dd])"
  }
ScopeStringByEmail =
  xsd:string {
    pattern =
      "([Uu][Ss][Ee][Rr][Bb][Yy][Ee][Mm][Aa][Ii][Ll])|([Gg][Rr][Oo][Uu][Pp][Bb][Yy][Ee][Mm][Aa][Ii][Ll])"
  }
ScopeStringByDomain =
  xsd:string {
    pattern =
      "([Gg][Rr][Oo][Uu][Pp][Bb][Yy][Dd][Oo][Mm][Aa][Ii][Nn])"
  }
ScopeStringByAllUsers =
  xsd:string {
    pattern =
      "([Aa][Ll][Ll][Uu][Ss][Ee][Rr][Ss])|([Aa][Ll][Ll][Aa][Uu][Tt][Hh][Ee][Nn][Tt][Ii][Cc][Aa][Tt][Ee][Dd][Uu][Ss][Ee][Rr][Ss])"
  }

start |= AccessControlList
AccessControlList =
  element AccessControlList {
    ## The owner of the object for this ACL.  This element is ignored by Google Cloud Storage as the object owner is always assumed to have full control.
    element Owner {
      ## Google-storage-id of the owner.
      element ID { LengthLimitedIdString },
      ## Name of the owner.
      element Name { LengthLimitedString }?
    }? &
    ## 0 or more ACL entries to be applied to the object.
    element Entries {
      ## An ACL entry for the object.
      element Entry {
        ## Who the permission applies to.  Child element inclusion is based on the attribute type.
        (
          ( element Scope {
              (
                ## Google-storage-ID to be granted permission.
                element ID { LengthLimitedIdString } &
                ## Name of the entity to be granted permission.
                element Name { LengthLimitedString }?
              ),
              attribute type { ScopeStringById }
            }
          ) |
          ( element Scope {
              (
                ## Email address to be granted permission.
                element EmailAddress { LengthLimitedString } &
                ## Name of the entity to be granted permission.
                element Name { LengthLimitedString }?
              ),
              attribute type { ScopeStringByEmail }
            }
          ) |
          ( element Scope {
              (
                ## Domain name to be granted permission.
                element Domain { LengthLimitedString }
              ),
              attribute type { ScopeStringByDomain }
            }
          ) |
          ( element Scope {
              (empty),
              attribute type { ScopeStringByAllUsers }
            }
          )
        ) &
        ## Type of permission being granted.
        element Permission {
          xsd:string { pattern = "\s*READ\s*|\s*WRITE\s*|\s*FULL_CONTROL\s*" }
        }
      }*
    }?
  }

Send feedback about...

Cloud Storage Documentation