ACL eines nach Nutzern gefilterten Buckets abrufen

Access Control List (ACL) für einen Cloud Storage-Bucket aufrufen, der nach Nutzern gefiltert ist.

Codebeispiel

C#

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage C# API.


using Google.Apis.Storage.v1.Data;
using Google.Cloud.Storage.V1;
using System;
using System.Collections.Generic;
using System.Linq;

public class PrintBucketAclForUserSample
{
    public IEnumerable<BucketAccessControl> PrintBucketAclForUser(
        string bucketName = "your-unique-bucket-name",
        string userEmail = "dev@iam.gserviceaccount.com")
    {
        var storage = StorageClient.Create();
        var bucket = storage.GetBucket(bucketName, new GetBucketOptions { Projection = Projection.Full });

        var bucketAclForUser = bucket.Acl.Where((acl) => acl.Entity == $"user-{userEmail}");
        foreach (var acl in bucketAclForUser)
        {
            Console.WriteLine($"{acl.Role}:{acl.Entity}");
        }

        return bucketAclForUser;
    }
}

C++

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage C++ API.

namespace gcs = ::google::cloud::storage;
using ::google::cloud::StatusOr;
[](gcs::Client client, std::string const& bucket_name,
   std::string const& entity) {
  StatusOr<gcs::BucketAccessControl> acl =
      client.GetBucketAcl(bucket_name, entity);

  if (!acl) throw std::runtime_error(acl.status().message());
  std::cout << "ACL entry for " << acl->entity() << " in bucket "
            << acl->bucket() << " is " << *acl << "\n";
}

Go

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage Go API.

import (
	"context"
	"fmt"
	"io"

	"cloud.google.com/go/storage"
)

// printBucketACLForUser lists bucket ACL using a filter.
func printBucketACLForUser(w io.Writer, bucket string, entity storage.ACLEntity) error {
	// bucket := "bucket-name"
	// entity := storage.AllUsers
	ctx := context.Background()
	client, err := storage.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("storage.NewClient: %v", err)
	}
	defer client.Close()

	rules, err := client.Bucket(bucket).ACL().List(ctx)
	if err != nil {
		return fmt.Errorf("ACLHandle.List: %v", err)
	}
	for _, r := range rules {
		if r.Entity == entity {
			fmt.Fprintf(w, "ACL rule role: %v\n", r.Role)
		}
	}
	return nil
}

Java

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage Java API.


import com.google.cloud.storage.Acl;
import com.google.cloud.storage.Acl.User;
import com.google.cloud.storage.Bucket;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;

public class PrintBucketAclFilterByUser {

  public static void printBucketAclFilterByUser(String bucketName, String userEmail) {

    // The ID to give your GCS bucket
    // String bucketName = "your-unique-bucket-name";

    // The email of the user whose acl is being retrieved.
    // String userEmail = "someuser@domain.com"

    Storage storage = StorageOptions.newBuilder().build().getService();
    Bucket bucket = storage.get(bucketName);

    Acl userAcl = bucket.getAcl(new User(userEmail));
    String userRole = userAcl.getRole().name();
    System.out.println("User " + userEmail + " has role " + userRole);
  }
}

Node.js

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage Node.js API.

/**
 * TODO(developer): Uncomment the following lines before running the sample.
 */
// The ID of your GCS bucket
// const bucketName = 'your-unique-bucket-name';

// The email address of the user to check
// const userEmail = 'user-email-to-check';

// Imports the Google Cloud client library
const {Storage} = require('@google-cloud/storage');

// Creates a client
const storage = new Storage();

async function printBucketAclForUser() {
  const options = {
    // Specify the user
    entity: `user-${userEmail}`,
  };

  // Gets the user's ACL for the bucket
  const [aclObject] = await storage.bucket(bucketName).acl.get(options);

  console.log(`${aclObject.role}: ${aclObject.entity}`);
}

printBucketAclForUser().catch(console.error);

PHP

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage PHP API.

use Google\Cloud\Storage\StorageClient;

/**
 * Print an entity role for a bucket ACL.
 *
 * @param string $bucketName The name of your Cloud Storage bucket.
 * @param string $entity The entity for which to query access controls.
 */
function print_bucket_acl_for_user(
    string $bucketName,
    string $entity
): void {
    // $bucketName = 'my-bucket';
    // $entity = 'user-example@domain.com';

    $storage = new StorageClient();
    $bucket = $storage->bucket($bucketName);
    $acl = $bucket->acl();

    $item = $acl->get(['entity' => $entity]);
    printf('%s: %s' . PHP_EOL, $item['entity'], $item['role']);
}

Python

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage Python API.

from google.cloud import storage

def print_bucket_acl_for_user(bucket_name, user_email):
    """Prints out a bucket's access control list for a given user."""
    storage_client = storage.Client()
    bucket = storage_client.bucket(bucket_name)

    # Reload fetches the current ACL from Cloud Storage.
    bucket.acl.reload()

    # You can also use `group`, `domain`, `all_authenticated` and `all` to
    # get the roles for different types of entities.
    roles = bucket.acl.user(user_email).get_roles()

    print(roles)

Ruby

Weitere Informationen finden Sie in der Referenzdokumentation zur Cloud Storage Ruby API.

# The ID of your GCS bucket
# bucket_name = "your-unique-bucket-name"
# email       = "Google Cloud Storage ACL Entity email"

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket  = storage.bucket bucket_name

puts "Permissions for #{email}:"
puts "OWNER"  if bucket.acl.owners.include?  email
puts "WRITER" if bucket.acl.writers.include? email
puts "READER" if bucket.acl.readers.include? email

Nächste Schritte

Informationen zum Suchen und Filtern von Codebeispielen für andere Google Cloud-Produkte finden Sie im Google Cloud-Beispielbrowser.