Acessar a ACL de um bucket que é filtrada pelo usuário

using Google.Apis.Storage.v1.Data;
using Google.Cloud.Storage.V1;
using System;
using System.Collections.Generic;
using System.Linq;

public class PrintBucketAclForUserSample
{
    public IEnumerable<BucketAccessControl> PrintBucketAclForUser(
        string bucketName = "your-unique-bucket-name",
        string userEmail = "dev@iam.gserviceaccount.com")
    {
        var storage = StorageClient.Create();
        var bucket = storage.GetBucket(bucketName, new GetBucketOptions { Projection = Projection.Full });

        var bucketAclForUser = bucket.Acl.Where((acl) => acl.Entity == $"user-{userEmail}");
        foreach (var acl in bucketAclForUser)
        {
            Console.WriteLine($"{acl.Role}:{acl.Entity}");
        }

        return bucketAclForUser;
    }
}

namespace gcs = google::cloud::storage;
using ::google::cloud::StatusOr;
[](gcs::Client client, std::string const& bucket_name,
   std::string const& entity) {
  StatusOr<gcs::BucketAccessControl> acl =
      client.GetBucketAcl(bucket_name, entity);

  if (!acl) throw std::runtime_error(acl.status().message());
  std::cout << "ACL entry for " << acl->entity() << " in bucket "
            << acl->bucket() << " is " << *acl << "\n";
}

import (
	"context"
	"fmt"
	"io"

	"cloud.google.com/go/storage"
)

// printBucketACLForUser lists bucket ACL using a filter.
func printBucketACLForUser(w io.Writer, bucket string, entity storage.ACLEntity) error {
	// bucket := "bucket-name"
	// entity := storage.AllUsers
	ctx := context.Background()
	client, err := storage.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("storage.NewClient: %v", err)
	}
	defer client.Close()

	rules, err := client.Bucket(bucket).ACL().List(ctx)
	if err != nil {
		return fmt.Errorf("ACLHandle.List: %v", err)
	}
	for _, r := range rules {
		if r.Entity == entity {
			fmt.Fprintf(w, "ACL rule role: %v\n", r.Role)
		}
	}
	return nil
}

/**
 * TODO(developer): Uncomment the following lines before running the sample.
 */
// The ID of your GCS bucket
// const bucketName = 'your-unique-bucket-name';

// The email address of the user to check
// const userEmail = 'user-email-to-check';

// Imports the Google Cloud client library
const {Storage} = require('@google-cloud/storage');

// Creates a client
const storage = new Storage();

async function printBucketAclForUser() {
  const options = {
    // Specify the user
    entity: `user-${userEmail}`,
  };

  // Gets the user's ACL for the bucket
  const [aclObject] = await storage.bucket(bucketName).acl.get(options);

  console.log(`${aclObject.role}: ${aclObject.entity}`);
}

printBucketAclForUser().catch(console.error);

from google.cloud import storage

def print_bucket_acl_for_user(bucket_name, user_email):
    """Prints out a bucket's access control list for a given user."""
    storage_client = storage.Client()
    bucket = storage_client.bucket(bucket_name)

    # Reload fetches the current ACL from Cloud Storage.
    bucket.acl.reload()

    # You can also use `group`, `domain`, `all_authenticated` and `all` to
    # get the roles for different types of entities.
    roles = bucket.acl.user(user_email).get_roles()

    print(roles)