Merge pull request #1228 from mziccard/storage-acls

Add support for create/get/update/delete/list ACLs for blob and bucket

Author: mziccard

google-cloud-contrib/google-cloud-nio/src/test/java/com/google/cloud/storage/contrib/nio/FakeStorageRpc.java

@@ -17,6 +17,8 @@
 package com.google.cloud.storage.contrib.nio;
 
 import com.google.api.services.storage.model.Bucket;
+import com.google.api.services.storage.model.BucketAccessControl;
+import com.google.api.services.storage.model.ObjectAccessControl;
 import com.google.api.services.storage.model.StorageObject;
 import com.google.cloud.storage.Storage;
 import com.google.cloud.storage.StorageException;
@@ -336,6 +338,81 @@ public RewriteResponse continueRewrite(RewriteResponse previousResponse) throws
     throw new UnsupportedOperationException();
   }
 
+  @Override
+  public BucketAccessControl getAcl(String bucket, String entity) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public boolean deleteAcl(String bucket, String entity) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public BucketAccessControl createAcl(BucketAccessControl acl) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public BucketAccessControl patchAcl(BucketAccessControl acl) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public List<BucketAccessControl> listAcls(String bucket) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public ObjectAccessControl getDefaultAcl(String bucket, String entity) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public boolean deleteDefaultAcl(String bucket, String entity) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public ObjectAccessControl createDefaultAcl(ObjectAccessControl acl) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public ObjectAccessControl patchDefaultAcl(ObjectAccessControl acl) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public List<ObjectAccessControl> listDefaultAcls(String bucket) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public ObjectAccessControl getAcl(String bucket, String object, Long generation, String entity) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public boolean deleteAcl(String bucket, String object, Long generation, String entity) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public ObjectAccessControl createAcl(ObjectAccessControl acl) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public ObjectAccessControl patchAcl(ObjectAccessControl acl) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public List<ObjectAccessControl> listAcls(String bucket, String object, Long generation) {
+    throw new UnsupportedOperationException();
+  }
+
   private String fullname(StorageObject so) {
     return (so.getBucket() + "/" + so.getName());
   }

google-cloud-examples/src/main/java/com/google/cloud/examples/storage/StorageExample.java

@@ -582,24 +582,18 @@ public void run(Storage storage, Tuple<BlobId, Acl> params) {
           System.out.printf("Bucket %s does not exist%n", blobId.bucket());
           return;
         }
-        bucket.toBuilder().acl(addAcl(bucket.acl(), acl)).build().update();
+        acl = bucket.createAcl(acl);
         System.out.printf("Added ACL %s to bucket %s%n", acl, blobId.bucket());
       } else {
         Blob blob = storage.get(blobId);
         if (blob == null) {
           System.out.printf("Blob %s does not exist%n", blobId);
           return;
         }
-        blob.toBuilder().acl(addAcl(blob.acl(), acl)).build().update();
+        acl = blob.createAcl(acl);
         System.out.printf("Added ACL %s to blob %s%n", acl, blobId);
       }
     }
-
-    private static List<Acl> addAcl(List<Acl> acls, Acl newAcl) {
-      List<Acl> newAcls = new LinkedList<>(acls);
-      newAcls.add(newAcl);
-      return newAcls;
-    }
   }
 
   /**

google-cloud-examples/src/main/java/com/google/cloud/examples/storage/snippets/BlobSnippets.java

@@ -28,6 +28,8 @@
 import com.google.cloud.ReadChannel;
 import com.google.cloud.ServiceAccountSigner;
 import com.google.cloud.WriteChannel;
+import com.google.cloud.storage.Acl;
+import com.google.cloud.storage.Acl.User;
 import com.google.cloud.storage.Blob;
 import com.google.cloud.storage.Blob.BlobSourceOption;
 import com.google.cloud.storage.BlobId;
@@ -40,6 +42,7 @@
 import java.net.URL;
 import java.nio.ByteBuffer;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
 
@@ -228,4 +231,67 @@ public URL signUrlWithSigner(String keyPath) throws IOException {
     // [END signUrlWithSigner]
     return signedUrl;
   }
+
+  /**
+   * Example of getting the ACL entry for an entity.
+   */
+  // [TARGET getAcl(Entity)]
+  public Acl getAcl() {
+    // [START getAcl]
+    Acl acl = blob.getAcl(User.ofAllAuthenticatedUsers());
+    // [END getAcl]
+    return acl;
+  }
+
+  /**
+   * Example of deleting the ACL entry for an entity.
+   */
+  // [TARGET deleteAcl(Entity)]
+  public boolean deleteAcl() {
+    // [START deleteAcl]
+    boolean deleted = blob.deleteAcl(User.ofAllAuthenticatedUsers());
+    if (deleted) {
+      // the acl entry was deleted
+    } else {
+      // the acl entry was not found
+    }
+    // [END deleteAcl]
+    return deleted;
+  }
+
+  /**
+   * Example of creating a new ACL entry.
+   */
+  // [TARGET createAcl(Acl)]
+  public Acl createAcl() {
+    // [START createAcl]
+    Acl acl = blob.createAcl(Acl.of(User.ofAllAuthenticatedUsers(), Acl.Role.READER));
+    // [END createAcl]
+    return acl;
+  }
+
+  /**
+   * Example of updating a new ACL entry.
+   */
+  // [TARGET updateAcl(Acl)]
+  public Acl updateAcl() {
+    // [START updateAcl]
+    Acl acl = blob.updateAcl(Acl.of(User.ofAllAuthenticatedUsers(), Acl.Role.OWNER));
+    // [END updateAcl]
+    return acl;
+  }
+
+  /**
+   * Example of listing the ACL entries.
+   */
+  // [TARGET listAcls()]
+  public List<Acl> listAcls() {
+    // [START listAcls]
+    List<Acl> acls = blob.listAcls();
+    for (Acl acl : acls) {
+      // do something with ACL entry
+    }
+    // [END listAcls]
+    return acls;
+  }
 }

google-cloud-examples/src/main/java/com/google/cloud/examples/storage/snippets/BucketSnippets.java

@@ -25,6 +25,8 @@
 import static java.nio.charset.StandardCharsets.UTF_8;
 
 import com.google.cloud.Page;
+import com.google.cloud.storage.Acl;
+import com.google.cloud.storage.Acl.User;
 import com.google.cloud.storage.Blob;
 import com.google.cloud.storage.Bucket;
 import com.google.cloud.storage.Bucket.BucketSourceOption;
@@ -124,8 +126,8 @@ public Page<Blob> listBlobs() {
   }
 
   /**
-   * Example of getting a blob in the bucket, only if its metageneration matches a value, otherwise
-   * a {@link StorageException} is thrown.
+   * Example of getting a blob in the bucket, only if its metageneration matches a value,
+   * otherwise a {@link StorageException} is thrown.
    */
   // [TARGET get(String, BlobGetOption...)]
   // [VARIABLE "my_blob_name"]
@@ -226,4 +228,130 @@ public Blob createBlobFromInputStreamWithContentType(String blobName) {
     // [END createBlobFromInputStreamWithContentType]
     return blob;
   }
+
+  /**
+   * Example of getting the ACL entry for an entity.
+   */
+  // [TARGET getAcl(Entity)]
+  public Acl getAcl() {
+    // [START getAcl]
+    Acl acl = bucket.getAcl(User.ofAllAuthenticatedUsers());
+    // [END getAcl]
+    return acl;
+  }
+
+  /**
+   * Example of deleting the ACL entry for an entity.
+   */
+  // [TARGET deleteAcl(Entity)]
+  public boolean deleteAcl() {
+    // [START deleteAcl]
+    boolean deleted = bucket.deleteAcl(User.ofAllAuthenticatedUsers());
+    if (deleted) {
+      // the acl entry was deleted
+    } else {
+      // the acl entry was not found
+    }
+    // [END deleteAcl]
+    return deleted;
+  }
+
+  /**
+   * Example of creating a new ACL entry.
+   */
+  // [TARGET createAcl(Acl)]
+  public Acl createAcl() {
+    // [START createAcl]
+    Acl acl = bucket.createAcl(Acl.of(User.ofAllAuthenticatedUsers(), Acl.Role.READER));
+    // [END createAcl]
+    return acl;
+  }
+
+  /**
+   * Example of updating a new ACL entry.
+   */
+  // [TARGET updateAcl(Acl)]
+  public Acl updateAcl() {
+    // [START updateAcl]
+    Acl acl = bucket.updateAcl(Acl.of(User.ofAllAuthenticatedUsers(), Acl.Role.OWNER));
+    // [END updateAcl]
+    return acl;
+  }
+
+  /**
+   * Example of listing the ACL entries.
+   */
+  // [TARGET listAcls()]
+  public List<Acl> listAcls() {
+    // [START listAcls]
+    List<Acl> acls = bucket.listAcls();
+    for (Acl acl : acls) {
+      // do something with ACL entry
+    }
+    // [END listAcls]
+    return acls;
+  }
+
+  /**
+   * Example of getting the default ACL entry for an entity.
+   */
+  // [TARGET getDefaultAcl(Entity)]
+  public Acl getDefaultAcl() {
+    // [START getDefaultAcl]
+    Acl acl = bucket.getDefaultAcl(User.ofAllAuthenticatedUsers());
+    // [END getDefaultAcl]
+    return acl;
+  }
+
+  /**
+   * Example of deleting the default ACL entry for an entity.
+   */
+  // [TARGET deleteDefaultAcl(Entity)]
+  public boolean deleteDefaultAcl() {
+    // [START deleteDefaultAcl]
+    boolean deleted = bucket.deleteDefaultAcl(User.ofAllAuthenticatedUsers());
+    if (deleted) {
+      // the acl entry was deleted
+    } else {
+      // the acl entry was not found
+    }
+    // [END deleteDefaultAcl]
+    return deleted;
+  }
+
+  /**
+   * Example of creating a new default ACL entry.
+   */
+  // [TARGET createDefaultAcl(Acl)]
+  public Acl createDefaultAcl() {
+    // [START createDefaultAcl]
+    Acl acl = bucket.createDefaultAcl(Acl.of(User.ofAllAuthenticatedUsers(), Acl.Role.READER));
+    // [END createDefaultAcl]
+    return acl;
+  }
+
+  /**
+   * Example of updating a new default ACL entry.
+   */
+  // [TARGET updateDefaultAcl(Acl)]
+  public Acl updateDefaultAcl() {
+    // [START updateDefaultAcl]
+    Acl acl = bucket.updateDefaultAcl(Acl.of(User.ofAllAuthenticatedUsers(), Acl.Role.OWNER));
+    // [END updateDefaultAcl]
+    return acl;
+  }
+
+  /**
+   * Example of listing the default ACL entries.
+   */
+  // [TARGET listDefaultAcls()]
+  public List<Acl> listDefaultAcls() {
+    // [START listDefaultAcls]
+    List<Acl> acls = bucket.listDefaultAcls();
+    for (Acl acl : acls) {
+      // do something with ACL entry
+    }
+    // [END listDefaultAcls]
+    return acls;
+  }
 }