Skip to content
This repository was archived by the owner on Mar 31, 2026. It is now read-only.

fix: changeover unspecified to inherited #603

Merged
unforced merged 11 commits into from
Sep 29, 2021
Merged

fix: changeover unspecified to inherited #603

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
c76dbc6
fix: changeover unspecified to inherited
Sep 28, 2021
72f1efa
Update google/cloud/storage/bucket.py
Sep 28, 2021
ff03448
Apply suggestions from code review
Sep 28, 2021
c0f29ea
remove dup line
Sep 28, 2021
a2bd5cb
Merge branch 'pap_change' of github.com:Breathtender/python-storage i…
Sep 28, 2021
c9ad3b2
Apply suggestions from code review
Sep 28, 2021
09dce83
Update tests/unit/test_bucket.py
Sep 28, 2021
3459457
lint fix
Sep 28, 2021
f71ee44
Merge branch 'pap_change' of github.com:Breathtender/python-storage i…
Sep 28, 2021
5dc122a
one more lint fix
Sep 28, 2021
8127d39
line
Sep 29, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions google/cloud/storage/bucket.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@
from google.cloud.storage.constants import MULTI_REGIONAL_LEGACY_STORAGE_CLASS
from google.cloud.storage.constants import MULTI_REGION_LOCATION_TYPE
from google.cloud.storage.constants import NEARLINE_STORAGE_CLASS
from google.cloud.storage.constants import PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
from google.cloud.storage.constants import PUBLIC_ACCESS_PREVENTION_INHERITED
from google.cloud.storage.constants import REGIONAL_LEGACY_STORAGE_CLASS
from google.cloud.storage.constants import REGION_LOCATION_TYPE
from google.cloud.storage.constants import STANDARD_STORAGE_CLASS
Expand Down Expand Up @@ -387,7 +387,7 @@ class IAMConfiguration(dict):

:type public_access_prevention: str
:params public_access_prevention:
(Optional) Whether the public access prevention policy is 'unspecified' (default) or 'enforced'
(Optional) Whether the public access prevention policy is 'inherited' (default) or 'enforced'
See: https://cloud.google.com/storage/docs/public-access-prevention
Comment thread
unforced marked this conversation as resolved.
See: https://cloud.google.com/storage/docs/public-access-prevention

Expand Down Expand Up @@ -438,7 +438,7 @@ def __init__(
uniform_bucket_level_access_enabled = False

if public_access_prevention is _default:
public_access_prevention = PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
public_access_prevention = PUBLIC_ACCESS_PREVENTION_INHERITED

data = {
"uniformBucketLevelAccess": {
Expand Down Expand Up @@ -481,11 +481,11 @@ def bucket(self):

@property
def public_access_prevention(self):
"""Setting for public access prevention policy. Options are 'unspecified' (default) or 'enforced'.
"""Setting for public access prevention policy. Options are 'inherited' (default) or 'enforced'.
More information can be found at https://cloud.google.com/storage/docs/public-access-prevention
Comment thread
unforced marked this conversation as resolved.
Outdated

:rtype: string
:returns: the public access prevention status, either 'enforced' or 'unspecified'.
:returns: the public access prevention status, either 'enforced' or 'inherited'.
"""
return self["publicAccessPrevention"]

Expand Down
8 changes: 8 additions & 0 deletions google/cloud/storage/constants.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,14 @@

PUBLIC_ACCESS_PREVENTION_UNSPECIFIED = "unspecified"
"""Unspecified public access prevention value.
DEPRECATED: Remove once change is fully complete in backend

See: https://cloud.google.com/storage/docs/public-access-prevention
"""
Comment thread
unforced marked this conversation as resolved.

PUBLIC_ACCESS_PREVENTION_INHERITED = "inherited"
"""Inherited public access prevention value.
Remove once change is fully complete in backend

See: https://cloud.google.com/storage/docs/public-access-prevention
"""
Comment thread
unforced marked this conversation as resolved.
21 changes: 13 additions & 8 deletions tests/system/test_bucket.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -806,21 +806,23 @@ def test_ubla_set_unset_preserves_acls(
assert blob_acl_before == blob_acl_after


@pytest.mark.skip(reason="Unspecified PAP is changing to inherited")
def test_new_bucket_created_w_unspecified_pap(
def test_new_bucket_created_w_inherited_pap(
storage_client, buckets_to_delete, blobs_to_delete,
):
from google.cloud.storage import constants

bucket_name = _helpers.unique_name("new-w-pap-unspecified")
bucket_name = _helpers.unique_name("new-w-pap-inherited")
bucket = storage_client.bucket(bucket_name)
bucket.iam_configuration.uniform_bucket_level_access_enabled = True
bucket.create()
buckets_to_delete.append(bucket)

# TODO: Remove unspecified after changeover is complete
assert (
bucket.iam_configuration.public_access_prevention
== constants.PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
bucket.iam_configuration.public_access_prevention in [
constants.PUBLIC_ACCESS_PREVENTION_UNSPECIFIED,
constants.PUBLIC_ACCESS_PREVENTION_INHERITED
]
)

bucket.iam_configuration.public_access_prevention = (
Expand Down Expand Up @@ -876,12 +878,15 @@ def test_new_bucket_created_w_enforced_pap(
)

bucket.iam_configuration.public_access_prevention = (
constants.PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
constants.PUBLIC_ACCESS_PREVENTION_INHERITED
)
bucket.patch()

# TODO: Remove unspecified after changeover is complete
assert (
bucket.iam_configuration.public_access_prevention
== constants.PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
bucket.iam_configuration.public_access_prevention in [
constants.PUBLIC_ACCESS_PREVENTION_UNSPECIFIED,
constants.PUBLIC_ACCESS_PREVENTION_INHERITED
]
)
assert not bucket.iam_configuration.uniform_bucket_level_access_enabled
20 changes: 15 additions & 5 deletions tests/unit/test_bucket.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from google.cloud.storage.retry import DEFAULT_RETRY_IF_ETAG_IN_JSON
from google.cloud.storage.retry import DEFAULT_RETRY_IF_GENERATION_SPECIFIED
from google.cloud.storage.retry import DEFAULT_RETRY_IF_METAGENERATION_SPECIFIED
from google.cloud.storage.constants import PUBLIC_ACCESS_PREVENTION_ENFORCED
from google.cloud.storage.constants import PUBLIC_ACCESS_PREVENTION_ENFORCED, PUBLIC_ACCESS_PREVENTION_INHERITED
Comment thread
unforced marked this conversation as resolved.
Outdated
from google.cloud.storage.constants import PUBLIC_ACCESS_PREVENTION_UNSPECIFIED


Expand Down Expand Up @@ -358,8 +358,13 @@ def test_ctor_defaults(self):
self.assertIs(config.bucket, bucket)
self.assertFalse(config.uniform_bucket_level_access_enabled)
self.assertIsNone(config.uniform_bucket_level_access_locked_time)
self.assertEqual(
config.public_access_prevention, PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
# TODO: Remove unspecified after changeover is complete
self.assertIn(
bucket.iam_configuration.public_access_prevention,
[
PUBLIC_ACCESS_PREVENTION_UNSPECIFIED,
PUBLIC_ACCESS_PREVENTION_INHERITED
]
Comment thread
unforced marked this conversation as resolved.
Outdated
)
self.assertFalse(config.bucket_policy_only_enabled)
self.assertIsNone(config.bucket_policy_only_locked_time)
Expand Down Expand Up @@ -397,8 +402,13 @@ def test_ctor_explicit_pap(self):
)

config.public_access_prevention = PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
Comment thread
unforced marked this conversation as resolved.
Outdated
self.assertEqual(
config.public_access_prevention, PUBLIC_ACCESS_PREVENTION_UNSPECIFIED
# TODO: Remove unspecified after changeover is complete
self.assertIn(
bucket.iam_configuration.public_access_prevention,
[
PUBLIC_ACCESS_PREVENTION_UNSPECIFIED,
PUBLIC_ACCESS_PREVENTION_INHERITED
]
Comment thread
unforced marked this conversation as resolved.
Outdated
)

def test_ctor_explicit_bpo(self):
Expand Down