Struct cloud_storage::bucket_access_control::BucketAccessControl

source · [−]

pub struct BucketAccessControl {
    pub kind: String,
    pub id: String,
    pub self_link: String,
    pub bucket: String,
    pub entity: Entity,
    pub role: Role,
    pub email: Option<String>,
    pub entity_id: Option<String>,
    pub domain: Option<String>,
    pub project_team: Option<ProjectTeam>,
    pub etag: String,
}

Expand description

The BucketAccessControl resource represents the Access Control Lists (ACLs) for buckets within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.

Important: This method fails with a 400 Bad Request response for buckets with uniform
bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
control access instead.

There are three roles that can be assigned to an entity:

READERs can get the bucket, though no acl property will be returned, and list the bucket’s objects.
WRITERs are READERs, and they can insert objects into the bucket and delete the bucket’s objects.
OWNERs are WRITERs, and they can get the acl property of a bucket, update a bucket, and call all BucketAccessControl methods on the bucket.

Fields

kind: String

The kind of item this is. For bucket access control entries, this is always storage#bucketAccessControl.

id: String

The ID of the access-control entry.

self_link: String

The link to this access-control entry.

bucket: String

The name of the bucket.

entity: Entity

The entity holding the permission, in one of the following forms:

user-userId
user-email
group-groupId
group-email
domain-domain
project-team-projectId
allUsers
allAuthenticatedUsers

Examples:

The user liz@example.com would be user-liz@example.com.
The group example@googlegroups.com would be group-example@googlegroups.com.
To refer to all members of the G Suite for Business domain example.com, the entity would be domain-example.com.

role: Role

The access permission for the entity.

email: Option<String>

The email address associated with the entity, if any.

entity_id: Option<String>

The ID for the entity, if any.

domain: Option<String>

The domain associated with the entity, if any.

project_team: Option<ProjectTeam>

The project team associated with the entity, if any.

etag: String

HTTP 1.1 Entity tag for the access-control entry.

Implementations

source

impl BucketAccessControl

source

pub async fn create(
bucket: &str,
new_bucket_access_control: &NewBucketAccessControl
) -> Result<Self>

Create a new BucketAccessControl using the provided NewBucketAccessControl, related to the Bucket provided by the bucket_name argument.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::bucket_access_control::{BucketAccessControl, NewBucketAccessControl};
use cloud_storage::bucket_access_control::{Role, Entity};

let new_bucket_access_control = NewBucketAccessControl {
    entity: Entity::AllUsers,
    role: Role::Reader,
};
BucketAccessControl::create("mybucket", &new_bucket_access_control).await?;

source

pub fn create_sync(
bucket: &str,
new_bucket_access_control: &NewBucketAccessControl
) -> Result<Self>

The synchronous equivalent of BucketAccessControl::create.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn list(bucket: &str) -> Result<Vec<Self>>

Returns all BucketAccessControls related to this bucket.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::bucket_access_control::BucketAccessControl;

let acls = BucketAccessControl::list("mybucket").await?;

source

pub fn list_sync(bucket: &str) -> Result<Vec<Self>>

The synchronous equivalent of BucketAccessControl::list.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn read(bucket: &str, entity: &Entity) -> Result<Self>

Returns the ACL entry for the specified entity on the specified bucket.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::bucket_access_control::{BucketAccessControl, Entity};

let controls = BucketAccessControl::read("mybucket", &Entity::AllUsers).await?;

source

pub fn read_sync(bucket: &str, entity: &Entity) -> Result<Self>

The synchronous equivalent of BucketAccessControl::read.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn update(&self) -> Result<Self>

Update this BucketAccessControl.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::bucket_access_control::{BucketAccessControl, Entity};

let mut acl = BucketAccessControl::read("mybucket", &Entity::AllUsers).await?;
acl.entity = Entity::AllAuthenticatedUsers;
acl.update().await?;

source

pub fn update_sync(&self) -> Result<Self>

The synchronous equivalent of BucketAccessControl::update.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn delete(self) -> Result<()>

Permanently deletes the ACL entry for the specified entity on the specified bucket.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::bucket_access_control::{BucketAccessControl, Entity};

let controls = BucketAccessControl::read("mybucket", &Entity::AllUsers).await?;
controls.delete().await?;