Struct cloud_storage::default_object_access_control::DefaultObjectAccessControl

source · [−]

pub struct DefaultObjectAccessControl {
    pub kind: String,
    pub entity: Entity,
    pub role: Role,
    pub email: Option<String>,
    pub entity_id: Option<String>,
    pub domain: Option<String>,
    pub project_team: Option<ProjectTeam>,
    pub etag: String,
    pub bucket: String,
}

Expand description

The DefaultObjectAccessControls resources represent the Access Control Lists (ACLs) applied to a new object within Google Cloud Storage when no ACL was provided for that object. ACLs let you specify who has access to your data and to what extent.

Fields

kind: String

The kind of item this is. For object access control entries, this is always storage#objectAccessControl.

entity: Entity

The entity holding the permission, in one of the following forms:

user-userId
user-email
group-groupId
group-email
domain-domain
project-team-projectId
allUsers
allAuthenticatedUsers

Examples:

The user liz@example.com would be user-liz@example.com.
The group example@googlegroups.com would be group-example@googlegroups.com.
To refer to all members of the G Suite for Business domain example.com, the entity would be domain-example.com.

role: Role

The access permission for the entity.

email: Option<String>

The email address associated with the entity, if any.

entity_id: Option<String>

The ID for the entity, if any.

domain: Option<String>

The domain associated with the entity, if any.

project_team: Option<ProjectTeam>

The project team associated with the entity, if any.

etag: String

HTTP 1.1 Entity tag for the access-control entry.

bucket: String

The bucket this resource belongs to.

Implementations

source

impl DefaultObjectAccessControl

source

pub async fn create(
bucket: &str,
new_acl: &NewDefaultObjectAccessControl
) -> Result<Self>

Create a new DefaultObjectAccessControl entry on the specified bucket.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::default_object_access_control::{
    DefaultObjectAccessControl, NewDefaultObjectAccessControl, Role, Entity,
};

let new_acl = NewDefaultObjectAccessControl {
    entity: Entity::AllAuthenticatedUsers,
    role: Role::Reader,
};
let default_acl = DefaultObjectAccessControl::create("mybucket", &new_acl).await?;

source

pub fn create_sync(
bucket: &str,
new_acl: &NewDefaultObjectAccessControl
) -> Result<Self>

The synchronous equivalent of DefautObjectAccessControl::create.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn list(bucket: &str) -> Result<Vec<Self>>

Retrieves default object ACL entries on the specified bucket.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::default_object_access_control::DefaultObjectAccessControl;

let default_acls = DefaultObjectAccessControl::list("mybucket").await?;

source

pub fn list_sync(bucket: &str) -> Result<Vec<Self>>

The synchronous equivalent of DefautObjectAccessControl::list.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn read(bucket: &str, entity: &Entity) -> Result<Self>

Read a single DefaultObjectAccessControl. The bucket argument is the name of the bucket whose DefaultObjectAccessControl is to be read, and the entity argument is the entity holding the permission. Options are Can be “user-userId”, “user-email_address”, “group-group_id”, “group-email_address”, “allUsers”, or “allAuthenticatedUsers”.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::default_object_access_control::{DefaultObjectAccessControl, Entity};

let default_acl = DefaultObjectAccessControl::read("mybucket", &Entity::AllUsers).await?;

source

pub fn read_sync(bucket: &str, entity: &Entity) -> Result<Self>

The synchronous equivalent of DefautObjectAccessControl::read.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn update(&self) -> Result<Self>

Update the current DefaultObjectAccessControl.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::default_object_access_control::{DefaultObjectAccessControl, Entity};

let mut default_acl = DefaultObjectAccessControl::read("my_bucket", &Entity::AllUsers).await?;
default_acl.entity = Entity::AllAuthenticatedUsers;
default_acl.update().await?;

source

pub fn update_sync(&self) -> Result<Self>

The synchronous equivalent of DefautObjectAccessControl::update.

Features

This function requires that the feature flag sync is enabled in Cargo.toml.

source

pub async fn delete(self) -> Result<(), Error>

Delete this ’DefaultObjectAccessControl`.

Important

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use Bucket::get_iam_policy and Bucket::set_iam_policy to control access instead.

Example

use cloud_storage::default_object_access_control::{DefaultObjectAccessControl, Entity};

let mut default_acl = DefaultObjectAccessControl::read("my_bucket", &Entity::AllUsers).await?;
default_acl.delete().await?;