cloud_storage/client/bucket_access_control.rs
1use crate::{
2 bucket_access_control::{BucketAccessControl, Entity, NewBucketAccessControl},
3 error::GoogleResponse,
4 object::percent_encode,
5 resources::common::ListResponse,
6};
7
8/// Operations on [`BucketAccessControl`](BucketAccessControl)s.
9pub struct BucketAccessControlClient<'a>(pub(super) &'a super::Client);
10
11impl<'a> BucketAccessControlClient<'a> {
12 /// Create a new `BucketAccessControl` using the provided `NewBucketAccessControl`, related to
13 /// the `Bucket` provided by the `bucket_name` argument.
14 ///
15 /// ### Important
16 /// Important: This method fails with a 400 Bad Request response for buckets with uniform
17 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
18 /// control access instead.
19 /// ### Example
20 /// ```rust,no_run
21 /// # #[tokio::main]
22 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
23 /// use cloud_storage::Client;
24 /// use cloud_storage::bucket_access_control::{BucketAccessControl, NewBucketAccessControl};
25 /// use cloud_storage::bucket_access_control::{Role, Entity};
26 ///
27 /// let client = Client::default();
28 /// let new_bucket_access_control = NewBucketAccessControl {
29 /// entity: Entity::AllUsers,
30 /// role: Role::Reader,
31 /// };
32 /// client.bucket_access_control().create("mybucket", &new_bucket_access_control).await?;
33 /// # Ok(())
34 /// # }
35 /// ```
36 pub async fn create(
37 &self,
38 bucket: &str,
39 new_bucket_access_control: &NewBucketAccessControl,
40 ) -> crate::Result<BucketAccessControl> {
41 let url = format!("{}/b/{}/acl", crate::BASE_URL, percent_encode(bucket));
42 let result: GoogleResponse<BucketAccessControl> = self
43 .0
44 .client
45 .post(&url)
46 .headers(self.0.get_headers().await?)
47 .json(new_bucket_access_control)
48 .send()
49 .await?
50 .json()
51 .await?;
52 match result {
53 GoogleResponse::Success(s) => Ok(s),
54 GoogleResponse::Error(e) => Err(e.into()),
55 }
56 }
57
58 /// Returns all `BucketAccessControl`s related to this bucket.
59 ///
60 /// ### Important
61 /// Important: This method fails with a 400 Bad Request response for buckets with uniform
62 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
63 /// control access instead.
64 /// ### Example
65 /// ```rust,no_run
66 /// # #[tokio::main]
67 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
68 /// use cloud_storage::Client;
69 /// use cloud_storage::bucket_access_control::BucketAccessControl;
70 ///
71 /// let client = Client::default();
72 /// let acls = client.bucket_access_control().list("mybucket").await?;
73 /// # Ok(())
74 /// # }
75 /// ```
76 pub async fn list(&self, bucket: &str) -> crate::Result<Vec<BucketAccessControl>> {
77 let url = format!("{}/b/{}/acl", crate::BASE_URL, percent_encode(bucket));
78 let result: GoogleResponse<ListResponse<BucketAccessControl>> = self
79 .0
80 .client
81 .get(&url)
82 .headers(self.0.get_headers().await?)
83 .send()
84 .await?
85 .json()
86 .await?;
87 match result {
88 GoogleResponse::Success(s) => Ok(s.items),
89 GoogleResponse::Error(e) => Err(e.into()),
90 }
91 }
92
93 /// Returns the ACL entry for the specified entity on the specified bucket.
94 ///
95 /// ### Important
96 /// Important: This method fails with a 400 Bad Request response for buckets with uniform
97 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
98 /// control access instead.
99 /// ### Example
100 /// ```rust,no_run
101 /// # #[tokio::main]
102 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
103 /// use cloud_storage::Client;
104 /// use cloud_storage::bucket_access_control::{BucketAccessControl, Entity};
105 ///
106 /// let client = Client::default();
107 /// let controls = client.bucket_access_control().read("mybucket", &Entity::AllUsers).await?;
108 /// # Ok(())
109 /// # }
110 /// ```
111 pub async fn read(&self, bucket: &str, entity: &Entity) -> crate::Result<BucketAccessControl> {
112 let url = format!(
113 "{}/b/{}/acl/{}",
114 crate::BASE_URL,
115 percent_encode(bucket),
116 percent_encode(&entity.to_string())
117 );
118 let result: GoogleResponse<BucketAccessControl> = self
119 .0
120 .client
121 .get(&url)
122 .headers(self.0.get_headers().await?)
123 .send()
124 .await?
125 .json()
126 .await?;
127 match result {
128 GoogleResponse::Success(s) => Ok(s),
129 GoogleResponse::Error(e) => Err(e.into()),
130 }
131 }
132
133 /// Update this `BucketAccessControl`.
134 ///
135 /// ### Important
136 /// Important: This method fails with a 400 Bad Request response for buckets with uniform
137 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
138 /// control access instead.
139 /// ### Example
140 /// ```rust,no_run
141 /// # #[tokio::main]
142 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
143 /// use cloud_storage::Client;
144 /// use cloud_storage::bucket_access_control::{BucketAccessControl, Entity};
145 ///
146 /// let client = Client::default();
147 /// let mut acl = client.bucket_access_control().read("mybucket", &Entity::AllUsers).await?;
148 /// acl.entity = Entity::AllAuthenticatedUsers;
149 /// client.bucket_access_control().update(&acl).await?;
150 /// # Ok(())
151 /// # }
152 /// ```
153 pub async fn update(
154 &self,
155 bucket_access_control: &BucketAccessControl,
156 ) -> crate::Result<BucketAccessControl> {
157 let url = format!(
158 "{}/b/{}/acl/{}",
159 crate::BASE_URL,
160 percent_encode(&bucket_access_control.bucket),
161 percent_encode(&bucket_access_control.entity.to_string()),
162 );
163 let result: GoogleResponse<BucketAccessControl> = self
164 .0
165 .client
166 .put(&url)
167 .headers(self.0.get_headers().await?)
168 .json(bucket_access_control)
169 .send()
170 .await?
171 .json()
172 .await?;
173 match result {
174 GoogleResponse::Success(s) => Ok(s),
175 GoogleResponse::Error(e) => Err(e.into()),
176 }
177 }
178
179 /// Permanently deletes the ACL entry for the specified entity on the specified bucket.
180 ///
181 /// ### Important
182 /// Important: This method fails with a 400 Bad Request response for buckets with uniform
183 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
184 /// control access instead.
185 /// ### Example
186 /// ```rust,no_run
187 /// # #[tokio::main]
188 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
189 /// use cloud_storage::Client;
190 /// use cloud_storage::bucket_access_control::{BucketAccessControl, Entity};
191 ///
192 /// let client = Client::default();
193 /// let controls = client.bucket_access_control().read("mybucket", &Entity::AllUsers).await?;
194 /// client.bucket_access_control().delete(controls).await?;
195 /// # Ok(())
196 /// # }
197 /// ```
198 pub async fn delete(&self, bucket_access_control: BucketAccessControl) -> crate::Result<()> {
199 let url = format!(
200 "{}/b/{}/acl/{}",
201 crate::BASE_URL,
202 percent_encode(&bucket_access_control.bucket),
203 percent_encode(&bucket_access_control.entity.to_string()),
204 );
205 let response = self
206 .0
207 .client
208 .delete(&url)
209 .headers(self.0.get_headers().await?)
210 .send()
211 .await?;
212 if response.status().is_success() {
213 Ok(())
214 } else {
215 Err(crate::Error::Google(response.json().await?))
216 }
217 }
218}