cloud_storage/client/default_object_access_control.rs
1use crate::{
2 bucket_access_control::Entity,
3 default_object_access_control::{DefaultObjectAccessControl, NewDefaultObjectAccessControl},
4 error::GoogleResponse,
5 object::percent_encode,
6 resources::common::ListResponse,
7};
8
9/// Operations on [`DefaultObjectAccessControl`](DefaultObjectAccessControl)s.
10#[derive(Debug)]
11pub struct DefaultObjectAccessControlClient<'a>(pub(super) &'a super::Client);
12
13impl<'a> DefaultObjectAccessControlClient<'a> {
14 /// Create a new `DefaultObjectAccessControl` entry on the specified bucket.
15 /// ### Important
16 /// Important: This method fails with a `400 Bad Request` response for buckets with uniform
17 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
18 /// control access instead.
19 /// ### Example
20 /// ```no_run
21 /// # #[tokio::main]
22 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
23 /// use cloud_storage::Client;
24 /// use cloud_storage::default_object_access_control::{
25 /// DefaultObjectAccessControl, NewDefaultObjectAccessControl, Role, Entity,
26 /// };
27 ///
28 /// let client = Client::default();
29 /// let new_acl = NewDefaultObjectAccessControl {
30 /// entity: Entity::AllAuthenticatedUsers,
31 /// role: Role::Reader,
32 /// };
33 /// let default_acl = client.default_object_access_control().create("mybucket", &new_acl).await?;
34 /// # client.default_object_access_control().delete(default_acl).await?;
35 /// # Ok(())
36 /// # }
37 /// ```
38 pub async fn create(
39 &self,
40 bucket: &str,
41 new_acl: &NewDefaultObjectAccessControl,
42 ) -> crate::Result<DefaultObjectAccessControl> {
43 let url = format!(
44 "{}/b/{}/defaultObjectAcl",
45 crate::BASE_URL,
46 percent_encode(bucket)
47 );
48 let result: GoogleResponse<DefaultObjectAccessControl> = self
49 .0
50 .client
51 .post(&url)
52 .headers(self.0.get_headers().await?)
53 .json(new_acl)
54 .send()
55 .await?
56 .json()
57 .await?;
58 match result {
59 GoogleResponse::Success(mut s) => {
60 s.bucket = bucket.to_string();
61 Ok(s)
62 }
63 GoogleResponse::Error(e) => Err(e.into()),
64 }
65 }
66
67 /// Retrieves default object ACL entries on the specified bucket.
68 /// ### Important
69 /// Important: This method fails with a `400 Bad Request` response for buckets with uniform
70 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
71 /// control access instead.
72 /// ### Example
73 /// ```no_run
74 /// # #[tokio::main]
75 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
76 /// use cloud_storage::Client;
77 /// use cloud_storage::default_object_access_control::DefaultObjectAccessControl;
78 ///
79 /// let client = Client::default();
80 /// let default_acls = client.default_object_access_control().list("mybucket").await?;
81 /// # Ok(())
82 /// # }
83 /// ```
84 pub async fn list(&self, bucket: &str) -> crate::Result<Vec<DefaultObjectAccessControl>> {
85 let url = format!(
86 "{}/b/{}/defaultObjectAcl",
87 crate::BASE_URL,
88 percent_encode(bucket)
89 );
90 let result: GoogleResponse<ListResponse<DefaultObjectAccessControl>> = self
91 .0
92 .client
93 .get(&url)
94 .headers(self.0.get_headers().await?)
95 .send()
96 .await?
97 .json()
98 .await?;
99 match result {
100 GoogleResponse::Success(s) => Ok(s
101 .items
102 .into_iter()
103 .map(|item| DefaultObjectAccessControl {
104 bucket: bucket.to_string(),
105 ..item
106 })
107 .collect()),
108 GoogleResponse::Error(e) => Err(e.into()),
109 }
110 }
111
112 /// Read a single `DefaultObjectAccessControl`.
113 /// The `bucket` argument is the name of the bucket whose `DefaultObjectAccessControl` is to be
114 /// read, and the `entity` argument is the entity holding the permission. Options are
115 /// Can be "user-`userId`", "user-`email_address`", "group-`group_id`", "group-`email_address`",
116 /// "allUsers", or "allAuthenticatedUsers".
117 /// ### Important
118 /// Important: This method fails with a `400 Bad Request` response for buckets with uniform
119 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
120 /// control access instead.
121 /// ### Example
122 /// ```no_run
123 /// # #[tokio::main]
124 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
125 /// use cloud_storage::Client;
126 /// use cloud_storage::default_object_access_control::{DefaultObjectAccessControl, Entity};
127 ///
128 /// let client = Client::default();
129 /// let default_acl = client.default_object_access_control().read("mybucket", &Entity::AllUsers).await?;
130 /// # Ok(())
131 /// # }
132 /// ```
133 pub async fn read(
134 &self,
135 bucket: &str,
136 entity: &Entity,
137 ) -> crate::Result<DefaultObjectAccessControl> {
138 let url = format!(
139 "{}/b/{}/defaultObjectAcl/{}",
140 crate::BASE_URL,
141 percent_encode(bucket),
142 percent_encode(&entity.to_string()),
143 );
144 let result: GoogleResponse<DefaultObjectAccessControl> = self
145 .0
146 .client
147 .get(&url)
148 .headers(self.0.get_headers().await?)
149 .send()
150 .await?
151 .json()
152 .await?;
153 match result {
154 GoogleResponse::Success(mut s) => {
155 s.bucket = bucket.to_string();
156 Ok(s)
157 }
158 GoogleResponse::Error(e) => Err(e.into()),
159 }
160 }
161
162 /// Update the current `DefaultObjectAccessControl`.
163 /// ### Important
164 /// Important: This method fails with a `400 Bad Request` response for buckets with uniform
165 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
166 /// control access instead.
167 /// ### Example
168 /// ```no_run
169 /// # #[tokio::main]
170 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
171 /// use cloud_storage::Client;
172 /// use cloud_storage::default_object_access_control::{DefaultObjectAccessControl, Entity};
173 ///
174 /// let client = Client::default();
175 /// let mut default_acl = client.default_object_access_control().read("my_bucket", &Entity::AllUsers).await?;
176 /// default_acl.entity = Entity::AllAuthenticatedUsers;
177 /// client.default_object_access_control().update(&default_acl).await?;
178 /// # Ok(())
179 /// # }
180 /// ```
181 pub async fn update(
182 &self,
183 default_object_access_control: &DefaultObjectAccessControl,
184 ) -> crate::Result<DefaultObjectAccessControl> {
185 let url = format!(
186 "{}/b/{}/defaultObjectAcl/{}",
187 crate::BASE_URL,
188 percent_encode(&default_object_access_control.bucket),
189 percent_encode(&default_object_access_control.entity.to_string()),
190 );
191 let result: GoogleResponse<DefaultObjectAccessControl> = self
192 .0
193 .client
194 .put(&url)
195 .headers(self.0.get_headers().await?)
196 .json(default_object_access_control)
197 .send()
198 .await?
199 .json()
200 .await?;
201 match result {
202 GoogleResponse::Success(mut s) => {
203 s.bucket = default_object_access_control.bucket.to_string();
204 Ok(s)
205 }
206 GoogleResponse::Error(e) => Err(e.into()),
207 }
208 }
209
210 /// Delete this 'DefaultObjectAccessControl`.
211 /// ### Important
212 /// Important: This method fails with a `400 Bad Request` response for buckets with uniform
213 /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
214 /// control access instead.
215 /// ### Example
216 /// ```no_run
217 /// # #[tokio::main]
218 /// # async fn main() -> Result<(), Box<dyn std::error::Error>> {
219 /// use cloud_storage::Client;
220 /// use cloud_storage::default_object_access_control::{DefaultObjectAccessControl, Entity};
221 ///
222 /// let client = Client::default();
223 /// let mut default_acl = client.default_object_access_control().read("my_bucket", &Entity::AllUsers).await?;
224 /// client.default_object_access_control().delete(default_acl).await?;
225 /// # Ok(())
226 /// # }
227 /// ```
228 pub async fn delete(
229 &self,
230 default_object_access_control: DefaultObjectAccessControl,
231 ) -> Result<(), crate::Error> {
232 let url = format!(
233 "{}/b/{}/defaultObjectAcl/{}",
234 crate::BASE_URL,
235 percent_encode(&default_object_access_control.bucket),
236 percent_encode(&default_object_access_control.entity.to_string()),
237 );
238 let response = self
239 .0
240 .client
241 .delete(&url)
242 .headers(self.0.get_headers().await?)
243 .send()
244 .await?;
245 if response.status().is_success() {
246 Ok(())
247 } else {
248 Err(crate::Error::Google(response.json().await?))
249 }
250 }
251}