cloud_storage/client/
object_access_control.rs

1use crate::{
2    bucket_access_control::Entity,
3    error::GoogleResponse,
4    object::percent_encode,
5    object_access_control::{NewObjectAccessControl, ObjectAccessControl},
6    resources::common::ListResponse,
7};
8
9/// Operations on [`ObjectAccessControl`](ObjectAccessControl)s.
10#[derive(Debug)]
11pub struct ObjectAccessControlClient<'a>(pub(super) &'a super::Client);
12
13impl<'a> ObjectAccessControlClient<'a> {
14    /// Creates a new ACL entry on the specified `object`.
15    ///
16    /// ### Important
17    /// This method fails with a 400 Bad Request response for buckets with uniform
18    /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
19    /// control access instead.
20    pub async fn create(
21        &self,
22        bucket: &str,
23        object: &str,
24        new_object_access_control: &NewObjectAccessControl,
25    ) -> crate::Result<ObjectAccessControl> {
26        let url = format!(
27            "{}/b/{}/o/{}/acl",
28            crate::BASE_URL,
29            percent_encode(bucket),
30            percent_encode(object),
31        );
32        let result: GoogleResponse<ObjectAccessControl> = self
33            .0
34            .client
35            .post(&url)
36            .headers(self.0.get_headers().await?)
37            .json(new_object_access_control)
38            .send()
39            .await?
40            .json()
41            .await?;
42        match result {
43            GoogleResponse::Success(s) => Ok(s),
44            GoogleResponse::Error(e) => Err(e.into()),
45        }
46    }
47
48    /// Retrieves `ACL` entries on the specified object.
49    ///
50    /// ### Important
51    /// Important: This method fails with a 400 Bad Request response for buckets with uniform
52    /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
53    /// control access instead.
54    pub async fn list(
55        &self,
56        bucket: &str,
57        object: &str,
58    ) -> crate::Result<Vec<ObjectAccessControl>> {
59        let url = format!(
60            "{}/b/{}/o/{}/acl",
61            crate::BASE_URL,
62            percent_encode(bucket),
63            percent_encode(object),
64        );
65        let result: GoogleResponse<ListResponse<ObjectAccessControl>> = self
66            .0
67            .client
68            .get(&url)
69            .headers(self.0.get_headers().await?)
70            .send()
71            .await?
72            .json()
73            .await?;
74        match result {
75            GoogleResponse::Success(s) => Ok(s.items),
76            GoogleResponse::Error(e) => Err(e.into()),
77        }
78    }
79
80    /// Returns the `ACL` entry for the specified entity on the specified bucket.
81    ///
82    /// ### Important
83    /// Important: This method fails with a 400 Bad Request response for buckets with uniform
84    /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
85    /// control access instead.
86    pub async fn read(
87        &self,
88        bucket: &str,
89        object: &str,
90        entity: &Entity,
91    ) -> crate::Result<ObjectAccessControl> {
92        let url = format!(
93            "{}/b/{}/o/{}/acl/{}",
94            crate::BASE_URL,
95            percent_encode(bucket),
96            percent_encode(object),
97            percent_encode(&entity.to_string())
98        );
99        let result: GoogleResponse<ObjectAccessControl> = self
100            .0
101            .client
102            .get(&url)
103            .headers(self.0.get_headers().await?)
104            .send()
105            .await?
106            .json()
107            .await?;
108        match result {
109            GoogleResponse::Success(s) => Ok(s),
110            GoogleResponse::Error(e) => Err(e.into()),
111        }
112    }
113
114    /// Updates an ACL entry on the specified object.
115    ///
116    /// ### Important
117    /// Important: This method fails with a 400 Bad Request response for buckets with uniform
118    /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
119    /// control access instead.
120    pub async fn update(
121        &self,
122        object_access_control: &ObjectAccessControl,
123    ) -> crate::Result<ObjectAccessControl> {
124        let url = format!(
125            "{}/b/{}/o/{}/acl/{}",
126            crate::BASE_URL,
127            percent_encode(&object_access_control.bucket),
128            percent_encode(&object_access_control.object),
129            percent_encode(&object_access_control.entity.to_string()),
130        );
131        let result: GoogleResponse<ObjectAccessControl> = self
132            .0
133            .client
134            .put(&url)
135            .headers(self.0.get_headers().await?)
136            .json(object_access_control)
137            .send()
138            .await?
139            .json()
140            .await?;
141        match result {
142            GoogleResponse::Success(s) => Ok(s),
143            GoogleResponse::Error(e) => Err(e.into()),
144        }
145    }
146
147    /// Permanently deletes the ACL entry for the specified entity on the specified object.
148    ///
149    /// ### Important
150    /// Important: This method fails with a 400 Bad Request response for buckets with uniform
151    /// bucket-level access enabled. Use `Bucket::get_iam_policy` and `Bucket::set_iam_policy` to
152    /// control access instead.
153    pub async fn delete(&self, object_access_control: ObjectAccessControl) -> crate::Result<()> {
154        let url = format!(
155            "{}/b/{}/o/{}/acl/{}",
156            crate::BASE_URL,
157            percent_encode(&object_access_control.bucket),
158            percent_encode(&object_access_control.object),
159            percent_encode(&object_access_control.entity.to_string()),
160        );
161        let response = self
162            .0
163            .client
164            .delete(&url)
165            .headers(self.0.get_headers().await?)
166            .send()
167            .await?;
168        if response.status().is_success() {
169            Ok(())
170        } else {
171            Err(crate::Error::Google(response.json().await?))
172        }
173    }
174}
cloud_storage/client/object_access_control.rs

cloud_storage/client/
object_access_control.rs
