def test_set_iam_policy(self): from google.cloud.bigtable_admin_v2.gapic import ( bigtable_instance_admin_client) from google.iam.v1 import policy_pb2 from google.cloud.bigtable.policy import Policy from google.cloud.bigtable.policy import BIGTABLE_ADMIN_ROLE credentials = _make_credentials() client = self._make_client(project=self.PROJECT, credentials=credentials, admin=True) instance = self._make_one(self.INSTANCE_ID, client) version = 1 etag = b'etag_v1' members = [ 'serviceAccount:[email protected]', 'user:[email protected]', ] bindings = [{'role': BIGTABLE_ADMIN_ROLE, 'members': members}] iam_policy_pb = policy_pb2.Policy(version=version, etag=etag, bindings=bindings) # Patch the stub used by the API method. instance_api = mock.create_autospec( bigtable_instance_admin_client.BigtableInstanceAdminClient) instance_api.set_iam_policy.return_value = iam_policy_pb client._instance_admin_client = instance_api # Perform the method and check the result. iam_policy = Policy(etag=etag, version=version) iam_policy[BIGTABLE_ADMIN_ROLE] = [ Policy.user("*****@*****.**"), Policy.service_account("*****@*****.**"), ] result = instance.set_iam_policy(iam_policy) instance_api.set_iam_policy.assert_called_once_with( resource=instance.name, policy={ 'version': version, 'etag': etag, 'bindings': bindings, }, ) self.assertEqual(result.version, version) self.assertEqual(result.etag, etag) admins = result.bigtable_admins self.assertEqual(len(admins), len(members)) for found, expected in zip(sorted(admins), sorted(members)): self.assertEqual(found, expected)
def test_set_iam_policy(self): from google.cloud.bigtable.client import Client from google.cloud.bigtable_admin_v2.services.bigtable_table_admin import ( BigtableTableAdminClient, ) from google.iam.v1 import policy_pb2 from google.cloud.bigtable.policy import Policy from google.cloud.bigtable.policy import BIGTABLE_ADMIN_ROLE credentials = _make_credentials() client = Client(project=self.PROJECT_ID, credentials=credentials, admin=True) instance = client.instance(instance_id=self.INSTANCE_ID) backup = self._make_one(self.BACKUP_ID, instance, cluster_id=self.CLUSTER_ID) version = 1 etag = b"etag_v1" members = [ "serviceAccount:[email protected]", "user:[email protected]" ] bindings = [{"role": BIGTABLE_ADMIN_ROLE, "members": sorted(members)}] iam_policy_pb = policy_pb2.Policy(version=version, etag=etag, bindings=bindings) table_api = mock.create_autospec(BigtableTableAdminClient) client._table_admin_client = table_api table_api.set_iam_policy.return_value = iam_policy_pb iam_policy = Policy(etag=etag, version=version) iam_policy[BIGTABLE_ADMIN_ROLE] = [ Policy.user("*****@*****.**"), Policy.service_account("*****@*****.**"), ] result = backup.set_iam_policy(iam_policy) table_api.set_iam_policy.assert_called_once_with( request={ "resource": backup.name, "policy": iam_policy_pb }) self.assertEqual(result.version, version) self.assertEqual(result.etag, etag) admins = result.bigtable_admins self.assertEqual(len(admins), len(members)) for found, expected in zip(sorted(admins), sorted(members)): self.assertEqual(found, expected)
def test_set_iam_policy(self): from google.cloud.bigtable_admin_v2.gapic import ( bigtable_instance_admin_client) from google.iam.v1 import iam_policy_pb2 from google.iam.v1 import policy_pb2 from google.cloud.bigtable.policy import Policy from google.cloud.bigtable.policy import BIGTABLE_ADMIN_ROLE credentials = _make_credentials() client = self._make_client(project=self.PROJECT, credentials=credentials, admin=True) instance = self._make_one(self.INSTANCE_ID, client) version = 1 etag = b'etag_v1' bindings = [{'role': BIGTABLE_ADMIN_ROLE, 'members': ['serviceAccount:[email protected]', 'user:[email protected]']}] expected_request_policy = policy_pb2.Policy(version=version, etag=etag, bindings=bindings) expected_request = iam_policy_pb2.SetIamPolicyRequest( resource=instance.name, policy=expected_request_policy ) # Patch the stub used by the API method. channel = ChannelStub(responses=[expected_request_policy]) instance_api = ( bigtable_instance_admin_client.BigtableInstanceAdminClient( channel=channel)) client._instance_admin_client = instance_api # Perform the method and check the result. policy_request = Policy(etag=etag, version=version) policy_request[BIGTABLE_ADMIN_ROLE] = [Policy.user("*****@*****.**"), Policy.service_account( "*****@*****.**")] result = instance.set_iam_policy(policy_request) actual_request = channel.requests[0][1] self.assertEqual(actual_request, expected_request) self.assertEqual(result.bigtable_admins, policy_request.bigtable_admins)
def test_bigtable_set_iam_policy(): # [START bigtable_set_iam_policy] from google.cloud.bigtable import Client from google.cloud.bigtable.policy import Policy from google.cloud.bigtable.policy import BIGTABLE_ADMIN_ROLE client = Client(admin=True) instance = client.instance(INSTANCE_ID) instance.reload() ins_policy = Policy() ins_policy[BIGTABLE_ADMIN_ROLE] = [ Policy.user("*****@*****.**"), Policy.service_account("*****@*****.**")] policy_latest = instance.set_iam_policy(ins_policy) # [END bigtable_set_iam_policy] assert len(policy_latest.bigtable_admins) is not 0
def test_set_iam_policy(self): from google.cloud.bigtable_admin_v2.gapic import bigtable_instance_admin_client from google.iam.v1 import policy_pb2 from google.cloud.bigtable.policy import Policy from google.cloud.bigtable.policy import BIGTABLE_ADMIN_ROLE credentials = _make_credentials() client = self._make_client( project=self.PROJECT, credentials=credentials, admin=True ) instance = self._make_one(self.INSTANCE_ID, client) version = 1 etag = b"etag_v1" members = ["serviceAccount:[email protected]", "user:[email protected]"] bindings = [{"role": BIGTABLE_ADMIN_ROLE, "members": members}] iam_policy_pb = policy_pb2.Policy(version=version, etag=etag, bindings=bindings) # Patch the stub used by the API method. instance_api = mock.create_autospec( bigtable_instance_admin_client.BigtableInstanceAdminClient ) instance_api.set_iam_policy.return_value = iam_policy_pb client._instance_admin_client = instance_api # Perform the method and check the result. iam_policy = Policy(etag=etag, version=version) iam_policy[BIGTABLE_ADMIN_ROLE] = [ Policy.user("*****@*****.**"), Policy.service_account("*****@*****.**"), ] result = instance.set_iam_policy(iam_policy) instance_api.set_iam_policy.assert_called_once_with( resource=instance.name, policy={"version": version, "etag": etag, "bindings": bindings}, ) self.assertEqual(result.version, version) self.assertEqual(result.etag, etag) admins = result.bigtable_admins self.assertEqual(len(admins), len(members)) for found, expected in zip(sorted(admins), sorted(members)): self.assertEqual(found, expected)
def test_instance_set_iam_policy(): from google.iam.v1 import policy_pb2 from google.cloud.bigtable.policy import Policy from google.cloud.bigtable.policy import BIGTABLE_ADMIN_ROLE credentials = _make_credentials() client = _make_client(project=PROJECT, credentials=credentials, admin=True) instance = _make_instance(INSTANCE_ID, client) version = 1 etag = b"etag_v1" members = ["serviceAccount:[email protected]", "user:[email protected]"] bindings = [{"role": BIGTABLE_ADMIN_ROLE, "members": sorted(members)}] iam_policy_pb = policy_pb2.Policy(version=version, etag=etag, bindings=bindings) api = client._instance_admin_client = _make_instance_admin_api() api.set_iam_policy.return_value = iam_policy_pb iam_policy = Policy(etag=etag, version=version) iam_policy[BIGTABLE_ADMIN_ROLE] = [ Policy.user("*****@*****.**"), Policy.service_account("*****@*****.**"), ] result = instance.set_iam_policy(iam_policy) api.set_iam_policy.assert_called_once_with(request={ "resource": instance.name, "policy": iam_policy_pb }) assert result.version == version assert result.etag == etag admins = result.bigtable_admins assert len(admins) == len(members) for found, expected in zip(sorted(admins), sorted(members)): assert found == expected