def Run(self, args): api_version = util.GetApiFromTrack(self.ReleaseTrack()) dns_client = util.GetApiClient(api_version) messages = apis.GetMessagesModule('dns', api_version) zone_ref = args.CONCEPTS.zone.Parse() resource_name = 'projects/{0}/managedZones/{1}'.format( zone_ref.project, zone_ref.managedZone) policy, update_mask = iam_util.ParsePolicyFileWithUpdateMask( args.policy_file, messages.GoogleIamV1Policy) req = messages.DnsProjectsManagedZonesSetIamPolicyRequest( resource=resource_name, googleIamV1SetIamPolicyRequest=messages. GoogleIamV1SetIamPolicyRequest(policy=policy, updateMask=update_mask)) return dns_client.projects_managedZones.SetIamPolicy(req)
def Run(self_, args): """Called when command is executed.""" # Default Policy message and set IAM request message field names policy_type_name = 'Policy' policy_request_path = 'setIamPolicyRequest' # Use Policy message and set IAM request field name overrides for API's # with non-standard naming (if provided) if self.spec.iam: if 'policy' in self.spec.iam.message_type_overrides: policy_type_name = (self.spec.iam .message_type_overrides['policy'] or policy_type_name) policy_request_path = (self.spec.iam.set_iam_policy_request_path or policy_request_path) policy_field_path = policy_request_path + '.policy' policy_type = self.method.GetMessageByName(policy_type_name) if not policy_type: raise ValueError('Policy type [{}] not found.'.format( policy_type_name)) policy, update_mask = iam_util.ParsePolicyFileWithUpdateMask( args.policy_file, policy_type) # override policy version if self.spec.iam and self.spec.iam.policy_version: policy.version = self.spec.iam.policy_version self.spec.request.static_fields[policy_field_path] = policy self._SetPolicyUpdateMask(update_mask) try: ref, response = self._CommonRun(args) except HttpBadRequestError as ex: log.err.Print( 'ERROR: Policy modification failed. For bindings with conditions' ', run "gcloud alpha iam policies lint-condition" to identify ' 'issues in conditions.' ) raise ex iam_util.LogSetIamPolicy(ref.Name(), self.display_resource_type) return self._HandleResponse(response, args)
def SetIamPolicy(models_client, model, policy_file): model_ref = ParseModel(model) policy, update_mask = iam_util.ParsePolicyFileWithUpdateMask( policy_file, models_client.messages.GoogleIamV1Policy) iam_util.LogSetIamPolicy(model_ref.Name(), 'model') return models_client.SetIamPolicy(model_ref, policy, update_mask)
def SetInstanceIamPolicy(instance_ref, policy): """Sets the IAM policy on an instance.""" msgs = apis.GetMessagesModule('spanner', 'v1') policy, field_mask = iam_util.ParsePolicyFileWithUpdateMask( policy, msgs.Policy) return instances.SetPolicy(instance_ref, policy, field_mask)