Exemplos de TestIamPermissions em Python

Exemplo n.º 1

Arquivo: get_credentials.py Projeto: iofh/QA-System

  def RunIamCheck(self, project_id):
    project_ref = project_util.ParseProject(project_id)
    result = projects_api.TestIamPermissions(project_ref, REQUIRED_PERMISSIONS)
    granted_permissions = result.permissions

    if set(REQUIRED_PERMISSIONS) != set(granted_permissions):
      raise Exception("caller doesn't have sufficient permission.")

Exemplo n.º 2

Arquivo: get_credentials.py Projeto: google-cloud-sdk-unofficial/google-cloud-sdk

    def RunIamCheck(self, project_id):
        project_ref = project_util.ParseProject(project_id)
        result = projects_api.TestIamPermissions(project_ref,
                                                 REQUIRED_PERMISSIONS)
        granted_permissions = result.permissions

        if set(REQUIRED_PERMISSIONS) != set(granted_permissions):
            raise memberships_errors.InsufficientPermissionsError()

Exemplo n.º 3

def _AdcHasGivenPermissionOnProjectHelper(project_ref, permissions):
  cred_file_override_old = properties.VALUES.auth.credential_file_override.Get()
  try:
    properties.VALUES.auth.credential_file_override.Set(config.ADCFilePath())
    granted_permissions = projects_api.TestIamPermissions(
        project_ref, permissions).permissions
    return set(permissions) == set(granted_permissions)
  finally:
    properties.VALUES.auth.credential_file_override.Set(cred_file_override_old)

Exemplo n.º 4

Arquivo: projects_api_test.py Projeto: piotradamczyk5/gcloud_cli

 def testTestIamPermissions(self):
   requested_permissions = ['storage.buckets.create', 'storage.buckets.delete']
   expected_permissions = ['storage.buckets.create']
   test_project = util.GetTestActiveProject()
   test_project_ref = command_lib_util.ParseProject(test_project.projectId)
   self.mock_client.projects.TestIamPermissions.Expect(
       self.messages.CloudresourcemanagerProjectsTestIamPermissionsRequest(
           resource=test_project_ref.Name(),
           testIamPermissionsRequest=self.messages.TestIamPermissionsRequest(
               permissions=requested_permissions)),
       self.messages.TestIamPermissionsResponse(
           permissions=expected_permissions))
   response = projects_api.TestIamPermissions(test_project_ref,
                                              requested_permissions)
   self.assertEqual(response.permissions, expected_permissions)

Exemplo n.º 5

def CheckCreateCertificateAuthorityPermissions(project_ref, kms_key_ref):
    """Ensures that the current user has the required permissions to create a CA.

  Args:
    project_ref: The project where the new CA will be created.
    kms_key_ref: The KMS key that will be used by the CA.

  Raises:
    InsufficientPermissionException: If the user is missing permissions.
  """
    _CheckAllPermissions(
        projects_api.TestIamPermissions(
            project_ref, _CA_CREATE_PERMISSIONS_ON_PROJECT).permissions,
        _CA_CREATE_PERMISSIONS_ON_PROJECT, 'project')
    _CheckAllPermissions(
        kms_iam.TestCryptoKeyIamPermissions(
            kms_key_ref, _CA_CREATE_PERMISSIONS_ON_KEY).permissions,
        _CA_CREATE_PERMISSIONS_ON_KEY, 'KMS key')

Exemplo n.º 6

Arquivo: requests.py Projeto: google-cloud-sdk-unofficial/google-cloud-sdk

def TestRedirectionIAMPermission(project):
    """Tests the user has the storage.buckets.update IAM permission on the project."""
    project_ref = project_util.ParseProject(project)
    result = projects_api.TestIamPermissions(project_ref, REDIRECT_PERMISSIONS)
    return set(REDIRECT_PERMISSIONS) == set(result.permissions)