def GetTestablePermissions(iam_client, messages, resource):
"""Returns the testable permissions for a resource.
Args:
iam_client: The iam client.
messages: The iam messages.
resource: Resource reference.
Returns:
List of permissions.
"""
return list_pager.YieldFromList(
iam_client.permissions,
messages.QueryTestablePermissionsRequest(
fullResourceName=iam_util.GetResourceName(resource), pageSize=1000),
batch_size=1000,
method='QueryTestablePermissions',
field='permissions',
batch_size_attribute='pageSize')
def Run(self, args):
resource = None
if args.resource.startswith('//'):
resource = args.resource
elif args.resource.startswith('http'):
resource = iam_util.GetResourceName(
resources.REGISTRY.Parse(args.resource))
if not resource:
raise exceptions.InvalidResourceException(
'The given resource is not a valid full resource name or URL.')
client, messages = util.GetClientAndMessages()
return list_pager.YieldFromList(
client.permissions,
messages.QueryTestablePermissionsRequest(
fullResourceName=resource),
field='permissions',
method='QueryTestablePermissions',
batch_size_attribute='pageSize')
def Run(self, args):
iam_client = apis.GetClientInstance('iam', 'v1')
messages = apis.GetMessagesModule('iam', 'v1')
resource = None
if args.resource.startswith('//'):
resource = args.resource
elif args.resource.startswith('http'):
resource = iam_util.GetResourceName(
self.resources.REGISTRY.Parse(args.resource))
if not resource:
raise exceptions.ToolException(
'The given resource is not a valid full resource name or URL.')
return list_pager.YieldFromList(
iam_client.permissions,
messages.QueryTestablePermissionsRequest(
fullResourceName=resource),
field='permissions',
method='QueryTestablePermissions',
batch_size_attribute='pageSize')
def Run(self, args):
resource = None
if args.resource.startswith('//'):
# The atomic resource path inputted, just use this
resource = args.resource
if args.resource.startswith('http'):
# This is a full resource URL that needs to be converted to an atomic path
resource_ref = self.resources.REGISTRY.Parse(args.resource)
resource = iam_util.GetResourceName(resource_ref)
if not resource:
raise exceptions.ToolException(
'The given resource is not a valid full resource name or URL.')
return list_pager.YieldFromList(
self.iam_client.roles,
self.messages.QueryGrantableRolesRequest(fullResourceName=resource),
field='roles',
method='QueryGrantableRoles',
batch_size=args.page_size,
batch_size_attribute='pageSize')