Skip to content

Commit 8f9f96b

Browse files
committed
Add project role identities to the Identity helper
In addition to the standard IAM identities, project membership identities are also supported. For instance, a role can be applied to only the Editors of a project.
1 parent a32c41a commit 8f9f96b

2 files changed

Lines changed: 91 additions & 1 deletion

File tree

google-cloud-core/src/main/java/com/google/cloud/Identity.java

Lines changed: 52 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -78,7 +78,22 @@ public enum Type {
7878
/**
7979
* Represents all the users of a Google Apps domain name.
8080
*/
81-
DOMAIN
81+
DOMAIN,
82+
83+
/**
84+
* Represents owners of a Google Cloud Platform project.
85+
*/
86+
PROJECT_OWNER,
87+
88+
/**
89+
* Represents editors of a Google Cloud Platform project.
90+
*/
91+
PROJECT_EDITOR,
92+
93+
/**
94+
* Represents viewers of a Google Cloud Platform project.
95+
*/
96+
PROJECT_VIEWER
8297
}
8398

8499
private Identity(Type type, String value) {
@@ -161,6 +176,30 @@ public static Identity group(String email) {
161176
public static Identity domain(String domain) {
162177
return new Identity(Type.DOMAIN, checkNotNull(domain));
163178
}
179+
180+
/**
181+
* Returns a new project owner identity.
182+
* @param projectId A Google Cloud Platform project ID. For example, <I>my-sample-project</I>.
183+
*/
184+
public static Identity projectOwner(String projectId) {
185+
return new Identity(Type.PROJECT_OWNER, checkNotNull(projectId));
186+
}
187+
188+
/**
189+
* Returns a new project editor identity.
190+
* @param projectId A Google Cloud Platform project ID. For example, <I>my-sample-project</I>.
191+
*/
192+
public static Identity projectEditor(String projectId) {
193+
return new Identity(Type.PROJECT_EDITOR, checkNotNull(projectId));
194+
}
195+
196+
/**
197+
* Returns a new project viewer identity.
198+
* @param projectId A Google Cloud Platform project ID. For example, <I>my-sample-project</I>.
199+
*/
200+
public static Identity projectViewer(String projectId) {
201+
return new Identity(Type.PROJECT_VIEWER, checkNotNull(projectId));
202+
}
164203

165204
@Override
166205
public String toString() {
@@ -199,6 +238,12 @@ public String strValue() {
199238
return "group:" + value;
200239
case DOMAIN:
201240
return "domain:" + value;
241+
case PROJECT_OWNER:
242+
return "projectOwner:" + value;
243+
case PROJECT_EDITOR:
244+
return "projectEditor:" + value;
245+
case PROJECT_VIEWER:
246+
return "projectViewer:" + value;
202247
default:
203248
throw new IllegalStateException("Unexpected identity type: " + type);
204249
}
@@ -224,6 +269,12 @@ public static Identity valueOf(String identityStr) {
224269
return Identity.group(info[1]);
225270
case DOMAIN:
226271
return Identity.domain(info[1]);
272+
case PROJECT_OWNER:
273+
return Identity.projectOwner(info[1]);
274+
case PROJECT_EDITOR:
275+
return Identity.projectEditor(info[1]);
276+
case PROJECT_VIEWER:
277+
return Identity.projectViewer(info[1]);
227278
default:
228279
throw new IllegalStateException("Unexpected identity type " + type);
229280
}

google-cloud-core/src/test/java/com/google/cloud/IdentityTest.java

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ public class IdentityTest {
3030
Identity.serviceAccount("service-account@gmail.com");
3131
private static final Identity GROUP = Identity.group("group@gmail.com");
3232
private static final Identity DOMAIN = Identity.domain("google.com");
33+
private static final Identity PROJECT_OWNER = Identity.projectOwner("my-sample-project");
34+
private static final Identity PROJECT_EDITOR = Identity.projectEditor("my-sample-project");
35+
private static final Identity PROJECT_VIEWER = Identity.projectViewer("my-sample-project");
3336

3437
@Test
3538
public void testAllUsers() {
@@ -93,6 +96,39 @@ public void testDomainNullId() {
9396
Identity.domain(null);
9497
}
9598

99+
@Test
100+
public void testProjectOwner() {
101+
assertEquals(Identity.Type.PROJECT_OWNER, PROJECT_OWNER.getType());
102+
assertEquals("my-sample-project", PROJECT_OWNER.getValue());
103+
}
104+
105+
@Test(expected = NullPointerException.class)
106+
public void testProjectOwnerNullId() {
107+
Identity.projectOwner(null);
108+
}
109+
110+
@Test
111+
public void testProjectEditor() {
112+
assertEquals(Identity.Type.PROJECT_EDITOR, PROJECT_EDITOR.getType());
113+
assertEquals("my-sample-project", PROJECT_EDITOR.getValue());
114+
}
115+
116+
@Test(expected = NullPointerException.class)
117+
public void testProjectEditorNullId() {
118+
Identity.projectEditor(null);
119+
}
120+
121+
@Test
122+
public void testProjectViewer() {
123+
assertEquals(Identity.Type.PROJECT_VIEWER, PROJECT_VIEWER.getType());
124+
assertEquals("my-sample-project", PROJECT_VIEWER.getValue());
125+
}
126+
127+
@Test(expected = NullPointerException.class)
128+
public void testProjectViewerNullId() {
129+
Identity.projectViewer(null);
130+
}
131+
96132
@Test
97133
public void testIdentityToAndFromPb() {
98134
compareIdentities(ALL_USERS, Identity.valueOf(ALL_USERS.strValue()));
@@ -101,6 +137,9 @@ public void testIdentityToAndFromPb() {
101137
compareIdentities(SERVICE_ACCOUNT, Identity.valueOf(SERVICE_ACCOUNT.strValue()));
102138
compareIdentities(GROUP, Identity.valueOf(GROUP.strValue()));
103139
compareIdentities(DOMAIN, Identity.valueOf(DOMAIN.strValue()));
140+
compareIdentities(PROJECT_OWNER, Identity.valueOf(PROJECT_OWNER.strValue()));
141+
compareIdentities(PROJECT_EDITOR, Identity.valueOf(PROJECT_EDITOR.strValue()));
142+
compareIdentities(PROJECT_VIEWER, Identity.valueOf(PROJECT_VIEWER.strValue()));
104143
}
105144

106145
private void compareIdentities(Identity expected, Identity actual) {

0 commit comments

Comments
 (0)