2022-04-12 11:51:54 +02:00
|
|
|
// Copyright 2022 Google LLC
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
package storage
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
"net/url"
|
|
|
|
"os"
|
2022-05-20 13:48:16 +02:00
|
|
|
"reflect"
|
2022-04-12 11:51:54 +02:00
|
|
|
"strings"
|
|
|
|
|
|
|
|
"golang.org/x/oauth2/google"
|
|
|
|
"google.golang.org/api/googleapi"
|
2022-05-20 13:48:16 +02:00
|
|
|
"google.golang.org/api/iterator"
|
2022-04-12 11:51:54 +02:00
|
|
|
"google.golang.org/api/option"
|
|
|
|
"google.golang.org/api/option/internaloption"
|
|
|
|
raw "google.golang.org/api/storage/v1"
|
|
|
|
"google.golang.org/api/transport"
|
|
|
|
htransport "google.golang.org/api/transport/http"
|
|
|
|
iampb "google.golang.org/genproto/googleapis/iam/v1"
|
|
|
|
)
|
|
|
|
|
|
|
|
// httpStorageClient is the HTTP-JSON API implementation of the transport-agnostic
|
|
|
|
// storageClient interface.
|
|
|
|
//
|
|
|
|
// This is an experimental API and not intended for public use.
|
|
|
|
type httpStorageClient struct {
|
|
|
|
creds *google.Credentials
|
|
|
|
hc *http.Client
|
|
|
|
readHost string
|
|
|
|
raw *raw.Service
|
|
|
|
scheme string
|
|
|
|
settings *settings
|
|
|
|
}
|
|
|
|
|
|
|
|
// newHTTPStorageClient initializes a new storageClient that uses the HTTP-JSON
|
|
|
|
// Storage API.
|
|
|
|
//
|
|
|
|
// This is an experimental API and not intended for public use.
|
|
|
|
func newHTTPStorageClient(ctx context.Context, opts ...storageOption) (storageClient, error) {
|
|
|
|
s := initSettings(opts...)
|
|
|
|
o := s.clientOption
|
|
|
|
|
|
|
|
var creds *google.Credentials
|
|
|
|
// In general, it is recommended to use raw.NewService instead of htransport.NewClient
|
|
|
|
// since raw.NewService configures the correct default endpoints when initializing the
|
|
|
|
// internal http client. However, in our case, "NewRangeReader" in reader.go needs to
|
|
|
|
// access the http client directly to make requests, so we create the client manually
|
|
|
|
// here so it can be re-used by both reader.go and raw.NewService. This means we need to
|
|
|
|
// manually configure the default endpoint options on the http client. Furthermore, we
|
|
|
|
// need to account for STORAGE_EMULATOR_HOST override when setting the default endpoints.
|
|
|
|
if host := os.Getenv("STORAGE_EMULATOR_HOST"); host == "" {
|
|
|
|
// Prepend default options to avoid overriding options passed by the user.
|
|
|
|
o = append([]option.ClientOption{option.WithScopes(ScopeFullControl, "https://www.googleapis.com/auth/cloud-platform"), option.WithUserAgent(userAgent)}, o...)
|
|
|
|
|
|
|
|
o = append(o, internaloption.WithDefaultEndpoint("https://storage.googleapis.com/storage/v1/"))
|
|
|
|
o = append(o, internaloption.WithDefaultMTLSEndpoint("https://storage.mtls.googleapis.com/storage/v1/"))
|
|
|
|
|
|
|
|
// Don't error out here. The user may have passed in their own HTTP
|
|
|
|
// client which does not auth with ADC or other common conventions.
|
|
|
|
c, err := transport.Creds(ctx, o...)
|
|
|
|
if err == nil {
|
|
|
|
creds = c
|
|
|
|
o = append(o, internaloption.WithCredentials(creds))
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
var hostURL *url.URL
|
|
|
|
|
|
|
|
if strings.Contains(host, "://") {
|
|
|
|
h, err := url.Parse(host)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
hostURL = h
|
|
|
|
} else {
|
|
|
|
// Add scheme for user if not supplied in STORAGE_EMULATOR_HOST
|
|
|
|
// URL is only parsed correctly if it has a scheme, so we build it ourselves
|
|
|
|
hostURL = &url.URL{Scheme: "http", Host: host}
|
|
|
|
}
|
|
|
|
|
|
|
|
hostURL.Path = "storage/v1/"
|
|
|
|
endpoint := hostURL.String()
|
|
|
|
|
|
|
|
// Append the emulator host as default endpoint for the user
|
|
|
|
o = append([]option.ClientOption{option.WithoutAuthentication()}, o...)
|
|
|
|
|
|
|
|
o = append(o, internaloption.WithDefaultEndpoint(endpoint))
|
|
|
|
o = append(o, internaloption.WithDefaultMTLSEndpoint(endpoint))
|
|
|
|
}
|
|
|
|
s.clientOption = o
|
|
|
|
|
|
|
|
// htransport selects the correct endpoint among WithEndpoint (user override), WithDefaultEndpoint, and WithDefaultMTLSEndpoint.
|
|
|
|
hc, ep, err := htransport.NewClient(ctx, s.clientOption...)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("dialing: %v", err)
|
|
|
|
}
|
|
|
|
// RawService should be created with the chosen endpoint to take account of user override.
|
|
|
|
rawService, err := raw.NewService(ctx, option.WithEndpoint(ep), option.WithHTTPClient(hc))
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("storage client: %v", err)
|
|
|
|
}
|
|
|
|
// Update readHost and scheme with the chosen endpoint.
|
|
|
|
u, err := url.Parse(ep)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("supplied endpoint %q is not valid: %v", ep, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return &httpStorageClient{
|
|
|
|
creds: creds,
|
|
|
|
hc: hc,
|
|
|
|
readHost: u.Host,
|
|
|
|
raw: rawService,
|
|
|
|
scheme: u.Scheme,
|
|
|
|
settings: s,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *httpStorageClient) Close() error {
|
|
|
|
c.hc.CloseIdleConnections()
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Top-level methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) GetServiceAccount(ctx context.Context, project string, opts ...storageOption) (string, error) {
|
2022-05-20 13:48:16 +02:00
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
call := c.raw.Projects.ServiceAccount.Get(project)
|
|
|
|
var res *raw.ServiceAccount
|
|
|
|
err := run(ctx, func() error {
|
|
|
|
var err error
|
|
|
|
res, err = call.Context(ctx).Do()
|
|
|
|
return err
|
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(call))
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
return res.EmailAddress, nil
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *httpStorageClient) CreateBucket(ctx context.Context, project string, attrs *BucketAttrs, opts ...storageOption) (*BucketAttrs, error) {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
var bkt *raw.Bucket
|
|
|
|
if attrs != nil {
|
|
|
|
bkt = attrs.toRawBucket()
|
|
|
|
} else {
|
|
|
|
bkt = &raw.Bucket{}
|
|
|
|
}
|
|
|
|
|
|
|
|
// If there is lifecycle information but no location, explicitly set
|
|
|
|
// the location. This is a GCS quirk/bug.
|
|
|
|
if bkt.Location == "" && bkt.Lifecycle != nil {
|
|
|
|
bkt.Location = "US"
|
|
|
|
}
|
|
|
|
req := c.raw.Buckets.Insert(project, bkt)
|
|
|
|
setClientHeader(req.Header())
|
|
|
|
if attrs != nil && attrs.PredefinedACL != "" {
|
|
|
|
req.PredefinedAcl(attrs.PredefinedACL)
|
|
|
|
}
|
|
|
|
if attrs != nil && attrs.PredefinedDefaultObjectACL != "" {
|
|
|
|
req.PredefinedDefaultObjectAcl(attrs.PredefinedDefaultObjectACL)
|
|
|
|
}
|
|
|
|
var battrs *BucketAttrs
|
|
|
|
err := run(ctx, func() error {
|
|
|
|
b, err := req.Context(ctx).Do()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
battrs, err = newBucket(b)
|
|
|
|
return err
|
2022-05-20 13:48:16 +02:00
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
2022-04-12 11:51:54 +02:00
|
|
|
return battrs, err
|
|
|
|
}
|
|
|
|
|
2022-05-20 13:48:16 +02:00
|
|
|
func (c *httpStorageClient) ListBuckets(ctx context.Context, project string, opts ...storageOption) *BucketIterator {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
it := &BucketIterator{
|
|
|
|
ctx: ctx,
|
|
|
|
projectID: project,
|
|
|
|
}
|
|
|
|
|
|
|
|
fetch := func(pageSize int, pageToken string) (token string, err error) {
|
|
|
|
req := c.raw.Buckets.List(it.projectID)
|
|
|
|
setClientHeader(req.Header())
|
|
|
|
req.Projection("full")
|
|
|
|
req.Prefix(it.Prefix)
|
|
|
|
req.PageToken(pageToken)
|
|
|
|
if pageSize > 0 {
|
|
|
|
req.MaxResults(int64(pageSize))
|
|
|
|
}
|
|
|
|
var resp *raw.Buckets
|
|
|
|
err = run(it.ctx, func() error {
|
|
|
|
resp, err = req.Context(it.ctx).Do()
|
|
|
|
return err
|
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
for _, item := range resp.Items {
|
|
|
|
b, err := newBucket(item)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
it.buckets = append(it.buckets, b)
|
|
|
|
}
|
|
|
|
return resp.NextPageToken, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
it.pageInfo, it.nextFunc = iterator.NewPageInfo(
|
|
|
|
fetch,
|
|
|
|
func() int { return len(it.buckets) },
|
|
|
|
func() interface{} { b := it.buckets; it.buckets = nil; return b })
|
|
|
|
|
|
|
|
return it
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Bucket methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) DeleteBucket(ctx context.Context, bucket string, conds *BucketConditions, opts ...storageOption) error {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
req := c.raw.Buckets.Delete(bucket)
|
|
|
|
setClientHeader(req.Header())
|
|
|
|
if err := applyBucketConds("httpStorageClient.DeleteBucket", conds, req); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if s.userProject != "" {
|
|
|
|
req.UserProject(s.userProject)
|
|
|
|
}
|
|
|
|
|
2022-05-20 13:48:16 +02:00
|
|
|
return run(ctx, func() error { return req.Context(ctx).Do() }, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *httpStorageClient) GetBucket(ctx context.Context, bucket string, conds *BucketConditions, opts ...storageOption) (*BucketAttrs, error) {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
req := c.raw.Buckets.Get(bucket).Projection("full")
|
|
|
|
setClientHeader(req.Header())
|
|
|
|
err := applyBucketConds("httpStorageClient.GetBucket", conds, req)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if s.userProject != "" {
|
|
|
|
req.UserProject(s.userProject)
|
|
|
|
}
|
|
|
|
|
|
|
|
var resp *raw.Bucket
|
|
|
|
err = run(ctx, func() error {
|
|
|
|
resp, err = req.Context(ctx).Do()
|
|
|
|
return err
|
2022-05-20 13:48:16 +02:00
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
2022-04-12 11:51:54 +02:00
|
|
|
|
|
|
|
var e *googleapi.Error
|
|
|
|
if ok := errors.As(err, &e); ok && e.Code == http.StatusNotFound {
|
|
|
|
return nil, ErrBucketNotExist
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return newBucket(resp)
|
|
|
|
}
|
2022-05-20 13:48:16 +02:00
|
|
|
func (c *httpStorageClient) UpdateBucket(ctx context.Context, bucket string, uattrs *BucketAttrsToUpdate, conds *BucketConditions, opts ...storageOption) (*BucketAttrs, error) {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
rb := uattrs.toRawBucket()
|
|
|
|
req := c.raw.Buckets.Patch(bucket, rb).Projection("full")
|
|
|
|
setClientHeader(req.Header())
|
|
|
|
err := applyBucketConds("httpStorageClient.UpdateBucket", conds, req)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if s.userProject != "" {
|
|
|
|
req.UserProject(s.userProject)
|
|
|
|
}
|
|
|
|
if uattrs != nil && uattrs.PredefinedACL != "" {
|
|
|
|
req.PredefinedAcl(uattrs.PredefinedACL)
|
|
|
|
}
|
|
|
|
if uattrs != nil && uattrs.PredefinedDefaultObjectACL != "" {
|
|
|
|
req.PredefinedDefaultObjectAcl(uattrs.PredefinedDefaultObjectACL)
|
|
|
|
}
|
|
|
|
|
|
|
|
var rawBucket *raw.Bucket
|
|
|
|
err = run(ctx, func() error {
|
|
|
|
rawBucket, err = req.Context(ctx).Do()
|
|
|
|
return err
|
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return newBucket(rawBucket)
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
2022-05-20 13:48:16 +02:00
|
|
|
|
2022-04-12 11:51:54 +02:00
|
|
|
func (c *httpStorageClient) LockBucketRetentionPolicy(ctx context.Context, bucket string, conds *BucketConditions, opts ...storageOption) error {
|
2022-05-20 13:48:16 +02:00
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
|
|
|
|
var metageneration int64
|
|
|
|
if conds != nil {
|
|
|
|
metageneration = conds.MetagenerationMatch
|
|
|
|
}
|
|
|
|
req := c.raw.Buckets.LockRetentionPolicy(bucket, metageneration)
|
|
|
|
|
|
|
|
return run(ctx, func() error {
|
|
|
|
_, err := req.Context(ctx).Do()
|
|
|
|
return err
|
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
2022-05-20 13:48:16 +02:00
|
|
|
func (c *httpStorageClient) ListObjects(ctx context.Context, bucket string, q *Query, opts ...storageOption) *ObjectIterator {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
it := &ObjectIterator{
|
|
|
|
ctx: ctx,
|
|
|
|
}
|
|
|
|
if q != nil {
|
|
|
|
it.query = *q
|
|
|
|
}
|
|
|
|
fetch := func(pageSize int, pageToken string) (string, error) {
|
|
|
|
req := c.raw.Objects.List(bucket)
|
|
|
|
setClientHeader(req.Header())
|
|
|
|
projection := it.query.Projection
|
|
|
|
if projection == ProjectionDefault {
|
|
|
|
projection = ProjectionFull
|
|
|
|
}
|
|
|
|
req.Projection(projection.String())
|
|
|
|
req.Delimiter(it.query.Delimiter)
|
|
|
|
req.Prefix(it.query.Prefix)
|
|
|
|
req.StartOffset(it.query.StartOffset)
|
|
|
|
req.EndOffset(it.query.EndOffset)
|
|
|
|
req.Versions(it.query.Versions)
|
|
|
|
req.IncludeTrailingDelimiter(it.query.IncludeTrailingDelimiter)
|
|
|
|
if len(it.query.fieldSelection) > 0 {
|
|
|
|
req.Fields("nextPageToken", googleapi.Field(it.query.fieldSelection))
|
|
|
|
}
|
|
|
|
req.PageToken(pageToken)
|
|
|
|
if s.userProject != "" {
|
|
|
|
req.UserProject(s.userProject)
|
|
|
|
}
|
|
|
|
if pageSize > 0 {
|
|
|
|
req.MaxResults(int64(pageSize))
|
|
|
|
}
|
|
|
|
var resp *raw.Objects
|
|
|
|
var err error
|
|
|
|
err = run(it.ctx, func() error {
|
|
|
|
resp, err = req.Context(it.ctx).Do()
|
|
|
|
return err
|
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
|
|
|
if err != nil {
|
|
|
|
var e *googleapi.Error
|
|
|
|
if ok := errors.As(err, &e); ok && e.Code == http.StatusNotFound {
|
|
|
|
err = ErrBucketNotExist
|
|
|
|
}
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
for _, item := range resp.Items {
|
|
|
|
it.items = append(it.items, newObject(item))
|
|
|
|
}
|
|
|
|
for _, prefix := range resp.Prefixes {
|
|
|
|
it.items = append(it.items, &ObjectAttrs{Prefix: prefix})
|
|
|
|
}
|
|
|
|
return resp.NextPageToken, nil
|
|
|
|
}
|
|
|
|
it.pageInfo, it.nextFunc = iterator.NewPageInfo(
|
|
|
|
fetch,
|
|
|
|
func() int { return len(it.items) },
|
|
|
|
func() interface{} { b := it.items; it.items = nil; return b })
|
|
|
|
|
|
|
|
return it
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Object metadata methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) DeleteObject(ctx context.Context, bucket, object string, conds *Conditions, opts ...storageOption) error {
|
|
|
|
return errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) GetObject(ctx context.Context, bucket, object string, conds *Conditions, opts ...storageOption) (*ObjectAttrs, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) UpdateObject(ctx context.Context, bucket, object string, uattrs *ObjectAttrsToUpdate, conds *Conditions, opts ...storageOption) (*ObjectAttrs, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
|
|
|
|
// Default Object ACL methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) DeleteDefaultObjectACL(ctx context.Context, bucket string, entity ACLEntity, opts ...storageOption) error {
|
2022-05-20 13:48:16 +02:00
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
req := c.raw.DefaultObjectAccessControls.Delete(bucket, string(entity))
|
|
|
|
configureACLCall(ctx, s.userProject, req)
|
|
|
|
return run(ctx, func() error { return req.Context(ctx).Do() }, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
2022-05-20 13:48:16 +02:00
|
|
|
|
2022-04-12 11:51:54 +02:00
|
|
|
func (c *httpStorageClient) ListDefaultObjectACLs(ctx context.Context, bucket string, opts ...storageOption) ([]ACLRule, error) {
|
2022-05-20 13:48:16 +02:00
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
var acls *raw.ObjectAccessControls
|
|
|
|
var err error
|
|
|
|
req := c.raw.DefaultObjectAccessControls.List(bucket)
|
|
|
|
configureACLCall(ctx, s.userProject, req)
|
|
|
|
err = run(ctx, func() error {
|
|
|
|
acls, err = req.Do()
|
|
|
|
return err
|
|
|
|
}, s.retry, true, setRetryHeaderHTTP(req))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return toObjectACLRules(acls.Items), nil
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
|
|
|
func (c *httpStorageClient) UpdateDefaultObjectACL(ctx context.Context, opts ...storageOption) (*ACLRule, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
|
|
|
|
// Bucket ACL methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) DeleteBucketACL(ctx context.Context, bucket string, entity ACLEntity, opts ...storageOption) error {
|
2022-05-20 13:48:16 +02:00
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
req := c.raw.BucketAccessControls.Delete(bucket, string(entity))
|
|
|
|
configureACLCall(ctx, s.userProject, req)
|
|
|
|
return run(ctx, func() error { return req.Context(ctx).Do() }, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
2022-05-20 13:48:16 +02:00
|
|
|
|
2022-04-12 11:51:54 +02:00
|
|
|
func (c *httpStorageClient) ListBucketACLs(ctx context.Context, bucket string, opts ...storageOption) ([]ACLRule, error) {
|
2022-05-20 13:48:16 +02:00
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
var acls *raw.BucketAccessControls
|
|
|
|
var err error
|
|
|
|
req := c.raw.BucketAccessControls.List(bucket)
|
|
|
|
configureACLCall(ctx, s.userProject, req)
|
|
|
|
err = run(ctx, func() error {
|
|
|
|
acls, err = req.Do()
|
|
|
|
return err
|
|
|
|
}, s.retry, true, setRetryHeaderHTTP(req))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return toBucketACLRules(acls.Items), nil
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
2022-05-20 13:48:16 +02:00
|
|
|
|
2022-04-12 11:51:54 +02:00
|
|
|
func (c *httpStorageClient) UpdateBucketACL(ctx context.Context, bucket string, entity ACLEntity, role ACLRole, opts ...storageOption) (*ACLRule, error) {
|
2022-05-20 13:48:16 +02:00
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
acl := &raw.BucketAccessControl{
|
|
|
|
Bucket: bucket,
|
|
|
|
Entity: string(entity),
|
|
|
|
Role: string(role),
|
|
|
|
}
|
|
|
|
req := c.raw.BucketAccessControls.Update(bucket, string(entity), acl)
|
|
|
|
configureACLCall(ctx, s.userProject, req)
|
|
|
|
var aclRule ACLRule
|
|
|
|
var err error
|
|
|
|
err = run(ctx, func() error {
|
|
|
|
acl, err = req.Do()
|
|
|
|
aclRule = toBucketACLRule(acl)
|
|
|
|
return err
|
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(req))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &aclRule, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// configureACLCall sets the context, user project and headers on the apiary library call.
|
|
|
|
// This will panic if the call does not have the correct methods.
|
|
|
|
func configureACLCall(ctx context.Context, userProject string, call interface{ Header() http.Header }) {
|
|
|
|
vc := reflect.ValueOf(call)
|
|
|
|
vc.MethodByName("Context").Call([]reflect.Value{reflect.ValueOf(ctx)})
|
|
|
|
if userProject != "" {
|
|
|
|
vc.MethodByName("UserProject").Call([]reflect.Value{reflect.ValueOf(userProject)})
|
|
|
|
}
|
|
|
|
setClientHeader(call.Header())
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Object ACL methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) DeleteObjectACL(ctx context.Context, bucket, object string, entity ACLEntity, opts ...storageOption) error {
|
|
|
|
return errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) ListObjectACLs(ctx context.Context, bucket, object string, opts ...storageOption) ([]ACLRule, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) UpdateObjectACL(ctx context.Context, bucket, object string, entity ACLEntity, role ACLRole, opts ...storageOption) (*ACLRule, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
|
|
|
|
// Media operations.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) ComposeObject(ctx context.Context, req *composeObjectRequest, opts ...storageOption) (*ObjectAttrs, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) RewriteObject(ctx context.Context, req *rewriteObjectRequest, opts ...storageOption) (*rewriteObjectResponse, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *httpStorageClient) OpenReader(ctx context.Context, r *Reader, opts ...storageOption) error {
|
|
|
|
return errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) OpenWriter(ctx context.Context, w *Writer, opts ...storageOption) error {
|
|
|
|
return errMethodNotSupported
|
|
|
|
}
|
|
|
|
|
|
|
|
// IAM methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) GetIamPolicy(ctx context.Context, resource string, version int32, opts ...storageOption) (*iampb.Policy, error) {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
call := c.raw.Buckets.GetIamPolicy(resource).OptionsRequestedPolicyVersion(int64(version))
|
|
|
|
setClientHeader(call.Header())
|
|
|
|
if s.userProject != "" {
|
|
|
|
call.UserProject(s.userProject)
|
|
|
|
}
|
|
|
|
var rp *raw.Policy
|
|
|
|
err := run(ctx, func() error {
|
|
|
|
var err error
|
|
|
|
rp, err = call.Context(ctx).Do()
|
|
|
|
return err
|
2022-05-20 13:48:16 +02:00
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(call))
|
2022-04-12 11:51:54 +02:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return iamFromStoragePolicy(rp), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *httpStorageClient) SetIamPolicy(ctx context.Context, resource string, policy *iampb.Policy, opts ...storageOption) error {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
|
|
|
|
rp := iamToStoragePolicy(policy)
|
|
|
|
call := c.raw.Buckets.SetIamPolicy(resource, rp)
|
|
|
|
setClientHeader(call.Header())
|
|
|
|
if s.userProject != "" {
|
|
|
|
call.UserProject(s.userProject)
|
|
|
|
}
|
|
|
|
|
|
|
|
return run(ctx, func() error {
|
|
|
|
_, err := call.Context(ctx).Do()
|
|
|
|
return err
|
2022-05-20 13:48:16 +02:00
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(call))
|
2022-04-12 11:51:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *httpStorageClient) TestIamPermissions(ctx context.Context, resource string, permissions []string, opts ...storageOption) ([]string, error) {
|
|
|
|
s := callSettings(c.settings, opts...)
|
|
|
|
call := c.raw.Buckets.TestIamPermissions(resource, permissions)
|
|
|
|
setClientHeader(call.Header())
|
|
|
|
if s.userProject != "" {
|
|
|
|
call.UserProject(s.userProject)
|
|
|
|
}
|
|
|
|
var res *raw.TestIamPermissionsResponse
|
|
|
|
err := run(ctx, func() error {
|
|
|
|
var err error
|
|
|
|
res, err = call.Context(ctx).Do()
|
|
|
|
return err
|
2022-05-20 13:48:16 +02:00
|
|
|
}, s.retry, s.idempotent, setRetryHeaderHTTP(call))
|
2022-04-12 11:51:54 +02:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return res.Permissions, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// HMAC Key methods.
|
|
|
|
|
|
|
|
func (c *httpStorageClient) GetHMACKey(ctx context.Context, desc *hmacKeyDesc, opts ...storageOption) (*HMACKey, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) ListHMACKey(ctx context.Context, desc *hmacKeyDesc, opts ...storageOption) *HMACKeysIterator {
|
|
|
|
return &HMACKeysIterator{}
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) UpdateHMACKey(ctx context.Context, desc *hmacKeyDesc, attrs *HMACKeyAttrsToUpdate, opts ...storageOption) (*HMACKey, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) CreateHMACKey(ctx context.Context, desc *hmacKeyDesc, opts ...storageOption) (*HMACKey, error) {
|
|
|
|
return nil, errMethodNotSupported
|
|
|
|
}
|
|
|
|
func (c *httpStorageClient) DeleteHMACKey(ctx context.Context, desc *hmacKeyDesc, opts ...storageOption) error {
|
|
|
|
return errMethodNotSupported
|
|
|
|
}
|