fix: allUsers access (#178)

Praful Makani · web-flow · commit 7464e234c00d · 2020-02-19T09:06:59.000-05:00
diff --git a/google-cloud-bigquery/src/main/java/com/google/cloud/bigquery/Acl.java b/google-cloud-bigquery/src/main/java/com/google/cloud/bigquery/Acl.java
@@ -103,7 +103,8 @@ public enum Type {
       DOMAIN,
       GROUP,
       USER,
-      VIEW
+      VIEW,
+      IAM_MEMBER
     }
 
     Entity(Type type) {
@@ -132,6 +133,9 @@ static Entity fromPb(Access access) {
       if (access.getView() != null) {
         return new View(TableId.fromPb(access.getView()));
       }
+      if (access.getIamMember() != null) {
+        return new IamMember(access.getIamMember());
+      }
       // Unreachable
       throw new BigQueryException(
           BigQueryException.UNKNOWN_CODE, "Unrecognized access configuration");
@@ -383,6 +387,53 @@ Access toPb() {
     }
   }
 
+  /**
+   * Class for a BigQuery IamMember entity. Objects of this class represent a iamMember to grant
+   * access to given the IAM Policy.
+   */
+  public static final class IamMember extends Entity {
+
+    private final String iamMember;
+
+    /** Creates a iamMember entity given the iamMember. */
+    public IamMember(String iamMember) {
+      super(Type.IAM_MEMBER);
+      this.iamMember = iamMember;
+    }
+
+    /** Returns iamMember. */
+    public String getIamMember() {
+      return iamMember;
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+      if (this == obj) {
+        return true;
+      }
+      if (obj == null || getClass() != obj.getClass()) {
+        return false;
+      }
+      IamMember iam = (IamMember) obj;
+      return Objects.equals(getType(), iam.getType()) && Objects.equals(iamMember, iam.iamMember);
+    }
+
+    @Override
+    public int hashCode() {
+      return Objects.hash(getType(), iamMember);
+    }
+
+    @Override
+    public String toString() {
+      return toPb().toString();
+    }
+
+    @Override
+    Access toPb() {
+      return new Access().setIamMember(iamMember);
+    }
+  }
+
   private Acl(Entity entity, Role role) {
     this.entity = checkNotNull(entity);
     this.role = role;
diff --git a/google-cloud-bigquery/src/test/java/com/google/cloud/bigquery/DatasetInfoTest.java b/google-cloud-bigquery/src/test/java/com/google/cloud/bigquery/DatasetInfoTest.java
@@ -36,6 +36,8 @@ public class DatasetInfoTest {
       ImmutableList.of(
           Acl.of(Acl.Group.ofAllAuthenticatedUsers(), Acl.Role.READER),
           Acl.of(new Acl.View(TableId.of("project", "dataset", "table"))));
+  private static final List<Acl> ACCESS_RULES_IAM_MEMBER =
+      ImmutableList.of(Acl.of(new Acl.IamMember("allUsers"), Acl.Role.READER));
   private static final Map<String, String> LABELS =
       ImmutableMap.of(
           "example-label1", "example-value1",
@@ -76,10 +78,15 @@ public class DatasetInfoTest {
           .setDatasetId(DATASET_ID_COMPLETE)
           .setAcl(ACCESS_RULES_COMPLETE)
           .build();
+  private static final DatasetInfo DATASET_INFO_COMPLETE_WITH_IAM_MEMBER =
+      DATASET_INFO.toBuilder().setAcl(ACCESS_RULES_IAM_MEMBER).build();
 
   @Test
   public void testToBuilder() {
     compareDatasets(DATASET_INFO, DATASET_INFO.toBuilder().build());
+    compareDatasets(
+        DATASET_INFO_COMPLETE_WITH_IAM_MEMBER,
+        DATASET_INFO_COMPLETE_WITH_IAM_MEMBER.toBuilder().build());
     DatasetInfo datasetInfo =
         DATASET_INFO
             .toBuilder()
diff --git a/google-cloud-bigquery/src/test/java/com/google/cloud/bigquery/it/ITBigQueryTest.java b/google-cloud-bigquery/src/test/java/com/google/cloud/bigquery/it/ITBigQueryTest.java
@@ -28,8 +28,11 @@
 import static org.junit.Assert.fail;
 
 import com.google.api.gax.paging.Page;
+import com.google.auth.oauth2.GoogleCredentials;
+import com.google.auth.oauth2.ServiceAccountCredentials;
 import com.google.cloud.Date;
 import com.google.cloud.RetryOption;
+import com.google.cloud.bigquery.Acl;
 import com.google.cloud.bigquery.BigQuery;
 import com.google.cloud.bigquery.BigQuery.DatasetDeleteOption;
 import com.google.cloud.bigquery.BigQuery.DatasetField;
@@ -375,6 +378,21 @@ public void testGetDataset() {
     assertNotNull(dataset.getSelfLink());
   }
 
+  @Test
+  public void testDatasetUpdateAccess() throws IOException {
+    Dataset dataset = bigquery.getDataset(DATASET);
+    ServiceAccountCredentials credentials =
+        (ServiceAccountCredentials) GoogleCredentials.getApplicationDefault();
+    List<Acl> acl =
+        ImmutableList.of(
+            Acl.of(new Acl.Group("projectOwners"), Acl.Role.OWNER),
+            Acl.of(new Acl.User(credentials.getClientEmail()), Acl.Role.OWNER),
+            Acl.of(new Acl.IamMember("allUsers"), Acl.Role.READER));
+    Dataset remoteDataset = dataset.toBuilder().setAcl(acl).build().update();
+    assertNotNull(remoteDataset);
+    assertEquals(3, remoteDataset.getAcl().size());
+  }
+
   @Test
   public void testGetDatasetWithSelectedFields() {
     Dataset dataset =
