# Copyright 2015 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. require 'google/apis/core/base_service' require 'google/apis/core/json_representation' require 'google/apis/core/hashable' require 'google/apis/errors' module Google module Apis module BinaryauthorizationV1 # Binary Authorization API # # The management interface for Binary Authorization, a system providing policy # control for images deployed to Kubernetes Engine clusters. # # @example # require 'google/apis/binaryauthorization_v1' # # Binaryauthorization = Google::Apis::BinaryauthorizationV1 # Alias the module # service = Binaryauthorization::BinaryAuthorizationService.new # # @see https://cloud.google.com/binary-authorization/ class BinaryAuthorizationService < Google::Apis::Core::BaseService # @return [String] # API key. Your API key identifies your project and provides you with API access, # quota, and reports. Required unless you provide an OAuth 2.0 token. attr_accessor :key # @return [String] # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. attr_accessor :quota_user def initialize super('https://binaryauthorization.googleapis.com/', '') @batch_path = 'batch' end # A policy specifies the attestors that must attest to a container image, before # the project is allowed to deploy that image. There is at most one policy per # project. All image admission requests are permitted if a project has no policy. # Gets the policy for this project. Returns a default policy if the project # does not have one. # @param [String] name # Required. The resource name of the policy to retrieve, in the format `projects/ # */policy`. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_policy(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::BinaryauthorizationV1::Policy::Representation command.response_class = Google::Apis::BinaryauthorizationV1::Policy command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Creates or updates a project's policy, and returns a copy of the new policy. A # policy is always updated as a whole, to avoid race conditions with concurrent # policy enforcement (or management!) requests. Returns NOT_FOUND if the project # does not exist, INVALID_ARGUMENT if the request is malformed. # @param [String] name # Output only. The resource name, in the format `projects/*/policy`. There is at # most one policy per project. # @param [Google::Apis::BinaryauthorizationV1::Policy] policy_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def update_project_policy(name, policy_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:put, 'v1/{+name}', options) command.request_representation = Google::Apis::BinaryauthorizationV1::Policy::Representation command.request_object = policy_object command.response_representation = Google::Apis::BinaryauthorizationV1::Policy::Representation command.response_class = Google::Apis::BinaryauthorizationV1::Policy command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Creates an attestor, and returns a copy of the new attestor. Returns NOT_FOUND # if the project does not exist, INVALID_ARGUMENT if the request is malformed, # ALREADY_EXISTS if the attestor already exists. # @param [String] parent # Required. The parent of this attestor. # @param [Google::Apis::BinaryauthorizationV1::Attestor] attestor_object # @param [String] attestor_id # Required. The attestors ID. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::Attestor] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::Attestor] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_attestor(parent, attestor_object = nil, attestor_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/attestors', options) command.request_representation = Google::Apis::BinaryauthorizationV1::Attestor::Representation command.request_object = attestor_object command.response_representation = Google::Apis::BinaryauthorizationV1::Attestor::Representation command.response_class = Google::Apis::BinaryauthorizationV1::Attestor command.params['parent'] = parent unless parent.nil? command.query['attestorId'] = attestor_id unless attestor_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Deletes an attestor. Returns NOT_FOUND if the attestor does not exist. # @param [String] name # Required. The name of the attestors to delete, in the format `projects/*/ # attestors/*`. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::Empty] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::Empty] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def delete_project_attestor(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:delete, 'v1/{+name}', options) command.response_representation = Google::Apis::BinaryauthorizationV1::Empty::Representation command.response_class = Google::Apis::BinaryauthorizationV1::Empty command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets an attestor. Returns NOT_FOUND if the attestor does not exist. # @param [String] name # Required. The name of the attestor to retrieve, in the format `projects/*/ # attestors/*`. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::Attestor] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::Attestor] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_attestor(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::BinaryauthorizationV1::Attestor::Representation command.response_class = Google::Apis::BinaryauthorizationV1::Attestor command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. Returns an empty policy if the # resource exists and does not have a policy set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. See the # operation documentation for the appropriate value for this field. # @param [Fixnum] options_requested_policy_version # Optional. The policy format version to be returned. Valid values are 0, 1, and # 3. Requests specifying an invalid value will be rejected. Requests for # policies with any conditional bindings must specify version 3. Policies # without any conditional bindings may specify any valid value or leave the # field unset. To learn which resources support conditions in their IAM policies, # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/ # resource-policies). # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::IamPolicy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::IamPolicy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_attestor_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::BinaryauthorizationV1::IamPolicy::Representation command.response_class = Google::Apis::BinaryauthorizationV1::IamPolicy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists attestors. Returns INVALID_ARGUMENT if the project does not exist. # @param [String] parent # Required. The resource name of the project associated with the attestors, in # the format `projects/*`. # @param [Fixnum] page_size # Requested page size. The server may return fewer results than requested. If # unspecified, the server will pick an appropriate default. # @param [String] page_token # A token identifying a page of results the server should return. Typically, # this is the value of ListAttestorsResponse.next_page_token returned from the # previous call to the `ListAttestors` method. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::ListAttestorsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::ListAttestorsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_attestors(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/attestors', options) command.response_representation = Google::Apis::BinaryauthorizationV1::ListAttestorsResponse::Representation command.response_class = Google::Apis::BinaryauthorizationV1::ListAttestorsResponse command.params['parent'] = parent unless parent.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` # PERMISSION_DENIED` errors. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::BinaryauthorizationV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::IamPolicy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::IamPolicy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_attestor_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::BinaryauthorizationV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::BinaryauthorizationV1::IamPolicy::Representation command.response_class = Google::Apis::BinaryauthorizationV1::IamPolicy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. If the # resource does not exist, this will return an empty set of permissions, not a ` # NOT_FOUND` error. Note: This operation is designed to be used for building # permission-aware UIs and command-line tools, not for authorization checking. # This operation may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::BinaryauthorizationV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_attestor_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::BinaryauthorizationV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Updates an attestor. Returns NOT_FOUND if the attestor does not exist. # @param [String] name # Required. The resource name, in the format: `projects/*/attestors/*`. This # field may not be updated. # @param [Google::Apis::BinaryauthorizationV1::Attestor] attestor_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::Attestor] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::Attestor] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def update_project_attestor(name, attestor_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:put, 'v1/{+name}', options) command.request_representation = Google::Apis::BinaryauthorizationV1::Attestor::Representation command.request_object = attestor_object command.response_representation = Google::Apis::BinaryauthorizationV1::Attestor::Representation command.response_class = Google::Apis::BinaryauthorizationV1::Attestor command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns whether the given Attestation for the given image URI was signed by # the given Attestor # @param [String] attestor # Required. The resource name of the Attestor of the occurrence, in the format ` # projects/*/attestors/*`. # @param [Google::Apis::BinaryauthorizationV1::ValidateAttestationOccurrenceRequest] validate_attestation_occurrence_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::ValidateAttestationOccurrenceResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::ValidateAttestationOccurrenceResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def validate_attestor_attestation_occurrence(attestor, validate_attestation_occurrence_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+attestor}:validateAttestationOccurrence', options) command.request_representation = Google::Apis::BinaryauthorizationV1::ValidateAttestationOccurrenceRequest::Representation command.request_object = validate_attestation_occurrence_request_object command.response_representation = Google::Apis::BinaryauthorizationV1::ValidateAttestationOccurrenceResponse::Representation command.response_class = Google::Apis::BinaryauthorizationV1::ValidateAttestationOccurrenceResponse command.params['attestor'] = attestor unless attestor.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. Returns an empty policy if the # resource exists and does not have a policy set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. See the # operation documentation for the appropriate value for this field. # @param [Fixnum] options_requested_policy_version # Optional. The policy format version to be returned. Valid values are 0, 1, and # 3. Requests specifying an invalid value will be rejected. Requests for # policies with any conditional bindings must specify version 3. Policies # without any conditional bindings may specify any valid value or leave the # field unset. To learn which resources support conditions in their IAM policies, # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/ # resource-policies). # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::IamPolicy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::IamPolicy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_policy_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::BinaryauthorizationV1::IamPolicy::Representation command.response_class = Google::Apis::BinaryauthorizationV1::IamPolicy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` # PERMISSION_DENIED` errors. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::BinaryauthorizationV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::IamPolicy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::IamPolicy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::BinaryauthorizationV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::BinaryauthorizationV1::IamPolicy::Representation command.response_class = Google::Apis::BinaryauthorizationV1::IamPolicy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. If the # resource does not exist, this will return an empty set of permissions, not a ` # NOT_FOUND` error. Note: This operation is designed to be used for building # permission-aware UIs and command-line tools, not for authorization checking. # This operation may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::BinaryauthorizationV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_policy_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::BinaryauthorizationV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::BinaryauthorizationV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end protected def apply_command_defaults(command) command.query['key'] = key unless key.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? end end end end end