object_access_controls
Creates, updates, deletes, gets or lists an object_access_controls resource.
Overview
| Name | object_access_controls |
| Type | Resource |
| Id | google.storage.object_access_controls |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
id | string | The ID of the access-control entry. |
bucket | string | The name of the bucket. |
domain | string | The domain associated with the entity, if any. |
email | string | The email address associated with the entity, if any. |
entity | string | The entity holding the permission, in one of the following forms: - user-userId - user-email - group-groupId - group-email - domain-domain - project-team-projectId - allUsers - allAuthenticatedUsers Examples: - The user liz@example.com would be user-liz@example.com. - The group example@googlegroups.com would be group-example@googlegroups.com. - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com. |
entityId | string | The ID for the entity, if any. |
etag | string | HTTP 1.1 Entity tag for the access-control entry. |
generation | string (int64) | The content generation of the object, if applied to an object. |
kind | string | The kind of item this is. For object access control entries, this is always storage#objectAccessControl. (default: storage#objectAccessControl) |
object | string | The name of the object, if applied to an object. |
projectTeam | object | The project team associated with the entity, if any. |
role | string | The access permission for the entity. |
selfLink | string | The link to this access-control entry. |
Successful response
| Name | Datatype | Description |
|---|---|---|
items | array | The list of items. |
kind | string | The kind of item this is. For lists of object access control entries, this is always storage#objectAccessControls. (default: storage#objectAccessControls) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | bucket, object, entity | generation, userProject | Returns the ACL entry for the specified entity on the specified object. |
list | select | bucket, object | generation, userProject | Retrieves ACL entries on the specified object. |
insert | insert | bucket, object | generation, userProject | Creates a new ACL entry on the specified object. |
patch | update | bucket, object, entity | generation, userProject | Patches an ACL entry on the specified object. |
update | replace | bucket, object, entity | generation, userProject | Updates an ACL entry on the specified object. |
delete | delete | bucket, object, entity | generation, userProject | Permanently deletes the ACL entry for the specified entity on the specified object. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
bucket | string | |
entity | string | |
object | string | |
generation | string (int64) | |
userProject | string |
SELECT examples
- get
- list
Returns the ACL entry for the specified entity on the specified object.
SELECT
id,
bucket,
domain,
email,
entity,
entityId,
etag,
generation,
kind,
object,
projectTeam,
role,
selfLink
FROM google.storage.object_access_controls
WHERE bucket = '{{ bucket }}' -- required
AND object = '{{ object }}' -- required
AND entity = '{{ entity }}' -- required
AND generation = '{{ generation }}'
AND userProject = '{{ userProject }}';
Retrieves ACL entries on the specified object.
SELECT
items,
kind
FROM google.storage.object_access_controls
WHERE bucket = '{{ bucket }}' -- required
AND object = '{{ object }}' -- required
AND generation = '{{ generation }}'
AND userProject = '{{ userProject }}';
INSERT examples
- insert
- Manifest
Creates a new ACL entry on the specified object.
INSERT INTO google.storage.object_access_controls (
data__bucket,
data__domain,
data__email,
data__entity,
data__entityId,
data__etag,
data__generation,
data__id,
data__kind,
data__object,
data__projectTeam,
data__role,
data__selfLink,
bucket,
object,
generation,
userProject
)
SELECT
'{{ bucket }}',
'{{ domain }}',
'{{ email }}',
'{{ entity }}',
'{{ entityId }}',
'{{ etag }}',
'{{ generation }}',
'{{ id }}',
'{{ kind }}',
'{{ object }}',
'{{ projectTeam }}',
'{{ role }}',
'{{ selfLink }}',
'{{ bucket }}',
'{{ object }}',
'{{ generation }}',
'{{ userProject }}'
RETURNING
id,
bucket,
domain,
email,
entity,
entityId,
etag,
generation,
kind,
object,
projectTeam,
role,
selfLink
;
# Description fields are for documentation purposes
- name: object_access_controls
props:
- name: bucket
value: string
description: Required parameter for the object_access_controls resource.
- name: object
value: string
description: Required parameter for the object_access_controls resource.
- name: bucket
value: string
description: >
The name of the bucket.
- name: domain
value: string
description: >
The domain associated with the entity, if any.
- name: email
value: string
description: >
The email address associated with the entity, if any.
- name: entity
value: string
description: >
The entity holding the permission, in one of the following forms:
- user-userId
- user-email
- group-groupId
- group-email
- domain-domain
- project-team-projectId
- allUsers
- allAuthenticatedUsers Examples:
- The user liz@example.com would be user-liz@example.com.
- The group example@googlegroups.com would be group-example@googlegroups.com.
- To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
- name: entityId
value: string
description: >
The ID for the entity, if any.
- name: etag
value: string
description: >
HTTP 1.1 Entity tag for the access-control entry.
- name: generation
value: string
description: >
The content generation of the object, if applied to an object.
- name: id
value: string
description: >
The ID of the access-control entry.
- name: kind
value: string
description: >
The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
default: storage#objectAccessControl
- name: object
value: string
description: >
The name of the object, if applied to an object.
- name: projectTeam
value: object
description: >
The project team associated with the entity, if any.
- name: role
value: string
description: >
The access permission for the entity.
- name: selfLink
value: string
description: >
The link to this access-control entry.
- name: generation
value: string (int64)
- name: userProject
value: string
UPDATE examples
- patch
Patches an ACL entry on the specified object.
UPDATE google.storage.object_access_controls
SET
data__bucket = '{{ bucket }}',
data__domain = '{{ domain }}',
data__email = '{{ email }}',
data__entity = '{{ entity }}',
data__entityId = '{{ entityId }}',
data__etag = '{{ etag }}',
data__generation = '{{ generation }}',
data__id = '{{ id }}',
data__kind = '{{ kind }}',
data__object = '{{ object }}',
data__projectTeam = '{{ projectTeam }}',
data__role = '{{ role }}',
data__selfLink = '{{ selfLink }}'
WHERE
bucket = '{{ bucket }}' --required
AND object = '{{ object }}' --required
AND entity = '{{ entity }}' --required
AND generation = '{{ generation}}'
AND userProject = '{{ userProject}}'
RETURNING
id,
bucket,
domain,
email,
entity,
entityId,
etag,
generation,
kind,
object,
projectTeam,
role,
selfLink;
REPLACE examples
- update
Updates an ACL entry on the specified object.
REPLACE google.storage.object_access_controls
SET
data__bucket = '{{ bucket }}',
data__domain = '{{ domain }}',
data__email = '{{ email }}',
data__entity = '{{ entity }}',
data__entityId = '{{ entityId }}',
data__etag = '{{ etag }}',
data__generation = '{{ generation }}',
data__id = '{{ id }}',
data__kind = '{{ kind }}',
data__object = '{{ object }}',
data__projectTeam = '{{ projectTeam }}',
data__role = '{{ role }}',
data__selfLink = '{{ selfLink }}'
WHERE
bucket = '{{ bucket }}' --required
AND object = '{{ object }}' --required
AND entity = '{{ entity }}' --required
AND generation = '{{ generation}}'
AND userProject = '{{ userProject}}'
RETURNING
id,
bucket,
domain,
email,
entity,
entityId,
etag,
generation,
kind,
object,
projectTeam,
role,
selfLink;
DELETE examples
- delete
Permanently deletes the ACL entry for the specified entity on the specified object.
DELETE FROM google.storage.object_access_controls
WHERE bucket = '{{ bucket }}' --required
AND object = '{{ object }}' --required
AND entity = '{{ entity }}' --required
AND generation = '{{ generation }}'
AND userProject = '{{ userProject }}';