Cloud Storage JSON API . objectAccessControls

Instance Methods

delete(bucket, object, entity, generation=None, userProject=None, provisionalUserProject=None)

Permanently deletes the ACL entry for the specified entity on the specified object.

get(bucket, object, entity, generation=None, userProject=None, provisionalUserProject=None)

Returns the ACL entry for the specified entity on the specified object.

insert(bucket, object, body, generation=None, userProject=None, provisionalUserProject=None)

Creates a new ACL entry on the specified object.

list(bucket, object, generation=None, userProject=None, provisionalUserProject=None)

Retrieves ACL entries on the specified object.

patch(bucket, object, entity, body, generation=None, userProject=None, provisionalUserProject=None)

Patches an ACL entry on the specified object.

update(bucket, object, entity, body, generation=None, userProject=None, provisionalUserProject=None)

Updates an ACL entry on the specified object.

Method Details

delete(bucket, object, entity, generation=None, userProject=None, provisionalUserProject=None)
Permanently deletes the ACL entry for the specified entity on the specified object.

Args:
  bucket: string, Name of a bucket. (required)
  object: string, Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts. (required)
  entity: string, The entity holding the permission. Can be user-userId, user-emailAddress, group-groupId, group-emailAddress, allUsers, or allAuthenticatedUsers. (required)
  generation: string, If present, selects a specific revision of this object (as opposed to the latest version, the default).
  userProject: string, The project to be billed for this request. Required for Requester Pays buckets.
  provisionalUserProject: string, The project to be billed for this request if the target bucket is requester-pays bucket.
get(bucket, object, entity, generation=None, userProject=None, provisionalUserProject=None)
Returns the ACL entry for the specified entity on the specified object.

Args:
  bucket: string, Name of a bucket. (required)
  object: string, Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts. (required)
  entity: string, The entity holding the permission. Can be user-userId, user-emailAddress, group-groupId, group-emailAddress, allUsers, or allAuthenticatedUsers. (required)
  generation: string, If present, selects a specific revision of this object (as opposed to the latest version, the default).
  userProject: string, The project to be billed for this request. Required for Requester Pays buckets.
  provisionalUserProject: string, The project to be billed for this request if the target bucket is requester-pays bucket.

Returns:
  An object of the form:

    { # An access-control entry.
    "domain": "A String", # The domain associated with the entity, if any.
    "generation": "A String", # The content generation of the object, if applied to an object.
    "object": "A String", # The name of the object, if applied to an object.
    "bucket": "A String", # The name of the bucket.
    "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
    "entity": "A String", # The entity holding the permission, in one of the following forms:
        # - user-userId
        # - user-email
        # - group-groupId
        # - group-email
        # - domain-domain
        # - project-team-projectId
        # - allUsers
        # - allAuthenticatedUsers Examples:
        # - The user liz@example.com would be user-liz@example.com.
        # - The group example@googlegroups.com would be group-example@googlegroups.com.
        # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
    "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
    "role": "A String", # The access permission for the entity.
    "id": "A String", # The ID of the access-control entry.
    "entityId": "A String", # The ID for the entity, if any.
    "projectTeam": { # The project team associated with the entity, if any.
      "projectNumber": "A String", # The project number.
      "team": "A String", # The team.
    },
    "email": "A String", # The email address associated with the entity, if any.
    "selfLink": "A String", # The link to this access-control entry.
  }
insert(bucket, object, body, generation=None, userProject=None, provisionalUserProject=None)
Creates a new ACL entry on the specified object.

Args:
  bucket: string, Name of a bucket. (required)
  object: string, Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts. (required)
  body: object, The request body. (required)
    The object takes the form of:

{ # An access-control entry.
  "domain": "A String", # The domain associated with the entity, if any.
  "generation": "A String", # The content generation of the object, if applied to an object.
  "object": "A String", # The name of the object, if applied to an object.
  "bucket": "A String", # The name of the bucket.
  "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
  "entity": "A String", # The entity holding the permission, in one of the following forms:
      # - user-userId
      # - user-email
      # - group-groupId
      # - group-email
      # - domain-domain
      # - project-team-projectId
      # - allUsers
      # - allAuthenticatedUsers Examples:
      # - The user liz@example.com would be user-liz@example.com.
      # - The group example@googlegroups.com would be group-example@googlegroups.com.
      # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
  "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
  "role": "A String", # The access permission for the entity.
  "id": "A String", # The ID of the access-control entry.
  "entityId": "A String", # The ID for the entity, if any.
  "projectTeam": { # The project team associated with the entity, if any.
    "projectNumber": "A String", # The project number.
    "team": "A String", # The team.
  },
  "email": "A String", # The email address associated with the entity, if any.
  "selfLink": "A String", # The link to this access-control entry.
}

  generation: string, If present, selects a specific revision of this object (as opposed to the latest version, the default).
  userProject: string, The project to be billed for this request. Required for Requester Pays buckets.
  provisionalUserProject: string, The project to be billed for this request if the target bucket is requester-pays bucket.

Returns:
  An object of the form:

    { # An access-control entry.
    "domain": "A String", # The domain associated with the entity, if any.
    "generation": "A String", # The content generation of the object, if applied to an object.
    "object": "A String", # The name of the object, if applied to an object.
    "bucket": "A String", # The name of the bucket.
    "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
    "entity": "A String", # The entity holding the permission, in one of the following forms:
        # - user-userId
        # - user-email
        # - group-groupId
        # - group-email
        # - domain-domain
        # - project-team-projectId
        # - allUsers
        # - allAuthenticatedUsers Examples:
        # - The user liz@example.com would be user-liz@example.com.
        # - The group example@googlegroups.com would be group-example@googlegroups.com.
        # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
    "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
    "role": "A String", # The access permission for the entity.
    "id": "A String", # The ID of the access-control entry.
    "entityId": "A String", # The ID for the entity, if any.
    "projectTeam": { # The project team associated with the entity, if any.
      "projectNumber": "A String", # The project number.
      "team": "A String", # The team.
    },
    "email": "A String", # The email address associated with the entity, if any.
    "selfLink": "A String", # The link to this access-control entry.
  }
list(bucket, object, generation=None, userProject=None, provisionalUserProject=None)
Retrieves ACL entries on the specified object.

Args:
  bucket: string, Name of a bucket. (required)
  object: string, Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts. (required)
  generation: string, If present, selects a specific revision of this object (as opposed to the latest version, the default).
  userProject: string, The project to be billed for this request. Required for Requester Pays buckets.
  provisionalUserProject: string, The project to be billed for this request if the target bucket is requester-pays bucket.

Returns:
  An object of the form:

    { # An access-control list.
    "items": [ # The list of items.
      { # An access-control entry.
        "domain": "A String", # The domain associated with the entity, if any.
        "generation": "A String", # The content generation of the object, if applied to an object.
        "object": "A String", # The name of the object, if applied to an object.
        "bucket": "A String", # The name of the bucket.
        "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
        "entity": "A String", # The entity holding the permission, in one of the following forms:
            # - user-userId
            # - user-email
            # - group-groupId
            # - group-email
            # - domain-domain
            # - project-team-projectId
            # - allUsers
            # - allAuthenticatedUsers Examples:
            # - The user liz@example.com would be user-liz@example.com.
            # - The group example@googlegroups.com would be group-example@googlegroups.com.
            # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
        "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
        "role": "A String", # The access permission for the entity.
        "id": "A String", # The ID of the access-control entry.
        "entityId": "A String", # The ID for the entity, if any.
        "projectTeam": { # The project team associated with the entity, if any.
          "projectNumber": "A String", # The project number.
          "team": "A String", # The team.
        },
        "email": "A String", # The email address associated with the entity, if any.
        "selfLink": "A String", # The link to this access-control entry.
      },
    ],
    "kind": "storage#objectAccessControls", # The kind of item this is. For lists of object access control entries, this is always storage#objectAccessControls.
  }
patch(bucket, object, entity, body, generation=None, userProject=None, provisionalUserProject=None)
Patches an ACL entry on the specified object.

Args:
  bucket: string, Name of a bucket. (required)
  object: string, Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts. (required)
  entity: string, The entity holding the permission. Can be user-userId, user-emailAddress, group-groupId, group-emailAddress, allUsers, or allAuthenticatedUsers. (required)
  body: object, The request body. (required)
    The object takes the form of:

{ # An access-control entry.
  "domain": "A String", # The domain associated with the entity, if any.
  "generation": "A String", # The content generation of the object, if applied to an object.
  "object": "A String", # The name of the object, if applied to an object.
  "bucket": "A String", # The name of the bucket.
  "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
  "entity": "A String", # The entity holding the permission, in one of the following forms:
      # - user-userId
      # - user-email
      # - group-groupId
      # - group-email
      # - domain-domain
      # - project-team-projectId
      # - allUsers
      # - allAuthenticatedUsers Examples:
      # - The user liz@example.com would be user-liz@example.com.
      # - The group example@googlegroups.com would be group-example@googlegroups.com.
      # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
  "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
  "role": "A String", # The access permission for the entity.
  "id": "A String", # The ID of the access-control entry.
  "entityId": "A String", # The ID for the entity, if any.
  "projectTeam": { # The project team associated with the entity, if any.
    "projectNumber": "A String", # The project number.
    "team": "A String", # The team.
  },
  "email": "A String", # The email address associated with the entity, if any.
  "selfLink": "A String", # The link to this access-control entry.
}

  generation: string, If present, selects a specific revision of this object (as opposed to the latest version, the default).
  userProject: string, The project to be billed for this request. Required for Requester Pays buckets.
  provisionalUserProject: string, The project to be billed for this request if the target bucket is requester-pays bucket.

Returns:
  An object of the form:

    { # An access-control entry.
    "domain": "A String", # The domain associated with the entity, if any.
    "generation": "A String", # The content generation of the object, if applied to an object.
    "object": "A String", # The name of the object, if applied to an object.
    "bucket": "A String", # The name of the bucket.
    "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
    "entity": "A String", # The entity holding the permission, in one of the following forms:
        # - user-userId
        # - user-email
        # - group-groupId
        # - group-email
        # - domain-domain
        # - project-team-projectId
        # - allUsers
        # - allAuthenticatedUsers Examples:
        # - The user liz@example.com would be user-liz@example.com.
        # - The group example@googlegroups.com would be group-example@googlegroups.com.
        # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
    "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
    "role": "A String", # The access permission for the entity.
    "id": "A String", # The ID of the access-control entry.
    "entityId": "A String", # The ID for the entity, if any.
    "projectTeam": { # The project team associated with the entity, if any.
      "projectNumber": "A String", # The project number.
      "team": "A String", # The team.
    },
    "email": "A String", # The email address associated with the entity, if any.
    "selfLink": "A String", # The link to this access-control entry.
  }
update(bucket, object, entity, body, generation=None, userProject=None, provisionalUserProject=None)
Updates an ACL entry on the specified object.

Args:
  bucket: string, Name of a bucket. (required)
  object: string, Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts. (required)
  entity: string, The entity holding the permission. Can be user-userId, user-emailAddress, group-groupId, group-emailAddress, allUsers, or allAuthenticatedUsers. (required)
  body: object, The request body. (required)
    The object takes the form of:

{ # An access-control entry.
  "domain": "A String", # The domain associated with the entity, if any.
  "generation": "A String", # The content generation of the object, if applied to an object.
  "object": "A String", # The name of the object, if applied to an object.
  "bucket": "A String", # The name of the bucket.
  "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
  "entity": "A String", # The entity holding the permission, in one of the following forms:
      # - user-userId
      # - user-email
      # - group-groupId
      # - group-email
      # - domain-domain
      # - project-team-projectId
      # - allUsers
      # - allAuthenticatedUsers Examples:
      # - The user liz@example.com would be user-liz@example.com.
      # - The group example@googlegroups.com would be group-example@googlegroups.com.
      # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
  "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
  "role": "A String", # The access permission for the entity.
  "id": "A String", # The ID of the access-control entry.
  "entityId": "A String", # The ID for the entity, if any.
  "projectTeam": { # The project team associated with the entity, if any.
    "projectNumber": "A String", # The project number.
    "team": "A String", # The team.
  },
  "email": "A String", # The email address associated with the entity, if any.
  "selfLink": "A String", # The link to this access-control entry.
}

  generation: string, If present, selects a specific revision of this object (as opposed to the latest version, the default).
  userProject: string, The project to be billed for this request. Required for Requester Pays buckets.
  provisionalUserProject: string, The project to be billed for this request if the target bucket is requester-pays bucket.

Returns:
  An object of the form:

    { # An access-control entry.
    "domain": "A String", # The domain associated with the entity, if any.
    "generation": "A String", # The content generation of the object, if applied to an object.
    "object": "A String", # The name of the object, if applied to an object.
    "bucket": "A String", # The name of the bucket.
    "kind": "storage#objectAccessControl", # The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
    "entity": "A String", # The entity holding the permission, in one of the following forms:
        # - user-userId
        # - user-email
        # - group-groupId
        # - group-email
        # - domain-domain
        # - project-team-projectId
        # - allUsers
        # - allAuthenticatedUsers Examples:
        # - The user liz@example.com would be user-liz@example.com.
        # - The group example@googlegroups.com would be group-example@googlegroups.com.
        # - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
    "etag": "A String", # HTTP 1.1 Entity tag for the access-control entry.
    "role": "A String", # The access permission for the entity.
    "id": "A String", # The ID of the access-control entry.
    "entityId": "A String", # The ID for the entity, if any.
    "projectTeam": { # The project team associated with the entity, if any.
      "projectNumber": "A String", # The project number.
      "team": "A String", # The team.
    },
    "email": "A String", # The email address associated with the entity, if any.
    "selfLink": "A String", # The link to this access-control entry.
  }