Java源码示例:com.google.api.services.cloudresourcemanager.CloudResourceManager
示例1
/**
* Return the Projects api object used for accessing the Cloud Resource Manager Projects API.
* @return Projects api object used for accessing the Cloud Resource Manager Projects API
* @throws GeneralSecurityException Thrown if there's a permissions error.
* @throws IOException Thrown if there's an IO error initializing the API object.
*/
public static synchronized Projects getProjectsApiStub()
throws GeneralSecurityException, IOException {
if (projectApiStub != null) {
return projectApiStub;
}
HttpTransport transport;
GoogleCredential credential;
JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
transport = GoogleNetHttpTransport.newTrustedTransport();
credential = GoogleCredential.getApplicationDefault(transport, jsonFactory);
if (credential.createScopedRequired()) {
Collection<String> scopes = CloudResourceManagerScopes.all();
credential = credential.createScoped(scopes);
}
projectApiStub = new CloudResourceManager
.Builder(transport, jsonFactory, credential)
.build()
.projects();
return projectApiStub;
}
示例2
@Before
public void setUp() throws IOException {
CloudResourceManager.Projects projectsObject = mock(CloudResourceManager.Projects.class);
CloudResourceManager.Projects.List listProjects = mock(
CloudResourceManager.Projects.List.class);
GCPProject.setProjectsApiStub(projectsObject);
listProjectsResponse = new ListProjectsResponse();
source = new LiveProjectSource(ORG);
when(projectsObject.list()).thenReturn(listProjects);
when(listProjects.setPageToken(null)).thenReturn(listProjects);
when(listProjects.setPageToken(anyString())).thenReturn(listProjects);
when(listProjects.setFilter(anyString())).thenReturn(listProjects);
when(listProjects.execute()).thenReturn(this.listProjectsResponse);
}
示例3
Authenticator(GoogleIdTokenVerifier googleIdTokenVerifier,
CloudResourceManager cloudResourceManager,
Iam iam,
AuthenticatorConfiguration configuration,
WaitStrategy retryWaitStrategy,
StopStrategy retryStopStrategy) {
this.googleIdTokenVerifier =
Objects.requireNonNull(googleIdTokenVerifier, "googleIdTokenVerifier");
this.cloudResourceManager =
Objects.requireNonNull(cloudResourceManager, "cloudResourceManager");
this.iam = Objects.requireNonNull(iam, "iam");
this.domainWhitelist = configuration.domainWhitelist();
this.resourceWhitelist = configuration.resourceWhitelist();
this.allowedAudiences = configuration.allowedAudiences();
this.retryWaitStrategy = Objects.requireNonNull(retryWaitStrategy, "retryWaitStrategy");
this.retryStopStrategy = Objects.requireNonNull(retryStopStrategy, "retryStopStrategy");
}
示例4
void cacheResources() throws IOException {
final CloudResourceManager.Projects.List request = cloudResourceManager.projects().list();
ListProjectsResponse response;
do {
response = executeWithRetries(request, retryWaitStrategy, retryStopStrategy);
if (response.getProjects() == null) {
continue;
}
for (Project project : response.getProjects()) {
final boolean access = resolveProject(project);
logger.info("Resolved project: {}, access={}", project.getProjectId(), access);
}
request.setPageToken(response.getNextPageToken());
} while (response.getNextPageToken() != null);
logger.info("Resource cache loaded");
}
示例5
/**
* Returns the project number or throws an error if the project does not exist or has other
* access errors.
*/
private static long getProjectNumber(
String projectId, CloudResourceManager crmClient, BackOff backoff, Sleeper sleeper)
throws IOException {
CloudResourceManager.Projects.Get getProject = crmClient.projects().get(projectId);
try {
Project project =
ResilientOperation.retry(
ResilientOperation.getGoogleRequestCallable(getProject),
backoff,
RetryDeterminer.SOCKET_ERRORS,
IOException.class,
sleeper);
return project.getProjectNumber();
} catch (Exception e) {
throw new IOException("Unable to get project number", e);
}
}
示例6
/**
* Returns a CloudResourceManager client builder using the specified {@link
* CloudResourceManagerOptions}.
*/
@VisibleForTesting
static CloudResourceManager.Builder newCloudResourceManagerClient(
CloudResourceManagerOptions options) {
Credentials credentials = options.getGcpCredential();
if (credentials == null) {
NullCredentialInitializer.throwNullCredentialException();
}
return new CloudResourceManager.Builder(
Transport.getTransport(),
Transport.getJsonFactory(),
chainHttpRequestInitializer(
credentials,
// Do not log 404. It clutters the output and is possibly even required by the
// caller.
new RetryHttpRequestInitializer(ImmutableList.of(404))))
.setApplicationName(options.getAppName())
.setGoogleClientRequestInitializer(options.getGoogleApiTrace());
}
示例7
public static CloudResourceManager createCloudResourceManagerService()
throws IOException, GeneralSecurityException {
// Use the Application Default Credentials strategy for authentication. For more info, see:
// https://cloud.google.com/docs/authentication/production#finding_credentials_automatically
GoogleCredentials credential =
GoogleCredentials.getApplicationDefault()
.createScoped(Collections.singleton(IamScopes.CLOUD_PLATFORM));
CloudResourceManager service =
new CloudResourceManager.Builder(
GoogleNetHttpTransport.newTrustedTransport(),
JacksonFactory.getDefaultInstance(),
new HttpCredentialsAdapter(credential))
.setApplicationName("service-accounts")
.build();
return service;
}
示例8
public static CloudResourceManager createCloudResourceManagerService()
throws IOException, GeneralSecurityException {
// Use the Application Default Credentials strategy for authentication. For more info, see:
// https://cloud.google.com/docs/authentication/production#finding_credentials_automatically
GoogleCredentials credential =
GoogleCredentials.getApplicationDefault()
.createScoped(Collections.singleton(IamScopes.CLOUD_PLATFORM));
CloudResourceManager service =
new CloudResourceManager.Builder(
GoogleNetHttpTransport.newTrustedTransport(),
JacksonFactory.getDefaultInstance(),
new HttpCredentialsAdapter(credential))
.setApplicationName("service-accounts")
.build();
return service;
}
示例9
public static CloudResourceManager createCloudResourceManagerService()
throws IOException, GeneralSecurityException {
// Use the Application Default Credentials strategy for authentication. For more info, see:
// https://cloud.google.com/docs/authentication/production#finding_credentials_automatically
GoogleCredentials credential =
GoogleCredentials.getApplicationDefault()
.createScoped(Collections.singleton(IamScopes.CLOUD_PLATFORM));
CloudResourceManager service =
new CloudResourceManager.Builder(
GoogleNetHttpTransport.newTrustedTransport(),
JacksonFactory.getDefaultInstance(),
new HttpCredentialsAdapter(credential))
.setApplicationName("service-accounts")
.build();
return service;
}
示例10
public static CloudResourceManager initializeService()
throws IOException, GeneralSecurityException {
// Use the Application Default Credentials strategy for authentication. For more info, see:
// https://cloud.google.com/docs/authentication/production#finding_credentials_automatically
GoogleCredentials credential =
GoogleCredentials.getApplicationDefault()
.createScoped(Collections.singleton(IamScopes.CLOUD_PLATFORM));
// Creates the Cloud Resource Manager service object.
CloudResourceManager service =
new CloudResourceManager.Builder(
GoogleNetHttpTransport.newTrustedTransport(),
JacksonFactory.getDefaultInstance(),
new HttpCredentialsAdapter(credential))
.setApplicationName("service-accounts")
.build();
return service;
}
示例11
public static void addBinding(
CloudResourceManager crmService, String projectId, String member, String role) {
// Gets the project's policy.
Policy policy = getPolicy(crmService, projectId);
// If binding already exists, adds member to binding.
List<Binding> bindings = policy.getBindings();
for (Binding b : bindings) {
if (b.getRole().equals(role)) {
b.getMembers().add(member);
break;
}
}
// If binding does not exist, adds binding to policy.
Binding binding = new Binding();
binding.setRole(role);
binding.setMembers(Collections.singletonList(member));
policy.getBindings().add(binding);
// Set the updated policy
setPolicy(crmService, projectId, policy);
}
示例12
public static void removeMember(
CloudResourceManager crmService, String projectId, String member, String role) {
// Gets the project's policy.
Policy policy = getPolicy(crmService, projectId);
// Removes the member from the role.
List<Binding> bindings = policy.getBindings();
Binding binding = null;
for (Binding b : bindings) {
if (b.getRole().equals(role)) {
binding = b;
break;
}
}
if (binding.getMembers().contains(member)) {
binding.getMembers().remove(member);
if (binding.getMembers().isEmpty()) {
policy.getBindings().remove(binding);
}
}
// Sets the updated policy.
setPolicy(crmService, projectId, policy);
}
示例13
@Before
public void setUp() throws GeneralSecurityException, IOException {
GCPProject.setProjectsApiStub(projectsObject);
CloudResourceManager.Projects.List emptyList = mock(CloudResourceManager.Projects.List.class);
ListProjectsResponse emptyListProjectResponse = new ListProjectsResponse();
when(projectsObject.list()).thenReturn(listProjects);
when(listProjects.setPageToken(anyString())).thenReturn(emptyList);
when(listProjects.setPageToken(null)).thenReturn(listProjects);
when(listProjects.setFilter(anyString())).thenReturn(listProjects);
when(emptyList.setPageToken(null)).thenReturn(emptyList);
when(emptyList.setPageToken(anyString())).thenReturn(emptyList);
when(emptyList.setFilter(anyString())).thenReturn(emptyList);
when(emptyList.execute()).thenReturn(emptyListProjectResponse
.setNextPageToken("maybe halt?")
.setProjects(new ArrayList<Project>(0)));
when(objectList.setPageToken(anyString())).thenReturn(objectList);
when(objectList.setPageToken(null)).thenReturn(objectList);
when(objectList.setPrefix(anyString())).thenReturn(objectList);
when(objects.list(anyString())).thenReturn(objectList);
when(objects.get(anyString(), anyString())).thenReturn(objectGet);
when(gcs.objects()).thenReturn(objects);
when(buckets.get(anyString())).thenReturn(bucketGet);
when(gcs.buckets()).thenReturn(buckets);
when(this.projectsObject.getIamPolicy(anyString(), any(GetIamPolicyRequest.class)))
.thenReturn(this.getIamPolicy);
GCSFilesSource.setStorageApiStub(gcs);
this.checkedSource = new GCSFilesSource(BUCKET, ORG_ID);
}
示例14
@Before
public void setUp() throws GeneralSecurityException, IOException {
GCPProject.setProjectsApiStub(projectsObject);
CloudResourceManager.Projects.List emptyList = mock(CloudResourceManager.Projects.List.class);
ListProjectsResponse emptyListProjectResponse = new ListProjectsResponse();
when(projectsObject.list()).thenReturn(listProjects);
when(listProjects.setPageToken(anyString())).thenReturn(emptyList);
when(listProjects.setPageToken(null)).thenReturn(listProjects);
when(listProjects.setFilter(anyString())).thenReturn(listProjects);
when(emptyList.setPageToken(null)).thenReturn(emptyList);
when(emptyList.setPageToken(anyString())).thenReturn(emptyList);
when(emptyList.setFilter(anyString())).thenReturn(emptyList);
when(emptyList.execute()).thenReturn(emptyListProjectResponse
.setNextPageToken("maybe halt?")
.setProjects(new ArrayList<Project>(0)));
when(objectList.setPageToken(anyString())).thenReturn(objectList);
when(objectList.setPageToken(null)).thenReturn(objectList);
when(objectList.setPrefix(anyString())).thenReturn(objectList);
when(objects.list(anyString())).thenReturn(objectList);
when(objects.get(anyString(), anyString())).thenReturn(objectGet);
when(gcs.objects()).thenReturn(objects);
when(buckets.get(anyString())).thenReturn(bucketGet);
when(gcs.buckets()).thenReturn(buckets);
when(this.projectsObject.getIamPolicy(anyString(), any(GetIamPolicyRequest.class)))
.thenReturn(this.getIamPolicy);
GCSFilesSource.setStorageApiStub(gcs);
this.checkedSource = new GCSFilesSource(BUCKET, ORG_ID);
}
示例15
@Before
public void setUp() throws GeneralSecurityException, IOException {
GCPProject.setProjectsApiStub(projectsObject);
CloudResourceManager.Projects.List emptyList = mock(CloudResourceManager.Projects.List.class);
ListProjectsResponse emptyListProjectResponse = new ListProjectsResponse();
when(projectsObject.list()).thenReturn(listProjects);
when(listProjects.setPageToken(anyString())).thenReturn(emptyList);
when(listProjects.setPageToken(null)).thenReturn(listProjects);
when(listProjects.setFilter(anyString())).thenReturn(listProjects);
when(emptyList.setPageToken(null)).thenReturn(emptyList);
when(emptyList.setPageToken(anyString())).thenReturn(emptyList);
when(emptyList.setFilter(anyString())).thenReturn(emptyList);
when(emptyList.execute()).thenReturn(emptyListProjectResponse
.setNextPageToken("maybe halt?")
.setProjects(new ArrayList<Project>(0)));
when(objectList.setPageToken(anyString())).thenReturn(objectList);
when(objectList.setPageToken(null)).thenReturn(objectList);
when(objectList.setPrefix(anyString())).thenReturn(objectList);
when(objects.list(anyString())).thenReturn(objectList);
when(objects.get(anyString(), anyString())).thenReturn(objectGet);
when(gcs.objects()).thenReturn(objects);
when(buckets.get(anyString())).thenReturn(bucketGet);
when(gcs.buckets()).thenReturn(buckets);
when(this.projectsObject.getIamPolicy(anyString(), any(GetIamPolicyRequest.class)))
.thenReturn(this.getIamPolicy);
GCSFilesSource.setStorageApiStub(gcs);
this.checkedSource = new GCSFilesSource(BUCKET, ORG_ID);
}
示例16
@VisibleForTesting
CloudResourceManager buildCloudResourceManager(HttpTransport httpTransport,
JsonFactory jsonFactory,
GoogleCredential credential,
String service) {
return new CloudResourceManager.Builder(httpTransport, jsonFactory, credential)
.setApplicationName(service)
.build();
}
示例17
Impl(Iam iam, CloudResourceManager crm, Directory directory, String serviceAccountUserRole,
AuthorizationPolicy authorizationPolicy, WaitStrategy waitStrategy, StopStrategy retryStopStrategy,
String message, List<String> administrators, List<String> blacklist) {
this.iam = Objects.requireNonNull(iam, "iam");
this.crm = Objects.requireNonNull(crm, "crm");
this.directory = Objects.requireNonNull(directory, "directory");
this.serviceAccountUserRole = Objects.requireNonNull(serviceAccountUserRole, "serviceAccountUserRole");
this.authorizationPolicy = Objects.requireNonNull(authorizationPolicy, "authorizationPolicy");
this.waitStrategy = Objects.requireNonNull(waitStrategy, "waitStrategy");
this.retryStopStrategy = Objects.requireNonNull(retryStopStrategy, "retryStopStrategy");
this.message = Objects.requireNonNull(message, "message");
this.administrators = Objects.requireNonNull(administrators, "administrators");
this.blacklist = Objects.requireNonNull(blacklist, "blacklist");
}
示例18
Authenticator(GoogleIdTokenVerifier googleIdTokenVerifier,
CloudResourceManager cloudResourceManager,
Iam iam,
AuthenticatorConfiguration configuration) {
this(googleIdTokenVerifier, cloudResourceManager, iam, configuration,
DEFAULT_RETRY_WAIT_STRATEGY,
DEFAULT_RETRY_STOP_STRATEGY);
}
示例19
@Override
CloudResourceManager buildCloudResourceManager(HttpTransport httpTransport,
JsonFactory jsonFactory,
GoogleCredential credential,
String service) {
return cloudResourceManager;
}
示例20
@Test
public void shouldBuildCloudResourceManager() {
final CloudResourceManager cloudResourceManager = new DefaultAuthenticatorFactory()
.buildCloudResourceManager(httpTransport, jsonFactory, googleCredential, "test");
assertThat(cloudResourceManager.getRequestFactory().getTransport(), is(httpTransport));
assertThat(cloudResourceManager.getJsonFactory(), is(jsonFactory));
assertThat(cloudResourceManager.getRequestFactory().getInitializer(), is(googleCredential));
assertThat(cloudResourceManager.getApplicationName(), is("test"));
}
示例21
@Override
public Projects newProjectsApi(Credential credential) {
Preconditions.checkNotNull(transportCache, "transportCache is null");
HttpTransport transport = transportCache.getUnchecked(GoogleApi.CLOUDRESOURCE_MANAGER_API);
Preconditions.checkNotNull(transport, "transport is null");
Preconditions.checkNotNull(jsonFactory, "jsonFactory is null");
CloudResourceManager resourceManager =
new CloudResourceManager.Builder(transport, jsonFactory, credential)
.setApplicationName(CloudToolsInfo.USER_AGENT).build();
return resourceManager.projects();
}
示例22
/**
* Returns the project number or throws an exception if the project does not exist or has other
* access exceptions.
*/
private static long getProjectNumber(String projectId, CloudResourceManager crmClient)
throws IOException {
return getProjectNumber(
projectId,
crmClient,
BackOffAdapter.toGcpBackOff(BACKOFF_FACTORY.backoff()),
Sleeper.DEFAULT);
}
示例23
public static void main(String[] args) {
// TODO: Replace with your project ID.
String projectId = "your-project";
// TODO: Replace with the ID of your member in the form "member:[email protected]"
String member = "your-member";
// The role to be granted.
String role = "roles/logging.logWriter";
// Initializes the Cloud Resource Manager service.
CloudResourceManager crmService = null;
try {
crmService = initializeService();
} catch (IOException | GeneralSecurityException e) {
System.out.println("Unable to initialize service: \n" + e.toString());
}
// Grants your member the "Log writer" role for your project.
addBinding(crmService, projectId, member, role);
// Get the project's policy and print all members with the "Log Writer" role
Policy policy = getPolicy(crmService, projectId);
Binding binding = null;
List<Binding> bindings = policy.getBindings();
for (Binding b : bindings) {
if (b.getRole().equals(role)) {
binding = b;
break;
}
}
System.out.println("Role: " + binding.getRole());
System.out.print("Members: ");
for (String m : binding.getMembers()) {
System.out.print("[" + m + "] ");
}
System.out.println();
// Removes member from the "Log writer" role.
removeMember(crmService, projectId, member, role);
}
示例24
public static Policy getPolicy(CloudResourceManager crmService, String projectId) {
// Gets the project's policy by calling the
// Cloud Resource Manager Projects API.
Policy policy = null;
try {
GetIamPolicyRequest request = new GetIamPolicyRequest();
policy = crmService.projects().getIamPolicy(projectId, request).execute();
} catch (IOException e) {
System.out.println("Unable to get policy: \n" + e.toString());
}
return policy;
}
示例25
private static void setPolicy(CloudResourceManager crmService, String projectId, Policy policy) {
// Sets the project's policy by calling the
// Cloud Resource Manager Projects API.
try {
SetIamPolicyRequest request = new SetIamPolicyRequest();
request.setPolicy(policy);
crmService.projects().setIamPolicy(projectId, request).execute();
} catch (IOException e) {
System.out.println("Unable to set policy: \n" + e.toString());
}
}
示例26
/**
* Returns whether a given user is a member of the organization.
*
* @param userId the user's ID (typically his organization email address).
* @return whether a given user is a member of the organization.
*/
public final Boolean isOrganizationMember(final String userId) {
// Try to grab membership information from the cache.
Boolean isMember = this.authCache.getIfPresent(userId);
// If we have previously validated this user as a member of the organization, return.
if (isMember != null && isMember) {
LOGGER.debug("{} is an organization member (cache hit).", userId);
return true;
}
LOGGER.debug("No entry in cache for {}. Hitting the Resource Manager API.", userId);
// At this point, either we've never validated this user as a member of the organization, or we've tried to but they weren't.
// Hence we perform the validation process afresh by getting the list of organizations for which the user is a member.
final Credential credential = this.loadCredential(userId);
if (credential == null) {
return false;
}
final CloudResourceManager crm = new CloudResourceManager.Builder(HTTP_TRANSPORT, JSON_FACTORY, credential)
.setApplicationName(this.authFlow.getClientId())
.build();
final List<Organization> organizations;
try {
organizations = crm.organizations().list().execute().getOrganizations();
} catch (final IOException ex) {
throw new UncheckedIOException(ex);
}
// Check whether the current organization is in the list of the user's organizations.
isMember = organizations != null
&& organizations.stream().anyMatch(org -> this.organizationId.equals(org.getOrganizationId()));
// If we've successfully validated this user as a member of the organization, put this information in the cache.
if (isMember) {
LOGGER.debug("{} has been verified as an organization member. Caching.", userId);
this.authCache.put(userId, true);
} else {
LOGGER.debug("{} couldn't be verified as an organization member.");
}
return isMember;
}
示例27
static ServiceAccountUsageAuthorizer create(String serviceAccountUserRole,
AuthorizationPolicy authorizationPolicy,
GoogleCredentials credentials,
String gsuiteUserEmail,
String serviceName,
String message,
List<String> administrators,
List<String> blacklist) {
final HttpTransport httpTransport;
try {
httpTransport = GoogleNetHttpTransport.newTrustedTransport();
} catch (GeneralSecurityException | IOException e) {
throw new RuntimeException(e);
}
final JsonFactory jsonFactory = Utils.getDefaultJsonFactory();
final CloudResourceManager crm = new CloudResourceManager.Builder(
httpTransport, jsonFactory, new HttpCredentialsAdapter(credentials.createScoped(IamScopes.all())))
.setApplicationName(serviceName)
.build();
final Iam iam = new Iam.Builder(
httpTransport, jsonFactory, new HttpCredentialsAdapter(credentials.createScoped(IamScopes.all())))
.setApplicationName(serviceName)
.build();
final GoogleCredential directoryCredential = new ManagedServiceAccountKeyCredential.Builder(iam)
.setServiceAccountId(ServiceAccounts.serviceAccountEmail(credentials))
.setServiceAccountUser(gsuiteUserEmail)
.setServiceAccountScopes(Set.of(ADMIN_DIRECTORY_GROUP_MEMBER_READONLY))
.build();
final Directory directory = new Directory.Builder(httpTransport, jsonFactory, directoryCredential)
.setApplicationName(serviceName)
.build();
return new Impl(iam, crm, directory, serviceAccountUserRole, authorizationPolicy,
Impl.DEFAULT_WAIT_STRATEGY, Impl.DEFAULT_RETRY_STOP_STRATEGY, message, administrators, blacklist);
}
示例28
private void mockAncestryResponse(Project project, ResourceId... ancestors) throws IOException {
final CloudResourceManager.Projects.GetAncestry ancestry = mock(CloudResourceManager.Projects.GetAncestry.class);
doReturn(ancestryResponse(ancestors)).when(ancestry).execute();
when(cloudResourceManager.projects().getAncestry(eq(project.getProjectId()), any()))
.thenReturn(ancestry);
}
