From ea67268c036ba1da5780cd2e95cc1a5842641f05 Mon Sep 17 00:00:00 2001
From: noerog <noero@google.com>
Date: Mon, 17 Jun 2019 18:24:53 -0400
Subject: [PATCH 1/2] Add dataset get/set IAM policy

---
 healthcare/datasets/README.md                 |  3 +
 healthcare/datasets/getDatasetIamPolicy.js    | 56 +++++++++++++++
 healthcare/datasets/setDatasetIamPolicy.js    | 70 +++++++++++++++++++
 .../datasets/system-test/datasets.test.js     | 16 +++++
 4 files changed, 145 insertions(+)
 create mode 100644 healthcare/datasets/getDatasetIamPolicy.js
 create mode 100644 healthcare/datasets/setDatasetIamPolicy.js

diff --git a/healthcare/datasets/README.md b/healthcare/datasets/README.md
index 379e419d5c..f5c2fb81fd 100644
--- a/healthcare/datasets/README.md
+++ b/healthcare/datasets/README.md
@@ -21,6 +21,9 @@ Run the following command to install the library dependencies for Node.js:
         patchDataset.js <projectId> <cloudRegion> <datasetId> <timeZone>                        Updates dataset details.
         deidentifyDataset.js <projectId> <cloudRegion> <sourceDatasetId>                        Creates a new dataset containing de-identified data from
         <destinationDatasetId> <keeplistTags>                                                   the source dataset.
+        getDatasetIamPolicy.js <projectId> <cloudRegion> <datasetId>                            Gets the IAM policy for the dataset.
+        setDatasetIamPolicy.js <projectId> <cloudRegion> <datasetId> <member>                   Sets the IAM policy for the dataset.
+        <role>
 
         Options:
         --version             Show version number                                                                    [boolean]
diff --git a/healthcare/datasets/getDatasetIamPolicy.js b/healthcare/datasets/getDatasetIamPolicy.js
new file mode 100644
index 0000000000..617aaef526
--- /dev/null
+++ b/healthcare/datasets/getDatasetIamPolicy.js
@@ -0,0 +1,56 @@
+/**
+ * Copyright 2019, Google, LLC
+ * Licensed under the Apache License, Version 2.0 (the `License`);
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an `AS IS` BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* eslint-disable no-warning-comments */
+
+'use strict';
+
+function main(
+  projectId = process.env.GCLOUD_PROJECT,
+  cloudRegion = 'us-central1',
+  datasetId
+) {
+  // [START healthcare_get_dataset_iam_policy]
+  const {google} = require('googleapis');
+  const healthcare = google.healthcare('v1beta1');
+
+  async function getDatasetIamPolicy() {
+    const auth = await google.auth.getClient({
+      scopes: ['https://www.googleapis.com/auth/cloud-platform'],
+    });
+    google.options({auth});
+
+    // TODO(developer): uncomment these lines before running the sample
+    // const cloudRegion = 'us-central1';
+    // const projectId = 'adjective-noun-123';
+    // const datasetId = 'my-dataset';
+    const resource_ = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}`;
+    const request = {resource_};
+
+    const dataset = await healthcare.projects.locations.datasets.getIamPolicy(
+      request
+    );
+    console.log(
+      'Got dataset IAM policy:',
+      JSON.stringify(dataset.data, null, 2)
+    );
+  }
+
+  getDatasetIamPolicy();
+  // [END healthcare_get_dataset_iam_policy]
+}
+
+// node getDatasetIamPolicy.js <projectId> <cloudRegion> <datasetId>
+main(...process.argv.slice(2));
diff --git a/healthcare/datasets/setDatasetIamPolicy.js b/healthcare/datasets/setDatasetIamPolicy.js
new file mode 100644
index 0000000000..412c50c92d
--- /dev/null
+++ b/healthcare/datasets/setDatasetIamPolicy.js
@@ -0,0 +1,70 @@
+/**
+ * Copyright 2019, Google, LLC
+ * Licensed under the Apache License, Version 2.0 (the `License`);
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an `AS IS` BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* eslint-disable no-warning-comments */
+
+'use strict';
+
+function main(
+  projectId = process.env.GCLOUD_PROJECT,
+  cloudRegion = 'us-central1',
+  datasetId,
+  member,
+  role
+) {
+  // [START healthcare_set_dataset_iam_policy]
+  const {google} = require('googleapis');
+  const healthcare = google.healthcare('v1beta1');
+
+  async function setDatasetIamPolicy() {
+    const auth = await google.auth.getClient({
+      scopes: ['https://www.googleapis.com/auth/cloud-platform'],
+    });
+    google.options({auth});
+
+    // TODO(developer): uncomment these lines before running the sample
+    // const cloudRegion = 'us-central1';
+    // const projectId = 'adjective-noun-123';
+    // const datasetId = 'my-dataset';
+    const resource_ = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}`;
+    const request = {
+      resource_,
+      resource: {
+        policy: {
+          bindings: [
+            {
+              members: member,
+              role: role,
+            },
+          ],
+        },
+      },
+    };
+
+    const dataset = await healthcare.projects.locations.datasets.setIamPolicy(
+      request
+    );
+    console.log(
+      'Set dataset IAM policy:',
+      JSON.stringify(dataset.data, null, 2)
+    );
+  }
+
+  setDatasetIamPolicy();
+  // [END healthcare_set_dataset_iam_policy]
+}
+
+// node setDatasetIamPolicy.js <projectId> <cloudRegion> <datasetId> <member> <role>
+main(...process.argv.slice(2));
diff --git a/healthcare/datasets/system-test/datasets.test.js b/healthcare/datasets/system-test/datasets.test.js
index fa03eb2023..31e3342142 100644
--- a/healthcare/datasets/system-test/datasets.test.js
+++ b/healthcare/datasets/system-test/datasets.test.js
@@ -85,6 +85,22 @@ it('should de-identify data in a dataset and write to a new dataset', async () =
   );
 });
 
+it('should create and get a dataset IAM policy', async () => {
+  const localMember = 'group:dpebot@google.com';
+  const localRole = 'roles/viewer';
+
+  let output = await tools.runAsync(
+    `node setDatasetIamPolicy.js ${projectId} ${cloudRegion} ${datasetId} ${localMember} ${localRole}`,
+    cwd
+  );
+  assert.ok(output.includes, 'ETAG');
+
+  output = await tools.runAsync(
+    `node getDatasetIamPolicy.js ${projectId} ${cloudRegion} ${datasetId}`
+  );
+  assert.ok(output.includes('dpebot'));
+});
+
 it('should delete a dataset', async () => {
   const output = await tools.runAsync(
     `node deleteDataset.js ${projectId} ${cloudRegion} ${datasetId}`,

From 2ff7a9e5e176bd09e8f730f6ec3a2e95bfe51cd1 Mon Sep 17 00:00:00 2001
From: noerog <32459203+noerog@users.noreply.github.com>
Date: Tue, 18 Jun 2019 12:07:06 -0400
Subject: [PATCH 2/2] Add vals for member and role.

---
 healthcare/datasets/setDatasetIamPolicy.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/healthcare/datasets/setDatasetIamPolicy.js b/healthcare/datasets/setDatasetIamPolicy.js
index 412c50c92d..0d8bccb41d 100644
--- a/healthcare/datasets/setDatasetIamPolicy.js
+++ b/healthcare/datasets/setDatasetIamPolicy.js
@@ -38,6 +38,8 @@ function main(
     // const cloudRegion = 'us-central1';
     // const projectId = 'adjective-noun-123';
     // const datasetId = 'my-dataset';
+    // const member = 'user:example@gmail.com';
+    // const role = 'roles/healthcare.datasetViewer';
     const resource_ = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}`;
     const request = {
       resource_,