diff --git a/gcloud-java-core/src/main/java/com/google/gcloud/IamPolicy.java b/gcloud-java-core/src/main/java/com/google/gcloud/IamPolicy.java index 748eaba2ab4c..9cce4b23c864 100644 --- a/gcloud-java-core/src/main/java/com/google/gcloud/IamPolicy.java +++ b/gcloud-java-core/src/main/java/com/google/gcloud/IamPolicy.java @@ -17,17 +17,16 @@ package com.google.gcloud; import static com.google.common.base.Preconditions.checkArgument; +import static com.google.common.base.Preconditions.checkNotNull; import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; import java.io.Serializable; import java.util.Arrays; -import java.util.Collection; import java.util.HashMap; import java.util.HashSet; -import java.util.LinkedList; -import java.util.List; +import java.util.LinkedHashSet; import java.util.Map; import java.util.Objects; import java.util.Set; @@ -69,12 +68,16 @@ protected Builder() {} /** * Replaces the builder's map of bindings with the given map of bindings. * - * @throws IllegalArgumentException if the provided map is null or contain any null values + * @throws NullPointerException if the given map is null or contains any null keys or values + * @throws IllegalArgumentException if any identities in the given map are null */ public final B bindings(Map> bindings) { - checkArgument(bindings != null, "The provided map of bindings cannot be null."); + checkNotNull(bindings, "The provided map of bindings cannot be null."); for (Map.Entry> binding : bindings.entrySet()) { - verifyBinding(binding.getKey(), binding.getValue()); + checkNotNull(binding.getKey(), "The role cannot be null."); + Set identities = binding.getValue(); + checkNotNull(identities, "A role cannot be assigned to a null set of identities."); + checkArgument(!identities.contains(null), "Null identities are not permitted."); } this.bindings.clear(); for (Map.Entry> binding : bindings.entrySet()) { @@ -84,78 +87,50 @@ public final B bindings(Map> bindings) { } /** - * Adds a binding to the policy. - * - * @throws IllegalArgumentException if the policy already contains a binding with the same role - * or if the role or any identities are null - */ - public final B addBinding(R role, Set identities) { - verifyBinding(role, identities); - checkArgument(!bindings.containsKey(role), - "The policy already contains a binding with the role " + role.toString() + "."); - bindings.put(role, new HashSet(identities)); - return self(); - } - - /** - * Adds a binding to the policy. - * - * @throws IllegalArgumentException if the policy already contains a binding with the same role - * or if the role or any identities are null - */ - public final B addBinding(R role, Identity first, Identity... others) { - HashSet identities = new HashSet<>(); - identities.add(first); - identities.addAll(Arrays.asList(others)); - return addBinding(role, identities); - } - - private void verifyBinding(R role, Collection identities) { - checkArgument(role != null, "The role cannot be null."); - verifyIdentities(identities); - } - - private void verifyIdentities(Collection identities) { - checkArgument(identities != null, "A role cannot be assigned to a null set of identities."); - checkArgument(!identities.contains(null), "Null identities are not permitted."); - } - - /** - * Removes the binding associated with the specified role. + * Removes the role (and all identities associated with that role) from the policy. */ - public final B removeBinding(R role) { + public final B removeRole(R role) { bindings.remove(role); return self(); } /** - * Adds one or more identities to an existing binding. + * Adds one or more identities to the policy under the role specified. * - * @throws IllegalArgumentException if the policy doesn't contain a binding with the specified - * role or any identities are null + * @throws NullPointerException if the role or any of the identities is null. */ public final B addIdentity(R role, Identity first, Identity... others) { - checkArgument(bindings.containsKey(role), - "The policy doesn't contain the role " + role.toString() + "."); - List toAdd = new LinkedList<>(); + String nullIdentityMessage = "Null identities are not permitted."; + checkNotNull(first, nullIdentityMessage); + checkNotNull(others, nullIdentityMessage); + for (Identity identity : others) { + checkNotNull(identity, nullIdentityMessage); + } + Set toAdd = new LinkedHashSet<>(); toAdd.add(first); toAdd.addAll(Arrays.asList(others)); - verifyIdentities(toAdd); - bindings.get(role).addAll(toAdd); + Set identities = bindings.get(checkNotNull(role, "The role cannot be null.")); + if (identities == null) { + identities = new HashSet(); + bindings.put(role, identities); + } + identities.addAll(toAdd); return self(); } /** - * Removes one or more identities from an existing binding. - * - * @throws IllegalArgumentException if the policy doesn't contain a binding with the specified - * role + * Removes one or more identities from an existing binding. Does nothing if the binding + * associated with the provided role doesn't exist. */ public final B removeIdentity(R role, Identity first, Identity... others) { - checkArgument(bindings.containsKey(role), - "The policy doesn't contain the role " + role.toString() + "."); - bindings.get(role).remove(first); - bindings.get(role).removeAll(Arrays.asList(others)); + Set identities = bindings.get(role); + if (identities != null) { + identities.remove(first); + identities.removeAll(Arrays.asList(others)); + } + if (identities != null && identities.isEmpty()) { + bindings.remove(role); + } return self(); } diff --git a/gcloud-java-core/src/test/java/com/google/gcloud/IamPolicyTest.java b/gcloud-java-core/src/test/java/com/google/gcloud/IamPolicyTest.java index db0935c4766d..235c2c2b1c85 100644 --- a/gcloud-java-core/src/test/java/com/google/gcloud/IamPolicyTest.java +++ b/gcloud-java-core/src/test/java/com/google/gcloud/IamPolicyTest.java @@ -28,6 +28,8 @@ import org.junit.Test; +import java.util.HashMap; +import java.util.HashSet; import java.util.Map; import java.util.Set; @@ -46,8 +48,8 @@ public class IamPolicyTest { "editor", ImmutableSet.of(ALL_AUTH_USERS, GROUP, DOMAIN)); private static final PolicyImpl SIMPLE_POLICY = PolicyImpl.builder() - .addBinding("viewer", ImmutableSet.of(USER, SERVICE_ACCOUNT, ALL_USERS)) - .addBinding("editor", ImmutableSet.of(ALL_AUTH_USERS, GROUP, DOMAIN)) + .addIdentity("viewer", USER, SERVICE_ACCOUNT, ALL_USERS) + .addIdentity("editor", ALL_AUTH_USERS, GROUP, DOMAIN) .build(); private static final PolicyImpl FULL_POLICY = new PolicyImpl.Builder(SIMPLE_POLICY.bindings(), "etag", 1).build(); @@ -93,7 +95,7 @@ public void testBuilder() { assertEquals(editorBinding, policy.bindings()); assertEquals("etag", policy.etag()); assertEquals(1, policy.version().intValue()); - policy = SIMPLE_POLICY.toBuilder().removeBinding("editor").build(); + policy = SIMPLE_POLICY.toBuilder().removeRole("editor").build(); assertEquals(ImmutableMap.of("viewer", BINDINGS.get("viewer")), policy.bindings()); assertNull(policy.etag()); assertNull(policy.version()); @@ -105,22 +107,61 @@ public void testBuilder() { policy.bindings()); assertNull(policy.etag()); assertNull(policy.version()); - policy = PolicyImpl.builder().addBinding("owner", USER, SERVICE_ACCOUNT).build(); + policy = PolicyImpl.builder() + .removeIdentity("viewer", USER) + .addIdentity("owner", USER, SERVICE_ACCOUNT) + .addIdentity("editor", GROUP) + .removeIdentity("editor", GROUP) + .build(); assertEquals( ImmutableMap.of("owner", ImmutableSet.of(USER, SERVICE_ACCOUNT)), policy.bindings()); assertNull(policy.etag()); assertNull(policy.version()); + } + + @Test + public void testIllegalPolicies() { + try { + PolicyImpl.builder().addIdentity(null, USER); + fail("Null role should cause exception."); + } catch (NullPointerException ex) { + assertEquals("The role cannot be null.", ex.getMessage()); + } + try { + PolicyImpl.builder().addIdentity("viewer", null, USER); + fail("Null identity should cause exception."); + } catch (NullPointerException ex) { + assertEquals("Null identities are not permitted.", ex.getMessage()); + } + try { + PolicyImpl.builder().addIdentity("viewer", USER, (Identity[]) null); + fail("Null identity should cause exception."); + } catch (NullPointerException ex) { + assertEquals("Null identities are not permitted.", ex.getMessage()); + } + try { + PolicyImpl.builder().bindings(null); + fail("Null bindings map should cause exception."); + } catch (NullPointerException ex) { + assertEquals("The provided map of bindings cannot be null.", ex.getMessage()); + } try { - SIMPLE_POLICY.toBuilder().addBinding("viewer", USER); - fail("Should have failed due to duplicate role."); - } catch (IllegalArgumentException e) { - assertEquals("The policy already contains a binding with the role viewer.", e.getMessage()); + Map> bindings = new HashMap<>(); + bindings.put("viewer", null); + PolicyImpl.builder().bindings(bindings); + fail("Null set of identities should cause exception."); + } catch (NullPointerException ex) { + assertEquals("A role cannot be assigned to a null set of identities.", ex.getMessage()); } try { - SIMPLE_POLICY.toBuilder().addBinding("editor", ImmutableSet.of(USER)); - fail("Should have failed due to duplicate role."); - } catch (IllegalArgumentException e) { - assertEquals("The policy already contains a binding with the role editor.", e.getMessage()); + Map> bindings = new HashMap<>(); + Set identities = new HashSet<>(); + identities.add(null); + bindings.put("viewer", identities); + PolicyImpl.builder().bindings(bindings); + fail("Null identity should cause exception."); + } catch (IllegalArgumentException ex) { + assertEquals("Null identities are not permitted.", ex.getMessage()); } } diff --git a/gcloud-java-examples/src/main/java/com/google/gcloud/examples/resourcemanager/snippets/ModifyPolicy.java b/gcloud-java-examples/src/main/java/com/google/gcloud/examples/resourcemanager/snippets/ModifyPolicy.java new file mode 100644 index 000000000000..478765a9ecf4 --- /dev/null +++ b/gcloud-java-examples/src/main/java/com/google/gcloud/examples/resourcemanager/snippets/ModifyPolicy.java @@ -0,0 +1,60 @@ +/* + * Copyright 2016 Google Inc. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * EDITING INSTRUCTIONS + * This file is referenced in READMEs and javadoc. Any change to this file should be reflected in + * the project's READMEs and package-info.java. + */ + +package com.google.gcloud.examples.resourcemanager.snippets; + +import com.google.gcloud.Identity; +import com.google.gcloud.resourcemanager.Policy; +import com.google.gcloud.resourcemanager.Policy.Role; +import com.google.gcloud.resourcemanager.Project; +import com.google.gcloud.resourcemanager.ResourceManager; +import com.google.gcloud.resourcemanager.ResourceManagerOptions; + +/** + * A snippet for Google Cloud Resource Manager showing how to modify a project's IAM policy. + */ +public class ModifyPolicy { + + public static void main(String... args) { + // Create Resource Manager service object + // By default, credentials are inferred from the runtime environment. + ResourceManager resourceManager = ResourceManagerOptions.defaultInstance().service(); + + // Get a project from the server + String projectId = "some-project-id"; // Use an existing project's ID + Project project = resourceManager.get(projectId); + + // Get the project's policy + Policy policy = project.getPolicy(); + + // Add a viewer + Policy.Builder modifiedPolicy = policy.toBuilder(); + Identity newViewer = Identity.user(""); + modifiedPolicy.addIdentity(Role.viewer(), newViewer); + + // Write policy + Policy updatedPolicy = project.replacePolicy(modifiedPolicy.build()); + + // Print policy + System.out.printf("Updated policy for %s: %n%s%n", projectId, updatedPolicy); + } +} diff --git a/gcloud-java-resourcemanager/README.md b/gcloud-java-resourcemanager/README.md index 94037e27a709..a2539df7adab 100644 --- a/gcloud-java-resourcemanager/README.md +++ b/gcloud-java-resourcemanager/README.md @@ -163,9 +163,46 @@ while (projectIterator.hasNext()) { } ``` +#### Managing IAM Policies +You can edit [Google Cloud IAM](https://cloud.google.com/iam/) (Identity and Access Management) +policies on the project-level using this library as well. We recommend using the read-modify-write +pattern to make policy changes. This entails reading the project's current policy, updating it +locally, and then sending the modified policy for writing, as shown in the snippet below. First, +add these imports: + +```java +import com.google.gcloud.Identity; +import com.google.gcloud.resourcemanager.Policy; +import com.google.gcloud.resourcemanager.Policy.Role; +``` + +Assuming you have completed the steps above to create the `ResourceManager` service object and load +a project from the server, you just need to add the following code: + +```java +// Get the project's policy +Policy policy = project.getPolicy(); + +// Add a viewer +Policy.Builder modifiedPolicy = policy.toBuilder(); +Identity newViewer = Identity.user(""); +if (policy.bindings().containsKey(Role.viewer())) { + modifiedPolicy.addIdentity(Role.viewer(), newViewer); +} else { + modifiedPolicy.addBinding(Role.viewer(), newViewer); +} + +// Write policy +Policy updatedPolicy = project.replacePolicy(modifiedPolicy.build()); +``` + +Note that the policy you pass in to `replacePolicy` overwrites the original policy. For example, if +the original policy has two bindings and you call `replacePolicy` with a new policy containing only +one binding, the two original bindings are lost. + #### Complete source code -We put together all the code shown above into two programs. Both programs assume that you are +We put together all the code shown above into three programs. The programs assume that you are running from your own desktop and used the Google Cloud SDK to authenticate yourself. The first program creates a project if it does not exist. Complete source code can be found at @@ -175,6 +212,10 @@ The second program updates a project if it exists and lists all projects the use view. Complete source code can be found at [UpdateAndListProjects.java](../gcloud-java-examples/src/main/java/com/google/gcloud/examples/resourcemanager/snippets/UpdateAndListProjects.java). +The third program modifies the IAM policy associated with a project using the read-modify-write +pattern. Complete source code can be found at +[ModifyPolicy.java](../gcloud-java-examples/src/main/java/com/google/gcloud/examples/resourcemanager/snippets/ModifyPolicy.java) + Java Versions ------------- diff --git a/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Policy.java b/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Policy.java index 46330e19fa59..6399b52b3c04 100644 --- a/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Policy.java +++ b/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Policy.java @@ -178,6 +178,11 @@ public Builder toBuilder() { return new Builder(bindings(), etag(), version()); } + @Override + public String toString() { + return toPb().toString(); + } + com.google.api.services.cloudresourcemanager.model.Policy toPb() { com.google.api.services.cloudresourcemanager.model.Policy policyPb = new com.google.api.services.cloudresourcemanager.model.Policy(); diff --git a/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Project.java b/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Project.java index 46b142c5aa53..8c6a0eacd44f 100644 --- a/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Project.java +++ b/gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Project.java @@ -18,8 +18,11 @@ import static com.google.common.base.Preconditions.checkNotNull; +import com.google.gcloud.resourcemanager.ResourceManager.Permission; + import java.io.IOException; import java.io.ObjectInputStream; +import java.util.List; import java.util.Map; import java.util.Objects; @@ -198,6 +201,71 @@ public Project replace() { return resourceManager.replace(this); } + /** + * Returns the IAM access control policy for this project. Returns {@code null} if the resource + * does not exist or if you do not have adequate permission to view the project or get the policy. + * + * @return the IAM policy for the project + * @throws ResourceManagerException upon failure + * @see + * Resource Manager getIamPolicy + */ + public Policy getPolicy() { + return resourceManager.getPolicy(projectId()); + } + + /** + * Sets the IAM access control policy for this project. Replaces any existing policy. It is + * recommended that you use the read-modify-write pattern. See code samples and important details + * of replacing policies in the documentation for {@link ResourceManager#replacePolicy}. + * + * @return the newly set IAM policy for this project + * @throws ResourceManagerException upon failure + * @see + * Resource Manager setIamPolicy + */ + public Policy replacePolicy(Policy newPolicy) { + return resourceManager.replacePolicy(projectId(), newPolicy); + } + + /** + * Returns the permissions that a caller has on this project. You typically don't call this method + * if you're using Google Cloud Platform directly to manage permissions. This method is intended + * for integration with your proprietary software, such as a customized graphical user interface. + * For example, the Cloud Platform Console tests IAM permissions internally to determine which UI + * should be available to the logged-in user. + * + * @return a list of booleans representing whether the caller has the permissions specified (in + * the order of the given permissions) + * @throws ResourceManagerException upon failure + * @see + * Resource Manager testIamPermissions + */ + List testPermissions(List permissions) { + return resourceManager.testPermissions(projectId(), permissions); + } + + /** + * Returns the permissions that a caller has on this project. You typically don't call this method + * if you're using Google Cloud Platform directly to manage permissions. This method is intended + * for integration with your proprietary software, such as a customized graphical user interface. + * For example, the Cloud Platform Console tests IAM permissions internally to determine which UI + * should be available to the logged-in user. + * + * @return a list of booleans representing whether the caller has the permissions specified (in + * the order of the given permissions) + * @throws ResourceManagerException upon failure + * @see + * Resource Manager testIamPermissions + */ + List testPermissions(Permission first, Permission... others) { + return resourceManager.testPermissions(projectId(), first, others); + } + @Override public Builder toBuilder() { return new Builder(this); diff --git a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/PolicyTest.java b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/PolicyTest.java index e6d0105838b7..7315b9f92565 100644 --- a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/PolicyTest.java +++ b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/PolicyTest.java @@ -37,10 +37,10 @@ public class PolicyTest { private static final Identity GROUP = Identity.group("group@gmail.com"); private static final Identity DOMAIN = Identity.domain("google.com"); private static final Policy SIMPLE_POLICY = Policy.builder() - .addBinding(Role.owner(), ImmutableSet.of(USER)) - .addBinding(Role.viewer(), ImmutableSet.of(ALL_USERS)) - .addBinding(Role.editor(), ImmutableSet.of(ALL_AUTH_USERS, DOMAIN)) - .addBinding(Role.rawRole("some-role"), ImmutableSet.of(SERVICE_ACCOUNT, GROUP)) + .addIdentity(Role.owner(), USER) + .addIdentity(Role.viewer(), ALL_USERS) + .addIdentity(Role.editor(), ALL_AUTH_USERS, DOMAIN) + .addIdentity(Role.rawRole("some-role"), SERVICE_ACCOUNT, GROUP) .build(); private static final Policy FULL_POLICY = new Policy.Builder(SIMPLE_POLICY.bindings(), "etag", 1).build(); @@ -68,10 +68,10 @@ public void testRoleType() { @Test public void testEquals() { Policy copy = Policy.builder() - .addBinding(Role.owner(), ImmutableSet.of(USER)) - .addBinding(Role.viewer(), ImmutableSet.of(ALL_USERS)) - .addBinding(Role.editor(), ImmutableSet.of(ALL_AUTH_USERS, DOMAIN)) - .addBinding(Role.rawRole("some-role"), ImmutableSet.of(SERVICE_ACCOUNT, GROUP)) + .addIdentity(Role.owner(), USER) + .addIdentity(Role.viewer(), ALL_USERS) + .addIdentity(Role.editor(), ALL_AUTH_USERS, DOMAIN) + .addIdentity(Role.rawRole("some-role"), SERVICE_ACCOUNT, GROUP) .build(); assertEquals(SIMPLE_POLICY, copy); assertNotEquals(SIMPLE_POLICY, FULL_POLICY); diff --git a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ProjectTest.java b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ProjectTest.java index 882ec77197f3..53b37111b705 100644 --- a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ProjectTest.java +++ b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ProjectTest.java @@ -25,13 +25,19 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNull; +import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; +import com.google.gcloud.Identity; +import com.google.gcloud.resourcemanager.Policy.Role; import com.google.gcloud.resourcemanager.ProjectInfo.ResourceId; +import com.google.gcloud.resourcemanager.ResourceManager.Permission; import org.junit.After; import org.junit.Before; import org.junit.Test; +import java.util.List; import java.util.Map; public class ProjectTest { @@ -48,6 +54,13 @@ public class ProjectTest { .createTimeMillis(CREATE_TIME_MILLIS) .state(STATE) .build(); + private static final Identity USER = Identity.user("abc@gmail.com"); + private static final Identity SERVICE_ACCOUNT = + Identity.serviceAccount("service-account@gmail.com"); + private static final Policy POLICY = Policy.builder() + .addIdentity(Role.owner(), USER) + .addIdentity(Role.editor(), SERVICE_ACCOUNT) + .build(); private ResourceManager serviceMockReturnsOptions = createStrictMock(ResourceManager.class); private ResourceManagerOptions mockOptions = createMock(ResourceManagerOptions.class); @@ -205,6 +218,39 @@ public void testReplace() { compareProjectInfos(expectedReplacedProject, actualReplacedProject); } + @Test + public void testGetPolicy() { + expect(resourceManager.options()).andReturn(mockOptions).times(1); + expect(resourceManager.getPolicy(PROJECT_ID)).andReturn(POLICY); + replay(resourceManager); + initializeProject(); + assertEquals(POLICY, project.getPolicy()); + } + + @Test + public void testReplacePolicy() { + expect(resourceManager.options()).andReturn(mockOptions).times(1); + expect(resourceManager.replacePolicy(PROJECT_ID, POLICY)).andReturn(POLICY); + replay(resourceManager); + initializeProject(); + assertEquals(POLICY, project.replacePolicy(POLICY)); + } + + @Test + public void testTestPermissions() { + List response = ImmutableList.of(true, true); + expect(resourceManager.options()).andReturn(mockOptions).times(1); + expect(resourceManager.testPermissions(PROJECT_ID, Permission.GET, Permission.DELETE)) + .andReturn(response); + expect(resourceManager.testPermissions( + PROJECT_ID, ImmutableList.of(Permission.GET, Permission.DELETE))).andReturn(response); + replay(resourceManager); + initializeProject(); + assertEquals(response, project.testPermissions(Permission.GET, Permission.DELETE)); + assertEquals( + response, project.testPermissions(ImmutableList.of(Permission.GET, Permission.DELETE))); + } + private void compareProjects(Project expected, Project value) { assertEquals(expected, value); compareProjectInfos(expected, value); diff --git a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ResourceManagerImplTest.java b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ResourceManagerImplTest.java index a69880c5d064..9cb9bfcba02f 100644 --- a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ResourceManagerImplTest.java +++ b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/ResourceManagerImplTest.java @@ -72,8 +72,8 @@ public class ResourceManagerImplTest { .build(); private static final Map EMPTY_RPC_OPTIONS = ImmutableMap.of(); private static final Policy POLICY = Policy.builder() - .addBinding(Role.owner(), Identity.user("me@gmail.com")) - .addBinding(Role.editor(), Identity.serviceAccount("serviceaccount@gmail.com")) + .addIdentity(Role.owner(), Identity.user("me@gmail.com")) + .addIdentity(Role.editor(), Identity.serviceAccount("serviceaccount@gmail.com")) .build(); @Rule diff --git a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/SerializationTest.java b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/SerializationTest.java index c6e907da16a0..1c0b9c68c86d 100644 --- a/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/SerializationTest.java +++ b/gcloud-java-resourcemanager/src/test/java/com/google/gcloud/resourcemanager/SerializationTest.java @@ -17,7 +17,6 @@ package com.google.gcloud.resourcemanager; import com.google.common.collect.ImmutableMap; -import com.google.common.collect.ImmutableSet; import com.google.gcloud.BaseSerializationTest; import com.google.gcloud.Identity; import com.google.gcloud.PageImpl; @@ -46,9 +45,8 @@ public class SerializationTest extends BaseSerializationTest { ResourceManager.ProjectGetOption.fields(ResourceManager.ProjectField.NAME); private static final ResourceManager.ProjectListOption PROJECT_LIST_OPTION = ResourceManager.ProjectListOption.filter("name:*"); - private static final Policy POLICY = Policy.builder() - .addBinding(Policy.Role.viewer(), ImmutableSet.of(Identity.user("abc@gmail.com"))) - .build(); + private static final Policy POLICY = + Policy.builder().addIdentity(Policy.Role.viewer(), Identity.user("abc@gmail.com")).build(); private static final ResourceManagerException RESOURCE_MANAGER_EXCEPTION = new ResourceManagerException(42, "message");