Work around hypothetical case parsing 'dataset.access_grants':

tseaver · tseaver · commit 09c1d14a44f1 · 2015-08-11T13:00:38.000-04:00
The back-end might return a grant with more than one entity_type for a given role. See: #1046 (comment)
diff --git a/gcloud/bigquery/dataset.py b/gcloud/bigquery/dataset.py
@@ -290,9 +290,12 @@ def _parse_access_grants(self, access):
         for grant in access:
             grant = grant.copy()
             role = grant.pop('role')
-            entity_type, entity_id = list(grant.items())[0]
-            result.append(
-                AccessGrant(role, entity_type, entity_id))
+            # Hypothetical case:  we don't know that the back-end will ever
+            # return such structures, but they are logical.  See:
+            #https://github.com/GoogleCloudPlatform/gcloud-python/pull/1046#discussion_r36687769
+            for entity_type, entity_id in grant.items():
+                result.append(
+                    AccessGrant(role, entity_type, entity_id))
         return result
 
     def _set_properties(self, api_response):
diff --git a/gcloud/bigquery/test_dataset.py b/gcloud/bigquery/test_dataset.py
@@ -74,16 +74,19 @@ def _makeResource(self):
         }
 
     def _verifyAccessGrants(self, access_grants, resource):
-        r_grants = resource['access']
-        self.assertEqual(len(access_grants), len(r_grants))
+        r_grants = []
+        for r_grant in resource['access']:
+            role = r_grant.pop('role')
+            for entity_type, entity_id in r_grant.items():
+                r_grants.append({'role': role,
+                                 'entity_type': entity_type,
+                                 'entity_id': entity_id})
 
+        self.assertEqual(len(access_grants), len(r_grants))
         for a_grant, r_grant in zip(access_grants, r_grants):
-            role = r_grant.pop('role')
-            self.assertEqual(a_grant.role, role)
-            self.assertEqual(len(r_grant), 1)
-            entity_type, entity_id = list(r_grant.items())[0]
-            self.assertEqual(a_grant.entity_type, entity_type)
-            self.assertEqual(a_grant.entity_id, entity_id)
+            self.assertEqual(a_grant.role, r_grant['role'])
+            self.assertEqual(a_grant.entity_type, r_grant['entity_type'])
+            self.assertEqual(a_grant.entity_id, r_grant['entity_id'])
 
     def _verifyReadonlyResourceProperties(self, dataset, resource):
 
@@ -260,6 +263,26 @@ def test__parse_access_grants_w_unknown_entity_type(self):
         grants = dataset._parse_access_grants(RESOURCE['access'])
         self._verifyAccessGrants(grants, RESOURCE)
 
+    def test__parse_access_grants_w_multiple_entity_types(self):
+        # Hypothetical case:  we don't know that the back-end will ever
+        # return such structures, but they are logical.  See:
+        #https://github.com/GoogleCloudPlatform/gcloud-python/pull/1046#discussion_r36687769
+        USER_EMAIL = 'phred@example.com'
+        OTHER_EMAIL = 'bharney@example.com'
+        GROUP_EMAIL = 'group-name@lists.example.com'
+        RESOURCE = {
+            'access': [
+                {'role': 'OWNER', 'userByEmail': USER_EMAIL},
+                {'role': 'WRITER', 'groupByEmail': GROUP_EMAIL},
+                {'role': 'READER',
+                 'specialGroup': 'projectReaders',
+                 'userByEmail': OTHER_EMAIL}]
+        }
+        client = _Client(self.PROJECT)
+        dataset = self._makeOne(self.DS_NAME, client=client)
+        grants = dataset._parse_access_grants(RESOURCE['access'])
+        self._verifyAccessGrants(grants, RESOURCE)
+
     def test_create_w_bound_client(self):
         PATH = 'projects/%s/datasets' % self.PROJECT
         RESOURCE = self._makeResource()
