Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: replace name with id in samples [(#3953)](GoogleCloudPlatform/py…
Browse files Browse the repository at this point in the history
anguillanneuf authored Jun 4, 2020

Verified

This commit was signed with the committer’s verified signature. The key has expired.
HighCrit HighCrit
1 parent 25bf5c3 commit 89debfc
Showing 7 changed files with 225 additions and 221 deletions.
112 changes: 67 additions & 45 deletions samples/snippets/iam.py
Original file line number Diff line number Diff line change
@@ -23,14 +23,18 @@

import argparse

from google.cloud import pubsub_v1


def get_topic_policy(project, topic_name):
def get_topic_policy(project, topic_id):
"""Prints the IAM policy for the given topic."""
# [START pubsub_get_topic_policy]
from google.cloud import pubsub_v1

# TODO(developer)
# project_id = "your-project-id"
# topic_id = "your-topic-id"

client = pubsub_v1.PublisherClient()
topic_path = client.topic_path(project, topic_name)
topic_path = client.topic_path(project, topic_id)

policy = client.get_iam_policy(topic_path)

@@ -40,11 +44,17 @@ def get_topic_policy(project, topic_name):
# [END pubsub_get_topic_policy]


def get_subscription_policy(project, subscription_name):
def get_subscription_policy(project, subscription_id):
"""Prints the IAM policy for the given subscription."""
# [START pubsub_get_subscription_policy]
from google.cloud import pubsub_v1

# TODO(developer)
# project_id = "your-project-id"
# subscription_id = "your-subscription-id"

client = pubsub_v1.SubscriberClient()
subscription_path = client.subscription_path(project, subscription_name)
subscription_path = client.subscription_path(project, subscription_id)

policy = client.get_iam_policy(subscription_path)

@@ -56,11 +66,17 @@ def get_subscription_policy(project, subscription_name):
# [END pubsub_get_subscription_policy]


def set_topic_policy(project, topic_name):
def set_topic_policy(project, topic_id):
"""Sets the IAM policy for a topic."""
# [START pubsub_set_topic_policy]
from google.cloud import pubsub_v1

# TODO(developer)
# project_id = "your-project-id"
# topic_id = "your-topic-id"

client = pubsub_v1.PublisherClient()
topic_path = client.topic_path(project, topic_name)
topic_path = client.topic_path(project, topic_id)

policy = client.get_iam_policy(topic_path)

@@ -75,64 +91,72 @@ def set_topic_policy(project, topic_name):
# Set the policy
policy = client.set_iam_policy(topic_path, policy)

print("IAM policy for topic {} set: {}".format(topic_name, policy))
print("IAM policy for topic {} set: {}".format(topic_id, policy))
# [END pubsub_set_topic_policy]


def set_subscription_policy(project, subscription_name):
def set_subscription_policy(project, subscription_id):
"""Sets the IAM policy for a topic."""
# [START pubsub_set_subscription_policy]
from google.cloud import pubsub_v1

# TODO(developer)
# project_id = "your-project-id"
# subscription_id = "your-subscription-id"

client = pubsub_v1.SubscriberClient()
subscription_path = client.subscription_path(project, subscription_name)
subscription_path = client.subscription_path(project, subscription_id)

policy = client.get_iam_policy(subscription_path)

# Add all users as viewers.
policy.bindings.add(role="roles/pubsub.viewer", members=["allUsers"])

# Add a group as an editor.
policy.bindings.add(
role="roles/editor", members=["group:cloud-logs@google.com"]
)
policy.bindings.add(role="roles/editor", members=["group:cloud-logs@google.com"])

# Set the policy
policy = client.set_iam_policy(subscription_path, policy)

print(
"IAM policy for subscription {} set: {}".format(
subscription_name, policy
)
)
print("IAM policy for subscription {} set: {}".format(subscription_id, policy))

client.close()
# [END pubsub_set_subscription_policy]


def check_topic_permissions(project, topic_name):
def check_topic_permissions(project, topic_id):
"""Checks to which permissions are available on the given topic."""
# [START pubsub_test_topic_permissions]
from google.cloud import pubsub_v1

# TODO(developer)
# project_id = "your-project-id"
# topic_id = "your-topic-id"

client = pubsub_v1.PublisherClient()
topic_path = client.topic_path(project, topic_name)
topic_path = client.topic_path(project, topic_id)

permissions_to_check = ["pubsub.topics.publish", "pubsub.topics.update"]

allowed_permissions = client.test_iam_permissions(
topic_path, permissions_to_check
)
allowed_permissions = client.test_iam_permissions(topic_path, permissions_to_check)

print(
"Allowed permissions for topic {}: {}".format(
topic_path, allowed_permissions
)
"Allowed permissions for topic {}: {}".format(topic_path, allowed_permissions)
)
# [END pubsub_test_topic_permissions]


def check_subscription_permissions(project, subscription_name):
def check_subscription_permissions(project, subscription_id):
"""Checks to which permissions are available on the given subscription."""
# [START pubsub_test_subscription_permissions]
from google.cloud import pubsub_v1

# TODO(developer)
# project_id = "your-project-id"
# subscription_id = "your-subscription-id"

client = pubsub_v1.SubscriberClient()
subscription_path = client.subscription_path(project, subscription_name)
subscription_path = client.subscription_path(project, subscription_id)

permissions_to_check = [
"pubsub.subscriptions.consume",
@@ -155,8 +179,7 @@ def check_subscription_permissions(project, subscription_name):

if __name__ == "__main__":
parser = argparse.ArgumentParser(
description=__doc__,
formatter_class=argparse.RawDescriptionHelpFormatter,
description=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter,
)
parser.add_argument("project", help="Your Google Cloud project ID")

@@ -165,45 +188,44 @@ def check_subscription_permissions(project, subscription_name):
get_topic_policy_parser = subparsers.add_parser(
"get-topic-policy", help=get_topic_policy.__doc__
)
get_topic_policy_parser.add_argument("topic_name")
get_topic_policy_parser.add_argument("topic_id")

get_subscription_policy_parser = subparsers.add_parser(
"get-subscription-policy", help=get_subscription_policy.__doc__
)
get_subscription_policy_parser.add_argument("subscription_name")
get_subscription_policy_parser.add_argument("subscription_id")

set_topic_policy_parser = subparsers.add_parser(
"set-topic-policy", help=set_topic_policy.__doc__
)
set_topic_policy_parser.add_argument("topic_name")
set_topic_policy_parser.add_argument("topic_id")

set_subscription_policy_parser = subparsers.add_parser(
"set-subscription-policy", help=set_subscription_policy.__doc__
)
set_subscription_policy_parser.add_argument("subscription_name")
set_subscription_policy_parser.add_argument("subscription_id")

check_topic_permissions_parser = subparsers.add_parser(
"check-topic-permissions", help=check_topic_permissions.__doc__
)
check_topic_permissions_parser.add_argument("topic_name")
check_topic_permissions_parser.add_argument("topic_id")

check_subscription_permissions_parser = subparsers.add_parser(
"check-subscription-permissions",
help=check_subscription_permissions.__doc__,
"check-subscription-permissions", help=check_subscription_permissions.__doc__,
)
check_subscription_permissions_parser.add_argument("subscription_name")
check_subscription_permissions_parser.add_argument("subscription_id")

args = parser.parse_args()

if args.command == "get-topic-policy":
get_topic_policy(args.project, args.topic_name)
get_topic_policy(args.project, args.topic_id)
elif args.command == "get-subscription-policy":
get_subscription_policy(args.project, args.subscription_name)
get_subscription_policy(args.project, args.subscription_id)
elif args.command == "set-topic-policy":
set_topic_policy(args.project, args.topic_name)
set_topic_policy(args.project, args.topic_id)
elif args.command == "set-subscription-policy":
set_subscription_policy(args.project, args.subscription_name)
set_subscription_policy(args.project, args.subscription_id)
elif args.command == "check-topic-permissions":
check_topic_permissions(args.project, args.topic_name)
check_topic_permissions(args.project, args.topic_id)
elif args.command == "check-subscription-permissions":
check_subscription_permissions(args.project, args.subscription_name)
check_subscription_permissions(args.project, args.subscription_id)
4 changes: 1 addition & 3 deletions samples/snippets/iam_test.py
Original file line number Diff line number Diff line change
@@ -56,9 +56,7 @@ def subscriber_client():

@pytest.fixture
def subscription(subscriber_client, topic):
subscription_path = subscriber_client.subscription_path(
PROJECT, SUBSCRIPTION
)
subscription_path = subscriber_client.subscription_path(PROJECT, SUBSCRIPTION)

try:
subscriber_client.delete_subscription(subscription_path)
Loading

0 comments on commit 89debfc

Please sign in to comment.