feat: [Storage] samples for printing bucket ACLs (GoogleCloudPlatform#1616)

Author: vishwarajanand

storage/src/print_bucket_acl_for_user.php

@@ -0,0 +1,53 @@
+<?php
+/**
+ * Copyright 2022 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * For instructions on how to run the full sample:
+ *
+ * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/master/storage/README.md
+ */
+
+namespace Google\Cloud\Samples\Storage;
+
+# [START storage_print_bucket_acl_for_user]
+use Google\Cloud\Storage\StorageClient;
+
+/**
+ * Print an entity role for a bucket ACL.
+ *
+ * @param string $bucketName The name of your Cloud Storage bucket.
+ * @param string $entity The entity for which to query access controls.
+ */
+function print_bucket_acl_for_user(
+    string $bucketName,
+    string $entity
+): void {
+    // $bucketName = 'my-bucket';
+    // $entity = '[email protected]';
+
+    $storage = new StorageClient();
+    $bucket = $storage->bucket($bucketName);
+    $acl = $bucket->acl();
+
+    $item = $acl->get(['entity' => $entity]);
+    printf('%s: %s' . PHP_EOL, $item['entity'], $item['role']);
+}
+# [END storage_print_bucket_acl_for_user]
+
+// The following 2 lines are only needed to run the samples
+require_once __DIR__ . '/../../testing/sample_helpers.php';
+\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);

storage/src/print_file_acl_for_user.php

@@ -0,0 +1,56 @@
+<?php
+/**
+ * Copyright 2022 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * For instructions on how to run the full sample:
+ *
+ * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/master/storage/README.md
+ */
+
+namespace Google\Cloud\Samples\Storage;
+
+# [START storage_print_file_acl_for_user]
+use Google\Cloud\Storage\StorageClient;
+
+/**
+ * Print an entity role for a file ACL.
+ *
+ * @param string $bucketName The name of your Cloud Storage bucket.
+ * @param string $objectName The name of your Cloud Storage object.
+ * @param string $entity The entity for which to query access controls.
+ */
+function print_file_acl_for_user(
+    string $bucketName,
+    string $objectName,
+    string $entity
+): void {
+    // $bucketName = 'my-bucket';
+    // $objectName = 'my-object';
+    // $entity = '[email protected]';
+
+    $storage = new StorageClient();
+    $bucket = $storage->bucket($bucketName);
+    $object = $bucket->object($objectName);
+    $acl = $object->acl();
+    $item = $acl->get(['entity' => $entity]);
+    printf('%s: %s' . PHP_EOL, $item['entity'], $item['role']);
+}
+# [END storage_print_file_acl_for_user]
+
+// The following 2 lines are only needed to run the samples
+require_once __DIR__ . '/../../testing/sample_helpers.php';
+\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);

storage/test/ObjectAclTest.php

@@ -97,6 +97,72 @@ public function testManageObjectAcl()
 allAuthenticatedUsers: READER
 Deleted allAuthenticatedUsers from $objectUrl ACL
 
+EOF;
+        $this->assertEquals($output, $outputString);
+    }
+
+    public function testPrintFileAclForUser()
+    {
+        $objectName = $this->requireEnv('GOOGLE_STORAGE_OBJECT');
+
+        $bucket = self::$storage->bucket(self::$bucketName);
+        $object = $bucket->object($objectName);
+        $acl = $object->acl();
+
+        $output = self::runFunctionSnippet('add_object_acl', [
+            self::$bucketName,
+            $objectName,
+            'allAuthenticatedUsers',
+            'READER',
+        ]);
+
+        $aclInfo = $acl->get(['entity' => 'allAuthenticatedUsers']);
+        $this->assertArrayHasKey('role', $aclInfo);
+        $this->assertEquals('READER', $aclInfo['role']);
+
+        $output .= self::runFunctionSnippet('print_file_acl_for_user', [
+            self::$bucketName,
+            $objectName,
+            'allAuthenticatedUsers',
+        ]);
+
+        $objectUrl = sprintf('gs://%s/%s', self::$bucketName, $objectName);
+        $outputString = <<<EOF
+Added allAuthenticatedUsers (READER) to $objectUrl ACL
+allAuthenticatedUsers: READER
+
+EOF;
+        $this->assertEquals($output, $outputString);
+    }
+
+    public function testPrintBucketAclForUser()
+    {
+        $objectName = $this->requireEnv('GOOGLE_STORAGE_OBJECT');
+
+        $bucket = self::$storage->bucket(self::$bucketName);
+        $object = $bucket->object($objectName);
+        $acl = $object->acl();
+
+        $output = self::runFunctionSnippet('add_bucket_acl', [
+            self::$bucketName,
+            'allAuthenticatedUsers',
+            'READER',
+        ]);
+
+        $aclInfo = $acl->get(['entity' => 'allAuthenticatedUsers']);
+        $this->assertArrayHasKey('role', $aclInfo);
+        $this->assertEquals('READER', $aclInfo['role']);
+
+        $output .= self::runFunctionSnippet('print_bucket_acl_for_user', [
+            self::$bucketName,
+            'allAuthenticatedUsers',
+        ]);
+
+        $bucketUrl = sprintf('gs://%s', self::$bucketName);
+        $outputString = <<<EOF
+Added allAuthenticatedUsers (READER) to $bucketUrl ACL
+allAuthenticatedUsers: READER
+
 EOF;
         $this->assertEquals($output, $outputString);
     }