UNPKG

@google-cloud/pubsub/build/src/iam.d.ts

Version:

10.9 kBTypeScriptView Raw

1/*!
* Copyright 2014 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*      http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
16/// <reference types="node" />
17import { CallOptions, IamProtos } from 'google-gax';
18import { Omit, PubSub, RequestCallback, ResourceCallback } from './pubsub';
19export declare type Policy = {
  etag?: string | Buffer;
21} & Omit<IamProtos.google.iam.v1.IPolicy, 'etag'>;
22export declare type GetPolicyCallback = RequestCallback<Policy>;
23export declare type SetPolicyCallback = RequestCallback<Policy>;
24export declare type SetPolicyResponse = [Policy];
25export declare type GetPolicyResponse = [Policy];
26/**
* Shows which IAM permissions is allowed.
* The key to this object are the IAM permissions (string) and the values are
* booleans, true if permissions are granted to the corresponding key.
*/
31export interface IamPermissionsMap {
  [key: string]: boolean;
33}
34export declare type TestIamPermissionsResponse = [
  IamPermissionsMap,
  IamProtos.google.iam.v1.ITestIamPermissionsResponse
37];
38export declare type TestIamPermissionsCallback = ResourceCallback<IamPermissionsMap, IamProtos.google.iam.v1.ITestIamPermissionsResponse>;
39/**
* [IAM (Identity and Access
* Management)](https://cloud.google.com/pubsub/access_control) allows you to
* set permissions on individual resources and offers a wider range of roles:
* editor, owner, publisher, subscriber, and viewer. This gives you greater
* flexibility and allows you to set more fine-grained access control.
*
* For example:
*   * Grant access on a per-topic or per-subscription basis, rather than for
*     the whole Cloud project.
*   * Grant access with limited capabilities, such as to only publish messages
*     to a topic, or to only to consume messages from a subscription, but not
*     to delete the topic or subscription.
*
*
* *The IAM access control features described in this document are Beta,
* including the API methods to get and set IAM policies, and to test IAM
* permissions. Cloud Pub/Sub's use of IAM features is not covered by any
* SLA or deprecation policy, and may be subject to backward-incompatible
* changes.*
*
* @class
* @param {PubSub} pubsub PubSub Object.
* @param {string} id The name of the topic or subscription.
*
* @see [Access Control Overview]{@link https://cloud.google.com/pubsub/access_control}
* @see [What is Cloud IAM?]{@link https://cloud.google.com/iam/}
*
* @example
* ```
* const {PubSub} = require('@google-cloud/pubsub');
* const pubsub = new PubSub();
*
* const topic = pubsub.topic('my-topic');
* // topic.iam
*
* const subscription = pubsub.subscription('my-subscription');
* // subscription.iam
* ```
*/
79export declare class IAM {
  pubsub: PubSub;
  request: typeof PubSub.prototype.request;
  id: string;
  constructor(pubsub: PubSub, id: string);
  /**
   * @typedef {array} GetPolicyResponse
   * @property {object} 0 The policy.
   */
  /**
   * @callback GetPolicyCallback
   * @param {?Error} err Request error, if any.
   * @param {object} acl The policy.
   */
  /**
   * Get the IAM policy
   *
   * @param {object} [gaxOptions] Request configuration options, outlined
   *     here: https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html.
   * @param {GetPolicyCallback} [callback] Callback function.
   * @returns {Promise<GetPolicyResponse>}
   *
   * @see [Topics: getIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics/getIamPolicy}
   * @see [Subscriptions: getIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions/getIamPolicy}
   *
   * @example
   * ```
   * const {PubSub} = require('@google-cloud/pubsub');
   * const pubsub = new PubSub();
   *
   * const topic = pubsub.topic('my-topic');
   * const subscription = topic.subscription('my-subscription');
   *
   * topic.iam.getPolicy(function(err, policy, apiResponse) {});
   *
   * subscription.iam.getPolicy(function(err, policy, apiResponse) {});
   *
   * //-
   * // If the callback is omitted, we'll return a Promise.
   * //-
   * topic.iam.getPolicy().then(function(data) {
   *   const policy = data[0];
   *   const apiResponse = data[1];
   * });
   * ```
   */
  getPolicy(gaxOpts?: CallOptions): Promise<GetPolicyResponse>;
  getPolicy(callback: GetPolicyCallback): void;
  getPolicy(gaxOpts: CallOptions, callback: GetPolicyCallback): void;
  /**
   * @typedef {array} SetPolicyResponse
   * @property {object} 0 The policy.
   */
  /**
   * @callback SetPolicyCallback
   * @param {?Error} err Request error, if any.
   * @param {object} acl The policy.
   */
  /**
   * Set the IAM policy
   *
   * @throws {Error} If no policy is provided.
   *
   * @param {object} policy The [policy](https://cloud.google.com/pubsub/docs/reference/rest/v1/Policy).
   * @param {array} [policy.bindings] Bindings associate members with roles.
   * @param {Array<object>} [policy.rules] Rules to be applied to the policy.
   * @param {string} [policy.etag] Etags are used to perform a read-modify-write.
   * @param {object} [gaxOptions] Request configuration options, outlined
   *     here: https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html.
   * @param {SetPolicyCallback} callback Callback function.
   * @returns {Promise<SetPolicyResponse>}
   *
   * @see [Topics: setIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics/setIamPolicy}
   * @see [Subscriptions: setIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions/setIamPolicy}
   * @see [Policy]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/Policy}
   *
   * @example
   * ```
   * const {PubSub} = require('@google-cloud/pubsub');
   * const pubsub = new PubSub();
   *
   * const topic = pubsub.topic('my-topic');
   * const subscription = topic.subscription('my-subscription');
   *
   * const myPolicy = {
   *   bindings: [
   *     {
   *       role: 'roles/pubsub.subscriber',
   *       members:
   * ['serviceAccount:myotherproject@appspot.gserviceaccount.com']
   *     }
   *   ]
   * };
   *
   * topic.iam.setPolicy(myPolicy, function(err, policy, apiResponse) {});
   *
   * subscription.iam.setPolicy(myPolicy, function(err, policy, apiResponse)
   * {});
   *
   * //-
   * // If the callback is omitted, we'll return a Promise.
   * //-
   * topic.iam.setPolicy(myPolicy).then(function(data) {
   *   const policy = data[0];
   *   const apiResponse = data[1];
   * });
   * ```
   */
  setPolicy(policy: Policy, gaxOpts?: CallOptions): Promise<SetPolicyResponse>;
  setPolicy(policy: Policy, gaxOpts: CallOptions, callback: SetPolicyCallback): void;
  setPolicy(policy: Policy, callback: SetPolicyCallback): void;
  /**
   * @callback TestIamPermissionsCallback
   * @param {?Error} err Request error, if any.
   * @param {TestIamPermissionsAPIResponse} permissions A subset of permissions that the caller is allowed.
   * @param {PermissionsResponse} apiResponse The full API response.
   */
  /**
   * @typedef {array} TestIamPermissionsResponse
   * @property {object[]} 0 A subset of permissions that the caller is allowed.
   * @property {PermissionsResponse} 1 The full API response.
   */
  /**
   * @typedef {string[]} PermissionsResponse
   * A subset of TestPermissionsRequest.permissions that the caller is allowed.
   * @see https://cloud.google.com/pubsub/docs/reference/rpc/google.iam.v1#google.iam.v1.TestIamPermissionsRequest
   */
  /**
   * Test a set of permissions for a resource.
   *
   * Permissions with wildcards such as `*` or `storage.*` are not allowed.
   *
   * @throws {Error} If permissions are not provided.
   *
   * @param {string|string[]} permissions The permission(s) to test for.
   * @param {object} [gaxOptions] Request configuration options, outlined
   *     here: https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html.
   * @param {TestIamPermissionsCallback} [callback] Callback function.
   * @returns {Promise<TestIamPermissionsResponse>}
   *
   * @see [Topics: testIamPermissions API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics/testIamPermissions}
   * @see [Subscriptions: testIamPermissions API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions/testIamPermissions}
   * @see [Permissions Reference]{@link https://cloud.google.com/pubsub/access_control#permissions}
   *
   * @example
   * ```
   * const {PubSub} = require('@google-cloud/pubsub');
   * const pubsub = new PubSub();
   *
   * const topic = pubsub.topic('my-topic');
   * const subscription = topic.subscription('my-subscription');
   *
   * //-
   * // Test a single permission.
   * //-
   * const test = 'pubsub.topics.update';
   *
   * topic.iam.testPermissions(test, function(err, permissions, apiResponse) {
   *   console.log(permissions);
   *   // {
   *   //   "pubsub.topics.update": true
   *   // }
   * });
   *
   * //-
   * // Test several permissions at once.
   * //-
   * const tests = [
   *   'pubsub.subscriptions.consume',
   *   'pubsub.subscriptions.update'
   * ];
   *
   * subscription.iam.testPermissions(tests, function(err, permissions) {
   *   console.log(permissions);
   *   // {
   *   //   "pubsub.subscriptions.consume": true,
   *   //   "pubsub.subscriptions.update": false
   *   // }
   * });
   *
   * //-
   * // If the callback is omitted, we'll return a Promise.
   * //-
   * topic.iam.testPermissions(test).then(function(data) {
   *   const permissions = data[0];
   *   const apiResponse = data[1];
   * });
   * ```
   */
  testPermissions(permissions: string | string[], gaxOpts?: CallOptions): Promise<TestIamPermissionsResponse>;
  testPermissions(permissions: string | string[], gaxOpts: CallOptions, callback: TestIamPermissionsCallback): void;
  testPermissions(permissions: string | string[], callback: TestIamPermissionsCallback): void;
271}

1	`/*!`
2	`* Copyright 2014 Google Inc. All Rights Reserved.`
3	`*`
4	`* Licensed under the Apache License, Version 2.0 (the "License");`
5	`* you may not use this file except in compliance with the License.`
6	`* You may obtain a copy of the License at`
7	`*`
8	`* http://www.apache.org/licenses/LICENSE-2.0`
9	`*`
10	`* Unless required by applicable law or agreed to in writing, software`
11	`* distributed under the License is distributed on an "AS IS" BASIS,`
12	`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
13	`* See the License for the specific language governing permissions and`
14	`* limitations under the License.`
15	`*/`
16	`/// <reference types="node" />`
17	`import { CallOptions, IamProtos } from 'google-gax';`
18	`import { Omit, PubSub, RequestCallback, ResourceCallback } from './pubsub';`
19	`export declare type Policy = {`
20	`etag?: string \| Buffer;`
21	`} & Omit<IamProtos.google.iam.v1.IPolicy, 'etag'>;`
22	`export declare type GetPolicyCallback = RequestCallback<Policy>;`
23	`export declare type SetPolicyCallback = RequestCallback<Policy>;`
24	`export declare type SetPolicyResponse = [Policy];`
25	`export declare type GetPolicyResponse = [Policy];`
26	`/**`
27	`* Shows which IAM permissions is allowed.`
28	`* The key to this object are the IAM permissions (string) and the values are`
29	`* booleans, true if permissions are granted to the corresponding key.`
30	`*/`
31	`export interface IamPermissionsMap {`
32	`[key: string]: boolean;`
33	`}`
34	`export declare type TestIamPermissionsResponse = [`
35	`IamPermissionsMap,`
36	`IamProtos.google.iam.v1.ITestIamPermissionsResponse`
37	`];`
38	`export declare type TestIamPermissionsCallback = ResourceCallback<IamPermissionsMap, IamProtos.google.iam.v1.ITestIamPermissionsResponse>;`
39	`/**`
40	`* [IAM (Identity and Access`
41	`* Management)](https://cloud.google.com/pubsub/access_control) allows you to`
42	`* set permissions on individual resources and offers a wider range of roles:`
43	`* editor, owner, publisher, subscriber, and viewer. This gives you greater`
44	`* flexibility and allows you to set more fine-grained access control.`
45	`*`
46	`* For example:`
47	`* * Grant access on a per-topic or per-subscription basis, rather than for`
48	`* the whole Cloud project.`
49	`* * Grant access with limited capabilities, such as to only publish messages`
50	`* to a topic, or to only to consume messages from a subscription, but not`
51	`* to delete the topic or subscription.`
52	`*`
53	`*`
54	`* *The IAM access control features described in this document are Beta,`
55	`* including the API methods to get and set IAM policies, and to test IAM`
56	`* permissions. Cloud Pub/Sub's use of IAM features is not covered by any`
57	`* SLA or deprecation policy, and may be subject to backward-incompatible`
58	`* changes.*`
59	`*`
60	`* @class`
61	`* @param {PubSub} pubsub PubSub Object.`
62	`* @param {string} id The name of the topic or subscription.`
63	`*`
64	`* @see [Access Control Overview]{@link https://cloud.google.com/pubsub/access_control}`
65	`* @see [What is Cloud IAM?]{@link https://cloud.google.com/iam/}`
66	`*`
67	`* @example`
68	* ```
69	`* const {PubSub} = require('@google-cloud/pubsub');`
70	`* const pubsub = new PubSub();`
71	`*`
72	`* const topic = pubsub.topic('my-topic');`
73	`* // topic.iam`
74	`*`
75	`* const subscription = pubsub.subscription('my-subscription');`
76	`* // subscription.iam`
77	* ```
78	`*/`
79	`export declare class IAM {`
80	`pubsub: PubSub;`
81	`request: typeof PubSub.prototype.request;`
82	`id: string;`
83	`constructor(pubsub: PubSub, id: string);`
84	`/**`
85	`* @typedef {array} GetPolicyResponse`
86	`* @property {object} 0 The policy.`
87	`*/`
88	`/**`
89	`* @callback GetPolicyCallback`
90	`* @param {?Error} err Request error, if any.`
91	`* @param {object} acl The policy.`
92	`*/`
93	`/**`
94	`* Get the IAM policy`
95	`*`
96	`* @param {object} [gaxOptions] Request configuration options, outlined`
97	`* here: https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html.`
98	`* @param {GetPolicyCallback} [callback] Callback function.`
99	`* @returns {Promise<GetPolicyResponse>}`
100	`*`
101	`* @see [Topics: getIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics/getIamPolicy}`
102	`* @see [Subscriptions: getIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions/getIamPolicy}`
103	`*`
104	`* @example`
105	* ```
106	`* const {PubSub} = require('@google-cloud/pubsub');`
107	`* const pubsub = new PubSub();`
108	`*`
109	`* const topic = pubsub.topic('my-topic');`
110	`* const subscription = topic.subscription('my-subscription');`
111	`*`
112	`* topic.iam.getPolicy(function(err, policy, apiResponse) {});`
113	`*`
114	`* subscription.iam.getPolicy(function(err, policy, apiResponse) {});`
115	`*`
116	`* //-`
117	`* // If the callback is omitted, we'll return a Promise.`
118	`* //-`
119	`* topic.iam.getPolicy().then(function(data) {`
120	`* const policy = data[0];`
121	`* const apiResponse = data[1];`
122	`* });`
123	* ```
124	`*/`
125	`getPolicy(gaxOpts?: CallOptions): Promise<GetPolicyResponse>;`
126	`getPolicy(callback: GetPolicyCallback): void;`
127	`getPolicy(gaxOpts: CallOptions, callback: GetPolicyCallback): void;`
128	`/**`
129	`* @typedef {array} SetPolicyResponse`
130	`* @property {object} 0 The policy.`
131	`*/`
132	`/**`
133	`* @callback SetPolicyCallback`
134	`* @param {?Error} err Request error, if any.`
135	`* @param {object} acl The policy.`
136	`*/`
137	`/**`
138	`* Set the IAM policy`
139	`*`
140	`* @throws {Error} If no policy is provided.`
141	`*`
142	`* @param {object} policy The [policy](https://cloud.google.com/pubsub/docs/reference/rest/v1/Policy).`
143	`* @param {array} [policy.bindings] Bindings associate members with roles.`
144	`* @param {Array<object>} [policy.rules] Rules to be applied to the policy.`
145	`* @param {string} [policy.etag] Etags are used to perform a read-modify-write.`
146	`* @param {object} [gaxOptions] Request configuration options, outlined`
147	`* here: https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html.`
148	`* @param {SetPolicyCallback} callback Callback function.`
149	`* @returns {Promise<SetPolicyResponse>}`
150	`*`
151	`* @see [Topics: setIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics/setIamPolicy}`
152	`* @see [Subscriptions: setIamPolicy API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions/setIamPolicy}`
153	`* @see [Policy]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/Policy}`
154	`*`
155	`* @example`
156	* ```
157	`* const {PubSub} = require('@google-cloud/pubsub');`
158	`* const pubsub = new PubSub();`
159	`*`
160	`* const topic = pubsub.topic('my-topic');`
161	`* const subscription = topic.subscription('my-subscription');`
162	`*`
163	`* const myPolicy = {`
164	`* bindings: [`
165	`* {`
166	`* role: 'roles/pubsub.subscriber',`
167	`* members:`
168	`* ['serviceAccount:myotherproject@appspot.gserviceaccount.com']`
169	`* }`
170	`* ]`
171	`* };`
172	`*`
173	`* topic.iam.setPolicy(myPolicy, function(err, policy, apiResponse) {});`
174	`*`
175	`* subscription.iam.setPolicy(myPolicy, function(err, policy, apiResponse)`
176	`* {});`
177	`*`
178	`* //-`
179	`* // If the callback is omitted, we'll return a Promise.`
180	`* //-`
181	`* topic.iam.setPolicy(myPolicy).then(function(data) {`
182	`* const policy = data[0];`
183	`* const apiResponse = data[1];`
184	`* });`
185	* ```
186	`*/`
187	`setPolicy(policy: Policy, gaxOpts?: CallOptions): Promise<SetPolicyResponse>;`
188	`setPolicy(policy: Policy, gaxOpts: CallOptions, callback: SetPolicyCallback): void;`
189	`setPolicy(policy: Policy, callback: SetPolicyCallback): void;`
190	`/**`
191	`* @callback TestIamPermissionsCallback`
192	`* @param {?Error} err Request error, if any.`
193	`* @param {TestIamPermissionsAPIResponse} permissions A subset of permissions that the caller is allowed.`
194	`* @param {PermissionsResponse} apiResponse The full API response.`
195	`*/`
196	`/**`
197	`* @typedef {array} TestIamPermissionsResponse`
198	`* @property {object[]} 0 A subset of permissions that the caller is allowed.`
199	`* @property {PermissionsResponse} 1 The full API response.`
200	`*/`
201	`/**`
202	`* @typedef {string[]} PermissionsResponse`
203	`* A subset of TestPermissionsRequest.permissions that the caller is allowed.`
204	`* @see https://cloud.google.com/pubsub/docs/reference/rpc/google.iam.v1#google.iam.v1.TestIamPermissionsRequest`
205	`*/`
206	`/**`
207	`* Test a set of permissions for a resource.`
208	`*`
209	* Permissions with wildcards such as `` or `storage.` are not allowed.
210	`*`
211	`* @throws {Error} If permissions are not provided.`
212	`*`
213	`* @param {string\|string[]} permissions The permission(s) to test for.`
214	`* @param {object} [gaxOptions] Request configuration options, outlined`
215	`* here: https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html.`
216	`* @param {TestIamPermissionsCallback} [callback] Callback function.`
217	`* @returns {Promise<TestIamPermissionsResponse>}`
218	`*`
219	`* @see [Topics: testIamPermissions API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics/testIamPermissions}`
220	`* @see [Subscriptions: testIamPermissions API Documentation]{@link https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions/testIamPermissions}`
221	`* @see [Permissions Reference]{@link https://cloud.google.com/pubsub/access_control#permissions}`
222	`*`
223	`* @example`
224	* ```
225	`* const {PubSub} = require('@google-cloud/pubsub');`
226	`* const pubsub = new PubSub();`
227	`*`
228	`* const topic = pubsub.topic('my-topic');`
229	`* const subscription = topic.subscription('my-subscription');`
230	`*`
231	`* //-`
232	`* // Test a single permission.`
233	`* //-`
234	`* const test = 'pubsub.topics.update';`
235	`*`
236	`* topic.iam.testPermissions(test, function(err, permissions, apiResponse) {`
237	`* console.log(permissions);`
238	`* // {`
239	`* // "pubsub.topics.update": true`
240	`* // }`
241	`* });`
242	`*`
243	`* //-`
244	`* // Test several permissions at once.`
245	`* //-`
246	`* const tests = [`
247	`* 'pubsub.subscriptions.consume',`
248	`* 'pubsub.subscriptions.update'`
249	`* ];`
250	`*`
251	`* subscription.iam.testPermissions(tests, function(err, permissions) {`
252	`* console.log(permissions);`
253	`* // {`
254	`* // "pubsub.subscriptions.consume": true,`
255	`* // "pubsub.subscriptions.update": false`
256	`* // }`
257	`* });`
258	`*`
259	`* //-`
260	`* // If the callback is omitted, we'll return a Promise.`
261	`* //-`
262	`* topic.iam.testPermissions(test).then(function(data) {`
263	`* const permissions = data[0];`
264	`* const apiResponse = data[1];`
265	`* });`
266	* ```
267	`*/`
268	`testPermissions(permissions: string \| string[], gaxOpts?: CallOptions): Promise<TestIamPermissionsResponse>;`
269	`testPermissions(permissions: string \| string[], gaxOpts: CallOptions, callback: TestIamPermissionsCallback): void;`
270	`testPermissions(permissions: string \| string[], callback: TestIamPermissionsCallback): void;`
271	`}`