SAS Portal API . policies

Instance Methods

get(body=None, x__xgafv=None)

Gets the access control policy for a resource.

set(body=None, x__xgafv=None)

Sets the access control policy on the specified resource. Replaces any

test(body=None, x__xgafv=None)

Returns permissions that a caller has on the specified resource.

Method Details

get(body=None, x__xgafv=None)
Gets the access control policy for a resource.
Returns an empty policy if the resource exists and does not have a policy
set.

Args:
  body: object, The request body.
    The object takes the form of:

{ # Request message for `GetPolicy` method.
    "resource": "A String", # Required. The resource for which the policy is being requested.
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Defines an access control policy to the resources.
    "etag": "A String", # The [etag] is used for optimistic concurrency control as a way to
        # help prevent simultaneous updates of a policy from overwriting
        # each other.  It is strongly suggested that systems make use of
        # the [etag] in the read-modify-write cycle to perform policy
        # updates in order to avoid race conditions: An [etag] is returned
        # in the response to [GetPolicy], and systems are expected to put
        # that etag in the request to [SetPolicy] to ensure that their
        # change will be applied to the same version of the policy.
        #
        # If no [etag] is provided in the call to [SetPolicy], then the
        # existing policy is overwritten blindly.
    "assignments": [
      { # Associates `members` with a `role`.
        "members": [ # The identities the role is assigned to. It can have the following
            # values:
            #
            # * `{user_email}`: An email address that represents a specific
            #    Google account. For example: `alice@gmail.com`.
            #
            # * `{group_email}`: An email address that represents a Google
            #    group.  For example, `viewers@gmail.com`.
          "A String",
        ],
        "role": "A String", # Required. Role that is assigned to `members`.
      },
    ],
  }
set(body=None, x__xgafv=None)
Sets the access control policy on the specified resource. Replaces any
existing policy.

Args:
  body: object, The request body.
    The object takes the form of:

{ # Request message for `SetPolicy` method.
    "resource": "A String", # Required. The resource for which the policy is being specified. This policy
        # replaces any existing policy.
    "policy": { # Defines an access control policy to the resources. # Required. The policy to be applied to the `resource`.
      "etag": "A String", # The [etag] is used for optimistic concurrency control as a way to
          # help prevent simultaneous updates of a policy from overwriting
          # each other.  It is strongly suggested that systems make use of
          # the [etag] in the read-modify-write cycle to perform policy
          # updates in order to avoid race conditions: An [etag] is returned
          # in the response to [GetPolicy], and systems are expected to put
          # that etag in the request to [SetPolicy] to ensure that their
          # change will be applied to the same version of the policy.
          #
          # If no [etag] is provided in the call to [SetPolicy], then the
          # existing policy is overwritten blindly.
      "assignments": [
        { # Associates `members` with a `role`.
          "members": [ # The identities the role is assigned to. It can have the following
              # values:
              #
              # * `{user_email}`: An email address that represents a specific
              #    Google account. For example: `alice@gmail.com`.
              #
              # * `{group_email}`: An email address that represents a Google
              #    group.  For example, `viewers@gmail.com`.
            "A String",
          ],
          "role": "A String", # Required. Role that is assigned to `members`.
        },
      ],
    },
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Defines an access control policy to the resources.
    "etag": "A String", # The [etag] is used for optimistic concurrency control as a way to
        # help prevent simultaneous updates of a policy from overwriting
        # each other.  It is strongly suggested that systems make use of
        # the [etag] in the read-modify-write cycle to perform policy
        # updates in order to avoid race conditions: An [etag] is returned
        # in the response to [GetPolicy], and systems are expected to put
        # that etag in the request to [SetPolicy] to ensure that their
        # change will be applied to the same version of the policy.
        #
        # If no [etag] is provided in the call to [SetPolicy], then the
        # existing policy is overwritten blindly.
    "assignments": [
      { # Associates `members` with a `role`.
        "members": [ # The identities the role is assigned to. It can have the following
            # values:
            #
            # * `{user_email}`: An email address that represents a specific
            #    Google account. For example: `alice@gmail.com`.
            #
            # * `{group_email}`: An email address that represents a Google
            #    group.  For example, `viewers@gmail.com`.
          "A String",
        ],
        "role": "A String", # Required. Role that is assigned to `members`.
      },
    ],
  }
test(body=None, x__xgafv=None)
Returns permissions that a caller has on the specified resource.

Args:
  body: object, The request body.
    The object takes the form of:

{ # Request message for `TestPermissions` method.
    "permissions": [ # The set of permissions to check for the `resource`.
      "A String",
    ],
    "resource": "A String", # Required. The resource for which the permissions are being requested.
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for `TestPermissions` method.
    "permissions": [ # A set of permissions that the caller is allowed.
      "A String",
    ],
  }