1// Copyright 2020 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package iap provides access to the Cloud Identity-Aware Proxy API. 8// 9// For product documentation, see: https://cloud.google.com/iap 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/iap/v1beta1" 16// ... 17// ctx := context.Background() 18// iapService, err := iap.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// iapService, err := iap.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// iapService, err := iap.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package iap // import "google.golang.org/api/iap/v1beta1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "iap:v1beta1" 75const apiName = "iap" 76const apiVersion = "v1beta1" 77const basePath = "https://iap.googleapis.com/" 78 79// OAuth2 scopes used by this API. 80const ( 81 // View and manage your data across Google Cloud Platform services 82 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 83) 84 85// NewService creates a new Service. 86func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 87 scopesOption := option.WithScopes( 88 "https://www.googleapis.com/auth/cloud-platform", 89 ) 90 // NOTE: prepend, so we don't override user-specified scopes. 91 opts = append([]option.ClientOption{scopesOption}, opts...) 92 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 93 client, endpoint, err := htransport.NewClient(ctx, opts...) 94 if err != nil { 95 return nil, err 96 } 97 s, err := New(client) 98 if err != nil { 99 return nil, err 100 } 101 if endpoint != "" { 102 s.BasePath = endpoint 103 } 104 return s, nil 105} 106 107// New creates a new Service. It uses the provided http.Client for requests. 108// 109// Deprecated: please use NewService instead. 110// To provide a custom HTTP client, use option.WithHTTPClient. 111// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 112func New(client *http.Client) (*Service, error) { 113 if client == nil { 114 return nil, errors.New("client is nil") 115 } 116 s := &Service{client: client, BasePath: basePath} 117 s.V1beta1 = NewV1beta1Service(s) 118 return s, nil 119} 120 121type Service struct { 122 client *http.Client 123 BasePath string // API endpoint base URL 124 UserAgent string // optional additional User-Agent fragment 125 126 V1beta1 *V1beta1Service 127} 128 129func (s *Service) userAgent() string { 130 if s.UserAgent == "" { 131 return googleapi.UserAgent 132 } 133 return googleapi.UserAgent + " " + s.UserAgent 134} 135 136func NewV1beta1Service(s *Service) *V1beta1Service { 137 rs := &V1beta1Service{s: s} 138 return rs 139} 140 141type V1beta1Service struct { 142 s *Service 143} 144 145// Binding: Associates `members` with a `role`. 146type Binding struct { 147 // Condition: The condition that is associated with this binding. 148 // NOTE: An unsatisfied condition will not allow user access via 149 // current 150 // binding. Different bindings, including their conditions, are 151 // examined 152 // independently. 153 Condition *Expr `json:"condition,omitempty"` 154 155 // Members: Specifies the identities requesting access for a Cloud 156 // Platform resource. 157 // `members` can have the following values: 158 // 159 // * `allUsers`: A special identifier that represents anyone who is 160 // on the internet; with or without a Google account. 161 // 162 // * `allAuthenticatedUsers`: A special identifier that represents 163 // anyone 164 // who is authenticated with a Google account or a service 165 // account. 166 // 167 // * `user:{emailid}`: An email address that represents a specific 168 // Google 169 // account. For example, `alice@example.com` . 170 // 171 // 172 // * `serviceAccount:{emailid}`: An email address that represents a 173 // service 174 // account. For example, 175 // `my-other-app@appspot.gserviceaccount.com`. 176 // 177 // * `group:{emailid}`: An email address that represents a Google 178 // group. 179 // For example, `admins@example.com`. 180 // 181 // * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus 182 // unique 183 // identifier) representing a user that has been recently deleted. 184 // For 185 // example, `alice@example.com?uid=123456789012345678901`. If the 186 // user is 187 // recovered, this value reverts to `user:{emailid}` and the 188 // recovered user 189 // retains the role in the binding. 190 // 191 // * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 192 // (plus 193 // unique identifier) representing a service account that has been 194 // recently 195 // deleted. For example, 196 // 197 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 198 // 199 // If the service account is undeleted, this value reverts to 200 // `serviceAccount:{emailid}` and the undeleted service account 201 // retains the 202 // role in the binding. 203 // 204 // * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus 205 // unique 206 // identifier) representing a Google group that has been recently 207 // deleted. For example, 208 // `admins@example.com?uid=123456789012345678901`. If 209 // the group is recovered, this value reverts to `group:{emailid}` 210 // and the 211 // recovered group retains the role in the binding. 212 // 213 // 214 // * `domain:{domain}`: The G Suite domain (primary) that represents all 215 // the 216 // users of that domain. For example, `google.com` or 217 // `example.com`. 218 // 219 // 220 Members []string `json:"members,omitempty"` 221 222 // Role: Role that is assigned to `members`. 223 // For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 224 Role string `json:"role,omitempty"` 225 226 // ForceSendFields is a list of field names (e.g. "Condition") to 227 // unconditionally include in API requests. By default, fields with 228 // empty values are omitted from API requests. However, any non-pointer, 229 // non-interface field appearing in ForceSendFields will be sent to the 230 // server regardless of whether the field is empty or not. This may be 231 // used to include empty fields in Patch requests. 232 ForceSendFields []string `json:"-"` 233 234 // NullFields is a list of field names (e.g. "Condition") to include in 235 // API requests with the JSON null value. By default, fields with empty 236 // values are omitted from API requests. However, any field with an 237 // empty value appearing in NullFields will be sent to the server as 238 // null. It is an error if a field in this list has a non-empty value. 239 // This may be used to include null fields in Patch requests. 240 NullFields []string `json:"-"` 241} 242 243func (s *Binding) MarshalJSON() ([]byte, error) { 244 type NoMethod Binding 245 raw := NoMethod(*s) 246 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 247} 248 249// Expr: Represents a textual expression in the Common Expression 250// Language (CEL) 251// syntax. CEL is a C-like expression language. The syntax and semantics 252// of CEL 253// are documented at https://github.com/google/cel-spec. 254// 255// Example (Comparison): 256// 257// title: "Summary size limit" 258// description: "Determines if a summary is less than 100 chars" 259// expression: "document.summary.size() < 100" 260// 261// Example (Equality): 262// 263// title: "Requestor is owner" 264// description: "Determines if requestor is the document owner" 265// expression: "document.owner == 266// request.auth.claims.email" 267// 268// Example (Logic): 269// 270// title: "Public documents" 271// description: "Determine whether the document should be publicly 272// visible" 273// expression: "document.type != 'private' && document.type != 274// 'internal'" 275// 276// Example (Data Manipulation): 277// 278// title: "Notification string" 279// description: "Create a notification string with a timestamp." 280// expression: "'New message received at ' + 281// string(document.create_time)" 282// 283// The exact variables and functions that may be referenced within an 284// expression 285// are determined by the service that evaluates it. See the 286// service 287// documentation for additional information. 288type Expr struct { 289 // Description: Optional. Description of the expression. This is a 290 // longer text which 291 // describes the expression, e.g. when hovered over it in a UI. 292 Description string `json:"description,omitempty"` 293 294 // Expression: Textual representation of an expression in Common 295 // Expression Language 296 // syntax. 297 Expression string `json:"expression,omitempty"` 298 299 // Location: Optional. String indicating the location of the expression 300 // for error 301 // reporting, e.g. a file name and a position in the file. 302 Location string `json:"location,omitempty"` 303 304 // Title: Optional. Title for the expression, i.e. a short string 305 // describing 306 // its purpose. This can be used e.g. in UIs which allow to enter 307 // the 308 // expression. 309 Title string `json:"title,omitempty"` 310 311 // ForceSendFields is a list of field names (e.g. "Description") to 312 // unconditionally include in API requests. By default, fields with 313 // empty values are omitted from API requests. However, any non-pointer, 314 // non-interface field appearing in ForceSendFields will be sent to the 315 // server regardless of whether the field is empty or not. This may be 316 // used to include empty fields in Patch requests. 317 ForceSendFields []string `json:"-"` 318 319 // NullFields is a list of field names (e.g. "Description") to include 320 // in API requests with the JSON null value. By default, fields with 321 // empty values are omitted from API requests. However, any field with 322 // an empty value appearing in NullFields will be sent to the server as 323 // null. It is an error if a field in this list has a non-empty value. 324 // This may be used to include null fields in Patch requests. 325 NullFields []string `json:"-"` 326} 327 328func (s *Expr) MarshalJSON() ([]byte, error) { 329 type NoMethod Expr 330 raw := NoMethod(*s) 331 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 332} 333 334// GetIamPolicyRequest: Request message for `GetIamPolicy` method. 335type GetIamPolicyRequest struct { 336 // Options: OPTIONAL: A `GetPolicyOptions` object for specifying options 337 // to 338 // `GetIamPolicy`. This field is only used by Cloud IAM. 339 Options *GetPolicyOptions `json:"options,omitempty"` 340 341 // ForceSendFields is a list of field names (e.g. "Options") to 342 // unconditionally include in API requests. By default, fields with 343 // empty values are omitted from API requests. However, any non-pointer, 344 // non-interface field appearing in ForceSendFields will be sent to the 345 // server regardless of whether the field is empty or not. This may be 346 // used to include empty fields in Patch requests. 347 ForceSendFields []string `json:"-"` 348 349 // NullFields is a list of field names (e.g. "Options") to include in 350 // API requests with the JSON null value. By default, fields with empty 351 // values are omitted from API requests. However, any field with an 352 // empty value appearing in NullFields will be sent to the server as 353 // null. It is an error if a field in this list has a non-empty value. 354 // This may be used to include null fields in Patch requests. 355 NullFields []string `json:"-"` 356} 357 358func (s *GetIamPolicyRequest) MarshalJSON() ([]byte, error) { 359 type NoMethod GetIamPolicyRequest 360 raw := NoMethod(*s) 361 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 362} 363 364// GetPolicyOptions: Encapsulates settings provided to GetIamPolicy. 365type GetPolicyOptions struct { 366 // RequestedPolicyVersion: Optional. The policy format version to be 367 // returned. 368 // 369 // Valid values are 0, 1, and 3. Requests specifying an invalid value 370 // will be 371 // rejected. 372 // 373 // Requests for policies with any conditional bindings must specify 374 // version 3. 375 // Policies without any conditional bindings may specify any valid value 376 // or 377 // leave the field unset. 378 RequestedPolicyVersion int64 `json:"requestedPolicyVersion,omitempty"` 379 380 // ForceSendFields is a list of field names (e.g. 381 // "RequestedPolicyVersion") to unconditionally include in API requests. 382 // By default, fields with empty values are omitted from API requests. 383 // However, any non-pointer, non-interface field appearing in 384 // ForceSendFields will be sent to the server regardless of whether the 385 // field is empty or not. This may be used to include empty fields in 386 // Patch requests. 387 ForceSendFields []string `json:"-"` 388 389 // NullFields is a list of field names (e.g. "RequestedPolicyVersion") 390 // to include in API requests with the JSON null value. By default, 391 // fields with empty values are omitted from API requests. However, any 392 // field with an empty value appearing in NullFields will be sent to the 393 // server as null. It is an error if a field in this list has a 394 // non-empty value. This may be used to include null fields in Patch 395 // requests. 396 NullFields []string `json:"-"` 397} 398 399func (s *GetPolicyOptions) MarshalJSON() ([]byte, error) { 400 type NoMethod GetPolicyOptions 401 raw := NoMethod(*s) 402 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 403} 404 405// Policy: An Identity and Access Management (IAM) policy, which 406// specifies access 407// controls for Google Cloud resources. 408// 409// 410// A `Policy` is a collection of `bindings`. A `binding` binds one or 411// more 412// `members` to a single `role`. Members can be user accounts, service 413// accounts, 414// Google groups, and domains (such as G Suite). A `role` is a named 415// list of 416// permissions; each `role` can be an IAM predefined role or a 417// user-created 418// custom role. 419// 420// Optionally, a `binding` can specify a `condition`, which is a 421// logical 422// expression that allows access to a resource only if the expression 423// evaluates 424// to `true`. A condition can add constraints based on attributes of 425// the 426// request, the resource, or both. 427// 428// **JSON example:** 429// 430// { 431// "bindings": [ 432// { 433// "role": "roles/resourcemanager.organizationAdmin", 434// "members": [ 435// "user:mike@example.com", 436// "group:admins@example.com", 437// "domain:google.com", 438// 439// "serviceAccount:my-project-id@appspot.gserviceaccount.com" 440// ] 441// }, 442// { 443// "role": "roles/resourcemanager.organizationViewer", 444// "members": ["user:eve@example.com"], 445// "condition": { 446// "title": "expirable access", 447// "description": "Does not grant access after Sep 2020", 448// "expression": "request.time < 449// timestamp('2020-10-01T00:00:00.000Z')", 450// } 451// } 452// ], 453// "etag": "BwWWja0YfJA=", 454// "version": 3 455// } 456// 457// **YAML example:** 458// 459// bindings: 460// - members: 461// - user:mike@example.com 462// - group:admins@example.com 463// - domain:google.com 464// - serviceAccount:my-project-id@appspot.gserviceaccount.com 465// role: roles/resourcemanager.organizationAdmin 466// - members: 467// - user:eve@example.com 468// role: roles/resourcemanager.organizationViewer 469// condition: 470// title: expirable access 471// description: Does not grant access after Sep 2020 472// expression: request.time < 473// timestamp('2020-10-01T00:00:00.000Z') 474// - etag: BwWWja0YfJA= 475// - version: 3 476// 477// For a description of IAM and its features, see the 478// [IAM documentation](https://cloud.google.com/iam/docs/). 479type Policy struct { 480 // Bindings: Associates a list of `members` to a `role`. Optionally, may 481 // specify a 482 // `condition` that determines how and when the `bindings` are applied. 483 // Each 484 // of the `bindings` must contain at least one member. 485 Bindings []*Binding `json:"bindings,omitempty"` 486 487 // Etag: `etag` is used for optimistic concurrency control as a way to 488 // help 489 // prevent simultaneous updates of a policy from overwriting each 490 // other. 491 // It is strongly suggested that systems make use of the `etag` in 492 // the 493 // read-modify-write cycle to perform policy updates in order to avoid 494 // race 495 // conditions: An `etag` is returned in the response to `getIamPolicy`, 496 // and 497 // systems are expected to put that etag in the request to 498 // `setIamPolicy` to 499 // ensure that their change will be applied to the same version of the 500 // policy. 501 // 502 // **Important:** If you use IAM Conditions, you must include the `etag` 503 // field 504 // whenever you call `setIamPolicy`. If you omit this field, then IAM 505 // allows 506 // you to overwrite a version `3` policy with a version `1` policy, and 507 // all of 508 // the conditions in the version `3` policy are lost. 509 Etag string `json:"etag,omitempty"` 510 511 // Version: Specifies the format of the policy. 512 // 513 // Valid values are `0`, `1`, and `3`. Requests that specify an invalid 514 // value 515 // are rejected. 516 // 517 // Any operation that affects conditional role bindings must specify 518 // version 519 // `3`. This requirement applies to the following operations: 520 // 521 // * Getting a policy that includes a conditional role binding 522 // * Adding a conditional role binding to a policy 523 // * Changing a conditional role binding in a policy 524 // * Removing any role binding, with or without a condition, from a 525 // policy 526 // that includes conditions 527 // 528 // **Important:** If you use IAM Conditions, you must include the `etag` 529 // field 530 // whenever you call `setIamPolicy`. If you omit this field, then IAM 531 // allows 532 // you to overwrite a version `3` policy with a version `1` policy, and 533 // all of 534 // the conditions in the version `3` policy are lost. 535 // 536 // If a policy does not include any conditions, operations on that 537 // policy may 538 // specify any valid version or leave the field unset. 539 Version int64 `json:"version,omitempty"` 540 541 // ServerResponse contains the HTTP response code and headers from the 542 // server. 543 googleapi.ServerResponse `json:"-"` 544 545 // ForceSendFields is a list of field names (e.g. "Bindings") to 546 // unconditionally include in API requests. By default, fields with 547 // empty values are omitted from API requests. However, any non-pointer, 548 // non-interface field appearing in ForceSendFields will be sent to the 549 // server regardless of whether the field is empty or not. This may be 550 // used to include empty fields in Patch requests. 551 ForceSendFields []string `json:"-"` 552 553 // NullFields is a list of field names (e.g. "Bindings") to include in 554 // API requests with the JSON null value. By default, fields with empty 555 // values are omitted from API requests. However, any field with an 556 // empty value appearing in NullFields will be sent to the server as 557 // null. It is an error if a field in this list has a non-empty value. 558 // This may be used to include null fields in Patch requests. 559 NullFields []string `json:"-"` 560} 561 562func (s *Policy) MarshalJSON() ([]byte, error) { 563 type NoMethod Policy 564 raw := NoMethod(*s) 565 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 566} 567 568// SetIamPolicyRequest: Request message for `SetIamPolicy` method. 569type SetIamPolicyRequest struct { 570 // Policy: REQUIRED: The complete policy to be applied to the 571 // `resource`. The size of 572 // the policy is limited to a few 10s of KB. An empty policy is a 573 // valid policy but certain Cloud Platform services (such as 574 // Projects) 575 // might reject them. 576 Policy *Policy `json:"policy,omitempty"` 577 578 // ForceSendFields is a list of field names (e.g. "Policy") to 579 // unconditionally include in API requests. By default, fields with 580 // empty values are omitted from API requests. However, any non-pointer, 581 // non-interface field appearing in ForceSendFields will be sent to the 582 // server regardless of whether the field is empty or not. This may be 583 // used to include empty fields in Patch requests. 584 ForceSendFields []string `json:"-"` 585 586 // NullFields is a list of field names (e.g. "Policy") to include in API 587 // requests with the JSON null value. By default, fields with empty 588 // values are omitted from API requests. However, any field with an 589 // empty value appearing in NullFields will be sent to the server as 590 // null. It is an error if a field in this list has a non-empty value. 591 // This may be used to include null fields in Patch requests. 592 NullFields []string `json:"-"` 593} 594 595func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { 596 type NoMethod SetIamPolicyRequest 597 raw := NoMethod(*s) 598 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 599} 600 601// TestIamPermissionsRequest: Request message for `TestIamPermissions` 602// method. 603type TestIamPermissionsRequest struct { 604 // Permissions: The set of permissions to check for the `resource`. 605 // Permissions with 606 // wildcards (such as '*' or 'storage.*') are not allowed. For 607 // more 608 // information see 609 // [IAM 610 // Overview](https://cloud.google.com/iam/docs/overview#permissions). 611 Permissions []string `json:"permissions,omitempty"` 612 613 // ForceSendFields is a list of field names (e.g. "Permissions") to 614 // unconditionally include in API requests. By default, fields with 615 // empty values are omitted from API requests. However, any non-pointer, 616 // non-interface field appearing in ForceSendFields will be sent to the 617 // server regardless of whether the field is empty or not. This may be 618 // used to include empty fields in Patch requests. 619 ForceSendFields []string `json:"-"` 620 621 // NullFields is a list of field names (e.g. "Permissions") to include 622 // in API requests with the JSON null value. By default, fields with 623 // empty values are omitted from API requests. However, any field with 624 // an empty value appearing in NullFields will be sent to the server as 625 // null. It is an error if a field in this list has a non-empty value. 626 // This may be used to include null fields in Patch requests. 627 NullFields []string `json:"-"` 628} 629 630func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { 631 type NoMethod TestIamPermissionsRequest 632 raw := NoMethod(*s) 633 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 634} 635 636// TestIamPermissionsResponse: Response message for `TestIamPermissions` 637// method. 638type TestIamPermissionsResponse struct { 639 // Permissions: A subset of `TestPermissionsRequest.permissions` that 640 // the caller is 641 // allowed. 642 Permissions []string `json:"permissions,omitempty"` 643 644 // ServerResponse contains the HTTP response code and headers from the 645 // server. 646 googleapi.ServerResponse `json:"-"` 647 648 // ForceSendFields is a list of field names (e.g. "Permissions") to 649 // unconditionally include in API requests. By default, fields with 650 // empty values are omitted from API requests. However, any non-pointer, 651 // non-interface field appearing in ForceSendFields will be sent to the 652 // server regardless of whether the field is empty or not. This may be 653 // used to include empty fields in Patch requests. 654 ForceSendFields []string `json:"-"` 655 656 // NullFields is a list of field names (e.g. "Permissions") to include 657 // in API requests with the JSON null value. By default, fields with 658 // empty values are omitted from API requests. However, any field with 659 // an empty value appearing in NullFields will be sent to the server as 660 // null. It is an error if a field in this list has a non-empty value. 661 // This may be used to include null fields in Patch requests. 662 NullFields []string `json:"-"` 663} 664 665func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { 666 type NoMethod TestIamPermissionsResponse 667 raw := NoMethod(*s) 668 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 669} 670 671// method id "iap.getIamPolicy": 672 673type V1beta1GetIamPolicyCall struct { 674 s *Service 675 resource string 676 getiampolicyrequest *GetIamPolicyRequest 677 urlParams_ gensupport.URLParams 678 ctx_ context.Context 679 header_ http.Header 680} 681 682// GetIamPolicy: Gets the access control policy for an Identity-Aware 683// Proxy protected 684// resource. 685// More information about managing access via IAP can be found 686// at: 687// https://cloud.google.com/iap/docs/managing-access#managing_access_ 688// via_the_api 689func (r *V1beta1Service) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *V1beta1GetIamPolicyCall { 690 c := &V1beta1GetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 691 c.resource = resource 692 c.getiampolicyrequest = getiampolicyrequest 693 return c 694} 695 696// Fields allows partial responses to be retrieved. See 697// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 698// for more information. 699func (c *V1beta1GetIamPolicyCall) Fields(s ...googleapi.Field) *V1beta1GetIamPolicyCall { 700 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 701 return c 702} 703 704// Context sets the context to be used in this call's Do method. Any 705// pending HTTP request will be aborted if the provided context is 706// canceled. 707func (c *V1beta1GetIamPolicyCall) Context(ctx context.Context) *V1beta1GetIamPolicyCall { 708 c.ctx_ = ctx 709 return c 710} 711 712// Header returns an http.Header that can be modified by the caller to 713// add HTTP headers to the request. 714func (c *V1beta1GetIamPolicyCall) Header() http.Header { 715 if c.header_ == nil { 716 c.header_ = make(http.Header) 717 } 718 return c.header_ 719} 720 721func (c *V1beta1GetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 722 reqHeaders := make(http.Header) 723 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 724 for k, v := range c.header_ { 725 reqHeaders[k] = v 726 } 727 reqHeaders.Set("User-Agent", c.s.userAgent()) 728 var body io.Reader = nil 729 body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest) 730 if err != nil { 731 return nil, err 732 } 733 reqHeaders.Set("Content-Type", "application/json") 734 c.urlParams_.Set("alt", alt) 735 c.urlParams_.Set("prettyPrint", "false") 736 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:getIamPolicy") 737 urls += "?" + c.urlParams_.Encode() 738 req, err := http.NewRequest("POST", urls, body) 739 if err != nil { 740 return nil, err 741 } 742 req.Header = reqHeaders 743 googleapi.Expand(req.URL, map[string]string{ 744 "resource": c.resource, 745 }) 746 return gensupport.SendRequest(c.ctx_, c.s.client, req) 747} 748 749// Do executes the "iap.getIamPolicy" call. 750// Exactly one of *Policy or error will be non-nil. Any non-2xx status 751// code is an error. Response headers are in either 752// *Policy.ServerResponse.Header or (if a response was returned at all) 753// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 754// check whether the returned error was because http.StatusNotModified 755// was returned. 756func (c *V1beta1GetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 757 gensupport.SetOptions(c.urlParams_, opts...) 758 res, err := c.doRequest("json") 759 if res != nil && res.StatusCode == http.StatusNotModified { 760 if res.Body != nil { 761 res.Body.Close() 762 } 763 return nil, &googleapi.Error{ 764 Code: res.StatusCode, 765 Header: res.Header, 766 } 767 } 768 if err != nil { 769 return nil, err 770 } 771 defer googleapi.CloseBody(res) 772 if err := googleapi.CheckResponse(res); err != nil { 773 return nil, err 774 } 775 ret := &Policy{ 776 ServerResponse: googleapi.ServerResponse{ 777 Header: res.Header, 778 HTTPStatusCode: res.StatusCode, 779 }, 780 } 781 target := &ret 782 if err := gensupport.DecodeResponse(target, res); err != nil { 783 return nil, err 784 } 785 return ret, nil 786 // { 787 // "description": "Gets the access control policy for an Identity-Aware Proxy protected\nresource.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api", 788 // "flatPath": "v1beta1/{v1beta1Id}:getIamPolicy", 789 // "httpMethod": "POST", 790 // "id": "iap.getIamPolicy", 791 // "parameterOrder": [ 792 // "resource" 793 // ], 794 // "parameters": { 795 // "resource": { 796 // "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.", 797 // "location": "path", 798 // "pattern": "^.*$", 799 // "required": true, 800 // "type": "string" 801 // } 802 // }, 803 // "path": "v1beta1/{+resource}:getIamPolicy", 804 // "request": { 805 // "$ref": "GetIamPolicyRequest" 806 // }, 807 // "response": { 808 // "$ref": "Policy" 809 // }, 810 // "scopes": [ 811 // "https://www.googleapis.com/auth/cloud-platform" 812 // ] 813 // } 814 815} 816 817// method id "iap.setIamPolicy": 818 819type V1beta1SetIamPolicyCall struct { 820 s *Service 821 resource string 822 setiampolicyrequest *SetIamPolicyRequest 823 urlParams_ gensupport.URLParams 824 ctx_ context.Context 825 header_ http.Header 826} 827 828// SetIamPolicy: Sets the access control policy for an Identity-Aware 829// Proxy protected 830// resource. Replaces any existing policy. 831// More information about managing access via IAP can be found 832// at: 833// https://cloud.google.com/iap/docs/managing-access#managing_access_ 834// via_the_api 835func (r *V1beta1Service) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *V1beta1SetIamPolicyCall { 836 c := &V1beta1SetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 837 c.resource = resource 838 c.setiampolicyrequest = setiampolicyrequest 839 return c 840} 841 842// Fields allows partial responses to be retrieved. See 843// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 844// for more information. 845func (c *V1beta1SetIamPolicyCall) Fields(s ...googleapi.Field) *V1beta1SetIamPolicyCall { 846 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 847 return c 848} 849 850// Context sets the context to be used in this call's Do method. Any 851// pending HTTP request will be aborted if the provided context is 852// canceled. 853func (c *V1beta1SetIamPolicyCall) Context(ctx context.Context) *V1beta1SetIamPolicyCall { 854 c.ctx_ = ctx 855 return c 856} 857 858// Header returns an http.Header that can be modified by the caller to 859// add HTTP headers to the request. 860func (c *V1beta1SetIamPolicyCall) Header() http.Header { 861 if c.header_ == nil { 862 c.header_ = make(http.Header) 863 } 864 return c.header_ 865} 866 867func (c *V1beta1SetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 868 reqHeaders := make(http.Header) 869 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 870 for k, v := range c.header_ { 871 reqHeaders[k] = v 872 } 873 reqHeaders.Set("User-Agent", c.s.userAgent()) 874 var body io.Reader = nil 875 body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) 876 if err != nil { 877 return nil, err 878 } 879 reqHeaders.Set("Content-Type", "application/json") 880 c.urlParams_.Set("alt", alt) 881 c.urlParams_.Set("prettyPrint", "false") 882 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:setIamPolicy") 883 urls += "?" + c.urlParams_.Encode() 884 req, err := http.NewRequest("POST", urls, body) 885 if err != nil { 886 return nil, err 887 } 888 req.Header = reqHeaders 889 googleapi.Expand(req.URL, map[string]string{ 890 "resource": c.resource, 891 }) 892 return gensupport.SendRequest(c.ctx_, c.s.client, req) 893} 894 895// Do executes the "iap.setIamPolicy" call. 896// Exactly one of *Policy or error will be non-nil. Any non-2xx status 897// code is an error. Response headers are in either 898// *Policy.ServerResponse.Header or (if a response was returned at all) 899// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 900// check whether the returned error was because http.StatusNotModified 901// was returned. 902func (c *V1beta1SetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 903 gensupport.SetOptions(c.urlParams_, opts...) 904 res, err := c.doRequest("json") 905 if res != nil && res.StatusCode == http.StatusNotModified { 906 if res.Body != nil { 907 res.Body.Close() 908 } 909 return nil, &googleapi.Error{ 910 Code: res.StatusCode, 911 Header: res.Header, 912 } 913 } 914 if err != nil { 915 return nil, err 916 } 917 defer googleapi.CloseBody(res) 918 if err := googleapi.CheckResponse(res); err != nil { 919 return nil, err 920 } 921 ret := &Policy{ 922 ServerResponse: googleapi.ServerResponse{ 923 Header: res.Header, 924 HTTPStatusCode: res.StatusCode, 925 }, 926 } 927 target := &ret 928 if err := gensupport.DecodeResponse(target, res); err != nil { 929 return nil, err 930 } 931 return ret, nil 932 // { 933 // "description": "Sets the access control policy for an Identity-Aware Proxy protected\nresource. Replaces any existing policy.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api", 934 // "flatPath": "v1beta1/{v1beta1Id}:setIamPolicy", 935 // "httpMethod": "POST", 936 // "id": "iap.setIamPolicy", 937 // "parameterOrder": [ 938 // "resource" 939 // ], 940 // "parameters": { 941 // "resource": { 942 // "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.", 943 // "location": "path", 944 // "pattern": "^.*$", 945 // "required": true, 946 // "type": "string" 947 // } 948 // }, 949 // "path": "v1beta1/{+resource}:setIamPolicy", 950 // "request": { 951 // "$ref": "SetIamPolicyRequest" 952 // }, 953 // "response": { 954 // "$ref": "Policy" 955 // }, 956 // "scopes": [ 957 // "https://www.googleapis.com/auth/cloud-platform" 958 // ] 959 // } 960 961} 962 963// method id "iap.testIamPermissions": 964 965type V1beta1TestIamPermissionsCall struct { 966 s *Service 967 resource string 968 testiampermissionsrequest *TestIamPermissionsRequest 969 urlParams_ gensupport.URLParams 970 ctx_ context.Context 971 header_ http.Header 972} 973 974// TestIamPermissions: Returns permissions that a caller has on the 975// Identity-Aware Proxy protected 976// resource. If the resource does not exist or the caller does not 977// have 978// Identity-Aware Proxy permissions a 979// [google.rpc.Code.PERMISSION_DENIED] 980// will be returned. 981// More information about managing access via IAP can be found 982// at: 983// https://cloud.google.com/iap/docs/managing-access#managing_access_ 984// via_the_api 985func (r *V1beta1Service) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *V1beta1TestIamPermissionsCall { 986 c := &V1beta1TestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 987 c.resource = resource 988 c.testiampermissionsrequest = testiampermissionsrequest 989 return c 990} 991 992// Fields allows partial responses to be retrieved. See 993// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 994// for more information. 995func (c *V1beta1TestIamPermissionsCall) Fields(s ...googleapi.Field) *V1beta1TestIamPermissionsCall { 996 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 997 return c 998} 999 1000// Context sets the context to be used in this call's Do method. Any 1001// pending HTTP request will be aborted if the provided context is 1002// canceled. 1003func (c *V1beta1TestIamPermissionsCall) Context(ctx context.Context) *V1beta1TestIamPermissionsCall { 1004 c.ctx_ = ctx 1005 return c 1006} 1007 1008// Header returns an http.Header that can be modified by the caller to 1009// add HTTP headers to the request. 1010func (c *V1beta1TestIamPermissionsCall) Header() http.Header { 1011 if c.header_ == nil { 1012 c.header_ = make(http.Header) 1013 } 1014 return c.header_ 1015} 1016 1017func (c *V1beta1TestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { 1018 reqHeaders := make(http.Header) 1019 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 1020 for k, v := range c.header_ { 1021 reqHeaders[k] = v 1022 } 1023 reqHeaders.Set("User-Agent", c.s.userAgent()) 1024 var body io.Reader = nil 1025 body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) 1026 if err != nil { 1027 return nil, err 1028 } 1029 reqHeaders.Set("Content-Type", "application/json") 1030 c.urlParams_.Set("alt", alt) 1031 c.urlParams_.Set("prettyPrint", "false") 1032 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:testIamPermissions") 1033 urls += "?" + c.urlParams_.Encode() 1034 req, err := http.NewRequest("POST", urls, body) 1035 if err != nil { 1036 return nil, err 1037 } 1038 req.Header = reqHeaders 1039 googleapi.Expand(req.URL, map[string]string{ 1040 "resource": c.resource, 1041 }) 1042 return gensupport.SendRequest(c.ctx_, c.s.client, req) 1043} 1044 1045// Do executes the "iap.testIamPermissions" call. 1046// Exactly one of *TestIamPermissionsResponse or error will be non-nil. 1047// Any non-2xx status code is an error. Response headers are in either 1048// *TestIamPermissionsResponse.ServerResponse.Header or (if a response 1049// was returned at all) in error.(*googleapi.Error).Header. Use 1050// googleapi.IsNotModified to check whether the returned error was 1051// because http.StatusNotModified was returned. 1052func (c *V1beta1TestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { 1053 gensupport.SetOptions(c.urlParams_, opts...) 1054 res, err := c.doRequest("json") 1055 if res != nil && res.StatusCode == http.StatusNotModified { 1056 if res.Body != nil { 1057 res.Body.Close() 1058 } 1059 return nil, &googleapi.Error{ 1060 Code: res.StatusCode, 1061 Header: res.Header, 1062 } 1063 } 1064 if err != nil { 1065 return nil, err 1066 } 1067 defer googleapi.CloseBody(res) 1068 if err := googleapi.CheckResponse(res); err != nil { 1069 return nil, err 1070 } 1071 ret := &TestIamPermissionsResponse{ 1072 ServerResponse: googleapi.ServerResponse{ 1073 Header: res.Header, 1074 HTTPStatusCode: res.StatusCode, 1075 }, 1076 } 1077 target := &ret 1078 if err := gensupport.DecodeResponse(target, res); err != nil { 1079 return nil, err 1080 } 1081 return ret, nil 1082 // { 1083 // "description": "Returns permissions that a caller has on the Identity-Aware Proxy protected\nresource. If the resource does not exist or the caller does not have\nIdentity-Aware Proxy permissions a [google.rpc.Code.PERMISSION_DENIED]\nwill be returned.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api", 1084 // "flatPath": "v1beta1/{v1beta1Id}:testIamPermissions", 1085 // "httpMethod": "POST", 1086 // "id": "iap.testIamPermissions", 1087 // "parameterOrder": [ 1088 // "resource" 1089 // ], 1090 // "parameters": { 1091 // "resource": { 1092 // "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.", 1093 // "location": "path", 1094 // "pattern": "^.*$", 1095 // "required": true, 1096 // "type": "string" 1097 // } 1098 // }, 1099 // "path": "v1beta1/{+resource}:testIamPermissions", 1100 // "request": { 1101 // "$ref": "TestIamPermissionsRequest" 1102 // }, 1103 // "response": { 1104 // "$ref": "TestIamPermissionsResponse" 1105 // }, 1106 // "scopes": [ 1107 // "https://www.googleapis.com/auth/cloud-platform" 1108 // ] 1109 // } 1110 1111} 1112