From 4150414b7bffa7c8aeba1b2e023540b1370f2c63 Mon Sep 17 00:00:00 2001 From: Yoshi Automation Bot Date: Mon, 24 Aug 2020 10:11:42 -0700 Subject: [PATCH] feat: add AnalyzeIamPolicy and ExportIamPolicyAnalysis RPCs (#386) PiperOrigin-RevId: 328059685 Source-Author: Google APIs Source-Date: Sun Aug 23 17:12:48 2020 -0700 Source-Repo: googleapis/googleapis Source-Sha: 72eb54c45231d84266ca059473bc1793c394fcb2 Source-Link: https://github.com/googleapis/googleapis/commit/72eb54c45231d84266ca059473bc1793c394fcb2 --- .../google/cloud/asset/v1/asset_service.proto | 425 + .../protos/google/cloud/asset/v1/assets.proto | 160 +- .../google-cloud-asset/protos/protos.d.ts | 3715 +++++-- packages/google-cloud-asset/protos/protos.js | 9738 +++++++++++++---- .../google-cloud-asset/protos/protos.json | 524 +- .../src/v1/asset_service_client.ts | 274 + .../src/v1/asset_service_client_config.json | 13 + packages/google-cloud-asset/synth.metadata | 6 +- .../test/gapic_asset_service_v1.ts | 318 + 9 files changed, 12451 insertions(+), 2722 deletions(-) diff --git a/packages/google-cloud-asset/protos/google/cloud/asset/v1/asset_service.proto b/packages/google-cloud-asset/protos/google/cloud/asset/v1/asset_service.proto index 4aa3ee74ee2..fce88c71c5c 100644 --- a/packages/google-cloud-asset/protos/google/cloud/asset/v1/asset_service.proto +++ b/packages/google-cloud-asset/protos/google/cloud/asset/v1/asset_service.proto @@ -138,6 +138,36 @@ service AssetService { }; option (google.api.method_signature) = "scope,query"; } + + // Analyzes IAM policies to answer which identities have what accesses on + // which resources. + rpc AnalyzeIamPolicy(AnalyzeIamPolicyRequest) + returns (AnalyzeIamPolicyResponse) { + option (google.api.http) = { + get: "/v1/{analysis_query.scope=*/*}:analyzeIamPolicy" + }; + } + + // Exports the answers of which identities have what accesses on which + // resources to a Google Cloud Storage or a BigQuery destination. For Cloud + // Storage destination, the output format is the JSON format that represents a + // [google.cloud.asset.v1.AnalyzeIamPolicyResponse][google.cloud.asset.v1.AnalyzeIamPolicyResponse]. + // This method implements the + // [google.longrunning.Operation][google.longrunning.Operation], which allows + // you to track the export status. We recommend intervals of at least 2 + // seconds with exponential retry to poll the export operation result. The + // metadata contains the request to help callers to map responses to requests. + rpc ExportIamPolicyAnalysis(ExportIamPolicyAnalysisRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{analysis_query.scope=*/*}:exportIamPolicyAnalysis" + body: "*" + }; + option (google.longrunning.operation_info) = { + response_type: "google.cloud.asset.v1.ExportIamPolicyAnalysisResponse" + metadata_type: "google.cloud.asset.v1.ExportIamPolicyAnalysisRequest" + }; + } } // Export asset request. @@ -638,6 +668,401 @@ message SearchAllIamPoliciesResponse { string next_page_token = 2; } +// IAM policy analysis query message. +message IamPolicyAnalysisQuery { + // The relative name of the root asset. Only resources and IAM policies within + // the scope will be analyzed. + // + // This can only be an organization number (such as "organizations/123"), a + // folder number (such as "folders/123"), a project ID (such as + // "projects/my-project-id"), or a project number (such as "projects/12345"). + // + // To know how to get organization id, visit [here + // ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). + // + // To know how to get folder or project id, visit [here + // ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). + string scope = 1 [ + (google.api.field_behavior) = REQUIRED + ]; + + // Specifies the resource to analyze for access policies, which may be set + // directly on the resource, or on ancestors such as organizations, folders or + // projects. + message ResourceSelector { + // The [full resource name] + // (https://cloud.google.com/asset-inventory/docs/resource-name-format) + // of a resource of [supported resource + // types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types). + string full_resource_name = 1 [(google.api.field_behavior) = REQUIRED]; + } + + // Specifies a resource for analysis. + ResourceSelector resource_selector = 2 + [(google.api.field_behavior) = OPTIONAL]; + + // Specifies an identity for which to determine resource access, based on + // roles assigned either directly to them or to the groups they belong to, + // directly or indirectly. + message IdentitySelector { + // The identity appear in the form of members in + // [IAM policy + // binding](https://cloud.google.com/iam/reference/rest/v1/Binding). + // + // The examples of supported forms are: + // "user:mike@example.com", + // "group:admins@example.com", + // "domain:google.com", + // "serviceAccount:my-project-id@appspot.gserviceaccount.com". + // + // Notice that wildcard characters (such as * and ?) are not supported. + // You must give a specific identity. + string identity = 1 [(google.api.field_behavior) = REQUIRED]; + } + + // Specifies an identity for analysis. + IdentitySelector identity_selector = 3 + [(google.api.field_behavior) = OPTIONAL]; + + // Specifies roles and/or permissions to analyze, to determine both the + // identities possessing them and the resources they control. If multiple + // values are specified, results will include roles or permissions matching + // any of them. + message AccessSelector { + // The roles to appear in result. + repeated string roles = 1 [(google.api.field_behavior) = OPTIONAL]; + + // The permissions to appear in result. + repeated string permissions = 2 [(google.api.field_behavior) = OPTIONAL]; + } + + // Specifies roles or permissions for analysis. This is optional. + AccessSelector access_selector = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Contains query options. + message Options { + // If true, the identities section of the result will expand any + // Google groups appearing in an IAM policy binding. + // + // If + // [google.cloud.asset.v1.IamPolicyAnalysisQuery.identity_selector][google.cloud.asset.v1.IamPolicyAnalysisQuery.identity_selector] + // is specified, the identity in the result will be determined by the + // selector, and this flag is not allowed to set. + // + // Default is false. + bool expand_groups = 1 [(google.api.field_behavior) = OPTIONAL]; + + // If true, the access section of result will expand any roles + // appearing in IAM policy bindings to include their permissions. + // + // If + // [google.cloud.asset.v1.IamPolicyAnalysisQuery.access_selector][google.cloud.asset.v1.IamPolicyAnalysisQuery.access_selector] + // is specified, the access section of the result will be determined by the + // selector, and this flag is not allowed to set. + // + // Default is false. + bool expand_roles = 2 [(google.api.field_behavior) = OPTIONAL]; + + // If true and + // [google.cloud.asset.v1.IamPolicyAnalysisQuery.resource_selector][google.cloud.asset.v1.IamPolicyAnalysisQuery.resource_selector] + // is not specified, the resource section of the result will expand any + // resource attached to an IAM policy to include resources lower in the + // resource hierarchy. + // + // For example, if the request analyzes for which resources user A has + // permission P, and the results include an IAM policy with P on a GCP + // folder, the results will also include resources in that folder with + // permission P. + // + // If true and + // [google.cloud.asset.v1.IamPolicyAnalysisQuery.resource_selector][google.cloud.asset.v1.IamPolicyAnalysisQuery.resource_selector] + // is specified, the resource section of the result will expand the + // specified resource to include resources lower in the resource hierarchy. + // + // For example, if the request analyzes for which users have permission P on + // a GCP folder with this option enabled, the results will include all users + // who have permission P on that folder or any lower resource(ex. project). + // + // Default is false. + bool expand_resources = 3 [(google.api.field_behavior) = OPTIONAL]; + + // If true, the result will output resource edges, starting + // from the policy attached resource, to any expanded resources. + // Default is false. + bool output_resource_edges = 4 [(google.api.field_behavior) = OPTIONAL]; + + // If true, the result will output group identity edges, starting + // from the binding's group members, to any expanded identities. + // Default is false. + bool output_group_edges = 5 [(google.api.field_behavior) = OPTIONAL]; + + // If true, the response will include access analysis from identities to + // resources via service account impersonation. This is a very expensive + // operation, because many derived queries will be executed. We highly + // recommend you use + // [google.cloud.asset.v1.AssetService.ExportIamPolicyAnalysis][google.cloud.asset.v1.AssetService.ExportIamPolicyAnalysis] + // rpc instead. + // + // For example, if the request analyzes for which resources user A has + // permission P, and there's an IAM policy states user A has + // iam.serviceAccounts.getAccessToken permission to a service account SA, + // and there's another IAM policy states service account SA has permission P + // to a GCP folder F, then user A potentially has access to the GCP folder + // F. And those advanced analysis results will be included in + // [google.cloud.asset.v1.AnalyzeIamPolicyResponse.service_account_impersonation_analysis][google.cloud.asset.v1.AnalyzeIamPolicyResponse.service_account_impersonation_analysis]. + // + // Another example, if the request analyzes for who has + // permission P to a GCP folder F, and there's an IAM policy states user A + // has iam.serviceAccounts.actAs permission to a service account SA, and + // there's another IAM policy states service account SA has permission P to + // the GCP folder F, then user A potentially has access to the GCP folder + // F. And those advanced analysis results will be included in + // [google.cloud.asset.v1.AnalyzeIamPolicyResponse.service_account_impersonation_analysis][google.cloud.asset.v1.AnalyzeIamPolicyResponse.service_account_impersonation_analysis]. + // + // Default is false. + bool analyze_service_account_impersonation = 6 + [(google.api.field_behavior) = OPTIONAL]; + + // The maximum number of fanouts per group when [expand_groups][expand_groups] + // is enabled. This internal field is to help load testing and determine a + // proper value, and won't be public in the future. + int32 max_fanouts_per_group = 7 [ + (google.api.field_behavior) = OPTIONAL + ]; + + // The maximum number of fanouts per parent resource, such as + // GCP Project etc., when [expand_resources][] is enabled. This internal + // field is to help load testing and determine a proper value, and won't be + // public in the future. + int32 max_fanouts_per_resource = 8 [ + (google.api.field_behavior) = OPTIONAL + ]; + } + + // The query options. + Options options = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// A request message for +// [google.cloud.asset.v1.AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy]. +message AnalyzeIamPolicyRequest { + // The request query. + IamPolicyAnalysisQuery analysis_query = 1 + [(google.api.field_behavior) = REQUIRED]; + + // Amount of time executable has to complete. See JSON representation of + // [Duration](https://developers.google.com/protocol-buffers/docs/proto3#json). + // + // If this field is set with a value less than the RPC deadline, and the + // execution of your query hasn't finished in the specified + // execution timeout, you will get a response with partial result. + // Otherwise, your query's execution will continue until the RPC deadline. + // If it's not finished until then, you will get a DEADLINE_EXCEEDED error. + // + // Default is empty. + // + // (-- We had discussion of whether we should have this field in the --) + // (-- request or use the RPC deadline instead. We finally choose this --) + // (-- approach for the following reasons (detailed in --) + // (-- go/analyze-iam-policy-deadlines): --) + // (-- * HTTP clients have very limited support of the RPC deadline. --) + // (-- There is an X-Server-Timeout header introduced in 2019/09, but --) + // (-- only implemented in the C++ HTTP server library. --) + // (-- * The purpose of the RPC deadline is for RPC clients to --) + // (-- communicate its max waiting time to the server. This deadline --) + // (-- could be further propagated to the downstream servers. It is --) + // (-- mainly used for servers to cancel the request processing --) + // (-- to avoid resource wasting. Overloading the RPC deadline for --) + // (-- other purposes could make our backend system harder to reason --) + // (-- about. --) + google.protobuf.Duration execution_timeout = 2 + [(google.api.field_behavior) = OPTIONAL]; +} + +// A response message for +// [google.cloud.asset.v1.AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy]. +message AnalyzeIamPolicyResponse { + // An analysis message to group the query and results. + message IamPolicyAnalysis { + // The analysis query. + IamPolicyAnalysisQuery analysis_query = 1; + + // A list of [google.cloud.asset.v1.IamPolicyAnalysisResult][google.cloud.asset.v1.IamPolicyAnalysisResult] + // that matches the analysis query, or empty if no result is found. + repeated IamPolicyAnalysisResult analysis_results = 2; + + // Represents whether all entries in the + // [analysis_results][analysis_results] have been fully explored to answer + // the query. + bool fully_explored = 3; + + // A stats message that contains a set of analysis metrics. + // + // Here are some equations to show relationships of the explicitly specified + // metrics with other implicit metrics: + // * node_count = discovered_node_count + undiscovered_node_count(implicit) + // * discovered_node_count = explored_node_count + + // unexplored_node_count(implicit) + // * explored_node_count = capped_node_count + uncapped_node_count(implicit) + // * unexplored_node_count(implicit) = permission_denied_node_count + + // execution_timeout_node_count + other_unexplored_node_count(implicit) + // * discovered_node_count = matched_node_count + + // unmatched_node_count(implicit) + message Stats { + // Type of the node. + enum NodeType { + // Unspecified node type. + NODE_TYPE_UNSPECIFIED = 0; + // IAM Policy Binding node type. + BINDING = 1; + // Identity node type. + IDENTITY = 2; + // Resource node type. + RESOURCE = 3; + // Access node type. + ACCESS = 4; + } + + // Node type. + NodeType node_type = 1; + + // The subtype of a node, such as: + // * For Identity: Group, User, ServiceAccount etc. + // * For Resource: resource type name, such as + // cloudresourcemanager.googleapis.com/Organization, etc. + // * For Access: Role or Permission + string node_subtype = 2; + + // The count of discovered nodes. + int32 discovered_node_count = 3; + + // The count of nodes that match the query. These nodes form a sub-graph + // of discovered nodes. + int32 matched_node_count = 4; + + // The count of explored nodes. + int32 explored_node_count = 5; + + // The count of nodes that get explored, but are capped by max fanout + // setting. + int32 capped_node_count = 6; + + // The count of unexplored nodes caused by permission denied error. + int32 permision_denied_node_count = 7; + + // The count of unexplored nodes caused by execution timeout. + int32 execution_timeout_node_count = 8; + } + + // The stats of how the analysis has been explored. + repeated Stats stats = 4; + + // A list of non-critical errors happened during the query handling. + repeated IamPolicyAnalysisState non_critical_errors = 5; + } + + // The main analysis that matches the original request. + IamPolicyAnalysis main_analysis = 1; + + // The service account impersonation analysis if + // [google.cloud.asset.v1.AnalyzeIamPolicyRequest.analyze_service_account_impersonation][google.cloud.asset.v1.AnalyzeIamPolicyRequest.analyze_service_account_impersonation] + // is enabled. + repeated IamPolicyAnalysis service_account_impersonation_analysis = 2; + + // Represents whether all entries in the [main_analysis][main_analysis] and + // [service_account_impersonation_analysis][] have been fully explored to + // answer the query in the request. + bool fully_explored = 3; +} + +// Output configuration for export IAM policy analysis destination. +message IamPolicyAnalysisOutputConfig { + // A Cloud Storage location. + message GcsDestination { + // The uri of the Cloud Storage object. It's the same uri that is used by + // gsutil. For example: "gs://bucket_name/object_name". See [Viewing and + // Editing Object + // Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) + // for more information. + string uri = 1 [(google.api.field_behavior) = REQUIRED]; + } + + // A BigQuery destination. + message BigQueryDestination { + // The BigQuery dataset in format "projects/projectId/datasets/datasetId", + // to which the analysis results should be exported. If this dataset does + // not exist, the export call will return an INVALID_ARGUMENT error. + string dataset = 1 [ + (google.api.field_behavior) = REQUIRED + ]; + + // The prefix of the BigQuery tables to which the analysis results will be + // written. Tables will be created based on this table_prefix if not exist: + // * _analysis table will contain export operation's metadata. + // * _analysis_result will contain all the + // [IamPolicyAnalysisResult][]. + // When [partition_key] is specified, both tables will be partitioned based + // on the [partition_key]. + string table_prefix = 2 [ + (google.api.field_behavior) = REQUIRED + ]; + + // This enum determines the partition key column for the bigquery tables. + // Partitioning can improve query performance and reduce query cost by + // filtering partitions. Refer to + // https://cloud.google.com/bigquery/docs/partitioned-tables for details. + enum PartitionKey { + // Unspecified partition key. Tables won't be partitioned using this + // option. + PARTITION_KEY_UNSPECIFIED = 0; + // The time when the request is received. If specified as partition key, + // the result table(s) is partitoned by the RequestTime column, an + // additional timestamp column representing when the request was received. + REQUEST_TIME = 1; + } + // The partition key for BigQuery partitioned table. + PartitionKey partition_key = 3; + + // Write mode types if table exists. + enum WriteMode { + // Unspecified write mode. We expect one of the following valid modes must + // be specified when table or partition exists. + WRITE_MODE_UNSPECIFIED = 0; + // Abort the export when table or partition exists. + ABORT = 1; + // Overwrite the table when table exists. When partitioned, overwrite + // the existing partition. + OVERWRITE = 2; + } + // The write mode when table exists. WriteMode is ignored when no existing + // tables, or no existing partitions are found. + WriteMode write_mode = 4; + } + + // IAM policy analysis export destination. + oneof destination { + // Destination on Cloud Storage. + GcsDestination gcs_destination = 1; + + // Destination on BigQuery. + BigQueryDestination bigquery_destination = 2; + } +} + +// A request message for [AssetService.ExportIamPolicyAnalysis][]. +message ExportIamPolicyAnalysisRequest { + // The request query. + IamPolicyAnalysisQuery analysis_query = 1 + [(google.api.field_behavior) = REQUIRED]; + + // Output configuration indicating where the results will be output to. + IamPolicyAnalysisOutputConfig output_config = 2 + [(google.api.field_behavior) = REQUIRED]; +} + +// The export IAM policy analysis response. +message ExportIamPolicyAnalysisResponse {} + // Asset content type. enum ContentType { // Unspecified content type. diff --git a/packages/google-cloud-asset/protos/google/cloud/asset/v1/assets.proto b/packages/google-cloud-asset/protos/google/cloud/asset/v1/assets.proto index b9d56744e16..01c768532b1 100644 --- a/packages/google-cloud-asset/protos/google/cloud/asset/v1/assets.proto +++ b/packages/google-cloud-asset/protos/google/cloud/asset/v1/assets.proto @@ -22,11 +22,9 @@ import "google/iam/v1/policy.proto"; import "google/identity/accesscontextmanager/v1/access_level.proto"; import "google/identity/accesscontextmanager/v1/access_policy.proto"; import "google/identity/accesscontextmanager/v1/service_perimeter.proto"; -import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; import "google/rpc/code.proto"; -import "google/api/annotations.proto"; option cc_enable_arenas = true; option csharp_namespace = "Google.Cloud.Asset.V1"; @@ -150,7 +148,8 @@ message Asset { // Please also refer to the [service perimeter user // guide](https://cloud.google.com/vpc-service-controls/docs/overview). - google.identity.accesscontextmanager.v1.ServicePerimeter service_perimeter = 9; + google.identity.accesscontextmanager.v1.ServicePerimeter service_perimeter = + 9; } // The ancestry path of an asset in Google Cloud [resource @@ -378,3 +377,158 @@ message IamPolicySearchResult { // information to explain why the search result matches the query. Explanation explanation = 4; } + +// Represents the detailed state of an entity under analysis, such as a +// resource, an identity or an access. +message IamPolicyAnalysisState { + // The Google standard error code that best describes the state. + // For example: + // - OK means the analysis on this entity has been successfully finished; + // - PERMISSION_DENIED means an access denied error is encountered; + // - DEADLINE_EXCEEDED means the analysis on this entity hasn't been started + // in time; + google.rpc.Code code = 1; + + // The human-readable description of the cause of failure. + string cause = 2; +} + +// IAM Policy analysis result, consisting of one IAM policy binding and derived +// access control lists. +message IamPolicyAnalysisResult { + // The [full resource + // name](https://cloud.google.com/asset-inventory/docs/resource-name-format) + // of the resource to which the [iam_binding][iam_binding] policy attaches. + // (-- api-linter: core::0122::name-suffix=disabled + // aip.dev/not-precedent: full_resource_name is a public notion in GCP. + // --) + string attached_resource_full_name = 1; + + // The Cloud IAM policy binding under analysis. + google.iam.v1.Binding iam_binding = 2; + + // A Google Cloud resource under analysis. + message Resource { + // The [full resource + // name](https://cloud.google.com/asset-inventory/docs/resource-name-format) + // (-- api-linter: core::0122::name-suffix=disabled + // aip.dev/not-precedent: full_resource_name is a public notion in GCP. + // --) + string full_resource_name = 1; + + // The analysis state of this resource. + IamPolicyAnalysisState analysis_state = 2; + } + + // An IAM role or permission under analysis. + message Access { + oneof oneof_access { + // The role. + string role = 1; + + // The permission. + string permission = 2; + } + + // The analysis state of this access. + IamPolicyAnalysisState analysis_state = 3; + } + + // An identity under analysis. + // (-- api-linter: core::0123::resource-annotation=disabled + // aip.dev/not-precedent: Identity name is not a resource. --) + message Identity { + // The identity name in any form of members appear in + // [IAM policy + // binding](https://cloud.google.com/iam/reference/rest/v1/Binding), such + // as: + // - user:foo@google.com + // - group:group1@google.com + // - serviceAccount:s1@prj1.iam.gserviceaccount.com + // - projectOwner:some_project_id + // - domain:google.com + // - allUsers + // - etc. + // + string name = 1; + + // The analysis state of this identity. + IamPolicyAnalysisState analysis_state = 2; + } + + // A directional edge. + message Edge { + // The source node of the edge. For example, it could be a full resource + // name for a resource node or an email of an identity. + string source_node = 1; + + // The target node of the edge. For example, it could be a full resource + // name for a resource node or an email of an identity. + string target_node = 2; + } + + // An access control list, derived from the above IAM policy binding, which + // contains a set of resources and accesses. May include one + // item from each set to compose an access control entry. + // + // NOTICE that there could be multiple access control lists for one IAM policy + // binding. The access control lists are created based on resource and access + // combinations. + // + // For example, assume we have the following cases in one IAM policy binding: + // - Permission P1 and P2 apply to resource R1 and R2; + // - Permission P3 applies to resource R2 and R3; + // + // This will result in the following access control lists: + // - AccessControlList 1: [R1, R2], [P1, P2] + // - AccessControlList 2: [R2, R3], [P3] + message AccessControlList { + // The resources that match one of the following conditions: + // - The resource_selector, if it is specified in request; + // - Otherwise, resources reachable from the policy attached resource. + repeated Resource resources = 1; + + // The accesses that match one of the following conditions: + // - The access_selector, if it is specified in request; + // - Otherwise, access specifiers reachable from the policy binding's role. + repeated Access accesses = 2; + + // Resource edges of the graph starting from the policy attached + // resource to any descendant resources. The [Edge.source_node][] contains + // the full resource name of a parent resource and [Edge.target_node][] + // contains the full resource name of a child resource. This field is + // present only if the output_resource_edges option is enabled in request. + repeated Edge resource_edges = 3; + } + + // The access control lists derived from the [iam_binding][iam_binding] that + // match or potentially match resource and access selectors specified in the + // request. + repeated AccessControlList access_control_lists = 3; + + // The identities and group edges. + message IdentityList { + // Only the identities that match one of the following conditions will be + // presented: + // - The identity_selector, if it is specified in request; + // - Otherwise, identities reachable from the policy binding's members. + repeated Identity identities = 1; + + // Group identity edges of the graph starting from the binding's + // group members to any node of the [identities][]. The [Edge.source_node][] + // contains a group, such as `group:parent@google.com`. The + // [Edge.target_node][] contains a member of the group, + // such as `group:child@google.com` or `user:foo@google.com`. + // This field is present only if the output_group_edges option is enabled in + // request. + repeated Edge group_edges = 2; + } + + // The identity list derived from members of the [iam_binding][iam_binding] + // that match or potentially match identity selector specified in the request. + IdentityList identity_list = 4; + + // Represents whether all analyses on the [iam_binding][iam_binding] have + // successfully finished. + bool fully_explored = 5; +} diff --git a/packages/google-cloud-asset/protos/protos.d.ts b/packages/google-cloud-asset/protos/protos.d.ts index 5e5c844f96b..8ed56fff2cb 100644 --- a/packages/google-cloud-asset/protos/protos.d.ts +++ b/packages/google-cloud-asset/protos/protos.d.ts @@ -171,6 +171,34 @@ export namespace google { * @returns Promise */ public searchAllIamPolicies(request: google.cloud.asset.v1.ISearchAllIamPoliciesRequest): Promise; + + /** + * Calls AnalyzeIamPolicy. + * @param request AnalyzeIamPolicyRequest message or plain object + * @param callback Node-style callback called with the error, if any, and AnalyzeIamPolicyResponse + */ + public analyzeIamPolicy(request: google.cloud.asset.v1.IAnalyzeIamPolicyRequest, callback: google.cloud.asset.v1.AssetService.AnalyzeIamPolicyCallback): void; + + /** + * Calls AnalyzeIamPolicy. + * @param request AnalyzeIamPolicyRequest message or plain object + * @returns Promise + */ + public analyzeIamPolicy(request: google.cloud.asset.v1.IAnalyzeIamPolicyRequest): Promise; + + /** + * Calls ExportIamPolicyAnalysis. + * @param request ExportIamPolicyAnalysisRequest message or plain object + * @param callback Node-style callback called with the error, if any, and Operation + */ + public exportIamPolicyAnalysis(request: google.cloud.asset.v1.IExportIamPolicyAnalysisRequest, callback: google.cloud.asset.v1.AssetService.ExportIamPolicyAnalysisCallback): void; + + /** + * Calls ExportIamPolicyAnalysis. + * @param request ExportIamPolicyAnalysisRequest message or plain object + * @returns Promise + */ + public exportIamPolicyAnalysis(request: google.cloud.asset.v1.IExportIamPolicyAnalysisRequest): Promise; } namespace AssetService { @@ -237,6 +265,20 @@ export namespace google { * @param [response] SearchAllIamPoliciesResponse */ type SearchAllIamPoliciesCallback = (error: (Error|null), response?: google.cloud.asset.v1.SearchAllIamPoliciesResponse) => void; + + /** + * Callback as used by {@link google.cloud.asset.v1.AssetService#analyzeIamPolicy}. + * @param error Error, if any + * @param [response] AnalyzeIamPolicyResponse + */ + type AnalyzeIamPolicyCallback = (error: (Error|null), response?: google.cloud.asset.v1.AnalyzeIamPolicyResponse) => void; + + /** + * Callback as used by {@link google.cloud.asset.v1.AssetService#exportIamPolicyAnalysis}. + * @param error Error, if any + * @param [response] Operation + */ + type ExportIamPolicyAnalysisCallback = (error: (Error|null), response?: google.longrunning.Operation) => void; } /** Properties of an ExportAssetsRequest. */ @@ -2417,939 +2459,3226 @@ export namespace google { public toJSON(): { [k: string]: any }; } - /** ContentType enum. */ - enum ContentType { - CONTENT_TYPE_UNSPECIFIED = 0, - RESOURCE = 1, - IAM_POLICY = 2, - ORG_POLICY = 4, - ACCESS_POLICY = 5 - } - - /** Properties of a TemporalAsset. */ - interface ITemporalAsset { + /** Properties of an IamPolicyAnalysisQuery. */ + interface IIamPolicyAnalysisQuery { - /** TemporalAsset window */ - window?: (google.cloud.asset.v1.ITimeWindow|null); + /** IamPolicyAnalysisQuery scope */ + scope?: (string|null); - /** TemporalAsset deleted */ - deleted?: (boolean|null); + /** IamPolicyAnalysisQuery resourceSelector */ + resourceSelector?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector|null); - /** TemporalAsset asset */ - asset?: (google.cloud.asset.v1.IAsset|null); + /** IamPolicyAnalysisQuery identitySelector */ + identitySelector?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector|null); - /** TemporalAsset priorAssetState */ - priorAssetState?: (google.cloud.asset.v1.TemporalAsset.PriorAssetState|keyof typeof google.cloud.asset.v1.TemporalAsset.PriorAssetState|null); + /** IamPolicyAnalysisQuery accessSelector */ + accessSelector?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector|null); - /** TemporalAsset priorAsset */ - priorAsset?: (google.cloud.asset.v1.IAsset|null); + /** IamPolicyAnalysisQuery options */ + options?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions|null); } - /** Represents a TemporalAsset. */ - class TemporalAsset implements ITemporalAsset { + /** Represents an IamPolicyAnalysisQuery. */ + class IamPolicyAnalysisQuery implements IIamPolicyAnalysisQuery { /** - * Constructs a new TemporalAsset. + * Constructs a new IamPolicyAnalysisQuery. * @param [properties] Properties to set */ - constructor(properties?: google.cloud.asset.v1.ITemporalAsset); + constructor(properties?: google.cloud.asset.v1.IIamPolicyAnalysisQuery); - /** TemporalAsset window. */ - public window?: (google.cloud.asset.v1.ITimeWindow|null); + /** IamPolicyAnalysisQuery scope. */ + public scope: string; - /** TemporalAsset deleted. */ - public deleted: boolean; + /** IamPolicyAnalysisQuery resourceSelector. */ + public resourceSelector?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector|null); - /** TemporalAsset asset. */ - public asset?: (google.cloud.asset.v1.IAsset|null); + /** IamPolicyAnalysisQuery identitySelector. */ + public identitySelector?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector|null); - /** TemporalAsset priorAssetState. */ - public priorAssetState: (google.cloud.asset.v1.TemporalAsset.PriorAssetState|keyof typeof google.cloud.asset.v1.TemporalAsset.PriorAssetState); + /** IamPolicyAnalysisQuery accessSelector. */ + public accessSelector?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector|null); - /** TemporalAsset priorAsset. */ - public priorAsset?: (google.cloud.asset.v1.IAsset|null); + /** IamPolicyAnalysisQuery options. */ + public options?: (google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions|null); /** - * Creates a new TemporalAsset instance using the specified properties. + * Creates a new IamPolicyAnalysisQuery instance using the specified properties. * @param [properties] Properties to set - * @returns TemporalAsset instance + * @returns IamPolicyAnalysisQuery instance */ - public static create(properties?: google.cloud.asset.v1.ITemporalAsset): google.cloud.asset.v1.TemporalAsset; + public static create(properties?: google.cloud.asset.v1.IIamPolicyAnalysisQuery): google.cloud.asset.v1.IamPolicyAnalysisQuery; /** - * Encodes the specified TemporalAsset message. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. - * @param message TemporalAsset message or plain object to encode + * Encodes the specified IamPolicyAnalysisQuery message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.verify|verify} messages. + * @param message IamPolicyAnalysisQuery message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encode(message: google.cloud.asset.v1.ITemporalAsset, writer?: $protobuf.Writer): $protobuf.Writer; + public static encode(message: google.cloud.asset.v1.IIamPolicyAnalysisQuery, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Encodes the specified TemporalAsset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. - * @param message TemporalAsset message or plain object to encode + * Encodes the specified IamPolicyAnalysisQuery message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.verify|verify} messages. + * @param message IamPolicyAnalysisQuery message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encodeDelimited(message: google.cloud.asset.v1.ITemporalAsset, writer?: $protobuf.Writer): $protobuf.Writer; + public static encodeDelimited(message: google.cloud.asset.v1.IIamPolicyAnalysisQuery, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Decodes a TemporalAsset message from the specified reader or buffer. + * Decodes an IamPolicyAnalysisQuery message from the specified reader or buffer. * @param reader Reader or buffer to decode from * @param [length] Message length if known beforehand - * @returns TemporalAsset + * @returns IamPolicyAnalysisQuery * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.TemporalAsset; + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisQuery; /** - * Decodes a TemporalAsset message from the specified reader or buffer, length delimited. + * Decodes an IamPolicyAnalysisQuery message from the specified reader or buffer, length delimited. * @param reader Reader or buffer to decode from - * @returns TemporalAsset + * @returns IamPolicyAnalysisQuery * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.TemporalAsset; + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisQuery; /** - * Verifies a TemporalAsset message. + * Verifies an IamPolicyAnalysisQuery message. * @param message Plain object to verify * @returns `null` if valid, otherwise the reason why it is not */ public static verify(message: { [k: string]: any }): (string|null); /** - * Creates a TemporalAsset message from a plain object. Also converts values to their respective internal types. + * Creates an IamPolicyAnalysisQuery message from a plain object. Also converts values to their respective internal types. * @param object Plain object - * @returns TemporalAsset + * @returns IamPolicyAnalysisQuery */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.TemporalAsset; + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisQuery; /** - * Creates a plain object from a TemporalAsset message. Also converts values to other types if specified. - * @param message TemporalAsset + * Creates a plain object from an IamPolicyAnalysisQuery message. Also converts values to other types if specified. + * @param message IamPolicyAnalysisQuery * @param [options] Conversion options * @returns Plain object */ - public static toObject(message: google.cloud.asset.v1.TemporalAsset, options?: $protobuf.IConversionOptions): { [k: string]: any }; + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisQuery, options?: $protobuf.IConversionOptions): { [k: string]: any }; /** - * Converts this TemporalAsset to JSON. + * Converts this IamPolicyAnalysisQuery to JSON. * @returns JSON object */ public toJSON(): { [k: string]: any }; } - namespace TemporalAsset { + namespace IamPolicyAnalysisQuery { - /** PriorAssetState enum. */ - enum PriorAssetState { - PRIOR_ASSET_STATE_UNSPECIFIED = 0, - PRESENT = 1, - INVALID = 2, - DOES_NOT_EXIST = 3, - DELETED = 4 + /** Properties of a ResourceSelector. */ + interface IResourceSelector { + + /** ResourceSelector fullResourceName */ + fullResourceName?: (string|null); } - } - /** Properties of a TimeWindow. */ - interface ITimeWindow { + /** Represents a ResourceSelector. */ + class ResourceSelector implements IResourceSelector { - /** TimeWindow startTime */ - startTime?: (google.protobuf.ITimestamp|null); + /** + * Constructs a new ResourceSelector. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector); - /** TimeWindow endTime */ - endTime?: (google.protobuf.ITimestamp|null); - } + /** ResourceSelector fullResourceName. */ + public fullResourceName: string; - /** Represents a TimeWindow. */ - class TimeWindow implements ITimeWindow { + /** + * Creates a new ResourceSelector instance using the specified properties. + * @param [properties] Properties to set + * @returns ResourceSelector instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector): google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector; - /** - * Constructs a new TimeWindow. - * @param [properties] Properties to set - */ - constructor(properties?: google.cloud.asset.v1.ITimeWindow); + /** + * Encodes the specified ResourceSelector message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.verify|verify} messages. + * @param message ResourceSelector message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector, writer?: $protobuf.Writer): $protobuf.Writer; - /** TimeWindow startTime. */ - public startTime?: (google.protobuf.ITimestamp|null); + /** + * Encodes the specified ResourceSelector message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.verify|verify} messages. + * @param message ResourceSelector message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector, writer?: $protobuf.Writer): $protobuf.Writer; - /** TimeWindow endTime. */ - public endTime?: (google.protobuf.ITimestamp|null); + /** + * Decodes a ResourceSelector message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns ResourceSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector; - /** - * Creates a new TimeWindow instance using the specified properties. - * @param [properties] Properties to set - * @returns TimeWindow instance - */ - public static create(properties?: google.cloud.asset.v1.ITimeWindow): google.cloud.asset.v1.TimeWindow; + /** + * Decodes a ResourceSelector message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns ResourceSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector; - /** - * Encodes the specified TimeWindow message. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. - * @param message TimeWindow message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encode(message: google.cloud.asset.v1.ITimeWindow, writer?: $protobuf.Writer): $protobuf.Writer; + /** + * Verifies a ResourceSelector message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); - /** - * Encodes the specified TimeWindow message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. - * @param message TimeWindow message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encodeDelimited(message: google.cloud.asset.v1.ITimeWindow, writer?: $protobuf.Writer): $protobuf.Writer; + /** + * Creates a ResourceSelector message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns ResourceSelector + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector; - /** - * Decodes a TimeWindow message from the specified reader or buffer. - * @param reader Reader or buffer to decode from - * @param [length] Message length if known beforehand - * @returns TimeWindow - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.TimeWindow; + /** + * Creates a plain object from a ResourceSelector message. Also converts values to other types if specified. + * @param message ResourceSelector + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector, options?: $protobuf.IConversionOptions): { [k: string]: any }; - /** - * Decodes a TimeWindow message from the specified reader or buffer, length delimited. - * @param reader Reader or buffer to decode from - * @returns TimeWindow - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.TimeWindow; + /** + * Converts this ResourceSelector to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } - /** - * Verifies a TimeWindow message. - * @param message Plain object to verify - * @returns `null` if valid, otherwise the reason why it is not - */ - public static verify(message: { [k: string]: any }): (string|null); + /** Properties of an IdentitySelector. */ + interface IIdentitySelector { - /** - * Creates a TimeWindow message from a plain object. Also converts values to their respective internal types. - * @param object Plain object - * @returns TimeWindow - */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.TimeWindow; + /** IdentitySelector identity */ + identity?: (string|null); + } - /** - * Creates a plain object from a TimeWindow message. Also converts values to other types if specified. - * @param message TimeWindow - * @param [options] Conversion options - * @returns Plain object - */ - public static toObject(message: google.cloud.asset.v1.TimeWindow, options?: $protobuf.IConversionOptions): { [k: string]: any }; + /** Represents an IdentitySelector. */ + class IdentitySelector implements IIdentitySelector { - /** - * Converts this TimeWindow to JSON. - * @returns JSON object - */ - public toJSON(): { [k: string]: any }; - } + /** + * Constructs a new IdentitySelector. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector); - /** Properties of an Asset. */ - interface IAsset { + /** IdentitySelector identity. */ + public identity: string; - /** Asset updateTime */ - updateTime?: (google.protobuf.ITimestamp|null); + /** + * Creates a new IdentitySelector instance using the specified properties. + * @param [properties] Properties to set + * @returns IdentitySelector instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector): google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector; - /** Asset name */ - name?: (string|null); + /** + * Encodes the specified IdentitySelector message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.verify|verify} messages. + * @param message IdentitySelector message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector, writer?: $protobuf.Writer): $protobuf.Writer; - /** Asset assetType */ - assetType?: (string|null); + /** + * Encodes the specified IdentitySelector message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.verify|verify} messages. + * @param message IdentitySelector message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector, writer?: $protobuf.Writer): $protobuf.Writer; - /** Asset resource */ - resource?: (google.cloud.asset.v1.IResource|null); + /** + * Decodes an IdentitySelector message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IdentitySelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector; - /** Asset iamPolicy */ - iamPolicy?: (google.iam.v1.IPolicy|null); + /** + * Decodes an IdentitySelector message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IdentitySelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector; - /** Asset orgPolicy */ - orgPolicy?: (google.cloud.orgpolicy.v1.IPolicy[]|null); + /** + * Verifies an IdentitySelector message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); - /** Asset accessPolicy */ - accessPolicy?: (google.identity.accesscontextmanager.v1.IAccessPolicy|null); + /** + * Creates an IdentitySelector message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IdentitySelector + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector; - /** Asset accessLevel */ - accessLevel?: (google.identity.accesscontextmanager.v1.IAccessLevel|null); + /** + * Creates a plain object from an IdentitySelector message. Also converts values to other types if specified. + * @param message IdentitySelector + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector, options?: $protobuf.IConversionOptions): { [k: string]: any }; - /** Asset servicePerimeter */ - servicePerimeter?: (google.identity.accesscontextmanager.v1.IServicePerimeter|null); + /** + * Converts this IdentitySelector to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } - /** Asset ancestors */ - ancestors?: (string[]|null); - } + /** Properties of an AccessSelector. */ + interface IAccessSelector { - /** Represents an Asset. */ - class Asset implements IAsset { + /** AccessSelector roles */ + roles?: (string[]|null); - /** - * Constructs a new Asset. - * @param [properties] Properties to set - */ - constructor(properties?: google.cloud.asset.v1.IAsset); + /** AccessSelector permissions */ + permissions?: (string[]|null); + } - /** Asset updateTime. */ - public updateTime?: (google.protobuf.ITimestamp|null); + /** Represents an AccessSelector. */ + class AccessSelector implements IAccessSelector { - /** Asset name. */ - public name: string; + /** + * Constructs a new AccessSelector. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector); - /** Asset assetType. */ - public assetType: string; + /** AccessSelector roles. */ + public roles: string[]; - /** Asset resource. */ - public resource?: (google.cloud.asset.v1.IResource|null); + /** AccessSelector permissions. */ + public permissions: string[]; - /** Asset iamPolicy. */ - public iamPolicy?: (google.iam.v1.IPolicy|null); + /** + * Creates a new AccessSelector instance using the specified properties. + * @param [properties] Properties to set + * @returns AccessSelector instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector): google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector; - /** Asset orgPolicy. */ - public orgPolicy: google.cloud.orgpolicy.v1.IPolicy[]; + /** + * Encodes the specified AccessSelector message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.verify|verify} messages. + * @param message AccessSelector message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector, writer?: $protobuf.Writer): $protobuf.Writer; - /** Asset accessPolicy. */ - public accessPolicy?: (google.identity.accesscontextmanager.v1.IAccessPolicy|null); + /** + * Encodes the specified AccessSelector message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.verify|verify} messages. + * @param message AccessSelector message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector, writer?: $protobuf.Writer): $protobuf.Writer; - /** Asset accessLevel. */ - public accessLevel?: (google.identity.accesscontextmanager.v1.IAccessLevel|null); + /** + * Decodes an AccessSelector message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns AccessSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector; - /** Asset servicePerimeter. */ - public servicePerimeter?: (google.identity.accesscontextmanager.v1.IServicePerimeter|null); + /** + * Decodes an AccessSelector message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns AccessSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector; - /** Asset ancestors. */ - public ancestors: string[]; + /** + * Verifies an AccessSelector message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); - /** Asset accessContextPolicy. */ - public accessContextPolicy?: ("accessPolicy"|"accessLevel"|"servicePerimeter"); + /** + * Creates an AccessSelector message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns AccessSelector + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector; - /** - * Creates a new Asset instance using the specified properties. - * @param [properties] Properties to set - * @returns Asset instance - */ - public static create(properties?: google.cloud.asset.v1.IAsset): google.cloud.asset.v1.Asset; + /** + * Creates a plain object from an AccessSelector message. Also converts values to other types if specified. + * @param message AccessSelector + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector, options?: $protobuf.IConversionOptions): { [k: string]: any }; - /** - * Encodes the specified Asset message. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. - * @param message Asset message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encode(message: google.cloud.asset.v1.IAsset, writer?: $protobuf.Writer): $protobuf.Writer; + /** + * Converts this AccessSelector to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } - /** - * Encodes the specified Asset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. - * @param message Asset message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encodeDelimited(message: google.cloud.asset.v1.IAsset, writer?: $protobuf.Writer): $protobuf.Writer; + /** Properties of an Options. */ + interface IOptions { - /** - * Decodes an Asset message from the specified reader or buffer. - * @param reader Reader or buffer to decode from - * @param [length] Message length if known beforehand - * @returns Asset - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.Asset; + /** Options expandGroups */ + expandGroups?: (boolean|null); - /** - * Decodes an Asset message from the specified reader or buffer, length delimited. - * @param reader Reader or buffer to decode from - * @returns Asset - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.Asset; + /** Options expandRoles */ + expandRoles?: (boolean|null); - /** - * Verifies an Asset message. - * @param message Plain object to verify - * @returns `null` if valid, otherwise the reason why it is not - */ - public static verify(message: { [k: string]: any }): (string|null); + /** Options expandResources */ + expandResources?: (boolean|null); - /** - * Creates an Asset message from a plain object. Also converts values to their respective internal types. - * @param object Plain object - * @returns Asset - */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.Asset; + /** Options outputResourceEdges */ + outputResourceEdges?: (boolean|null); - /** - * Creates a plain object from an Asset message. Also converts values to other types if specified. - * @param message Asset - * @param [options] Conversion options - * @returns Plain object - */ - public static toObject(message: google.cloud.asset.v1.Asset, options?: $protobuf.IConversionOptions): { [k: string]: any }; + /** Options outputGroupEdges */ + outputGroupEdges?: (boolean|null); - /** - * Converts this Asset to JSON. - * @returns JSON object - */ - public toJSON(): { [k: string]: any }; - } + /** Options analyzeServiceAccountImpersonation */ + analyzeServiceAccountImpersonation?: (boolean|null); - /** Properties of a Resource. */ - interface IResource { + /** Options maxFanoutsPerGroup */ + maxFanoutsPerGroup?: (number|null); - /** Resource version */ - version?: (string|null); + /** Options maxFanoutsPerResource */ + maxFanoutsPerResource?: (number|null); + } - /** Resource discoveryDocumentUri */ - discoveryDocumentUri?: (string|null); + /** Represents an Options. */ + class Options implements IOptions { - /** Resource discoveryName */ - discoveryName?: (string|null); + /** + * Constructs a new Options. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions); - /** Resource resourceUrl */ - resourceUrl?: (string|null); + /** Options expandGroups. */ + public expandGroups: boolean; - /** Resource parent */ - parent?: (string|null); + /** Options expandRoles. */ + public expandRoles: boolean; - /** Resource data */ - data?: (google.protobuf.IStruct|null); + /** Options expandResources. */ + public expandResources: boolean; - /** Resource location */ - location?: (string|null); - } + /** Options outputResourceEdges. */ + public outputResourceEdges: boolean; - /** Represents a Resource. */ - class Resource implements IResource { + /** Options outputGroupEdges. */ + public outputGroupEdges: boolean; - /** - * Constructs a new Resource. - * @param [properties] Properties to set - */ - constructor(properties?: google.cloud.asset.v1.IResource); + /** Options analyzeServiceAccountImpersonation. */ + public analyzeServiceAccountImpersonation: boolean; - /** Resource version. */ - public version: string; + /** Options maxFanoutsPerGroup. */ + public maxFanoutsPerGroup: number; - /** Resource discoveryDocumentUri. */ - public discoveryDocumentUri: string; + /** Options maxFanoutsPerResource. */ + public maxFanoutsPerResource: number; - /** Resource discoveryName. */ - public discoveryName: string; + /** + * Creates a new Options instance using the specified properties. + * @param [properties] Properties to set + * @returns Options instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions): google.cloud.asset.v1.IamPolicyAnalysisQuery.Options; - /** Resource resourceUrl. */ - public resourceUrl: string; + /** + * Encodes the specified Options message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.verify|verify} messages. + * @param message Options message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions, writer?: $protobuf.Writer): $protobuf.Writer; - /** Resource parent. */ - public parent: string; + /** + * Encodes the specified Options message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.verify|verify} messages. + * @param message Options message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions, writer?: $protobuf.Writer): $protobuf.Writer; - /** Resource data. */ - public data?: (google.protobuf.IStruct|null); + /** + * Decodes an Options message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Options + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisQuery.Options; - /** Resource location. */ - public location: string; + /** + * Decodes an Options message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Options + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisQuery.Options; + + /** + * Verifies an Options message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an Options message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Options + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisQuery.Options; + + /** + * Creates a plain object from an Options message. Also converts values to other types if specified. + * @param message Options + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisQuery.Options, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Options to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + } + + /** Properties of an AnalyzeIamPolicyRequest. */ + interface IAnalyzeIamPolicyRequest { + + /** AnalyzeIamPolicyRequest analysisQuery */ + analysisQuery?: (google.cloud.asset.v1.IIamPolicyAnalysisQuery|null); + + /** AnalyzeIamPolicyRequest executionTimeout */ + executionTimeout?: (google.protobuf.IDuration|null); + } + + /** Represents an AnalyzeIamPolicyRequest. */ + class AnalyzeIamPolicyRequest implements IAnalyzeIamPolicyRequest { /** - * Creates a new Resource instance using the specified properties. + * Constructs a new AnalyzeIamPolicyRequest. * @param [properties] Properties to set - * @returns Resource instance */ - public static create(properties?: google.cloud.asset.v1.IResource): google.cloud.asset.v1.Resource; + constructor(properties?: google.cloud.asset.v1.IAnalyzeIamPolicyRequest); + + /** AnalyzeIamPolicyRequest analysisQuery. */ + public analysisQuery?: (google.cloud.asset.v1.IIamPolicyAnalysisQuery|null); + + /** AnalyzeIamPolicyRequest executionTimeout. */ + public executionTimeout?: (google.protobuf.IDuration|null); /** - * Encodes the specified Resource message. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. - * @param message Resource message or plain object to encode + * Creates a new AnalyzeIamPolicyRequest instance using the specified properties. + * @param [properties] Properties to set + * @returns AnalyzeIamPolicyRequest instance + */ + public static create(properties?: google.cloud.asset.v1.IAnalyzeIamPolicyRequest): google.cloud.asset.v1.AnalyzeIamPolicyRequest; + + /** + * Encodes the specified AnalyzeIamPolicyRequest message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyRequest.verify|verify} messages. + * @param message AnalyzeIamPolicyRequest message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encode(message: google.cloud.asset.v1.IResource, writer?: $protobuf.Writer): $protobuf.Writer; + public static encode(message: google.cloud.asset.v1.IAnalyzeIamPolicyRequest, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Encodes the specified Resource message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. - * @param message Resource message or plain object to encode + * Encodes the specified AnalyzeIamPolicyRequest message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyRequest.verify|verify} messages. + * @param message AnalyzeIamPolicyRequest message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encodeDelimited(message: google.cloud.asset.v1.IResource, writer?: $protobuf.Writer): $protobuf.Writer; + public static encodeDelimited(message: google.cloud.asset.v1.IAnalyzeIamPolicyRequest, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Decodes a Resource message from the specified reader or buffer. + * Decodes an AnalyzeIamPolicyRequest message from the specified reader or buffer. * @param reader Reader or buffer to decode from * @param [length] Message length if known beforehand - * @returns Resource + * @returns AnalyzeIamPolicyRequest * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.Resource; + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.AnalyzeIamPolicyRequest; /** - * Decodes a Resource message from the specified reader or buffer, length delimited. + * Decodes an AnalyzeIamPolicyRequest message from the specified reader or buffer, length delimited. * @param reader Reader or buffer to decode from - * @returns Resource + * @returns AnalyzeIamPolicyRequest * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.Resource; + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.AnalyzeIamPolicyRequest; /** - * Verifies a Resource message. + * Verifies an AnalyzeIamPolicyRequest message. * @param message Plain object to verify * @returns `null` if valid, otherwise the reason why it is not */ public static verify(message: { [k: string]: any }): (string|null); /** - * Creates a Resource message from a plain object. Also converts values to their respective internal types. + * Creates an AnalyzeIamPolicyRequest message from a plain object. Also converts values to their respective internal types. * @param object Plain object - * @returns Resource + * @returns AnalyzeIamPolicyRequest */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.Resource; + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.AnalyzeIamPolicyRequest; /** - * Creates a plain object from a Resource message. Also converts values to other types if specified. - * @param message Resource + * Creates a plain object from an AnalyzeIamPolicyRequest message. Also converts values to other types if specified. + * @param message AnalyzeIamPolicyRequest * @param [options] Conversion options * @returns Plain object */ - public static toObject(message: google.cloud.asset.v1.Resource, options?: $protobuf.IConversionOptions): { [k: string]: any }; + public static toObject(message: google.cloud.asset.v1.AnalyzeIamPolicyRequest, options?: $protobuf.IConversionOptions): { [k: string]: any }; /** - * Converts this Resource to JSON. + * Converts this AnalyzeIamPolicyRequest to JSON. * @returns JSON object */ public toJSON(): { [k: string]: any }; } - /** Properties of a ResourceSearchResult. */ - interface IResourceSearchResult { - - /** ResourceSearchResult name */ - name?: (string|null); - - /** ResourceSearchResult assetType */ - assetType?: (string|null); - - /** ResourceSearchResult project */ - project?: (string|null); - - /** ResourceSearchResult displayName */ - displayName?: (string|null); - - /** ResourceSearchResult description */ - description?: (string|null); - - /** ResourceSearchResult location */ - location?: (string|null); + /** Properties of an AnalyzeIamPolicyResponse. */ + interface IAnalyzeIamPolicyResponse { - /** ResourceSearchResult labels */ - labels?: ({ [k: string]: string }|null); + /** AnalyzeIamPolicyResponse mainAnalysis */ + mainAnalysis?: (google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis|null); - /** ResourceSearchResult networkTags */ - networkTags?: (string[]|null); + /** AnalyzeIamPolicyResponse serviceAccountImpersonationAnalysis */ + serviceAccountImpersonationAnalysis?: (google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis[]|null); - /** ResourceSearchResult additionalAttributes */ - additionalAttributes?: (google.protobuf.IStruct|null); + /** AnalyzeIamPolicyResponse fullyExplored */ + fullyExplored?: (boolean|null); } - /** Represents a ResourceSearchResult. */ - class ResourceSearchResult implements IResourceSearchResult { + /** Represents an AnalyzeIamPolicyResponse. */ + class AnalyzeIamPolicyResponse implements IAnalyzeIamPolicyResponse { /** - * Constructs a new ResourceSearchResult. + * Constructs a new AnalyzeIamPolicyResponse. * @param [properties] Properties to set */ - constructor(properties?: google.cloud.asset.v1.IResourceSearchResult); + constructor(properties?: google.cloud.asset.v1.IAnalyzeIamPolicyResponse); - /** ResourceSearchResult name. */ - public name: string; + /** AnalyzeIamPolicyResponse mainAnalysis. */ + public mainAnalysis?: (google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis|null); - /** ResourceSearchResult assetType. */ - public assetType: string; + /** AnalyzeIamPolicyResponse serviceAccountImpersonationAnalysis. */ + public serviceAccountImpersonationAnalysis: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis[]; - /** ResourceSearchResult project. */ - public project: string; + /** AnalyzeIamPolicyResponse fullyExplored. */ + public fullyExplored: boolean; - /** ResourceSearchResult displayName. */ - public displayName: string; - - /** ResourceSearchResult description. */ - public description: string; - - /** ResourceSearchResult location. */ - public location: string; - - /** ResourceSearchResult labels. */ - public labels: { [k: string]: string }; - - /** ResourceSearchResult networkTags. */ - public networkTags: string[]; - - /** ResourceSearchResult additionalAttributes. */ - public additionalAttributes?: (google.protobuf.IStruct|null); - - /** - * Creates a new ResourceSearchResult instance using the specified properties. - * @param [properties] Properties to set - * @returns ResourceSearchResult instance - */ - public static create(properties?: google.cloud.asset.v1.IResourceSearchResult): google.cloud.asset.v1.ResourceSearchResult; + /** + * Creates a new AnalyzeIamPolicyResponse instance using the specified properties. + * @param [properties] Properties to set + * @returns AnalyzeIamPolicyResponse instance + */ + public static create(properties?: google.cloud.asset.v1.IAnalyzeIamPolicyResponse): google.cloud.asset.v1.AnalyzeIamPolicyResponse; /** - * Encodes the specified ResourceSearchResult message. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. - * @param message ResourceSearchResult message or plain object to encode + * Encodes the specified AnalyzeIamPolicyResponse message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.verify|verify} messages. + * @param message AnalyzeIamPolicyResponse message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encode(message: google.cloud.asset.v1.IResourceSearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + public static encode(message: google.cloud.asset.v1.IAnalyzeIamPolicyResponse, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Encodes the specified ResourceSearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. - * @param message ResourceSearchResult message or plain object to encode + * Encodes the specified AnalyzeIamPolicyResponse message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.verify|verify} messages. + * @param message AnalyzeIamPolicyResponse message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encodeDelimited(message: google.cloud.asset.v1.IResourceSearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + public static encodeDelimited(message: google.cloud.asset.v1.IAnalyzeIamPolicyResponse, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Decodes a ResourceSearchResult message from the specified reader or buffer. + * Decodes an AnalyzeIamPolicyResponse message from the specified reader or buffer. * @param reader Reader or buffer to decode from * @param [length] Message length if known beforehand - * @returns ResourceSearchResult + * @returns AnalyzeIamPolicyResponse * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.ResourceSearchResult; + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.AnalyzeIamPolicyResponse; /** - * Decodes a ResourceSearchResult message from the specified reader or buffer, length delimited. + * Decodes an AnalyzeIamPolicyResponse message from the specified reader or buffer, length delimited. * @param reader Reader or buffer to decode from - * @returns ResourceSearchResult + * @returns AnalyzeIamPolicyResponse * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.ResourceSearchResult; + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.AnalyzeIamPolicyResponse; /** - * Verifies a ResourceSearchResult message. + * Verifies an AnalyzeIamPolicyResponse message. * @param message Plain object to verify * @returns `null` if valid, otherwise the reason why it is not */ public static verify(message: { [k: string]: any }): (string|null); /** - * Creates a ResourceSearchResult message from a plain object. Also converts values to their respective internal types. + * Creates an AnalyzeIamPolicyResponse message from a plain object. Also converts values to their respective internal types. * @param object Plain object - * @returns ResourceSearchResult + * @returns AnalyzeIamPolicyResponse */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.ResourceSearchResult; + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.AnalyzeIamPolicyResponse; /** - * Creates a plain object from a ResourceSearchResult message. Also converts values to other types if specified. - * @param message ResourceSearchResult + * Creates a plain object from an AnalyzeIamPolicyResponse message. Also converts values to other types if specified. + * @param message AnalyzeIamPolicyResponse * @param [options] Conversion options * @returns Plain object */ - public static toObject(message: google.cloud.asset.v1.ResourceSearchResult, options?: $protobuf.IConversionOptions): { [k: string]: any }; + public static toObject(message: google.cloud.asset.v1.AnalyzeIamPolicyResponse, options?: $protobuf.IConversionOptions): { [k: string]: any }; /** - * Converts this ResourceSearchResult to JSON. + * Converts this AnalyzeIamPolicyResponse to JSON. * @returns JSON object */ public toJSON(): { [k: string]: any }; } - /** Properties of an IamPolicySearchResult. */ - interface IIamPolicySearchResult { + namespace AnalyzeIamPolicyResponse { - /** IamPolicySearchResult resource */ - resource?: (string|null); + /** Properties of an IamPolicyAnalysis. */ + interface IIamPolicyAnalysis { - /** IamPolicySearchResult project */ - project?: (string|null); + /** IamPolicyAnalysis analysisQuery */ + analysisQuery?: (google.cloud.asset.v1.IIamPolicyAnalysisQuery|null); - /** IamPolicySearchResult policy */ - policy?: (google.iam.v1.IPolicy|null); + /** IamPolicyAnalysis analysisResults */ + analysisResults?: (google.cloud.asset.v1.IIamPolicyAnalysisResult[]|null); - /** IamPolicySearchResult explanation */ - explanation?: (google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null); + /** IamPolicyAnalysis fullyExplored */ + fullyExplored?: (boolean|null); + + /** IamPolicyAnalysis stats */ + stats?: (google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats[]|null); + + /** IamPolicyAnalysis nonCriticalErrors */ + nonCriticalErrors?: (google.cloud.asset.v1.IIamPolicyAnalysisState[]|null); + } + + /** Represents an IamPolicyAnalysis. */ + class IamPolicyAnalysis implements IIamPolicyAnalysis { + + /** + * Constructs a new IamPolicyAnalysis. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis); + + /** IamPolicyAnalysis analysisQuery. */ + public analysisQuery?: (google.cloud.asset.v1.IIamPolicyAnalysisQuery|null); + + /** IamPolicyAnalysis analysisResults. */ + public analysisResults: google.cloud.asset.v1.IIamPolicyAnalysisResult[]; + + /** IamPolicyAnalysis fullyExplored. */ + public fullyExplored: boolean; + + /** IamPolicyAnalysis stats. */ + public stats: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats[]; + + /** IamPolicyAnalysis nonCriticalErrors. */ + public nonCriticalErrors: google.cloud.asset.v1.IIamPolicyAnalysisState[]; + + /** + * Creates a new IamPolicyAnalysis instance using the specified properties. + * @param [properties] Properties to set + * @returns IamPolicyAnalysis instance + */ + public static create(properties?: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis; + + /** + * Encodes the specified IamPolicyAnalysis message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.verify|verify} messages. + * @param message IamPolicyAnalysis message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified IamPolicyAnalysis message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.verify|verify} messages. + * @param message IamPolicyAnalysis message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an IamPolicyAnalysis message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IamPolicyAnalysis + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis; + + /** + * Decodes an IamPolicyAnalysis message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IamPolicyAnalysis + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis; + + /** + * Verifies an IamPolicyAnalysis message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an IamPolicyAnalysis message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IamPolicyAnalysis + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis; + + /** + * Creates a plain object from an IamPolicyAnalysis message. Also converts values to other types if specified. + * @param message IamPolicyAnalysis + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this IamPolicyAnalysis to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace IamPolicyAnalysis { + + /** Properties of a Stats. */ + interface IStats { + + /** Stats nodeType */ + nodeType?: (google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType|keyof typeof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType|null); + + /** Stats nodeSubtype */ + nodeSubtype?: (string|null); + + /** Stats discoveredNodeCount */ + discoveredNodeCount?: (number|null); + + /** Stats matchedNodeCount */ + matchedNodeCount?: (number|null); + + /** Stats exploredNodeCount */ + exploredNodeCount?: (number|null); + + /** Stats cappedNodeCount */ + cappedNodeCount?: (number|null); + + /** Stats permisionDeniedNodeCount */ + permisionDeniedNodeCount?: (number|null); + + /** Stats executionTimeoutNodeCount */ + executionTimeoutNodeCount?: (number|null); + } + + /** Represents a Stats. */ + class Stats implements IStats { + + /** + * Constructs a new Stats. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats); + + /** Stats nodeType. */ + public nodeType: (google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType|keyof typeof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType); + + /** Stats nodeSubtype. */ + public nodeSubtype: string; + + /** Stats discoveredNodeCount. */ + public discoveredNodeCount: number; + + /** Stats matchedNodeCount. */ + public matchedNodeCount: number; + + /** Stats exploredNodeCount. */ + public exploredNodeCount: number; + + /** Stats cappedNodeCount. */ + public cappedNodeCount: number; + + /** Stats permisionDeniedNodeCount. */ + public permisionDeniedNodeCount: number; + + /** Stats executionTimeoutNodeCount. */ + public executionTimeoutNodeCount: number; + + /** + * Creates a new Stats instance using the specified properties. + * @param [properties] Properties to set + * @returns Stats instance + */ + public static create(properties?: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats; + + /** + * Encodes the specified Stats message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.verify|verify} messages. + * @param message Stats message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Stats message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.verify|verify} messages. + * @param message Stats message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a Stats message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Stats + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats; + + /** + * Decodes a Stats message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Stats + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats; + + /** + * Verifies a Stats message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a Stats message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Stats + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats; + + /** + * Creates a plain object from a Stats message. Also converts values to other types if specified. + * @param message Stats + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Stats to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace Stats { + + /** NodeType enum. */ + enum NodeType { + NODE_TYPE_UNSPECIFIED = 0, + BINDING = 1, + IDENTITY = 2, + RESOURCE = 3, + ACCESS = 4 + } + } + } } - /** Represents an IamPolicySearchResult. */ - class IamPolicySearchResult implements IIamPolicySearchResult { + /** Properties of an IamPolicyAnalysisOutputConfig. */ + interface IIamPolicyAnalysisOutputConfig { + + /** IamPolicyAnalysisOutputConfig gcsDestination */ + gcsDestination?: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination|null); + + /** IamPolicyAnalysisOutputConfig bigqueryDestination */ + bigqueryDestination?: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination|null); + } + + /** Represents an IamPolicyAnalysisOutputConfig. */ + class IamPolicyAnalysisOutputConfig implements IIamPolicyAnalysisOutputConfig { /** - * Constructs a new IamPolicySearchResult. + * Constructs a new IamPolicyAnalysisOutputConfig. * @param [properties] Properties to set */ - constructor(properties?: google.cloud.asset.v1.IIamPolicySearchResult); + constructor(properties?: google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig); - /** IamPolicySearchResult resource. */ - public resource: string; + /** IamPolicyAnalysisOutputConfig gcsDestination. */ + public gcsDestination?: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination|null); - /** IamPolicySearchResult project. */ - public project: string; + /** IamPolicyAnalysisOutputConfig bigqueryDestination. */ + public bigqueryDestination?: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination|null); - /** IamPolicySearchResult policy. */ - public policy?: (google.iam.v1.IPolicy|null); + /** IamPolicyAnalysisOutputConfig destination. */ + public destination?: ("gcsDestination"|"bigqueryDestination"); - /** IamPolicySearchResult explanation. */ - public explanation?: (google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null); + /** + * Creates a new IamPolicyAnalysisOutputConfig instance using the specified properties. + * @param [properties] Properties to set + * @returns IamPolicyAnalysisOutputConfig instance + */ + public static create(properties?: google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig; + + /** + * Encodes the specified IamPolicyAnalysisOutputConfig message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.verify|verify} messages. + * @param message IamPolicyAnalysisOutputConfig message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified IamPolicyAnalysisOutputConfig message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.verify|verify} messages. + * @param message IamPolicyAnalysisOutputConfig message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an IamPolicyAnalysisOutputConfig message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IamPolicyAnalysisOutputConfig + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig; + + /** + * Decodes an IamPolicyAnalysisOutputConfig message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IamPolicyAnalysisOutputConfig + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig; + + /** + * Verifies an IamPolicyAnalysisOutputConfig message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an IamPolicyAnalysisOutputConfig message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IamPolicyAnalysisOutputConfig + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig; + + /** + * Creates a plain object from an IamPolicyAnalysisOutputConfig message. Also converts values to other types if specified. + * @param message IamPolicyAnalysisOutputConfig + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this IamPolicyAnalysisOutputConfig to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace IamPolicyAnalysisOutputConfig { + + /** Properties of a GcsDestination. */ + interface IGcsDestination { + + /** GcsDestination uri */ + uri?: (string|null); + } + + /** Represents a GcsDestination. */ + class GcsDestination implements IGcsDestination { + + /** + * Constructs a new GcsDestination. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination); + + /** GcsDestination uri. */ + public uri: string; + + /** + * Creates a new GcsDestination instance using the specified properties. + * @param [properties] Properties to set + * @returns GcsDestination instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination; + + /** + * Encodes the specified GcsDestination message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.verify|verify} messages. + * @param message GcsDestination message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified GcsDestination message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.verify|verify} messages. + * @param message GcsDestination message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a GcsDestination message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns GcsDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination; + + /** + * Decodes a GcsDestination message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns GcsDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination; + + /** + * Verifies a GcsDestination message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a GcsDestination message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns GcsDestination + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination; + + /** + * Creates a plain object from a GcsDestination message. Also converts values to other types if specified. + * @param message GcsDestination + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this GcsDestination to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of a BigQueryDestination. */ + interface IBigQueryDestination { + + /** BigQueryDestination dataset */ + dataset?: (string|null); + + /** BigQueryDestination tablePrefix */ + tablePrefix?: (string|null); + + /** BigQueryDestination partitionKey */ + partitionKey?: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey|keyof typeof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey|null); + + /** BigQueryDestination writeMode */ + writeMode?: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode|keyof typeof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode|null); + } + + /** Represents a BigQueryDestination. */ + class BigQueryDestination implements IBigQueryDestination { + + /** + * Constructs a new BigQueryDestination. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination); + + /** BigQueryDestination dataset. */ + public dataset: string; + + /** BigQueryDestination tablePrefix. */ + public tablePrefix: string; + + /** BigQueryDestination partitionKey. */ + public partitionKey: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey|keyof typeof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey); + + /** BigQueryDestination writeMode. */ + public writeMode: (google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode|keyof typeof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode); + + /** + * Creates a new BigQueryDestination instance using the specified properties. + * @param [properties] Properties to set + * @returns BigQueryDestination instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination; + + /** + * Encodes the specified BigQueryDestination message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.verify|verify} messages. + * @param message BigQueryDestination message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified BigQueryDestination message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.verify|verify} messages. + * @param message BigQueryDestination message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a BigQueryDestination message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns BigQueryDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination; + + /** + * Decodes a BigQueryDestination message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns BigQueryDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination; + + /** + * Verifies a BigQueryDestination message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a BigQueryDestination message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns BigQueryDestination + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination; + + /** + * Creates a plain object from a BigQueryDestination message. Also converts values to other types if specified. + * @param message BigQueryDestination + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this BigQueryDestination to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace BigQueryDestination { + + /** PartitionKey enum. */ + enum PartitionKey { + PARTITION_KEY_UNSPECIFIED = 0, + REQUEST_TIME = 1 + } + + /** WriteMode enum. */ + enum WriteMode { + WRITE_MODE_UNSPECIFIED = 0, + ABORT = 1, + OVERWRITE = 2 + } + } + } + + /** Properties of an ExportIamPolicyAnalysisRequest. */ + interface IExportIamPolicyAnalysisRequest { + + /** ExportIamPolicyAnalysisRequest analysisQuery */ + analysisQuery?: (google.cloud.asset.v1.IIamPolicyAnalysisQuery|null); + + /** ExportIamPolicyAnalysisRequest outputConfig */ + outputConfig?: (google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig|null); + } + + /** Represents an ExportIamPolicyAnalysisRequest. */ + class ExportIamPolicyAnalysisRequest implements IExportIamPolicyAnalysisRequest { + + /** + * Constructs a new ExportIamPolicyAnalysisRequest. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IExportIamPolicyAnalysisRequest); + + /** ExportIamPolicyAnalysisRequest analysisQuery. */ + public analysisQuery?: (google.cloud.asset.v1.IIamPolicyAnalysisQuery|null); + + /** ExportIamPolicyAnalysisRequest outputConfig. */ + public outputConfig?: (google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig|null); + + /** + * Creates a new ExportIamPolicyAnalysisRequest instance using the specified properties. + * @param [properties] Properties to set + * @returns ExportIamPolicyAnalysisRequest instance + */ + public static create(properties?: google.cloud.asset.v1.IExportIamPolicyAnalysisRequest): google.cloud.asset.v1.ExportIamPolicyAnalysisRequest; + + /** + * Encodes the specified ExportIamPolicyAnalysisRequest message. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisRequest.verify|verify} messages. + * @param message ExportIamPolicyAnalysisRequest message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IExportIamPolicyAnalysisRequest, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified ExportIamPolicyAnalysisRequest message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisRequest.verify|verify} messages. + * @param message ExportIamPolicyAnalysisRequest message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IExportIamPolicyAnalysisRequest, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an ExportIamPolicyAnalysisRequest message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns ExportIamPolicyAnalysisRequest + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.ExportIamPolicyAnalysisRequest; + + /** + * Decodes an ExportIamPolicyAnalysisRequest message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns ExportIamPolicyAnalysisRequest + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.ExportIamPolicyAnalysisRequest; + + /** + * Verifies an ExportIamPolicyAnalysisRequest message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an ExportIamPolicyAnalysisRequest message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns ExportIamPolicyAnalysisRequest + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.ExportIamPolicyAnalysisRequest; + + /** + * Creates a plain object from an ExportIamPolicyAnalysisRequest message. Also converts values to other types if specified. + * @param message ExportIamPolicyAnalysisRequest + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.ExportIamPolicyAnalysisRequest, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this ExportIamPolicyAnalysisRequest to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of an ExportIamPolicyAnalysisResponse. */ + interface IExportIamPolicyAnalysisResponse { + } + + /** Represents an ExportIamPolicyAnalysisResponse. */ + class ExportIamPolicyAnalysisResponse implements IExportIamPolicyAnalysisResponse { + + /** + * Constructs a new ExportIamPolicyAnalysisResponse. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IExportIamPolicyAnalysisResponse); + + /** + * Creates a new ExportIamPolicyAnalysisResponse instance using the specified properties. + * @param [properties] Properties to set + * @returns ExportIamPolicyAnalysisResponse instance + */ + public static create(properties?: google.cloud.asset.v1.IExportIamPolicyAnalysisResponse): google.cloud.asset.v1.ExportIamPolicyAnalysisResponse; + + /** + * Encodes the specified ExportIamPolicyAnalysisResponse message. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisResponse.verify|verify} messages. + * @param message ExportIamPolicyAnalysisResponse message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified ExportIamPolicyAnalysisResponse message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisResponse.verify|verify} messages. + * @param message ExportIamPolicyAnalysisResponse message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an ExportIamPolicyAnalysisResponse message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns ExportIamPolicyAnalysisResponse + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.ExportIamPolicyAnalysisResponse; + + /** + * Decodes an ExportIamPolicyAnalysisResponse message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns ExportIamPolicyAnalysisResponse + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.ExportIamPolicyAnalysisResponse; + + /** + * Verifies an ExportIamPolicyAnalysisResponse message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an ExportIamPolicyAnalysisResponse message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns ExportIamPolicyAnalysisResponse + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.ExportIamPolicyAnalysisResponse; + + /** + * Creates a plain object from an ExportIamPolicyAnalysisResponse message. Also converts values to other types if specified. + * @param message ExportIamPolicyAnalysisResponse + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.ExportIamPolicyAnalysisResponse, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this ExportIamPolicyAnalysisResponse to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** ContentType enum. */ + enum ContentType { + CONTENT_TYPE_UNSPECIFIED = 0, + RESOURCE = 1, + IAM_POLICY = 2, + ORG_POLICY = 4, + ACCESS_POLICY = 5 + } + + /** Properties of a TemporalAsset. */ + interface ITemporalAsset { + + /** TemporalAsset window */ + window?: (google.cloud.asset.v1.ITimeWindow|null); + + /** TemporalAsset deleted */ + deleted?: (boolean|null); + + /** TemporalAsset asset */ + asset?: (google.cloud.asset.v1.IAsset|null); + + /** TemporalAsset priorAssetState */ + priorAssetState?: (google.cloud.asset.v1.TemporalAsset.PriorAssetState|keyof typeof google.cloud.asset.v1.TemporalAsset.PriorAssetState|null); + + /** TemporalAsset priorAsset */ + priorAsset?: (google.cloud.asset.v1.IAsset|null); + } + + /** Represents a TemporalAsset. */ + class TemporalAsset implements ITemporalAsset { + + /** + * Constructs a new TemporalAsset. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.ITemporalAsset); + + /** TemporalAsset window. */ + public window?: (google.cloud.asset.v1.ITimeWindow|null); + + /** TemporalAsset deleted. */ + public deleted: boolean; + + /** TemporalAsset asset. */ + public asset?: (google.cloud.asset.v1.IAsset|null); + + /** TemporalAsset priorAssetState. */ + public priorAssetState: (google.cloud.asset.v1.TemporalAsset.PriorAssetState|keyof typeof google.cloud.asset.v1.TemporalAsset.PriorAssetState); + + /** TemporalAsset priorAsset. */ + public priorAsset?: (google.cloud.asset.v1.IAsset|null); + + /** + * Creates a new TemporalAsset instance using the specified properties. + * @param [properties] Properties to set + * @returns TemporalAsset instance + */ + public static create(properties?: google.cloud.asset.v1.ITemporalAsset): google.cloud.asset.v1.TemporalAsset; + + /** + * Encodes the specified TemporalAsset message. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. + * @param message TemporalAsset message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.ITemporalAsset, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified TemporalAsset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. + * @param message TemporalAsset message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.ITemporalAsset, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a TemporalAsset message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns TemporalAsset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.TemporalAsset; + + /** + * Decodes a TemporalAsset message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns TemporalAsset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.TemporalAsset; + + /** + * Verifies a TemporalAsset message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a TemporalAsset message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns TemporalAsset + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.TemporalAsset; + + /** + * Creates a plain object from a TemporalAsset message. Also converts values to other types if specified. + * @param message TemporalAsset + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.TemporalAsset, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this TemporalAsset to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace TemporalAsset { + + /** PriorAssetState enum. */ + enum PriorAssetState { + PRIOR_ASSET_STATE_UNSPECIFIED = 0, + PRESENT = 1, + INVALID = 2, + DOES_NOT_EXIST = 3, + DELETED = 4 + } + } + + /** Properties of a TimeWindow. */ + interface ITimeWindow { + + /** TimeWindow startTime */ + startTime?: (google.protobuf.ITimestamp|null); + + /** TimeWindow endTime */ + endTime?: (google.protobuf.ITimestamp|null); + } + + /** Represents a TimeWindow. */ + class TimeWindow implements ITimeWindow { + + /** + * Constructs a new TimeWindow. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.ITimeWindow); + + /** TimeWindow startTime. */ + public startTime?: (google.protobuf.ITimestamp|null); + + /** TimeWindow endTime. */ + public endTime?: (google.protobuf.ITimestamp|null); + + /** + * Creates a new TimeWindow instance using the specified properties. + * @param [properties] Properties to set + * @returns TimeWindow instance + */ + public static create(properties?: google.cloud.asset.v1.ITimeWindow): google.cloud.asset.v1.TimeWindow; + + /** + * Encodes the specified TimeWindow message. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. + * @param message TimeWindow message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.ITimeWindow, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified TimeWindow message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. + * @param message TimeWindow message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.ITimeWindow, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a TimeWindow message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns TimeWindow + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.TimeWindow; + + /** + * Decodes a TimeWindow message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns TimeWindow + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.TimeWindow; + + /** + * Verifies a TimeWindow message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a TimeWindow message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns TimeWindow + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.TimeWindow; + + /** + * Creates a plain object from a TimeWindow message. Also converts values to other types if specified. + * @param message TimeWindow + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.TimeWindow, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this TimeWindow to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of an Asset. */ + interface IAsset { + + /** Asset updateTime */ + updateTime?: (google.protobuf.ITimestamp|null); + + /** Asset name */ + name?: (string|null); + + /** Asset assetType */ + assetType?: (string|null); + + /** Asset resource */ + resource?: (google.cloud.asset.v1.IResource|null); + + /** Asset iamPolicy */ + iamPolicy?: (google.iam.v1.IPolicy|null); + + /** Asset orgPolicy */ + orgPolicy?: (google.cloud.orgpolicy.v1.IPolicy[]|null); + + /** Asset accessPolicy */ + accessPolicy?: (google.identity.accesscontextmanager.v1.IAccessPolicy|null); + + /** Asset accessLevel */ + accessLevel?: (google.identity.accesscontextmanager.v1.IAccessLevel|null); + + /** Asset servicePerimeter */ + servicePerimeter?: (google.identity.accesscontextmanager.v1.IServicePerimeter|null); + + /** Asset ancestors */ + ancestors?: (string[]|null); + } + + /** Represents an Asset. */ + class Asset implements IAsset { + + /** + * Constructs a new Asset. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IAsset); + + /** Asset updateTime. */ + public updateTime?: (google.protobuf.ITimestamp|null); + + /** Asset name. */ + public name: string; + + /** Asset assetType. */ + public assetType: string; + + /** Asset resource. */ + public resource?: (google.cloud.asset.v1.IResource|null); + + /** Asset iamPolicy. */ + public iamPolicy?: (google.iam.v1.IPolicy|null); + + /** Asset orgPolicy. */ + public orgPolicy: google.cloud.orgpolicy.v1.IPolicy[]; + + /** Asset accessPolicy. */ + public accessPolicy?: (google.identity.accesscontextmanager.v1.IAccessPolicy|null); + + /** Asset accessLevel. */ + public accessLevel?: (google.identity.accesscontextmanager.v1.IAccessLevel|null); + + /** Asset servicePerimeter. */ + public servicePerimeter?: (google.identity.accesscontextmanager.v1.IServicePerimeter|null); + + /** Asset ancestors. */ + public ancestors: string[]; + + /** Asset accessContextPolicy. */ + public accessContextPolicy?: ("accessPolicy"|"accessLevel"|"servicePerimeter"); + + /** + * Creates a new Asset instance using the specified properties. + * @param [properties] Properties to set + * @returns Asset instance + */ + public static create(properties?: google.cloud.asset.v1.IAsset): google.cloud.asset.v1.Asset; + + /** + * Encodes the specified Asset message. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. + * @param message Asset message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IAsset, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Asset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. + * @param message Asset message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IAsset, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an Asset message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Asset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.Asset; + + /** + * Decodes an Asset message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Asset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.Asset; + + /** + * Verifies an Asset message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an Asset message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Asset + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.Asset; + + /** + * Creates a plain object from an Asset message. Also converts values to other types if specified. + * @param message Asset + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.Asset, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Asset to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of a Resource. */ + interface IResource { + + /** Resource version */ + version?: (string|null); + + /** Resource discoveryDocumentUri */ + discoveryDocumentUri?: (string|null); + + /** Resource discoveryName */ + discoveryName?: (string|null); + + /** Resource resourceUrl */ + resourceUrl?: (string|null); + + /** Resource parent */ + parent?: (string|null); + + /** Resource data */ + data?: (google.protobuf.IStruct|null); + + /** Resource location */ + location?: (string|null); + } + + /** Represents a Resource. */ + class Resource implements IResource { + + /** + * Constructs a new Resource. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IResource); + + /** Resource version. */ + public version: string; + + /** Resource discoveryDocumentUri. */ + public discoveryDocumentUri: string; + + /** Resource discoveryName. */ + public discoveryName: string; + + /** Resource resourceUrl. */ + public resourceUrl: string; + + /** Resource parent. */ + public parent: string; + + /** Resource data. */ + public data?: (google.protobuf.IStruct|null); + + /** Resource location. */ + public location: string; + + /** + * Creates a new Resource instance using the specified properties. + * @param [properties] Properties to set + * @returns Resource instance + */ + public static create(properties?: google.cloud.asset.v1.IResource): google.cloud.asset.v1.Resource; + + /** + * Encodes the specified Resource message. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. + * @param message Resource message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IResource, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Resource message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. + * @param message Resource message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IResource, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a Resource message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.Resource; + + /** + * Decodes a Resource message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.Resource; + + /** + * Verifies a Resource message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a Resource message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Resource + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.Resource; + + /** + * Creates a plain object from a Resource message. Also converts values to other types if specified. + * @param message Resource + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.Resource, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Resource to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of a ResourceSearchResult. */ + interface IResourceSearchResult { + + /** ResourceSearchResult name */ + name?: (string|null); + + /** ResourceSearchResult assetType */ + assetType?: (string|null); + + /** ResourceSearchResult project */ + project?: (string|null); + + /** ResourceSearchResult displayName */ + displayName?: (string|null); + + /** ResourceSearchResult description */ + description?: (string|null); + + /** ResourceSearchResult location */ + location?: (string|null); + + /** ResourceSearchResult labels */ + labels?: ({ [k: string]: string }|null); + + /** ResourceSearchResult networkTags */ + networkTags?: (string[]|null); + + /** ResourceSearchResult additionalAttributes */ + additionalAttributes?: (google.protobuf.IStruct|null); + } + + /** Represents a ResourceSearchResult. */ + class ResourceSearchResult implements IResourceSearchResult { + + /** + * Constructs a new ResourceSearchResult. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IResourceSearchResult); + + /** ResourceSearchResult name. */ + public name: string; + + /** ResourceSearchResult assetType. */ + public assetType: string; + + /** ResourceSearchResult project. */ + public project: string; + + /** ResourceSearchResult displayName. */ + public displayName: string; + + /** ResourceSearchResult description. */ + public description: string; + + /** ResourceSearchResult location. */ + public location: string; + + /** ResourceSearchResult labels. */ + public labels: { [k: string]: string }; + + /** ResourceSearchResult networkTags. */ + public networkTags: string[]; + + /** ResourceSearchResult additionalAttributes. */ + public additionalAttributes?: (google.protobuf.IStruct|null); + + /** + * Creates a new ResourceSearchResult instance using the specified properties. + * @param [properties] Properties to set + * @returns ResourceSearchResult instance + */ + public static create(properties?: google.cloud.asset.v1.IResourceSearchResult): google.cloud.asset.v1.ResourceSearchResult; + + /** + * Encodes the specified ResourceSearchResult message. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. + * @param message ResourceSearchResult message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IResourceSearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified ResourceSearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. + * @param message ResourceSearchResult message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IResourceSearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a ResourceSearchResult message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns ResourceSearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.ResourceSearchResult; + + /** + * Decodes a ResourceSearchResult message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns ResourceSearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.ResourceSearchResult; + + /** + * Verifies a ResourceSearchResult message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a ResourceSearchResult message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns ResourceSearchResult + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.ResourceSearchResult; + + /** + * Creates a plain object from a ResourceSearchResult message. Also converts values to other types if specified. + * @param message ResourceSearchResult + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.ResourceSearchResult, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this ResourceSearchResult to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of an IamPolicySearchResult. */ + interface IIamPolicySearchResult { + + /** IamPolicySearchResult resource */ + resource?: (string|null); + + /** IamPolicySearchResult project */ + project?: (string|null); + + /** IamPolicySearchResult policy */ + policy?: (google.iam.v1.IPolicy|null); + + /** IamPolicySearchResult explanation */ + explanation?: (google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null); + } + + /** Represents an IamPolicySearchResult. */ + class IamPolicySearchResult implements IIamPolicySearchResult { + + /** + * Constructs a new IamPolicySearchResult. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IIamPolicySearchResult); + + /** IamPolicySearchResult resource. */ + public resource: string; + + /** IamPolicySearchResult project. */ + public project: string; + + /** IamPolicySearchResult policy. */ + public policy?: (google.iam.v1.IPolicy|null); + + /** IamPolicySearchResult explanation. */ + public explanation?: (google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null); + + /** + * Creates a new IamPolicySearchResult instance using the specified properties. + * @param [properties] Properties to set + * @returns IamPolicySearchResult instance + */ + public static create(properties?: google.cloud.asset.v1.IIamPolicySearchResult): google.cloud.asset.v1.IamPolicySearchResult; + + /** + * Encodes the specified IamPolicySearchResult message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. + * @param message IamPolicySearchResult message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IIamPolicySearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified IamPolicySearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. + * @param message IamPolicySearchResult message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IIamPolicySearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an IamPolicySearchResult message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IamPolicySearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicySearchResult; + + /** + * Decodes an IamPolicySearchResult message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IamPolicySearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicySearchResult; + + /** + * Verifies an IamPolicySearchResult message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an IamPolicySearchResult message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IamPolicySearchResult + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicySearchResult; + + /** + * Creates a plain object from an IamPolicySearchResult message. Also converts values to other types if specified. + * @param message IamPolicySearchResult + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicySearchResult, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this IamPolicySearchResult to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace IamPolicySearchResult { + + /** Properties of an Explanation. */ + interface IExplanation { + + /** Explanation matchedPermissions */ + matchedPermissions?: ({ [k: string]: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions }|null); + } + + /** Represents an Explanation. */ + class Explanation implements IExplanation { + + /** + * Constructs a new Explanation. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicySearchResult.IExplanation); + + /** Explanation matchedPermissions. */ + public matchedPermissions: { [k: string]: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions }; + + /** + * Creates a new Explanation instance using the specified properties. + * @param [properties] Properties to set + * @returns Explanation instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicySearchResult.IExplanation): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + + /** + * Encodes the specified Explanation message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. + * @param message Explanation message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicySearchResult.IExplanation, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Explanation message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. + * @param message Explanation message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicySearchResult.IExplanation, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an Explanation message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Explanation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + + /** + * Decodes an Explanation message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Explanation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + + /** + * Verifies an Explanation message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an Explanation message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Explanation + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + + /** + * Creates a plain object from an Explanation message. Also converts values to other types if specified. + * @param message Explanation + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Explanation to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace Explanation { + + /** Properties of a Permissions. */ + interface IPermissions { + + /** Permissions permissions */ + permissions?: (string[]|null); + } + + /** Represents a Permissions. */ + class Permissions implements IPermissions { + + /** + * Constructs a new Permissions. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions); + + /** Permissions permissions. */ + public permissions: string[]; + + /** + * Creates a new Permissions instance using the specified properties. + * @param [properties] Properties to set + * @returns Permissions instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + + /** + * Encodes the specified Permissions message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. + * @param message Permissions message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Permissions message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. + * @param message Permissions message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a Permissions message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Permissions + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + + /** + * Decodes a Permissions message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Permissions + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + + /** + * Verifies a Permissions message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a Permissions message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Permissions + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + + /** + * Creates a plain object from a Permissions message. Also converts values to other types if specified. + * @param message Permissions + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Permissions to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + } + } + + /** Properties of an IamPolicyAnalysisState. */ + interface IIamPolicyAnalysisState { + + /** IamPolicyAnalysisState code */ + code?: (google.rpc.Code|keyof typeof google.rpc.Code|null); + + /** IamPolicyAnalysisState cause */ + cause?: (string|null); + } + + /** Represents an IamPolicyAnalysisState. */ + class IamPolicyAnalysisState implements IIamPolicyAnalysisState { + + /** + * Constructs a new IamPolicyAnalysisState. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IIamPolicyAnalysisState); + + /** IamPolicyAnalysisState code. */ + public code: (google.rpc.Code|keyof typeof google.rpc.Code); + + /** IamPolicyAnalysisState cause. */ + public cause: string; + + /** + * Creates a new IamPolicyAnalysisState instance using the specified properties. + * @param [properties] Properties to set + * @returns IamPolicyAnalysisState instance + */ + public static create(properties?: google.cloud.asset.v1.IIamPolicyAnalysisState): google.cloud.asset.v1.IamPolicyAnalysisState; + + /** + * Encodes the specified IamPolicyAnalysisState message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisState.verify|verify} messages. + * @param message IamPolicyAnalysisState message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IIamPolicyAnalysisState, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified IamPolicyAnalysisState message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisState.verify|verify} messages. + * @param message IamPolicyAnalysisState message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IIamPolicyAnalysisState, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an IamPolicyAnalysisState message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IamPolicyAnalysisState + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisState; + + /** + * Decodes an IamPolicyAnalysisState message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IamPolicyAnalysisState + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisState; + + /** + * Verifies an IamPolicyAnalysisState message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an IamPolicyAnalysisState message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IamPolicyAnalysisState + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisState; + + /** + * Creates a plain object from an IamPolicyAnalysisState message. Also converts values to other types if specified. + * @param message IamPolicyAnalysisState + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisState, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this IamPolicyAnalysisState to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of an IamPolicyAnalysisResult. */ + interface IIamPolicyAnalysisResult { + + /** IamPolicyAnalysisResult attachedResourceFullName */ + attachedResourceFullName?: (string|null); + + /** IamPolicyAnalysisResult iamBinding */ + iamBinding?: (google.iam.v1.IBinding|null); + + /** IamPolicyAnalysisResult accessControlLists */ + accessControlLists?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList[]|null); + + /** IamPolicyAnalysisResult identityList */ + identityList?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList|null); + + /** IamPolicyAnalysisResult fullyExplored */ + fullyExplored?: (boolean|null); + } + + /** Represents an IamPolicyAnalysisResult. */ + class IamPolicyAnalysisResult implements IIamPolicyAnalysisResult { + + /** + * Constructs a new IamPolicyAnalysisResult. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IIamPolicyAnalysisResult); + + /** IamPolicyAnalysisResult attachedResourceFullName. */ + public attachedResourceFullName: string; + + /** IamPolicyAnalysisResult iamBinding. */ + public iamBinding?: (google.iam.v1.IBinding|null); + + /** IamPolicyAnalysisResult accessControlLists. */ + public accessControlLists: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList[]; + + /** IamPolicyAnalysisResult identityList. */ + public identityList?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList|null); + + /** IamPolicyAnalysisResult fullyExplored. */ + public fullyExplored: boolean; + + /** + * Creates a new IamPolicyAnalysisResult instance using the specified properties. + * @param [properties] Properties to set + * @returns IamPolicyAnalysisResult instance + */ + public static create(properties?: google.cloud.asset.v1.IIamPolicyAnalysisResult): google.cloud.asset.v1.IamPolicyAnalysisResult; + + /** + * Encodes the specified IamPolicyAnalysisResult message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.verify|verify} messages. + * @param message IamPolicyAnalysisResult message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IIamPolicyAnalysisResult, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified IamPolicyAnalysisResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.verify|verify} messages. + * @param message IamPolicyAnalysisResult message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IIamPolicyAnalysisResult, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an IamPolicyAnalysisResult message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IamPolicyAnalysisResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisResult; + + /** + * Decodes an IamPolicyAnalysisResult message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IamPolicyAnalysisResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisResult; + + /** + * Verifies an IamPolicyAnalysisResult message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an IamPolicyAnalysisResult message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IamPolicyAnalysisResult + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisResult; + + /** + * Creates a plain object from an IamPolicyAnalysisResult message. Also converts values to other types if specified. + * @param message IamPolicyAnalysisResult + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisResult, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this IamPolicyAnalysisResult to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace IamPolicyAnalysisResult { + + /** Properties of a Resource. */ + interface IResource { + + /** Resource fullResourceName */ + fullResourceName?: (string|null); + + /** Resource analysisState */ + analysisState?: (google.cloud.asset.v1.IIamPolicyAnalysisState|null); + } + + /** Represents a Resource. */ + class Resource implements IResource { + + /** + * Constructs a new Resource. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IResource); + + /** Resource fullResourceName. */ + public fullResourceName: string; + + /** Resource analysisState. */ + public analysisState?: (google.cloud.asset.v1.IIamPolicyAnalysisState|null); + + /** + * Creates a new Resource instance using the specified properties. + * @param [properties] Properties to set + * @returns Resource instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IResource): google.cloud.asset.v1.IamPolicyAnalysisResult.Resource; + + /** + * Encodes the specified Resource message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.verify|verify} messages. + * @param message Resource message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IResource, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Resource message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.verify|verify} messages. + * @param message Resource message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IResource, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a Resource message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisResult.Resource; + + /** + * Decodes a Resource message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisResult.Resource; + + /** + * Verifies a Resource message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a Resource message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Resource + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisResult.Resource; + + /** + * Creates a plain object from a Resource message. Also converts values to other types if specified. + * @param message Resource + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisResult.Resource, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Resource to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of an Access. */ + interface IAccess { + + /** Access role */ + role?: (string|null); + + /** Access permission */ + permission?: (string|null); + + /** Access analysisState */ + analysisState?: (google.cloud.asset.v1.IIamPolicyAnalysisState|null); + } + + /** Represents an Access. */ + class Access implements IAccess { + + /** + * Constructs a new Access. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess); + + /** Access role. */ + public role: string; + + /** Access permission. */ + public permission: string; + + /** Access analysisState. */ + public analysisState?: (google.cloud.asset.v1.IIamPolicyAnalysisState|null); + + /** Access oneofAccess. */ + public oneofAccess?: ("role"|"permission"); + + /** + * Creates a new Access instance using the specified properties. + * @param [properties] Properties to set + * @returns Access instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess): google.cloud.asset.v1.IamPolicyAnalysisResult.Access; + + /** + * Encodes the specified Access message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Access.verify|verify} messages. + * @param message Access message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Access message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Access.verify|verify} messages. + * @param message Access message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an Access message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Access + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisResult.Access; + + /** + * Decodes an Access message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Access + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisResult.Access; + + /** + * Verifies an Access message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an Access message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Access + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisResult.Access; + + /** + * Creates a plain object from an Access message. Also converts values to other types if specified. + * @param message Access + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisResult.Access, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Access to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of an Identity. */ + interface IIdentity { + + /** Identity name */ + name?: (string|null); + + /** Identity analysisState */ + analysisState?: (google.cloud.asset.v1.IIamPolicyAnalysisState|null); + } + + /** Represents an Identity. */ + class Identity implements IIdentity { + + /** + * Constructs a new Identity. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity); + + /** Identity name. */ + public name: string; + + /** Identity analysisState. */ + public analysisState?: (google.cloud.asset.v1.IIamPolicyAnalysisState|null); + + /** + * Creates a new Identity instance using the specified properties. + * @param [properties] Properties to set + * @returns Identity instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity): google.cloud.asset.v1.IamPolicyAnalysisResult.Identity; + + /** + * Encodes the specified Identity message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.verify|verify} messages. + * @param message Identity message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Identity message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.verify|verify} messages. + * @param message Identity message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an Identity message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Identity + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisResult.Identity; + + /** + * Decodes an Identity message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Identity + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisResult.Identity; + + /** + * Verifies an Identity message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an Identity message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Identity + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisResult.Identity; + + /** + * Creates a plain object from an Identity message. Also converts values to other types if specified. + * @param message Identity + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisResult.Identity, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Identity to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + /** Properties of an Edge. */ + interface IEdge { + + /** Edge sourceNode */ + sourceNode?: (string|null); + + /** Edge targetNode */ + targetNode?: (string|null); + } + + /** Represents an Edge. */ + class Edge implements IEdge { + + /** + * Constructs a new Edge. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge); + + /** Edge sourceNode. */ + public sourceNode: string; + + /** Edge targetNode. */ + public targetNode: string; - /** - * Creates a new IamPolicySearchResult instance using the specified properties. - * @param [properties] Properties to set - * @returns IamPolicySearchResult instance - */ - public static create(properties?: google.cloud.asset.v1.IIamPolicySearchResult): google.cloud.asset.v1.IamPolicySearchResult; + /** + * Creates a new Edge instance using the specified properties. + * @param [properties] Properties to set + * @returns Edge instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge): google.cloud.asset.v1.IamPolicyAnalysisResult.Edge; - /** - * Encodes the specified IamPolicySearchResult message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. - * @param message IamPolicySearchResult message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encode(message: google.cloud.asset.v1.IIamPolicySearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + /** + * Encodes the specified Edge message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.verify|verify} messages. + * @param message Edge message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge, writer?: $protobuf.Writer): $protobuf.Writer; - /** - * Encodes the specified IamPolicySearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. - * @param message IamPolicySearchResult message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encodeDelimited(message: google.cloud.asset.v1.IIamPolicySearchResult, writer?: $protobuf.Writer): $protobuf.Writer; + /** + * Encodes the specified Edge message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.verify|verify} messages. + * @param message Edge message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge, writer?: $protobuf.Writer): $protobuf.Writer; - /** - * Decodes an IamPolicySearchResult message from the specified reader or buffer. - * @param reader Reader or buffer to decode from - * @param [length] Message length if known beforehand - * @returns IamPolicySearchResult - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicySearchResult; + /** + * Decodes an Edge message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Edge + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisResult.Edge; - /** - * Decodes an IamPolicySearchResult message from the specified reader or buffer, length delimited. - * @param reader Reader or buffer to decode from - * @returns IamPolicySearchResult - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicySearchResult; + /** + * Decodes an Edge message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Edge + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisResult.Edge; - /** - * Verifies an IamPolicySearchResult message. - * @param message Plain object to verify - * @returns `null` if valid, otherwise the reason why it is not - */ - public static verify(message: { [k: string]: any }): (string|null); + /** + * Verifies an Edge message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); - /** - * Creates an IamPolicySearchResult message from a plain object. Also converts values to their respective internal types. - * @param object Plain object - * @returns IamPolicySearchResult - */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicySearchResult; + /** + * Creates an Edge message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Edge + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisResult.Edge; - /** - * Creates a plain object from an IamPolicySearchResult message. Also converts values to other types if specified. - * @param message IamPolicySearchResult - * @param [options] Conversion options - * @returns Plain object - */ - public static toObject(message: google.cloud.asset.v1.IamPolicySearchResult, options?: $protobuf.IConversionOptions): { [k: string]: any }; + /** + * Creates a plain object from an Edge message. Also converts values to other types if specified. + * @param message Edge + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisResult.Edge, options?: $protobuf.IConversionOptions): { [k: string]: any }; - /** - * Converts this IamPolicySearchResult to JSON. - * @returns JSON object - */ - public toJSON(): { [k: string]: any }; - } + /** + * Converts this Edge to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } - namespace IamPolicySearchResult { + /** Properties of an AccessControlList. */ + interface IAccessControlList { - /** Properties of an Explanation. */ - interface IExplanation { + /** AccessControlList resources */ + resources?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IResource[]|null); - /** Explanation matchedPermissions */ - matchedPermissions?: ({ [k: string]: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions }|null); + /** AccessControlList accesses */ + accesses?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess[]|null); + + /** AccessControlList resourceEdges */ + resourceEdges?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge[]|null); } - /** Represents an Explanation. */ - class Explanation implements IExplanation { + /** Represents an AccessControlList. */ + class AccessControlList implements IAccessControlList { /** - * Constructs a new Explanation. + * Constructs a new AccessControlList. * @param [properties] Properties to set */ - constructor(properties?: google.cloud.asset.v1.IamPolicySearchResult.IExplanation); + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList); - /** Explanation matchedPermissions. */ - public matchedPermissions: { [k: string]: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions }; + /** AccessControlList resources. */ + public resources: google.cloud.asset.v1.IamPolicyAnalysisResult.IResource[]; + + /** AccessControlList accesses. */ + public accesses: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess[]; + + /** AccessControlList resourceEdges. */ + public resourceEdges: google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge[]; /** - * Creates a new Explanation instance using the specified properties. + * Creates a new AccessControlList instance using the specified properties. * @param [properties] Properties to set - * @returns Explanation instance + * @returns AccessControlList instance */ - public static create(properties?: google.cloud.asset.v1.IamPolicySearchResult.IExplanation): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList): google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList; /** - * Encodes the specified Explanation message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. - * @param message Explanation message or plain object to encode + * Encodes the specified AccessControlList message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.verify|verify} messages. + * @param message AccessControlList message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encode(message: google.cloud.asset.v1.IamPolicySearchResult.IExplanation, writer?: $protobuf.Writer): $protobuf.Writer; + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Encodes the specified Explanation message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. - * @param message Explanation message or plain object to encode + * Encodes the specified AccessControlList message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.verify|verify} messages. + * @param message AccessControlList message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encodeDelimited(message: google.cloud.asset.v1.IamPolicySearchResult.IExplanation, writer?: $protobuf.Writer): $protobuf.Writer; + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Decodes an Explanation message from the specified reader or buffer. + * Decodes an AccessControlList message from the specified reader or buffer. * @param reader Reader or buffer to decode from * @param [length] Message length if known beforehand - * @returns Explanation + * @returns AccessControlList * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList; /** - * Decodes an Explanation message from the specified reader or buffer, length delimited. + * Decodes an AccessControlList message from the specified reader or buffer, length delimited. * @param reader Reader or buffer to decode from - * @returns Explanation + * @returns AccessControlList * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList; /** - * Verifies an Explanation message. + * Verifies an AccessControlList message. * @param message Plain object to verify * @returns `null` if valid, otherwise the reason why it is not */ public static verify(message: { [k: string]: any }): (string|null); /** - * Creates an Explanation message from a plain object. Also converts values to their respective internal types. + * Creates an AccessControlList message from a plain object. Also converts values to their respective internal types. * @param object Plain object - * @returns Explanation + * @returns AccessControlList */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicySearchResult.Explanation; + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList; /** - * Creates a plain object from an Explanation message. Also converts values to other types if specified. - * @param message Explanation + * Creates a plain object from an AccessControlList message. Also converts values to other types if specified. + * @param message AccessControlList * @param [options] Conversion options * @returns Plain object */ - public static toObject(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation, options?: $protobuf.IConversionOptions): { [k: string]: any }; + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList, options?: $protobuf.IConversionOptions): { [k: string]: any }; /** - * Converts this Explanation to JSON. + * Converts this AccessControlList to JSON. * @returns JSON object */ public toJSON(): { [k: string]: any }; } - namespace Explanation { + /** Properties of an IdentityList. */ + interface IIdentityList { - /** Properties of a Permissions. */ - interface IPermissions { + /** IdentityList identities */ + identities?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity[]|null); - /** Permissions permissions */ - permissions?: (string[]|null); - } + /** IdentityList groupEdges */ + groupEdges?: (google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge[]|null); + } - /** Represents a Permissions. */ - class Permissions implements IPermissions { + /** Represents an IdentityList. */ + class IdentityList implements IIdentityList { - /** - * Constructs a new Permissions. - * @param [properties] Properties to set - */ - constructor(properties?: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions); + /** + * Constructs a new IdentityList. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList); - /** Permissions permissions. */ - public permissions: string[]; + /** IdentityList identities. */ + public identities: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity[]; - /** - * Creates a new Permissions instance using the specified properties. - * @param [properties] Properties to set - * @returns Permissions instance - */ - public static create(properties?: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + /** IdentityList groupEdges. */ + public groupEdges: google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge[]; - /** - * Encodes the specified Permissions message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. - * @param message Permissions message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encode(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions, writer?: $protobuf.Writer): $protobuf.Writer; + /** + * Creates a new IdentityList instance using the specified properties. + * @param [properties] Properties to set + * @returns IdentityList instance + */ + public static create(properties?: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList): google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList; - /** - * Encodes the specified Permissions message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. - * @param message Permissions message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encodeDelimited(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions, writer?: $protobuf.Writer): $protobuf.Writer; + /** + * Encodes the specified IdentityList message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.verify|verify} messages. + * @param message IdentityList message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList, writer?: $protobuf.Writer): $protobuf.Writer; - /** - * Decodes a Permissions message from the specified reader or buffer. - * @param reader Reader or buffer to decode from - * @param [length] Message length if known beforehand - * @returns Permissions - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + /** + * Encodes the specified IdentityList message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.verify|verify} messages. + * @param message IdentityList message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an IdentityList message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IdentityList + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList; - /** - * Decodes a Permissions message from the specified reader or buffer, length delimited. - * @param reader Reader or buffer to decode from - * @returns Permissions - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + /** + * Decodes an IdentityList message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IdentityList + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList; - /** - * Verifies a Permissions message. - * @param message Plain object to verify - * @returns `null` if valid, otherwise the reason why it is not - */ - public static verify(message: { [k: string]: any }): (string|null); + /** + * Verifies an IdentityList message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); - /** - * Creates a Permissions message from a plain object. Also converts values to their respective internal types. - * @param object Plain object - * @returns Permissions - */ - public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions; + /** + * Creates an IdentityList message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IdentityList + */ + public static fromObject(object: { [k: string]: any }): google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList; - /** - * Creates a plain object from a Permissions message. Also converts values to other types if specified. - * @param message Permissions - * @param [options] Conversion options - * @returns Plain object - */ - public static toObject(message: google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions, options?: $protobuf.IConversionOptions): { [k: string]: any }; + /** + * Creates a plain object from an IdentityList message. Also converts values to other types if specified. + * @param message IdentityList + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList, options?: $protobuf.IConversionOptions): { [k: string]: any }; - /** - * Converts this Permissions to JSON. - * @returns JSON object - */ - public toJSON(): { [k: string]: any }; - } + /** + * Converts this IdentityList to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; } } } @@ -14061,102 +16390,6 @@ export namespace google { public toJSON(): { [k: string]: any }; } - /** Properties of an Any. */ - interface IAny { - - /** Any type_url */ - type_url?: (string|null); - - /** Any value */ - value?: (Uint8Array|string|null); - } - - /** Represents an Any. */ - class Any implements IAny { - - /** - * Constructs a new Any. - * @param [properties] Properties to set - */ - constructor(properties?: google.protobuf.IAny); - - /** Any type_url. */ - public type_url: string; - - /** Any value. */ - public value: (Uint8Array|string); - - /** - * Creates a new Any instance using the specified properties. - * @param [properties] Properties to set - * @returns Any instance - */ - public static create(properties?: google.protobuf.IAny): google.protobuf.Any; - - /** - * Encodes the specified Any message. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. - * @param message Any message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encode(message: google.protobuf.IAny, writer?: $protobuf.Writer): $protobuf.Writer; - - /** - * Encodes the specified Any message, length delimited. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. - * @param message Any message or plain object to encode - * @param [writer] Writer to encode to - * @returns Writer - */ - public static encodeDelimited(message: google.protobuf.IAny, writer?: $protobuf.Writer): $protobuf.Writer; - - /** - * Decodes an Any message from the specified reader or buffer. - * @param reader Reader or buffer to decode from - * @param [length] Message length if known beforehand - * @returns Any - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.protobuf.Any; - - /** - * Decodes an Any message from the specified reader or buffer, length delimited. - * @param reader Reader or buffer to decode from - * @returns Any - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.protobuf.Any; - - /** - * Verifies an Any message. - * @param message Plain object to verify - * @returns `null` if valid, otherwise the reason why it is not - */ - public static verify(message: { [k: string]: any }): (string|null); - - /** - * Creates an Any message from a plain object. Also converts values to their respective internal types. - * @param object Plain object - * @returns Any - */ - public static fromObject(object: { [k: string]: any }): google.protobuf.Any; - - /** - * Creates a plain object from an Any message. Also converts values to other types if specified. - * @param message Any - * @param [options] Conversion options - * @returns Plain object - */ - public static toObject(message: google.protobuf.Any, options?: $protobuf.IConversionOptions): { [k: string]: any }; - - /** - * Converts this Any to JSON. - * @returns JSON object - */ - public toJSON(): { [k: string]: any }; - } - /** Properties of a Struct. */ interface IStruct { @@ -14465,6 +16698,102 @@ export namespace google { public toJSON(): { [k: string]: any }; } + /** Properties of an Any. */ + interface IAny { + + /** Any type_url */ + type_url?: (string|null); + + /** Any value */ + value?: (Uint8Array|string|null); + } + + /** Represents an Any. */ + class Any implements IAny { + + /** + * Constructs a new Any. + * @param [properties] Properties to set + */ + constructor(properties?: google.protobuf.IAny); + + /** Any type_url. */ + public type_url: string; + + /** Any value. */ + public value: (Uint8Array|string); + + /** + * Creates a new Any instance using the specified properties. + * @param [properties] Properties to set + * @returns Any instance + */ + public static create(properties?: google.protobuf.IAny): google.protobuf.Any; + + /** + * Encodes the specified Any message. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. + * @param message Any message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.protobuf.IAny, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Any message, length delimited. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. + * @param message Any message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.protobuf.IAny, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an Any message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Any + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.protobuf.Any; + + /** + * Decodes an Any message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Any + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.protobuf.Any; + + /** + * Verifies an Any message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an Any message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Any + */ + public static fromObject(object: { [k: string]: any }): google.protobuf.Any; + + /** + * Creates a plain object from an Any message. Also converts values to other types if specified. + * @param message Any + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.protobuf.Any, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Any to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + /** Properties of a Duration. */ interface IDuration { diff --git a/packages/google-cloud-asset/protos/protos.js b/packages/google-cloud-asset/protos/protos.js index 75251f38f6e..5f099ebe4be 100644 --- a/packages/google-cloud-asset/protos/protos.js +++ b/packages/google-cloud-asset/protos/protos.js @@ -395,6 +395,72 @@ * @variation 2 */ + /** + * Callback as used by {@link google.cloud.asset.v1.AssetService#analyzeIamPolicy}. + * @memberof google.cloud.asset.v1.AssetService + * @typedef AnalyzeIamPolicyCallback + * @type {function} + * @param {Error|null} error Error, if any + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse} [response] AnalyzeIamPolicyResponse + */ + + /** + * Calls AnalyzeIamPolicy. + * @function analyzeIamPolicy + * @memberof google.cloud.asset.v1.AssetService + * @instance + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyRequest} request AnalyzeIamPolicyRequest message or plain object + * @param {google.cloud.asset.v1.AssetService.AnalyzeIamPolicyCallback} callback Node-style callback called with the error, if any, and AnalyzeIamPolicyResponse + * @returns {undefined} + * @variation 1 + */ + Object.defineProperty(AssetService.prototype.analyzeIamPolicy = function analyzeIamPolicy(request, callback) { + return this.rpcCall(analyzeIamPolicy, $root.google.cloud.asset.v1.AnalyzeIamPolicyRequest, $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse, request, callback); + }, "name", { value: "AnalyzeIamPolicy" }); + + /** + * Calls AnalyzeIamPolicy. + * @function analyzeIamPolicy + * @memberof google.cloud.asset.v1.AssetService + * @instance + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyRequest} request AnalyzeIamPolicyRequest message or plain object + * @returns {Promise} Promise + * @variation 2 + */ + + /** + * Callback as used by {@link google.cloud.asset.v1.AssetService#exportIamPolicyAnalysis}. + * @memberof google.cloud.asset.v1.AssetService + * @typedef ExportIamPolicyAnalysisCallback + * @type {function} + * @param {Error|null} error Error, if any + * @param {google.longrunning.Operation} [response] Operation + */ + + /** + * Calls ExportIamPolicyAnalysis. + * @function exportIamPolicyAnalysis + * @memberof google.cloud.asset.v1.AssetService + * @instance + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisRequest} request ExportIamPolicyAnalysisRequest message or plain object + * @param {google.cloud.asset.v1.AssetService.ExportIamPolicyAnalysisCallback} callback Node-style callback called with the error, if any, and Operation + * @returns {undefined} + * @variation 1 + */ + Object.defineProperty(AssetService.prototype.exportIamPolicyAnalysis = function exportIamPolicyAnalysis(request, callback) { + return this.rpcCall(exportIamPolicyAnalysis, $root.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest, $root.google.longrunning.Operation, request, callback); + }, "name", { value: "ExportIamPolicyAnalysis" }); + + /** + * Calls ExportIamPolicyAnalysis. + * @function exportIamPolicyAnalysis + * @memberof google.cloud.asset.v1.AssetService + * @instance + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisRequest} request ExportIamPolicyAnalysisRequest message or plain object + * @returns {Promise} Promise + * @variation 2 + */ + return AssetService; })(); @@ -5637,48 +5703,28 @@ return SearchAllIamPoliciesResponse; })(); - /** - * ContentType enum. - * @name google.cloud.asset.v1.ContentType - * @enum {number} - * @property {number} CONTENT_TYPE_UNSPECIFIED=0 CONTENT_TYPE_UNSPECIFIED value - * @property {number} RESOURCE=1 RESOURCE value - * @property {number} IAM_POLICY=2 IAM_POLICY value - * @property {number} ORG_POLICY=4 ORG_POLICY value - * @property {number} ACCESS_POLICY=5 ACCESS_POLICY value - */ - v1.ContentType = (function() { - var valuesById = {}, values = Object.create(valuesById); - values[valuesById[0] = "CONTENT_TYPE_UNSPECIFIED"] = 0; - values[valuesById[1] = "RESOURCE"] = 1; - values[valuesById[2] = "IAM_POLICY"] = 2; - values[valuesById[4] = "ORG_POLICY"] = 4; - values[valuesById[5] = "ACCESS_POLICY"] = 5; - return values; - })(); - - v1.TemporalAsset = (function() { + v1.IamPolicyAnalysisQuery = (function() { /** - * Properties of a TemporalAsset. + * Properties of an IamPolicyAnalysisQuery. * @memberof google.cloud.asset.v1 - * @interface ITemporalAsset - * @property {google.cloud.asset.v1.ITimeWindow|null} [window] TemporalAsset window - * @property {boolean|null} [deleted] TemporalAsset deleted - * @property {google.cloud.asset.v1.IAsset|null} [asset] TemporalAsset asset - * @property {google.cloud.asset.v1.TemporalAsset.PriorAssetState|null} [priorAssetState] TemporalAsset priorAssetState - * @property {google.cloud.asset.v1.IAsset|null} [priorAsset] TemporalAsset priorAsset + * @interface IIamPolicyAnalysisQuery + * @property {string|null} [scope] IamPolicyAnalysisQuery scope + * @property {google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector|null} [resourceSelector] IamPolicyAnalysisQuery resourceSelector + * @property {google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector|null} [identitySelector] IamPolicyAnalysisQuery identitySelector + * @property {google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector|null} [accessSelector] IamPolicyAnalysisQuery accessSelector + * @property {google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions|null} [options] IamPolicyAnalysisQuery options */ /** - * Constructs a new TemporalAsset. + * Constructs a new IamPolicyAnalysisQuery. * @memberof google.cloud.asset.v1 - * @classdesc Represents a TemporalAsset. - * @implements ITemporalAsset + * @classdesc Represents an IamPolicyAnalysisQuery. + * @implements IIamPolicyAnalysisQuery * @constructor - * @param {google.cloud.asset.v1.ITemporalAsset=} [properties] Properties to set + * @param {google.cloud.asset.v1.IIamPolicyAnalysisQuery=} [properties] Properties to set */ - function TemporalAsset(properties) { + function IamPolicyAnalysisQuery(properties) { if (properties) for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) if (properties[keys[i]] != null) @@ -5686,127 +5732,127 @@ } /** - * TemporalAsset window. - * @member {google.cloud.asset.v1.ITimeWindow|null|undefined} window - * @memberof google.cloud.asset.v1.TemporalAsset + * IamPolicyAnalysisQuery scope. + * @member {string} scope + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @instance */ - TemporalAsset.prototype.window = null; + IamPolicyAnalysisQuery.prototype.scope = ""; /** - * TemporalAsset deleted. - * @member {boolean} deleted - * @memberof google.cloud.asset.v1.TemporalAsset + * IamPolicyAnalysisQuery resourceSelector. + * @member {google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector|null|undefined} resourceSelector + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @instance */ - TemporalAsset.prototype.deleted = false; + IamPolicyAnalysisQuery.prototype.resourceSelector = null; /** - * TemporalAsset asset. - * @member {google.cloud.asset.v1.IAsset|null|undefined} asset - * @memberof google.cloud.asset.v1.TemporalAsset + * IamPolicyAnalysisQuery identitySelector. + * @member {google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector|null|undefined} identitySelector + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @instance */ - TemporalAsset.prototype.asset = null; + IamPolicyAnalysisQuery.prototype.identitySelector = null; /** - * TemporalAsset priorAssetState. - * @member {google.cloud.asset.v1.TemporalAsset.PriorAssetState} priorAssetState - * @memberof google.cloud.asset.v1.TemporalAsset + * IamPolicyAnalysisQuery accessSelector. + * @member {google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector|null|undefined} accessSelector + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @instance */ - TemporalAsset.prototype.priorAssetState = 0; + IamPolicyAnalysisQuery.prototype.accessSelector = null; /** - * TemporalAsset priorAsset. - * @member {google.cloud.asset.v1.IAsset|null|undefined} priorAsset - * @memberof google.cloud.asset.v1.TemporalAsset + * IamPolicyAnalysisQuery options. + * @member {google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions|null|undefined} options + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @instance */ - TemporalAsset.prototype.priorAsset = null; + IamPolicyAnalysisQuery.prototype.options = null; /** - * Creates a new TemporalAsset instance using the specified properties. + * Creates a new IamPolicyAnalysisQuery instance using the specified properties. * @function create - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static - * @param {google.cloud.asset.v1.ITemporalAsset=} [properties] Properties to set - * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset instance + * @param {google.cloud.asset.v1.IIamPolicyAnalysisQuery=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery} IamPolicyAnalysisQuery instance */ - TemporalAsset.create = function create(properties) { - return new TemporalAsset(properties); + IamPolicyAnalysisQuery.create = function create(properties) { + return new IamPolicyAnalysisQuery(properties); }; /** - * Encodes the specified TemporalAsset message. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. + * Encodes the specified IamPolicyAnalysisQuery message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.verify|verify} messages. * @function encode - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static - * @param {google.cloud.asset.v1.ITemporalAsset} message TemporalAsset message or plain object to encode + * @param {google.cloud.asset.v1.IIamPolicyAnalysisQuery} message IamPolicyAnalysisQuery message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - TemporalAsset.encode = function encode(message, writer) { + IamPolicyAnalysisQuery.encode = function encode(message, writer) { if (!writer) writer = $Writer.create(); - if (message.window != null && Object.hasOwnProperty.call(message, "window")) - $root.google.cloud.asset.v1.TimeWindow.encode(message.window, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); - if (message.deleted != null && Object.hasOwnProperty.call(message, "deleted")) - writer.uint32(/* id 2, wireType 0 =*/16).bool(message.deleted); - if (message.asset != null && Object.hasOwnProperty.call(message, "asset")) - $root.google.cloud.asset.v1.Asset.encode(message.asset, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); - if (message.priorAssetState != null && Object.hasOwnProperty.call(message, "priorAssetState")) - writer.uint32(/* id 4, wireType 0 =*/32).int32(message.priorAssetState); - if (message.priorAsset != null && Object.hasOwnProperty.call(message, "priorAsset")) - $root.google.cloud.asset.v1.Asset.encode(message.priorAsset, writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); + if (message.scope != null && Object.hasOwnProperty.call(message, "scope")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.scope); + if (message.resourceSelector != null && Object.hasOwnProperty.call(message, "resourceSelector")) + $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.encode(message.resourceSelector, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + if (message.identitySelector != null && Object.hasOwnProperty.call(message, "identitySelector")) + $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.encode(message.identitySelector, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + if (message.accessSelector != null && Object.hasOwnProperty.call(message, "accessSelector")) + $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.encode(message.accessSelector, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); + if (message.options != null && Object.hasOwnProperty.call(message, "options")) + $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.encode(message.options, writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); return writer; }; /** - * Encodes the specified TemporalAsset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. + * Encodes the specified IamPolicyAnalysisQuery message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.verify|verify} messages. * @function encodeDelimited - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static - * @param {google.cloud.asset.v1.ITemporalAsset} message TemporalAsset message or plain object to encode + * @param {google.cloud.asset.v1.IIamPolicyAnalysisQuery} message IamPolicyAnalysisQuery message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - TemporalAsset.encodeDelimited = function encodeDelimited(message, writer) { + IamPolicyAnalysisQuery.encodeDelimited = function encodeDelimited(message, writer) { return this.encode(message, writer).ldelim(); }; /** - * Decodes a TemporalAsset message from the specified reader or buffer. + * Decodes an IamPolicyAnalysisQuery message from the specified reader or buffer. * @function decode - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery} IamPolicyAnalysisQuery * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - TemporalAsset.decode = function decode(reader, length) { + IamPolicyAnalysisQuery.decode = function decode(reader, length) { if (!(reader instanceof $Reader)) reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.TemporalAsset(); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery(); while (reader.pos < end) { var tag = reader.uint32(); switch (tag >>> 3) { case 1: - message.window = $root.google.cloud.asset.v1.TimeWindow.decode(reader, reader.uint32()); + message.scope = reader.string(); break; case 2: - message.deleted = reader.bool(); + message.resourceSelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.decode(reader, reader.uint32()); break; case 3: - message.asset = $root.google.cloud.asset.v1.Asset.decode(reader, reader.uint32()); + message.identitySelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.decode(reader, reader.uint32()); break; case 4: - message.priorAssetState = reader.int32(); + message.accessSelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.decode(reader, reader.uint32()); break; case 5: - message.priorAsset = $root.google.cloud.asset.v1.Asset.decode(reader, reader.uint32()); + message.options = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.decode(reader, reader.uint32()); break; default: reader.skipType(tag & 7); @@ -5817,647 +5863,1208 @@ }; /** - * Decodes a TemporalAsset message from the specified reader or buffer, length delimited. + * Decodes an IamPolicyAnalysisQuery message from the specified reader or buffer, length delimited. * @function decodeDelimited - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery} IamPolicyAnalysisQuery * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - TemporalAsset.decodeDelimited = function decodeDelimited(reader) { + IamPolicyAnalysisQuery.decodeDelimited = function decodeDelimited(reader) { if (!(reader instanceof $Reader)) reader = new $Reader(reader); return this.decode(reader, reader.uint32()); }; /** - * Verifies a TemporalAsset message. + * Verifies an IamPolicyAnalysisQuery message. * @function verify - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static * @param {Object.} message Plain object to verify * @returns {string|null} `null` if valid, otherwise the reason why it is not */ - TemporalAsset.verify = function verify(message) { + IamPolicyAnalysisQuery.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; - if (message.window != null && message.hasOwnProperty("window")) { - var error = $root.google.cloud.asset.v1.TimeWindow.verify(message.window); + if (message.scope != null && message.hasOwnProperty("scope")) + if (!$util.isString(message.scope)) + return "scope: string expected"; + if (message.resourceSelector != null && message.hasOwnProperty("resourceSelector")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.verify(message.resourceSelector); if (error) - return "window." + error; + return "resourceSelector." + error; } - if (message.deleted != null && message.hasOwnProperty("deleted")) - if (typeof message.deleted !== "boolean") - return "deleted: boolean expected"; - if (message.asset != null && message.hasOwnProperty("asset")) { - var error = $root.google.cloud.asset.v1.Asset.verify(message.asset); + if (message.identitySelector != null && message.hasOwnProperty("identitySelector")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.verify(message.identitySelector); if (error) - return "asset." + error; + return "identitySelector." + error; } - if (message.priorAssetState != null && message.hasOwnProperty("priorAssetState")) - switch (message.priorAssetState) { - default: - return "priorAssetState: enum value expected"; - case 0: - case 1: - case 2: - case 3: - case 4: - break; - } - if (message.priorAsset != null && message.hasOwnProperty("priorAsset")) { - var error = $root.google.cloud.asset.v1.Asset.verify(message.priorAsset); + if (message.accessSelector != null && message.hasOwnProperty("accessSelector")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.verify(message.accessSelector); if (error) - return "priorAsset." + error; + return "accessSelector." + error; + } + if (message.options != null && message.hasOwnProperty("options")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.verify(message.options); + if (error) + return "options." + error; } return null; }; /** - * Creates a TemporalAsset message from a plain object. Also converts values to their respective internal types. + * Creates an IamPolicyAnalysisQuery message from a plain object. Also converts values to their respective internal types. * @function fromObject - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery} IamPolicyAnalysisQuery */ - TemporalAsset.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.TemporalAsset) + IamPolicyAnalysisQuery.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisQuery) return object; - var message = new $root.google.cloud.asset.v1.TemporalAsset(); - if (object.window != null) { - if (typeof object.window !== "object") - throw TypeError(".google.cloud.asset.v1.TemporalAsset.window: object expected"); - message.window = $root.google.cloud.asset.v1.TimeWindow.fromObject(object.window); + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery(); + if (object.scope != null) + message.scope = String(object.scope); + if (object.resourceSelector != null) { + if (typeof object.resourceSelector !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisQuery.resourceSelector: object expected"); + message.resourceSelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.fromObject(object.resourceSelector); } - if (object.deleted != null) - message.deleted = Boolean(object.deleted); - if (object.asset != null) { - if (typeof object.asset !== "object") - throw TypeError(".google.cloud.asset.v1.TemporalAsset.asset: object expected"); - message.asset = $root.google.cloud.asset.v1.Asset.fromObject(object.asset); + if (object.identitySelector != null) { + if (typeof object.identitySelector !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisQuery.identitySelector: object expected"); + message.identitySelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.fromObject(object.identitySelector); } - switch (object.priorAssetState) { - case "PRIOR_ASSET_STATE_UNSPECIFIED": - case 0: - message.priorAssetState = 0; - break; - case "PRESENT": - case 1: - message.priorAssetState = 1; - break; - case "INVALID": - case 2: - message.priorAssetState = 2; - break; - case "DOES_NOT_EXIST": - case 3: - message.priorAssetState = 3; - break; - case "DELETED": - case 4: - message.priorAssetState = 4; - break; + if (object.accessSelector != null) { + if (typeof object.accessSelector !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisQuery.accessSelector: object expected"); + message.accessSelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.fromObject(object.accessSelector); } - if (object.priorAsset != null) { - if (typeof object.priorAsset !== "object") - throw TypeError(".google.cloud.asset.v1.TemporalAsset.priorAsset: object expected"); - message.priorAsset = $root.google.cloud.asset.v1.Asset.fromObject(object.priorAsset); + if (object.options != null) { + if (typeof object.options !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisQuery.options: object expected"); + message.options = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.fromObject(object.options); } return message; }; /** - * Creates a plain object from a TemporalAsset message. Also converts values to other types if specified. + * Creates a plain object from an IamPolicyAnalysisQuery message. Also converts values to other types if specified. * @function toObject - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @static - * @param {google.cloud.asset.v1.TemporalAsset} message TemporalAsset + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery} message IamPolicyAnalysisQuery * @param {$protobuf.IConversionOptions} [options] Conversion options * @returns {Object.} Plain object */ - TemporalAsset.toObject = function toObject(message, options) { + IamPolicyAnalysisQuery.toObject = function toObject(message, options) { if (!options) options = {}; var object = {}; if (options.defaults) { - object.window = null; - object.deleted = false; - object.asset = null; - object.priorAssetState = options.enums === String ? "PRIOR_ASSET_STATE_UNSPECIFIED" : 0; - object.priorAsset = null; + object.scope = ""; + object.resourceSelector = null; + object.identitySelector = null; + object.accessSelector = null; + object.options = null; } - if (message.window != null && message.hasOwnProperty("window")) - object.window = $root.google.cloud.asset.v1.TimeWindow.toObject(message.window, options); - if (message.deleted != null && message.hasOwnProperty("deleted")) - object.deleted = message.deleted; - if (message.asset != null && message.hasOwnProperty("asset")) - object.asset = $root.google.cloud.asset.v1.Asset.toObject(message.asset, options); - if (message.priorAssetState != null && message.hasOwnProperty("priorAssetState")) - object.priorAssetState = options.enums === String ? $root.google.cloud.asset.v1.TemporalAsset.PriorAssetState[message.priorAssetState] : message.priorAssetState; - if (message.priorAsset != null && message.hasOwnProperty("priorAsset")) - object.priorAsset = $root.google.cloud.asset.v1.Asset.toObject(message.priorAsset, options); + if (message.scope != null && message.hasOwnProperty("scope")) + object.scope = message.scope; + if (message.resourceSelector != null && message.hasOwnProperty("resourceSelector")) + object.resourceSelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.toObject(message.resourceSelector, options); + if (message.identitySelector != null && message.hasOwnProperty("identitySelector")) + object.identitySelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.toObject(message.identitySelector, options); + if (message.accessSelector != null && message.hasOwnProperty("accessSelector")) + object.accessSelector = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.toObject(message.accessSelector, options); + if (message.options != null && message.hasOwnProperty("options")) + object.options = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.toObject(message.options, options); return object; }; /** - * Converts this TemporalAsset to JSON. + * Converts this IamPolicyAnalysisQuery to JSON. * @function toJSON - * @memberof google.cloud.asset.v1.TemporalAsset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery * @instance * @returns {Object.} JSON object */ - TemporalAsset.prototype.toJSON = function toJSON() { + IamPolicyAnalysisQuery.prototype.toJSON = function toJSON() { return this.constructor.toObject(this, $protobuf.util.toJSONOptions); }; - /** - * PriorAssetState enum. - * @name google.cloud.asset.v1.TemporalAsset.PriorAssetState - * @enum {number} - * @property {number} PRIOR_ASSET_STATE_UNSPECIFIED=0 PRIOR_ASSET_STATE_UNSPECIFIED value - * @property {number} PRESENT=1 PRESENT value - * @property {number} INVALID=2 INVALID value - * @property {number} DOES_NOT_EXIST=3 DOES_NOT_EXIST value - * @property {number} DELETED=4 DELETED value - */ - TemporalAsset.PriorAssetState = (function() { - var valuesById = {}, values = Object.create(valuesById); - values[valuesById[0] = "PRIOR_ASSET_STATE_UNSPECIFIED"] = 0; - values[valuesById[1] = "PRESENT"] = 1; - values[valuesById[2] = "INVALID"] = 2; - values[valuesById[3] = "DOES_NOT_EXIST"] = 3; - values[valuesById[4] = "DELETED"] = 4; - return values; - })(); + IamPolicyAnalysisQuery.ResourceSelector = (function() { - return TemporalAsset; - })(); + /** + * Properties of a ResourceSelector. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @interface IResourceSelector + * @property {string|null} [fullResourceName] ResourceSelector fullResourceName + */ - v1.TimeWindow = (function() { + /** + * Constructs a new ResourceSelector. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @classdesc Represents a ResourceSelector. + * @implements IResourceSelector + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector=} [properties] Properties to set + */ + function ResourceSelector(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } - /** - * Properties of a TimeWindow. - * @memberof google.cloud.asset.v1 - * @interface ITimeWindow - * @property {google.protobuf.ITimestamp|null} [startTime] TimeWindow startTime - * @property {google.protobuf.ITimestamp|null} [endTime] TimeWindow endTime - */ + /** + * ResourceSelector fullResourceName. + * @member {string} fullResourceName + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @instance + */ + ResourceSelector.prototype.fullResourceName = ""; - /** - * Constructs a new TimeWindow. - * @memberof google.cloud.asset.v1 - * @classdesc Represents a TimeWindow. - * @implements ITimeWindow - * @constructor - * @param {google.cloud.asset.v1.ITimeWindow=} [properties] Properties to set - */ - function TimeWindow(properties) { - if (properties) - for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) - if (properties[keys[i]] != null) - this[keys[i]] = properties[keys[i]]; - } + /** + * Creates a new ResourceSelector instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector} ResourceSelector instance + */ + ResourceSelector.create = function create(properties) { + return new ResourceSelector(properties); + }; - /** - * TimeWindow startTime. - * @member {google.protobuf.ITimestamp|null|undefined} startTime - * @memberof google.cloud.asset.v1.TimeWindow - * @instance - */ - TimeWindow.prototype.startTime = null; + /** + * Encodes the specified ResourceSelector message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector} message ResourceSelector message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ResourceSelector.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.fullResourceName != null && Object.hasOwnProperty.call(message, "fullResourceName")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.fullResourceName); + return writer; + }; - /** - * TimeWindow endTime. - * @member {google.protobuf.ITimestamp|null|undefined} endTime - * @memberof google.cloud.asset.v1.TimeWindow - * @instance - */ - TimeWindow.prototype.endTime = null; + /** + * Encodes the specified ResourceSelector message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IResourceSelector} message ResourceSelector message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ResourceSelector.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; - /** - * Creates a new TimeWindow instance using the specified properties. - * @function create - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {google.cloud.asset.v1.ITimeWindow=} [properties] Properties to set - * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow instance - */ - TimeWindow.create = function create(properties) { - return new TimeWindow(properties); - }; + /** + * Decodes a ResourceSelector message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector} ResourceSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ResourceSelector.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.fullResourceName = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; - /** - * Encodes the specified TimeWindow message. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. - * @function encode - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {google.cloud.asset.v1.ITimeWindow} message TimeWindow message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - TimeWindow.encode = function encode(message, writer) { - if (!writer) - writer = $Writer.create(); - if (message.startTime != null && Object.hasOwnProperty.call(message, "startTime")) - $root.google.protobuf.Timestamp.encode(message.startTime, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); - if (message.endTime != null && Object.hasOwnProperty.call(message, "endTime")) - $root.google.protobuf.Timestamp.encode(message.endTime, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); - return writer; - }; + /** + * Decodes a ResourceSelector message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector} ResourceSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ResourceSelector.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; - /** - * Encodes the specified TimeWindow message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. - * @function encodeDelimited - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {google.cloud.asset.v1.ITimeWindow} message TimeWindow message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - TimeWindow.encodeDelimited = function encodeDelimited(message, writer) { - return this.encode(message, writer).ldelim(); - }; + /** + * Verifies a ResourceSelector message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + ResourceSelector.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.fullResourceName != null && message.hasOwnProperty("fullResourceName")) + if (!$util.isString(message.fullResourceName)) + return "fullResourceName: string expected"; + return null; + }; - /** - * Decodes a TimeWindow message from the specified reader or buffer. - * @function decode - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - TimeWindow.decode = function decode(reader, length) { - if (!(reader instanceof $Reader)) - reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.TimeWindow(); - while (reader.pos < end) { - var tag = reader.uint32(); - switch (tag >>> 3) { - case 1: - message.startTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); - break; - case 2: - message.endTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); - break; - default: - reader.skipType(tag & 7); - break; - } - } - return message; - }; + /** + * Creates a ResourceSelector message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector} ResourceSelector + */ + ResourceSelector.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector(); + if (object.fullResourceName != null) + message.fullResourceName = String(object.fullResourceName); + return message; + }; - /** - * Decodes a TimeWindow message from the specified reader or buffer, length delimited. - * @function decodeDelimited - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - TimeWindow.decodeDelimited = function decodeDelimited(reader) { - if (!(reader instanceof $Reader)) - reader = new $Reader(reader); - return this.decode(reader, reader.uint32()); - }; + /** + * Creates a plain object from a ResourceSelector message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector} message ResourceSelector + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + ResourceSelector.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) + object.fullResourceName = ""; + if (message.fullResourceName != null && message.hasOwnProperty("fullResourceName")) + object.fullResourceName = message.fullResourceName; + return object; + }; - /** - * Verifies a TimeWindow message. - * @function verify - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {Object.} message Plain object to verify - * @returns {string|null} `null` if valid, otherwise the reason why it is not - */ - TimeWindow.verify = function verify(message) { - if (typeof message !== "object" || message === null) - return "object expected"; - if (message.startTime != null && message.hasOwnProperty("startTime")) { - var error = $root.google.protobuf.Timestamp.verify(message.startTime); - if (error) - return "startTime." + error; - } - if (message.endTime != null && message.hasOwnProperty("endTime")) { - var error = $root.google.protobuf.Timestamp.verify(message.endTime); - if (error) - return "endTime." + error; - } - return null; - }; + /** + * Converts this ResourceSelector to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector + * @instance + * @returns {Object.} JSON object + */ + ResourceSelector.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; - /** - * Creates a TimeWindow message from a plain object. Also converts values to their respective internal types. - * @function fromObject - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow - */ - TimeWindow.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.TimeWindow) - return object; - var message = new $root.google.cloud.asset.v1.TimeWindow(); - if (object.startTime != null) { - if (typeof object.startTime !== "object") - throw TypeError(".google.cloud.asset.v1.TimeWindow.startTime: object expected"); - message.startTime = $root.google.protobuf.Timestamp.fromObject(object.startTime); - } - if (object.endTime != null) { - if (typeof object.endTime !== "object") - throw TypeError(".google.cloud.asset.v1.TimeWindow.endTime: object expected"); - message.endTime = $root.google.protobuf.Timestamp.fromObject(object.endTime); - } - return message; - }; + return ResourceSelector; + })(); - /** - * Creates a plain object from a TimeWindow message. Also converts values to other types if specified. - * @function toObject - * @memberof google.cloud.asset.v1.TimeWindow - * @static - * @param {google.cloud.asset.v1.TimeWindow} message TimeWindow - * @param {$protobuf.IConversionOptions} [options] Conversion options - * @returns {Object.} Plain object - */ - TimeWindow.toObject = function toObject(message, options) { - if (!options) - options = {}; - var object = {}; - if (options.defaults) { - object.startTime = null; - object.endTime = null; + IamPolicyAnalysisQuery.IdentitySelector = (function() { + + /** + * Properties of an IdentitySelector. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @interface IIdentitySelector + * @property {string|null} [identity] IdentitySelector identity + */ + + /** + * Constructs a new IdentitySelector. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @classdesc Represents an IdentitySelector. + * @implements IIdentitySelector + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector=} [properties] Properties to set + */ + function IdentitySelector(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; } - if (message.startTime != null && message.hasOwnProperty("startTime")) - object.startTime = $root.google.protobuf.Timestamp.toObject(message.startTime, options); - if (message.endTime != null && message.hasOwnProperty("endTime")) - object.endTime = $root.google.protobuf.Timestamp.toObject(message.endTime, options); - return object; - }; - /** - * Converts this TimeWindow to JSON. - * @function toJSON - * @memberof google.cloud.asset.v1.TimeWindow - * @instance - * @returns {Object.} JSON object - */ - TimeWindow.prototype.toJSON = function toJSON() { - return this.constructor.toObject(this, $protobuf.util.toJSONOptions); - }; + /** + * IdentitySelector identity. + * @member {string} identity + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @instance + */ + IdentitySelector.prototype.identity = ""; - return TimeWindow; - })(); + /** + * Creates a new IdentitySelector instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector} IdentitySelector instance + */ + IdentitySelector.create = function create(properties) { + return new IdentitySelector(properties); + }; - v1.Asset = (function() { + /** + * Encodes the specified IdentitySelector message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector} message IdentitySelector message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IdentitySelector.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.identity != null && Object.hasOwnProperty.call(message, "identity")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.identity); + return writer; + }; - /** - * Properties of an Asset. - * @memberof google.cloud.asset.v1 - * @interface IAsset - * @property {google.protobuf.ITimestamp|null} [updateTime] Asset updateTime - * @property {string|null} [name] Asset name - * @property {string|null} [assetType] Asset assetType - * @property {google.cloud.asset.v1.IResource|null} [resource] Asset resource - * @property {google.iam.v1.IPolicy|null} [iamPolicy] Asset iamPolicy - * @property {Array.|null} [orgPolicy] Asset orgPolicy - * @property {google.identity.accesscontextmanager.v1.IAccessPolicy|null} [accessPolicy] Asset accessPolicy - * @property {google.identity.accesscontextmanager.v1.IAccessLevel|null} [accessLevel] Asset accessLevel - * @property {google.identity.accesscontextmanager.v1.IServicePerimeter|null} [servicePerimeter] Asset servicePerimeter - * @property {Array.|null} [ancestors] Asset ancestors - */ + /** + * Encodes the specified IdentitySelector message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IIdentitySelector} message IdentitySelector message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IdentitySelector.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; - /** - * Constructs a new Asset. - * @memberof google.cloud.asset.v1 - * @classdesc Represents an Asset. - * @implements IAsset - * @constructor - * @param {google.cloud.asset.v1.IAsset=} [properties] Properties to set - */ - function Asset(properties) { - this.orgPolicy = []; - this.ancestors = []; - if (properties) - for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) - if (properties[keys[i]] != null) - this[keys[i]] = properties[keys[i]]; - } + /** + * Decodes an IdentitySelector message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector} IdentitySelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IdentitySelector.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.identity = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; - /** - * Asset updateTime. - * @member {google.protobuf.ITimestamp|null|undefined} updateTime - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.updateTime = null; + /** + * Decodes an IdentitySelector message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector} IdentitySelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IdentitySelector.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; - /** - * Asset name. - * @member {string} name - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.name = ""; + /** + * Verifies an IdentitySelector message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + IdentitySelector.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.identity != null && message.hasOwnProperty("identity")) + if (!$util.isString(message.identity)) + return "identity: string expected"; + return null; + }; - /** - * Asset assetType. - * @member {string} assetType - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.assetType = ""; + /** + * Creates an IdentitySelector message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector} IdentitySelector + */ + IdentitySelector.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector(); + if (object.identity != null) + message.identity = String(object.identity); + return message; + }; - /** - * Asset resource. - * @member {google.cloud.asset.v1.IResource|null|undefined} resource - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.resource = null; + /** + * Creates a plain object from an IdentitySelector message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector} message IdentitySelector + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + IdentitySelector.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) + object.identity = ""; + if (message.identity != null && message.hasOwnProperty("identity")) + object.identity = message.identity; + return object; + }; - /** - * Asset iamPolicy. - * @member {google.iam.v1.IPolicy|null|undefined} iamPolicy - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.iamPolicy = null; + /** + * Converts this IdentitySelector to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector + * @instance + * @returns {Object.} JSON object + */ + IdentitySelector.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; - /** - * Asset orgPolicy. - * @member {Array.} orgPolicy - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.orgPolicy = $util.emptyArray; + return IdentitySelector; + })(); - /** - * Asset accessPolicy. - * @member {google.identity.accesscontextmanager.v1.IAccessPolicy|null|undefined} accessPolicy - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.accessPolicy = null; + IamPolicyAnalysisQuery.AccessSelector = (function() { - /** - * Asset accessLevel. - * @member {google.identity.accesscontextmanager.v1.IAccessLevel|null|undefined} accessLevel - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.accessLevel = null; + /** + * Properties of an AccessSelector. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @interface IAccessSelector + * @property {Array.|null} [roles] AccessSelector roles + * @property {Array.|null} [permissions] AccessSelector permissions + */ - /** - * Asset servicePerimeter. - * @member {google.identity.accesscontextmanager.v1.IServicePerimeter|null|undefined} servicePerimeter - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.servicePerimeter = null; + /** + * Constructs a new AccessSelector. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @classdesc Represents an AccessSelector. + * @implements IAccessSelector + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector=} [properties] Properties to set + */ + function AccessSelector(properties) { + this.roles = []; + this.permissions = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } - /** - * Asset ancestors. - * @member {Array.} ancestors - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Asset.prototype.ancestors = $util.emptyArray; + /** + * AccessSelector roles. + * @member {Array.} roles + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @instance + */ + AccessSelector.prototype.roles = $util.emptyArray; - // OneOf field names bound to virtual getters and setters - var $oneOfFields; + /** + * AccessSelector permissions. + * @member {Array.} permissions + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @instance + */ + AccessSelector.prototype.permissions = $util.emptyArray; - /** - * Asset accessContextPolicy. - * @member {"accessPolicy"|"accessLevel"|"servicePerimeter"|undefined} accessContextPolicy - * @memberof google.cloud.asset.v1.Asset - * @instance - */ - Object.defineProperty(Asset.prototype, "accessContextPolicy", { - get: $util.oneOfGetter($oneOfFields = ["accessPolicy", "accessLevel", "servicePerimeter"]), - set: $util.oneOfSetter($oneOfFields) - }); + /** + * Creates a new AccessSelector instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector} AccessSelector instance + */ + AccessSelector.create = function create(properties) { + return new AccessSelector(properties); + }; - /** - * Creates a new Asset instance using the specified properties. - * @function create - * @memberof google.cloud.asset.v1.Asset - * @static - * @param {google.cloud.asset.v1.IAsset=} [properties] Properties to set - * @returns {google.cloud.asset.v1.Asset} Asset instance - */ - Asset.create = function create(properties) { - return new Asset(properties); - }; + /** + * Encodes the specified AccessSelector message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector} message AccessSelector message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + AccessSelector.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.roles != null && message.roles.length) + for (var i = 0; i < message.roles.length; ++i) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.roles[i]); + if (message.permissions != null && message.permissions.length) + for (var i = 0; i < message.permissions.length; ++i) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.permissions[i]); + return writer; + }; - /** - * Encodes the specified Asset message. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. - * @function encode - * @memberof google.cloud.asset.v1.Asset - * @static - * @param {google.cloud.asset.v1.IAsset} message Asset message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - Asset.encode = function encode(message, writer) { - if (!writer) - writer = $Writer.create(); - if (message.name != null && Object.hasOwnProperty.call(message, "name")) - writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); - if (message.assetType != null && Object.hasOwnProperty.call(message, "assetType")) - writer.uint32(/* id 2, wireType 2 =*/18).string(message.assetType); - if (message.resource != null && Object.hasOwnProperty.call(message, "resource")) - $root.google.cloud.asset.v1.Resource.encode(message.resource, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); - if (message.iamPolicy != null && Object.hasOwnProperty.call(message, "iamPolicy")) - $root.google.iam.v1.Policy.encode(message.iamPolicy, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); - if (message.orgPolicy != null && message.orgPolicy.length) - for (var i = 0; i < message.orgPolicy.length; ++i) - $root.google.cloud.orgpolicy.v1.Policy.encode(message.orgPolicy[i], writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); - if (message.accessPolicy != null && Object.hasOwnProperty.call(message, "accessPolicy")) - $root.google.identity.accesscontextmanager.v1.AccessPolicy.encode(message.accessPolicy, writer.uint32(/* id 7, wireType 2 =*/58).fork()).ldelim(); - if (message.accessLevel != null && Object.hasOwnProperty.call(message, "accessLevel")) - $root.google.identity.accesscontextmanager.v1.AccessLevel.encode(message.accessLevel, writer.uint32(/* id 8, wireType 2 =*/66).fork()).ldelim(); - if (message.servicePerimeter != null && Object.hasOwnProperty.call(message, "servicePerimeter")) - $root.google.identity.accesscontextmanager.v1.ServicePerimeter.encode(message.servicePerimeter, writer.uint32(/* id 9, wireType 2 =*/74).fork()).ldelim(); - if (message.ancestors != null && message.ancestors.length) - for (var i = 0; i < message.ancestors.length; ++i) - writer.uint32(/* id 10, wireType 2 =*/82).string(message.ancestors[i]); - if (message.updateTime != null && Object.hasOwnProperty.call(message, "updateTime")) - $root.google.protobuf.Timestamp.encode(message.updateTime, writer.uint32(/* id 11, wireType 2 =*/90).fork()).ldelim(); + /** + * Encodes the specified AccessSelector message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IAccessSelector} message AccessSelector message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + AccessSelector.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an AccessSelector message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector} AccessSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + AccessSelector.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + if (!(message.roles && message.roles.length)) + message.roles = []; + message.roles.push(reader.string()); + break; + case 2: + if (!(message.permissions && message.permissions.length)) + message.permissions = []; + message.permissions.push(reader.string()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an AccessSelector message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector} AccessSelector + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + AccessSelector.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an AccessSelector message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + AccessSelector.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.roles != null && message.hasOwnProperty("roles")) { + if (!Array.isArray(message.roles)) + return "roles: array expected"; + for (var i = 0; i < message.roles.length; ++i) + if (!$util.isString(message.roles[i])) + return "roles: string[] expected"; + } + if (message.permissions != null && message.hasOwnProperty("permissions")) { + if (!Array.isArray(message.permissions)) + return "permissions: array expected"; + for (var i = 0; i < message.permissions.length; ++i) + if (!$util.isString(message.permissions[i])) + return "permissions: string[] expected"; + } + return null; + }; + + /** + * Creates an AccessSelector message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector} AccessSelector + */ + AccessSelector.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector(); + if (object.roles) { + if (!Array.isArray(object.roles)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.roles: array expected"); + message.roles = []; + for (var i = 0; i < object.roles.length; ++i) + message.roles[i] = String(object.roles[i]); + } + if (object.permissions) { + if (!Array.isArray(object.permissions)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector.permissions: array expected"); + message.permissions = []; + for (var i = 0; i < object.permissions.length; ++i) + message.permissions[i] = String(object.permissions[i]); + } + return message; + }; + + /** + * Creates a plain object from an AccessSelector message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector} message AccessSelector + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + AccessSelector.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) { + object.roles = []; + object.permissions = []; + } + if (message.roles && message.roles.length) { + object.roles = []; + for (var j = 0; j < message.roles.length; ++j) + object.roles[j] = message.roles[j]; + } + if (message.permissions && message.permissions.length) { + object.permissions = []; + for (var j = 0; j < message.permissions.length; ++j) + object.permissions[j] = message.permissions[j]; + } + return object; + }; + + /** + * Converts this AccessSelector to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector + * @instance + * @returns {Object.} JSON object + */ + AccessSelector.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return AccessSelector; + })(); + + IamPolicyAnalysisQuery.Options = (function() { + + /** + * Properties of an Options. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @interface IOptions + * @property {boolean|null} [expandGroups] Options expandGroups + * @property {boolean|null} [expandRoles] Options expandRoles + * @property {boolean|null} [expandResources] Options expandResources + * @property {boolean|null} [outputResourceEdges] Options outputResourceEdges + * @property {boolean|null} [outputGroupEdges] Options outputGroupEdges + * @property {boolean|null} [analyzeServiceAccountImpersonation] Options analyzeServiceAccountImpersonation + * @property {number|null} [maxFanoutsPerGroup] Options maxFanoutsPerGroup + * @property {number|null} [maxFanoutsPerResource] Options maxFanoutsPerResource + */ + + /** + * Constructs a new Options. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery + * @classdesc Represents an Options. + * @implements IOptions + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions=} [properties] Properties to set + */ + function Options(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Options expandGroups. + * @member {boolean} expandGroups + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.expandGroups = false; + + /** + * Options expandRoles. + * @member {boolean} expandRoles + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.expandRoles = false; + + /** + * Options expandResources. + * @member {boolean} expandResources + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.expandResources = false; + + /** + * Options outputResourceEdges. + * @member {boolean} outputResourceEdges + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.outputResourceEdges = false; + + /** + * Options outputGroupEdges. + * @member {boolean} outputGroupEdges + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.outputGroupEdges = false; + + /** + * Options analyzeServiceAccountImpersonation. + * @member {boolean} analyzeServiceAccountImpersonation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.analyzeServiceAccountImpersonation = false; + + /** + * Options maxFanoutsPerGroup. + * @member {number} maxFanoutsPerGroup + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.maxFanoutsPerGroup = 0; + + /** + * Options maxFanoutsPerResource. + * @member {number} maxFanoutsPerResource + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + */ + Options.prototype.maxFanoutsPerResource = 0; + + /** + * Creates a new Options instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.Options} Options instance + */ + Options.create = function create(properties) { + return new Options(properties); + }; + + /** + * Encodes the specified Options message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions} message Options message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Options.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.expandGroups != null && Object.hasOwnProperty.call(message, "expandGroups")) + writer.uint32(/* id 1, wireType 0 =*/8).bool(message.expandGroups); + if (message.expandRoles != null && Object.hasOwnProperty.call(message, "expandRoles")) + writer.uint32(/* id 2, wireType 0 =*/16).bool(message.expandRoles); + if (message.expandResources != null && Object.hasOwnProperty.call(message, "expandResources")) + writer.uint32(/* id 3, wireType 0 =*/24).bool(message.expandResources); + if (message.outputResourceEdges != null && Object.hasOwnProperty.call(message, "outputResourceEdges")) + writer.uint32(/* id 4, wireType 0 =*/32).bool(message.outputResourceEdges); + if (message.outputGroupEdges != null && Object.hasOwnProperty.call(message, "outputGroupEdges")) + writer.uint32(/* id 5, wireType 0 =*/40).bool(message.outputGroupEdges); + if (message.analyzeServiceAccountImpersonation != null && Object.hasOwnProperty.call(message, "analyzeServiceAccountImpersonation")) + writer.uint32(/* id 6, wireType 0 =*/48).bool(message.analyzeServiceAccountImpersonation); + if (message.maxFanoutsPerGroup != null && Object.hasOwnProperty.call(message, "maxFanoutsPerGroup")) + writer.uint32(/* id 7, wireType 0 =*/56).int32(message.maxFanoutsPerGroup); + if (message.maxFanoutsPerResource != null && Object.hasOwnProperty.call(message, "maxFanoutsPerResource")) + writer.uint32(/* id 8, wireType 0 =*/64).int32(message.maxFanoutsPerResource); + return writer; + }; + + /** + * Encodes the specified Options message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisQuery.Options.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.IOptions} message Options message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Options.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Options message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.Options} Options + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Options.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.expandGroups = reader.bool(); + break; + case 2: + message.expandRoles = reader.bool(); + break; + case 3: + message.expandResources = reader.bool(); + break; + case 4: + message.outputResourceEdges = reader.bool(); + break; + case 5: + message.outputGroupEdges = reader.bool(); + break; + case 6: + message.analyzeServiceAccountImpersonation = reader.bool(); + break; + case 7: + message.maxFanoutsPerGroup = reader.int32(); + break; + case 8: + message.maxFanoutsPerResource = reader.int32(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Options message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.Options} Options + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Options.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Options message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Options.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.expandGroups != null && message.hasOwnProperty("expandGroups")) + if (typeof message.expandGroups !== "boolean") + return "expandGroups: boolean expected"; + if (message.expandRoles != null && message.hasOwnProperty("expandRoles")) + if (typeof message.expandRoles !== "boolean") + return "expandRoles: boolean expected"; + if (message.expandResources != null && message.hasOwnProperty("expandResources")) + if (typeof message.expandResources !== "boolean") + return "expandResources: boolean expected"; + if (message.outputResourceEdges != null && message.hasOwnProperty("outputResourceEdges")) + if (typeof message.outputResourceEdges !== "boolean") + return "outputResourceEdges: boolean expected"; + if (message.outputGroupEdges != null && message.hasOwnProperty("outputGroupEdges")) + if (typeof message.outputGroupEdges !== "boolean") + return "outputGroupEdges: boolean expected"; + if (message.analyzeServiceAccountImpersonation != null && message.hasOwnProperty("analyzeServiceAccountImpersonation")) + if (typeof message.analyzeServiceAccountImpersonation !== "boolean") + return "analyzeServiceAccountImpersonation: boolean expected"; + if (message.maxFanoutsPerGroup != null && message.hasOwnProperty("maxFanoutsPerGroup")) + if (!$util.isInteger(message.maxFanoutsPerGroup)) + return "maxFanoutsPerGroup: integer expected"; + if (message.maxFanoutsPerResource != null && message.hasOwnProperty("maxFanoutsPerResource")) + if (!$util.isInteger(message.maxFanoutsPerResource)) + return "maxFanoutsPerResource: integer expected"; + return null; + }; + + /** + * Creates an Options message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisQuery.Options} Options + */ + Options.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.Options(); + if (object.expandGroups != null) + message.expandGroups = Boolean(object.expandGroups); + if (object.expandRoles != null) + message.expandRoles = Boolean(object.expandRoles); + if (object.expandResources != null) + message.expandResources = Boolean(object.expandResources); + if (object.outputResourceEdges != null) + message.outputResourceEdges = Boolean(object.outputResourceEdges); + if (object.outputGroupEdges != null) + message.outputGroupEdges = Boolean(object.outputGroupEdges); + if (object.analyzeServiceAccountImpersonation != null) + message.analyzeServiceAccountImpersonation = Boolean(object.analyzeServiceAccountImpersonation); + if (object.maxFanoutsPerGroup != null) + message.maxFanoutsPerGroup = object.maxFanoutsPerGroup | 0; + if (object.maxFanoutsPerResource != null) + message.maxFanoutsPerResource = object.maxFanoutsPerResource | 0; + return message; + }; + + /** + * Creates a plain object from an Options message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery.Options} message Options + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Options.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.expandGroups = false; + object.expandRoles = false; + object.expandResources = false; + object.outputResourceEdges = false; + object.outputGroupEdges = false; + object.analyzeServiceAccountImpersonation = false; + object.maxFanoutsPerGroup = 0; + object.maxFanoutsPerResource = 0; + } + if (message.expandGroups != null && message.hasOwnProperty("expandGroups")) + object.expandGroups = message.expandGroups; + if (message.expandRoles != null && message.hasOwnProperty("expandRoles")) + object.expandRoles = message.expandRoles; + if (message.expandResources != null && message.hasOwnProperty("expandResources")) + object.expandResources = message.expandResources; + if (message.outputResourceEdges != null && message.hasOwnProperty("outputResourceEdges")) + object.outputResourceEdges = message.outputResourceEdges; + if (message.outputGroupEdges != null && message.hasOwnProperty("outputGroupEdges")) + object.outputGroupEdges = message.outputGroupEdges; + if (message.analyzeServiceAccountImpersonation != null && message.hasOwnProperty("analyzeServiceAccountImpersonation")) + object.analyzeServiceAccountImpersonation = message.analyzeServiceAccountImpersonation; + if (message.maxFanoutsPerGroup != null && message.hasOwnProperty("maxFanoutsPerGroup")) + object.maxFanoutsPerGroup = message.maxFanoutsPerGroup; + if (message.maxFanoutsPerResource != null && message.hasOwnProperty("maxFanoutsPerResource")) + object.maxFanoutsPerResource = message.maxFanoutsPerResource; + return object; + }; + + /** + * Converts this Options to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisQuery.Options + * @instance + * @returns {Object.} JSON object + */ + Options.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Options; + })(); + + return IamPolicyAnalysisQuery; + })(); + + v1.AnalyzeIamPolicyRequest = (function() { + + /** + * Properties of an AnalyzeIamPolicyRequest. + * @memberof google.cloud.asset.v1 + * @interface IAnalyzeIamPolicyRequest + * @property {google.cloud.asset.v1.IIamPolicyAnalysisQuery|null} [analysisQuery] AnalyzeIamPolicyRequest analysisQuery + * @property {google.protobuf.IDuration|null} [executionTimeout] AnalyzeIamPolicyRequest executionTimeout + */ + + /** + * Constructs a new AnalyzeIamPolicyRequest. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an AnalyzeIamPolicyRequest. + * @implements IAnalyzeIamPolicyRequest + * @constructor + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyRequest=} [properties] Properties to set + */ + function AnalyzeIamPolicyRequest(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * AnalyzeIamPolicyRequest analysisQuery. + * @member {google.cloud.asset.v1.IIamPolicyAnalysisQuery|null|undefined} analysisQuery + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest + * @instance + */ + AnalyzeIamPolicyRequest.prototype.analysisQuery = null; + + /** + * AnalyzeIamPolicyRequest executionTimeout. + * @member {google.protobuf.IDuration|null|undefined} executionTimeout + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest + * @instance + */ + AnalyzeIamPolicyRequest.prototype.executionTimeout = null; + + /** + * Creates a new AnalyzeIamPolicyRequest instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest + * @static + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyRequest=} [properties] Properties to set + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyRequest} AnalyzeIamPolicyRequest instance + */ + AnalyzeIamPolicyRequest.create = function create(properties) { + return new AnalyzeIamPolicyRequest(properties); + }; + + /** + * Encodes the specified AnalyzeIamPolicyRequest message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyRequest.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest + * @static + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyRequest} message AnalyzeIamPolicyRequest message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + AnalyzeIamPolicyRequest.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.analysisQuery != null && Object.hasOwnProperty.call(message, "analysisQuery")) + $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.encode(message.analysisQuery, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.executionTimeout != null && Object.hasOwnProperty.call(message, "executionTimeout")) + $root.google.protobuf.Duration.encode(message.executionTimeout, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); return writer; }; /** - * Encodes the specified Asset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. + * Encodes the specified AnalyzeIamPolicyRequest message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyRequest.verify|verify} messages. * @function encodeDelimited - * @memberof google.cloud.asset.v1.Asset + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest * @static - * @param {google.cloud.asset.v1.IAsset} message Asset message or plain object to encode + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyRequest} message AnalyzeIamPolicyRequest message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - Asset.encodeDelimited = function encodeDelimited(message, writer) { + AnalyzeIamPolicyRequest.encodeDelimited = function encodeDelimited(message, writer) { return this.encode(message, writer).ldelim(); }; /** - * Decodes an Asset message from the specified reader or buffer. + * Decodes an AnalyzeIamPolicyRequest message from the specified reader or buffer. * @function decode - * @memberof google.cloud.asset.v1.Asset + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.Asset} Asset + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyRequest} AnalyzeIamPolicyRequest * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - Asset.decode = function decode(reader, length) { + AnalyzeIamPolicyRequest.decode = function decode(reader, length) { if (!(reader instanceof $Reader)) reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.Asset(); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyRequest(); while (reader.pos < end) { var tag = reader.uint32(); switch (tag >>> 3) { - case 11: - message.updateTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); - break; case 1: - message.name = reader.string(); + message.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.decode(reader, reader.uint32()); break; case 2: - message.assetType = reader.string(); - break; - case 3: - message.resource = $root.google.cloud.asset.v1.Resource.decode(reader, reader.uint32()); - break; - case 4: - message.iamPolicy = $root.google.iam.v1.Policy.decode(reader, reader.uint32()); - break; - case 6: - if (!(message.orgPolicy && message.orgPolicy.length)) - message.orgPolicy = []; - message.orgPolicy.push($root.google.cloud.orgpolicy.v1.Policy.decode(reader, reader.uint32())); - break; - case 7: - message.accessPolicy = $root.google.identity.accesscontextmanager.v1.AccessPolicy.decode(reader, reader.uint32()); - break; - case 8: - message.accessLevel = $root.google.identity.accesscontextmanager.v1.AccessLevel.decode(reader, reader.uint32()); - break; - case 9: - message.servicePerimeter = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.decode(reader, reader.uint32()); - break; - case 10: - if (!(message.ancestors && message.ancestors.length)) - message.ancestors = []; - message.ancestors.push(reader.string()); + message.executionTimeout = $root.google.protobuf.Duration.decode(reader, reader.uint32()); break; default: reader.skipType(tag & 7); @@ -6468,267 +7075,129 @@ }; /** - * Decodes an Asset message from the specified reader or buffer, length delimited. + * Decodes an AnalyzeIamPolicyRequest message from the specified reader or buffer, length delimited. * @function decodeDelimited - * @memberof google.cloud.asset.v1.Asset + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.Asset} Asset + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyRequest} AnalyzeIamPolicyRequest * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - Asset.decodeDelimited = function decodeDelimited(reader) { + AnalyzeIamPolicyRequest.decodeDelimited = function decodeDelimited(reader) { if (!(reader instanceof $Reader)) reader = new $Reader(reader); return this.decode(reader, reader.uint32()); }; /** - * Verifies an Asset message. + * Verifies an AnalyzeIamPolicyRequest message. * @function verify - * @memberof google.cloud.asset.v1.Asset + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest * @static * @param {Object.} message Plain object to verify * @returns {string|null} `null` if valid, otherwise the reason why it is not */ - Asset.verify = function verify(message) { + AnalyzeIamPolicyRequest.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; - var properties = {}; - if (message.updateTime != null && message.hasOwnProperty("updateTime")) { - var error = $root.google.protobuf.Timestamp.verify(message.updateTime); - if (error) - return "updateTime." + error; - } - if (message.name != null && message.hasOwnProperty("name")) - if (!$util.isString(message.name)) - return "name: string expected"; - if (message.assetType != null && message.hasOwnProperty("assetType")) - if (!$util.isString(message.assetType)) - return "assetType: string expected"; - if (message.resource != null && message.hasOwnProperty("resource")) { - var error = $root.google.cloud.asset.v1.Resource.verify(message.resource); + if (message.analysisQuery != null && message.hasOwnProperty("analysisQuery")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.verify(message.analysisQuery); if (error) - return "resource." + error; + return "analysisQuery." + error; } - if (message.iamPolicy != null && message.hasOwnProperty("iamPolicy")) { - var error = $root.google.iam.v1.Policy.verify(message.iamPolicy); + if (message.executionTimeout != null && message.hasOwnProperty("executionTimeout")) { + var error = $root.google.protobuf.Duration.verify(message.executionTimeout); if (error) - return "iamPolicy." + error; - } - if (message.orgPolicy != null && message.hasOwnProperty("orgPolicy")) { - if (!Array.isArray(message.orgPolicy)) - return "orgPolicy: array expected"; - for (var i = 0; i < message.orgPolicy.length; ++i) { - var error = $root.google.cloud.orgpolicy.v1.Policy.verify(message.orgPolicy[i]); - if (error) - return "orgPolicy." + error; - } - } - if (message.accessPolicy != null && message.hasOwnProperty("accessPolicy")) { - properties.accessContextPolicy = 1; - { - var error = $root.google.identity.accesscontextmanager.v1.AccessPolicy.verify(message.accessPolicy); - if (error) - return "accessPolicy." + error; - } - } - if (message.accessLevel != null && message.hasOwnProperty("accessLevel")) { - if (properties.accessContextPolicy === 1) - return "accessContextPolicy: multiple values"; - properties.accessContextPolicy = 1; - { - var error = $root.google.identity.accesscontextmanager.v1.AccessLevel.verify(message.accessLevel); - if (error) - return "accessLevel." + error; - } - } - if (message.servicePerimeter != null && message.hasOwnProperty("servicePerimeter")) { - if (properties.accessContextPolicy === 1) - return "accessContextPolicy: multiple values"; - properties.accessContextPolicy = 1; - { - var error = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.verify(message.servicePerimeter); - if (error) - return "servicePerimeter." + error; - } - } - if (message.ancestors != null && message.hasOwnProperty("ancestors")) { - if (!Array.isArray(message.ancestors)) - return "ancestors: array expected"; - for (var i = 0; i < message.ancestors.length; ++i) - if (!$util.isString(message.ancestors[i])) - return "ancestors: string[] expected"; + return "executionTimeout." + error; } return null; }; /** - * Creates an Asset message from a plain object. Also converts values to their respective internal types. + * Creates an AnalyzeIamPolicyRequest message from a plain object. Also converts values to their respective internal types. * @function fromObject - * @memberof google.cloud.asset.v1.Asset + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest * @static * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.Asset} Asset + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyRequest} AnalyzeIamPolicyRequest */ - Asset.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.Asset) + AnalyzeIamPolicyRequest.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.AnalyzeIamPolicyRequest) return object; - var message = new $root.google.cloud.asset.v1.Asset(); - if (object.updateTime != null) { - if (typeof object.updateTime !== "object") - throw TypeError(".google.cloud.asset.v1.Asset.updateTime: object expected"); - message.updateTime = $root.google.protobuf.Timestamp.fromObject(object.updateTime); - } - if (object.name != null) - message.name = String(object.name); - if (object.assetType != null) - message.assetType = String(object.assetType); - if (object.resource != null) { - if (typeof object.resource !== "object") - throw TypeError(".google.cloud.asset.v1.Asset.resource: object expected"); - message.resource = $root.google.cloud.asset.v1.Resource.fromObject(object.resource); - } - if (object.iamPolicy != null) { - if (typeof object.iamPolicy !== "object") - throw TypeError(".google.cloud.asset.v1.Asset.iamPolicy: object expected"); - message.iamPolicy = $root.google.iam.v1.Policy.fromObject(object.iamPolicy); - } - if (object.orgPolicy) { - if (!Array.isArray(object.orgPolicy)) - throw TypeError(".google.cloud.asset.v1.Asset.orgPolicy: array expected"); - message.orgPolicy = []; - for (var i = 0; i < object.orgPolicy.length; ++i) { - if (typeof object.orgPolicy[i] !== "object") - throw TypeError(".google.cloud.asset.v1.Asset.orgPolicy: object expected"); - message.orgPolicy[i] = $root.google.cloud.orgpolicy.v1.Policy.fromObject(object.orgPolicy[i]); - } - } - if (object.accessPolicy != null) { - if (typeof object.accessPolicy !== "object") - throw TypeError(".google.cloud.asset.v1.Asset.accessPolicy: object expected"); - message.accessPolicy = $root.google.identity.accesscontextmanager.v1.AccessPolicy.fromObject(object.accessPolicy); - } - if (object.accessLevel != null) { - if (typeof object.accessLevel !== "object") - throw TypeError(".google.cloud.asset.v1.Asset.accessLevel: object expected"); - message.accessLevel = $root.google.identity.accesscontextmanager.v1.AccessLevel.fromObject(object.accessLevel); - } - if (object.servicePerimeter != null) { - if (typeof object.servicePerimeter !== "object") - throw TypeError(".google.cloud.asset.v1.Asset.servicePerimeter: object expected"); - message.servicePerimeter = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.fromObject(object.servicePerimeter); + var message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyRequest(); + if (object.analysisQuery != null) { + if (typeof object.analysisQuery !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyRequest.analysisQuery: object expected"); + message.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.fromObject(object.analysisQuery); } - if (object.ancestors) { - if (!Array.isArray(object.ancestors)) - throw TypeError(".google.cloud.asset.v1.Asset.ancestors: array expected"); - message.ancestors = []; - for (var i = 0; i < object.ancestors.length; ++i) - message.ancestors[i] = String(object.ancestors[i]); + if (object.executionTimeout != null) { + if (typeof object.executionTimeout !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyRequest.executionTimeout: object expected"); + message.executionTimeout = $root.google.protobuf.Duration.fromObject(object.executionTimeout); } return message; }; /** - * Creates a plain object from an Asset message. Also converts values to other types if specified. + * Creates a plain object from an AnalyzeIamPolicyRequest message. Also converts values to other types if specified. * @function toObject - * @memberof google.cloud.asset.v1.Asset + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest * @static - * @param {google.cloud.asset.v1.Asset} message Asset + * @param {google.cloud.asset.v1.AnalyzeIamPolicyRequest} message AnalyzeIamPolicyRequest * @param {$protobuf.IConversionOptions} [options] Conversion options * @returns {Object.} Plain object */ - Asset.toObject = function toObject(message, options) { + AnalyzeIamPolicyRequest.toObject = function toObject(message, options) { if (!options) options = {}; var object = {}; - if (options.arrays || options.defaults) { - object.orgPolicy = []; - object.ancestors = []; - } if (options.defaults) { - object.name = ""; - object.assetType = ""; - object.resource = null; - object.iamPolicy = null; - object.updateTime = null; - } - if (message.name != null && message.hasOwnProperty("name")) - object.name = message.name; - if (message.assetType != null && message.hasOwnProperty("assetType")) - object.assetType = message.assetType; - if (message.resource != null && message.hasOwnProperty("resource")) - object.resource = $root.google.cloud.asset.v1.Resource.toObject(message.resource, options); - if (message.iamPolicy != null && message.hasOwnProperty("iamPolicy")) - object.iamPolicy = $root.google.iam.v1.Policy.toObject(message.iamPolicy, options); - if (message.orgPolicy && message.orgPolicy.length) { - object.orgPolicy = []; - for (var j = 0; j < message.orgPolicy.length; ++j) - object.orgPolicy[j] = $root.google.cloud.orgpolicy.v1.Policy.toObject(message.orgPolicy[j], options); - } - if (message.accessPolicy != null && message.hasOwnProperty("accessPolicy")) { - object.accessPolicy = $root.google.identity.accesscontextmanager.v1.AccessPolicy.toObject(message.accessPolicy, options); - if (options.oneofs) - object.accessContextPolicy = "accessPolicy"; - } - if (message.accessLevel != null && message.hasOwnProperty("accessLevel")) { - object.accessLevel = $root.google.identity.accesscontextmanager.v1.AccessLevel.toObject(message.accessLevel, options); - if (options.oneofs) - object.accessContextPolicy = "accessLevel"; - } - if (message.servicePerimeter != null && message.hasOwnProperty("servicePerimeter")) { - object.servicePerimeter = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.toObject(message.servicePerimeter, options); - if (options.oneofs) - object.accessContextPolicy = "servicePerimeter"; - } - if (message.ancestors && message.ancestors.length) { - object.ancestors = []; - for (var j = 0; j < message.ancestors.length; ++j) - object.ancestors[j] = message.ancestors[j]; + object.analysisQuery = null; + object.executionTimeout = null; } - if (message.updateTime != null && message.hasOwnProperty("updateTime")) - object.updateTime = $root.google.protobuf.Timestamp.toObject(message.updateTime, options); + if (message.analysisQuery != null && message.hasOwnProperty("analysisQuery")) + object.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.toObject(message.analysisQuery, options); + if (message.executionTimeout != null && message.hasOwnProperty("executionTimeout")) + object.executionTimeout = $root.google.protobuf.Duration.toObject(message.executionTimeout, options); return object; }; /** - * Converts this Asset to JSON. + * Converts this AnalyzeIamPolicyRequest to JSON. * @function toJSON - * @memberof google.cloud.asset.v1.Asset + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyRequest * @instance * @returns {Object.} JSON object */ - Asset.prototype.toJSON = function toJSON() { + AnalyzeIamPolicyRequest.prototype.toJSON = function toJSON() { return this.constructor.toObject(this, $protobuf.util.toJSONOptions); }; - return Asset; + return AnalyzeIamPolicyRequest; })(); - v1.Resource = (function() { + v1.AnalyzeIamPolicyResponse = (function() { /** - * Properties of a Resource. + * Properties of an AnalyzeIamPolicyResponse. * @memberof google.cloud.asset.v1 - * @interface IResource - * @property {string|null} [version] Resource version - * @property {string|null} [discoveryDocumentUri] Resource discoveryDocumentUri - * @property {string|null} [discoveryName] Resource discoveryName - * @property {string|null} [resourceUrl] Resource resourceUrl - * @property {string|null} [parent] Resource parent - * @property {google.protobuf.IStruct|null} [data] Resource data - * @property {string|null} [location] Resource location + * @interface IAnalyzeIamPolicyResponse + * @property {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis|null} [mainAnalysis] AnalyzeIamPolicyResponse mainAnalysis + * @property {Array.|null} [serviceAccountImpersonationAnalysis] AnalyzeIamPolicyResponse serviceAccountImpersonationAnalysis + * @property {boolean|null} [fullyExplored] AnalyzeIamPolicyResponse fullyExplored */ /** - * Constructs a new Resource. + * Constructs a new AnalyzeIamPolicyResponse. * @memberof google.cloud.asset.v1 - * @classdesc Represents a Resource. - * @implements IResource + * @classdesc Represents an AnalyzeIamPolicyResponse. + * @implements IAnalyzeIamPolicyResponse * @constructor - * @param {google.cloud.asset.v1.IResource=} [properties] Properties to set + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyResponse=} [properties] Properties to set */ - function Resource(properties) { + function AnalyzeIamPolicyResponse(properties) { + this.serviceAccountImpersonationAnalysis = []; if (properties) for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) if (properties[keys[i]] != null) @@ -6736,153 +7205,104 @@ } /** - * Resource version. - * @member {string} version - * @memberof google.cloud.asset.v1.Resource - * @instance - */ - Resource.prototype.version = ""; - - /** - * Resource discoveryDocumentUri. - * @member {string} discoveryDocumentUri - * @memberof google.cloud.asset.v1.Resource - * @instance - */ - Resource.prototype.discoveryDocumentUri = ""; - - /** - * Resource discoveryName. - * @member {string} discoveryName - * @memberof google.cloud.asset.v1.Resource - * @instance - */ - Resource.prototype.discoveryName = ""; - - /** - * Resource resourceUrl. - * @member {string} resourceUrl - * @memberof google.cloud.asset.v1.Resource - * @instance - */ - Resource.prototype.resourceUrl = ""; - - /** - * Resource parent. - * @member {string} parent - * @memberof google.cloud.asset.v1.Resource + * AnalyzeIamPolicyResponse mainAnalysis. + * @member {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis|null|undefined} mainAnalysis + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @instance */ - Resource.prototype.parent = ""; + AnalyzeIamPolicyResponse.prototype.mainAnalysis = null; /** - * Resource data. - * @member {google.protobuf.IStruct|null|undefined} data - * @memberof google.cloud.asset.v1.Resource + * AnalyzeIamPolicyResponse serviceAccountImpersonationAnalysis. + * @member {Array.} serviceAccountImpersonationAnalysis + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @instance */ - Resource.prototype.data = null; + AnalyzeIamPolicyResponse.prototype.serviceAccountImpersonationAnalysis = $util.emptyArray; /** - * Resource location. - * @member {string} location - * @memberof google.cloud.asset.v1.Resource + * AnalyzeIamPolicyResponse fullyExplored. + * @member {boolean} fullyExplored + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @instance */ - Resource.prototype.location = ""; + AnalyzeIamPolicyResponse.prototype.fullyExplored = false; /** - * Creates a new Resource instance using the specified properties. + * Creates a new AnalyzeIamPolicyResponse instance using the specified properties. * @function create - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static - * @param {google.cloud.asset.v1.IResource=} [properties] Properties to set - * @returns {google.cloud.asset.v1.Resource} Resource instance + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyResponse=} [properties] Properties to set + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse} AnalyzeIamPolicyResponse instance */ - Resource.create = function create(properties) { - return new Resource(properties); + AnalyzeIamPolicyResponse.create = function create(properties) { + return new AnalyzeIamPolicyResponse(properties); }; /** - * Encodes the specified Resource message. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. + * Encodes the specified AnalyzeIamPolicyResponse message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.verify|verify} messages. * @function encode - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static - * @param {google.cloud.asset.v1.IResource} message Resource message or plain object to encode + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyResponse} message AnalyzeIamPolicyResponse message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - Resource.encode = function encode(message, writer) { + AnalyzeIamPolicyResponse.encode = function encode(message, writer) { if (!writer) writer = $Writer.create(); - if (message.version != null && Object.hasOwnProperty.call(message, "version")) - writer.uint32(/* id 1, wireType 2 =*/10).string(message.version); - if (message.discoveryDocumentUri != null && Object.hasOwnProperty.call(message, "discoveryDocumentUri")) - writer.uint32(/* id 2, wireType 2 =*/18).string(message.discoveryDocumentUri); - if (message.discoveryName != null && Object.hasOwnProperty.call(message, "discoveryName")) - writer.uint32(/* id 3, wireType 2 =*/26).string(message.discoveryName); - if (message.resourceUrl != null && Object.hasOwnProperty.call(message, "resourceUrl")) - writer.uint32(/* id 4, wireType 2 =*/34).string(message.resourceUrl); - if (message.parent != null && Object.hasOwnProperty.call(message, "parent")) - writer.uint32(/* id 5, wireType 2 =*/42).string(message.parent); - if (message.data != null && Object.hasOwnProperty.call(message, "data")) - $root.google.protobuf.Struct.encode(message.data, writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); - if (message.location != null && Object.hasOwnProperty.call(message, "location")) - writer.uint32(/* id 8, wireType 2 =*/66).string(message.location); + if (message.mainAnalysis != null && Object.hasOwnProperty.call(message, "mainAnalysis")) + $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.encode(message.mainAnalysis, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.serviceAccountImpersonationAnalysis != null && message.serviceAccountImpersonationAnalysis.length) + for (var i = 0; i < message.serviceAccountImpersonationAnalysis.length; ++i) + $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.encode(message.serviceAccountImpersonationAnalysis[i], writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + if (message.fullyExplored != null && Object.hasOwnProperty.call(message, "fullyExplored")) + writer.uint32(/* id 3, wireType 0 =*/24).bool(message.fullyExplored); return writer; }; /** - * Encodes the specified Resource message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. + * Encodes the specified AnalyzeIamPolicyResponse message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.verify|verify} messages. * @function encodeDelimited - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static - * @param {google.cloud.asset.v1.IResource} message Resource message or plain object to encode + * @param {google.cloud.asset.v1.IAnalyzeIamPolicyResponse} message AnalyzeIamPolicyResponse message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - Resource.encodeDelimited = function encodeDelimited(message, writer) { + AnalyzeIamPolicyResponse.encodeDelimited = function encodeDelimited(message, writer) { return this.encode(message, writer).ldelim(); }; /** - * Decodes a Resource message from the specified reader or buffer. + * Decodes an AnalyzeIamPolicyResponse message from the specified reader or buffer. * @function decode - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.Resource} Resource + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse} AnalyzeIamPolicyResponse * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - Resource.decode = function decode(reader, length) { + AnalyzeIamPolicyResponse.decode = function decode(reader, length) { if (!(reader instanceof $Reader)) reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.Resource(); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse(); while (reader.pos < end) { var tag = reader.uint32(); switch (tag >>> 3) { case 1: - message.version = reader.string(); + message.mainAnalysis = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.decode(reader, reader.uint32()); break; case 2: - message.discoveryDocumentUri = reader.string(); + if (!(message.serviceAccountImpersonationAnalysis && message.serviceAccountImpersonationAnalysis.length)) + message.serviceAccountImpersonationAnalysis = []; + message.serviceAccountImpersonationAnalysis.push($root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.decode(reader, reader.uint32())); break; case 3: - message.discoveryName = reader.string(); - break; - case 4: - message.resourceUrl = reader.string(); - break; - case 5: - message.parent = reader.string(); - break; - case 6: - message.data = $root.google.protobuf.Struct.decode(reader, reader.uint32()); - break; - case 8: - message.location = reader.string(); + message.fullyExplored = reader.bool(); break; default: reader.skipType(tag & 7); @@ -6893,374 +7313,987 @@ }; /** - * Decodes a Resource message from the specified reader or buffer, length delimited. + * Decodes an AnalyzeIamPolicyResponse message from the specified reader or buffer, length delimited. * @function decodeDelimited - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.Resource} Resource + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse} AnalyzeIamPolicyResponse * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - Resource.decodeDelimited = function decodeDelimited(reader) { + AnalyzeIamPolicyResponse.decodeDelimited = function decodeDelimited(reader) { if (!(reader instanceof $Reader)) reader = new $Reader(reader); return this.decode(reader, reader.uint32()); }; /** - * Verifies a Resource message. + * Verifies an AnalyzeIamPolicyResponse message. * @function verify - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static * @param {Object.} message Plain object to verify * @returns {string|null} `null` if valid, otherwise the reason why it is not */ - Resource.verify = function verify(message) { + AnalyzeIamPolicyResponse.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; - if (message.version != null && message.hasOwnProperty("version")) - if (!$util.isString(message.version)) - return "version: string expected"; - if (message.discoveryDocumentUri != null && message.hasOwnProperty("discoveryDocumentUri")) - if (!$util.isString(message.discoveryDocumentUri)) - return "discoveryDocumentUri: string expected"; - if (message.discoveryName != null && message.hasOwnProperty("discoveryName")) - if (!$util.isString(message.discoveryName)) - return "discoveryName: string expected"; - if (message.resourceUrl != null && message.hasOwnProperty("resourceUrl")) - if (!$util.isString(message.resourceUrl)) - return "resourceUrl: string expected"; - if (message.parent != null && message.hasOwnProperty("parent")) - if (!$util.isString(message.parent)) - return "parent: string expected"; - if (message.data != null && message.hasOwnProperty("data")) { - var error = $root.google.protobuf.Struct.verify(message.data); + if (message.mainAnalysis != null && message.hasOwnProperty("mainAnalysis")) { + var error = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.verify(message.mainAnalysis); if (error) - return "data." + error; + return "mainAnalysis." + error; } - if (message.location != null && message.hasOwnProperty("location")) - if (!$util.isString(message.location)) - return "location: string expected"; + if (message.serviceAccountImpersonationAnalysis != null && message.hasOwnProperty("serviceAccountImpersonationAnalysis")) { + if (!Array.isArray(message.serviceAccountImpersonationAnalysis)) + return "serviceAccountImpersonationAnalysis: array expected"; + for (var i = 0; i < message.serviceAccountImpersonationAnalysis.length; ++i) { + var error = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.verify(message.serviceAccountImpersonationAnalysis[i]); + if (error) + return "serviceAccountImpersonationAnalysis." + error; + } + } + if (message.fullyExplored != null && message.hasOwnProperty("fullyExplored")) + if (typeof message.fullyExplored !== "boolean") + return "fullyExplored: boolean expected"; return null; }; /** - * Creates a Resource message from a plain object. Also converts values to their respective internal types. + * Creates an AnalyzeIamPolicyResponse message from a plain object. Also converts values to their respective internal types. * @function fromObject - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.Resource} Resource + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse} AnalyzeIamPolicyResponse */ - Resource.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.Resource) + AnalyzeIamPolicyResponse.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse) return object; - var message = new $root.google.cloud.asset.v1.Resource(); - if (object.version != null) - message.version = String(object.version); - if (object.discoveryDocumentUri != null) - message.discoveryDocumentUri = String(object.discoveryDocumentUri); - if (object.discoveryName != null) - message.discoveryName = String(object.discoveryName); - if (object.resourceUrl != null) - message.resourceUrl = String(object.resourceUrl); - if (object.parent != null) - message.parent = String(object.parent); - if (object.data != null) { - if (typeof object.data !== "object") - throw TypeError(".google.cloud.asset.v1.Resource.data: object expected"); - message.data = $root.google.protobuf.Struct.fromObject(object.data); + var message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse(); + if (object.mainAnalysis != null) { + if (typeof object.mainAnalysis !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.mainAnalysis: object expected"); + message.mainAnalysis = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.fromObject(object.mainAnalysis); } - if (object.location != null) - message.location = String(object.location); + if (object.serviceAccountImpersonationAnalysis) { + if (!Array.isArray(object.serviceAccountImpersonationAnalysis)) + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.serviceAccountImpersonationAnalysis: array expected"); + message.serviceAccountImpersonationAnalysis = []; + for (var i = 0; i < object.serviceAccountImpersonationAnalysis.length; ++i) { + if (typeof object.serviceAccountImpersonationAnalysis[i] !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.serviceAccountImpersonationAnalysis: object expected"); + message.serviceAccountImpersonationAnalysis[i] = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.fromObject(object.serviceAccountImpersonationAnalysis[i]); + } + } + if (object.fullyExplored != null) + message.fullyExplored = Boolean(object.fullyExplored); return message; }; /** - * Creates a plain object from a Resource message. Also converts values to other types if specified. + * Creates a plain object from an AnalyzeIamPolicyResponse message. Also converts values to other types if specified. * @function toObject - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @static - * @param {google.cloud.asset.v1.Resource} message Resource + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse} message AnalyzeIamPolicyResponse * @param {$protobuf.IConversionOptions} [options] Conversion options * @returns {Object.} Plain object */ - Resource.toObject = function toObject(message, options) { + AnalyzeIamPolicyResponse.toObject = function toObject(message, options) { if (!options) options = {}; var object = {}; + if (options.arrays || options.defaults) + object.serviceAccountImpersonationAnalysis = []; if (options.defaults) { - object.version = ""; - object.discoveryDocumentUri = ""; - object.discoveryName = ""; - object.resourceUrl = ""; - object.parent = ""; - object.data = null; - object.location = ""; + object.mainAnalysis = null; + object.fullyExplored = false; } - if (message.version != null && message.hasOwnProperty("version")) - object.version = message.version; - if (message.discoveryDocumentUri != null && message.hasOwnProperty("discoveryDocumentUri")) - object.discoveryDocumentUri = message.discoveryDocumentUri; - if (message.discoveryName != null && message.hasOwnProperty("discoveryName")) - object.discoveryName = message.discoveryName; - if (message.resourceUrl != null && message.hasOwnProperty("resourceUrl")) - object.resourceUrl = message.resourceUrl; - if (message.parent != null && message.hasOwnProperty("parent")) - object.parent = message.parent; - if (message.data != null && message.hasOwnProperty("data")) - object.data = $root.google.protobuf.Struct.toObject(message.data, options); - if (message.location != null && message.hasOwnProperty("location")) - object.location = message.location; + if (message.mainAnalysis != null && message.hasOwnProperty("mainAnalysis")) + object.mainAnalysis = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.toObject(message.mainAnalysis, options); + if (message.serviceAccountImpersonationAnalysis && message.serviceAccountImpersonationAnalysis.length) { + object.serviceAccountImpersonationAnalysis = []; + for (var j = 0; j < message.serviceAccountImpersonationAnalysis.length; ++j) + object.serviceAccountImpersonationAnalysis[j] = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.toObject(message.serviceAccountImpersonationAnalysis[j], options); + } + if (message.fullyExplored != null && message.hasOwnProperty("fullyExplored")) + object.fullyExplored = message.fullyExplored; return object; }; /** - * Converts this Resource to JSON. + * Converts this AnalyzeIamPolicyResponse to JSON. * @function toJSON - * @memberof google.cloud.asset.v1.Resource + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse * @instance * @returns {Object.} JSON object */ - Resource.prototype.toJSON = function toJSON() { + AnalyzeIamPolicyResponse.prototype.toJSON = function toJSON() { return this.constructor.toObject(this, $protobuf.util.toJSONOptions); }; - return Resource; - })(); - - v1.ResourceSearchResult = (function() { + AnalyzeIamPolicyResponse.IamPolicyAnalysis = (function() { - /** - * Properties of a ResourceSearchResult. - * @memberof google.cloud.asset.v1 - * @interface IResourceSearchResult - * @property {string|null} [name] ResourceSearchResult name - * @property {string|null} [assetType] ResourceSearchResult assetType - * @property {string|null} [project] ResourceSearchResult project - * @property {string|null} [displayName] ResourceSearchResult displayName - * @property {string|null} [description] ResourceSearchResult description - * @property {string|null} [location] ResourceSearchResult location - * @property {Object.|null} [labels] ResourceSearchResult labels - * @property {Array.|null} [networkTags] ResourceSearchResult networkTags - * @property {google.protobuf.IStruct|null} [additionalAttributes] ResourceSearchResult additionalAttributes - */ + /** + * Properties of an IamPolicyAnalysis. + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse + * @interface IIamPolicyAnalysis + * @property {google.cloud.asset.v1.IIamPolicyAnalysisQuery|null} [analysisQuery] IamPolicyAnalysis analysisQuery + * @property {Array.|null} [analysisResults] IamPolicyAnalysis analysisResults + * @property {boolean|null} [fullyExplored] IamPolicyAnalysis fullyExplored + * @property {Array.|null} [stats] IamPolicyAnalysis stats + * @property {Array.|null} [nonCriticalErrors] IamPolicyAnalysis nonCriticalErrors + */ - /** - * Constructs a new ResourceSearchResult. - * @memberof google.cloud.asset.v1 - * @classdesc Represents a ResourceSearchResult. - * @implements IResourceSearchResult - * @constructor - * @param {google.cloud.asset.v1.IResourceSearchResult=} [properties] Properties to set - */ - function ResourceSearchResult(properties) { - this.labels = {}; - this.networkTags = []; - if (properties) - for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) - if (properties[keys[i]] != null) - this[keys[i]] = properties[keys[i]]; - } + /** + * Constructs a new IamPolicyAnalysis. + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse + * @classdesc Represents an IamPolicyAnalysis. + * @implements IIamPolicyAnalysis + * @constructor + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis=} [properties] Properties to set + */ + function IamPolicyAnalysis(properties) { + this.analysisResults = []; + this.stats = []; + this.nonCriticalErrors = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } - /** - * ResourceSearchResult name. - * @member {string} name - * @memberof google.cloud.asset.v1.ResourceSearchResult - * @instance - */ - ResourceSearchResult.prototype.name = ""; + /** + * IamPolicyAnalysis analysisQuery. + * @member {google.cloud.asset.v1.IIamPolicyAnalysisQuery|null|undefined} analysisQuery + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @instance + */ + IamPolicyAnalysis.prototype.analysisQuery = null; - /** - * ResourceSearchResult assetType. - * @member {string} assetType - * @memberof google.cloud.asset.v1.ResourceSearchResult - * @instance - */ - ResourceSearchResult.prototype.assetType = ""; + /** + * IamPolicyAnalysis analysisResults. + * @member {Array.} analysisResults + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @instance + */ + IamPolicyAnalysis.prototype.analysisResults = $util.emptyArray; - /** - * ResourceSearchResult project. - * @member {string} project - * @memberof google.cloud.asset.v1.ResourceSearchResult - * @instance - */ - ResourceSearchResult.prototype.project = ""; + /** + * IamPolicyAnalysis fullyExplored. + * @member {boolean} fullyExplored + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @instance + */ + IamPolicyAnalysis.prototype.fullyExplored = false; - /** - * ResourceSearchResult displayName. - * @member {string} displayName - * @memberof google.cloud.asset.v1.ResourceSearchResult - * @instance - */ - ResourceSearchResult.prototype.displayName = ""; + /** + * IamPolicyAnalysis stats. + * @member {Array.} stats + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @instance + */ + IamPolicyAnalysis.prototype.stats = $util.emptyArray; + + /** + * IamPolicyAnalysis nonCriticalErrors. + * @member {Array.} nonCriticalErrors + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @instance + */ + IamPolicyAnalysis.prototype.nonCriticalErrors = $util.emptyArray; + + /** + * Creates a new IamPolicyAnalysis instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis=} [properties] Properties to set + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis} IamPolicyAnalysis instance + */ + IamPolicyAnalysis.create = function create(properties) { + return new IamPolicyAnalysis(properties); + }; + + /** + * Encodes the specified IamPolicyAnalysis message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis} message IamPolicyAnalysis message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicyAnalysis.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.analysisQuery != null && Object.hasOwnProperty.call(message, "analysisQuery")) + $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.encode(message.analysisQuery, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.analysisResults != null && message.analysisResults.length) + for (var i = 0; i < message.analysisResults.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.encode(message.analysisResults[i], writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + if (message.fullyExplored != null && Object.hasOwnProperty.call(message, "fullyExplored")) + writer.uint32(/* id 3, wireType 0 =*/24).bool(message.fullyExplored); + if (message.stats != null && message.stats.length) + for (var i = 0; i < message.stats.length; ++i) + $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.encode(message.stats[i], writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); + if (message.nonCriticalErrors != null && message.nonCriticalErrors.length) + for (var i = 0; i < message.nonCriticalErrors.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisState.encode(message.nonCriticalErrors[i], writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified IamPolicyAnalysis message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IIamPolicyAnalysis} message IamPolicyAnalysis message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicyAnalysis.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an IamPolicyAnalysis message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis} IamPolicyAnalysis + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicyAnalysis.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.decode(reader, reader.uint32()); + break; + case 2: + if (!(message.analysisResults && message.analysisResults.length)) + message.analysisResults = []; + message.analysisResults.push($root.google.cloud.asset.v1.IamPolicyAnalysisResult.decode(reader, reader.uint32())); + break; + case 3: + message.fullyExplored = reader.bool(); + break; + case 4: + if (!(message.stats && message.stats.length)) + message.stats = []; + message.stats.push($root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.decode(reader, reader.uint32())); + break; + case 5: + if (!(message.nonCriticalErrors && message.nonCriticalErrors.length)) + message.nonCriticalErrors = []; + message.nonCriticalErrors.push($root.google.cloud.asset.v1.IamPolicyAnalysisState.decode(reader, reader.uint32())); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an IamPolicyAnalysis message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis} IamPolicyAnalysis + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicyAnalysis.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an IamPolicyAnalysis message. + * @function verify + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + IamPolicyAnalysis.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.analysisQuery != null && message.hasOwnProperty("analysisQuery")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.verify(message.analysisQuery); + if (error) + return "analysisQuery." + error; + } + if (message.analysisResults != null && message.hasOwnProperty("analysisResults")) { + if (!Array.isArray(message.analysisResults)) + return "analysisResults: array expected"; + for (var i = 0; i < message.analysisResults.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.verify(message.analysisResults[i]); + if (error) + return "analysisResults." + error; + } + } + if (message.fullyExplored != null && message.hasOwnProperty("fullyExplored")) + if (typeof message.fullyExplored !== "boolean") + return "fullyExplored: boolean expected"; + if (message.stats != null && message.hasOwnProperty("stats")) { + if (!Array.isArray(message.stats)) + return "stats: array expected"; + for (var i = 0; i < message.stats.length; ++i) { + var error = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.verify(message.stats[i]); + if (error) + return "stats." + error; + } + } + if (message.nonCriticalErrors != null && message.hasOwnProperty("nonCriticalErrors")) { + if (!Array.isArray(message.nonCriticalErrors)) + return "nonCriticalErrors: array expected"; + for (var i = 0; i < message.nonCriticalErrors.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisState.verify(message.nonCriticalErrors[i]); + if (error) + return "nonCriticalErrors." + error; + } + } + return null; + }; + + /** + * Creates an IamPolicyAnalysis message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis} IamPolicyAnalysis + */ + IamPolicyAnalysis.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis) + return object; + var message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis(); + if (object.analysisQuery != null) { + if (typeof object.analysisQuery !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.analysisQuery: object expected"); + message.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.fromObject(object.analysisQuery); + } + if (object.analysisResults) { + if (!Array.isArray(object.analysisResults)) + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.analysisResults: array expected"); + message.analysisResults = []; + for (var i = 0; i < object.analysisResults.length; ++i) { + if (typeof object.analysisResults[i] !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.analysisResults: object expected"); + message.analysisResults[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.fromObject(object.analysisResults[i]); + } + } + if (object.fullyExplored != null) + message.fullyExplored = Boolean(object.fullyExplored); + if (object.stats) { + if (!Array.isArray(object.stats)) + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.stats: array expected"); + message.stats = []; + for (var i = 0; i < object.stats.length; ++i) { + if (typeof object.stats[i] !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.stats: object expected"); + message.stats[i] = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.fromObject(object.stats[i]); + } + } + if (object.nonCriticalErrors) { + if (!Array.isArray(object.nonCriticalErrors)) + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.nonCriticalErrors: array expected"); + message.nonCriticalErrors = []; + for (var i = 0; i < object.nonCriticalErrors.length; ++i) { + if (typeof object.nonCriticalErrors[i] !== "object") + throw TypeError(".google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.nonCriticalErrors: object expected"); + message.nonCriticalErrors[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisState.fromObject(object.nonCriticalErrors[i]); + } + } + return message; + }; + + /** + * Creates a plain object from an IamPolicyAnalysis message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis} message IamPolicyAnalysis + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + IamPolicyAnalysis.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) { + object.analysisResults = []; + object.stats = []; + object.nonCriticalErrors = []; + } + if (options.defaults) { + object.analysisQuery = null; + object.fullyExplored = false; + } + if (message.analysisQuery != null && message.hasOwnProperty("analysisQuery")) + object.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.toObject(message.analysisQuery, options); + if (message.analysisResults && message.analysisResults.length) { + object.analysisResults = []; + for (var j = 0; j < message.analysisResults.length; ++j) + object.analysisResults[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.toObject(message.analysisResults[j], options); + } + if (message.fullyExplored != null && message.hasOwnProperty("fullyExplored")) + object.fullyExplored = message.fullyExplored; + if (message.stats && message.stats.length) { + object.stats = []; + for (var j = 0; j < message.stats.length; ++j) + object.stats[j] = $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.toObject(message.stats[j], options); + } + if (message.nonCriticalErrors && message.nonCriticalErrors.length) { + object.nonCriticalErrors = []; + for (var j = 0; j < message.nonCriticalErrors.length; ++j) + object.nonCriticalErrors[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisState.toObject(message.nonCriticalErrors[j], options); + } + return object; + }; + + /** + * Converts this IamPolicyAnalysis to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @instance + * @returns {Object.} JSON object + */ + IamPolicyAnalysis.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + IamPolicyAnalysis.Stats = (function() { + + /** + * Properties of a Stats. + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @interface IStats + * @property {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType|null} [nodeType] Stats nodeType + * @property {string|null} [nodeSubtype] Stats nodeSubtype + * @property {number|null} [discoveredNodeCount] Stats discoveredNodeCount + * @property {number|null} [matchedNodeCount] Stats matchedNodeCount + * @property {number|null} [exploredNodeCount] Stats exploredNodeCount + * @property {number|null} [cappedNodeCount] Stats cappedNodeCount + * @property {number|null} [permisionDeniedNodeCount] Stats permisionDeniedNodeCount + * @property {number|null} [executionTimeoutNodeCount] Stats executionTimeoutNodeCount + */ + + /** + * Constructs a new Stats. + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis + * @classdesc Represents a Stats. + * @implements IStats + * @constructor + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats=} [properties] Properties to set + */ + function Stats(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Stats nodeType. + * @member {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType} nodeType + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.nodeType = 0; + + /** + * Stats nodeSubtype. + * @member {string} nodeSubtype + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.nodeSubtype = ""; + + /** + * Stats discoveredNodeCount. + * @member {number} discoveredNodeCount + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.discoveredNodeCount = 0; + + /** + * Stats matchedNodeCount. + * @member {number} matchedNodeCount + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.matchedNodeCount = 0; + + /** + * Stats exploredNodeCount. + * @member {number} exploredNodeCount + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.exploredNodeCount = 0; + + /** + * Stats cappedNodeCount. + * @member {number} cappedNodeCount + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.cappedNodeCount = 0; + + /** + * Stats permisionDeniedNodeCount. + * @member {number} permisionDeniedNodeCount + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.permisionDeniedNodeCount = 0; + + /** + * Stats executionTimeoutNodeCount. + * @member {number} executionTimeoutNodeCount + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + */ + Stats.prototype.executionTimeoutNodeCount = 0; + + /** + * Creates a new Stats instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats=} [properties] Properties to set + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats} Stats instance + */ + Stats.create = function create(properties) { + return new Stats(properties); + }; + + /** + * Encodes the specified Stats message. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats} message Stats message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Stats.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.nodeType != null && Object.hasOwnProperty.call(message, "nodeType")) + writer.uint32(/* id 1, wireType 0 =*/8).int32(message.nodeType); + if (message.nodeSubtype != null && Object.hasOwnProperty.call(message, "nodeSubtype")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.nodeSubtype); + if (message.discoveredNodeCount != null && Object.hasOwnProperty.call(message, "discoveredNodeCount")) + writer.uint32(/* id 3, wireType 0 =*/24).int32(message.discoveredNodeCount); + if (message.matchedNodeCount != null && Object.hasOwnProperty.call(message, "matchedNodeCount")) + writer.uint32(/* id 4, wireType 0 =*/32).int32(message.matchedNodeCount); + if (message.exploredNodeCount != null && Object.hasOwnProperty.call(message, "exploredNodeCount")) + writer.uint32(/* id 5, wireType 0 =*/40).int32(message.exploredNodeCount); + if (message.cappedNodeCount != null && Object.hasOwnProperty.call(message, "cappedNodeCount")) + writer.uint32(/* id 6, wireType 0 =*/48).int32(message.cappedNodeCount); + if (message.permisionDeniedNodeCount != null && Object.hasOwnProperty.call(message, "permisionDeniedNodeCount")) + writer.uint32(/* id 7, wireType 0 =*/56).int32(message.permisionDeniedNodeCount); + if (message.executionTimeoutNodeCount != null && Object.hasOwnProperty.call(message, "executionTimeoutNodeCount")) + writer.uint32(/* id 8, wireType 0 =*/64).int32(message.executionTimeoutNodeCount); + return writer; + }; + + /** + * Encodes the specified Stats message, length delimited. Does not implicitly {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.IStats} message Stats message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Stats.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Stats message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats} Stats + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Stats.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.nodeType = reader.int32(); + break; + case 2: + message.nodeSubtype = reader.string(); + break; + case 3: + message.discoveredNodeCount = reader.int32(); + break; + case 4: + message.matchedNodeCount = reader.int32(); + break; + case 5: + message.exploredNodeCount = reader.int32(); + break; + case 6: + message.cappedNodeCount = reader.int32(); + break; + case 7: + message.permisionDeniedNodeCount = reader.int32(); + break; + case 8: + message.executionTimeoutNodeCount = reader.int32(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Stats message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats} Stats + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Stats.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Stats message. + * @function verify + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Stats.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.nodeType != null && message.hasOwnProperty("nodeType")) + switch (message.nodeType) { + default: + return "nodeType: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + break; + } + if (message.nodeSubtype != null && message.hasOwnProperty("nodeSubtype")) + if (!$util.isString(message.nodeSubtype)) + return "nodeSubtype: string expected"; + if (message.discoveredNodeCount != null && message.hasOwnProperty("discoveredNodeCount")) + if (!$util.isInteger(message.discoveredNodeCount)) + return "discoveredNodeCount: integer expected"; + if (message.matchedNodeCount != null && message.hasOwnProperty("matchedNodeCount")) + if (!$util.isInteger(message.matchedNodeCount)) + return "matchedNodeCount: integer expected"; + if (message.exploredNodeCount != null && message.hasOwnProperty("exploredNodeCount")) + if (!$util.isInteger(message.exploredNodeCount)) + return "exploredNodeCount: integer expected"; + if (message.cappedNodeCount != null && message.hasOwnProperty("cappedNodeCount")) + if (!$util.isInteger(message.cappedNodeCount)) + return "cappedNodeCount: integer expected"; + if (message.permisionDeniedNodeCount != null && message.hasOwnProperty("permisionDeniedNodeCount")) + if (!$util.isInteger(message.permisionDeniedNodeCount)) + return "permisionDeniedNodeCount: integer expected"; + if (message.executionTimeoutNodeCount != null && message.hasOwnProperty("executionTimeoutNodeCount")) + if (!$util.isInteger(message.executionTimeoutNodeCount)) + return "executionTimeoutNodeCount: integer expected"; + return null; + }; + + /** + * Creates a Stats message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats} Stats + */ + Stats.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats) + return object; + var message = new $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats(); + switch (object.nodeType) { + case "NODE_TYPE_UNSPECIFIED": + case 0: + message.nodeType = 0; + break; + case "BINDING": + case 1: + message.nodeType = 1; + break; + case "IDENTITY": + case 2: + message.nodeType = 2; + break; + case "RESOURCE": + case 3: + message.nodeType = 3; + break; + case "ACCESS": + case 4: + message.nodeType = 4; + break; + } + if (object.nodeSubtype != null) + message.nodeSubtype = String(object.nodeSubtype); + if (object.discoveredNodeCount != null) + message.discoveredNodeCount = object.discoveredNodeCount | 0; + if (object.matchedNodeCount != null) + message.matchedNodeCount = object.matchedNodeCount | 0; + if (object.exploredNodeCount != null) + message.exploredNodeCount = object.exploredNodeCount | 0; + if (object.cappedNodeCount != null) + message.cappedNodeCount = object.cappedNodeCount | 0; + if (object.permisionDeniedNodeCount != null) + message.permisionDeniedNodeCount = object.permisionDeniedNodeCount | 0; + if (object.executionTimeoutNodeCount != null) + message.executionTimeoutNodeCount = object.executionTimeoutNodeCount | 0; + return message; + }; + + /** + * Creates a plain object from a Stats message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @static + * @param {google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats} message Stats + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Stats.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.nodeType = options.enums === String ? "NODE_TYPE_UNSPECIFIED" : 0; + object.nodeSubtype = ""; + object.discoveredNodeCount = 0; + object.matchedNodeCount = 0; + object.exploredNodeCount = 0; + object.cappedNodeCount = 0; + object.permisionDeniedNodeCount = 0; + object.executionTimeoutNodeCount = 0; + } + if (message.nodeType != null && message.hasOwnProperty("nodeType")) + object.nodeType = options.enums === String ? $root.google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType[message.nodeType] : message.nodeType; + if (message.nodeSubtype != null && message.hasOwnProperty("nodeSubtype")) + object.nodeSubtype = message.nodeSubtype; + if (message.discoveredNodeCount != null && message.hasOwnProperty("discoveredNodeCount")) + object.discoveredNodeCount = message.discoveredNodeCount; + if (message.matchedNodeCount != null && message.hasOwnProperty("matchedNodeCount")) + object.matchedNodeCount = message.matchedNodeCount; + if (message.exploredNodeCount != null && message.hasOwnProperty("exploredNodeCount")) + object.exploredNodeCount = message.exploredNodeCount; + if (message.cappedNodeCount != null && message.hasOwnProperty("cappedNodeCount")) + object.cappedNodeCount = message.cappedNodeCount; + if (message.permisionDeniedNodeCount != null && message.hasOwnProperty("permisionDeniedNodeCount")) + object.permisionDeniedNodeCount = message.permisionDeniedNodeCount; + if (message.executionTimeoutNodeCount != null && message.hasOwnProperty("executionTimeoutNodeCount")) + object.executionTimeoutNodeCount = message.executionTimeoutNodeCount; + return object; + }; + + /** + * Converts this Stats to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats + * @instance + * @returns {Object.} JSON object + */ + Stats.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * NodeType enum. + * @name google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType + * @enum {number} + * @property {number} NODE_TYPE_UNSPECIFIED=0 NODE_TYPE_UNSPECIFIED value + * @property {number} BINDING=1 BINDING value + * @property {number} IDENTITY=2 IDENTITY value + * @property {number} RESOURCE=3 RESOURCE value + * @property {number} ACCESS=4 ACCESS value + */ + Stats.NodeType = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "NODE_TYPE_UNSPECIFIED"] = 0; + values[valuesById[1] = "BINDING"] = 1; + values[valuesById[2] = "IDENTITY"] = 2; + values[valuesById[3] = "RESOURCE"] = 3; + values[valuesById[4] = "ACCESS"] = 4; + return values; + })(); + + return Stats; + })(); + + return IamPolicyAnalysis; + })(); + + return AnalyzeIamPolicyResponse; + })(); + + v1.IamPolicyAnalysisOutputConfig = (function() { /** - * ResourceSearchResult description. - * @member {string} description - * @memberof google.cloud.asset.v1.ResourceSearchResult - * @instance + * Properties of an IamPolicyAnalysisOutputConfig. + * @memberof google.cloud.asset.v1 + * @interface IIamPolicyAnalysisOutputConfig + * @property {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination|null} [gcsDestination] IamPolicyAnalysisOutputConfig gcsDestination + * @property {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination|null} [bigqueryDestination] IamPolicyAnalysisOutputConfig bigqueryDestination */ - ResourceSearchResult.prototype.description = ""; /** - * ResourceSearchResult location. - * @member {string} location - * @memberof google.cloud.asset.v1.ResourceSearchResult - * @instance + * Constructs a new IamPolicyAnalysisOutputConfig. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an IamPolicyAnalysisOutputConfig. + * @implements IIamPolicyAnalysisOutputConfig + * @constructor + * @param {google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig=} [properties] Properties to set */ - ResourceSearchResult.prototype.location = ""; + function IamPolicyAnalysisOutputConfig(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } /** - * ResourceSearchResult labels. - * @member {Object.} labels - * @memberof google.cloud.asset.v1.ResourceSearchResult + * IamPolicyAnalysisOutputConfig gcsDestination. + * @member {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination|null|undefined} gcsDestination + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @instance */ - ResourceSearchResult.prototype.labels = $util.emptyObject; + IamPolicyAnalysisOutputConfig.prototype.gcsDestination = null; /** - * ResourceSearchResult networkTags. - * @member {Array.} networkTags - * @memberof google.cloud.asset.v1.ResourceSearchResult + * IamPolicyAnalysisOutputConfig bigqueryDestination. + * @member {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination|null|undefined} bigqueryDestination + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @instance */ - ResourceSearchResult.prototype.networkTags = $util.emptyArray; + IamPolicyAnalysisOutputConfig.prototype.bigqueryDestination = null; + + // OneOf field names bound to virtual getters and setters + var $oneOfFields; /** - * ResourceSearchResult additionalAttributes. - * @member {google.protobuf.IStruct|null|undefined} additionalAttributes - * @memberof google.cloud.asset.v1.ResourceSearchResult + * IamPolicyAnalysisOutputConfig destination. + * @member {"gcsDestination"|"bigqueryDestination"|undefined} destination + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @instance */ - ResourceSearchResult.prototype.additionalAttributes = null; + Object.defineProperty(IamPolicyAnalysisOutputConfig.prototype, "destination", { + get: $util.oneOfGetter($oneOfFields = ["gcsDestination", "bigqueryDestination"]), + set: $util.oneOfSetter($oneOfFields) + }); /** - * Creates a new ResourceSearchResult instance using the specified properties. + * Creates a new IamPolicyAnalysisOutputConfig instance using the specified properties. * @function create - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static - * @param {google.cloud.asset.v1.IResourceSearchResult=} [properties] Properties to set - * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult instance + * @param {google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig} IamPolicyAnalysisOutputConfig instance */ - ResourceSearchResult.create = function create(properties) { - return new ResourceSearchResult(properties); + IamPolicyAnalysisOutputConfig.create = function create(properties) { + return new IamPolicyAnalysisOutputConfig(properties); }; /** - * Encodes the specified ResourceSearchResult message. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. + * Encodes the specified IamPolicyAnalysisOutputConfig message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.verify|verify} messages. * @function encode - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static - * @param {google.cloud.asset.v1.IResourceSearchResult} message ResourceSearchResult message or plain object to encode + * @param {google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig} message IamPolicyAnalysisOutputConfig message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - ResourceSearchResult.encode = function encode(message, writer) { + IamPolicyAnalysisOutputConfig.encode = function encode(message, writer) { if (!writer) writer = $Writer.create(); - if (message.name != null && Object.hasOwnProperty.call(message, "name")) - writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); - if (message.assetType != null && Object.hasOwnProperty.call(message, "assetType")) - writer.uint32(/* id 2, wireType 2 =*/18).string(message.assetType); - if (message.project != null && Object.hasOwnProperty.call(message, "project")) - writer.uint32(/* id 3, wireType 2 =*/26).string(message.project); - if (message.displayName != null && Object.hasOwnProperty.call(message, "displayName")) - writer.uint32(/* id 4, wireType 2 =*/34).string(message.displayName); - if (message.description != null && Object.hasOwnProperty.call(message, "description")) - writer.uint32(/* id 5, wireType 2 =*/42).string(message.description); - if (message.location != null && Object.hasOwnProperty.call(message, "location")) - writer.uint32(/* id 6, wireType 2 =*/50).string(message.location); - if (message.labels != null && Object.hasOwnProperty.call(message, "labels")) - for (var keys = Object.keys(message.labels), i = 0; i < keys.length; ++i) - writer.uint32(/* id 7, wireType 2 =*/58).fork().uint32(/* id 1, wireType 2 =*/10).string(keys[i]).uint32(/* id 2, wireType 2 =*/18).string(message.labels[keys[i]]).ldelim(); - if (message.networkTags != null && message.networkTags.length) - for (var i = 0; i < message.networkTags.length; ++i) - writer.uint32(/* id 8, wireType 2 =*/66).string(message.networkTags[i]); - if (message.additionalAttributes != null && Object.hasOwnProperty.call(message, "additionalAttributes")) - $root.google.protobuf.Struct.encode(message.additionalAttributes, writer.uint32(/* id 9, wireType 2 =*/74).fork()).ldelim(); + if (message.gcsDestination != null && Object.hasOwnProperty.call(message, "gcsDestination")) + $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.encode(message.gcsDestination, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.bigqueryDestination != null && Object.hasOwnProperty.call(message, "bigqueryDestination")) + $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.encode(message.bigqueryDestination, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); return writer; }; /** - * Encodes the specified ResourceSearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. + * Encodes the specified IamPolicyAnalysisOutputConfig message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.verify|verify} messages. * @function encodeDelimited - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static - * @param {google.cloud.asset.v1.IResourceSearchResult} message ResourceSearchResult message or plain object to encode + * @param {google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig} message IamPolicyAnalysisOutputConfig message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - ResourceSearchResult.encodeDelimited = function encodeDelimited(message, writer) { + IamPolicyAnalysisOutputConfig.encodeDelimited = function encodeDelimited(message, writer) { return this.encode(message, writer).ldelim(); }; /** - * Decodes a ResourceSearchResult message from the specified reader or buffer. + * Decodes an IamPolicyAnalysisOutputConfig message from the specified reader or buffer. * @function decode - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig} IamPolicyAnalysisOutputConfig * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - ResourceSearchResult.decode = function decode(reader, length) { + IamPolicyAnalysisOutputConfig.decode = function decode(reader, length) { if (!(reader instanceof $Reader)) reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.ResourceSearchResult(), key, value; + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig(); while (reader.pos < end) { var tag = reader.uint32(); switch (tag >>> 3) { case 1: - message.name = reader.string(); + message.gcsDestination = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.decode(reader, reader.uint32()); break; case 2: - message.assetType = reader.string(); - break; - case 3: - message.project = reader.string(); - break; - case 4: - message.displayName = reader.string(); - break; - case 5: - message.description = reader.string(); - break; - case 6: - message.location = reader.string(); - break; - case 7: - if (message.labels === $util.emptyObject) - message.labels = {}; - var end2 = reader.uint32() + reader.pos; - key = ""; - value = ""; - while (reader.pos < end2) { - var tag2 = reader.uint32(); - switch (tag2 >>> 3) { - case 1: - key = reader.string(); - break; - case 2: - value = reader.string(); - break; - default: - reader.skipType(tag2 & 7); - break; - } - } - message.labels[key] = value; - break; - case 8: - if (!(message.networkTags && message.networkTags.length)) - message.networkTags = []; - message.networkTags.push(reader.string()); - break; - case 9: - message.additionalAttributes = $root.google.protobuf.Struct.decode(reader, reader.uint32()); + message.bigqueryDestination = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.decode(reader, reader.uint32()); break; default: reader.skipType(tag & 7); @@ -7271,467 +8304,5332 @@ }; /** - * Decodes a ResourceSearchResult message from the specified reader or buffer, length delimited. + * Decodes an IamPolicyAnalysisOutputConfig message from the specified reader or buffer, length delimited. * @function decodeDelimited - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig} IamPolicyAnalysisOutputConfig * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - ResourceSearchResult.decodeDelimited = function decodeDelimited(reader) { + IamPolicyAnalysisOutputConfig.decodeDelimited = function decodeDelimited(reader) { if (!(reader instanceof $Reader)) reader = new $Reader(reader); return this.decode(reader, reader.uint32()); }; /** - * Verifies a ResourceSearchResult message. + * Verifies an IamPolicyAnalysisOutputConfig message. * @function verify - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static * @param {Object.} message Plain object to verify * @returns {string|null} `null` if valid, otherwise the reason why it is not */ - ResourceSearchResult.verify = function verify(message) { + IamPolicyAnalysisOutputConfig.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; - if (message.name != null && message.hasOwnProperty("name")) - if (!$util.isString(message.name)) - return "name: string expected"; - if (message.assetType != null && message.hasOwnProperty("assetType")) - if (!$util.isString(message.assetType)) - return "assetType: string expected"; - if (message.project != null && message.hasOwnProperty("project")) - if (!$util.isString(message.project)) - return "project: string expected"; - if (message.displayName != null && message.hasOwnProperty("displayName")) - if (!$util.isString(message.displayName)) - return "displayName: string expected"; - if (message.description != null && message.hasOwnProperty("description")) - if (!$util.isString(message.description)) - return "description: string expected"; - if (message.location != null && message.hasOwnProperty("location")) - if (!$util.isString(message.location)) - return "location: string expected"; - if (message.labels != null && message.hasOwnProperty("labels")) { - if (!$util.isObject(message.labels)) - return "labels: object expected"; - var key = Object.keys(message.labels); - for (var i = 0; i < key.length; ++i) - if (!$util.isString(message.labels[key[i]])) - return "labels: string{k:string} expected"; - } - if (message.networkTags != null && message.hasOwnProperty("networkTags")) { - if (!Array.isArray(message.networkTags)) - return "networkTags: array expected"; - for (var i = 0; i < message.networkTags.length; ++i) - if (!$util.isString(message.networkTags[i])) - return "networkTags: string[] expected"; + var properties = {}; + if (message.gcsDestination != null && message.hasOwnProperty("gcsDestination")) { + properties.destination = 1; + { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.verify(message.gcsDestination); + if (error) + return "gcsDestination." + error; + } } - if (message.additionalAttributes != null && message.hasOwnProperty("additionalAttributes")) { - var error = $root.google.protobuf.Struct.verify(message.additionalAttributes); - if (error) - return "additionalAttributes." + error; + if (message.bigqueryDestination != null && message.hasOwnProperty("bigqueryDestination")) { + if (properties.destination === 1) + return "destination: multiple values"; + properties.destination = 1; + { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.verify(message.bigqueryDestination); + if (error) + return "bigqueryDestination." + error; + } } return null; }; /** - * Creates a ResourceSearchResult message from a plain object. Also converts values to their respective internal types. + * Creates an IamPolicyAnalysisOutputConfig message from a plain object. Also converts values to their respective internal types. * @function fromObject - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig} IamPolicyAnalysisOutputConfig */ - ResourceSearchResult.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.ResourceSearchResult) + IamPolicyAnalysisOutputConfig.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig) return object; - var message = new $root.google.cloud.asset.v1.ResourceSearchResult(); - if (object.name != null) - message.name = String(object.name); - if (object.assetType != null) - message.assetType = String(object.assetType); - if (object.project != null) - message.project = String(object.project); - if (object.displayName != null) - message.displayName = String(object.displayName); - if (object.description != null) - message.description = String(object.description); - if (object.location != null) - message.location = String(object.location); - if (object.labels) { - if (typeof object.labels !== "object") - throw TypeError(".google.cloud.asset.v1.ResourceSearchResult.labels: object expected"); - message.labels = {}; - for (var keys = Object.keys(object.labels), i = 0; i < keys.length; ++i) - message.labels[keys[i]] = String(object.labels[keys[i]]); - } - if (object.networkTags) { - if (!Array.isArray(object.networkTags)) - throw TypeError(".google.cloud.asset.v1.ResourceSearchResult.networkTags: array expected"); - message.networkTags = []; - for (var i = 0; i < object.networkTags.length; ++i) - message.networkTags[i] = String(object.networkTags[i]); + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig(); + if (object.gcsDestination != null) { + if (typeof object.gcsDestination !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.gcsDestination: object expected"); + message.gcsDestination = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.fromObject(object.gcsDestination); } - if (object.additionalAttributes != null) { - if (typeof object.additionalAttributes !== "object") - throw TypeError(".google.cloud.asset.v1.ResourceSearchResult.additionalAttributes: object expected"); - message.additionalAttributes = $root.google.protobuf.Struct.fromObject(object.additionalAttributes); + if (object.bigqueryDestination != null) { + if (typeof object.bigqueryDestination !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.bigqueryDestination: object expected"); + message.bigqueryDestination = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.fromObject(object.bigqueryDestination); } return message; }; /** - * Creates a plain object from a ResourceSearchResult message. Also converts values to other types if specified. + * Creates a plain object from an IamPolicyAnalysisOutputConfig message. Also converts values to other types if specified. * @function toObject - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @static - * @param {google.cloud.asset.v1.ResourceSearchResult} message ResourceSearchResult + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig} message IamPolicyAnalysisOutputConfig * @param {$protobuf.IConversionOptions} [options] Conversion options * @returns {Object.} Plain object */ - ResourceSearchResult.toObject = function toObject(message, options) { + IamPolicyAnalysisOutputConfig.toObject = function toObject(message, options) { if (!options) options = {}; var object = {}; - if (options.arrays || options.defaults) - object.networkTags = []; - if (options.objects || options.defaults) - object.labels = {}; - if (options.defaults) { - object.name = ""; - object.assetType = ""; - object.project = ""; - object.displayName = ""; - object.description = ""; - object.location = ""; - object.additionalAttributes = null; - } - if (message.name != null && message.hasOwnProperty("name")) - object.name = message.name; - if (message.assetType != null && message.hasOwnProperty("assetType")) - object.assetType = message.assetType; - if (message.project != null && message.hasOwnProperty("project")) - object.project = message.project; - if (message.displayName != null && message.hasOwnProperty("displayName")) - object.displayName = message.displayName; - if (message.description != null && message.hasOwnProperty("description")) - object.description = message.description; - if (message.location != null && message.hasOwnProperty("location")) - object.location = message.location; - var keys2; - if (message.labels && (keys2 = Object.keys(message.labels)).length) { - object.labels = {}; - for (var j = 0; j < keys2.length; ++j) - object.labels[keys2[j]] = message.labels[keys2[j]]; + if (message.gcsDestination != null && message.hasOwnProperty("gcsDestination")) { + object.gcsDestination = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.toObject(message.gcsDestination, options); + if (options.oneofs) + object.destination = "gcsDestination"; } - if (message.networkTags && message.networkTags.length) { - object.networkTags = []; - for (var j = 0; j < message.networkTags.length; ++j) - object.networkTags[j] = message.networkTags[j]; + if (message.bigqueryDestination != null && message.hasOwnProperty("bigqueryDestination")) { + object.bigqueryDestination = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.toObject(message.bigqueryDestination, options); + if (options.oneofs) + object.destination = "bigqueryDestination"; } - if (message.additionalAttributes != null && message.hasOwnProperty("additionalAttributes")) - object.additionalAttributes = $root.google.protobuf.Struct.toObject(message.additionalAttributes, options); return object; }; /** - * Converts this ResourceSearchResult to JSON. + * Converts this IamPolicyAnalysisOutputConfig to JSON. * @function toJSON - * @memberof google.cloud.asset.v1.ResourceSearchResult + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig * @instance * @returns {Object.} JSON object */ - ResourceSearchResult.prototype.toJSON = function toJSON() { + IamPolicyAnalysisOutputConfig.prototype.toJSON = function toJSON() { return this.constructor.toObject(this, $protobuf.util.toJSONOptions); }; - return ResourceSearchResult; - })(); - - v1.IamPolicySearchResult = (function() { + IamPolicyAnalysisOutputConfig.GcsDestination = (function() { - /** - * Properties of an IamPolicySearchResult. - * @memberof google.cloud.asset.v1 - * @interface IIamPolicySearchResult - * @property {string|null} [resource] IamPolicySearchResult resource - * @property {string|null} [project] IamPolicySearchResult project - * @property {google.iam.v1.IPolicy|null} [policy] IamPolicySearchResult policy - * @property {google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null} [explanation] IamPolicySearchResult explanation - */ + /** + * Properties of a GcsDestination. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig + * @interface IGcsDestination + * @property {string|null} [uri] GcsDestination uri + */ - /** - * Constructs a new IamPolicySearchResult. - * @memberof google.cloud.asset.v1 - * @classdesc Represents an IamPolicySearchResult. - * @implements IIamPolicySearchResult - * @constructor - * @param {google.cloud.asset.v1.IIamPolicySearchResult=} [properties] Properties to set - */ - function IamPolicySearchResult(properties) { - if (properties) - for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) - if (properties[keys[i]] != null) - this[keys[i]] = properties[keys[i]]; - } + /** + * Constructs a new GcsDestination. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig + * @classdesc Represents a GcsDestination. + * @implements IGcsDestination + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination=} [properties] Properties to set + */ + function GcsDestination(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } - /** - * IamPolicySearchResult resource. - * @member {string} resource - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @instance - */ - IamPolicySearchResult.prototype.resource = ""; + /** + * GcsDestination uri. + * @member {string} uri + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @instance + */ + GcsDestination.prototype.uri = ""; - /** - * IamPolicySearchResult project. - * @member {string} project - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @instance - */ - IamPolicySearchResult.prototype.project = ""; + /** + * Creates a new GcsDestination instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination} GcsDestination instance + */ + GcsDestination.create = function create(properties) { + return new GcsDestination(properties); + }; - /** - * IamPolicySearchResult policy. - * @member {google.iam.v1.IPolicy|null|undefined} policy - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @instance - */ - IamPolicySearchResult.prototype.policy = null; + /** + * Encodes the specified GcsDestination message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination} message GcsDestination message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + GcsDestination.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.uri != null && Object.hasOwnProperty.call(message, "uri")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.uri); + return writer; + }; - /** - * IamPolicySearchResult explanation. - * @member {google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null|undefined} explanation - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @instance - */ - IamPolicySearchResult.prototype.explanation = null; + /** + * Encodes the specified GcsDestination message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IGcsDestination} message GcsDestination message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + GcsDestination.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; - /** - * Creates a new IamPolicySearchResult instance using the specified properties. - * @function create - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @static - * @param {google.cloud.asset.v1.IIamPolicySearchResult=} [properties] Properties to set - * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult instance - */ - IamPolicySearchResult.create = function create(properties) { - return new IamPolicySearchResult(properties); - }; + /** + * Decodes a GcsDestination message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination} GcsDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + GcsDestination.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.uri = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; - /** - * Encodes the specified IamPolicySearchResult message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. - * @function encode - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @static - * @param {google.cloud.asset.v1.IIamPolicySearchResult} message IamPolicySearchResult message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - IamPolicySearchResult.encode = function encode(message, writer) { - if (!writer) - writer = $Writer.create(); - if (message.resource != null && Object.hasOwnProperty.call(message, "resource")) - writer.uint32(/* id 1, wireType 2 =*/10).string(message.resource); - if (message.project != null && Object.hasOwnProperty.call(message, "project")) - writer.uint32(/* id 2, wireType 2 =*/18).string(message.project); - if (message.policy != null && Object.hasOwnProperty.call(message, "policy")) - $root.google.iam.v1.Policy.encode(message.policy, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); - if (message.explanation != null && Object.hasOwnProperty.call(message, "explanation")) - $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.encode(message.explanation, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); - return writer; - }; + /** + * Decodes a GcsDestination message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination} GcsDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + GcsDestination.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; - /** - * Encodes the specified IamPolicySearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. - * @function encodeDelimited - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @static - * @param {google.cloud.asset.v1.IIamPolicySearchResult} message IamPolicySearchResult message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - IamPolicySearchResult.encodeDelimited = function encodeDelimited(message, writer) { - return this.encode(message, writer).ldelim(); - }; + /** + * Verifies a GcsDestination message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + GcsDestination.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.uri != null && message.hasOwnProperty("uri")) + if (!$util.isString(message.uri)) + return "uri: string expected"; + return null; + }; - /** - * Decodes an IamPolicySearchResult message from the specified reader or buffer. - * @function decode - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - IamPolicySearchResult.decode = function decode(reader, length) { - if (!(reader instanceof $Reader)) - reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicySearchResult(); - while (reader.pos < end) { - var tag = reader.uint32(); - switch (tag >>> 3) { - case 1: - message.resource = reader.string(); - break; - case 2: - message.project = reader.string(); - break; - case 3: - message.policy = $root.google.iam.v1.Policy.decode(reader, reader.uint32()); - break; - case 4: - message.explanation = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.decode(reader, reader.uint32()); - break; - default: - reader.skipType(tag & 7); - break; - } - } - return message; - }; + /** + * Creates a GcsDestination message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination} GcsDestination + */ + GcsDestination.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination(); + if (object.uri != null) + message.uri = String(object.uri); + return message; + }; - /** - * Decodes an IamPolicySearchResult message from the specified reader or buffer, length delimited. - * @function decodeDelimited - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - IamPolicySearchResult.decodeDelimited = function decodeDelimited(reader) { - if (!(reader instanceof $Reader)) - reader = new $Reader(reader); - return this.decode(reader, reader.uint32()); - }; + /** + * Creates a plain object from a GcsDestination message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination} message GcsDestination + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + GcsDestination.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) + object.uri = ""; + if (message.uri != null && message.hasOwnProperty("uri")) + object.uri = message.uri; + return object; + }; + + /** + * Converts this GcsDestination to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination + * @instance + * @returns {Object.} JSON object + */ + GcsDestination.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return GcsDestination; + })(); + + IamPolicyAnalysisOutputConfig.BigQueryDestination = (function() { + + /** + * Properties of a BigQueryDestination. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig + * @interface IBigQueryDestination + * @property {string|null} [dataset] BigQueryDestination dataset + * @property {string|null} [tablePrefix] BigQueryDestination tablePrefix + * @property {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey|null} [partitionKey] BigQueryDestination partitionKey + * @property {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode|null} [writeMode] BigQueryDestination writeMode + */ + + /** + * Constructs a new BigQueryDestination. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig + * @classdesc Represents a BigQueryDestination. + * @implements IBigQueryDestination + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination=} [properties] Properties to set + */ + function BigQueryDestination(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * BigQueryDestination dataset. + * @member {string} dataset + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @instance + */ + BigQueryDestination.prototype.dataset = ""; + + /** + * BigQueryDestination tablePrefix. + * @member {string} tablePrefix + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @instance + */ + BigQueryDestination.prototype.tablePrefix = ""; + + /** + * BigQueryDestination partitionKey. + * @member {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey} partitionKey + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @instance + */ + BigQueryDestination.prototype.partitionKey = 0; + + /** + * BigQueryDestination writeMode. + * @member {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode} writeMode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @instance + */ + BigQueryDestination.prototype.writeMode = 0; + + /** + * Creates a new BigQueryDestination instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination} BigQueryDestination instance + */ + BigQueryDestination.create = function create(properties) { + return new BigQueryDestination(properties); + }; + + /** + * Encodes the specified BigQueryDestination message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination} message BigQueryDestination message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + BigQueryDestination.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.dataset != null && Object.hasOwnProperty.call(message, "dataset")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.dataset); + if (message.tablePrefix != null && Object.hasOwnProperty.call(message, "tablePrefix")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.tablePrefix); + if (message.partitionKey != null && Object.hasOwnProperty.call(message, "partitionKey")) + writer.uint32(/* id 3, wireType 0 =*/24).int32(message.partitionKey); + if (message.writeMode != null && Object.hasOwnProperty.call(message, "writeMode")) + writer.uint32(/* id 4, wireType 0 =*/32).int32(message.writeMode); + return writer; + }; + + /** + * Encodes the specified BigQueryDestination message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.IBigQueryDestination} message BigQueryDestination message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + BigQueryDestination.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a BigQueryDestination message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination} BigQueryDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + BigQueryDestination.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.dataset = reader.string(); + break; + case 2: + message.tablePrefix = reader.string(); + break; + case 3: + message.partitionKey = reader.int32(); + break; + case 4: + message.writeMode = reader.int32(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a BigQueryDestination message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination} BigQueryDestination + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + BigQueryDestination.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a BigQueryDestination message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + BigQueryDestination.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.dataset != null && message.hasOwnProperty("dataset")) + if (!$util.isString(message.dataset)) + return "dataset: string expected"; + if (message.tablePrefix != null && message.hasOwnProperty("tablePrefix")) + if (!$util.isString(message.tablePrefix)) + return "tablePrefix: string expected"; + if (message.partitionKey != null && message.hasOwnProperty("partitionKey")) + switch (message.partitionKey) { + default: + return "partitionKey: enum value expected"; + case 0: + case 1: + break; + } + if (message.writeMode != null && message.hasOwnProperty("writeMode")) + switch (message.writeMode) { + default: + return "writeMode: enum value expected"; + case 0: + case 1: + case 2: + break; + } + return null; + }; + + /** + * Creates a BigQueryDestination message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination} BigQueryDestination + */ + BigQueryDestination.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination(); + if (object.dataset != null) + message.dataset = String(object.dataset); + if (object.tablePrefix != null) + message.tablePrefix = String(object.tablePrefix); + switch (object.partitionKey) { + case "PARTITION_KEY_UNSPECIFIED": + case 0: + message.partitionKey = 0; + break; + case "REQUEST_TIME": + case 1: + message.partitionKey = 1; + break; + } + switch (object.writeMode) { + case "WRITE_MODE_UNSPECIFIED": + case 0: + message.writeMode = 0; + break; + case "ABORT": + case 1: + message.writeMode = 1; + break; + case "OVERWRITE": + case 2: + message.writeMode = 2; + break; + } + return message; + }; + + /** + * Creates a plain object from a BigQueryDestination message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination} message BigQueryDestination + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + BigQueryDestination.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.dataset = ""; + object.tablePrefix = ""; + object.partitionKey = options.enums === String ? "PARTITION_KEY_UNSPECIFIED" : 0; + object.writeMode = options.enums === String ? "WRITE_MODE_UNSPECIFIED" : 0; + } + if (message.dataset != null && message.hasOwnProperty("dataset")) + object.dataset = message.dataset; + if (message.tablePrefix != null && message.hasOwnProperty("tablePrefix")) + object.tablePrefix = message.tablePrefix; + if (message.partitionKey != null && message.hasOwnProperty("partitionKey")) + object.partitionKey = options.enums === String ? $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey[message.partitionKey] : message.partitionKey; + if (message.writeMode != null && message.hasOwnProperty("writeMode")) + object.writeMode = options.enums === String ? $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode[message.writeMode] : message.writeMode; + return object; + }; + + /** + * Converts this BigQueryDestination to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination + * @instance + * @returns {Object.} JSON object + */ + BigQueryDestination.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * PartitionKey enum. + * @name google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey + * @enum {number} + * @property {number} PARTITION_KEY_UNSPECIFIED=0 PARTITION_KEY_UNSPECIFIED value + * @property {number} REQUEST_TIME=1 REQUEST_TIME value + */ + BigQueryDestination.PartitionKey = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "PARTITION_KEY_UNSPECIFIED"] = 0; + values[valuesById[1] = "REQUEST_TIME"] = 1; + return values; + })(); + + /** + * WriteMode enum. + * @name google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode + * @enum {number} + * @property {number} WRITE_MODE_UNSPECIFIED=0 WRITE_MODE_UNSPECIFIED value + * @property {number} ABORT=1 ABORT value + * @property {number} OVERWRITE=2 OVERWRITE value + */ + BigQueryDestination.WriteMode = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "WRITE_MODE_UNSPECIFIED"] = 0; + values[valuesById[1] = "ABORT"] = 1; + values[valuesById[2] = "OVERWRITE"] = 2; + return values; + })(); + + return BigQueryDestination; + })(); + + return IamPolicyAnalysisOutputConfig; + })(); + + v1.ExportIamPolicyAnalysisRequest = (function() { /** - * Verifies an IamPolicySearchResult message. + * Properties of an ExportIamPolicyAnalysisRequest. + * @memberof google.cloud.asset.v1 + * @interface IExportIamPolicyAnalysisRequest + * @property {google.cloud.asset.v1.IIamPolicyAnalysisQuery|null} [analysisQuery] ExportIamPolicyAnalysisRequest analysisQuery + * @property {google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig|null} [outputConfig] ExportIamPolicyAnalysisRequest outputConfig + */ + + /** + * Constructs a new ExportIamPolicyAnalysisRequest. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an ExportIamPolicyAnalysisRequest. + * @implements IExportIamPolicyAnalysisRequest + * @constructor + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisRequest=} [properties] Properties to set + */ + function ExportIamPolicyAnalysisRequest(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * ExportIamPolicyAnalysisRequest analysisQuery. + * @member {google.cloud.asset.v1.IIamPolicyAnalysisQuery|null|undefined} analysisQuery + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @instance + */ + ExportIamPolicyAnalysisRequest.prototype.analysisQuery = null; + + /** + * ExportIamPolicyAnalysisRequest outputConfig. + * @member {google.cloud.asset.v1.IIamPolicyAnalysisOutputConfig|null|undefined} outputConfig + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @instance + */ + ExportIamPolicyAnalysisRequest.prototype.outputConfig = null; + + /** + * Creates a new ExportIamPolicyAnalysisRequest instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @static + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisRequest=} [properties] Properties to set + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisRequest} ExportIamPolicyAnalysisRequest instance + */ + ExportIamPolicyAnalysisRequest.create = function create(properties) { + return new ExportIamPolicyAnalysisRequest(properties); + }; + + /** + * Encodes the specified ExportIamPolicyAnalysisRequest message. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisRequest.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @static + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisRequest} message ExportIamPolicyAnalysisRequest message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ExportIamPolicyAnalysisRequest.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.analysisQuery != null && Object.hasOwnProperty.call(message, "analysisQuery")) + $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.encode(message.analysisQuery, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.outputConfig != null && Object.hasOwnProperty.call(message, "outputConfig")) + $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.encode(message.outputConfig, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified ExportIamPolicyAnalysisRequest message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisRequest.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @static + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisRequest} message ExportIamPolicyAnalysisRequest message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ExportIamPolicyAnalysisRequest.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an ExportIamPolicyAnalysisRequest message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisRequest} ExportIamPolicyAnalysisRequest + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ExportIamPolicyAnalysisRequest.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.decode(reader, reader.uint32()); + break; + case 2: + message.outputConfig = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an ExportIamPolicyAnalysisRequest message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisRequest} ExportIamPolicyAnalysisRequest + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ExportIamPolicyAnalysisRequest.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an ExportIamPolicyAnalysisRequest message. * @function verify - * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest * @static * @param {Object.} message Plain object to verify * @returns {string|null} `null` if valid, otherwise the reason why it is not */ - IamPolicySearchResult.verify = function verify(message) { + ExportIamPolicyAnalysisRequest.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; - if (message.resource != null && message.hasOwnProperty("resource")) - if (!$util.isString(message.resource)) - return "resource: string expected"; - if (message.project != null && message.hasOwnProperty("project")) - if (!$util.isString(message.project)) - return "project: string expected"; - if (message.policy != null && message.hasOwnProperty("policy")) { - var error = $root.google.iam.v1.Policy.verify(message.policy); + if (message.analysisQuery != null && message.hasOwnProperty("analysisQuery")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.verify(message.analysisQuery); if (error) - return "policy." + error; + return "analysisQuery." + error; } - if (message.explanation != null && message.hasOwnProperty("explanation")) { - var error = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify(message.explanation); + if (message.outputConfig != null && message.hasOwnProperty("outputConfig")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.verify(message.outputConfig); if (error) - return "explanation." + error; + return "outputConfig." + error; + } + return null; + }; + + /** + * Creates an ExportIamPolicyAnalysisRequest message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisRequest} ExportIamPolicyAnalysisRequest + */ + ExportIamPolicyAnalysisRequest.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest) + return object; + var message = new $root.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest(); + if (object.analysisQuery != null) { + if (typeof object.analysisQuery !== "object") + throw TypeError(".google.cloud.asset.v1.ExportIamPolicyAnalysisRequest.analysisQuery: object expected"); + message.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.fromObject(object.analysisQuery); + } + if (object.outputConfig != null) { + if (typeof object.outputConfig !== "object") + throw TypeError(".google.cloud.asset.v1.ExportIamPolicyAnalysisRequest.outputConfig: object expected"); + message.outputConfig = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.fromObject(object.outputConfig); + } + return message; + }; + + /** + * Creates a plain object from an ExportIamPolicyAnalysisRequest message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @static + * @param {google.cloud.asset.v1.ExportIamPolicyAnalysisRequest} message ExportIamPolicyAnalysisRequest + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + ExportIamPolicyAnalysisRequest.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.analysisQuery = null; + object.outputConfig = null; + } + if (message.analysisQuery != null && message.hasOwnProperty("analysisQuery")) + object.analysisQuery = $root.google.cloud.asset.v1.IamPolicyAnalysisQuery.toObject(message.analysisQuery, options); + if (message.outputConfig != null && message.hasOwnProperty("outputConfig")) + object.outputConfig = $root.google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.toObject(message.outputConfig, options); + return object; + }; + + /** + * Converts this ExportIamPolicyAnalysisRequest to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + * @instance + * @returns {Object.} JSON object + */ + ExportIamPolicyAnalysisRequest.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return ExportIamPolicyAnalysisRequest; + })(); + + v1.ExportIamPolicyAnalysisResponse = (function() { + + /** + * Properties of an ExportIamPolicyAnalysisResponse. + * @memberof google.cloud.asset.v1 + * @interface IExportIamPolicyAnalysisResponse + */ + + /** + * Constructs a new ExportIamPolicyAnalysisResponse. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an ExportIamPolicyAnalysisResponse. + * @implements IExportIamPolicyAnalysisResponse + * @constructor + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisResponse=} [properties] Properties to set + */ + function ExportIamPolicyAnalysisResponse(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Creates a new ExportIamPolicyAnalysisResponse instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisResponse=} [properties] Properties to set + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisResponse} ExportIamPolicyAnalysisResponse instance + */ + ExportIamPolicyAnalysisResponse.create = function create(properties) { + return new ExportIamPolicyAnalysisResponse(properties); + }; + + /** + * Encodes the specified ExportIamPolicyAnalysisResponse message. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisResponse.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisResponse} message ExportIamPolicyAnalysisResponse message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ExportIamPolicyAnalysisResponse.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + return writer; + }; + + /** + * Encodes the specified ExportIamPolicyAnalysisResponse message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ExportIamPolicyAnalysisResponse.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {google.cloud.asset.v1.IExportIamPolicyAnalysisResponse} message ExportIamPolicyAnalysisResponse message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ExportIamPolicyAnalysisResponse.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an ExportIamPolicyAnalysisResponse message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisResponse} ExportIamPolicyAnalysisResponse + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ExportIamPolicyAnalysisResponse.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.ExportIamPolicyAnalysisResponse(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + default: + reader.skipType(tag & 7); + break; + } } + return message; + }; + + /** + * Decodes an ExportIamPolicyAnalysisResponse message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisResponse} ExportIamPolicyAnalysisResponse + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ExportIamPolicyAnalysisResponse.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an ExportIamPolicyAnalysisResponse message. + * @function verify + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + ExportIamPolicyAnalysisResponse.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; return null; }; - /** - * Creates an IamPolicySearchResult message from a plain object. Also converts values to their respective internal types. - * @function fromObject - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @static - * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult - */ - IamPolicySearchResult.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.IamPolicySearchResult) + /** + * Creates an ExportIamPolicyAnalysisResponse message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.ExportIamPolicyAnalysisResponse} ExportIamPolicyAnalysisResponse + */ + ExportIamPolicyAnalysisResponse.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.ExportIamPolicyAnalysisResponse) + return object; + return new $root.google.cloud.asset.v1.ExportIamPolicyAnalysisResponse(); + }; + + /** + * Creates a plain object from an ExportIamPolicyAnalysisResponse message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @static + * @param {google.cloud.asset.v1.ExportIamPolicyAnalysisResponse} message ExportIamPolicyAnalysisResponse + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + ExportIamPolicyAnalysisResponse.toObject = function toObject() { + return {}; + }; + + /** + * Converts this ExportIamPolicyAnalysisResponse to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.ExportIamPolicyAnalysisResponse + * @instance + * @returns {Object.} JSON object + */ + ExportIamPolicyAnalysisResponse.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return ExportIamPolicyAnalysisResponse; + })(); + + /** + * ContentType enum. + * @name google.cloud.asset.v1.ContentType + * @enum {number} + * @property {number} CONTENT_TYPE_UNSPECIFIED=0 CONTENT_TYPE_UNSPECIFIED value + * @property {number} RESOURCE=1 RESOURCE value + * @property {number} IAM_POLICY=2 IAM_POLICY value + * @property {number} ORG_POLICY=4 ORG_POLICY value + * @property {number} ACCESS_POLICY=5 ACCESS_POLICY value + */ + v1.ContentType = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "CONTENT_TYPE_UNSPECIFIED"] = 0; + values[valuesById[1] = "RESOURCE"] = 1; + values[valuesById[2] = "IAM_POLICY"] = 2; + values[valuesById[4] = "ORG_POLICY"] = 4; + values[valuesById[5] = "ACCESS_POLICY"] = 5; + return values; + })(); + + v1.TemporalAsset = (function() { + + /** + * Properties of a TemporalAsset. + * @memberof google.cloud.asset.v1 + * @interface ITemporalAsset + * @property {google.cloud.asset.v1.ITimeWindow|null} [window] TemporalAsset window + * @property {boolean|null} [deleted] TemporalAsset deleted + * @property {google.cloud.asset.v1.IAsset|null} [asset] TemporalAsset asset + * @property {google.cloud.asset.v1.TemporalAsset.PriorAssetState|null} [priorAssetState] TemporalAsset priorAssetState + * @property {google.cloud.asset.v1.IAsset|null} [priorAsset] TemporalAsset priorAsset + */ + + /** + * Constructs a new TemporalAsset. + * @memberof google.cloud.asset.v1 + * @classdesc Represents a TemporalAsset. + * @implements ITemporalAsset + * @constructor + * @param {google.cloud.asset.v1.ITemporalAsset=} [properties] Properties to set + */ + function TemporalAsset(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * TemporalAsset window. + * @member {google.cloud.asset.v1.ITimeWindow|null|undefined} window + * @memberof google.cloud.asset.v1.TemporalAsset + * @instance + */ + TemporalAsset.prototype.window = null; + + /** + * TemporalAsset deleted. + * @member {boolean} deleted + * @memberof google.cloud.asset.v1.TemporalAsset + * @instance + */ + TemporalAsset.prototype.deleted = false; + + /** + * TemporalAsset asset. + * @member {google.cloud.asset.v1.IAsset|null|undefined} asset + * @memberof google.cloud.asset.v1.TemporalAsset + * @instance + */ + TemporalAsset.prototype.asset = null; + + /** + * TemporalAsset priorAssetState. + * @member {google.cloud.asset.v1.TemporalAsset.PriorAssetState} priorAssetState + * @memberof google.cloud.asset.v1.TemporalAsset + * @instance + */ + TemporalAsset.prototype.priorAssetState = 0; + + /** + * TemporalAsset priorAsset. + * @member {google.cloud.asset.v1.IAsset|null|undefined} priorAsset + * @memberof google.cloud.asset.v1.TemporalAsset + * @instance + */ + TemporalAsset.prototype.priorAsset = null; + + /** + * Creates a new TemporalAsset instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {google.cloud.asset.v1.ITemporalAsset=} [properties] Properties to set + * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset instance + */ + TemporalAsset.create = function create(properties) { + return new TemporalAsset(properties); + }; + + /** + * Encodes the specified TemporalAsset message. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {google.cloud.asset.v1.ITemporalAsset} message TemporalAsset message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + TemporalAsset.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.window != null && Object.hasOwnProperty.call(message, "window")) + $root.google.cloud.asset.v1.TimeWindow.encode(message.window, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.deleted != null && Object.hasOwnProperty.call(message, "deleted")) + writer.uint32(/* id 2, wireType 0 =*/16).bool(message.deleted); + if (message.asset != null && Object.hasOwnProperty.call(message, "asset")) + $root.google.cloud.asset.v1.Asset.encode(message.asset, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + if (message.priorAssetState != null && Object.hasOwnProperty.call(message, "priorAssetState")) + writer.uint32(/* id 4, wireType 0 =*/32).int32(message.priorAssetState); + if (message.priorAsset != null && Object.hasOwnProperty.call(message, "priorAsset")) + $root.google.cloud.asset.v1.Asset.encode(message.priorAsset, writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified TemporalAsset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TemporalAsset.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {google.cloud.asset.v1.ITemporalAsset} message TemporalAsset message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + TemporalAsset.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a TemporalAsset message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + TemporalAsset.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.TemporalAsset(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.window = $root.google.cloud.asset.v1.TimeWindow.decode(reader, reader.uint32()); + break; + case 2: + message.deleted = reader.bool(); + break; + case 3: + message.asset = $root.google.cloud.asset.v1.Asset.decode(reader, reader.uint32()); + break; + case 4: + message.priorAssetState = reader.int32(); + break; + case 5: + message.priorAsset = $root.google.cloud.asset.v1.Asset.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a TemporalAsset message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + TemporalAsset.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a TemporalAsset message. + * @function verify + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + TemporalAsset.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.window != null && message.hasOwnProperty("window")) { + var error = $root.google.cloud.asset.v1.TimeWindow.verify(message.window); + if (error) + return "window." + error; + } + if (message.deleted != null && message.hasOwnProperty("deleted")) + if (typeof message.deleted !== "boolean") + return "deleted: boolean expected"; + if (message.asset != null && message.hasOwnProperty("asset")) { + var error = $root.google.cloud.asset.v1.Asset.verify(message.asset); + if (error) + return "asset." + error; + } + if (message.priorAssetState != null && message.hasOwnProperty("priorAssetState")) + switch (message.priorAssetState) { + default: + return "priorAssetState: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + break; + } + if (message.priorAsset != null && message.hasOwnProperty("priorAsset")) { + var error = $root.google.cloud.asset.v1.Asset.verify(message.priorAsset); + if (error) + return "priorAsset." + error; + } + return null; + }; + + /** + * Creates a TemporalAsset message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.TemporalAsset} TemporalAsset + */ + TemporalAsset.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.TemporalAsset) + return object; + var message = new $root.google.cloud.asset.v1.TemporalAsset(); + if (object.window != null) { + if (typeof object.window !== "object") + throw TypeError(".google.cloud.asset.v1.TemporalAsset.window: object expected"); + message.window = $root.google.cloud.asset.v1.TimeWindow.fromObject(object.window); + } + if (object.deleted != null) + message.deleted = Boolean(object.deleted); + if (object.asset != null) { + if (typeof object.asset !== "object") + throw TypeError(".google.cloud.asset.v1.TemporalAsset.asset: object expected"); + message.asset = $root.google.cloud.asset.v1.Asset.fromObject(object.asset); + } + switch (object.priorAssetState) { + case "PRIOR_ASSET_STATE_UNSPECIFIED": + case 0: + message.priorAssetState = 0; + break; + case "PRESENT": + case 1: + message.priorAssetState = 1; + break; + case "INVALID": + case 2: + message.priorAssetState = 2; + break; + case "DOES_NOT_EXIST": + case 3: + message.priorAssetState = 3; + break; + case "DELETED": + case 4: + message.priorAssetState = 4; + break; + } + if (object.priorAsset != null) { + if (typeof object.priorAsset !== "object") + throw TypeError(".google.cloud.asset.v1.TemporalAsset.priorAsset: object expected"); + message.priorAsset = $root.google.cloud.asset.v1.Asset.fromObject(object.priorAsset); + } + return message; + }; + + /** + * Creates a plain object from a TemporalAsset message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.TemporalAsset + * @static + * @param {google.cloud.asset.v1.TemporalAsset} message TemporalAsset + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + TemporalAsset.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.window = null; + object.deleted = false; + object.asset = null; + object.priorAssetState = options.enums === String ? "PRIOR_ASSET_STATE_UNSPECIFIED" : 0; + object.priorAsset = null; + } + if (message.window != null && message.hasOwnProperty("window")) + object.window = $root.google.cloud.asset.v1.TimeWindow.toObject(message.window, options); + if (message.deleted != null && message.hasOwnProperty("deleted")) + object.deleted = message.deleted; + if (message.asset != null && message.hasOwnProperty("asset")) + object.asset = $root.google.cloud.asset.v1.Asset.toObject(message.asset, options); + if (message.priorAssetState != null && message.hasOwnProperty("priorAssetState")) + object.priorAssetState = options.enums === String ? $root.google.cloud.asset.v1.TemporalAsset.PriorAssetState[message.priorAssetState] : message.priorAssetState; + if (message.priorAsset != null && message.hasOwnProperty("priorAsset")) + object.priorAsset = $root.google.cloud.asset.v1.Asset.toObject(message.priorAsset, options); + return object; + }; + + /** + * Converts this TemporalAsset to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.TemporalAsset + * @instance + * @returns {Object.} JSON object + */ + TemporalAsset.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * PriorAssetState enum. + * @name google.cloud.asset.v1.TemporalAsset.PriorAssetState + * @enum {number} + * @property {number} PRIOR_ASSET_STATE_UNSPECIFIED=0 PRIOR_ASSET_STATE_UNSPECIFIED value + * @property {number} PRESENT=1 PRESENT value + * @property {number} INVALID=2 INVALID value + * @property {number} DOES_NOT_EXIST=3 DOES_NOT_EXIST value + * @property {number} DELETED=4 DELETED value + */ + TemporalAsset.PriorAssetState = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "PRIOR_ASSET_STATE_UNSPECIFIED"] = 0; + values[valuesById[1] = "PRESENT"] = 1; + values[valuesById[2] = "INVALID"] = 2; + values[valuesById[3] = "DOES_NOT_EXIST"] = 3; + values[valuesById[4] = "DELETED"] = 4; + return values; + })(); + + return TemporalAsset; + })(); + + v1.TimeWindow = (function() { + + /** + * Properties of a TimeWindow. + * @memberof google.cloud.asset.v1 + * @interface ITimeWindow + * @property {google.protobuf.ITimestamp|null} [startTime] TimeWindow startTime + * @property {google.protobuf.ITimestamp|null} [endTime] TimeWindow endTime + */ + + /** + * Constructs a new TimeWindow. + * @memberof google.cloud.asset.v1 + * @classdesc Represents a TimeWindow. + * @implements ITimeWindow + * @constructor + * @param {google.cloud.asset.v1.ITimeWindow=} [properties] Properties to set + */ + function TimeWindow(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * TimeWindow startTime. + * @member {google.protobuf.ITimestamp|null|undefined} startTime + * @memberof google.cloud.asset.v1.TimeWindow + * @instance + */ + TimeWindow.prototype.startTime = null; + + /** + * TimeWindow endTime. + * @member {google.protobuf.ITimestamp|null|undefined} endTime + * @memberof google.cloud.asset.v1.TimeWindow + * @instance + */ + TimeWindow.prototype.endTime = null; + + /** + * Creates a new TimeWindow instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {google.cloud.asset.v1.ITimeWindow=} [properties] Properties to set + * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow instance + */ + TimeWindow.create = function create(properties) { + return new TimeWindow(properties); + }; + + /** + * Encodes the specified TimeWindow message. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {google.cloud.asset.v1.ITimeWindow} message TimeWindow message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + TimeWindow.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.startTime != null && Object.hasOwnProperty.call(message, "startTime")) + $root.google.protobuf.Timestamp.encode(message.startTime, writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.endTime != null && Object.hasOwnProperty.call(message, "endTime")) + $root.google.protobuf.Timestamp.encode(message.endTime, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified TimeWindow message, length delimited. Does not implicitly {@link google.cloud.asset.v1.TimeWindow.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {google.cloud.asset.v1.ITimeWindow} message TimeWindow message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + TimeWindow.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a TimeWindow message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + TimeWindow.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.TimeWindow(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.startTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); + break; + case 2: + message.endTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a TimeWindow message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + TimeWindow.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a TimeWindow message. + * @function verify + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + TimeWindow.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.startTime != null && message.hasOwnProperty("startTime")) { + var error = $root.google.protobuf.Timestamp.verify(message.startTime); + if (error) + return "startTime." + error; + } + if (message.endTime != null && message.hasOwnProperty("endTime")) { + var error = $root.google.protobuf.Timestamp.verify(message.endTime); + if (error) + return "endTime." + error; + } + return null; + }; + + /** + * Creates a TimeWindow message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.TimeWindow} TimeWindow + */ + TimeWindow.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.TimeWindow) + return object; + var message = new $root.google.cloud.asset.v1.TimeWindow(); + if (object.startTime != null) { + if (typeof object.startTime !== "object") + throw TypeError(".google.cloud.asset.v1.TimeWindow.startTime: object expected"); + message.startTime = $root.google.protobuf.Timestamp.fromObject(object.startTime); + } + if (object.endTime != null) { + if (typeof object.endTime !== "object") + throw TypeError(".google.cloud.asset.v1.TimeWindow.endTime: object expected"); + message.endTime = $root.google.protobuf.Timestamp.fromObject(object.endTime); + } + return message; + }; + + /** + * Creates a plain object from a TimeWindow message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.TimeWindow + * @static + * @param {google.cloud.asset.v1.TimeWindow} message TimeWindow + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + TimeWindow.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.startTime = null; + object.endTime = null; + } + if (message.startTime != null && message.hasOwnProperty("startTime")) + object.startTime = $root.google.protobuf.Timestamp.toObject(message.startTime, options); + if (message.endTime != null && message.hasOwnProperty("endTime")) + object.endTime = $root.google.protobuf.Timestamp.toObject(message.endTime, options); + return object; + }; + + /** + * Converts this TimeWindow to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.TimeWindow + * @instance + * @returns {Object.} JSON object + */ + TimeWindow.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return TimeWindow; + })(); + + v1.Asset = (function() { + + /** + * Properties of an Asset. + * @memberof google.cloud.asset.v1 + * @interface IAsset + * @property {google.protobuf.ITimestamp|null} [updateTime] Asset updateTime + * @property {string|null} [name] Asset name + * @property {string|null} [assetType] Asset assetType + * @property {google.cloud.asset.v1.IResource|null} [resource] Asset resource + * @property {google.iam.v1.IPolicy|null} [iamPolicy] Asset iamPolicy + * @property {Array.|null} [orgPolicy] Asset orgPolicy + * @property {google.identity.accesscontextmanager.v1.IAccessPolicy|null} [accessPolicy] Asset accessPolicy + * @property {google.identity.accesscontextmanager.v1.IAccessLevel|null} [accessLevel] Asset accessLevel + * @property {google.identity.accesscontextmanager.v1.IServicePerimeter|null} [servicePerimeter] Asset servicePerimeter + * @property {Array.|null} [ancestors] Asset ancestors + */ + + /** + * Constructs a new Asset. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an Asset. + * @implements IAsset + * @constructor + * @param {google.cloud.asset.v1.IAsset=} [properties] Properties to set + */ + function Asset(properties) { + this.orgPolicy = []; + this.ancestors = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Asset updateTime. + * @member {google.protobuf.ITimestamp|null|undefined} updateTime + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.updateTime = null; + + /** + * Asset name. + * @member {string} name + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.name = ""; + + /** + * Asset assetType. + * @member {string} assetType + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.assetType = ""; + + /** + * Asset resource. + * @member {google.cloud.asset.v1.IResource|null|undefined} resource + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.resource = null; + + /** + * Asset iamPolicy. + * @member {google.iam.v1.IPolicy|null|undefined} iamPolicy + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.iamPolicy = null; + + /** + * Asset orgPolicy. + * @member {Array.} orgPolicy + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.orgPolicy = $util.emptyArray; + + /** + * Asset accessPolicy. + * @member {google.identity.accesscontextmanager.v1.IAccessPolicy|null|undefined} accessPolicy + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.accessPolicy = null; + + /** + * Asset accessLevel. + * @member {google.identity.accesscontextmanager.v1.IAccessLevel|null|undefined} accessLevel + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.accessLevel = null; + + /** + * Asset servicePerimeter. + * @member {google.identity.accesscontextmanager.v1.IServicePerimeter|null|undefined} servicePerimeter + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.servicePerimeter = null; + + /** + * Asset ancestors. + * @member {Array.} ancestors + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Asset.prototype.ancestors = $util.emptyArray; + + // OneOf field names bound to virtual getters and setters + var $oneOfFields; + + /** + * Asset accessContextPolicy. + * @member {"accessPolicy"|"accessLevel"|"servicePerimeter"|undefined} accessContextPolicy + * @memberof google.cloud.asset.v1.Asset + * @instance + */ + Object.defineProperty(Asset.prototype, "accessContextPolicy", { + get: $util.oneOfGetter($oneOfFields = ["accessPolicy", "accessLevel", "servicePerimeter"]), + set: $util.oneOfSetter($oneOfFields) + }); + + /** + * Creates a new Asset instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {google.cloud.asset.v1.IAsset=} [properties] Properties to set + * @returns {google.cloud.asset.v1.Asset} Asset instance + */ + Asset.create = function create(properties) { + return new Asset(properties); + }; + + /** + * Encodes the specified Asset message. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {google.cloud.asset.v1.IAsset} message Asset message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Asset.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.name != null && Object.hasOwnProperty.call(message, "name")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); + if (message.assetType != null && Object.hasOwnProperty.call(message, "assetType")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.assetType); + if (message.resource != null && Object.hasOwnProperty.call(message, "resource")) + $root.google.cloud.asset.v1.Resource.encode(message.resource, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + if (message.iamPolicy != null && Object.hasOwnProperty.call(message, "iamPolicy")) + $root.google.iam.v1.Policy.encode(message.iamPolicy, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); + if (message.orgPolicy != null && message.orgPolicy.length) + for (var i = 0; i < message.orgPolicy.length; ++i) + $root.google.cloud.orgpolicy.v1.Policy.encode(message.orgPolicy[i], writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); + if (message.accessPolicy != null && Object.hasOwnProperty.call(message, "accessPolicy")) + $root.google.identity.accesscontextmanager.v1.AccessPolicy.encode(message.accessPolicy, writer.uint32(/* id 7, wireType 2 =*/58).fork()).ldelim(); + if (message.accessLevel != null && Object.hasOwnProperty.call(message, "accessLevel")) + $root.google.identity.accesscontextmanager.v1.AccessLevel.encode(message.accessLevel, writer.uint32(/* id 8, wireType 2 =*/66).fork()).ldelim(); + if (message.servicePerimeter != null && Object.hasOwnProperty.call(message, "servicePerimeter")) + $root.google.identity.accesscontextmanager.v1.ServicePerimeter.encode(message.servicePerimeter, writer.uint32(/* id 9, wireType 2 =*/74).fork()).ldelim(); + if (message.ancestors != null && message.ancestors.length) + for (var i = 0; i < message.ancestors.length; ++i) + writer.uint32(/* id 10, wireType 2 =*/82).string(message.ancestors[i]); + if (message.updateTime != null && Object.hasOwnProperty.call(message, "updateTime")) + $root.google.protobuf.Timestamp.encode(message.updateTime, writer.uint32(/* id 11, wireType 2 =*/90).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified Asset message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Asset.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {google.cloud.asset.v1.IAsset} message Asset message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Asset.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Asset message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.Asset} Asset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Asset.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.Asset(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 11: + message.updateTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); + break; + case 1: + message.name = reader.string(); + break; + case 2: + message.assetType = reader.string(); + break; + case 3: + message.resource = $root.google.cloud.asset.v1.Resource.decode(reader, reader.uint32()); + break; + case 4: + message.iamPolicy = $root.google.iam.v1.Policy.decode(reader, reader.uint32()); + break; + case 6: + if (!(message.orgPolicy && message.orgPolicy.length)) + message.orgPolicy = []; + message.orgPolicy.push($root.google.cloud.orgpolicy.v1.Policy.decode(reader, reader.uint32())); + break; + case 7: + message.accessPolicy = $root.google.identity.accesscontextmanager.v1.AccessPolicy.decode(reader, reader.uint32()); + break; + case 8: + message.accessLevel = $root.google.identity.accesscontextmanager.v1.AccessLevel.decode(reader, reader.uint32()); + break; + case 9: + message.servicePerimeter = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.decode(reader, reader.uint32()); + break; + case 10: + if (!(message.ancestors && message.ancestors.length)) + message.ancestors = []; + message.ancestors.push(reader.string()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Asset message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.Asset} Asset + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Asset.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Asset message. + * @function verify + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Asset.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + var properties = {}; + if (message.updateTime != null && message.hasOwnProperty("updateTime")) { + var error = $root.google.protobuf.Timestamp.verify(message.updateTime); + if (error) + return "updateTime." + error; + } + if (message.name != null && message.hasOwnProperty("name")) + if (!$util.isString(message.name)) + return "name: string expected"; + if (message.assetType != null && message.hasOwnProperty("assetType")) + if (!$util.isString(message.assetType)) + return "assetType: string expected"; + if (message.resource != null && message.hasOwnProperty("resource")) { + var error = $root.google.cloud.asset.v1.Resource.verify(message.resource); + if (error) + return "resource." + error; + } + if (message.iamPolicy != null && message.hasOwnProperty("iamPolicy")) { + var error = $root.google.iam.v1.Policy.verify(message.iamPolicy); + if (error) + return "iamPolicy." + error; + } + if (message.orgPolicy != null && message.hasOwnProperty("orgPolicy")) { + if (!Array.isArray(message.orgPolicy)) + return "orgPolicy: array expected"; + for (var i = 0; i < message.orgPolicy.length; ++i) { + var error = $root.google.cloud.orgpolicy.v1.Policy.verify(message.orgPolicy[i]); + if (error) + return "orgPolicy." + error; + } + } + if (message.accessPolicy != null && message.hasOwnProperty("accessPolicy")) { + properties.accessContextPolicy = 1; + { + var error = $root.google.identity.accesscontextmanager.v1.AccessPolicy.verify(message.accessPolicy); + if (error) + return "accessPolicy." + error; + } + } + if (message.accessLevel != null && message.hasOwnProperty("accessLevel")) { + if (properties.accessContextPolicy === 1) + return "accessContextPolicy: multiple values"; + properties.accessContextPolicy = 1; + { + var error = $root.google.identity.accesscontextmanager.v1.AccessLevel.verify(message.accessLevel); + if (error) + return "accessLevel." + error; + } + } + if (message.servicePerimeter != null && message.hasOwnProperty("servicePerimeter")) { + if (properties.accessContextPolicy === 1) + return "accessContextPolicy: multiple values"; + properties.accessContextPolicy = 1; + { + var error = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.verify(message.servicePerimeter); + if (error) + return "servicePerimeter." + error; + } + } + if (message.ancestors != null && message.hasOwnProperty("ancestors")) { + if (!Array.isArray(message.ancestors)) + return "ancestors: array expected"; + for (var i = 0; i < message.ancestors.length; ++i) + if (!$util.isString(message.ancestors[i])) + return "ancestors: string[] expected"; + } + return null; + }; + + /** + * Creates an Asset message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.Asset} Asset + */ + Asset.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.Asset) + return object; + var message = new $root.google.cloud.asset.v1.Asset(); + if (object.updateTime != null) { + if (typeof object.updateTime !== "object") + throw TypeError(".google.cloud.asset.v1.Asset.updateTime: object expected"); + message.updateTime = $root.google.protobuf.Timestamp.fromObject(object.updateTime); + } + if (object.name != null) + message.name = String(object.name); + if (object.assetType != null) + message.assetType = String(object.assetType); + if (object.resource != null) { + if (typeof object.resource !== "object") + throw TypeError(".google.cloud.asset.v1.Asset.resource: object expected"); + message.resource = $root.google.cloud.asset.v1.Resource.fromObject(object.resource); + } + if (object.iamPolicy != null) { + if (typeof object.iamPolicy !== "object") + throw TypeError(".google.cloud.asset.v1.Asset.iamPolicy: object expected"); + message.iamPolicy = $root.google.iam.v1.Policy.fromObject(object.iamPolicy); + } + if (object.orgPolicy) { + if (!Array.isArray(object.orgPolicy)) + throw TypeError(".google.cloud.asset.v1.Asset.orgPolicy: array expected"); + message.orgPolicy = []; + for (var i = 0; i < object.orgPolicy.length; ++i) { + if (typeof object.orgPolicy[i] !== "object") + throw TypeError(".google.cloud.asset.v1.Asset.orgPolicy: object expected"); + message.orgPolicy[i] = $root.google.cloud.orgpolicy.v1.Policy.fromObject(object.orgPolicy[i]); + } + } + if (object.accessPolicy != null) { + if (typeof object.accessPolicy !== "object") + throw TypeError(".google.cloud.asset.v1.Asset.accessPolicy: object expected"); + message.accessPolicy = $root.google.identity.accesscontextmanager.v1.AccessPolicy.fromObject(object.accessPolicy); + } + if (object.accessLevel != null) { + if (typeof object.accessLevel !== "object") + throw TypeError(".google.cloud.asset.v1.Asset.accessLevel: object expected"); + message.accessLevel = $root.google.identity.accesscontextmanager.v1.AccessLevel.fromObject(object.accessLevel); + } + if (object.servicePerimeter != null) { + if (typeof object.servicePerimeter !== "object") + throw TypeError(".google.cloud.asset.v1.Asset.servicePerimeter: object expected"); + message.servicePerimeter = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.fromObject(object.servicePerimeter); + } + if (object.ancestors) { + if (!Array.isArray(object.ancestors)) + throw TypeError(".google.cloud.asset.v1.Asset.ancestors: array expected"); + message.ancestors = []; + for (var i = 0; i < object.ancestors.length; ++i) + message.ancestors[i] = String(object.ancestors[i]); + } + return message; + }; + + /** + * Creates a plain object from an Asset message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.Asset + * @static + * @param {google.cloud.asset.v1.Asset} message Asset + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Asset.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) { + object.orgPolicy = []; + object.ancestors = []; + } + if (options.defaults) { + object.name = ""; + object.assetType = ""; + object.resource = null; + object.iamPolicy = null; + object.updateTime = null; + } + if (message.name != null && message.hasOwnProperty("name")) + object.name = message.name; + if (message.assetType != null && message.hasOwnProperty("assetType")) + object.assetType = message.assetType; + if (message.resource != null && message.hasOwnProperty("resource")) + object.resource = $root.google.cloud.asset.v1.Resource.toObject(message.resource, options); + if (message.iamPolicy != null && message.hasOwnProperty("iamPolicy")) + object.iamPolicy = $root.google.iam.v1.Policy.toObject(message.iamPolicy, options); + if (message.orgPolicy && message.orgPolicy.length) { + object.orgPolicy = []; + for (var j = 0; j < message.orgPolicy.length; ++j) + object.orgPolicy[j] = $root.google.cloud.orgpolicy.v1.Policy.toObject(message.orgPolicy[j], options); + } + if (message.accessPolicy != null && message.hasOwnProperty("accessPolicy")) { + object.accessPolicy = $root.google.identity.accesscontextmanager.v1.AccessPolicy.toObject(message.accessPolicy, options); + if (options.oneofs) + object.accessContextPolicy = "accessPolicy"; + } + if (message.accessLevel != null && message.hasOwnProperty("accessLevel")) { + object.accessLevel = $root.google.identity.accesscontextmanager.v1.AccessLevel.toObject(message.accessLevel, options); + if (options.oneofs) + object.accessContextPolicy = "accessLevel"; + } + if (message.servicePerimeter != null && message.hasOwnProperty("servicePerimeter")) { + object.servicePerimeter = $root.google.identity.accesscontextmanager.v1.ServicePerimeter.toObject(message.servicePerimeter, options); + if (options.oneofs) + object.accessContextPolicy = "servicePerimeter"; + } + if (message.ancestors && message.ancestors.length) { + object.ancestors = []; + for (var j = 0; j < message.ancestors.length; ++j) + object.ancestors[j] = message.ancestors[j]; + } + if (message.updateTime != null && message.hasOwnProperty("updateTime")) + object.updateTime = $root.google.protobuf.Timestamp.toObject(message.updateTime, options); + return object; + }; + + /** + * Converts this Asset to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.Asset + * @instance + * @returns {Object.} JSON object + */ + Asset.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Asset; + })(); + + v1.Resource = (function() { + + /** + * Properties of a Resource. + * @memberof google.cloud.asset.v1 + * @interface IResource + * @property {string|null} [version] Resource version + * @property {string|null} [discoveryDocumentUri] Resource discoveryDocumentUri + * @property {string|null} [discoveryName] Resource discoveryName + * @property {string|null} [resourceUrl] Resource resourceUrl + * @property {string|null} [parent] Resource parent + * @property {google.protobuf.IStruct|null} [data] Resource data + * @property {string|null} [location] Resource location + */ + + /** + * Constructs a new Resource. + * @memberof google.cloud.asset.v1 + * @classdesc Represents a Resource. + * @implements IResource + * @constructor + * @param {google.cloud.asset.v1.IResource=} [properties] Properties to set + */ + function Resource(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Resource version. + * @member {string} version + * @memberof google.cloud.asset.v1.Resource + * @instance + */ + Resource.prototype.version = ""; + + /** + * Resource discoveryDocumentUri. + * @member {string} discoveryDocumentUri + * @memberof google.cloud.asset.v1.Resource + * @instance + */ + Resource.prototype.discoveryDocumentUri = ""; + + /** + * Resource discoveryName. + * @member {string} discoveryName + * @memberof google.cloud.asset.v1.Resource + * @instance + */ + Resource.prototype.discoveryName = ""; + + /** + * Resource resourceUrl. + * @member {string} resourceUrl + * @memberof google.cloud.asset.v1.Resource + * @instance + */ + Resource.prototype.resourceUrl = ""; + + /** + * Resource parent. + * @member {string} parent + * @memberof google.cloud.asset.v1.Resource + * @instance + */ + Resource.prototype.parent = ""; + + /** + * Resource data. + * @member {google.protobuf.IStruct|null|undefined} data + * @memberof google.cloud.asset.v1.Resource + * @instance + */ + Resource.prototype.data = null; + + /** + * Resource location. + * @member {string} location + * @memberof google.cloud.asset.v1.Resource + * @instance + */ + Resource.prototype.location = ""; + + /** + * Creates a new Resource instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {google.cloud.asset.v1.IResource=} [properties] Properties to set + * @returns {google.cloud.asset.v1.Resource} Resource instance + */ + Resource.create = function create(properties) { + return new Resource(properties); + }; + + /** + * Encodes the specified Resource message. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {google.cloud.asset.v1.IResource} message Resource message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Resource.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.version != null && Object.hasOwnProperty.call(message, "version")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.version); + if (message.discoveryDocumentUri != null && Object.hasOwnProperty.call(message, "discoveryDocumentUri")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.discoveryDocumentUri); + if (message.discoveryName != null && Object.hasOwnProperty.call(message, "discoveryName")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.discoveryName); + if (message.resourceUrl != null && Object.hasOwnProperty.call(message, "resourceUrl")) + writer.uint32(/* id 4, wireType 2 =*/34).string(message.resourceUrl); + if (message.parent != null && Object.hasOwnProperty.call(message, "parent")) + writer.uint32(/* id 5, wireType 2 =*/42).string(message.parent); + if (message.data != null && Object.hasOwnProperty.call(message, "data")) + $root.google.protobuf.Struct.encode(message.data, writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); + if (message.location != null && Object.hasOwnProperty.call(message, "location")) + writer.uint32(/* id 8, wireType 2 =*/66).string(message.location); + return writer; + }; + + /** + * Encodes the specified Resource message, length delimited. Does not implicitly {@link google.cloud.asset.v1.Resource.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {google.cloud.asset.v1.IResource} message Resource message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Resource.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Resource message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.Resource} Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Resource.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.Resource(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.version = reader.string(); + break; + case 2: + message.discoveryDocumentUri = reader.string(); + break; + case 3: + message.discoveryName = reader.string(); + break; + case 4: + message.resourceUrl = reader.string(); + break; + case 5: + message.parent = reader.string(); + break; + case 6: + message.data = $root.google.protobuf.Struct.decode(reader, reader.uint32()); + break; + case 8: + message.location = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Resource message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.Resource} Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Resource.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Resource message. + * @function verify + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Resource.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.version != null && message.hasOwnProperty("version")) + if (!$util.isString(message.version)) + return "version: string expected"; + if (message.discoveryDocumentUri != null && message.hasOwnProperty("discoveryDocumentUri")) + if (!$util.isString(message.discoveryDocumentUri)) + return "discoveryDocumentUri: string expected"; + if (message.discoveryName != null && message.hasOwnProperty("discoveryName")) + if (!$util.isString(message.discoveryName)) + return "discoveryName: string expected"; + if (message.resourceUrl != null && message.hasOwnProperty("resourceUrl")) + if (!$util.isString(message.resourceUrl)) + return "resourceUrl: string expected"; + if (message.parent != null && message.hasOwnProperty("parent")) + if (!$util.isString(message.parent)) + return "parent: string expected"; + if (message.data != null && message.hasOwnProperty("data")) { + var error = $root.google.protobuf.Struct.verify(message.data); + if (error) + return "data." + error; + } + if (message.location != null && message.hasOwnProperty("location")) + if (!$util.isString(message.location)) + return "location: string expected"; + return null; + }; + + /** + * Creates a Resource message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.Resource} Resource + */ + Resource.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.Resource) + return object; + var message = new $root.google.cloud.asset.v1.Resource(); + if (object.version != null) + message.version = String(object.version); + if (object.discoveryDocumentUri != null) + message.discoveryDocumentUri = String(object.discoveryDocumentUri); + if (object.discoveryName != null) + message.discoveryName = String(object.discoveryName); + if (object.resourceUrl != null) + message.resourceUrl = String(object.resourceUrl); + if (object.parent != null) + message.parent = String(object.parent); + if (object.data != null) { + if (typeof object.data !== "object") + throw TypeError(".google.cloud.asset.v1.Resource.data: object expected"); + message.data = $root.google.protobuf.Struct.fromObject(object.data); + } + if (object.location != null) + message.location = String(object.location); + return message; + }; + + /** + * Creates a plain object from a Resource message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.Resource + * @static + * @param {google.cloud.asset.v1.Resource} message Resource + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Resource.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.version = ""; + object.discoveryDocumentUri = ""; + object.discoveryName = ""; + object.resourceUrl = ""; + object.parent = ""; + object.data = null; + object.location = ""; + } + if (message.version != null && message.hasOwnProperty("version")) + object.version = message.version; + if (message.discoveryDocumentUri != null && message.hasOwnProperty("discoveryDocumentUri")) + object.discoveryDocumentUri = message.discoveryDocumentUri; + if (message.discoveryName != null && message.hasOwnProperty("discoveryName")) + object.discoveryName = message.discoveryName; + if (message.resourceUrl != null && message.hasOwnProperty("resourceUrl")) + object.resourceUrl = message.resourceUrl; + if (message.parent != null && message.hasOwnProperty("parent")) + object.parent = message.parent; + if (message.data != null && message.hasOwnProperty("data")) + object.data = $root.google.protobuf.Struct.toObject(message.data, options); + if (message.location != null && message.hasOwnProperty("location")) + object.location = message.location; + return object; + }; + + /** + * Converts this Resource to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.Resource + * @instance + * @returns {Object.} JSON object + */ + Resource.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Resource; + })(); + + v1.ResourceSearchResult = (function() { + + /** + * Properties of a ResourceSearchResult. + * @memberof google.cloud.asset.v1 + * @interface IResourceSearchResult + * @property {string|null} [name] ResourceSearchResult name + * @property {string|null} [assetType] ResourceSearchResult assetType + * @property {string|null} [project] ResourceSearchResult project + * @property {string|null} [displayName] ResourceSearchResult displayName + * @property {string|null} [description] ResourceSearchResult description + * @property {string|null} [location] ResourceSearchResult location + * @property {Object.|null} [labels] ResourceSearchResult labels + * @property {Array.|null} [networkTags] ResourceSearchResult networkTags + * @property {google.protobuf.IStruct|null} [additionalAttributes] ResourceSearchResult additionalAttributes + */ + + /** + * Constructs a new ResourceSearchResult. + * @memberof google.cloud.asset.v1 + * @classdesc Represents a ResourceSearchResult. + * @implements IResourceSearchResult + * @constructor + * @param {google.cloud.asset.v1.IResourceSearchResult=} [properties] Properties to set + */ + function ResourceSearchResult(properties) { + this.labels = {}; + this.networkTags = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * ResourceSearchResult name. + * @member {string} name + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.name = ""; + + /** + * ResourceSearchResult assetType. + * @member {string} assetType + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.assetType = ""; + + /** + * ResourceSearchResult project. + * @member {string} project + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.project = ""; + + /** + * ResourceSearchResult displayName. + * @member {string} displayName + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.displayName = ""; + + /** + * ResourceSearchResult description. + * @member {string} description + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.description = ""; + + /** + * ResourceSearchResult location. + * @member {string} location + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.location = ""; + + /** + * ResourceSearchResult labels. + * @member {Object.} labels + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.labels = $util.emptyObject; + + /** + * ResourceSearchResult networkTags. + * @member {Array.} networkTags + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.networkTags = $util.emptyArray; + + /** + * ResourceSearchResult additionalAttributes. + * @member {google.protobuf.IStruct|null|undefined} additionalAttributes + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + */ + ResourceSearchResult.prototype.additionalAttributes = null; + + /** + * Creates a new ResourceSearchResult instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {google.cloud.asset.v1.IResourceSearchResult=} [properties] Properties to set + * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult instance + */ + ResourceSearchResult.create = function create(properties) { + return new ResourceSearchResult(properties); + }; + + /** + * Encodes the specified ResourceSearchResult message. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {google.cloud.asset.v1.IResourceSearchResult} message ResourceSearchResult message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ResourceSearchResult.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.name != null && Object.hasOwnProperty.call(message, "name")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); + if (message.assetType != null && Object.hasOwnProperty.call(message, "assetType")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.assetType); + if (message.project != null && Object.hasOwnProperty.call(message, "project")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.project); + if (message.displayName != null && Object.hasOwnProperty.call(message, "displayName")) + writer.uint32(/* id 4, wireType 2 =*/34).string(message.displayName); + if (message.description != null && Object.hasOwnProperty.call(message, "description")) + writer.uint32(/* id 5, wireType 2 =*/42).string(message.description); + if (message.location != null && Object.hasOwnProperty.call(message, "location")) + writer.uint32(/* id 6, wireType 2 =*/50).string(message.location); + if (message.labels != null && Object.hasOwnProperty.call(message, "labels")) + for (var keys = Object.keys(message.labels), i = 0; i < keys.length; ++i) + writer.uint32(/* id 7, wireType 2 =*/58).fork().uint32(/* id 1, wireType 2 =*/10).string(keys[i]).uint32(/* id 2, wireType 2 =*/18).string(message.labels[keys[i]]).ldelim(); + if (message.networkTags != null && message.networkTags.length) + for (var i = 0; i < message.networkTags.length; ++i) + writer.uint32(/* id 8, wireType 2 =*/66).string(message.networkTags[i]); + if (message.additionalAttributes != null && Object.hasOwnProperty.call(message, "additionalAttributes")) + $root.google.protobuf.Struct.encode(message.additionalAttributes, writer.uint32(/* id 9, wireType 2 =*/74).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified ResourceSearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.ResourceSearchResult.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {google.cloud.asset.v1.IResourceSearchResult} message ResourceSearchResult message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + ResourceSearchResult.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a ResourceSearchResult message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ResourceSearchResult.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.ResourceSearchResult(), key, value; + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.name = reader.string(); + break; + case 2: + message.assetType = reader.string(); + break; + case 3: + message.project = reader.string(); + break; + case 4: + message.displayName = reader.string(); + break; + case 5: + message.description = reader.string(); + break; + case 6: + message.location = reader.string(); + break; + case 7: + if (message.labels === $util.emptyObject) + message.labels = {}; + var end2 = reader.uint32() + reader.pos; + key = ""; + value = ""; + while (reader.pos < end2) { + var tag2 = reader.uint32(); + switch (tag2 >>> 3) { + case 1: + key = reader.string(); + break; + case 2: + value = reader.string(); + break; + default: + reader.skipType(tag2 & 7); + break; + } + } + message.labels[key] = value; + break; + case 8: + if (!(message.networkTags && message.networkTags.length)) + message.networkTags = []; + message.networkTags.push(reader.string()); + break; + case 9: + message.additionalAttributes = $root.google.protobuf.Struct.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a ResourceSearchResult message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + ResourceSearchResult.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a ResourceSearchResult message. + * @function verify + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + ResourceSearchResult.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.name != null && message.hasOwnProperty("name")) + if (!$util.isString(message.name)) + return "name: string expected"; + if (message.assetType != null && message.hasOwnProperty("assetType")) + if (!$util.isString(message.assetType)) + return "assetType: string expected"; + if (message.project != null && message.hasOwnProperty("project")) + if (!$util.isString(message.project)) + return "project: string expected"; + if (message.displayName != null && message.hasOwnProperty("displayName")) + if (!$util.isString(message.displayName)) + return "displayName: string expected"; + if (message.description != null && message.hasOwnProperty("description")) + if (!$util.isString(message.description)) + return "description: string expected"; + if (message.location != null && message.hasOwnProperty("location")) + if (!$util.isString(message.location)) + return "location: string expected"; + if (message.labels != null && message.hasOwnProperty("labels")) { + if (!$util.isObject(message.labels)) + return "labels: object expected"; + var key = Object.keys(message.labels); + for (var i = 0; i < key.length; ++i) + if (!$util.isString(message.labels[key[i]])) + return "labels: string{k:string} expected"; + } + if (message.networkTags != null && message.hasOwnProperty("networkTags")) { + if (!Array.isArray(message.networkTags)) + return "networkTags: array expected"; + for (var i = 0; i < message.networkTags.length; ++i) + if (!$util.isString(message.networkTags[i])) + return "networkTags: string[] expected"; + } + if (message.additionalAttributes != null && message.hasOwnProperty("additionalAttributes")) { + var error = $root.google.protobuf.Struct.verify(message.additionalAttributes); + if (error) + return "additionalAttributes." + error; + } + return null; + }; + + /** + * Creates a ResourceSearchResult message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.ResourceSearchResult} ResourceSearchResult + */ + ResourceSearchResult.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.ResourceSearchResult) + return object; + var message = new $root.google.cloud.asset.v1.ResourceSearchResult(); + if (object.name != null) + message.name = String(object.name); + if (object.assetType != null) + message.assetType = String(object.assetType); + if (object.project != null) + message.project = String(object.project); + if (object.displayName != null) + message.displayName = String(object.displayName); + if (object.description != null) + message.description = String(object.description); + if (object.location != null) + message.location = String(object.location); + if (object.labels) { + if (typeof object.labels !== "object") + throw TypeError(".google.cloud.asset.v1.ResourceSearchResult.labels: object expected"); + message.labels = {}; + for (var keys = Object.keys(object.labels), i = 0; i < keys.length; ++i) + message.labels[keys[i]] = String(object.labels[keys[i]]); + } + if (object.networkTags) { + if (!Array.isArray(object.networkTags)) + throw TypeError(".google.cloud.asset.v1.ResourceSearchResult.networkTags: array expected"); + message.networkTags = []; + for (var i = 0; i < object.networkTags.length; ++i) + message.networkTags[i] = String(object.networkTags[i]); + } + if (object.additionalAttributes != null) { + if (typeof object.additionalAttributes !== "object") + throw TypeError(".google.cloud.asset.v1.ResourceSearchResult.additionalAttributes: object expected"); + message.additionalAttributes = $root.google.protobuf.Struct.fromObject(object.additionalAttributes); + } + return message; + }; + + /** + * Creates a plain object from a ResourceSearchResult message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @static + * @param {google.cloud.asset.v1.ResourceSearchResult} message ResourceSearchResult + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + ResourceSearchResult.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) + object.networkTags = []; + if (options.objects || options.defaults) + object.labels = {}; + if (options.defaults) { + object.name = ""; + object.assetType = ""; + object.project = ""; + object.displayName = ""; + object.description = ""; + object.location = ""; + object.additionalAttributes = null; + } + if (message.name != null && message.hasOwnProperty("name")) + object.name = message.name; + if (message.assetType != null && message.hasOwnProperty("assetType")) + object.assetType = message.assetType; + if (message.project != null && message.hasOwnProperty("project")) + object.project = message.project; + if (message.displayName != null && message.hasOwnProperty("displayName")) + object.displayName = message.displayName; + if (message.description != null && message.hasOwnProperty("description")) + object.description = message.description; + if (message.location != null && message.hasOwnProperty("location")) + object.location = message.location; + var keys2; + if (message.labels && (keys2 = Object.keys(message.labels)).length) { + object.labels = {}; + for (var j = 0; j < keys2.length; ++j) + object.labels[keys2[j]] = message.labels[keys2[j]]; + } + if (message.networkTags && message.networkTags.length) { + object.networkTags = []; + for (var j = 0; j < message.networkTags.length; ++j) + object.networkTags[j] = message.networkTags[j]; + } + if (message.additionalAttributes != null && message.hasOwnProperty("additionalAttributes")) + object.additionalAttributes = $root.google.protobuf.Struct.toObject(message.additionalAttributes, options); + return object; + }; + + /** + * Converts this ResourceSearchResult to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.ResourceSearchResult + * @instance + * @returns {Object.} JSON object + */ + ResourceSearchResult.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return ResourceSearchResult; + })(); + + v1.IamPolicySearchResult = (function() { + + /** + * Properties of an IamPolicySearchResult. + * @memberof google.cloud.asset.v1 + * @interface IIamPolicySearchResult + * @property {string|null} [resource] IamPolicySearchResult resource + * @property {string|null} [project] IamPolicySearchResult project + * @property {google.iam.v1.IPolicy|null} [policy] IamPolicySearchResult policy + * @property {google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null} [explanation] IamPolicySearchResult explanation + */ + + /** + * Constructs a new IamPolicySearchResult. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an IamPolicySearchResult. + * @implements IIamPolicySearchResult + * @constructor + * @param {google.cloud.asset.v1.IIamPolicySearchResult=} [properties] Properties to set + */ + function IamPolicySearchResult(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * IamPolicySearchResult resource. + * @member {string} resource + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @instance + */ + IamPolicySearchResult.prototype.resource = ""; + + /** + * IamPolicySearchResult project. + * @member {string} project + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @instance + */ + IamPolicySearchResult.prototype.project = ""; + + /** + * IamPolicySearchResult policy. + * @member {google.iam.v1.IPolicy|null|undefined} policy + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @instance + */ + IamPolicySearchResult.prototype.policy = null; + + /** + * IamPolicySearchResult explanation. + * @member {google.cloud.asset.v1.IamPolicySearchResult.IExplanation|null|undefined} explanation + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @instance + */ + IamPolicySearchResult.prototype.explanation = null; + + /** + * Creates a new IamPolicySearchResult instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {google.cloud.asset.v1.IIamPolicySearchResult=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult instance + */ + IamPolicySearchResult.create = function create(properties) { + return new IamPolicySearchResult(properties); + }; + + /** + * Encodes the specified IamPolicySearchResult message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {google.cloud.asset.v1.IIamPolicySearchResult} message IamPolicySearchResult message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicySearchResult.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.resource != null && Object.hasOwnProperty.call(message, "resource")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.resource); + if (message.project != null && Object.hasOwnProperty.call(message, "project")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.project); + if (message.policy != null && Object.hasOwnProperty.call(message, "policy")) + $root.google.iam.v1.Policy.encode(message.policy, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + if (message.explanation != null && Object.hasOwnProperty.call(message, "explanation")) + $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.encode(message.explanation, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified IamPolicySearchResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {google.cloud.asset.v1.IIamPolicySearchResult} message IamPolicySearchResult message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicySearchResult.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an IamPolicySearchResult message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicySearchResult.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicySearchResult(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.resource = reader.string(); + break; + case 2: + message.project = reader.string(); + break; + case 3: + message.policy = $root.google.iam.v1.Policy.decode(reader, reader.uint32()); + break; + case 4: + message.explanation = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an IamPolicySearchResult message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicySearchResult.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an IamPolicySearchResult message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + IamPolicySearchResult.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.resource != null && message.hasOwnProperty("resource")) + if (!$util.isString(message.resource)) + return "resource: string expected"; + if (message.project != null && message.hasOwnProperty("project")) + if (!$util.isString(message.project)) + return "project: string expected"; + if (message.policy != null && message.hasOwnProperty("policy")) { + var error = $root.google.iam.v1.Policy.verify(message.policy); + if (error) + return "policy." + error; + } + if (message.explanation != null && message.hasOwnProperty("explanation")) { + var error = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify(message.explanation); + if (error) + return "explanation." + error; + } + return null; + }; + + /** + * Creates an IamPolicySearchResult message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicySearchResult} IamPolicySearchResult + */ + IamPolicySearchResult.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicySearchResult) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicySearchResult(); + if (object.resource != null) + message.resource = String(object.resource); + if (object.project != null) + message.project = String(object.project); + if (object.policy != null) { + if (typeof object.policy !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.policy: object expected"); + message.policy = $root.google.iam.v1.Policy.fromObject(object.policy); + } + if (object.explanation != null) { + if (typeof object.explanation !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.explanation: object expected"); + message.explanation = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.fromObject(object.explanation); + } + return message; + }; + + /** + * Creates a plain object from an IamPolicySearchResult message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult} message IamPolicySearchResult + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + IamPolicySearchResult.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.resource = ""; + object.project = ""; + object.policy = null; + object.explanation = null; + } + if (message.resource != null && message.hasOwnProperty("resource")) + object.resource = message.resource; + if (message.project != null && message.hasOwnProperty("project")) + object.project = message.project; + if (message.policy != null && message.hasOwnProperty("policy")) + object.policy = $root.google.iam.v1.Policy.toObject(message.policy, options); + if (message.explanation != null && message.hasOwnProperty("explanation")) + object.explanation = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.toObject(message.explanation, options); + return object; + }; + + /** + * Converts this IamPolicySearchResult to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @instance + * @returns {Object.} JSON object + */ + IamPolicySearchResult.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + IamPolicySearchResult.Explanation = (function() { + + /** + * Properties of an Explanation. + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @interface IExplanation + * @property {Object.|null} [matchedPermissions] Explanation matchedPermissions + */ + + /** + * Constructs a new Explanation. + * @memberof google.cloud.asset.v1.IamPolicySearchResult + * @classdesc Represents an Explanation. + * @implements IExplanation + * @constructor + * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation=} [properties] Properties to set + */ + function Explanation(properties) { + this.matchedPermissions = {}; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Explanation matchedPermissions. + * @member {Object.} matchedPermissions + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @instance + */ + Explanation.prototype.matchedPermissions = $util.emptyObject; + + /** + * Creates a new Explanation instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation instance + */ + Explanation.create = function create(properties) { + return new Explanation(properties); + }; + + /** + * Encodes the specified Explanation message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation} message Explanation message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Explanation.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.matchedPermissions != null && Object.hasOwnProperty.call(message, "matchedPermissions")) + for (var keys = Object.keys(message.matchedPermissions), i = 0; i < keys.length; ++i) { + writer.uint32(/* id 1, wireType 2 =*/10).fork().uint32(/* id 1, wireType 2 =*/10).string(keys[i]); + $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.encode(message.matchedPermissions[keys[i]], writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim().ldelim(); + } + return writer; + }; + + /** + * Encodes the specified Explanation message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation} message Explanation message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Explanation.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Explanation message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Explanation.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation(), key, value; + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + if (message.matchedPermissions === $util.emptyObject) + message.matchedPermissions = {}; + var end2 = reader.uint32() + reader.pos; + key = ""; + value = null; + while (reader.pos < end2) { + var tag2 = reader.uint32(); + switch (tag2 >>> 3) { + case 1: + key = reader.string(); + break; + case 2: + value = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag2 & 7); + break; + } + } + message.matchedPermissions[key] = value; + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Explanation message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Explanation.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Explanation message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Explanation.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.matchedPermissions != null && message.hasOwnProperty("matchedPermissions")) { + if (!$util.isObject(message.matchedPermissions)) + return "matchedPermissions: object expected"; + var key = Object.keys(message.matchedPermissions); + for (var i = 0; i < key.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify(message.matchedPermissions[key[i]]); + if (error) + return "matchedPermissions." + error; + } + } + return null; + }; + + /** + * Creates an Explanation message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation + */ + Explanation.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation(); + if (object.matchedPermissions) { + if (typeof object.matchedPermissions !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.Explanation.matchedPermissions: object expected"); + message.matchedPermissions = {}; + for (var keys = Object.keys(object.matchedPermissions), i = 0; i < keys.length; ++i) { + if (typeof object.matchedPermissions[keys[i]] !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.Explanation.matchedPermissions: object expected"); + message.matchedPermissions[keys[i]] = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.fromObject(object.matchedPermissions[keys[i]]); + } + } + return message; + }; + + /** + * Creates a plain object from an Explanation message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation} message Explanation + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Explanation.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.objects || options.defaults) + object.matchedPermissions = {}; + var keys2; + if (message.matchedPermissions && (keys2 = Object.keys(message.matchedPermissions)).length) { + object.matchedPermissions = {}; + for (var j = 0; j < keys2.length; ++j) + object.matchedPermissions[keys2[j]] = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.toObject(message.matchedPermissions[keys2[j]], options); + } + return object; + }; + + /** + * Converts this Explanation to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @instance + * @returns {Object.} JSON object + */ + Explanation.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + Explanation.Permissions = (function() { + + /** + * Properties of a Permissions. + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @interface IPermissions + * @property {Array.|null} [permissions] Permissions permissions + */ + + /** + * Constructs a new Permissions. + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @classdesc Represents a Permissions. + * @implements IPermissions + * @constructor + * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions=} [properties] Properties to set + */ + function Permissions(properties) { + this.permissions = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Permissions permissions. + * @member {Array.} permissions + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @instance + */ + Permissions.prototype.permissions = $util.emptyArray; + + /** + * Creates a new Permissions instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions instance + */ + Permissions.create = function create(properties) { + return new Permissions(properties); + }; + + /** + * Encodes the specified Permissions message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions} message Permissions message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Permissions.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.permissions != null && message.permissions.length) + for (var i = 0; i < message.permissions.length; ++i) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.permissions[i]); + return writer; + }; + + /** + * Encodes the specified Permissions message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions} message Permissions message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Permissions.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Permissions message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Permissions.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + if (!(message.permissions && message.permissions.length)) + message.permissions = []; + message.permissions.push(reader.string()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Permissions message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Permissions.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Permissions message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Permissions.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.permissions != null && message.hasOwnProperty("permissions")) { + if (!Array.isArray(message.permissions)) + return "permissions: array expected"; + for (var i = 0; i < message.permissions.length; ++i) + if (!$util.isString(message.permissions[i])) + return "permissions: string[] expected"; + } + return null; + }; + + /** + * Creates a Permissions message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions + */ + Permissions.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions(); + if (object.permissions) { + if (!Array.isArray(object.permissions)) + throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.permissions: array expected"); + message.permissions = []; + for (var i = 0; i < object.permissions.length; ++i) + message.permissions[i] = String(object.permissions[i]); + } + return message; + }; + + /** + * Creates a plain object from a Permissions message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @static + * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} message Permissions + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Permissions.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) + object.permissions = []; + if (message.permissions && message.permissions.length) { + object.permissions = []; + for (var j = 0; j < message.permissions.length; ++j) + object.permissions[j] = message.permissions[j]; + } + return object; + }; + + /** + * Converts this Permissions to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions + * @instance + * @returns {Object.} JSON object + */ + Permissions.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Permissions; + })(); + + return Explanation; + })(); + + return IamPolicySearchResult; + })(); + + v1.IamPolicyAnalysisState = (function() { + + /** + * Properties of an IamPolicyAnalysisState. + * @memberof google.cloud.asset.v1 + * @interface IIamPolicyAnalysisState + * @property {google.rpc.Code|null} [code] IamPolicyAnalysisState code + * @property {string|null} [cause] IamPolicyAnalysisState cause + */ + + /** + * Constructs a new IamPolicyAnalysisState. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an IamPolicyAnalysisState. + * @implements IIamPolicyAnalysisState + * @constructor + * @param {google.cloud.asset.v1.IIamPolicyAnalysisState=} [properties] Properties to set + */ + function IamPolicyAnalysisState(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * IamPolicyAnalysisState code. + * @member {google.rpc.Code} code + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @instance + */ + IamPolicyAnalysisState.prototype.code = 0; + + /** + * IamPolicyAnalysisState cause. + * @member {string} cause + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @instance + */ + IamPolicyAnalysisState.prototype.cause = ""; + + /** + * Creates a new IamPolicyAnalysisState instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {google.cloud.asset.v1.IIamPolicyAnalysisState=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisState} IamPolicyAnalysisState instance + */ + IamPolicyAnalysisState.create = function create(properties) { + return new IamPolicyAnalysisState(properties); + }; + + /** + * Encodes the specified IamPolicyAnalysisState message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisState.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {google.cloud.asset.v1.IIamPolicyAnalysisState} message IamPolicyAnalysisState message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicyAnalysisState.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.code != null && Object.hasOwnProperty.call(message, "code")) + writer.uint32(/* id 1, wireType 0 =*/8).int32(message.code); + if (message.cause != null && Object.hasOwnProperty.call(message, "cause")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.cause); + return writer; + }; + + /** + * Encodes the specified IamPolicyAnalysisState message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisState.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {google.cloud.asset.v1.IIamPolicyAnalysisState} message IamPolicyAnalysisState message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicyAnalysisState.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an IamPolicyAnalysisState message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisState} IamPolicyAnalysisState + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicyAnalysisState.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisState(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.code = reader.int32(); + break; + case 2: + message.cause = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an IamPolicyAnalysisState message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisState} IamPolicyAnalysisState + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicyAnalysisState.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an IamPolicyAnalysisState message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + IamPolicyAnalysisState.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.code != null && message.hasOwnProperty("code")) + switch (message.code) { + default: + return "code: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + case 5: + case 6: + case 7: + case 16: + case 8: + case 9: + case 10: + case 11: + case 12: + case 13: + case 14: + case 15: + break; + } + if (message.cause != null && message.hasOwnProperty("cause")) + if (!$util.isString(message.cause)) + return "cause: string expected"; + return null; + }; + + /** + * Creates an IamPolicyAnalysisState message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisState} IamPolicyAnalysisState + */ + IamPolicyAnalysisState.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisState) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisState(); + switch (object.code) { + case "OK": + case 0: + message.code = 0; + break; + case "CANCELLED": + case 1: + message.code = 1; + break; + case "UNKNOWN": + case 2: + message.code = 2; + break; + case "INVALID_ARGUMENT": + case 3: + message.code = 3; + break; + case "DEADLINE_EXCEEDED": + case 4: + message.code = 4; + break; + case "NOT_FOUND": + case 5: + message.code = 5; + break; + case "ALREADY_EXISTS": + case 6: + message.code = 6; + break; + case "PERMISSION_DENIED": + case 7: + message.code = 7; + break; + case "UNAUTHENTICATED": + case 16: + message.code = 16; + break; + case "RESOURCE_EXHAUSTED": + case 8: + message.code = 8; + break; + case "FAILED_PRECONDITION": + case 9: + message.code = 9; + break; + case "ABORTED": + case 10: + message.code = 10; + break; + case "OUT_OF_RANGE": + case 11: + message.code = 11; + break; + case "UNIMPLEMENTED": + case 12: + message.code = 12; + break; + case "INTERNAL": + case 13: + message.code = 13; + break; + case "UNAVAILABLE": + case 14: + message.code = 14; + break; + case "DATA_LOSS": + case 15: + message.code = 15; + break; + } + if (object.cause != null) + message.cause = String(object.cause); + return message; + }; + + /** + * Creates a plain object from an IamPolicyAnalysisState message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisState} message IamPolicyAnalysisState + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + IamPolicyAnalysisState.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.code = options.enums === String ? "OK" : 0; + object.cause = ""; + } + if (message.code != null && message.hasOwnProperty("code")) + object.code = options.enums === String ? $root.google.rpc.Code[message.code] : message.code; + if (message.cause != null && message.hasOwnProperty("cause")) + object.cause = message.cause; + return object; + }; + + /** + * Converts this IamPolicyAnalysisState to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisState + * @instance + * @returns {Object.} JSON object + */ + IamPolicyAnalysisState.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return IamPolicyAnalysisState; + })(); + + v1.IamPolicyAnalysisResult = (function() { + + /** + * Properties of an IamPolicyAnalysisResult. + * @memberof google.cloud.asset.v1 + * @interface IIamPolicyAnalysisResult + * @property {string|null} [attachedResourceFullName] IamPolicyAnalysisResult attachedResourceFullName + * @property {google.iam.v1.IBinding|null} [iamBinding] IamPolicyAnalysisResult iamBinding + * @property {Array.|null} [accessControlLists] IamPolicyAnalysisResult accessControlLists + * @property {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList|null} [identityList] IamPolicyAnalysisResult identityList + * @property {boolean|null} [fullyExplored] IamPolicyAnalysisResult fullyExplored + */ + + /** + * Constructs a new IamPolicyAnalysisResult. + * @memberof google.cloud.asset.v1 + * @classdesc Represents an IamPolicyAnalysisResult. + * @implements IIamPolicyAnalysisResult + * @constructor + * @param {google.cloud.asset.v1.IIamPolicyAnalysisResult=} [properties] Properties to set + */ + function IamPolicyAnalysisResult(properties) { + this.accessControlLists = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * IamPolicyAnalysisResult attachedResourceFullName. + * @member {string} attachedResourceFullName + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @instance + */ + IamPolicyAnalysisResult.prototype.attachedResourceFullName = ""; + + /** + * IamPolicyAnalysisResult iamBinding. + * @member {google.iam.v1.IBinding|null|undefined} iamBinding + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @instance + */ + IamPolicyAnalysisResult.prototype.iamBinding = null; + + /** + * IamPolicyAnalysisResult accessControlLists. + * @member {Array.} accessControlLists + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @instance + */ + IamPolicyAnalysisResult.prototype.accessControlLists = $util.emptyArray; + + /** + * IamPolicyAnalysisResult identityList. + * @member {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList|null|undefined} identityList + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @instance + */ + IamPolicyAnalysisResult.prototype.identityList = null; + + /** + * IamPolicyAnalysisResult fullyExplored. + * @member {boolean} fullyExplored + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @instance + */ + IamPolicyAnalysisResult.prototype.fullyExplored = false; + + /** + * Creates a new IamPolicyAnalysisResult instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {google.cloud.asset.v1.IIamPolicyAnalysisResult=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult} IamPolicyAnalysisResult instance + */ + IamPolicyAnalysisResult.create = function create(properties) { + return new IamPolicyAnalysisResult(properties); + }; + + /** + * Encodes the specified IamPolicyAnalysisResult message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {google.cloud.asset.v1.IIamPolicyAnalysisResult} message IamPolicyAnalysisResult message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicyAnalysisResult.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.attachedResourceFullName != null && Object.hasOwnProperty.call(message, "attachedResourceFullName")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.attachedResourceFullName); + if (message.iamBinding != null && Object.hasOwnProperty.call(message, "iamBinding")) + $root.google.iam.v1.Binding.encode(message.iamBinding, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + if (message.accessControlLists != null && message.accessControlLists.length) + for (var i = 0; i < message.accessControlLists.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.encode(message.accessControlLists[i], writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + if (message.identityList != null && Object.hasOwnProperty.call(message, "identityList")) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.encode(message.identityList, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); + if (message.fullyExplored != null && Object.hasOwnProperty.call(message, "fullyExplored")) + writer.uint32(/* id 5, wireType 0 =*/40).bool(message.fullyExplored); + return writer; + }; + + /** + * Encodes the specified IamPolicyAnalysisResult message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {google.cloud.asset.v1.IIamPolicyAnalysisResult} message IamPolicyAnalysisResult message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamPolicyAnalysisResult.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an IamPolicyAnalysisResult message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult} IamPolicyAnalysisResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicyAnalysisResult.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.attachedResourceFullName = reader.string(); + break; + case 2: + message.iamBinding = $root.google.iam.v1.Binding.decode(reader, reader.uint32()); + break; + case 3: + if (!(message.accessControlLists && message.accessControlLists.length)) + message.accessControlLists = []; + message.accessControlLists.push($root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.decode(reader, reader.uint32())); + break; + case 4: + message.identityList = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.decode(reader, reader.uint32()); + break; + case 5: + message.fullyExplored = reader.bool(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an IamPolicyAnalysisResult message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult} IamPolicyAnalysisResult + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamPolicyAnalysisResult.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an IamPolicyAnalysisResult message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + IamPolicyAnalysisResult.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.attachedResourceFullName != null && message.hasOwnProperty("attachedResourceFullName")) + if (!$util.isString(message.attachedResourceFullName)) + return "attachedResourceFullName: string expected"; + if (message.iamBinding != null && message.hasOwnProperty("iamBinding")) { + var error = $root.google.iam.v1.Binding.verify(message.iamBinding); + if (error) + return "iamBinding." + error; + } + if (message.accessControlLists != null && message.hasOwnProperty("accessControlLists")) { + if (!Array.isArray(message.accessControlLists)) + return "accessControlLists: array expected"; + for (var i = 0; i < message.accessControlLists.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.verify(message.accessControlLists[i]); + if (error) + return "accessControlLists." + error; + } + } + if (message.identityList != null && message.hasOwnProperty("identityList")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.verify(message.identityList); + if (error) + return "identityList." + error; + } + if (message.fullyExplored != null && message.hasOwnProperty("fullyExplored")) + if (typeof message.fullyExplored !== "boolean") + return "fullyExplored: boolean expected"; + return null; + }; + + /** + * Creates an IamPolicyAnalysisResult message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult} IamPolicyAnalysisResult + */ + IamPolicyAnalysisResult.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisResult) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult(); + if (object.attachedResourceFullName != null) + message.attachedResourceFullName = String(object.attachedResourceFullName); + if (object.iamBinding != null) { + if (typeof object.iamBinding !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.iamBinding: object expected"); + message.iamBinding = $root.google.iam.v1.Binding.fromObject(object.iamBinding); + } + if (object.accessControlLists) { + if (!Array.isArray(object.accessControlLists)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.accessControlLists: array expected"); + message.accessControlLists = []; + for (var i = 0; i < object.accessControlLists.length; ++i) { + if (typeof object.accessControlLists[i] !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.accessControlLists: object expected"); + message.accessControlLists[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.fromObject(object.accessControlLists[i]); + } + } + if (object.identityList != null) { + if (typeof object.identityList !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.identityList: object expected"); + message.identityList = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.fromObject(object.identityList); + } + if (object.fullyExplored != null) + message.fullyExplored = Boolean(object.fullyExplored); + return message; + }; + + /** + * Creates a plain object from an IamPolicyAnalysisResult message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult} message IamPolicyAnalysisResult + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + IamPolicyAnalysisResult.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) + object.accessControlLists = []; + if (options.defaults) { + object.attachedResourceFullName = ""; + object.iamBinding = null; + object.identityList = null; + object.fullyExplored = false; + } + if (message.attachedResourceFullName != null && message.hasOwnProperty("attachedResourceFullName")) + object.attachedResourceFullName = message.attachedResourceFullName; + if (message.iamBinding != null && message.hasOwnProperty("iamBinding")) + object.iamBinding = $root.google.iam.v1.Binding.toObject(message.iamBinding, options); + if (message.accessControlLists && message.accessControlLists.length) { + object.accessControlLists = []; + for (var j = 0; j < message.accessControlLists.length; ++j) + object.accessControlLists[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.toObject(message.accessControlLists[j], options); + } + if (message.identityList != null && message.hasOwnProperty("identityList")) + object.identityList = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.toObject(message.identityList, options); + if (message.fullyExplored != null && message.hasOwnProperty("fullyExplored")) + object.fullyExplored = message.fullyExplored; + return object; + }; + + /** + * Converts this IamPolicyAnalysisResult to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @instance + * @returns {Object.} JSON object + */ + IamPolicyAnalysisResult.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + IamPolicyAnalysisResult.Resource = (function() { + + /** + * Properties of a Resource. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @interface IResource + * @property {string|null} [fullResourceName] Resource fullResourceName + * @property {google.cloud.asset.v1.IIamPolicyAnalysisState|null} [analysisState] Resource analysisState + */ + + /** + * Constructs a new Resource. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @classdesc Represents a Resource. + * @implements IResource + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IResource=} [properties] Properties to set + */ + function Resource(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Resource fullResourceName. + * @member {string} fullResourceName + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @instance + */ + Resource.prototype.fullResourceName = ""; + + /** + * Resource analysisState. + * @member {google.cloud.asset.v1.IIamPolicyAnalysisState|null|undefined} analysisState + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @instance + */ + Resource.prototype.analysisState = null; + + /** + * Creates a new Resource instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IResource=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Resource} Resource instance + */ + Resource.create = function create(properties) { + return new Resource(properties); + }; + + /** + * Encodes the specified Resource message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IResource} message Resource message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Resource.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.fullResourceName != null && Object.hasOwnProperty.call(message, "fullResourceName")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.fullResourceName); + if (message.analysisState != null && Object.hasOwnProperty.call(message, "analysisState")) + $root.google.cloud.asset.v1.IamPolicyAnalysisState.encode(message.analysisState, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified Resource message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IResource} message Resource message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Resource.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Resource message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Resource} Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Resource.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.fullResourceName = reader.string(); + break; + case 2: + message.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Resource message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Resource} Resource + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Resource.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Resource message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Resource.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.fullResourceName != null && message.hasOwnProperty("fullResourceName")) + if (!$util.isString(message.fullResourceName)) + return "fullResourceName: string expected"; + if (message.analysisState != null && message.hasOwnProperty("analysisState")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisState.verify(message.analysisState); + if (error) + return "analysisState." + error; + } + return null; + }; + + /** + * Creates a Resource message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Resource} Resource + */ + Resource.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource(); + if (object.fullResourceName != null) + message.fullResourceName = String(object.fullResourceName); + if (object.analysisState != null) { + if (typeof object.analysisState !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.analysisState: object expected"); + message.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.fromObject(object.analysisState); + } + return message; + }; + + /** + * Creates a plain object from a Resource message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.Resource} message Resource + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Resource.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.fullResourceName = ""; + object.analysisState = null; + } + if (message.fullResourceName != null && message.hasOwnProperty("fullResourceName")) + object.fullResourceName = message.fullResourceName; + if (message.analysisState != null && message.hasOwnProperty("analysisState")) + object.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.toObject(message.analysisState, options); + return object; + }; + + /** + * Converts this Resource to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Resource + * @instance + * @returns {Object.} JSON object + */ + Resource.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Resource; + })(); + + IamPolicyAnalysisResult.Access = (function() { + + /** + * Properties of an Access. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @interface IAccess + * @property {string|null} [role] Access role + * @property {string|null} [permission] Access permission + * @property {google.cloud.asset.v1.IIamPolicyAnalysisState|null} [analysisState] Access analysisState + */ + + /** + * Constructs a new Access. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @classdesc Represents an Access. + * @implements IAccess + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess=} [properties] Properties to set + */ + function Access(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Access role. + * @member {string} role + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @instance + */ + Access.prototype.role = ""; + + /** + * Access permission. + * @member {string} permission + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @instance + */ + Access.prototype.permission = ""; + + /** + * Access analysisState. + * @member {google.cloud.asset.v1.IIamPolicyAnalysisState|null|undefined} analysisState + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @instance + */ + Access.prototype.analysisState = null; + + // OneOf field names bound to virtual getters and setters + var $oneOfFields; + + /** + * Access oneofAccess. + * @member {"role"|"permission"|undefined} oneofAccess + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @instance + */ + Object.defineProperty(Access.prototype, "oneofAccess", { + get: $util.oneOfGetter($oneOfFields = ["role", "permission"]), + set: $util.oneOfSetter($oneOfFields) + }); + + /** + * Creates a new Access instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Access} Access instance + */ + Access.create = function create(properties) { + return new Access(properties); + }; + + /** + * Encodes the specified Access message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Access.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess} message Access message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Access.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.role != null && Object.hasOwnProperty.call(message, "role")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.role); + if (message.permission != null && Object.hasOwnProperty.call(message, "permission")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.permission); + if (message.analysisState != null && Object.hasOwnProperty.call(message, "analysisState")) + $root.google.cloud.asset.v1.IamPolicyAnalysisState.encode(message.analysisState, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified Access message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Access.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccess} message Access message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Access.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Access message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Access} Access + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Access.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.role = reader.string(); + break; + case 2: + message.permission = reader.string(); + break; + case 3: + message.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Access message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Access} Access + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Access.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Access message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Access.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + var properties = {}; + if (message.role != null && message.hasOwnProperty("role")) { + properties.oneofAccess = 1; + if (!$util.isString(message.role)) + return "role: string expected"; + } + if (message.permission != null && message.hasOwnProperty("permission")) { + if (properties.oneofAccess === 1) + return "oneofAccess: multiple values"; + properties.oneofAccess = 1; + if (!$util.isString(message.permission)) + return "permission: string expected"; + } + if (message.analysisState != null && message.hasOwnProperty("analysisState")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisState.verify(message.analysisState); + if (error) + return "analysisState." + error; + } + return null; + }; + + /** + * Creates an Access message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Access} Access + */ + Access.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access(); + if (object.role != null) + message.role = String(object.role); + if (object.permission != null) + message.permission = String(object.permission); + if (object.analysisState != null) { + if (typeof object.analysisState !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.Access.analysisState: object expected"); + message.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.fromObject(object.analysisState); + } + return message; + }; + + /** + * Creates a plain object from an Access message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.Access} message Access + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Access.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) + object.analysisState = null; + if (message.role != null && message.hasOwnProperty("role")) { + object.role = message.role; + if (options.oneofs) + object.oneofAccess = "role"; + } + if (message.permission != null && message.hasOwnProperty("permission")) { + object.permission = message.permission; + if (options.oneofs) + object.oneofAccess = "permission"; + } + if (message.analysisState != null && message.hasOwnProperty("analysisState")) + object.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.toObject(message.analysisState, options); + return object; + }; + + /** + * Converts this Access to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Access + * @instance + * @returns {Object.} JSON object + */ + Access.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Access; + })(); + + IamPolicyAnalysisResult.Identity = (function() { + + /** + * Properties of an Identity. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @interface IIdentity + * @property {string|null} [name] Identity name + * @property {google.cloud.asset.v1.IIamPolicyAnalysisState|null} [analysisState] Identity analysisState + */ + + /** + * Constructs a new Identity. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @classdesc Represents an Identity. + * @implements IIdentity + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity=} [properties] Properties to set + */ + function Identity(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Identity name. + * @member {string} name + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @instance + */ + Identity.prototype.name = ""; + + /** + * Identity analysisState. + * @member {google.cloud.asset.v1.IIamPolicyAnalysisState|null|undefined} analysisState + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @instance + */ + Identity.prototype.analysisState = null; + + /** + * Creates a new Identity instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Identity} Identity instance + */ + Identity.create = function create(properties) { + return new Identity(properties); + }; + + /** + * Encodes the specified Identity message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity} message Identity message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Identity.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.name != null && Object.hasOwnProperty.call(message, "name")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); + if (message.analysisState != null && Object.hasOwnProperty.call(message, "analysisState")) + $root.google.cloud.asset.v1.IamPolicyAnalysisState.encode(message.analysisState, writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified Identity message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentity} message Identity message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Identity.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Identity message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Identity} Identity + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Identity.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.name = reader.string(); + break; + case 2: + message.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.decode(reader, reader.uint32()); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Identity message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Identity} Identity + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Identity.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Identity message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Identity.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.name != null && message.hasOwnProperty("name")) + if (!$util.isString(message.name)) + return "name: string expected"; + if (message.analysisState != null && message.hasOwnProperty("analysisState")) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisState.verify(message.analysisState); + if (error) + return "analysisState." + error; + } + return null; + }; + + /** + * Creates an Identity message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Identity} Identity + */ + Identity.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity(); + if (object.name != null) + message.name = String(object.name); + if (object.analysisState != null) { + if (typeof object.analysisState !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.analysisState: object expected"); + message.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.fromObject(object.analysisState); + } + return message; + }; + + /** + * Creates a plain object from an Identity message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.Identity} message Identity + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Identity.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.name = ""; + object.analysisState = null; + } + if (message.name != null && message.hasOwnProperty("name")) + object.name = message.name; + if (message.analysisState != null && message.hasOwnProperty("analysisState")) + object.analysisState = $root.google.cloud.asset.v1.IamPolicyAnalysisState.toObject(message.analysisState, options); + return object; + }; + + /** + * Converts this Identity to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Identity + * @instance + * @returns {Object.} JSON object + */ + Identity.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Identity; + })(); + + IamPolicyAnalysisResult.Edge = (function() { + + /** + * Properties of an Edge. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @interface IEdge + * @property {string|null} [sourceNode] Edge sourceNode + * @property {string|null} [targetNode] Edge targetNode + */ + + /** + * Constructs a new Edge. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @classdesc Represents an Edge. + * @implements IEdge + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge=} [properties] Properties to set + */ + function Edge(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Edge sourceNode. + * @member {string} sourceNode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @instance + */ + Edge.prototype.sourceNode = ""; + + /** + * Edge targetNode. + * @member {string} targetNode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @instance + */ + Edge.prototype.targetNode = ""; + + /** + * Creates a new Edge instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Edge} Edge instance + */ + Edge.create = function create(properties) { + return new Edge(properties); + }; + + /** + * Encodes the specified Edge message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge} message Edge message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Edge.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.sourceNode != null && Object.hasOwnProperty.call(message, "sourceNode")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.sourceNode); + if (message.targetNode != null && Object.hasOwnProperty.call(message, "targetNode")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.targetNode); + return writer; + }; + + /** + * Encodes the specified Edge message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IEdge} message Edge message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Edge.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Edge message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Edge} Edge + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Edge.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.sourceNode = reader.string(); + break; + case 2: + message.targetNode = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Edge message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Edge} Edge + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Edge.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Edge message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Edge.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.sourceNode != null && message.hasOwnProperty("sourceNode")) + if (!$util.isString(message.sourceNode)) + return "sourceNode: string expected"; + if (message.targetNode != null && message.hasOwnProperty("targetNode")) + if (!$util.isString(message.targetNode)) + return "targetNode: string expected"; + return null; + }; + + /** + * Creates an Edge message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.Edge} Edge + */ + Edge.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge(); + if (object.sourceNode != null) + message.sourceNode = String(object.sourceNode); + if (object.targetNode != null) + message.targetNode = String(object.targetNode); + return message; + }; + + /** + * Creates a plain object from an Edge message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.Edge} message Edge + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Edge.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.sourceNode = ""; + object.targetNode = ""; + } + if (message.sourceNode != null && message.hasOwnProperty("sourceNode")) + object.sourceNode = message.sourceNode; + if (message.targetNode != null && message.hasOwnProperty("targetNode")) + object.targetNode = message.targetNode; + return object; + }; + + /** + * Converts this Edge to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.Edge + * @instance + * @returns {Object.} JSON object + */ + Edge.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Edge; + })(); + + IamPolicyAnalysisResult.AccessControlList = (function() { + + /** + * Properties of an AccessControlList. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @interface IAccessControlList + * @property {Array.|null} [resources] AccessControlList resources + * @property {Array.|null} [accesses] AccessControlList accesses + * @property {Array.|null} [resourceEdges] AccessControlList resourceEdges + */ + + /** + * Constructs a new AccessControlList. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @classdesc Represents an AccessControlList. + * @implements IAccessControlList + * @constructor + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList=} [properties] Properties to set + */ + function AccessControlList(properties) { + this.resources = []; + this.accesses = []; + this.resourceEdges = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * AccessControlList resources. + * @member {Array.} resources + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @instance + */ + AccessControlList.prototype.resources = $util.emptyArray; + + /** + * AccessControlList accesses. + * @member {Array.} accesses + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @instance + */ + AccessControlList.prototype.accesses = $util.emptyArray; + + /** + * AccessControlList resourceEdges. + * @member {Array.} resourceEdges + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @instance + */ + AccessControlList.prototype.resourceEdges = $util.emptyArray; + + /** + * Creates a new AccessControlList instance using the specified properties. + * @function create + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList} AccessControlList instance + */ + AccessControlList.create = function create(properties) { + return new AccessControlList(properties); + }; + + /** + * Encodes the specified AccessControlList message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.verify|verify} messages. + * @function encode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList} message AccessControlList message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + AccessControlList.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.resources != null && message.resources.length) + for (var i = 0; i < message.resources.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.encode(message.resources[i], writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.accesses != null && message.accesses.length) + for (var i = 0; i < message.accesses.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access.encode(message.accesses[i], writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + if (message.resourceEdges != null && message.resourceEdges.length) + for (var i = 0; i < message.resourceEdges.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.encode(message.resourceEdges[i], writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified AccessControlList message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IAccessControlList} message AccessControlList message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + AccessControlList.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an AccessControlList message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList} AccessControlList + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + AccessControlList.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + if (!(message.resources && message.resources.length)) + message.resources = []; + message.resources.push($root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.decode(reader, reader.uint32())); + break; + case 2: + if (!(message.accesses && message.accesses.length)) + message.accesses = []; + message.accesses.push($root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access.decode(reader, reader.uint32())); + break; + case 3: + if (!(message.resourceEdges && message.resourceEdges.length)) + message.resourceEdges = []; + message.resourceEdges.push($root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.decode(reader, reader.uint32())); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an AccessControlList message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList} AccessControlList + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + AccessControlList.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an AccessControlList message. + * @function verify + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + AccessControlList.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.resources != null && message.hasOwnProperty("resources")) { + if (!Array.isArray(message.resources)) + return "resources: array expected"; + for (var i = 0; i < message.resources.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.verify(message.resources[i]); + if (error) + return "resources." + error; + } + } + if (message.accesses != null && message.hasOwnProperty("accesses")) { + if (!Array.isArray(message.accesses)) + return "accesses: array expected"; + for (var i = 0; i < message.accesses.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access.verify(message.accesses[i]); + if (error) + return "accesses." + error; + } + } + if (message.resourceEdges != null && message.hasOwnProperty("resourceEdges")) { + if (!Array.isArray(message.resourceEdges)) + return "resourceEdges: array expected"; + for (var i = 0; i < message.resourceEdges.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.verify(message.resourceEdges[i]); + if (error) + return "resourceEdges." + error; + } + } + return null; + }; + + /** + * Creates an AccessControlList message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList} AccessControlList + */ + AccessControlList.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList) + return object; + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList(); + if (object.resources) { + if (!Array.isArray(object.resources)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.resources: array expected"); + message.resources = []; + for (var i = 0; i < object.resources.length; ++i) { + if (typeof object.resources[i] !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.resources: object expected"); + message.resources[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.fromObject(object.resources[i]); + } + } + if (object.accesses) { + if (!Array.isArray(object.accesses)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.accesses: array expected"); + message.accesses = []; + for (var i = 0; i < object.accesses.length; ++i) { + if (typeof object.accesses[i] !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.accesses: object expected"); + message.accesses[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access.fromObject(object.accesses[i]); + } + } + if (object.resourceEdges) { + if (!Array.isArray(object.resourceEdges)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.resourceEdges: array expected"); + message.resourceEdges = []; + for (var i = 0; i < object.resourceEdges.length; ++i) { + if (typeof object.resourceEdges[i] !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList.resourceEdges: object expected"); + message.resourceEdges[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.fromObject(object.resourceEdges[i]); + } + } + return message; + }; + + /** + * Creates a plain object from an AccessControlList message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @static + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList} message AccessControlList + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + AccessControlList.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) { + object.resources = []; + object.accesses = []; + object.resourceEdges = []; + } + if (message.resources && message.resources.length) { + object.resources = []; + for (var j = 0; j < message.resources.length; ++j) + object.resources[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Resource.toObject(message.resources[j], options); + } + if (message.accesses && message.accesses.length) { + object.accesses = []; + for (var j = 0; j < message.accesses.length; ++j) + object.accesses[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Access.toObject(message.accesses[j], options); + } + if (message.resourceEdges && message.resourceEdges.length) { + object.resourceEdges = []; + for (var j = 0; j < message.resourceEdges.length; ++j) + object.resourceEdges[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.toObject(message.resourceEdges[j], options); + } return object; - var message = new $root.google.cloud.asset.v1.IamPolicySearchResult(); - if (object.resource != null) - message.resource = String(object.resource); - if (object.project != null) - message.project = String(object.project); - if (object.policy != null) { - if (typeof object.policy !== "object") - throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.policy: object expected"); - message.policy = $root.google.iam.v1.Policy.fromObject(object.policy); - } - if (object.explanation != null) { - if (typeof object.explanation !== "object") - throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.explanation: object expected"); - message.explanation = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.fromObject(object.explanation); - } - return message; - }; + }; - /** - * Creates a plain object from an IamPolicySearchResult message. Also converts values to other types if specified. - * @function toObject - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult} message IamPolicySearchResult - * @param {$protobuf.IConversionOptions} [options] Conversion options - * @returns {Object.} Plain object - */ - IamPolicySearchResult.toObject = function toObject(message, options) { - if (!options) - options = {}; - var object = {}; - if (options.defaults) { - object.resource = ""; - object.project = ""; - object.policy = null; - object.explanation = null; - } - if (message.resource != null && message.hasOwnProperty("resource")) - object.resource = message.resource; - if (message.project != null && message.hasOwnProperty("project")) - object.project = message.project; - if (message.policy != null && message.hasOwnProperty("policy")) - object.policy = $root.google.iam.v1.Policy.toObject(message.policy, options); - if (message.explanation != null && message.hasOwnProperty("explanation")) - object.explanation = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.toObject(message.explanation, options); - return object; - }; + /** + * Converts this AccessControlList to JSON. + * @function toJSON + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList + * @instance + * @returns {Object.} JSON object + */ + AccessControlList.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; - /** - * Converts this IamPolicySearchResult to JSON. - * @function toJSON - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @instance - * @returns {Object.} JSON object - */ - IamPolicySearchResult.prototype.toJSON = function toJSON() { - return this.constructor.toObject(this, $protobuf.util.toJSONOptions); - }; + return AccessControlList; + })(); - IamPolicySearchResult.Explanation = (function() { + IamPolicyAnalysisResult.IdentityList = (function() { /** - * Properties of an Explanation. - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @interface IExplanation - * @property {Object.|null} [matchedPermissions] Explanation matchedPermissions + * Properties of an IdentityList. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @interface IIdentityList + * @property {Array.|null} [identities] IdentityList identities + * @property {Array.|null} [groupEdges] IdentityList groupEdges */ /** - * Constructs a new Explanation. - * @memberof google.cloud.asset.v1.IamPolicySearchResult - * @classdesc Represents an Explanation. - * @implements IExplanation + * Constructs a new IdentityList. + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult + * @classdesc Represents an IdentityList. + * @implements IIdentityList * @constructor - * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation=} [properties] Properties to set + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList=} [properties] Properties to set */ - function Explanation(properties) { - this.matchedPermissions = {}; + function IdentityList(properties) { + this.identities = []; + this.groupEdges = []; if (properties) for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) if (properties[keys[i]] != null) @@ -7739,97 +13637,94 @@ } /** - * Explanation matchedPermissions. - * @member {Object.} matchedPermissions - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * IdentityList identities. + * @member {Array.} identities + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @instance */ - Explanation.prototype.matchedPermissions = $util.emptyObject; + IdentityList.prototype.identities = $util.emptyArray; /** - * Creates a new Explanation instance using the specified properties. + * IdentityList groupEdges. + * @member {Array.} groupEdges + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList + * @instance + */ + IdentityList.prototype.groupEdges = $util.emptyArray; + + /** + * Creates a new IdentityList instance using the specified properties. * @function create - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation=} [properties] Properties to set - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation instance + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList=} [properties] Properties to set + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList} IdentityList instance */ - Explanation.create = function create(properties) { - return new Explanation(properties); + IdentityList.create = function create(properties) { + return new IdentityList(properties); }; /** - * Encodes the specified Explanation message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. + * Encodes the specified IdentityList message. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.verify|verify} messages. * @function encode - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation} message Explanation message or plain object to encode + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList} message IdentityList message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - Explanation.encode = function encode(message, writer) { + IdentityList.encode = function encode(message, writer) { if (!writer) writer = $Writer.create(); - if (message.matchedPermissions != null && Object.hasOwnProperty.call(message, "matchedPermissions")) - for (var keys = Object.keys(message.matchedPermissions), i = 0; i < keys.length; ++i) { - writer.uint32(/* id 1, wireType 2 =*/10).fork().uint32(/* id 1, wireType 2 =*/10).string(keys[i]); - $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.encode(message.matchedPermissions[keys[i]], writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim().ldelim(); - } + if (message.identities != null && message.identities.length) + for (var i = 0; i < message.identities.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.encode(message.identities[i], writer.uint32(/* id 1, wireType 2 =*/10).fork()).ldelim(); + if (message.groupEdges != null && message.groupEdges.length) + for (var i = 0; i < message.groupEdges.length; ++i) + $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.encode(message.groupEdges[i], writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); return writer; }; /** - * Encodes the specified Explanation message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.verify|verify} messages. + * Encodes the specified IdentityList message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.verify|verify} messages. * @function encodeDelimited - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.IExplanation} message Explanation message or plain object to encode + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IIdentityList} message IdentityList message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - Explanation.encodeDelimited = function encodeDelimited(message, writer) { + IdentityList.encodeDelimited = function encodeDelimited(message, writer) { return this.encode(message, writer).ldelim(); }; /** - * Decodes an Explanation message from the specified reader or buffer. + * Decodes an IdentityList message from the specified reader or buffer. * @function decode - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList} IdentityList * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - Explanation.decode = function decode(reader, length) { + IdentityList.decode = function decode(reader, length) { if (!(reader instanceof $Reader)) reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation(), key, value; + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList(); while (reader.pos < end) { var tag = reader.uint32(); switch (tag >>> 3) { case 1: - if (message.matchedPermissions === $util.emptyObject) - message.matchedPermissions = {}; - var end2 = reader.uint32() + reader.pos; - key = ""; - value = null; - while (reader.pos < end2) { - var tag2 = reader.uint32(); - switch (tag2 >>> 3) { - case 1: - key = reader.string(); - break; - case 2: - value = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.decode(reader, reader.uint32()); - break; - default: - reader.skipType(tag2 & 7); - break; - } - } - message.matchedPermissions[key] = value; + if (!(message.identities && message.identities.length)) + message.identities = []; + message.identities.push($root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.decode(reader, reader.uint32())); + break; + case 2: + if (!(message.groupEdges && message.groupEdges.length)) + message.groupEdges = []; + message.groupEdges.push($root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.decode(reader, reader.uint32())); break; default: reader.skipType(tag & 7); @@ -7840,312 +13735,133 @@ }; /** - * Decodes an Explanation message from the specified reader or buffer, length delimited. + * Decodes an IdentityList message from the specified reader or buffer, length delimited. * @function decodeDelimited - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList} IdentityList * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - Explanation.decodeDelimited = function decodeDelimited(reader) { + IdentityList.decodeDelimited = function decodeDelimited(reader) { if (!(reader instanceof $Reader)) reader = new $Reader(reader); return this.decode(reader, reader.uint32()); }; /** - * Verifies an Explanation message. + * Verifies an IdentityList message. * @function verify - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static * @param {Object.} message Plain object to verify * @returns {string|null} `null` if valid, otherwise the reason why it is not */ - Explanation.verify = function verify(message) { + IdentityList.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; - if (message.matchedPermissions != null && message.hasOwnProperty("matchedPermissions")) { - if (!$util.isObject(message.matchedPermissions)) - return "matchedPermissions: object expected"; - var key = Object.keys(message.matchedPermissions); - for (var i = 0; i < key.length; ++i) { - var error = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify(message.matchedPermissions[key[i]]); + if (message.identities != null && message.hasOwnProperty("identities")) { + if (!Array.isArray(message.identities)) + return "identities: array expected"; + for (var i = 0; i < message.identities.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.verify(message.identities[i]); if (error) - return "matchedPermissions." + error; + return "identities." + error; + } + } + if (message.groupEdges != null && message.hasOwnProperty("groupEdges")) { + if (!Array.isArray(message.groupEdges)) + return "groupEdges: array expected"; + for (var i = 0; i < message.groupEdges.length; ++i) { + var error = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.verify(message.groupEdges[i]); + if (error) + return "groupEdges." + error; } } return null; }; /** - * Creates an Explanation message from a plain object. Also converts values to their respective internal types. + * Creates an IdentityList message from a plain object. Also converts values to their respective internal types. * @function fromObject - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation} Explanation + * @returns {google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList} IdentityList */ - Explanation.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation) + IdentityList.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList) return object; - var message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation(); - if (object.matchedPermissions) { - if (typeof object.matchedPermissions !== "object") - throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.Explanation.matchedPermissions: object expected"); - message.matchedPermissions = {}; - for (var keys = Object.keys(object.matchedPermissions), i = 0; i < keys.length; ++i) { - if (typeof object.matchedPermissions[keys[i]] !== "object") - throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.Explanation.matchedPermissions: object expected"); - message.matchedPermissions[keys[i]] = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.fromObject(object.matchedPermissions[keys[i]]); + var message = new $root.google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList(); + if (object.identities) { + if (!Array.isArray(object.identities)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.identities: array expected"); + message.identities = []; + for (var i = 0; i < object.identities.length; ++i) { + if (typeof object.identities[i] !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.identities: object expected"); + message.identities[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.fromObject(object.identities[i]); + } + } + if (object.groupEdges) { + if (!Array.isArray(object.groupEdges)) + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.groupEdges: array expected"); + message.groupEdges = []; + for (var i = 0; i < object.groupEdges.length; ++i) { + if (typeof object.groupEdges[i] !== "object") + throw TypeError(".google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList.groupEdges: object expected"); + message.groupEdges[i] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.fromObject(object.groupEdges[i]); } } return message; }; /** - * Creates a plain object from an Explanation message. Also converts values to other types if specified. + * Creates a plain object from an IdentityList message. Also converts values to other types if specified. * @function toObject - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation} message Explanation + * @param {google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList} message IdentityList * @param {$protobuf.IConversionOptions} [options] Conversion options * @returns {Object.} Plain object */ - Explanation.toObject = function toObject(message, options) { + IdentityList.toObject = function toObject(message, options) { if (!options) options = {}; var object = {}; - if (options.objects || options.defaults) - object.matchedPermissions = {}; - var keys2; - if (message.matchedPermissions && (keys2 = Object.keys(message.matchedPermissions)).length) { - object.matchedPermissions = {}; - for (var j = 0; j < keys2.length; ++j) - object.matchedPermissions[keys2[j]] = $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.toObject(message.matchedPermissions[keys2[j]], options); + if (options.arrays || options.defaults) { + object.identities = []; + object.groupEdges = []; + } + if (message.identities && message.identities.length) { + object.identities = []; + for (var j = 0; j < message.identities.length; ++j) + object.identities[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Identity.toObject(message.identities[j], options); + } + if (message.groupEdges && message.groupEdges.length) { + object.groupEdges = []; + for (var j = 0; j < message.groupEdges.length; ++j) + object.groupEdges[j] = $root.google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.toObject(message.groupEdges[j], options); } return object; }; /** - * Converts this Explanation to JSON. + * Converts this IdentityList to JSON. * @function toJSON - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation + * @memberof google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList * @instance * @returns {Object.} JSON object */ - Explanation.prototype.toJSON = function toJSON() { + IdentityList.prototype.toJSON = function toJSON() { return this.constructor.toObject(this, $protobuf.util.toJSONOptions); }; - Explanation.Permissions = (function() { - - /** - * Properties of a Permissions. - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation - * @interface IPermissions - * @property {Array.|null} [permissions] Permissions permissions - */ - - /** - * Constructs a new Permissions. - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation - * @classdesc Represents a Permissions. - * @implements IPermissions - * @constructor - * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions=} [properties] Properties to set - */ - function Permissions(properties) { - this.permissions = []; - if (properties) - for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) - if (properties[keys[i]] != null) - this[keys[i]] = properties[keys[i]]; - } - - /** - * Permissions permissions. - * @member {Array.} permissions - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @instance - */ - Permissions.prototype.permissions = $util.emptyArray; - - /** - * Creates a new Permissions instance using the specified properties. - * @function create - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions=} [properties] Properties to set - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions instance - */ - Permissions.create = function create(properties) { - return new Permissions(properties); - }; - - /** - * Encodes the specified Permissions message. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. - * @function encode - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions} message Permissions message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - Permissions.encode = function encode(message, writer) { - if (!writer) - writer = $Writer.create(); - if (message.permissions != null && message.permissions.length) - for (var i = 0; i < message.permissions.length; ++i) - writer.uint32(/* id 1, wireType 2 =*/10).string(message.permissions[i]); - return writer; - }; - - /** - * Encodes the specified Permissions message, length delimited. Does not implicitly {@link google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.verify|verify} messages. - * @function encodeDelimited - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.IPermissions} message Permissions message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - Permissions.encodeDelimited = function encodeDelimited(message, writer) { - return this.encode(message, writer).ldelim(); - }; - - /** - * Decodes a Permissions message from the specified reader or buffer. - * @function decode - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @param {number} [length] Message length if known beforehand - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - Permissions.decode = function decode(reader, length) { - if (!(reader instanceof $Reader)) - reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions(); - while (reader.pos < end) { - var tag = reader.uint32(); - switch (tag >>> 3) { - case 1: - if (!(message.permissions && message.permissions.length)) - message.permissions = []; - message.permissions.push(reader.string()); - break; - default: - reader.skipType(tag & 7); - break; - } - } - return message; - }; - - /** - * Decodes a Permissions message from the specified reader or buffer, length delimited. - * @function decodeDelimited - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - Permissions.decodeDelimited = function decodeDelimited(reader) { - if (!(reader instanceof $Reader)) - reader = new $Reader(reader); - return this.decode(reader, reader.uint32()); - }; - - /** - * Verifies a Permissions message. - * @function verify - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {Object.} message Plain object to verify - * @returns {string|null} `null` if valid, otherwise the reason why it is not - */ - Permissions.verify = function verify(message) { - if (typeof message !== "object" || message === null) - return "object expected"; - if (message.permissions != null && message.hasOwnProperty("permissions")) { - if (!Array.isArray(message.permissions)) - return "permissions: array expected"; - for (var i = 0; i < message.permissions.length; ++i) - if (!$util.isString(message.permissions[i])) - return "permissions: string[] expected"; - } - return null; - }; - - /** - * Creates a Permissions message from a plain object. Also converts values to their respective internal types. - * @function fromObject - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {Object.} object Plain object - * @returns {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} Permissions - */ - Permissions.fromObject = function fromObject(object) { - if (object instanceof $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions) - return object; - var message = new $root.google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions(); - if (object.permissions) { - if (!Array.isArray(object.permissions)) - throw TypeError(".google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions.permissions: array expected"); - message.permissions = []; - for (var i = 0; i < object.permissions.length; ++i) - message.permissions[i] = String(object.permissions[i]); - } - return message; - }; - - /** - * Creates a plain object from a Permissions message. Also converts values to other types if specified. - * @function toObject - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @static - * @param {google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions} message Permissions - * @param {$protobuf.IConversionOptions} [options] Conversion options - * @returns {Object.} Plain object - */ - Permissions.toObject = function toObject(message, options) { - if (!options) - options = {}; - var object = {}; - if (options.arrays || options.defaults) - object.permissions = []; - if (message.permissions && message.permissions.length) { - object.permissions = []; - for (var j = 0; j < message.permissions.length; ++j) - object.permissions[j] = message.permissions[j]; - } - return object; - }; - - /** - * Converts this Permissions to JSON. - * @function toJSON - * @memberof google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions - * @instance - * @returns {Object.} JSON object - */ - Permissions.prototype.toJSON = function toJSON() { - return this.constructor.toObject(this, $protobuf.util.toJSONOptions); - }; - - return Permissions; - })(); - - return Explanation; + return IdentityList; })(); - return IamPolicySearchResult; + return IamPolicyAnalysisResult; })(); return v1; @@ -35201,225 +40917,6 @@ return Timestamp; })(); - protobuf.Any = (function() { - - /** - * Properties of an Any. - * @memberof google.protobuf - * @interface IAny - * @property {string|null} [type_url] Any type_url - * @property {Uint8Array|null} [value] Any value - */ - - /** - * Constructs a new Any. - * @memberof google.protobuf - * @classdesc Represents an Any. - * @implements IAny - * @constructor - * @param {google.protobuf.IAny=} [properties] Properties to set - */ - function Any(properties) { - if (properties) - for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) - if (properties[keys[i]] != null) - this[keys[i]] = properties[keys[i]]; - } - - /** - * Any type_url. - * @member {string} type_url - * @memberof google.protobuf.Any - * @instance - */ - Any.prototype.type_url = ""; - - /** - * Any value. - * @member {Uint8Array} value - * @memberof google.protobuf.Any - * @instance - */ - Any.prototype.value = $util.newBuffer([]); - - /** - * Creates a new Any instance using the specified properties. - * @function create - * @memberof google.protobuf.Any - * @static - * @param {google.protobuf.IAny=} [properties] Properties to set - * @returns {google.protobuf.Any} Any instance - */ - Any.create = function create(properties) { - return new Any(properties); - }; - - /** - * Encodes the specified Any message. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. - * @function encode - * @memberof google.protobuf.Any - * @static - * @param {google.protobuf.IAny} message Any message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - Any.encode = function encode(message, writer) { - if (!writer) - writer = $Writer.create(); - if (message.type_url != null && Object.hasOwnProperty.call(message, "type_url")) - writer.uint32(/* id 1, wireType 2 =*/10).string(message.type_url); - if (message.value != null && Object.hasOwnProperty.call(message, "value")) - writer.uint32(/* id 2, wireType 2 =*/18).bytes(message.value); - return writer; - }; - - /** - * Encodes the specified Any message, length delimited. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. - * @function encodeDelimited - * @memberof google.protobuf.Any - * @static - * @param {google.protobuf.IAny} message Any message or plain object to encode - * @param {$protobuf.Writer} [writer] Writer to encode to - * @returns {$protobuf.Writer} Writer - */ - Any.encodeDelimited = function encodeDelimited(message, writer) { - return this.encode(message, writer).ldelim(); - }; - - /** - * Decodes an Any message from the specified reader or buffer. - * @function decode - * @memberof google.protobuf.Any - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @param {number} [length] Message length if known beforehand - * @returns {google.protobuf.Any} Any - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - Any.decode = function decode(reader, length) { - if (!(reader instanceof $Reader)) - reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.protobuf.Any(); - while (reader.pos < end) { - var tag = reader.uint32(); - switch (tag >>> 3) { - case 1: - message.type_url = reader.string(); - break; - case 2: - message.value = reader.bytes(); - break; - default: - reader.skipType(tag & 7); - break; - } - } - return message; - }; - - /** - * Decodes an Any message from the specified reader or buffer, length delimited. - * @function decodeDelimited - * @memberof google.protobuf.Any - * @static - * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {google.protobuf.Any} Any - * @throws {Error} If the payload is not a reader or valid buffer - * @throws {$protobuf.util.ProtocolError} If required fields are missing - */ - Any.decodeDelimited = function decodeDelimited(reader) { - if (!(reader instanceof $Reader)) - reader = new $Reader(reader); - return this.decode(reader, reader.uint32()); - }; - - /** - * Verifies an Any message. - * @function verify - * @memberof google.protobuf.Any - * @static - * @param {Object.} message Plain object to verify - * @returns {string|null} `null` if valid, otherwise the reason why it is not - */ - Any.verify = function verify(message) { - if (typeof message !== "object" || message === null) - return "object expected"; - if (message.type_url != null && message.hasOwnProperty("type_url")) - if (!$util.isString(message.type_url)) - return "type_url: string expected"; - if (message.value != null && message.hasOwnProperty("value")) - if (!(message.value && typeof message.value.length === "number" || $util.isString(message.value))) - return "value: buffer expected"; - return null; - }; - - /** - * Creates an Any message from a plain object. Also converts values to their respective internal types. - * @function fromObject - * @memberof google.protobuf.Any - * @static - * @param {Object.} object Plain object - * @returns {google.protobuf.Any} Any - */ - Any.fromObject = function fromObject(object) { - if (object instanceof $root.google.protobuf.Any) - return object; - var message = new $root.google.protobuf.Any(); - if (object.type_url != null) - message.type_url = String(object.type_url); - if (object.value != null) - if (typeof object.value === "string") - $util.base64.decode(object.value, message.value = $util.newBuffer($util.base64.length(object.value)), 0); - else if (object.value.length) - message.value = object.value; - return message; - }; - - /** - * Creates a plain object from an Any message. Also converts values to other types if specified. - * @function toObject - * @memberof google.protobuf.Any - * @static - * @param {google.protobuf.Any} message Any - * @param {$protobuf.IConversionOptions} [options] Conversion options - * @returns {Object.} Plain object - */ - Any.toObject = function toObject(message, options) { - if (!options) - options = {}; - var object = {}; - if (options.defaults) { - object.type_url = ""; - if (options.bytes === String) - object.value = ""; - else { - object.value = []; - if (options.bytes !== Array) - object.value = $util.newBuffer(object.value); - } - } - if (message.type_url != null && message.hasOwnProperty("type_url")) - object.type_url = message.type_url; - if (message.value != null && message.hasOwnProperty("value")) - object.value = options.bytes === String ? $util.base64.encode(message.value, 0, message.value.length) : options.bytes === Array ? Array.prototype.slice.call(message.value) : message.value; - return object; - }; - - /** - * Converts this Any to JSON. - * @function toJSON - * @memberof google.protobuf.Any - * @instance - * @returns {Object.} JSON object - */ - Any.prototype.toJSON = function toJSON() { - return this.constructor.toObject(this, $protobuf.util.toJSONOptions); - }; - - return Any; - })(); - protobuf.Struct = (function() { /** @@ -36234,6 +41731,225 @@ return ListValue; })(); + protobuf.Any = (function() { + + /** + * Properties of an Any. + * @memberof google.protobuf + * @interface IAny + * @property {string|null} [type_url] Any type_url + * @property {Uint8Array|null} [value] Any value + */ + + /** + * Constructs a new Any. + * @memberof google.protobuf + * @classdesc Represents an Any. + * @implements IAny + * @constructor + * @param {google.protobuf.IAny=} [properties] Properties to set + */ + function Any(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Any type_url. + * @member {string} type_url + * @memberof google.protobuf.Any + * @instance + */ + Any.prototype.type_url = ""; + + /** + * Any value. + * @member {Uint8Array} value + * @memberof google.protobuf.Any + * @instance + */ + Any.prototype.value = $util.newBuffer([]); + + /** + * Creates a new Any instance using the specified properties. + * @function create + * @memberof google.protobuf.Any + * @static + * @param {google.protobuf.IAny=} [properties] Properties to set + * @returns {google.protobuf.Any} Any instance + */ + Any.create = function create(properties) { + return new Any(properties); + }; + + /** + * Encodes the specified Any message. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. + * @function encode + * @memberof google.protobuf.Any + * @static + * @param {google.protobuf.IAny} message Any message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Any.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.type_url != null && Object.hasOwnProperty.call(message, "type_url")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.type_url); + if (message.value != null && Object.hasOwnProperty.call(message, "value")) + writer.uint32(/* id 2, wireType 2 =*/18).bytes(message.value); + return writer; + }; + + /** + * Encodes the specified Any message, length delimited. Does not implicitly {@link google.protobuf.Any.verify|verify} messages. + * @function encodeDelimited + * @memberof google.protobuf.Any + * @static + * @param {google.protobuf.IAny} message Any message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Any.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Any message from the specified reader or buffer. + * @function decode + * @memberof google.protobuf.Any + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.protobuf.Any} Any + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Any.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.protobuf.Any(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.type_url = reader.string(); + break; + case 2: + message.value = reader.bytes(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Any message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.protobuf.Any + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.protobuf.Any} Any + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Any.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Any message. + * @function verify + * @memberof google.protobuf.Any + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Any.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.type_url != null && message.hasOwnProperty("type_url")) + if (!$util.isString(message.type_url)) + return "type_url: string expected"; + if (message.value != null && message.hasOwnProperty("value")) + if (!(message.value && typeof message.value.length === "number" || $util.isString(message.value))) + return "value: buffer expected"; + return null; + }; + + /** + * Creates an Any message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.protobuf.Any + * @static + * @param {Object.} object Plain object + * @returns {google.protobuf.Any} Any + */ + Any.fromObject = function fromObject(object) { + if (object instanceof $root.google.protobuf.Any) + return object; + var message = new $root.google.protobuf.Any(); + if (object.type_url != null) + message.type_url = String(object.type_url); + if (object.value != null) + if (typeof object.value === "string") + $util.base64.decode(object.value, message.value = $util.newBuffer($util.base64.length(object.value)), 0); + else if (object.value.length) + message.value = object.value; + return message; + }; + + /** + * Creates a plain object from an Any message. Also converts values to other types if specified. + * @function toObject + * @memberof google.protobuf.Any + * @static + * @param {google.protobuf.Any} message Any + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Any.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.type_url = ""; + if (options.bytes === String) + object.value = ""; + else { + object.value = []; + if (options.bytes !== Array) + object.value = $util.newBuffer(object.value); + } + } + if (message.type_url != null && message.hasOwnProperty("type_url")) + object.type_url = message.type_url; + if (message.value != null && message.hasOwnProperty("value")) + object.value = options.bytes === String ? $util.base64.encode(message.value, 0, message.value.length) : options.bytes === Array ? Array.prototype.slice.call(message.value) : message.value; + return object; + }; + + /** + * Converts this Any to JSON. + * @function toJSON + * @memberof google.protobuf.Any + * @instance + * @returns {Object.} JSON object + */ + Any.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + return Any; + })(); + protobuf.Duration = (function() { /** diff --git a/packages/google-cloud-asset/protos/protos.json b/packages/google-cloud-asset/protos/protos.json index e4d819f310f..258879fcb1a 100644 --- a/packages/google-cloud-asset/protos/protos.json +++ b/packages/google-cloud-asset/protos/protos.json @@ -97,6 +97,23 @@ "(google.api.http).get": "/v1/{scope=*/*}:searchAllIamPolicies", "(google.api.method_signature)": "scope,query" } + }, + "AnalyzeIamPolicy": { + "requestType": "AnalyzeIamPolicyRequest", + "responseType": "AnalyzeIamPolicyResponse", + "options": { + "(google.api.http).get": "/v1/{analysis_query.scope=*/*}:analyzeIamPolicy" + } + }, + "ExportIamPolicyAnalysis": { + "requestType": "ExportIamPolicyAnalysisRequest", + "responseType": "google.longrunning.Operation", + "options": { + "(google.api.http).post": "/v1/{analysis_query.scope=*/*}:exportIamPolicyAnalysis", + "(google.api.http).body": "*", + "(google.longrunning.operation_info).response_type": "google.cloud.asset.v1.ExportIamPolicyAnalysisResponse", + "(google.longrunning.operation_info).metadata_type": "google.cloud.asset.v1.ExportIamPolicyAnalysisRequest" + } } } }, @@ -530,6 +547,357 @@ } } }, + "IamPolicyAnalysisQuery": { + "fields": { + "scope": { + "type": "string", + "id": 1, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + }, + "resourceSelector": { + "type": "ResourceSelector", + "id": 2, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "identitySelector": { + "type": "IdentitySelector", + "id": 3, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "accessSelector": { + "type": "AccessSelector", + "id": 4, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "options": { + "type": "Options", + "id": 5, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + } + }, + "nested": { + "ResourceSelector": { + "fields": { + "fullResourceName": { + "type": "string", + "id": 1, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + } + } + }, + "IdentitySelector": { + "fields": { + "identity": { + "type": "string", + "id": 1, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + } + } + }, + "AccessSelector": { + "fields": { + "roles": { + "rule": "repeated", + "type": "string", + "id": 1, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "permissions": { + "rule": "repeated", + "type": "string", + "id": 2, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + } + } + }, + "Options": { + "fields": { + "expandGroups": { + "type": "bool", + "id": 1, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "expandRoles": { + "type": "bool", + "id": 2, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "expandResources": { + "type": "bool", + "id": 3, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "outputResourceEdges": { + "type": "bool", + "id": 4, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "outputGroupEdges": { + "type": "bool", + "id": 5, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "analyzeServiceAccountImpersonation": { + "type": "bool", + "id": 6, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "maxFanoutsPerGroup": { + "type": "int32", + "id": 7, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + }, + "maxFanoutsPerResource": { + "type": "int32", + "id": 8, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + } + } + } + } + }, + "AnalyzeIamPolicyRequest": { + "fields": { + "analysisQuery": { + "type": "IamPolicyAnalysisQuery", + "id": 1, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + }, + "executionTimeout": { + "type": "google.protobuf.Duration", + "id": 2, + "options": { + "(google.api.field_behavior)": "OPTIONAL" + } + } + } + }, + "AnalyzeIamPolicyResponse": { + "fields": { + "mainAnalysis": { + "type": "IamPolicyAnalysis", + "id": 1 + }, + "serviceAccountImpersonationAnalysis": { + "rule": "repeated", + "type": "IamPolicyAnalysis", + "id": 2 + }, + "fullyExplored": { + "type": "bool", + "id": 3 + } + }, + "nested": { + "IamPolicyAnalysis": { + "fields": { + "analysisQuery": { + "type": "IamPolicyAnalysisQuery", + "id": 1 + }, + "analysisResults": { + "rule": "repeated", + "type": "IamPolicyAnalysisResult", + "id": 2 + }, + "fullyExplored": { + "type": "bool", + "id": 3 + }, + "stats": { + "rule": "repeated", + "type": "Stats", + "id": 4 + }, + "nonCriticalErrors": { + "rule": "repeated", + "type": "IamPolicyAnalysisState", + "id": 5 + } + }, + "nested": { + "Stats": { + "fields": { + "nodeType": { + "type": "NodeType", + "id": 1 + }, + "nodeSubtype": { + "type": "string", + "id": 2 + }, + "discoveredNodeCount": { + "type": "int32", + "id": 3 + }, + "matchedNodeCount": { + "type": "int32", + "id": 4 + }, + "exploredNodeCount": { + "type": "int32", + "id": 5 + }, + "cappedNodeCount": { + "type": "int32", + "id": 6 + }, + "permisionDeniedNodeCount": { + "type": "int32", + "id": 7 + }, + "executionTimeoutNodeCount": { + "type": "int32", + "id": 8 + } + }, + "nested": { + "NodeType": { + "values": { + "NODE_TYPE_UNSPECIFIED": 0, + "BINDING": 1, + "IDENTITY": 2, + "RESOURCE": 3, + "ACCESS": 4 + } + } + } + } + } + } + } + }, + "IamPolicyAnalysisOutputConfig": { + "oneofs": { + "destination": { + "oneof": [ + "gcsDestination", + "bigqueryDestination" + ] + } + }, + "fields": { + "gcsDestination": { + "type": "GcsDestination", + "id": 1 + }, + "bigqueryDestination": { + "type": "BigQueryDestination", + "id": 2 + } + }, + "nested": { + "GcsDestination": { + "fields": { + "uri": { + "type": "string", + "id": 1, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + } + } + }, + "BigQueryDestination": { + "fields": { + "dataset": { + "type": "string", + "id": 1, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + }, + "tablePrefix": { + "type": "string", + "id": 2, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + }, + "partitionKey": { + "type": "PartitionKey", + "id": 3 + }, + "writeMode": { + "type": "WriteMode", + "id": 4 + } + }, + "nested": { + "PartitionKey": { + "values": { + "PARTITION_KEY_UNSPECIFIED": 0, + "REQUEST_TIME": 1 + } + }, + "WriteMode": { + "values": { + "WRITE_MODE_UNSPECIFIED": 0, + "ABORT": 1, + "OVERWRITE": 2 + } + } + } + } + } + }, + "ExportIamPolicyAnalysisRequest": { + "fields": { + "analysisQuery": { + "type": "IamPolicyAnalysisQuery", + "id": 1, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + }, + "outputConfig": { + "type": "IamPolicyAnalysisOutputConfig", + "id": 2, + "options": { + "(google.api.field_behavior)": "REQUIRED" + } + } + } + }, + "ExportIamPolicyAnalysisResponse": { + "fields": {} + }, "ContentType": { "values": { "CONTENT_TYPE_UNSPECIFIED": 0, @@ -760,6 +1128,138 @@ } } } + }, + "IamPolicyAnalysisState": { + "fields": { + "code": { + "type": "google.rpc.Code", + "id": 1 + }, + "cause": { + "type": "string", + "id": 2 + } + } + }, + "IamPolicyAnalysisResult": { + "fields": { + "attachedResourceFullName": { + "type": "string", + "id": 1 + }, + "iamBinding": { + "type": "google.iam.v1.Binding", + "id": 2 + }, + "accessControlLists": { + "rule": "repeated", + "type": "AccessControlList", + "id": 3 + }, + "identityList": { + "type": "IdentityList", + "id": 4 + }, + "fullyExplored": { + "type": "bool", + "id": 5 + } + }, + "nested": { + "Resource": { + "fields": { + "fullResourceName": { + "type": "string", + "id": 1 + }, + "analysisState": { + "type": "IamPolicyAnalysisState", + "id": 2 + } + } + }, + "Access": { + "oneofs": { + "oneofAccess": { + "oneof": [ + "role", + "permission" + ] + } + }, + "fields": { + "role": { + "type": "string", + "id": 1 + }, + "permission": { + "type": "string", + "id": 2 + }, + "analysisState": { + "type": "IamPolicyAnalysisState", + "id": 3 + } + } + }, + "Identity": { + "fields": { + "name": { + "type": "string", + "id": 1 + }, + "analysisState": { + "type": "IamPolicyAnalysisState", + "id": 2 + } + } + }, + "Edge": { + "fields": { + "sourceNode": { + "type": "string", + "id": 1 + }, + "targetNode": { + "type": "string", + "id": 2 + } + } + }, + "AccessControlList": { + "fields": { + "resources": { + "rule": "repeated", + "type": "Resource", + "id": 1 + }, + "accesses": { + "rule": "repeated", + "type": "Access", + "id": 2 + }, + "resourceEdges": { + "rule": "repeated", + "type": "Edge", + "id": 3 + } + } + }, + "IdentityList": { + "fields": { + "identities": { + "rule": "repeated", + "type": "Identity", + "id": 1 + }, + "groupEdges": { + "rule": "repeated", + "type": "Edge", + "id": 2 + } + } + } + } } } }, @@ -3418,18 +3918,6 @@ } } }, - "Any": { - "fields": { - "type_url": { - "type": "string", - "id": 1 - }, - "value": { - "type": "bytes", - "id": 2 - } - } - }, "Struct": { "fields": { "fields": { @@ -3493,6 +3981,18 @@ } } }, + "Any": { + "fields": { + "type_url": { + "type": "string", + "id": 1 + }, + "value": { + "type": "bytes", + "id": 2 + } + } + }, "Duration": { "fields": { "seconds": { diff --git a/packages/google-cloud-asset/src/v1/asset_service_client.ts b/packages/google-cloud-asset/src/v1/asset_service_client.ts index c6827482b5d..c66c325187e 100644 --- a/packages/google-cloud-asset/src/v1/asset_service_client.ts +++ b/packages/google-cloud-asset/src/v1/asset_service_client.ts @@ -211,6 +211,12 @@ export class AssetServiceClient { const exportAssetsMetadata = protoFilesRoot.lookup( '.google.cloud.asset.v1.ExportAssetsRequest' ) as gax.protobuf.Type; + const exportIamPolicyAnalysisResponse = protoFilesRoot.lookup( + '.google.cloud.asset.v1.ExportIamPolicyAnalysisResponse' + ) as gax.protobuf.Type; + const exportIamPolicyAnalysisMetadata = protoFilesRoot.lookup( + '.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest' + ) as gax.protobuf.Type; this.descriptors.longrunning = { exportAssets: new this._gaxModule.LongrunningDescriptor( @@ -218,6 +224,15 @@ export class AssetServiceClient { exportAssetsResponse.decode.bind(exportAssetsResponse), exportAssetsMetadata.decode.bind(exportAssetsMetadata) ), + exportIamPolicyAnalysis: new this._gaxModule.LongrunningDescriptor( + this.operationsClient, + exportIamPolicyAnalysisResponse.decode.bind( + exportIamPolicyAnalysisResponse + ), + exportIamPolicyAnalysisMetadata.decode.bind( + exportIamPolicyAnalysisMetadata + ) + ), }; // Put together the default options sent with requests. @@ -275,6 +290,8 @@ export class AssetServiceClient { 'deleteFeed', 'searchAllResources', 'searchAllIamPolicies', + 'analyzeIamPolicy', + 'exportIamPolicyAnalysis', ]; for (const methodName of assetServiceStubMethods) { const callPromise = this.assetServiceStub.then( @@ -900,6 +917,115 @@ export class AssetServiceClient { this.initialize(); return this.innerApiCalls.deleteFeed(request, options, callback); } + analyzeIamPolicy( + request: protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest, + options?: gax.CallOptions + ): Promise< + [ + protos.google.cloud.asset.v1.IAnalyzeIamPolicyResponse, + protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest | undefined, + {} | undefined + ] + >; + analyzeIamPolicy( + request: protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest, + options: gax.CallOptions, + callback: Callback< + protos.google.cloud.asset.v1.IAnalyzeIamPolicyResponse, + protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest | null | undefined, + {} | null | undefined + > + ): void; + analyzeIamPolicy( + request: protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest, + callback: Callback< + protos.google.cloud.asset.v1.IAnalyzeIamPolicyResponse, + protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest | null | undefined, + {} | null | undefined + > + ): void; + /** + * Analyzes IAM policies to answer which identities have what accesses on + * which resources. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery} request.analysisQuery + * The request query. + * @param {google.protobuf.Duration} [request.executionTimeout] + * Amount of time executable has to complete. See JSON representation of + * [Duration](https://developers.google.com/protocol-buffers/docs/proto3#json). + * + * If this field is set with a value less than the RPC deadline, and the + * execution of your query hasn't finished in the specified + * execution timeout, you will get a response with partial result. + * Otherwise, your query's execution will continue until the RPC deadline. + * If it's not finished until then, you will get a DEADLINE_EXCEEDED error. + * + * Default is empty. + * + * (-- We had discussion of whether we should have this field in the --) + * (-- request or use the RPC deadline instead. We finally choose this --) + * (-- approach for the following reasons (detailed in --) + * (-- go/analyze-iam-policy-deadlines): --) + * (-- * HTTP clients have very limited support of the RPC deadline. --) + * (-- There is an X-Server-Timeout header introduced in 2019/09, but --) + * (-- only implemented in the C++ HTTP server library. --) + * (-- * The purpose of the RPC deadline is for RPC clients to --) + * (-- communicate its max waiting time to the server. This deadline --) + * (-- could be further propagated to the downstream servers. It is --) + * (-- mainly used for servers to cancel the request processing --) + * (-- to avoid resource wasting. Overloading the RPC deadline for --) + * (-- other purposes could make our backend system harder to reason --) + * (-- about. --) + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [AnalyzeIamPolicyResponse]{@link google.cloud.asset.v1.AnalyzeIamPolicyResponse}. + * The promise has a method named "cancel" which cancels the ongoing API call. + */ + analyzeIamPolicy( + request: protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest, + optionsOrCallback?: + | gax.CallOptions + | Callback< + protos.google.cloud.asset.v1.IAnalyzeIamPolicyResponse, + | protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest + | null + | undefined, + {} | null | undefined + >, + callback?: Callback< + protos.google.cloud.asset.v1.IAnalyzeIamPolicyResponse, + protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest | null | undefined, + {} | null | undefined + > + ): Promise< + [ + protos.google.cloud.asset.v1.IAnalyzeIamPolicyResponse, + protos.google.cloud.asset.v1.IAnalyzeIamPolicyRequest | undefined, + {} | undefined + ] + > | void { + request = request || {}; + let options: gax.CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } else { + options = optionsOrCallback as gax.CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'analysis_query.scope': request.analysisQuery!.scope || '', + }); + this.initialize(); + return this.innerApiCalls.analyzeIamPolicy(request, options, callback); + } exportAssets( request: protos.google.cloud.asset.v1.IExportAssetsRequest, @@ -1077,6 +1203,154 @@ export class AssetServiceClient { protos.google.cloud.asset.v1.ExportAssetsRequest >; } + exportIamPolicyAnalysis( + request: protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest, + options?: gax.CallOptions + ): Promise< + [ + LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + >, + protos.google.longrunning.IOperation | undefined, + {} | undefined + ] + >; + exportIamPolicyAnalysis( + request: protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest, + options: gax.CallOptions, + callback: Callback< + LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + >, + protos.google.longrunning.IOperation | null | undefined, + {} | null | undefined + > + ): void; + exportIamPolicyAnalysis( + request: protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest, + callback: Callback< + LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + >, + protos.google.longrunning.IOperation | null | undefined, + {} | null | undefined + > + ): void; + /** + * Exports the answers of which identities have what accesses on which + * resources to a Google Cloud Storage or a BigQuery destination. For Cloud + * Storage destination, the output format is the JSON format that represents a + * {@link google.cloud.asset.v1.AnalyzeIamPolicyResponse|google.cloud.asset.v1.AnalyzeIamPolicyResponse}. + * This method implements the + * {@link google.longrunning.Operation|google.longrunning.Operation}, which allows + * you to track the export status. We recommend intervals of at least 2 + * seconds with exponential retry to poll the export operation result. The + * metadata contains the request to help callers to map responses to requests. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.asset.v1.IamPolicyAnalysisQuery} request.analysisQuery + * The request query. + * @param {google.cloud.asset.v1.IamPolicyAnalysisOutputConfig} request.outputConfig + * Output configuration indicating where the results will be output to. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Operation]{@link google.longrunning.Operation}. + * The promise has a method named "cancel" which cancels the ongoing API call. + */ + exportIamPolicyAnalysis( + request: protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest, + optionsOrCallback?: + | gax.CallOptions + | Callback< + LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + >, + protos.google.longrunning.IOperation | null | undefined, + {} | null | undefined + >, + callback?: Callback< + LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + >, + protos.google.longrunning.IOperation | null | undefined, + {} | null | undefined + > + ): Promise< + [ + LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + >, + protos.google.longrunning.IOperation | undefined, + {} | undefined + ] + > | void { + request = request || {}; + let options: gax.CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } else { + options = optionsOrCallback as gax.CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'analysis_query.scope': request.analysisQuery!.scope || '', + }); + this.initialize(); + return this.innerApiCalls.exportIamPolicyAnalysis( + request, + options, + callback + ); + } + /** + * Check the status of the long running operation returned by the exportIamPolicyAnalysis() method. + * @param {String} name + * The operation name that will be passed. + * @returns {Promise} - The promise which resolves to an object. + * The decoded operation object has result and metadata field to get information from. + * + * @example: + * const decodedOperation = await checkExportIamPolicyAnalysisProgress(name); + * console.log(decodedOperation.result); + * console.log(decodedOperation.done); + * console.log(decodedOperation.metadata); + * + */ + async checkExportIamPolicyAnalysisProgress( + name: string + ): Promise< + LROperation< + protos.google.cloud.asset.v1.ExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + > + > { + const request = new operationsProtos.google.longrunning.GetOperationRequest( + {name} + ); + const [operation] = await this.operationsClient.getOperation(request); + const decodeOperation = new gax.Operation( + operation, + this.descriptors.longrunning.exportIamPolicyAnalysis, + gax.createDefaultBackoffSettings() + ); + return decodeOperation as LROperation< + protos.google.cloud.asset.v1.ExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest + >; + } searchAllResources( request: protos.google.cloud.asset.v1.ISearchAllResourcesRequest, options?: gax.CallOptions diff --git a/packages/google-cloud-asset/src/v1/asset_service_client_config.json b/packages/google-cloud-asset/src/v1/asset_service_client_config.json index ac06aea1e81..897d6d7a2f5 100644 --- a/packages/google-cloud-asset/src/v1/asset_service_client_config.json +++ b/packages/google-cloud-asset/src/v1/asset_service_client_config.json @@ -6,6 +6,9 @@ "idempotent": [ "DEADLINE_EXCEEDED", "UNAVAILABLE" + ], + "unavailable": [ + "UNAVAILABLE" ] }, "retry_params": { @@ -64,6 +67,16 @@ "timeout_millis": 15000, "retry_codes_name": "idempotent", "retry_params_name": "default" + }, + "AnalyzeIamPolicy": { + "timeout_millis": 300000, + "retry_codes_name": "unavailable", + "retry_params_name": "default" + }, + "ExportIamPolicyAnalysis": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" } } } diff --git a/packages/google-cloud-asset/synth.metadata b/packages/google-cloud-asset/synth.metadata index ac8732ec609..53b9ccdc95c 100644 --- a/packages/google-cloud-asset/synth.metadata +++ b/packages/google-cloud-asset/synth.metadata @@ -4,15 +4,15 @@ "git": { "name": ".", "remote": "https://github.com/googleapis/nodejs-asset.git", - "sha": "daa9de568ed01ba84ae64bce0ad09d82172cf707" + "sha": "a18de29d791a595df546e0024ee19530d8a84e85" } }, { "git": { "name": "googleapis", "remote": "https://github.com/googleapis/googleapis.git", - "sha": "4c5071b615d96ef9dfd6a63d8429090f1f2872bb", - "internalRef": "327369997" + "sha": "72eb54c45231d84266ca059473bc1793c394fcb2", + "internalRef": "328059685" } }, { diff --git a/packages/google-cloud-asset/test/gapic_asset_service_v1.ts b/packages/google-cloud-asset/test/gapic_asset_service_v1.ts index 40976e91e77..924643d9483 100644 --- a/packages/google-cloud-asset/test/gapic_asset_service_v1.ts +++ b/packages/google-cloud-asset/test/gapic_asset_service_v1.ts @@ -900,6 +900,121 @@ describe('v1.AssetServiceClient', () => { }); }); + describe('analyzeIamPolicy', () => { + it('invokes analyzeIamPolicy without error', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new protos.google.cloud.asset.v1.AnalyzeIamPolicyRequest() + ); + request.analysisQuery = {}; + request.analysisQuery.scope = ''; + const expectedHeaderRequestParams = 'analysis_query.scope='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new protos.google.cloud.asset.v1.AnalyzeIamPolicyResponse() + ); + client.innerApiCalls.analyzeIamPolicy = stubSimpleCall(expectedResponse); + const [response] = await client.analyzeIamPolicy(request); + assert.deepStrictEqual(response, expectedResponse); + assert( + (client.innerApiCalls.analyzeIamPolicy as SinonStub) + .getCall(0) + .calledWith(request, expectedOptions, undefined) + ); + }); + + it('invokes analyzeIamPolicy without error using callback', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new protos.google.cloud.asset.v1.AnalyzeIamPolicyRequest() + ); + request.analysisQuery = {}; + request.analysisQuery.scope = ''; + const expectedHeaderRequestParams = 'analysis_query.scope='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new protos.google.cloud.asset.v1.AnalyzeIamPolicyResponse() + ); + client.innerApiCalls.analyzeIamPolicy = stubSimpleCallWithCallback( + expectedResponse + ); + const promise = new Promise((resolve, reject) => { + client.analyzeIamPolicy( + request, + ( + err?: Error | null, + result?: protos.google.cloud.asset.v1.IAnalyzeIamPolicyResponse | null + ) => { + if (err) { + reject(err); + } else { + resolve(result); + } + } + ); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert( + (client.innerApiCalls.analyzeIamPolicy as SinonStub) + .getCall(0) + .calledWith(request, expectedOptions /*, callback defined above */) + ); + }); + + it('invokes analyzeIamPolicy with error', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new protos.google.cloud.asset.v1.AnalyzeIamPolicyRequest() + ); + request.analysisQuery = {}; + request.analysisQuery.scope = ''; + const expectedHeaderRequestParams = 'analysis_query.scope='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.analyzeIamPolicy = stubSimpleCall( + undefined, + expectedError + ); + await assert.rejects(client.analyzeIamPolicy(request), expectedError); + assert( + (client.innerApiCalls.analyzeIamPolicy as SinonStub) + .getCall(0) + .calledWith(request, expectedOptions, undefined) + ); + }); + }); + describe('exportAssets', () => { it('invokes exportAssets without error', async () => { const client = new assetserviceModule.v1.AssetServiceClient({ @@ -1091,6 +1206,209 @@ describe('v1.AssetServiceClient', () => { }); }); + describe('exportIamPolicyAnalysis', () => { + it('invokes exportIamPolicyAnalysis without error', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new protos.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest() + ); + request.analysisQuery = {}; + request.analysisQuery.scope = ''; + const expectedHeaderRequestParams = 'analysis_query.scope='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new protos.google.longrunning.Operation() + ); + client.innerApiCalls.exportIamPolicyAnalysis = stubLongRunningCall( + expectedResponse + ); + const [operation] = await client.exportIamPolicyAnalysis(request); + const [response] = await operation.promise(); + assert.deepStrictEqual(response, expectedResponse); + assert( + (client.innerApiCalls.exportIamPolicyAnalysis as SinonStub) + .getCall(0) + .calledWith(request, expectedOptions, undefined) + ); + }); + + it('invokes exportIamPolicyAnalysis without error using callback', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new protos.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest() + ); + request.analysisQuery = {}; + request.analysisQuery.scope = ''; + const expectedHeaderRequestParams = 'analysis_query.scope='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new protos.google.longrunning.Operation() + ); + client.innerApiCalls.exportIamPolicyAnalysis = stubLongRunningCallWithCallback( + expectedResponse + ); + const promise = new Promise((resolve, reject) => { + client.exportIamPolicyAnalysis( + request, + ( + err?: Error | null, + result?: LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + > | null + ) => { + if (err) { + reject(err); + } else { + resolve(result); + } + } + ); + }); + const operation = (await promise) as LROperation< + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisResponse, + protos.google.cloud.asset.v1.IExportIamPolicyAnalysisRequest + >; + const [response] = await operation.promise(); + assert.deepStrictEqual(response, expectedResponse); + assert( + (client.innerApiCalls.exportIamPolicyAnalysis as SinonStub) + .getCall(0) + .calledWith(request, expectedOptions /*, callback defined above */) + ); + }); + + it('invokes exportIamPolicyAnalysis with call error', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new protos.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest() + ); + request.analysisQuery = {}; + request.analysisQuery.scope = ''; + const expectedHeaderRequestParams = 'analysis_query.scope='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.exportIamPolicyAnalysis = stubLongRunningCall( + undefined, + expectedError + ); + await assert.rejects( + client.exportIamPolicyAnalysis(request), + expectedError + ); + assert( + (client.innerApiCalls.exportIamPolicyAnalysis as SinonStub) + .getCall(0) + .calledWith(request, expectedOptions, undefined) + ); + }); + + it('invokes exportIamPolicyAnalysis with LRO error', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new protos.google.cloud.asset.v1.ExportIamPolicyAnalysisRequest() + ); + request.analysisQuery = {}; + request.analysisQuery.scope = ''; + const expectedHeaderRequestParams = 'analysis_query.scope='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.exportIamPolicyAnalysis = stubLongRunningCall( + undefined, + undefined, + expectedError + ); + const [operation] = await client.exportIamPolicyAnalysis(request); + await assert.rejects(operation.promise(), expectedError); + assert( + (client.innerApiCalls.exportIamPolicyAnalysis as SinonStub) + .getCall(0) + .calledWith(request, expectedOptions, undefined) + ); + }); + + it('invokes checkExportIamPolicyAnalysisProgress without error', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const expectedResponse = generateSampleMessage( + new operationsProtos.google.longrunning.Operation() + ); + expectedResponse.name = 'test'; + expectedResponse.response = {type_url: 'url', value: Buffer.from('')}; + expectedResponse.metadata = {type_url: 'url', value: Buffer.from('')}; + + client.operationsClient.getOperation = stubSimpleCall(expectedResponse); + const decodedOperation = await client.checkExportIamPolicyAnalysisProgress( + expectedResponse.name + ); + assert.deepStrictEqual(decodedOperation.name, expectedResponse.name); + assert(decodedOperation.metadata); + assert((client.operationsClient.getOperation as SinonStub).getCall(0)); + }); + + it('invokes checkExportIamPolicyAnalysisProgress with error', async () => { + const client = new assetserviceModule.v1.AssetServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const expectedError = new Error('expected'); + + client.operationsClient.getOperation = stubSimpleCall( + undefined, + expectedError + ); + await assert.rejects( + client.checkExportIamPolicyAnalysisProgress(''), + expectedError + ); + assert((client.operationsClient.getOperation as SinonStub).getCall(0)); + }); + }); + describe('searchAllResources', () => { it('invokes searchAllResources without error', async () => { const client = new assetserviceModule.v1.AssetServiceClient({