Skip to content

Commit

Permalink
incorporate requested changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@rahul2393
rahul2393 committed Dec 13, 2022
1 parent d92aae6 commit aaa7a9d
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 24 deletions.
9 changes: 6 additions & 3 deletions samples/snippets/src/main/java/com/example/spanner/AddAndDropDatabaseRole.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,18 @@ static void addAndDropDatabaseRole() {
String projectId = "my-project";
String instanceId = "my-instance";
String databaseId = "my-database";
String parentRole = "new-parent";
String childRole = "new-child";
String parentRole = "my-new-parent-role";
String childRole = "my-new-child-role";
addAndDropDatabaseRole(projectId, instanceId, databaseId, parentRole, childRole);
}

static void addAndDropDatabaseRole(
String projectId, String instanceId, String databaseId, String parentRole, String childRole) {
try (Spanner spanner =
SpannerOptions.newBuilder().setProjectId(projectId).build().getService()) {
SpannerOptions.newBuilder()
.setProjectId(projectId)
.build()
.getService()) {
final DatabaseAdminClient adminClient = spanner.getDatabaseAdminClient();
OperationFuture<Void, UpdateDatabaseDdlMetadata> operation =
adminClient.updateDatabaseDdl(
Expand Down
44 changes: 26 additions & 18 deletions samples/snippets/src/main/java/com/example/spanner/EnableFineGrainedAccess.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@
import com.google.cloud.spanner.DatabaseAdminClient;
import com.google.cloud.spanner.Spanner;
import com.google.cloud.spanner.SpannerOptions;
import com.google.common.collect.ImmutableList;

import java.util.ArrayList;
import java.util.List;

Expand All @@ -34,8 +36,8 @@ static void enableFineGrainedAccess() {
String instanceId = "my-instance";
String databaseId = "my-database";
String iamMember = "user:[email protected]";
String role = "new-parent";
String title = "my condition title";
String role = "my-role";
String title = "my-condition-title";
enableFineGrainedAccess(projectId, instanceId, databaseId, iamMember, title, role);
}

Expand All @@ -47,44 +49,50 @@ static void enableFineGrainedAccess(
String title,
String role) {
try (Spanner spanner =
SpannerOptions.newBuilder().setProjectId(projectId).build().getService()) {
SpannerOptions.newBuilder()
.setProjectId(projectId)
.build()
.getService()) {
final DatabaseAdminClient adminClient = spanner.getDatabaseAdminClient();
Policy policy = adminClient.getDatabaseIAMPolicy(instanceId, databaseId, 3);
int policyVersion = policy.getVersion();
/* getDatabaseIAMPolicy returns the IAM policy for the given database
*
* The policy in the response might use the policy version that you specified, or it might use
* a lower policy version. For example, if you specify version 3, but the policy has no
* conditional role bindings, the response uses version 1. Valid values are 0, 1, and 3.
*
*/
// The policy in the response from getDatabaseIAMPolicy might use the policy version
// that you specified, or it might use a lower policy version. For example, if you
// specify version 3, but the policy has no conditional role bindings, the response
// uses version 1. Valid values are 0, 1, and 3.
if (policy.getVersion() < 3) {
// conditional role bindings work with policy version 3
policyVersion = 3;
}

List<String> members = new ArrayList<>();
members.add(iamMember);
List<Binding> bindings = new ArrayList<>(policy.getBindingsList());

bindings.add(
Binding binding1 =
Binding.newBuilder()
.setRole("roles/spanner.fineGrainedAccessUser")
.setMembers(members)
.build());
.build();

bindings.add(
Binding binding2 =
Binding.newBuilder()
.setRole("roles/spanner.databaseRoleUser")
.setCondition(
Condition.newBuilder()
.setDescription(title)
.setExpression(
String.format("resource.name.endsWith(\"/databaseRoles/%s\")", role))
String.format(
"resource.type == \"spanner.googleapis.com/DatabaseRole\" && resource.name.endsWith(\"/databaseRoles/%s\")",
role))
.setTitle(title)
.build())
.setMembers(members)
.build());

.build();
ImmutableList<Binding> bindings =
ImmutableList.<Binding>builder()
.addAll(policy.getBindingsList())
.add(binding1)
.add(binding2)
.build();
Policy policyWithConditions =
Policy.newBuilder()
.setVersion(policyVersion)
Expand Down
5 changes: 4 additions & 1 deletion samples/snippets/src/main/java/com/example/spanner/ListDatabaseRoles.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,10 @@ static void listDatabaseRoles() throws InterruptedException, ExecutionException

static void listDatabaseRoles(String projectId, String instanceId, String databaseId) {
try (Spanner spanner =
SpannerOptions.newBuilder().setProjectId(projectId).build().getService()) {
SpannerOptions.newBuilder()
.setProjectId(projectId)
.build()
.getService()) {
final DatabaseAdminClient adminClient = spanner.getDatabaseAdminClient();
String databasePath = DatabaseId.of(projectId, instanceId, databaseId).getName();
System.out.println("List of Database roles");
Expand Down
4 changes: 2 additions & 2 deletions samples/snippets/src/main/java/com/example/spanner/ReadDataWithDatabaseRole.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ static void readDataWithDatabaseRole() {
String projectId = "my-project";
String instanceId = "my-instance";
String databaseId = "my-database";
String role = "new-parent";
String role = "my-role";
readDataWithDatabaseRole(projectId, instanceId, databaseId, role);
}

Expand All @@ -51,7 +51,7 @@ static void readDataWithDatabaseRole(
.singleUse()
.read(
"Singers",
KeySet.all(), // Read all rows in a table.
KeySet.all(),
Arrays.asList("SingerId", "FirstName", "LastName"));
while (resultSet.next()) {
System.out.printf("SingerId: %d\n", resultSet.getLong(0));
Expand Down

0 comments on commit aaa7a9d

Please sign in to comment.