OLD | NEW |
| (Empty) |
1 # Copyright 2012 Google Inc. All Rights Reserved. | |
2 # | |
3 # Licensed under the Apache License, Version 2.0 (the "License"); | |
4 # you may not use this file except in compliance with the License. | |
5 # You may obtain a copy of the License at | |
6 # | |
7 # http://www.apache.org/licenses/LICENSE-2.0 | |
8 # | |
9 # Unless required by applicable law or agreed to in writing, software | |
10 # distributed under the License is distributed on an "AS IS" BASIS, | |
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
12 # See the License for the specific language governing permissions and | |
13 # limitations under the License. | |
14 | |
15 from gslib.help_provider import HELP_NAME | |
16 from gslib.help_provider import HELP_NAME_ALIASES | |
17 from gslib.help_provider import HELP_ONE_LINE_SUMMARY | |
18 from gslib.help_provider import HelpProvider | |
19 from gslib.help_provider import HELP_TEXT | |
20 from gslib.help_provider import HelpType | |
21 from gslib.help_provider import HELP_TYPE | |
22 | |
23 _detailed_help_text = (""" | |
24 <B>OVERVIEW</B> | |
25 This section discusses how to work with projects in Google Cloud Storage. | |
26 | |
27 For more information about using the Google APIs Console to administer | |
28 project memberships (which are automatically included in ACLs for buckets | |
29 you create) see https://code.google.com/apis/console#:storage:access. | |
30 | |
31 | |
32 <B>PROJECT MEMBERS AND PERMISSIONS</B> | |
33 There are three groups of users associated with each project: | |
34 | |
35 - Project Owners are allowed to list, create, and delete buckets, | |
36 and can also perform administrative tasks like adding and removing team | |
37 members and changing billing. The project owners group is the owner | |
38 of all buckets within a project, regardless of who may be the original | |
39 bucket creator. | |
40 | |
41 - Project Editors are allowed to list, create, and delete buckets. | |
42 | |
43 - All Project Team Members are allowed to list buckets within a project. | |
44 | |
45 These projects make it easy to set up a bucket and start uploading objects | |
46 with access control appropriate for a project at your company, as the three | |
47 group memberships can be configured by your administrative staff. Control | |
48 over projects and their associated memberships is provided by the Google | |
49 APIs Console (https://code.google.com/apis/console). | |
50 | |
51 | |
52 <B>HOW PROJECT MEMBERSHIP IS REFLECTED IN BUCKET ACLS</B> | |
53 When you create a bucket without specifying an ACL the bucket is given a | |
54 "project-private" ACL, which grants the permissions described in the previous | |
55 section. Here's an example of such an ACL: | |
56 | |
57 <AccessControlList> | |
58 <Owner> | |
59 <ID> | |
60 00b4903a9740e42c29800f53bd5a9a62a2f96eb3f64a4313a115df3f3a776bf7 | |
61 </ID> | |
62 </Owner> | |
63 <Entries> | |
64 <Entry> | |
65 <Scope type="GroupById"> | |
66 <ID> | |
67 00b4903a9740e42c29800f53bd5a9a62a2f96eb3f64a4313a115df3f3a776bf7 | |
68 </ID> | |
69 </Scope> | |
70 <Permission> | |
71 FULL_CONTROL | |
72 </Permission> | |
73 </Entry> | |
74 <Entry> | |
75 <Scope type="GroupById"> | |
76 <ID> | |
77 00b4903a977fd817e9da167bc81306489181a110456bb635f466d71cf90a0d51 | |
78 </ID> | |
79 </Scope> | |
80 <Permission> | |
81 FULL_CONTROL | |
82 </Permission> | |
83 </Entry> | |
84 <Entry> | |
85 <Scope type="GroupById"> | |
86 <ID> | |
87 00b4903a974898cc8fc309f2f2835308ba3d3df1b889d3fc7e33e187d52d8e71 | |
88 </ID> | |
89 </Scope> | |
90 <Permission> | |
91 READ | |
92 </Permission> | |
93 </Entry> | |
94 </Entries> | |
95 </AccessControlList> | |
96 | |
97 The three "GroupById" scopes are the canonical IDs for the Project Owners, | |
98 Project Editors, and All Project Team Members groups. | |
99 | |
100 You can edit the bucket ACL if you want to (see "gsutil help setacl"), | |
101 but for many cases you'll never need to, and instead can change group | |
102 membership via the APIs console. | |
103 | |
104 <B>IDENTIFYING PROJECTS WHEN CREATING AND LISTING BUCKETS</B> | |
105 When you create a bucket or list your buckets, you need to provide the | |
106 project ID that want to create or list (using the gsutil mb -p option or | |
107 the gsutil ls -p option, respectively). The project's name shown in the | |
108 Google APIs Console is a user-friendly name that you can choose; this is | |
109 not the project ID required by the gsutil mb and ls commands. To find the | |
110 project ID, go to the Storage Access pane in the Google APIs Console. Your | |
111 project ID is listed under Identifying your project. | |
112 """) | |
113 | |
114 | |
115 class CommandOptions(HelpProvider): | |
116 """Additional help about Access Control Lists.""" | |
117 | |
118 help_spec = { | |
119 # Name of command or auxiliary help info for which this help applies. | |
120 HELP_NAME : 'projects', | |
121 # List of help name aliases. | |
122 HELP_NAME_ALIASES : ['apis console', 'console', 'dev console', 'project', | |
123 'proj', 'project-id'], | |
124 # Type of help: | |
125 HELP_TYPE : HelpType.ADDITIONAL_HELP, | |
126 # One line summary of this help. | |
127 HELP_ONE_LINE_SUMMARY : 'Working with projects', | |
128 # The full help text. | |
129 HELP_TEXT : _detailed_help_text, | |
130 } | |
OLD | NEW |