Add get, replace, and test for IAM

Author: Ajay Kannan

gcloud-java-core/src/main/java/com/google/gcloud/Identity.java

@@ -44,7 +44,7 @@ public final class Identity implements Serializable {
   private static final long serialVersionUID = -8181841964597657446L;
 
   private final Type type;
-  private final String id;
+  private final String value;
 
   /**
    * The types of IAM identities.
@@ -82,17 +82,17 @@ public enum Type {
     DOMAIN
   }
 
-  private Identity(Type type, String id) {
+  private Identity(Type type, String value) {
     this.type = type;
-    this.id = id;
+    this.value = value;
   }
 
   public Type type() {
     return type;
   }
 
   /**
-   * Returns the string identifier for this identity. The id corresponds to:
+   * Returns the string identifier for this identity. The value corresponds to:
    * <ul>
    *   <li>email address (for identities of type {@code USER}, {@code SERVICE_ACCOUNT}, and
    *       {@code GROUP})
@@ -101,8 +101,8 @@ public Type type() {
    *       {@code ALL_AUTHENTICATED_USERS})
    * </ul>
    */
-  public String id() {
-    return id;
+  public String value() {
+    return value;
   }
 
   /**
@@ -163,7 +163,7 @@ public static Identity domain(String domain) {
 
   @Override
   public int hashCode() {
-    return Objects.hash(id, type);
+    return Objects.hash(value, type);
   }
 
   @Override
@@ -172,7 +172,7 @@ public boolean equals(Object obj) {
       return false;
     }
     Identity other = (Identity) obj;
-    return Objects.equals(id, other.id()) && Objects.equals(type, other.type());
+    return Objects.equals(value, other.value()) && Objects.equals(type, other.type());
   }
 
   /**
@@ -186,13 +186,13 @@ public String strValue() {
       case ALL_AUTHENTICATED_USERS:
         return "allAuthenticatedUsers";
       case USER:
-        return "user:" + id;
+        return "user:" + value;
       case SERVICE_ACCOUNT:
-        return "serviceAccount:" + id;
+        return "serviceAccount:" + value;
       case GROUP:
-        return "group:" + id;
+        return "group:" + value;
       case DOMAIN:
-        return "domain:" + id;
+        return "domain:" + value;
       default:
         throw new IllegalStateException("Unexpected identity type: " + type);
     }

gcloud-java-core/src/test/java/com/google/gcloud/IdentityTest.java

@@ -34,19 +34,19 @@ public class IdentityTest {
   @Test
   public void testAllUsers() {
     assertEquals(Identity.Type.ALL_USERS, ALL_USERS.type());
-    assertNull(ALL_USERS.id());
+    assertNull(ALL_USERS.value());
   }
 
   @Test
   public void testAllAuthenticatedUsers() {
     assertEquals(Identity.Type.ALL_AUTHENTICATED_USERS, ALL_AUTH_USERS.type());
-    assertNull(ALL_AUTH_USERS.id());
+    assertNull(ALL_AUTH_USERS.value());
   }
 
   @Test
   public void testUser() {
     assertEquals(Identity.Type.USER, USER.type());
-    assertEquals("[email protected]", USER.id());
+    assertEquals("[email protected]", USER.value());
   }
 
   @Test(expected = NullPointerException.class)
@@ -57,7 +57,7 @@ public void testUserNullEmail() {
   @Test
   public void testServiceAccount() {
     assertEquals(Identity.Type.SERVICE_ACCOUNT, SERVICE_ACCOUNT.type());
-    assertEquals("[email protected]", SERVICE_ACCOUNT.id());
+    assertEquals("[email protected]", SERVICE_ACCOUNT.value());
   }
 
   @Test(expected = NullPointerException.class)
@@ -68,7 +68,7 @@ public void testServiceAccountNullEmail() {
   @Test
   public void testGroup() {
     assertEquals(Identity.Type.GROUP, GROUP.type());
-    assertEquals("[email protected]", GROUP.id());
+    assertEquals("[email protected]", GROUP.value());
   }
 
   @Test(expected = NullPointerException.class)
@@ -79,7 +79,7 @@ public void testGroupNullEmail() {
   @Test
   public void testDomain() {
     assertEquals(Identity.Type.DOMAIN, DOMAIN.type());
-    assertEquals("google.com", DOMAIN.id());
+    assertEquals("google.com", DOMAIN.value());
   }
 
   @Test(expected = NullPointerException.class)
@@ -100,6 +100,6 @@ public void testIdentityToAndFromPb() {
   private void compareIdentities(Identity expected, Identity actual) {
     assertEquals(expected, actual);
     assertEquals(expected.type(), actual.type());
-    assertEquals(expected.id(), actual.id());
+    assertEquals(expected.value(), actual.value());
   }
 }

gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Policy.java

@@ -17,18 +17,19 @@
 package com.google.gcloud.resourcemanager;
 
 import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.CaseFormat;
 import com.google.common.base.Function;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Lists;
 import com.google.gcloud.IamPolicy;
 import com.google.gcloud.Identity;
 
+import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
 import java.util.Set;
 
 /**
@@ -48,40 +49,101 @@ public class Policy extends IamPolicy<Policy.Role> {
   /**
    * Represents legacy roles in an IAM Policy.
    */
-  public enum Role {
+  public static class Role implements Serializable {
 
     /**
-     * Permissions for read-only actions that preserve state.
+     * The recognized roles in a Project's IAM policy.
      */
-    VIEWER("roles/viewer"),
+    public enum Type {
+
+      /**
+       * Permissions for read-only actions that preserve state.
+       */
+      VIEWER,
+
+      /**
+       * All viewer permissions and permissions for actions that modify state.
+       */
+      EDITOR,
+
+      /**
+       * All editor permissions and permissions for the following actions:
+       * <ul>
+       * <li>Manage access control for a resource.
+       * <li>Set up billing (for a project).
+       * </ul>
+       */
+      OWNER
+    }
+
+    private static final long serialVersionUID = 2421978909244287488L;
+
+    private final String value;
+    private final Type type;
+
+    private Role(String value, Type type) {
+      this.value = value;
+      this.type = type;
+    }
+
+    String value() {
+      return value;
+    }
 
     /**
-     * All viewer permissions and permissions for actions that modify state.
+     * Returns the type of role (editor, owner, or viewer).  Returns {@code null} if the role type
+     * is unrecognized.
      */
-    EDITOR("roles/editor"),
+    public Type type() {
+      return type;
+    }
 
     /**
-     * All editor permissions and permissions for the following actions:
-     * <ul>
-     * <li>Manage access control for a resource.
-     * <li>Set up billing (for a project).
-     * </ul>
+     * Returns a {@code Role} of type {@link Type#VIEWER VIEWER}.
      */
-    OWNER("roles/owner");
+    public static Role viewer() {
+      return new Role("roles/viewer", Type.VIEWER);
+    }
 
-    private String strValue;
+    /**
+     * Returns a {@code Role} of type {@link Type#EDITOR EDITOR}.
+     */
+    public static Role editor() {
+      return new Role("roles/editor", Type.EDITOR);
+    }
 
-    private Role(String strValue) {
-      this.strValue = strValue;
+    /**
+     * Returns a {@code Role} of type {@link Type#OWNER OWNER}.
+     */
+    public static Role owner() {
+      return new Role("roles/owner", Type.OWNER);
     }
 
-    String strValue() {
-      return strValue;
+    static Role rawRole(String roleStr) {
+      return new Role(roleStr, null);
     }
 
     static Role fromStr(String roleStr) {
-      return Role.valueOf(CaseFormat.LOWER_CAMEL.to(
-          CaseFormat.UPPER_UNDERSCORE, roleStr.substring("roles/".length())));
+      try {
+        Type type = Type.valueOf(roleStr.split("/")[1].toUpperCase());
+        return new Role(roleStr, type);
+      } catch (Exception ex) {
+        return new Role(roleStr, null);
+      }
+    }
+
+    @Override
+    public final int hashCode() {
+      return Objects.hash(value, type);
+    }
+
+    @Override
+    public final boolean equals(Object obj) {
+      if (!(obj instanceof Role)) {
+        return false;
+      }
+      Role other = (Role) obj;
+      return Objects.equals(value, other.value()) && Objects.equals(type, other.type());
     }
   }
 
@@ -124,7 +186,7 @@ com.google.api.services.cloudresourcemanager.model.Policy toPb() {
     for (Map.Entry<Role, Set<Identity>> binding : bindings().entrySet()) {
       com.google.api.services.cloudresourcemanager.model.Binding bindingPb =
           new com.google.api.services.cloudresourcemanager.model.Binding();
-      bindingPb.setRole(binding.getKey().strValue());
+      bindingPb.setRole(binding.getKey().value());
       bindingPb.setMembers(
           Lists.transform(
               new ArrayList<>(binding.getValue()),

gcloud-java-resourcemanager/src/main/java/com/google/gcloud/resourcemanager/Project.java

@@ -157,10 +157,10 @@ public Project reload() {
    * completes, the project is not retrievable by the {@link ResourceManager#get} and
    * {@link ResourceManager#list} methods. The caller must have modify permissions for this project.
    *
-   * @see <a
-   * href="https://cloud.google.com/resource-manager/reference/rest/v1beta1/projects/delete">Cloud
-   * Resource Manager delete</a>
    * @throws ResourceManagerException upon failure
+   * @see <a href=
+   *     "https://cloud.google.com/resource-manager/reference/rest/v1beta1/projects/delete">Cloud
+   *     Resource Manager delete</a>
    */
   public void delete() {
     resourceManager.delete(projectId());
@@ -174,10 +174,10 @@ public void delete() {
    * state of {@link ProjectInfo.State#DELETE_IN_PROGRESS}, the project cannot be restored. The
    * caller must have modify permissions for this project.
    *
-   * @see <a
-   * href="https://cloud.google.com/resource-manager/reference/rest/v1beta1/projects/undelete">Cloud
-   * Resource Manager undelete</a>
    * @throws ResourceManagerException upon failure (including when the project can't be restored)
+   * @see <a href=
+   *     "https://cloud.google.com/resource-manager/reference/rest/v1beta1/projects/undelete">Cloud
+   *     Resource Manager undelete</a>
    */
   public void undelete() {
     resourceManager.undelete(projectId());
@@ -188,11 +188,11 @@ public void undelete() {
    *
    * <p>The caller must have modify permissions for this project.
    *
-   * @see <a
-   * href="https://cloud.google.com/resource-manager/reference/rest/v1beta1/projects/update">Cloud
-   * Resource Manager update</a>
    * @return the Project representing the new project metadata
    * @throws ResourceManagerException upon failure
+   * @see <a href=
+   *     "https://cloud.google.com/resource-manager/reference/rest/v1beta1/projects/update">Cloud
+   *     Resource Manager update</a>
    */
   public Project replace() {
     return resourceManager.replace(this);