public final class BindingExplanation extends GeneratedMessageV3 implements BindingExplanationOrBuilder
Details about how a binding in a policy affects a principal's ability to use
a permission.
Protobuf type google.cloud.policysimulator.v1.BindingExplanation
Inherited Members
com.google.protobuf.GeneratedMessageV3.<ListT>makeMutableCopy(ListT)
Static Fields
ACCESS_FIELD_NUMBER
public static final int ACCESS_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
CONDITION_FIELD_NUMBER
public static final int CONDITION_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
MEMBERSHIPS_FIELD_NUMBER
public static final int MEMBERSHIPS_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
RELEVANCE_FIELD_NUMBER
public static final int RELEVANCE_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
ROLE_FIELD_NUMBER
public static final int ROLE_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
ROLE_PERMISSION_FIELD_NUMBER
public static final int ROLE_PERMISSION_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
ROLE_PERMISSION_RELEVANCE_FIELD_NUMBER
public static final int ROLE_PERMISSION_RELEVANCE_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
Static Methods
getDefaultInstance()
public static BindingExplanation getDefaultInstance()
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
newBuilder()
public static BindingExplanation.Builder newBuilder()
newBuilder(BindingExplanation prototype)
public static BindingExplanation.Builder newBuilder(BindingExplanation prototype)
public static BindingExplanation parseDelimitedFrom(InputStream input)
public static BindingExplanation parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(byte[] data)
public static BindingExplanation parseFrom(byte[] data)
Parameter |
---|
Name | Description |
data | byte[]
|
parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
public static BindingExplanation parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteString data)
public static BindingExplanation parseFrom(ByteString data)
parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static BindingExplanation parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static BindingExplanation parseFrom(CodedInputStream input)
public static BindingExplanation parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public static BindingExplanation parseFrom(InputStream input)
public static BindingExplanation parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteBuffer data)
public static BindingExplanation parseFrom(ByteBuffer data)
parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
public static BindingExplanation parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
parser()
public static Parser<BindingExplanation> parser()
Methods
containsMemberships(String key)
public boolean containsMemberships(String key)
Indicates whether each principal in the binding includes the principal
specified in the request, either directly or indirectly. Each key
identifies a principal in the binding, and each value indicates whether the
principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is user:bob@example.com
. This
user is a principal of the group group:product-eng@example.com
.
For the first principal in the binding, the key is
user:alice@example.com
, and the membership
field in the value is set to
MEMBERSHIP_NOT_INCLUDED
.
For the second principal in the binding, the key is
group:product-eng@example.com
, and the membership
field in the value is
set to MEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Parameter |
---|
Name | Description |
key | String
|
equals(Object obj)
public boolean equals(Object obj)
Parameter |
---|
Name | Description |
obj | Object
|
Overrides
getAccess()
public AccessState getAccess()
Required. Indicates whether this binding provides the specified
permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another binding that overrides
this binding. To determine whether the principal actually has the
permission, use the access
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policysimulator.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED];
getAccessValue()
public int getAccessValue()
Required. Indicates whether this binding provides the specified
permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another binding that overrides
this binding. To determine whether the principal actually has the
permission, use the access
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policysimulator.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED];
Returns |
---|
Type | Description |
int | The enum numeric value on the wire for access.
|
getCondition()
public Expr getCondition()
Returns |
---|
Type | Description |
com.google.type.Expr | The condition.
|
getConditionOrBuilder()
public ExprOrBuilder getConditionOrBuilder()
Returns |
---|
Type | Description |
com.google.type.ExprOrBuilder | |
getDefaultInstanceForType()
public BindingExplanation getDefaultInstanceForType()
getMemberships()
public Map<String,BindingExplanation.AnnotatedMembership> getMemberships()
getMembershipsCount()
public int getMembershipsCount()
Indicates whether each principal in the binding includes the principal
specified in the request, either directly or indirectly. Each key
identifies a principal in the binding, and each value indicates whether the
principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is user:bob@example.com
. This
user is a principal of the group group:product-eng@example.com
.
For the first principal in the binding, the key is
user:alice@example.com
, and the membership
field in the value is set to
MEMBERSHIP_NOT_INCLUDED
.
For the second principal in the binding, the key is
group:product-eng@example.com
, and the membership
field in the value is
set to MEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Returns |
---|
Type | Description |
int | |
getMembershipsMap()
public Map<String,BindingExplanation.AnnotatedMembership> getMembershipsMap()
Indicates whether each principal in the binding includes the principal
specified in the request, either directly or indirectly. Each key
identifies a principal in the binding, and each value indicates whether the
principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is user:bob@example.com
. This
user is a principal of the group group:product-eng@example.com
.
For the first principal in the binding, the key is
user:alice@example.com
, and the membership
field in the value is set to
MEMBERSHIP_NOT_INCLUDED
.
For the second principal in the binding, the key is
group:product-eng@example.com
, and the membership
field in the value is
set to MEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
getMembershipsOrDefault(String key, BindingExplanation.AnnotatedMembership defaultValue)
public BindingExplanation.AnnotatedMembership getMembershipsOrDefault(String key, BindingExplanation.AnnotatedMembership defaultValue)
Indicates whether each principal in the binding includes the principal
specified in the request, either directly or indirectly. Each key
identifies a principal in the binding, and each value indicates whether the
principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is user:bob@example.com
. This
user is a principal of the group group:product-eng@example.com
.
For the first principal in the binding, the key is
user:alice@example.com
, and the membership
field in the value is set to
MEMBERSHIP_NOT_INCLUDED
.
For the second principal in the binding, the key is
group:product-eng@example.com
, and the membership
field in the value is
set to MEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
getMembershipsOrThrow(String key)
public BindingExplanation.AnnotatedMembership getMembershipsOrThrow(String key)
Indicates whether each principal in the binding includes the principal
specified in the request, either directly or indirectly. Each key
identifies a principal in the binding, and each value indicates whether the
principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is user:bob@example.com
. This
user is a principal of the group group:product-eng@example.com
.
For the first principal in the binding, the key is
user:alice@example.com
, and the membership
field in the value is set to
MEMBERSHIP_NOT_INCLUDED
.
For the second principal in the binding, the key is
group:product-eng@example.com
, and the membership
field in the value is
set to MEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Parameter |
---|
Name | Description |
key | String
|
getParserForType()
public Parser<BindingExplanation> getParserForType()
Overrides
getRelevance()
public HeuristicRelevance getRelevance()
The relevance of this binding to the overall determination for the entire
policy.
.google.cloud.policysimulator.v1.HeuristicRelevance relevance = 6;
getRelevanceValue()
public int getRelevanceValue()
The relevance of this binding to the overall determination for the entire
policy.
.google.cloud.policysimulator.v1.HeuristicRelevance relevance = 6;
Returns |
---|
Type | Description |
int | The enum numeric value on the wire for relevance.
|
getRole()
Returns |
---|
Type | Description |
String | The role.
|
getRoleBytes()
public ByteString getRoleBytes()
Returns |
---|
Type | Description |
ByteString | The bytes for role.
|
getRolePermission()
public BindingExplanation.RolePermission getRolePermission()
Indicates whether the role granted by this binding contains the specified
permission.
.google.cloud.policysimulator.v1.BindingExplanation.RolePermission role_permission = 3;
getRolePermissionRelevance()
public HeuristicRelevance getRolePermissionRelevance()
The relevance of the permission's existence, or nonexistence, in the role
to the overall determination for the entire policy.
.google.cloud.policysimulator.v1.HeuristicRelevance role_permission_relevance = 4;
getRolePermissionRelevanceValue()
public int getRolePermissionRelevanceValue()
The relevance of the permission's existence, or nonexistence, in the role
to the overall determination for the entire policy.
.google.cloud.policysimulator.v1.HeuristicRelevance role_permission_relevance = 4;
Returns |
---|
Type | Description |
int | The enum numeric value on the wire for rolePermissionRelevance.
|
getRolePermissionValue()
public int getRolePermissionValue()
Indicates whether the role granted by this binding contains the specified
permission.
.google.cloud.policysimulator.v1.BindingExplanation.RolePermission role_permission = 3;
Returns |
---|
Type | Description |
int | The enum numeric value on the wire for rolePermission.
|
getSerializedSize()
public int getSerializedSize()
Returns |
---|
Type | Description |
int | |
Overrides
hasCondition()
public boolean hasCondition()
Returns |
---|
Type | Description |
boolean | Whether the condition field is set.
|
hashCode()
Returns |
---|
Type | Description |
int | |
Overrides
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Overrides
internalGetMapField(int number)
protected MapField internalGetMapField(int number)
Parameter |
---|
Name | Description |
number | int
|
Overrides
isInitialized()
public final boolean isInitialized()
Overrides
newBuilderForType()
public BindingExplanation.Builder newBuilderForType()
newBuilderForType(GeneratedMessageV3.BuilderParent parent)
protected BindingExplanation.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Overrides
newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Overrides
toBuilder()
public BindingExplanation.Builder toBuilder()
writeTo(CodedOutputStream output)
public void writeTo(CodedOutputStream output)
Overrides