diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..30fdb7b --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,10 @@ +# Code owners file. +# This file controls who is tagged for review for any given pull request. + +# For syntax help see: +# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax + +* @googleapis/yoshi-java + +# The java-samples-reviewers team is the default owner for samples changes +samples/**/*.java @googleapis/java-samples-reviewers diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..11a980c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,51 @@ +--- +name: Bug report +about: Create a report to help us improve + +--- + +Thanks for stopping by to let us know something could be better! + +**PLEASE READ**: If you have a support contract with Google, please create an issue in the [support console](https://cloud.google.com/support/) instead of filing on GitHub. This will ensure a timely response. + +Please run down the following list and make sure you've tried the usual "quick fixes": + + - Search the issues already opened: https://github.com/googleapis/java-policy-troubleshooter/issues + - Check for answers on StackOverflow: http://stackoverflow.com/questions/tagged/google-cloud-platform + +If you are still having issues, please include as much information as possible: + +#### Environment details + +1. Specify the API at the beginning of the title. For example, "BigQuery: ..."). + General, Core, and Other are also allowed as types +2. OS type and version: +3. Java version: +4. policy-troubleshooter version(s): + +#### Steps to reproduce + + 1. ? + 2. ? + +#### Code example + +```java +// example +``` + +#### Stack trace +``` +Any relevant stacktrace here. +``` + +#### External references such as API reference guides + +- ? + +#### Any additional information below + + +Following these steps guarantees the quickest resolution possible. + +Thanks! diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..754e30c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,21 @@ +--- +name: Feature request +about: Suggest an idea for this library + +--- + +Thanks for stopping by to let us know something could be better! + +**PLEASE READ**: If you have a support contract with Google, please create an issue in the [support console](https://cloud.google.com/support/) instead of filing on GitHub. This will ensure a timely response. + +**Is your feature request related to a problem? Please describe.** +What the problem is. Example: I'm always frustrated when [...] + +**Describe the solution you'd like** +What you want to happen. + +**Describe alternatives you've considered** +Any alternative solutions or features you've considered. + +**Additional context** +Any other context or screenshots about the feature request. diff --git a/.github/ISSUE_TEMPLATE/support_request.md b/.github/ISSUE_TEMPLATE/support_request.md new file mode 100644 index 0000000..9958690 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/support_request.md @@ -0,0 +1,7 @@ +--- +name: Support request +about: If you have a support contract with Google, please create an issue in the Google Cloud Support console. + +--- + +**PLEASE READ**: If you have a support contract with Google, please create an issue in the [support console](https://cloud.google.com/support/) instead of filing on GitHub. This will ensure a timely response. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..b7e94d0 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,7 @@ +Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly: +- [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/java-policy-troubleshooter/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea +- [ ] Ensure the tests and linter pass +- [ ] Code coverage does not decrease (if any source code was changed) +- [ ] Appropriate docs were updated (if necessary) + +Fixes # ☕️ diff --git a/.github/blunderbuss.yml b/.github/blunderbuss.yml new file mode 100644 index 0000000..1a23ea4 --- /dev/null +++ b/.github/blunderbuss.yml @@ -0,0 +1,7 @@ +# Configuration for the Blunderbuss GitHub app. For more info see +# https://github.com/googleapis/repo-automation-bots/tree/master/packages/blunderbuss +assign_prs_by: +- labels: + - samples + to: + - googleapis/java-samples-reviewers \ No newline at end of file diff --git a/.github/generated-files-bot.yml b/.github/generated-files-bot.yml new file mode 100644 index 0000000..47c2ba1 --- /dev/null +++ b/.github/generated-files-bot.yml @@ -0,0 +1,11 @@ +externalManifests: +- type: json + file: 'synth.metadata' + jsonpath: '$.generatedFiles[*]' +- type: json + file: '.github/readme/synth.metadata/synth.metadata' + jsonpath: '$.generatedFiles[*]' +ignoreAuthors: +- 'renovate-bot' +- 'yoshi-automation' +- 'release-please[bot]' diff --git a/.github/readme/synth.py b/.github/readme/synth.py new file mode 100644 index 0000000..7b48cc2 --- /dev/null +++ b/.github/readme/synth.py @@ -0,0 +1,19 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""This script is used to synthesize generated the README for this library.""" + +from synthtool.languages import java + +java.custom_templates(["java_library/README.md"]) diff --git a/.github/release-please.yml b/.github/release-please.yml new file mode 100644 index 0000000..dce2c84 --- /dev/null +++ b/.github/release-please.yml @@ -0,0 +1,2 @@ +releaseType: java-yoshi +bumpMinorPreMajor: true \ No newline at end of file diff --git a/.github/snippet-bot.yml b/.github/snippet-bot.yml new file mode 100644 index 0000000..e69de29 diff --git a/.github/trusted-contribution.yml b/.github/trusted-contribution.yml new file mode 100644 index 0000000..f247d5c --- /dev/null +++ b/.github/trusted-contribution.yml @@ -0,0 +1,2 @@ +trustedContributors: +- renovate-bot \ No newline at end of file diff --git a/.github/workflows/approve-readme.yaml b/.github/workflows/approve-readme.yaml new file mode 100644 index 0000000..7513aca --- /dev/null +++ b/.github/workflows/approve-readme.yaml @@ -0,0 +1,54 @@ +on: + pull_request: +name: auto-merge-readme +jobs: + approve: + runs-on: ubuntu-latest + if: github.repository_owner == 'googleapis' && github.head_ref == 'autosynth-readme' + steps: + - uses: actions/github-script@v3 + with: + github-token: ${{secrets.YOSHI_APPROVER_TOKEN}} + script: | + // only approve PRs from yoshi-automation + if (context.payload.pull_request.user.login !== "yoshi-automation") { + return; + } + + // only approve PRs like "chore: release " + if (!context.payload.pull_request.title === "chore: regenerate README") { + return; + } + + // only approve PRs with README.md and synth.metadata changes + const files = new Set( + ( + await github.paginate( + github.pulls.listFiles.endpoint({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.payload.pull_request.number, + }) + ) + ).map(file => file.filename) + ); + if (files.size != 2 || !files.has("README.md") || !files.has(".github/readme/synth.metadata/synth.metadata")) { + return; + } + + // approve README regeneration PR + await github.pulls.createReview({ + owner: context.repo.owner, + repo: context.repo.repo, + body: 'Rubber stamped PR!', + pull_number: context.payload.pull_request.number, + event: 'APPROVE' + }); + + // attach automerge label + await github.issues.addLabels({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.payload.pull_request.number, + labels: ['automerge'] + }); diff --git a/.github/workflows/auto-release.yaml b/.github/workflows/auto-release.yaml new file mode 100644 index 0000000..7c8816a --- /dev/null +++ b/.github/workflows/auto-release.yaml @@ -0,0 +1,88 @@ +on: + pull_request: +name: auto-release +jobs: + approve: + runs-on: ubuntu-latest + if: contains(github.head_ref, 'release-please') + steps: + - uses: actions/github-script@v3 + with: + github-token: ${{secrets.YOSHI_APPROVER_TOKEN}} + debug: true + script: | + // only approve PRs from release-please[bot] + if (context.payload.pull_request.user.login !== "release-please[bot]") { + return; + } + + // only approve PRs like "chore(master): release " + if ( !context.payload.pull_request.title.startsWith("chore(master): release") ) { + return; + } + + // only approve PRs with pom.xml and versions.txt changes + const filesPromise = github.pulls.listFiles.endpoint({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.payload.pull_request.number, + }); + const changed_files = await github.paginate(filesPromise) + + if ( changed_files.length < 1 ) { + console.log( "Not proceeding since PR is empty!" ) + return; + } + + if ( !changed_files.some(v => v.filename.includes("pom")) || !changed_files.some(v => v.filename.includes("versions.txt")) ) { + console.log( "PR file changes do not have pom.xml or versions.txt -- something is wrong. PTAL!" ) + return; + } + + // trigger auto-release when + // 1) it is a SNAPSHOT release (auto-generated post regular release) + // 2) there are dependency updates only + // 3) there are no open dependency update PRs in this repo (to avoid multiple releases) + if ( + context.payload.pull_request.body.includes("Fix") || + context.payload.pull_request.body.includes("Build") || + context.payload.pull_request.body.includes("Documentation") || + context.payload.pull_request.body.includes("BREAKING CHANGES") || + context.payload.pull_request.body.includes("Features") + ) { + console.log( "Not auto-releasing since it is not a dependency-update-only release." ); + return; + } + + const promise = github.pulls.list.endpoint({ + owner: context.repo.owner, + repo: context.repo.repo, + state: 'open' + }); + const open_pulls = await github.paginate(promise) + + if ( open_pulls.length > 1 && !context.payload.pull_request.title.includes("SNAPSHOT") ) { + for ( const pull of open_pulls ) { + if ( pull.title.startsWith("deps: update dependency") ) { + console.log( "Not auto-releasing yet since there are dependency update PRs open in this repo." ); + return; + } + } + } + + // approve release PR + await github.pulls.createReview({ + owner: context.repo.owner, + repo: context.repo.repo, + body: 'Rubber stamped release!', + pull_number: context.payload.pull_request.number, + event: 'APPROVE' + }); + + // attach kokoro:force-run and automerge labels + await github.issues.addLabels({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.payload.pull_request.number, + labels: ['kokoro:force-run', 'automerge'] + }); diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..def8b3a --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,83 @@ +on: + push: + branches: + - master + pull_request: +name: ci +jobs: + units: + runs-on: ubuntu-latest + strategy: + matrix: + java: [7, 8, 11] + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-java@v1 + with: + java-version: ${{matrix.java}} + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: test + - name: coverage + uses: codecov/codecov-action@v1 + with: + name: actions ${{matrix.java}} + windows: + runs-on: windows-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-java@v1 + with: + java-version: 8 + - run: java -version + - run: .kokoro/build.bat + env: + JOB_TYPE: test + dependencies: + runs-on: ubuntu-latest + strategy: + matrix: + java: [8, 11] + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-java@v1 + with: + java-version: ${{matrix.java}} + - run: java -version + - run: .kokoro/dependencies.sh + linkage-monitor: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-java@v1 + with: + java-version: 8 + - run: java -version + - name: Install artifacts to local Maven repository + run: .kokoro/build.sh + shell: bash + - name: Validate any conflicts with regard to com.google.cloud:libraries-bom (latest release) + uses: GoogleCloudPlatform/cloud-opensource-java/linkage-monitor@v1-linkagemonitor + lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-java@v1 + with: + java-version: 8 + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: lint + clirr: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-java@v1 + with: + java-version: 8 + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: clirr \ No newline at end of file diff --git a/.github/workflows/samples.yaml b/.github/workflows/samples.yaml new file mode 100644 index 0000000..c46230a --- /dev/null +++ b/.github/workflows/samples.yaml @@ -0,0 +1,14 @@ +on: + pull_request: +name: samples +jobs: + checkstyle: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-java@v1 + with: + java-version: 8 + - name: Run checkstyle + run: mvn -P lint --quiet --batch-mode checkstyle:check + working-directory: samples/snippets diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..cc0bc34 --- /dev/null +++ b/.gitignore @@ -0,0 +1,17 @@ +# Maven +target/ + +# Eclipse +.classpath +.project +.settings + +# Intellij +*.iml +.idea/ + +# python utilities +*.pyc +__pycache__ + +.flattened-pom.xml \ No newline at end of file diff --git a/.kokoro/build.bat b/.kokoro/build.bat new file mode 100644 index 0000000..05826ad --- /dev/null +++ b/.kokoro/build.bat @@ -0,0 +1,3 @@ +:: See documentation in type-shell-output.bat + +"C:\Program Files\Git\bin\bash.exe" %~dp0build.sh diff --git a/.kokoro/build.sh b/.kokoro/build.sh new file mode 100755 index 0000000..e59a3b5 --- /dev/null +++ b/.kokoro/build.sh @@ -0,0 +1,120 @@ +#!/bin/bash +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +## Get the directory of the build script +scriptDir=$(realpath $(dirname "${BASH_SOURCE[0]}")) +## cd to the parent directory, i.e. the root of the git repo +cd ${scriptDir}/.. + +# include common functions +source ${scriptDir}/common.sh + +# Print out Java version +java -version +echo ${JOB_TYPE} + +# attempt to install 3 times with exponential backoff (starting with 10 seconds) +retry_with_backoff 3 10 \ + mvn install -B -V -ntp \ + -DskipTests=true \ + -Dclirr.skip=true \ + -Denforcer.skip=true \ + -Dmaven.javadoc.skip=true \ + -Dgcloud.download.skip=true \ + -T 1C + +# if GOOGLE_APPLICATION_CREDIENTIALS is specified as a relative path prepend Kokoro root directory onto it +if [[ ! -z "${GOOGLE_APPLICATION_CREDENTIALS}" && "${GOOGLE_APPLICATION_CREDENTIALS}" != /* ]]; then + export GOOGLE_APPLICATION_CREDENTIALS=$(realpath ${KOKORO_GFILE_DIR}/${GOOGLE_APPLICATION_CREDENTIALS}) +fi + +RETURN_CODE=0 +set +e + +case ${JOB_TYPE} in +test) + mvn test -B -Dclirr.skip=true -Denforcer.skip=true + RETURN_CODE=$? + ;; +lint) + mvn com.coveo:fmt-maven-plugin:check + RETURN_CODE=$? + ;; +javadoc) + mvn javadoc:javadoc javadoc:test-javadoc + RETURN_CODE=$? + ;; +integration) + mvn -B ${INTEGRATION_TEST_ARGS} \ + -ntp \ + -Penable-integration-tests \ + -DtrimStackTrace=false \ + -Dclirr.skip=true \ + -Denforcer.skip=true \ + -fae \ + verify + RETURN_CODE=$? + ;; +samples) + SAMPLES_DIR=samples + # only run ITs in snapshot/ on presubmit PRs. run ITs in all 3 samples/ subdirectories otherwise. + if [[ ! -z ${KOKORO_GITHUB_PULL_REQUEST_NUMBER} ]] + then + SAMPLES_DIR=samples/snapshot + fi + + if [[ -f ${SAMPLES_DIR}/pom.xml ]] + then + pushd ${SAMPLES_DIR} + mvn -B \ + -Penable-samples \ + -ntp \ + -DtrimStackTrace=false \ + -Dclirr.skip=true \ + -Denforcer.skip=true \ + -fae \ + verify + RETURN_CODE=$? + popd + else + echo "no sample pom.xml found - skipping sample tests" + fi + ;; +clirr) + mvn -B -Denforcer.skip=true clirr:check + RETURN_CODE=$? + ;; +*) + ;; +esac + +if [ "${REPORT_COVERAGE}" == "true" ] +then + bash ${KOKORO_GFILE_DIR}/codecov.sh +fi + +# fix output location of logs +bash .kokoro/coerce_logs.sh + +if [[ "${ENABLE_BUILD_COP}" == "true" ]] +then + chmod +x ${KOKORO_GFILE_DIR}/linux_amd64/flakybot + ${KOKORO_GFILE_DIR}/linux_amd64/flakybot -repo=googleapis/java-policy-troubleshooter +fi + +echo "exiting with ${RETURN_CODE}" +exit ${RETURN_CODE} diff --git a/.kokoro/coerce_logs.sh b/.kokoro/coerce_logs.sh new file mode 100755 index 0000000..5cf7ba4 --- /dev/null +++ b/.kokoro/coerce_logs.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script finds and moves sponge logs so that they can be found by placer +# and are not flagged as flaky by sponge. + +set -eo pipefail + +## Get the directory of the build script +scriptDir=$(realpath $(dirname "${BASH_SOURCE[0]}")) +## cd to the parent directory, i.e. the root of the git repo +cd ${scriptDir}/.. + +job=$(basename ${KOKORO_JOB_NAME}) + +echo "coercing sponge logs..." +for xml in `find . -name *-sponge_log.xml` +do + echo "processing ${xml}" + class=$(basename ${xml} | cut -d- -f2) + dir=$(dirname ${xml})/${job}/${class} + text=$(dirname ${xml})/${class}-sponge_log.txt + mkdir -p ${dir} + mv ${xml} ${dir}/sponge_log.xml + mv ${text} ${dir}/sponge_log.txt +done diff --git a/.kokoro/common.cfg b/.kokoro/common.cfg new file mode 100644 index 0000000..ac7978d --- /dev/null +++ b/.kokoro/common.cfg @@ -0,0 +1,13 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Download trampoline resources. These will be in ${KOKORO_GFILE_DIR} +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline" + +# All builds use the trampoline script to run in docker. +build_file: "java-policy-troubleshooter/.kokoro/trampoline.sh" + +# Tell the trampoline which build file to use. +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/build.sh" +} diff --git a/.kokoro/common.sh b/.kokoro/common.sh new file mode 100644 index 0000000..ace89f4 --- /dev/null +++ b/.kokoro/common.sh @@ -0,0 +1,58 @@ +#!/bin/bash +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +function retry_with_backoff { + attempts_left=$1 + sleep_seconds=$2 + shift 2 + command=$@ + + + # store current flag state + flags=$- + + # allow a failures to continue + set +e + ${command} + exit_code=$? + + # restore "e" flag + if [[ ${flags} =~ e ]] + then set -e + else set +e + fi + + if [[ $exit_code == 0 ]] + then + return 0 + fi + + # failure + if [[ ${attempts_left} > 0 ]] + then + echo "failure (${exit_code}), sleeping ${sleep_seconds}..." + sleep ${sleep_seconds} + new_attempts=$((${attempts_left} - 1)) + new_sleep=$((${sleep_seconds} * 2)) + retry_with_backoff ${new_attempts} ${new_sleep} ${command} + fi + + return $exit_code +} + +## Helper functionss +function now() { date +"%Y-%m-%d %H:%M:%S" | tr -d '\n'; } +function msg() { println "$*" >&2; } +function println() { printf '%s\n' "$(now) $*"; } \ No newline at end of file diff --git a/.kokoro/continuous/common.cfg b/.kokoro/continuous/common.cfg new file mode 100644 index 0000000..858cf83 --- /dev/null +++ b/.kokoro/continuous/common.cfg @@ -0,0 +1,25 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Build logs will be here +action { + define_artifacts { + regex: "**/*sponge_log.xml" + regex: "**/*sponge_log.txt" + } +} + +# Download trampoline resources. +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline" + +# Use the trampoline script to run in docker. +build_file: "java-policy-troubleshooter/.kokoro/trampoline.sh" + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/build.sh" +} + +env_vars: { + key: "JOB_TYPE" + value: "test" +} diff --git a/.kokoro/continuous/java8.cfg b/.kokoro/continuous/java8.cfg new file mode 100644 index 0000000..495cc7b --- /dev/null +++ b/.kokoro/continuous/java8.cfg @@ -0,0 +1,12 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "REPORT_COVERAGE" + value: "true" +} diff --git a/.kokoro/continuous/readme.cfg b/.kokoro/continuous/readme.cfg new file mode 100644 index 0000000..4091027 --- /dev/null +++ b/.kokoro/continuous/readme.cfg @@ -0,0 +1,55 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/python-multi" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/readme.sh" +} + +# Build logs will be here +action { + define_artifacts { + regex: "**/*sponge_log.xml" + regex: "**/*sponge_log.log" + } +} + +# The github token is stored here. +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "yoshi-automation-github-key" + # TODO(theacodes): remove this after secrets have globally propagated + backend_type: FASTCONFIGPUSH + } + } +} + +# Common env vars for all repositories and builds. +env_vars: { + key: "GITHUB_USER" + value: "yoshi-automation" +} +env_vars: { + key: "GITHUB_EMAIL" + value: "yoshi-automation@google.com" +} diff --git a/.kokoro/dependencies.sh b/.kokoro/dependencies.sh new file mode 100755 index 0000000..0fb8c84 --- /dev/null +++ b/.kokoro/dependencies.sh @@ -0,0 +1,89 @@ +#!/bin/bash +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +## Get the directory of the build script +scriptDir=$(realpath $(dirname "${BASH_SOURCE[0]}")) +## cd to the parent directory, i.e. the root of the git repo +cd ${scriptDir}/.. + +# include common functions +source ${scriptDir}/common.sh + +# Print out Java +java -version +echo $JOB_TYPE + +export MAVEN_OPTS="-Xmx1024m -XX:MaxPermSize=128m" + +# this should run maven enforcer +retry_with_backoff 3 10 \ + mvn install -B -V -ntp \ + -DskipTests=true \ + -Dclirr.skip=true + +mvn -B dependency:analyze -DfailOnWarning=true + +echo "****************** DEPENDENCY LIST COMPLETENESS CHECK *******************" +## Run dependency list completeness check +function completenessCheck() { + # Output dep list with compile scope generated using the original pom + # Running mvn dependency:list on Java versions that support modules will also include the module of the dependency. + # This is stripped from the output as it is not present in the flattened pom. + # Only dependencies with 'compile' or 'runtime' scope are included from original dependency list. + msg "Generating dependency list using original pom..." + mvn dependency:list -f pom.xml -DincludeScope=runtime -Dsort=true | grep '\[INFO] .*:.*:.*:.*:.*' | sed -e s/\\s--\\smodule.*// >.org-list.txt + + # Output dep list generated using the flattened pom (only 'compile' and 'runtime' scopes) + msg "Generating dependency list using flattened pom..." + mvn dependency:list -f .flattened-pom.xml -DincludeScope=runtime -Dsort=true | grep '\[INFO] .*:.*:.*:.*:.*' >.new-list.txt + + # Compare two dependency lists + msg "Comparing dependency lists..." + diff .org-list.txt .new-list.txt >.diff.txt + if [[ $? == 0 ]] + then + msg "Success. No diff!" + else + msg "Diff found. See below: " + msg "You can also check .diff.txt file located in $1." + cat .diff.txt + return 1 + fi +} + +# Allow failures to continue running the script +set +e + +error_count=0 +for path in $(find -name ".flattened-pom.xml") +do + # Check flattened pom in each dir that contains it for completeness + dir=$(dirname "$path") + pushd "$dir" + completenessCheck "$dir" + error_count=$(($error_count + $?)) + popd +done + +if [[ $error_count == 0 ]] +then + msg "All checks passed." + exit 0 +else + msg "Errors found. See log statements above." + exit 1 +fi diff --git a/.kokoro/nightly/common.cfg b/.kokoro/nightly/common.cfg new file mode 100644 index 0000000..858cf83 --- /dev/null +++ b/.kokoro/nightly/common.cfg @@ -0,0 +1,25 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Build logs will be here +action { + define_artifacts { + regex: "**/*sponge_log.xml" + regex: "**/*sponge_log.txt" + } +} + +# Download trampoline resources. +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline" + +# Use the trampoline script to run in docker. +build_file: "java-policy-troubleshooter/.kokoro/trampoline.sh" + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/build.sh" +} + +env_vars: { + key: "JOB_TYPE" + value: "test" +} diff --git a/.kokoro/nightly/integration.cfg b/.kokoro/nightly/integration.cfg new file mode 100644 index 0000000..0048c8e --- /dev/null +++ b/.kokoro/nightly/integration.cfg @@ -0,0 +1,37 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "JOB_TYPE" + value: "integration" +} +# TODO: remove this after we've migrated all tests and scripts +env_vars: { + key: "GCLOUD_PROJECT" + value: "gcloud-devel" +} + +env_vars: { + key: "GOOGLE_CLOUD_PROJECT" + value: "gcloud-devel" +} + +env_vars: { + key: "ENABLE_BUILD_COP" + value: "true" +} + +env_vars: { + key: "GOOGLE_APPLICATION_CREDENTIALS" + value: "secret_manager/java-it-service-account" +} + +env_vars: { + key: "SECRET_MANAGER_KEYS" + value: "java-it-service-account" +} diff --git a/.kokoro/nightly/java11.cfg b/.kokoro/nightly/java11.cfg new file mode 100644 index 0000000..709f2b4 --- /dev/null +++ b/.kokoro/nightly/java11.cfg @@ -0,0 +1,7 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java11" +} diff --git a/.kokoro/nightly/java7.cfg b/.kokoro/nightly/java7.cfg new file mode 100644 index 0000000..cb24f44 --- /dev/null +++ b/.kokoro/nightly/java7.cfg @@ -0,0 +1,7 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java7" +} diff --git a/.kokoro/nightly/java8-osx.cfg b/.kokoro/nightly/java8-osx.cfg new file mode 100644 index 0000000..8fb6449 --- /dev/null +++ b/.kokoro/nightly/java8-osx.cfg @@ -0,0 +1,3 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +build_file: "java-policy-troubleshooter/.kokoro/build.sh" diff --git a/.kokoro/nightly/java8-win.cfg b/.kokoro/nightly/java8-win.cfg new file mode 100644 index 0000000..028b3ba --- /dev/null +++ b/.kokoro/nightly/java8-win.cfg @@ -0,0 +1,3 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +build_file: "java-policy-troubleshooter/.kokoro/build.bat" diff --git a/.kokoro/nightly/java8.cfg b/.kokoro/nightly/java8.cfg new file mode 100644 index 0000000..495cc7b --- /dev/null +++ b/.kokoro/nightly/java8.cfg @@ -0,0 +1,12 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "REPORT_COVERAGE" + value: "true" +} diff --git a/.kokoro/nightly/samples.cfg b/.kokoro/nightly/samples.cfg new file mode 100644 index 0000000..f254293 --- /dev/null +++ b/.kokoro/nightly/samples.cfg @@ -0,0 +1,38 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "JOB_TYPE" + value: "samples" +} + +# TODO: remove this after we've migrated all tests and scripts +env_vars: { + key: "GCLOUD_PROJECT" + value: "java-docs-samples-testing" +} + +env_vars: { + key: "GOOGLE_CLOUD_PROJECT" + value: "java-docs-samples-testing" +} + +env_vars: { + key: "GOOGLE_APPLICATION_CREDENTIALS" + value: "secret_manager/java-docs-samples-service-account" +} + +env_vars: { + key: "SECRET_MANAGER_KEYS" + value: "java-docs-samples-service-account" +} + +env_vars: { + key: "ENABLE_BUILD_COP" + value: "true" +} diff --git a/.kokoro/populate-secrets.sh b/.kokoro/populate-secrets.sh new file mode 100755 index 0000000..f525142 --- /dev/null +++ b/.kokoro/populate-secrets.sh @@ -0,0 +1,43 @@ +#!/bin/bash +# Copyright 2020 Google LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +function now { date +"%Y-%m-%d %H:%M:%S" | tr -d '\n' ;} +function msg { println "$*" >&2 ;} +function println { printf '%s\n' "$(now) $*" ;} + + +# Populates requested secrets set in SECRET_MANAGER_KEYS from service account: +# kokoro-trampoline@cloud-devrel-kokoro-resources.iam.gserviceaccount.com +SECRET_LOCATION="${KOKORO_GFILE_DIR}/secret_manager" +msg "Creating folder on disk for secrets: ${SECRET_LOCATION}" +mkdir -p ${SECRET_LOCATION} +for key in $(echo ${SECRET_MANAGER_KEYS} | sed "s/,/ /g") +do + msg "Retrieving secret ${key}" + docker run --entrypoint=gcloud \ + --volume=${KOKORO_GFILE_DIR}:${KOKORO_GFILE_DIR} \ + gcr.io/google.com/cloudsdktool/cloud-sdk \ + secrets versions access latest \ + --project cloud-devrel-kokoro-resources \ + --secret ${key} > \ + "${SECRET_LOCATION}/${key}" + if [[ $? == 0 ]]; then + msg "Secret written to ${SECRET_LOCATION}/${key}" + else + msg "Error retrieving secret ${key}" + fi +done diff --git a/.kokoro/presubmit/clirr.cfg b/.kokoro/presubmit/clirr.cfg new file mode 100644 index 0000000..ec57244 --- /dev/null +++ b/.kokoro/presubmit/clirr.cfg @@ -0,0 +1,13 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. + +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "JOB_TYPE" + value: "clirr" +} \ No newline at end of file diff --git a/.kokoro/presubmit/common.cfg b/.kokoro/presubmit/common.cfg new file mode 100644 index 0000000..ff1ceb5 --- /dev/null +++ b/.kokoro/presubmit/common.cfg @@ -0,0 +1,34 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Build logs will be here +action { + define_artifacts { + regex: "**/*sponge_log.xml" + regex: "**/*sponge_log.txt" + } +} + +# Download trampoline resources. +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline" + +# Use the trampoline script to run in docker. +build_file: "java-policy-troubleshooter/.kokoro/trampoline.sh" + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/build.sh" +} + +env_vars: { + key: "JOB_TYPE" + value: "test" +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "dpebot_codecov_token" + } + } +} diff --git a/.kokoro/presubmit/dependencies.cfg b/.kokoro/presubmit/dependencies.cfg new file mode 100644 index 0000000..ee89b74 --- /dev/null +++ b/.kokoro/presubmit/dependencies.cfg @@ -0,0 +1,12 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/dependencies.sh" +} diff --git a/.kokoro/presubmit/integration.cfg b/.kokoro/presubmit/integration.cfg new file mode 100644 index 0000000..dded67a --- /dev/null +++ b/.kokoro/presubmit/integration.cfg @@ -0,0 +1,33 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "JOB_TYPE" + value: "integration" +} + +# TODO: remove this after we've migrated all tests and scripts +env_vars: { + key: "GCLOUD_PROJECT" + value: "gcloud-devel" +} + +env_vars: { + key: "GOOGLE_CLOUD_PROJECT" + value: "gcloud-devel" +} + +env_vars: { + key: "GOOGLE_APPLICATION_CREDENTIALS" + value: "secret_manager/java-it-service-account" +} + +env_vars: { + key: "SECRET_MANAGER_KEYS" + value: "java-it-service-account" +} diff --git a/.kokoro/presubmit/java11.cfg b/.kokoro/presubmit/java11.cfg new file mode 100644 index 0000000..709f2b4 --- /dev/null +++ b/.kokoro/presubmit/java11.cfg @@ -0,0 +1,7 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java11" +} diff --git a/.kokoro/presubmit/java7.cfg b/.kokoro/presubmit/java7.cfg new file mode 100644 index 0000000..cb24f44 --- /dev/null +++ b/.kokoro/presubmit/java7.cfg @@ -0,0 +1,7 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java7" +} diff --git a/.kokoro/presubmit/java8-osx.cfg b/.kokoro/presubmit/java8-osx.cfg new file mode 100644 index 0000000..8fb6449 --- /dev/null +++ b/.kokoro/presubmit/java8-osx.cfg @@ -0,0 +1,3 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +build_file: "java-policy-troubleshooter/.kokoro/build.sh" diff --git a/.kokoro/presubmit/java8-win.cfg b/.kokoro/presubmit/java8-win.cfg new file mode 100644 index 0000000..028b3ba --- /dev/null +++ b/.kokoro/presubmit/java8-win.cfg @@ -0,0 +1,3 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +build_file: "java-policy-troubleshooter/.kokoro/build.bat" diff --git a/.kokoro/presubmit/java8.cfg b/.kokoro/presubmit/java8.cfg new file mode 100644 index 0000000..495cc7b --- /dev/null +++ b/.kokoro/presubmit/java8.cfg @@ -0,0 +1,12 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "REPORT_COVERAGE" + value: "true" +} diff --git a/.kokoro/presubmit/linkage-monitor.cfg b/.kokoro/presubmit/linkage-monitor.cfg new file mode 100644 index 0000000..ab87a8c --- /dev/null +++ b/.kokoro/presubmit/linkage-monitor.cfg @@ -0,0 +1,12 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/linkage-monitor.sh" +} \ No newline at end of file diff --git a/.kokoro/presubmit/lint.cfg b/.kokoro/presubmit/lint.cfg new file mode 100644 index 0000000..6d323c8 --- /dev/null +++ b/.kokoro/presubmit/lint.cfg @@ -0,0 +1,13 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. + +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "JOB_TYPE" + value: "lint" +} \ No newline at end of file diff --git a/.kokoro/presubmit/samples.cfg b/.kokoro/presubmit/samples.cfg new file mode 100644 index 0000000..01e0960 --- /dev/null +++ b/.kokoro/presubmit/samples.cfg @@ -0,0 +1,33 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +env_vars: { + key: "JOB_TYPE" + value: "samples" +} + +# TODO: remove this after we've migrated all tests and scripts +env_vars: { + key: "GCLOUD_PROJECT" + value: "java-docs-samples-testing" +} + +env_vars: { + key: "GOOGLE_CLOUD_PROJECT" + value: "java-docs-samples-testing" +} + +env_vars: { + key: "GOOGLE_APPLICATION_CREDENTIALS" + value: "secret_manager/java-docs-samples-service-account" +} + +env_vars: { + key: "SECRET_MANAGER_KEYS" + value: "java-docs-samples-service-account" +} \ No newline at end of file diff --git a/.kokoro/readme.sh b/.kokoro/readme.sh new file mode 100755 index 0000000..4cfb040 --- /dev/null +++ b/.kokoro/readme.sh @@ -0,0 +1,45 @@ +#!/bin/bash +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +cd ${KOKORO_ARTIFACTS_DIR}/github/java-policy-troubleshooter + +# Disable buffering, so that the logs stream through. +export PYTHONUNBUFFERED=1 + +# Kokoro exposes this as a file, but the scripts expect just a plain variable. +export GITHUB_TOKEN=$(cat ${KOKORO_KEYSTORE_DIR}/73713_yoshi-automation-github-key) + +# Setup git credentials +echo "https://${GITHUB_TOKEN}:@github.com" >> ~/.git-credentials +git config --global credential.helper 'store --file ~/.git-credentials' + +python3.6 -m pip install git+https://github.com/googleapis/synthtool.git#egg=gcp-synthtool + +set +e +python3.6 -m autosynth.synth \ + --repository=googleapis/java-policy-troubleshooter \ + --synth-file-name=.github/readme/synth.py \ + --metadata-path=.github/readme/synth.metadata \ + --pr-title="chore: regenerate README" \ + --branch-suffix="readme" + +# autosynth returns 28 to signal there are no changes +RETURN_CODE=$? +if [[ ${RETURN_CODE} -ne 0 && ${RETURN_CODE} -ne 28 ]] +then + exit ${RETURN_CODE} +fi diff --git a/.kokoro/release/bump_snapshot.cfg b/.kokoro/release/bump_snapshot.cfg new file mode 100644 index 0000000..c2e2a04 --- /dev/null +++ b/.kokoro/release/bump_snapshot.cfg @@ -0,0 +1,53 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Build logs will be here +action { + define_artifacts { + regex: "**/*sponge_log.xml" + } +} + +# Download trampoline resources. +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline" + +# Use the trampoline script to run in docker. +build_file: "java-policy-troubleshooter/.kokoro/trampoline.sh" + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/node:10-user" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/release/bump_snapshot.sh" +} + +# tokens used by release-please to keep an up-to-date release PR. +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "github-magic-proxy-key-release-please" + } + } +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "github-magic-proxy-token-release-please" + } + } +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "github-magic-proxy-url-release-please" + } + } +} diff --git a/.kokoro/release/common.cfg b/.kokoro/release/common.cfg new file mode 100644 index 0000000..dd0d2b8 --- /dev/null +++ b/.kokoro/release/common.cfg @@ -0,0 +1,49 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Download trampoline resources. +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline" + +# Use the trampoline script to run in docker. +build_file: "java-policy-troubleshooter/.kokoro/trampoline.sh" + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java8" +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 70247 + keyname: "maven-gpg-keyring" + } + } +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 70247 + keyname: "maven-gpg-passphrase" + } + } +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 70247 + keyname: "maven-gpg-pubkeyring" + } + } +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 70247 + keyname: "sonatype-credentials" + } + } +} diff --git a/.kokoro/release/common.sh b/.kokoro/release/common.sh new file mode 100755 index 0000000..6e3f659 --- /dev/null +++ b/.kokoro/release/common.sh @@ -0,0 +1,50 @@ +#!/bin/bash +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +# Get secrets from keystore and set and environment variables +setup_environment_secrets() { + export GPG_PASSPHRASE=$(cat ${KOKORO_KEYSTORE_DIR}/70247_maven-gpg-passphrase) + export GPG_TTY=$(tty) + export GPG_HOMEDIR=/gpg + mkdir $GPG_HOMEDIR + mv ${KOKORO_KEYSTORE_DIR}/70247_maven-gpg-pubkeyring $GPG_HOMEDIR/pubring.gpg + mv ${KOKORO_KEYSTORE_DIR}/70247_maven-gpg-keyring $GPG_HOMEDIR/secring.gpg + export SONATYPE_USERNAME=$(cat ${KOKORO_KEYSTORE_DIR}/70247_sonatype-credentials | cut -f1 -d'|') + export SONATYPE_PASSWORD=$(cat ${KOKORO_KEYSTORE_DIR}/70247_sonatype-credentials | cut -f2 -d'|') +} + +create_settings_xml_file() { + echo " + + + ossrh + ${SONATYPE_USERNAME} + ${SONATYPE_PASSWORD} + + + sonatype-nexus-staging + ${SONATYPE_USERNAME} + ${SONATYPE_PASSWORD} + + + sonatype-nexus-snapshots + ${SONATYPE_USERNAME} + ${SONATYPE_PASSWORD} + + +" > $1 +} \ No newline at end of file diff --git a/.kokoro/release/drop.cfg b/.kokoro/release/drop.cfg new file mode 100644 index 0000000..d313072 --- /dev/null +++ b/.kokoro/release/drop.cfg @@ -0,0 +1,6 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/release/drop.sh" +} diff --git a/.kokoro/release/drop.sh b/.kokoro/release/drop.sh new file mode 100755 index 0000000..5c4551e --- /dev/null +++ b/.kokoro/release/drop.sh @@ -0,0 +1,32 @@ +#!/bin/bash +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +# STAGING_REPOSITORY_ID must be set +if [ -z "${STAGING_REPOSITORY_ID}" ]; then + echo "Missing STAGING_REPOSITORY_ID environment variable" + exit 1 +fi + +source $(dirname "$0")/common.sh +pushd $(dirname "$0")/../../ + +setup_environment_secrets +create_settings_xml_file "settings.xml" + +mvn nexus-staging:drop -B \ + --settings=settings.xml \ + -DstagingRepositoryId=${STAGING_REPOSITORY_ID} diff --git a/.kokoro/release/promote.cfg b/.kokoro/release/promote.cfg new file mode 100644 index 0000000..051fa2c --- /dev/null +++ b/.kokoro/release/promote.cfg @@ -0,0 +1,6 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/release/promote.sh" +} diff --git a/.kokoro/release/promote.sh b/.kokoro/release/promote.sh new file mode 100755 index 0000000..1fa95fa --- /dev/null +++ b/.kokoro/release/promote.sh @@ -0,0 +1,34 @@ +#!/bin/bash +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +# STAGING_REPOSITORY_ID must be set +if [ -z "${STAGING_REPOSITORY_ID}" ]; then + echo "Missing STAGING_REPOSITORY_ID environment variable" + exit 1 +fi + +source $(dirname "$0")/common.sh + +pushd $(dirname "$0")/../../ + +setup_environment_secrets +create_settings_xml_file "settings.xml" + +mvn nexus-staging:release -B \ + -DperformRelease=true \ + --settings=settings.xml \ + -DstagingRepositoryId=${STAGING_REPOSITORY_ID} diff --git a/.kokoro/release/publish_javadoc.cfg b/.kokoro/release/publish_javadoc.cfg new file mode 100644 index 0000000..3252c7e --- /dev/null +++ b/.kokoro/release/publish_javadoc.cfg @@ -0,0 +1,23 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/doc-templates/" + +env_vars: { + key: "STAGING_BUCKET" + value: "docs-staging" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/release/publish_javadoc.sh" +} + + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "docuploader_service_account" + } + } +} diff --git a/.kokoro/release/publish_javadoc.sh b/.kokoro/release/publish_javadoc.sh new file mode 100755 index 0000000..a5946ce --- /dev/null +++ b/.kokoro/release/publish_javadoc.sh @@ -0,0 +1,58 @@ +#!/bin/bash +# Copyright 2019 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +if [[ -z "${CREDENTIALS}" ]]; then + CREDENTIALS=${KOKORO_KEYSTORE_DIR}/73713_docuploader_service_account +fi + +if [[ -z "${STAGING_BUCKET}" ]]; then + echo "Need to set STAGING_BUCKET environment variable" + exit 1 +fi + +if [[ -z "${STAGING_BUCKET_V2}" ]]; then + echo "Need to set STAGING_BUCKET_V2 environment variable" + exit 1 +fi + +# work from the git root directory +pushd $(dirname "$0")/../../ + +# install docuploader package +python3 -m pip install gcp-docuploader + +# compile all packages +mvn clean install -B -q -DskipTests=true + +export NAME=google-cloud-policy-troubleshooter +export VERSION=$(grep ${NAME}: versions.txt | cut -d: -f3) + +# build the docs +mvn site -B -q + +pushd target/site/apidocs + +# create metadata +python3 -m docuploader create-metadata \ + --name ${NAME} \ + --version ${VERSION} \ + --language java + +# upload docs +python3 -m docuploader upload . \ + --credentials ${CREDENTIALS} \ + --staging-bucket ${STAGING_BUCKET} diff --git a/.kokoro/release/publish_javadoc11.cfg b/.kokoro/release/publish_javadoc11.cfg new file mode 100644 index 0000000..0e4a48a --- /dev/null +++ b/.kokoro/release/publish_javadoc11.cfg @@ -0,0 +1,30 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# cloud-rad production +env_vars: { + key: "STAGING_BUCKET_V2" + value: "docs-staging-v2" +} + +# Configure the docker image for kokoro-trampoline +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/java11" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/release/publish_javadoc11.sh" +} + +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "docuploader_service_account" + } + } +} + +# Downloads docfx doclet resource. This will be in ${KOKORO_GFILE_DIR}/ +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/docfx" diff --git a/.kokoro/release/publish_javadoc11.sh b/.kokoro/release/publish_javadoc11.sh new file mode 100755 index 0000000..45f8eab --- /dev/null +++ b/.kokoro/release/publish_javadoc11.sh @@ -0,0 +1,55 @@ +#!/bin/bash +# Copyright 2021 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +if [[ -z "${CREDENTIALS}" ]]; then + CREDENTIALS=${KOKORO_KEYSTORE_DIR}/73713_docuploader_service_account +fi + +if [[ -z "${STAGING_BUCKET_V2}" ]]; then + echo "Need to set STAGING_BUCKET_V2 environment variable" + exit 1 +fi + +# work from the git root directory +pushd $(dirname "$0")/../../ + +# install docuploader package +python3 -m pip install gcp-docuploader + +# compile all packages +mvn clean install -B -q -DskipTests=true + +export NAME=google-cloud-policy-troubleshooter +export VERSION=$(grep ${NAME}: versions.txt | cut -d: -f3) + +# V3 generates docfx yml from javadoc +# generate yml +mvn clean site -B -q -P docFX + +pushd target/docfx-yml + +# create metadata +python3 -m docuploader create-metadata \ + --name ${NAME} \ + --version ${VERSION} \ + --language java + +# upload yml to production bucket +python3 -m docuploader upload . \ + --credentials ${CREDENTIALS} \ + --staging-bucket ${STAGING_BUCKET_V2} \ + --destination-prefix docfx- diff --git a/.kokoro/release/snapshot.cfg b/.kokoro/release/snapshot.cfg new file mode 100644 index 0000000..6546ed8 --- /dev/null +++ b/.kokoro/release/snapshot.cfg @@ -0,0 +1,6 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/release/snapshot.sh" +} \ No newline at end of file diff --git a/.kokoro/release/snapshot.sh b/.kokoro/release/snapshot.sh new file mode 100755 index 0000000..098168a --- /dev/null +++ b/.kokoro/release/snapshot.sh @@ -0,0 +1,33 @@ +#!/bin/bash +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +source $(dirname "$0")/common.sh +MAVEN_SETTINGS_FILE=$(realpath $(dirname "$0")/../../)/settings.xml +pushd $(dirname "$0")/../../ + +# ensure we're trying to push a snapshot (no-result returns non-zero exit code) +grep SNAPSHOT versions.txt + +setup_environment_secrets +create_settings_xml_file "settings.xml" + +mvn clean install deploy -B \ + --settings ${MAVEN_SETTINGS_FILE} \ + -DperformRelease=true \ + -Dgpg.executable=gpg \ + -Dgpg.passphrase=${GPG_PASSPHRASE} \ + -Dgpg.homedir=${GPG_HOMEDIR} diff --git a/.kokoro/release/stage.cfg b/.kokoro/release/stage.cfg new file mode 100644 index 0000000..b294ba4 --- /dev/null +++ b/.kokoro/release/stage.cfg @@ -0,0 +1,19 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/java-policy-troubleshooter/.kokoro/release/stage.sh" +} + +# Need to save the properties file +action { + define_artifacts { + regex: "github/java-policy-troubleshooter/target/nexus-staging/staging/*.properties" + strip_prefix: "github/java-policy-troubleshooter" + } +} + +env_vars: { + key: "SECRET_MANAGER_KEYS" + value: "releasetool-publish-reporter-app,releasetool-publish-reporter-googleapis-installation,releasetool-publish-reporter-pem" +} diff --git a/.kokoro/release/stage.sh b/.kokoro/release/stage.sh new file mode 100755 index 0000000..16126d2 --- /dev/null +++ b/.kokoro/release/stage.sh @@ -0,0 +1,45 @@ +#!/bin/bash +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eo pipefail + +# Start the releasetool reporter +python3 -m pip install gcp-releasetool +python3 -m releasetool publish-reporter-script > /tmp/publisher-script; source /tmp/publisher-script + +source $(dirname "$0")/common.sh +source $(dirname "$0")/../common.sh +MAVEN_SETTINGS_FILE=$(realpath $(dirname "$0")/../../)/settings.xml +pushd $(dirname "$0")/../../ + +setup_environment_secrets +create_settings_xml_file "settings.xml" + +# attempt to stage 3 times with exponential backoff (starting with 10 seconds) +retry_with_backoff 3 10 \ + mvn clean install deploy -B \ + --settings ${MAVEN_SETTINGS_FILE} \ + -DskipTests=true \ + -DperformRelease=true \ + -Dgpg.executable=gpg \ + -Dgpg.passphrase=${GPG_PASSPHRASE} \ + -Dgpg.homedir=${GPG_HOMEDIR} + +if [[ -n "${AUTORELEASE_PR}" ]] +then + mvn nexus-staging:release -B \ + -DperformRelease=true \ + --settings=settings.xml +fi \ No newline at end of file diff --git a/.kokoro/trampoline.sh b/.kokoro/trampoline.sh new file mode 100644 index 0000000..9da0f83 --- /dev/null +++ b/.kokoro/trampoline.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# Copyright 2018 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +set -eo pipefail +# Always run the cleanup script, regardless of the success of bouncing into +# the container. +function cleanup() { + chmod +x ${KOKORO_GFILE_DIR}/trampoline_cleanup.sh + ${KOKORO_GFILE_DIR}/trampoline_cleanup.sh + echo "cleanup"; +} +trap cleanup EXIT + +$(dirname $0)/populate-secrets.sh # Secret Manager secrets. +python3 "${KOKORO_GFILE_DIR}/trampoline_v1.py" diff --git a/.repo-metadata.json b/.repo-metadata.json new file mode 100644 index 0000000..e094e91 --- /dev/null +++ b/.repo-metadata.json @@ -0,0 +1,15 @@ +{ + "name": "policy-troubleshooter", + "name_pretty": "IAM Policy Troubleshooter API", + "product_documentation": "https://cloud.google.com/iam/docs/troubleshooting-access", + "api_description": "makes it easier to understand why a user has access to a resource or doesn't have permission to call an API. Given an email, resource, and permission, Policy Troubleshooter examines all Identity and Access Management (IAM) policies that apply to the resource. It then reveals whether the member's roles include the permission on that resource and, if so, which policies bind the member to those roles.", + "client_documentation": "https://googleapis.dev/java/google-cloud-policy-troubleshooter/latest/index.html", + "release_level": "beta", + "transport": "grpc", + "language": "java", + "repo": "googleapis/java-policy-troubleshooter", + "repo_short": "java-policy-troubleshooter", + "distribution_name": "com.google.cloud:google-cloud-policy-troubleshooter", + "api_id": "policy-troubleshooter.googleapis.com", + "requires_billing": true +} \ No newline at end of file diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..2add254 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,94 @@ + +# Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of +experience, education, socio-economic status, nationality, personal appearance, +race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or + advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, or to ban temporarily or permanently any +contributor for other behaviors that they deem inappropriate, threatening, +offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +This Code of Conduct also applies outside the project spaces when the Project +Steward has a reasonable belief that an individual's behavior may have a +negative impact on the project or its community. + +## Conflict Resolution + +We do not believe that all conflict is bad; healthy debate and disagreement +often yield positive results. However, it is never okay to be disrespectful or +to engage in behavior that violates the project’s code of conduct. + +If you see someone violating the code of conduct, you are encouraged to address +the behavior directly with those involved. Many issues can be resolved quickly +and easily, and this gives people more control over the outcome of their +dispute. If you are unable to resolve the matter for any reason, or if the +behavior is threatening or harassing, report it. We are dedicated to providing +an environment where participants feel welcome and safe. + +Reports should be directed to *googleapis-stewards@google.com*, the +Project Steward(s) for *Google Cloud Client Libraries*. It is the Project Steward’s duty to +receive and address reported violations of the code of conduct. They will then +work with a committee consisting of representatives from the Open Source +Programs Office and the Google Open Source Strategy team. If for any reason you +are uncomfortable reaching out to the Project Steward, please email +opensource@google.com. + +We will investigate every complaint, but you may not receive a direct response. +We will use our discretion in determining when and how to follow up on reported +incidents, which may range from not taking action to permanent expulsion from +the project and project-sponsored spaces. We will notify the accused of the +report and provide them an opportunity to discuss it before any action is taken. +The identity of the reporter will be omitted from the details of the report +supplied to the accused. In potentially harmful situations, such as ongoing +harassment or threats to anyone's safety, we may take action without notice. + +## Attribution + +This Code of Conduct is adapted from the Contributor Covenant, version 1.4, +available at +https://www.contributor-covenant.org/version/1/4/code-of-conduct.html \ No newline at end of file diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..f2dbdee --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,139 @@ +# How to Contribute + +We'd love to accept your patches and contributions to this project. There are +just a few small guidelines you need to follow. + +## Contributor License Agreement + +Contributions to this project must be accompanied by a Contributor License +Agreement. You (or your employer) retain the copyright to your contribution; +this simply gives us permission to use and redistribute your contributions as +part of the project. Head over to to see +your current agreements on file or to sign a new one. + +You generally only need to submit a CLA once, so if you've already submitted one +(even if it was for a different project), you probably don't need to do it +again. + +## Code reviews + +All submissions, including submissions by project members, require review. We +use GitHub pull requests for this purpose. Consult +[GitHub Help](https://help.github.com/articles/about-pull-requests/) for more +information on using pull requests. + +## Community Guidelines + +This project follows +[Google's Open Source Community Guidelines](https://opensource.google.com/conduct/). + +## Building the project + +To build, package, and run all unit tests run the command + +``` +mvn clean verify +``` + +### Running Integration tests + +To include integration tests when building the project, you need access to +a GCP Project with a valid service account. + +For instructions on how to generate a service account and corresponding +credentials JSON see: [Creating a Service Account][1]. + +Then run the following to build, package, run all unit tests and run all +integration tests. + +```bash +export GOOGLE_APPLICATION_CREDENTIALS=/path/to/service/account.json +mvn -Penable-integration-tests clean verify +``` + +## Code Samples + +Code Samples must be bundled in separate Maven modules, and guarded by a +Maven profile with the name `enable-samples`. + +The samples must be separate from the primary project for a few reasons: +1. Primary projects have a minimum Java version of Java 7 whereas samples have + a minimum Java version of Java 8. Due to this we need the ability to + selectively exclude samples from a build run. +2. Many code samples depend on external GCP services and need + credentials to access the service. +3. Code samples are not released as Maven artifacts and must be excluded from + release builds. + +### Building + +```bash +mvn -Penable-samples clean verify +``` + +Some samples require access to GCP services and require a service account: + +```bash +export GOOGLE_APPLICATION_CREDENTIALS=/path/to/service/account.json +mvn -Penable-samples clean verify +``` + +### Profile Config + +1. To add samples in a profile to your Maven project, add the following to your +`pom.xml` + + ```xml + + [...] + + + enable-samples + + sample + + + + [...] + + ``` + +2. [Activate](#profile-activation) the profile. +3. Define your samples in a normal Maven project in the `samples/` directory. + +### Code Formatting + +Code in this repo is formatted with +[google-java-format](https://github.com/google/google-java-format). +To run formatting on your project, you can run: +``` +mvn com.coveo:fmt-maven-plugin:format +``` + +### Profile Activation + +To include code samples when building and testing the project, enable the +`enable-samples` Maven profile. + +#### Command line + +To activate the Maven profile on the command line add `-Penable-samples` to your +Maven command. + +#### Maven `settings.xml` + +To activate the Maven profile in your `~/.m2/settings.xml` add an entry of +`enable-samples` following the instructions in [Active Profiles][2]. + +This method has the benefit of applying to all projects you build (and is +respected by IntelliJ IDEA) and is recommended if you are going to be +contributing samples to several projects. + +#### IntelliJ IDEA + +To activate the Maven Profile inside IntelliJ IDEA, follow the instructions in +[Activate Maven profiles][3] to activate `enable-samples`. + +[1]: https://cloud.google.com/docs/authentication/getting-started#creating_a_service_account +[2]: https://maven.apache.org/settings.html#Active_Profiles +[3]: https://www.jetbrains.com/help/idea/work-with-maven-profiles.html#activate_maven_profiles diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/README.md b/README.md new file mode 100644 index 0000000..3e0b8ec --- /dev/null +++ b/README.md @@ -0,0 +1,143 @@ +# Google IAM Policy Troubleshooter API Client for Java + +Java idiomatic client for [IAM Policy Troubleshooter API][product-docs]. + +[![Maven][maven-version-image]][maven-version-link] +![Stability][stability-image] + +- [Product Documentation][product-docs] +- [Client Library Documentation][javadocs] + +> Note: This client is a work-in-progress, and may occasionally +> make backwards-incompatible changes. + +## Quickstart + + +If you are using Maven, add this to your pom.xml file: + +```xml + + com.google.cloud + google-cloud-policy-troubleshooter + 0.0.0 + +``` + +If you are using Gradle without BOM, add this to your dependencies +```Groovy +compile 'com.google.cloud:google-cloud-policy-troubleshooter:0.0.0' +``` + +If you are using SBT, add this to your dependencies +```Scala +libraryDependencies += "com.google.cloud" % "google-cloud-policy-troubleshooter" % "0.0.0" +``` + +## Authentication + +See the [Authentication][authentication] section in the base directory's README. + +## Getting Started + +### Prerequisites + +You will need a [Google Cloud Platform Console][developer-console] project with the IAM Policy Troubleshooter API [API enabled][enable-api]. +You will need to [enable billing][enable-billing] to use Google IAM Policy Troubleshooter API. +[Follow these instructions][create-project] to get your project set up. You will also need to set up the local development environment by +[installing the Google Cloud SDK][cloud-sdk] and running the following commands in command line: +`gcloud auth login` and `gcloud config set project [YOUR PROJECT ID]`. + +### Installation and setup + +You'll need to obtain the `google-cloud-policy-troubleshooter` library. See the [Quickstart](#quickstart) section +to add `google-cloud-policy-troubleshooter` as a dependency in your code. + +## About IAM Policy Troubleshooter API + + +[IAM Policy Troubleshooter API][product-docs] makes it easier to understand why a user has access to a resource or doesn't have permission to call an API. Given an email, resource, and permission, Policy Troubleshooter examines all Identity and Access Management (IAM) policies that apply to the resource. It then reveals whether the member's roles include the permission on that resource and, if so, which policies bind the member to those roles. + +See the [IAM Policy Troubleshooter API client library docs][javadocs] to learn how to +use this IAM Policy Troubleshooter API Client Library. + + + + + + +## Troubleshooting + +To get help, follow the instructions in the [shared Troubleshooting document][troubleshooting]. + +## Transport + +IAM Policy Troubleshooter API uses gRPC for the transport layer. + +## Java Versions + +Java 7 or above is required for using this client. + +## Versioning + + +This library follows [Semantic Versioning](http://semver.org/). + + +It is currently in major version zero (``0.y.z``), which means that anything may change at any time +and the public API should not be considered stable. + +## Contributing + + +Contributions to this library are always welcome and highly encouraged. + +See [CONTRIBUTING][contributing] for more information how to get started. + +Please note that this project is released with a Contributor Code of Conduct. By participating in +this project you agree to abide by its terms. See [Code of Conduct][code-of-conduct] for more +information. + +## License + +Apache 2.0 - See [LICENSE][license] for more information. + +## CI Status + +Java Version | Status +------------ | ------ +Java 7 | [![Kokoro CI][kokoro-badge-image-1]][kokoro-badge-link-1] +Java 8 | [![Kokoro CI][kokoro-badge-image-2]][kokoro-badge-link-2] +Java 8 OSX | [![Kokoro CI][kokoro-badge-image-3]][kokoro-badge-link-3] +Java 8 Windows | [![Kokoro CI][kokoro-badge-image-4]][kokoro-badge-link-4] +Java 11 | [![Kokoro CI][kokoro-badge-image-5]][kokoro-badge-link-5] + +Java is a registered trademark of Oracle and/or its affiliates. + +[product-docs]: https://cloud.google.com/iam/docs/troubleshooting-access +[javadocs]: https://googleapis.dev/java/google-cloud-policy-troubleshooter/latest/index.html +[kokoro-badge-image-1]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java7.svg +[kokoro-badge-link-1]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java7.html +[kokoro-badge-image-2]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java8.svg +[kokoro-badge-link-2]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java8.html +[kokoro-badge-image-3]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java8-osx.svg +[kokoro-badge-link-3]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java8-osx.html +[kokoro-badge-image-4]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java8-win.svg +[kokoro-badge-link-4]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java8-win.html +[kokoro-badge-image-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java11.svg +[kokoro-badge-link-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-policy-troubleshooter/java11.html +[stability-image]: https://img.shields.io/badge/stability-beta-yellow +[maven-version-image]: https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-policy-troubleshooter.svg +[maven-version-link]: https://search.maven.org/search?q=g:com.google.cloud%20AND%20a:google-cloud-policy-troubleshooter&core=gav +[authentication]: https://github.com/googleapis/google-cloud-java#authentication +[developer-console]: https://console.developers.google.com/ +[create-project]: https://cloud.google.com/resource-manager/docs/creating-managing-projects +[cloud-sdk]: https://cloud.google.com/sdk/ +[troubleshooting]: https://github.com/googleapis/google-cloud-common/blob/master/troubleshooting/readme.md#troubleshooting +[contributing]: https://github.com/googleapis/java-policy-troubleshooter/blob/master/CONTRIBUTING.md +[code-of-conduct]: https://github.com/googleapis/java-policy-troubleshooter/blob/master/CODE_OF_CONDUCT.md#contributor-code-of-conduct +[license]: https://github.com/googleapis/java-policy-troubleshooter/blob/master/LICENSE +[enable-billing]: https://cloud.google.com/apis/docs/getting-started#enabling_billing +[enable-api]: https://console.cloud.google.com/flows/enableapi?apiid=policy-troubleshooter.googleapis.com +[libraries-bom]: https://github.com/GoogleCloudPlatform/cloud-opensource-java/wiki/The-Google-Cloud-Platform-Libraries-BOM +[shell_img]: https://gstatic.com/cloudssh/images/open-btn.png diff --git a/codecov.yaml b/codecov.yaml new file mode 100644 index 0000000..5724ea9 --- /dev/null +++ b/codecov.yaml @@ -0,0 +1,4 @@ +--- +codecov: + ci: + - source.cloud.google.com diff --git a/google-cloud-policy-troubleshooter-bom/pom.xml b/google-cloud-policy-troubleshooter-bom/pom.xml new file mode 100644 index 0000000..4d5f922 --- /dev/null +++ b/google-cloud-policy-troubleshooter-bom/pom.xml @@ -0,0 +1,97 @@ + + + 4.0.0 + com.google.cloud + google-cloud-policy-troubleshooter-bom + 0.0.1-SNAPSHOT + pom + + com.google.cloud + google-cloud-shared-config + 0.10.0 + + + Google IAM Policy Troubleshooter API BOM + https://github.com/googleapis/java-policy-troubleshooter + + BOM for IAM Policy Troubleshooter API + + + + Google LLC + + + + + chingor13 + Jeff Ching + chingor@google.com + Google LLC + + Developer + + + + + + scm:git:https://github.com/googleapis/java-policy-troubleshooter.git + scm:git:git@github.com:googleapis/java-policy-troubleshooter.git + https://github.com/googleapis/java-policy-troubleshooter + + + + true + + + + + sonatype-nexus-snapshots + https://oss.sonatype.org/content/repositories/snapshots + + + sonatype-nexus-staging + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + + + + + + The Apache Software License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + + com.google.cloud + google-cloud-policy-troubleshooter + 0.0.1-SNAPSHOT + + + com.google.api.grpc + proto-google-cloud-policy-troubleshooter-v1 + 0.0.1-SNAPSHOT + + + com.google.api.grpc + grpc-google-cloud-policy-troubleshooter-v1 + 0.0.1-SNAPSHOT + + + + + + + + org.apache.maven.plugins + maven-checkstyle-plugin + + true + + + + + \ No newline at end of file diff --git a/google-cloud-policy-troubleshooter/pom.xml b/google-cloud-policy-troubleshooter/pom.xml new file mode 100644 index 0000000..fc3af6f --- /dev/null +++ b/google-cloud-policy-troubleshooter/pom.xml @@ -0,0 +1,111 @@ + + + 4.0.0 + com.google.cloud + google-cloud-policy-troubleshooter + 0.0.1-SNAPSHOT + jar + Google IAM Policy Troubleshooter API + https://github.com/googleapis/java-policy-troubleshooter + makes it easier to understand why a user has access to a resource or doesn't have permission to call an API. Given an email, resource, and permission, Policy Troubleshooter examines all Identity and Access Management (IAM) policies that apply to the resource. It then reveals whether the member's roles include the permission on that resource and, if so, which policies bind the member to those roles. + + com.google.cloud + google-cloud-policy-troubleshooter-parent + 0.0.1-SNAPSHOT + + + google-cloud-policy-troubleshooter + + + + io.grpc + grpc-api + + + io.grpc + grpc-stub + + + io.grpc + grpc-protobuf + + + com.google.api + api-common + + + com.google.protobuf + protobuf-java + + + com.google.api.grpc + proto-google-common-protos + + + + com.google.api.grpc + proto-google-cloud-policy-troubleshooter-v1 + + + com.google.guava + guava + + + com.google.api + gax + + + com.google.api + gax-grpc + + + org.threeten + threetenbp + + + + + junit + junit + test + 4.13.1 + + + + com.google.api.grpc + grpc-google-cloud-policy-troubleshooter-v1 + test + + + + com.google.api + gax-grpc + testlib + test + + + + + + java9 + + [9,) + + + + javax.annotation + javax.annotation-api + + + + + + + + + org.codehaus.mojo + flatten-maven-plugin + + + + \ No newline at end of file diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClient.java b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClient.java new file mode 100644 index 0000000..d10de9c --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClient.java @@ -0,0 +1,214 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1; + +import com.google.api.core.BetaApi; +import com.google.api.gax.core.BackgroundResource; +import com.google.api.gax.rpc.UnaryCallable; +import com.google.cloud.policytroubleshooter.v1.stub.IamCheckerStub; +import com.google.cloud.policytroubleshooter.v1.stub.IamCheckerStubSettings; +import java.io.IOException; +import java.util.concurrent.TimeUnit; +import javax.annotation.Generated; + +// AUTO-GENERATED DOCUMENTATION AND CLASS. +/** + * Service Description: IAM Policy Troubleshooter service. + * + *

This service helps you troubleshoot access issues for Google Cloud resources. + * + *

This class provides the ability to make remote calls to the backing service through method + * calls that map to API methods. Sample code to get started: + * + * 

{@code
+ * try (IamCheckerClient iamCheckerClient = IamCheckerClient.create()) {
+ *   TroubleshootIamPolicyRequest request = TroubleshootIamPolicyRequest.newBuilder().build();
+ *   TroubleshootIamPolicyResponse response = iamCheckerClient.troubleshootIamPolicy(request);
+ * }
+ * }
+ * + *

Note: close() needs to be called on the IamCheckerClient object to clean up resources such as + * threads. In the example above, try-with-resources is used, which automatically calls close(). + * + *

The surface of this class includes several types of Java methods for each of the API's + * methods: + * + *

    + *
  1. A "flattened" method. With this type of method, the fields of the request type have been + * converted into function parameters. It may be the case that not all fields are available as + * parameters, and not every API method will have a flattened method entry point. + *
  2. A "request object" method. This type of method only takes one parameter, a request object, + * which must be constructed before the call. Not every API method will have a request object + * method. + *
  3. A "callable" method. This type of method takes no parameters and returns an immutable API + * callable object, which can be used to initiate calls to the service. + *
+ * + *

See the individual methods for example code. + * + *

Many parameters require resource names to be formatted in a particular way. To assist with + * these names, this class includes a format method for each type of name, and additionally a parse + * method to extract the individual identifiers contained within names that are returned. + * + *

This class can be customized by passing in a custom instance of IamCheckerSettings to + * create(). For example: + * + *

To customize credentials: + * + * 

{@code
+ * IamCheckerSettings iamCheckerSettings =
+ *     IamCheckerSettings.newBuilder()
+ *         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
+ *         .build();
+ * IamCheckerClient iamCheckerClient = IamCheckerClient.create(iamCheckerSettings);
+ * }
+ * + *

To customize the endpoint: + * + * 

{@code
+ * IamCheckerSettings iamCheckerSettings =
+ *     IamCheckerSettings.newBuilder().setEndpoint(myEndpoint).build();
+ * IamCheckerClient iamCheckerClient = IamCheckerClient.create(iamCheckerSettings);
+ * }
+ * + *

Please refer to the GitHub repository's samples for more quickstart code snippets. + */ +@Generated("by gapic-generator-java") +public class IamCheckerClient implements BackgroundResource { + private final IamCheckerSettings settings; + private final IamCheckerStub stub; + + /** Constructs an instance of IamCheckerClient with default settings. */ + public static final IamCheckerClient create() throws IOException { + return create(IamCheckerSettings.newBuilder().build()); + } + + /** + * Constructs an instance of IamCheckerClient, using the given settings. The channels are created + * based on the settings passed in, or defaults for any settings that are not set. + */ + public static final IamCheckerClient create(IamCheckerSettings settings) throws IOException { + return new IamCheckerClient(settings); + } + + /** + * Constructs an instance of IamCheckerClient, using the given stub for making calls. This is for + * advanced usage - prefer using create(IamCheckerSettings). + */ + @BetaApi("A restructuring of stub classes is planned, so this may break in the future") + public static final IamCheckerClient create(IamCheckerStub stub) { + return new IamCheckerClient(stub); + } + + /** + * Constructs an instance of IamCheckerClient, using the given settings. This is protected so that + * it is easy to make a subclass, but otherwise, the static factory methods should be preferred. + */ + protected IamCheckerClient(IamCheckerSettings settings) throws IOException { + this.settings = settings; + this.stub = ((IamCheckerStubSettings) settings.getStubSettings()).createStub(); + } + + @BetaApi("A restructuring of stub classes is planned, so this may break in the future") + protected IamCheckerClient(IamCheckerStub stub) { + this.settings = null; + this.stub = stub; + } + + public final IamCheckerSettings getSettings() { + return settings; + } + + @BetaApi("A restructuring of stub classes is planned, so this may break in the future") + public IamCheckerStub getStub() { + return stub; + } + + // AUTO-GENERATED DOCUMENTATION AND METHOD. + /** + * Checks whether a member has a specific permission for a specific resource, and explains why the + * member does or does not have that permission. + * + *

Sample code: + * + * 

{@code
+   * try (IamCheckerClient iamCheckerClient = IamCheckerClient.create()) {
+   *   TroubleshootIamPolicyRequest request = TroubleshootIamPolicyRequest.newBuilder().build();
+   *   TroubleshootIamPolicyResponse response = iamCheckerClient.troubleshootIamPolicy(request);
+   * }
+   * }
+ * + * @param request The request object containing all of the parameters for the API call. + * @throws com.google.api.gax.rpc.ApiException if the remote call fails + */ + public final TroubleshootIamPolicyResponse troubleshootIamPolicy( + TroubleshootIamPolicyRequest request) { + return troubleshootIamPolicyCallable().call(request); + } + + // AUTO-GENERATED DOCUMENTATION AND METHOD. + /** + * Checks whether a member has a specific permission for a specific resource, and explains why the + * member does or does not have that permission. + * + *

Sample code: + * + * 

{@code
+   * try (IamCheckerClient iamCheckerClient = IamCheckerClient.create()) {
+   *   TroubleshootIamPolicyRequest request = TroubleshootIamPolicyRequest.newBuilder().build();
+   *   ApiFuture future =
+   *       iamCheckerClient.troubleshootIamPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   TroubleshootIamPolicyResponse response = future.get();
+   * }
+   * }
+ */ + public final UnaryCallable + troubleshootIamPolicyCallable() { + return stub.troubleshootIamPolicyCallable(); + } + + @Override + public final void close() { + stub.close(); + } + + @Override + public void shutdown() { + stub.shutdown(); + } + + @Override + public boolean isShutdown() { + return stub.isShutdown(); + } + + @Override + public boolean isTerminated() { + return stub.isTerminated(); + } + + @Override + public void shutdownNow() { + stub.shutdownNow(); + } + + @Override + public boolean awaitTermination(long duration, TimeUnit unit) throws InterruptedException { + return stub.awaitTermination(duration, unit); + } +} diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerSettings.java b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerSettings.java new file mode 100644 index 0000000..f3303c6 --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerSettings.java @@ -0,0 +1,183 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1; + +import com.google.api.core.ApiFunction; +import com.google.api.core.BetaApi; +import com.google.api.gax.core.GoogleCredentialsProvider; +import com.google.api.gax.core.InstantiatingExecutorProvider; +import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider; +import com.google.api.gax.rpc.ApiClientHeaderProvider; +import com.google.api.gax.rpc.ClientContext; +import com.google.api.gax.rpc.ClientSettings; +import com.google.api.gax.rpc.TransportChannelProvider; +import com.google.api.gax.rpc.UnaryCallSettings; +import com.google.cloud.policytroubleshooter.v1.stub.IamCheckerStubSettings; +import java.io.IOException; +import java.util.List; +import javax.annotation.Generated; + +// AUTO-GENERATED DOCUMENTATION AND CLASS. +/** + * Settings class to configure an instance of {@link IamCheckerClient}. + * + *

The default instance has everything set to sensible defaults: + * + *

    + *
  • The default service address (policytroubleshooter.googleapis.com) and default port (443) + * are used. + *
  • Credentials are acquired automatically through Application Default Credentials. + *
  • Retries are configured for idempotent methods but not for non-idempotent methods. + *
+ * + *

The builder of this class is recursive, so contained classes are themselves builders. When + * build() is called, the tree of builders is called to create the complete settings object. + * + *

For example, to set the total timeout of troubleshootIamPolicy to 30 seconds: + * + * 

{@code
+ * IamCheckerSettings.Builder iamCheckerSettingsBuilder = IamCheckerSettings.newBuilder();
+ * iamCheckerSettingsBuilder
+ *     .troubleshootIamPolicySettings()
+ *     .setRetrySettings(
+ *         iamCheckerSettingsBuilder
+ *             .troubleshootIamPolicySettings()
+ *             .getRetrySettings()
+ *             .toBuilder()
+ *             .setTotalTimeout(Duration.ofSeconds(30))
+ *             .build());
+ * IamCheckerSettings iamCheckerSettings = iamCheckerSettingsBuilder.build();
+ * }
+ */ +@Generated("by gapic-generator-java") +public class IamCheckerSettings extends ClientSettings { + + /** Returns the object with the settings used for calls to troubleshootIamPolicy. */ + public UnaryCallSettings + troubleshootIamPolicySettings() { + return ((IamCheckerStubSettings) getStubSettings()).troubleshootIamPolicySettings(); + } + + public static final IamCheckerSettings create(IamCheckerStubSettings stub) throws IOException { + return new IamCheckerSettings.Builder(stub.toBuilder()).build(); + } + + /** Returns a builder for the default ExecutorProvider for this service. */ + public static InstantiatingExecutorProvider.Builder defaultExecutorProviderBuilder() { + return IamCheckerStubSettings.defaultExecutorProviderBuilder(); + } + + /** Returns the default service endpoint. */ + public static String getDefaultEndpoint() { + return IamCheckerStubSettings.getDefaultEndpoint(); + } + + /** Returns the default service scopes. */ + public static List getDefaultServiceScopes() { + return IamCheckerStubSettings.getDefaultServiceScopes(); + } + + /** Returns a builder for the default credentials for this service. */ + public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilder() { + return IamCheckerStubSettings.defaultCredentialsProviderBuilder(); + } + + /** Returns a builder for the default ChannelProvider for this service. */ + public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() { + return IamCheckerStubSettings.defaultGrpcTransportProviderBuilder(); + } + + public static TransportChannelProvider defaultTransportChannelProvider() { + return IamCheckerStubSettings.defaultTransportChannelProvider(); + } + + @BetaApi("The surface for customizing headers is not stable yet and may change in the future.") + public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() { + return IamCheckerStubSettings.defaultApiClientHeaderProviderBuilder(); + } + + /** Returns a new builder for this class. */ + public static Builder newBuilder() { + return Builder.createDefault(); + } + + /** Returns a new builder for this class. */ + public static Builder newBuilder(ClientContext clientContext) { + return new Builder(clientContext); + } + + /** Returns a builder containing all the values of this settings class. */ + public Builder toBuilder() { + return new Builder(this); + } + + protected IamCheckerSettings(Builder settingsBuilder) throws IOException { + super(settingsBuilder); + } + + /** Builder for IamCheckerSettings. */ + public static class Builder extends ClientSettings.Builder { + + protected Builder() throws IOException { + this(((ClientContext) null)); + } + + protected Builder(ClientContext clientContext) { + super(IamCheckerStubSettings.newBuilder(clientContext)); + } + + protected Builder(IamCheckerSettings settings) { + super(settings.getStubSettings().toBuilder()); + } + + protected Builder(IamCheckerStubSettings.Builder stubSettings) { + super(stubSettings); + } + + private static Builder createDefault() { + return new Builder(IamCheckerStubSettings.newBuilder()); + } + + public IamCheckerStubSettings.Builder getStubSettingsBuilder() { + return ((IamCheckerStubSettings.Builder) getStubSettings()); + } + + // NEXT_MAJOR_VER: remove 'throws Exception'. + /** + * Applies the given settings updater function to all of the unary API methods in this service. + * + *

Note: This method does not support applying settings to streaming methods. + */ + public Builder applyToAllUnaryMethods( + ApiFunction, Void> settingsUpdater) throws Exception { + super.applyToAllUnaryMethods( + getStubSettingsBuilder().unaryMethodSettingsBuilders(), settingsUpdater); + return this; + } + + /** Returns the builder for the settings used for calls to troubleshootIamPolicy. */ + public UnaryCallSettings.Builder + troubleshootIamPolicySettings() { + return getStubSettingsBuilder().troubleshootIamPolicySettings(); + } + + @Override + public IamCheckerSettings build() throws IOException { + return new IamCheckerSettings(this); + } + } +} diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/gapic_metadata.json b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/gapic_metadata.json new file mode 100644 index 0000000..2dcfc63 --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/gapic_metadata.json @@ -0,0 +1,21 @@ +{ + "schema": "1.0", + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "java", + "protoPackage": "google.cloud.policytroubleshooter.v1", + "libraryPackage": "com.google.cloud.policytroubleshooter.v1", + "services": { + "IamChecker": { + "clients": { + "grpc": { + "libraryClient": "IamCheckerClient", + "rpcs": { + "TroubleshootIamPolicy": { + "methods": ["troubleshootIamPolicy", "troubleshootIamPolicyCallable"] + } + } + } + } + } + } +} \ No newline at end of file diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/package-info.java b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/package-info.java new file mode 100644 index 0000000..30d6a0b --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/package-info.java @@ -0,0 +1,38 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * The interfaces provided are listed below, along with usage samples. + * + *

======================= IamCheckerClient ======================= + * + *

Service Description: IAM Policy Troubleshooter service. + * + *

This service helps you troubleshoot access issues for Google Cloud resources. + * + *

Sample for IamCheckerClient: + * + * 

{@code
+ * try (IamCheckerClient iamCheckerClient = IamCheckerClient.create()) {
+ *   TroubleshootIamPolicyRequest request = TroubleshootIamPolicyRequest.newBuilder().build();
+ *   TroubleshootIamPolicyResponse response = iamCheckerClient.troubleshootIamPolicy(request);
+ * }
+ * }
+ */ +@Generated("by gapic-generator-java") +package com.google.cloud.policytroubleshooter.v1; + +import javax.annotation.Generated; diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/GrpcIamCheckerCallableFactory.java b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/GrpcIamCheckerCallableFactory.java new file mode 100644 index 0000000..0e7cf53 --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/GrpcIamCheckerCallableFactory.java @@ -0,0 +1,113 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1.stub; + +import com.google.api.gax.grpc.GrpcCallSettings; +import com.google.api.gax.grpc.GrpcCallableFactory; +import com.google.api.gax.grpc.GrpcStubCallableFactory; +import com.google.api.gax.rpc.BatchingCallSettings; +import com.google.api.gax.rpc.BidiStreamingCallable; +import com.google.api.gax.rpc.ClientContext; +import com.google.api.gax.rpc.ClientStreamingCallable; +import com.google.api.gax.rpc.OperationCallSettings; +import com.google.api.gax.rpc.OperationCallable; +import com.google.api.gax.rpc.PagedCallSettings; +import com.google.api.gax.rpc.ServerStreamingCallSettings; +import com.google.api.gax.rpc.ServerStreamingCallable; +import com.google.api.gax.rpc.StreamingCallSettings; +import com.google.api.gax.rpc.UnaryCallSettings; +import com.google.api.gax.rpc.UnaryCallable; +import com.google.longrunning.Operation; +import com.google.longrunning.stub.OperationsStub; +import javax.annotation.Generated; + +// AUTO-GENERATED DOCUMENTATION AND CLASS. +/** + * gRPC callable factory implementation for the IamChecker service API. + * + *

This class is for advanced usage. + */ +@Generated("by gapic-generator-java") +public class GrpcIamCheckerCallableFactory implements GrpcStubCallableFactory { + + @Override + public UnaryCallable createUnaryCallable( + GrpcCallSettings grpcCallSettings, + UnaryCallSettings callSettings, + ClientContext clientContext) { + return GrpcCallableFactory.createUnaryCallable(grpcCallSettings, callSettings, clientContext); + } + + @Override + public + UnaryCallable createPagedCallable( + GrpcCallSettings grpcCallSettings, + PagedCallSettings callSettings, + ClientContext clientContext) { + return GrpcCallableFactory.createPagedCallable(grpcCallSettings, callSettings, clientContext); + } + + @Override + public UnaryCallable createBatchingCallable( + GrpcCallSettings grpcCallSettings, + BatchingCallSettings callSettings, + ClientContext clientContext) { + return GrpcCallableFactory.createBatchingCallable( + grpcCallSettings, callSettings, clientContext); + } + + @Override + public + OperationCallable createOperationCallable( + GrpcCallSettings grpcCallSettings, + OperationCallSettings callSettings, + ClientContext clientContext, + OperationsStub operationsStub) { + return GrpcCallableFactory.createOperationCallable( + grpcCallSettings, callSettings, clientContext, operationsStub); + } + + @Override + public + BidiStreamingCallable createBidiStreamingCallable( + GrpcCallSettings grpcCallSettings, + StreamingCallSettings callSettings, + ClientContext clientContext) { + return GrpcCallableFactory.createBidiStreamingCallable( + grpcCallSettings, callSettings, clientContext); + } + + @Override + public + ServerStreamingCallable createServerStreamingCallable( + GrpcCallSettings grpcCallSettings, + ServerStreamingCallSettings callSettings, + ClientContext clientContext) { + return GrpcCallableFactory.createServerStreamingCallable( + grpcCallSettings, callSettings, clientContext); + } + + @Override + public + ClientStreamingCallable createClientStreamingCallable( + GrpcCallSettings grpcCallSettings, + StreamingCallSettings callSettings, + ClientContext clientContext) { + return GrpcCallableFactory.createClientStreamingCallable( + grpcCallSettings, callSettings, clientContext); + } +} diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/GrpcIamCheckerStub.java b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/GrpcIamCheckerStub.java new file mode 100644 index 0000000..cfe75ff --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/GrpcIamCheckerStub.java @@ -0,0 +1,155 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1.stub; + +import com.google.api.gax.core.BackgroundResource; +import com.google.api.gax.core.BackgroundResourceAggregation; +import com.google.api.gax.grpc.GrpcCallSettings; +import com.google.api.gax.grpc.GrpcStubCallableFactory; +import com.google.api.gax.rpc.ClientContext; +import com.google.api.gax.rpc.UnaryCallable; +import com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest; +import com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse; +import com.google.longrunning.stub.GrpcOperationsStub; +import io.grpc.MethodDescriptor; +import io.grpc.protobuf.ProtoUtils; +import java.io.IOException; +import java.util.concurrent.TimeUnit; +import javax.annotation.Generated; + +// AUTO-GENERATED DOCUMENTATION AND CLASS. +/** + * gRPC stub implementation for the IamChecker service API. + * + *

This class is for advanced usage and reflects the underlying API directly. + */ +@Generated("by gapic-generator-java") +public class GrpcIamCheckerStub extends IamCheckerStub { + private static final MethodDescriptor + troubleshootIamPolicyMethodDescriptor = + MethodDescriptor.newBuilder() + .setType(MethodDescriptor.MethodType.UNARY) + .setFullMethodName( + "google.cloud.policytroubleshooter.v1.IamChecker/TroubleshootIamPolicy") + .setRequestMarshaller( + ProtoUtils.marshaller(TroubleshootIamPolicyRequest.getDefaultInstance())) + .setResponseMarshaller( + ProtoUtils.marshaller(TroubleshootIamPolicyResponse.getDefaultInstance())) + .build(); + + private final UnaryCallable + troubleshootIamPolicyCallable; + + private final BackgroundResource backgroundResources; + private final GrpcOperationsStub operationsStub; + private final GrpcStubCallableFactory callableFactory; + + public static final GrpcIamCheckerStub create(IamCheckerStubSettings settings) + throws IOException { + return new GrpcIamCheckerStub(settings, ClientContext.create(settings)); + } + + public static final GrpcIamCheckerStub create(ClientContext clientContext) throws IOException { + return new GrpcIamCheckerStub(IamCheckerStubSettings.newBuilder().build(), clientContext); + } + + public static final GrpcIamCheckerStub create( + ClientContext clientContext, GrpcStubCallableFactory callableFactory) throws IOException { + return new GrpcIamCheckerStub( + IamCheckerStubSettings.newBuilder().build(), clientContext, callableFactory); + } + + /** + * Constructs an instance of GrpcIamCheckerStub, using the given settings. This is protected so + * that it is easy to make a subclass, but otherwise, the static factory methods should be + * preferred. + */ + protected GrpcIamCheckerStub(IamCheckerStubSettings settings, ClientContext clientContext) + throws IOException { + this(settings, clientContext, new GrpcIamCheckerCallableFactory()); + } + + /** + * Constructs an instance of GrpcIamCheckerStub, using the given settings. This is protected so + * that it is easy to make a subclass, but otherwise, the static factory methods should be + * preferred. + */ + protected GrpcIamCheckerStub( + IamCheckerStubSettings settings, + ClientContext clientContext, + GrpcStubCallableFactory callableFactory) + throws IOException { + this.callableFactory = callableFactory; + this.operationsStub = GrpcOperationsStub.create(clientContext, callableFactory); + + GrpcCallSettings + troubleshootIamPolicyTransportSettings = + GrpcCallSettings + .newBuilder() + .setMethodDescriptor(troubleshootIamPolicyMethodDescriptor) + .build(); + + this.troubleshootIamPolicyCallable = + callableFactory.createUnaryCallable( + troubleshootIamPolicyTransportSettings, + settings.troubleshootIamPolicySettings(), + clientContext); + + this.backgroundResources = + new BackgroundResourceAggregation(clientContext.getBackgroundResources()); + } + + public GrpcOperationsStub getOperationsStub() { + return operationsStub; + } + + @Override + public UnaryCallable + troubleshootIamPolicyCallable() { + return troubleshootIamPolicyCallable; + } + + @Override + public final void close() { + shutdown(); + } + + @Override + public void shutdown() { + backgroundResources.shutdown(); + } + + @Override + public boolean isShutdown() { + return backgroundResources.isShutdown(); + } + + @Override + public boolean isTerminated() { + return backgroundResources.isTerminated(); + } + + @Override + public void shutdownNow() { + backgroundResources.shutdownNow(); + } + + @Override + public boolean awaitTermination(long duration, TimeUnit unit) throws InterruptedException { + return backgroundResources.awaitTermination(duration, unit); + } +} diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/IamCheckerStub.java b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/IamCheckerStub.java new file mode 100644 index 0000000..979ad4b --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/IamCheckerStub.java @@ -0,0 +1,41 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1.stub; + +import com.google.api.gax.core.BackgroundResource; +import com.google.api.gax.rpc.UnaryCallable; +import com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest; +import com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse; +import javax.annotation.Generated; + +// AUTO-GENERATED DOCUMENTATION AND CLASS. +/** + * Base stub class for the IamChecker service API. + * + *

This class is for advanced usage and reflects the underlying API directly. + */ +@Generated("by gapic-generator-java") +public abstract class IamCheckerStub implements BackgroundResource { + + public UnaryCallable + troubleshootIamPolicyCallable() { + throw new UnsupportedOperationException("Not implemented: troubleshootIamPolicyCallable()"); + } + + @Override + public abstract void close(); +} diff --git a/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/IamCheckerStubSettings.java b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/IamCheckerStubSettings.java new file mode 100644 index 0000000..11753a3 --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/stub/IamCheckerStubSettings.java @@ -0,0 +1,267 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1.stub; + +import com.google.api.core.ApiFunction; +import com.google.api.core.BetaApi; +import com.google.api.gax.core.GaxProperties; +import com.google.api.gax.core.GoogleCredentialsProvider; +import com.google.api.gax.core.InstantiatingExecutorProvider; +import com.google.api.gax.grpc.GaxGrpcProperties; +import com.google.api.gax.grpc.GrpcTransportChannel; +import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider; +import com.google.api.gax.retrying.RetrySettings; +import com.google.api.gax.rpc.ApiClientHeaderProvider; +import com.google.api.gax.rpc.ClientContext; +import com.google.api.gax.rpc.StatusCode; +import com.google.api.gax.rpc.StubSettings; +import com.google.api.gax.rpc.TransportChannelProvider; +import com.google.api.gax.rpc.UnaryCallSettings; +import com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest; +import com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; +import com.google.common.collect.Lists; +import java.io.IOException; +import java.util.List; +import javax.annotation.Generated; +import org.threeten.bp.Duration; + +// AUTO-GENERATED DOCUMENTATION AND CLASS. +/** + * Settings class to configure an instance of {@link IamCheckerStub}. + * + *

The default instance has everything set to sensible defaults: + * + *

    + *
  • The default service address (policytroubleshooter.googleapis.com) and default port (443) + * are used. + *
  • Credentials are acquired automatically through Application Default Credentials. + *
  • Retries are configured for idempotent methods but not for non-idempotent methods. + *
+ * + *

The builder of this class is recursive, so contained classes are themselves builders. When + * build() is called, the tree of builders is called to create the complete settings object. + * + *

For example, to set the total timeout of troubleshootIamPolicy to 30 seconds: + * + * 

{@code
+ * IamCheckerStubSettings.Builder iamCheckerSettingsBuilder = IamCheckerStubSettings.newBuilder();
+ * iamCheckerSettingsBuilder
+ *     .troubleshootIamPolicySettings()
+ *     .setRetrySettings(
+ *         iamCheckerSettingsBuilder
+ *             .troubleshootIamPolicySettings()
+ *             .getRetrySettings()
+ *             .toBuilder()
+ *             .setTotalTimeout(Duration.ofSeconds(30))
+ *             .build());
+ * IamCheckerStubSettings iamCheckerSettings = iamCheckerSettingsBuilder.build();
+ * }
+ */ +@Generated("by gapic-generator-java") +public class IamCheckerStubSettings extends StubSettings { + /** The default scopes of the service. */ + private static final ImmutableList DEFAULT_SERVICE_SCOPES = + ImmutableList.builder().add("https://www.googleapis.com/auth/cloud-platform").build(); + + private final UnaryCallSettings + troubleshootIamPolicySettings; + + /** Returns the object with the settings used for calls to troubleshootIamPolicy. */ + public UnaryCallSettings + troubleshootIamPolicySettings() { + return troubleshootIamPolicySettings; + } + + @BetaApi("A restructuring of stub classes is planned, so this may break in the future") + public IamCheckerStub createStub() throws IOException { + if (getTransportChannelProvider() + .getTransportName() + .equals(GrpcTransportChannel.getGrpcTransportName())) { + return GrpcIamCheckerStub.create(this); + } + throw new UnsupportedOperationException( + String.format( + "Transport not supported: %s", getTransportChannelProvider().getTransportName())); + } + + /** Returns a builder for the default ExecutorProvider for this service. */ + public static InstantiatingExecutorProvider.Builder defaultExecutorProviderBuilder() { + return InstantiatingExecutorProvider.newBuilder(); + } + + /** Returns the default service endpoint. */ + public static String getDefaultEndpoint() { + return "policytroubleshooter.googleapis.com:443"; + } + + /** Returns the default service scopes. */ + public static List getDefaultServiceScopes() { + return DEFAULT_SERVICE_SCOPES; + } + + /** Returns a builder for the default credentials for this service. */ + public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilder() { + return GoogleCredentialsProvider.newBuilder().setScopesToApply(DEFAULT_SERVICE_SCOPES); + } + + /** Returns a builder for the default ChannelProvider for this service. */ + public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() { + return InstantiatingGrpcChannelProvider.newBuilder() + .setMaxInboundMessageSize(Integer.MAX_VALUE); + } + + public static TransportChannelProvider defaultTransportChannelProvider() { + return defaultGrpcTransportProviderBuilder().build(); + } + + @BetaApi("The surface for customizing headers is not stable yet and may change in the future.") + public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() { + return ApiClientHeaderProvider.newBuilder() + .setGeneratedLibToken( + "gapic", GaxProperties.getLibraryVersion(IamCheckerStubSettings.class)) + .setTransportToken( + GaxGrpcProperties.getGrpcTokenName(), GaxGrpcProperties.getGrpcVersion()); + } + + /** Returns a new builder for this class. */ + public static Builder newBuilder() { + return Builder.createDefault(); + } + + /** Returns a new builder for this class. */ + public static Builder newBuilder(ClientContext clientContext) { + return new Builder(clientContext); + } + + /** Returns a builder containing all the values of this settings class. */ + public Builder toBuilder() { + return new Builder(this); + } + + protected IamCheckerStubSettings(Builder settingsBuilder) throws IOException { + super(settingsBuilder); + + troubleshootIamPolicySettings = settingsBuilder.troubleshootIamPolicySettings().build(); + } + + /** Builder for IamCheckerStubSettings. */ + public static class Builder extends StubSettings.Builder { + private final ImmutableList> unaryMethodSettingsBuilders; + private final UnaryCallSettings.Builder< + TroubleshootIamPolicyRequest, TroubleshootIamPolicyResponse> + troubleshootIamPolicySettings; + private static final ImmutableMap> + RETRYABLE_CODE_DEFINITIONS; + + static { + ImmutableMap.Builder> definitions = + ImmutableMap.builder(); + definitions.put( + "no_retry_1_codes", ImmutableSet.copyOf(Lists.newArrayList())); + RETRYABLE_CODE_DEFINITIONS = definitions.build(); + } + + private static final ImmutableMap RETRY_PARAM_DEFINITIONS; + + static { + ImmutableMap.Builder definitions = ImmutableMap.builder(); + RetrySettings settings = null; + settings = + RetrySettings.newBuilder() + .setInitialRpcTimeout(Duration.ofMillis(60000L)) + .setRpcTimeoutMultiplier(1.0) + .setMaxRpcTimeout(Duration.ofMillis(60000L)) + .setTotalTimeout(Duration.ofMillis(60000L)) + .build(); + definitions.put("no_retry_1_params", settings); + RETRY_PARAM_DEFINITIONS = definitions.build(); + } + + protected Builder() { + this(((ClientContext) null)); + } + + protected Builder(ClientContext clientContext) { + super(clientContext); + + troubleshootIamPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder(); + + unaryMethodSettingsBuilders = + ImmutableList.>of(troubleshootIamPolicySettings); + initDefaults(this); + } + + protected Builder(IamCheckerStubSettings settings) { + super(settings); + + troubleshootIamPolicySettings = settings.troubleshootIamPolicySettings.toBuilder(); + + unaryMethodSettingsBuilders = + ImmutableList.>of(troubleshootIamPolicySettings); + } + + private static Builder createDefault() { + Builder builder = new Builder(((ClientContext) null)); + + builder.setTransportChannelProvider(defaultTransportChannelProvider()); + builder.setCredentialsProvider(defaultCredentialsProviderBuilder().build()); + builder.setInternalHeaderProvider(defaultApiClientHeaderProviderBuilder().build()); + builder.setEndpoint(getDefaultEndpoint()); + + return initDefaults(builder); + } + + private static Builder initDefaults(Builder builder) { + builder + .troubleshootIamPolicySettings() + .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_1_codes")) + .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_1_params")); + + return builder; + } + + // NEXT_MAJOR_VER: remove 'throws Exception'. + /** + * Applies the given settings updater function to all of the unary API methods in this service. + * + *

Note: This method does not support applying settings to streaming methods. + */ + public Builder applyToAllUnaryMethods( + ApiFunction, Void> settingsUpdater) throws Exception { + super.applyToAllUnaryMethods(unaryMethodSettingsBuilders, settingsUpdater); + return this; + } + + public ImmutableList> unaryMethodSettingsBuilders() { + return unaryMethodSettingsBuilders; + } + + /** Returns the builder for the settings used for calls to troubleshootIamPolicy. */ + public UnaryCallSettings.Builder + troubleshootIamPolicySettings() { + return troubleshootIamPolicySettings; + } + + @Override + public IamCheckerStubSettings build() throws IOException { + return new IamCheckerStubSettings(this); + } + } +} diff --git a/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClientTest.java b/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClientTest.java new file mode 100644 index 0000000..f6128b1 --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClientTest.java @@ -0,0 +1,118 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1; + +import com.google.api.gax.core.NoCredentialsProvider; +import com.google.api.gax.grpc.GaxGrpcProperties; +import com.google.api.gax.grpc.testing.LocalChannelProvider; +import com.google.api.gax.grpc.testing.MockGrpcService; +import com.google.api.gax.grpc.testing.MockServiceHelper; +import com.google.api.gax.rpc.ApiClientHeaderProvider; +import com.google.api.gax.rpc.InvalidArgumentException; +import com.google.protobuf.AbstractMessage; +import google.cloud.policytroubleshooter.v1.Explanations; +import io.grpc.StatusRuntimeException; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.UUID; +import javax.annotation.Generated; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; + +@Generated("by gapic-generator-java") +public class IamCheckerClientTest { + private static MockServiceHelper mockServiceHelper; + private static MockIamChecker mockIamChecker; + private IamCheckerClient client; + private LocalChannelProvider channelProvider; + + @BeforeClass + public static void startStaticServer() { + mockIamChecker = new MockIamChecker(); + mockServiceHelper = + new MockServiceHelper( + UUID.randomUUID().toString(), Arrays.asList(mockIamChecker)); + mockServiceHelper.start(); + } + + @AfterClass + public static void stopServer() { + mockServiceHelper.stop(); + } + + @Before + public void setUp() throws IOException { + mockServiceHelper.reset(); + channelProvider = mockServiceHelper.createChannelProvider(); + IamCheckerSettings settings = + IamCheckerSettings.newBuilder() + .setTransportChannelProvider(channelProvider) + .setCredentialsProvider(NoCredentialsProvider.create()) + .build(); + client = IamCheckerClient.create(settings); + } + + @After + public void tearDown() throws Exception { + client.close(); + } + + @Test + public void troubleshootIamPolicyTest() throws Exception { + TroubleshootIamPolicyResponse expectedResponse = + TroubleshootIamPolicyResponse.newBuilder() + .addAllExplainedPolicies(new ArrayList()) + .build(); + mockIamChecker.addResponse(expectedResponse); + + TroubleshootIamPolicyRequest request = TroubleshootIamPolicyRequest.newBuilder().build(); + + TroubleshootIamPolicyResponse actualResponse = client.troubleshootIamPolicy(request); + Assert.assertEquals(expectedResponse, actualResponse); + + List actualRequests = mockIamChecker.getRequests(); + Assert.assertEquals(1, actualRequests.size()); + TroubleshootIamPolicyRequest actualRequest = + ((TroubleshootIamPolicyRequest) actualRequests.get(0)); + + Assert.assertEquals(request.getAccessTuple(), actualRequest.getAccessTuple()); + Assert.assertTrue( + channelProvider.isHeaderSent( + ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), + GaxGrpcProperties.getDefaultApiClientHeaderPattern())); + } + + @Test + public void troubleshootIamPolicyExceptionTest() throws Exception { + StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT); + mockIamChecker.addException(exception); + + try { + TroubleshootIamPolicyRequest request = TroubleshootIamPolicyRequest.newBuilder().build(); + client.troubleshootIamPolicy(request); + Assert.fail("No exception raised"); + } catch (InvalidArgumentException e) { + // Expected exception. + } + } +} diff --git a/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/MockIamChecker.java b/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/MockIamChecker.java new file mode 100644 index 0000000..8c1b114 --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/MockIamChecker.java @@ -0,0 +1,59 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1; + +import com.google.api.core.BetaApi; +import com.google.api.gax.grpc.testing.MockGrpcService; +import com.google.protobuf.AbstractMessage; +import io.grpc.ServerServiceDefinition; +import java.util.List; +import javax.annotation.Generated; + +@BetaApi +@Generated("by gapic-generator-java") +public class MockIamChecker implements MockGrpcService { + private final MockIamCheckerImpl serviceImpl; + + public MockIamChecker() { + serviceImpl = new MockIamCheckerImpl(); + } + + @Override + public List getRequests() { + return serviceImpl.getRequests(); + } + + @Override + public void addResponse(AbstractMessage response) { + serviceImpl.addResponse(response); + } + + @Override + public void addException(Exception exception) { + serviceImpl.addException(exception); + } + + @Override + public ServerServiceDefinition getServiceDefinition() { + return serviceImpl.bindService(); + } + + @Override + public void reset() { + serviceImpl.reset(); + } +} diff --git a/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/MockIamCheckerImpl.java b/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/MockIamCheckerImpl.java new file mode 100644 index 0000000..3232cfe --- /dev/null +++ b/google-cloud-policy-troubleshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/MockIamCheckerImpl.java @@ -0,0 +1,82 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.cloud.policytroubleshooter.v1; + +import com.google.api.core.BetaApi; +import com.google.cloud.policytroubleshooter.v1.IamCheckerGrpc.IamCheckerImplBase; +import com.google.protobuf.AbstractMessage; +import io.grpc.stub.StreamObserver; +import java.util.ArrayList; +import java.util.LinkedList; +import java.util.List; +import java.util.Queue; +import javax.annotation.Generated; + +@BetaApi +@Generated("by gapic-generator-java") +public class MockIamCheckerImpl extends IamCheckerImplBase { + private List requests; + private Queue responses; + + public MockIamCheckerImpl() { + requests = new ArrayList<>(); + responses = new LinkedList<>(); + } + + public List getRequests() { + return requests; + } + + public void addResponse(AbstractMessage response) { + responses.add(response); + } + + public void setResponses(List responses) { + this.responses = new LinkedList(responses); + } + + public void addException(Exception exception) { + responses.add(exception); + } + + public void reset() { + requests = new ArrayList<>(); + responses = new LinkedList<>(); + } + + @Override + public void troubleshootIamPolicy( + TroubleshootIamPolicyRequest request, + StreamObserver responseObserver) { + Object response = responses.remove(); + if (response instanceof TroubleshootIamPolicyResponse) { + requests.add(request); + responseObserver.onNext(((TroubleshootIamPolicyResponse) response)); + responseObserver.onCompleted(); + } else if (response instanceof Exception) { + responseObserver.onError(((Exception) response)); + } else { + responseObserver.onError( + new IllegalArgumentException( + String.format( + "Unrecognized response type %s for method TroubleshootIamPolicy, expected %s or %s", + response.getClass().getName(), + TroubleshootIamPolicyResponse.class.getName(), + Exception.class.getName()))); + } + } +} diff --git a/grpc-google-cloud-policy-troubleshooter-v1/pom.xml b/grpc-google-cloud-policy-troubleshooter-v1/pom.xml new file mode 100644 index 0000000..b557e24 --- /dev/null +++ b/grpc-google-cloud-policy-troubleshooter-v1/pom.xml @@ -0,0 +1,65 @@ + + 4.0.0 + com.google.api.grpc + grpc-google-cloud-policy-troubleshooter-v1 + 0.0.1-SNAPSHOT + grpc-google-cloud-policy-troubleshooter-v1 + GRPC library for google-cloud-policy-troubleshooter + + com.google.cloud + google-cloud-policy-troubleshooter-parent + 0.0.1-SNAPSHOT + + + + io.grpc + grpc-api + + + io.grpc + grpc-stub + + + io.grpc + grpc-protobuf + + + com.google.protobuf + protobuf-java + + + com.google.api.grpc + proto-google-cloud-policy-troubleshooter-v1 + + + com.google.guava + guava + + + + + + java9 + + [9,) + + + + javax.annotation + javax.annotation-api + + + + + + + + + org.codehaus.mojo + flatten-maven-plugin + + + + \ No newline at end of file diff --git a/grpc-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerGrpc.java b/grpc-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerGrpc.java new file mode 100644 index 0000000..8339982 --- /dev/null +++ b/grpc-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerGrpc.java @@ -0,0 +1,379 @@ +/* + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.google.cloud.policytroubleshooter.v1; + +import static io.grpc.MethodDescriptor.generateFullMethodName; +import static io.grpc.stub.ClientCalls.asyncUnaryCall; +import static io.grpc.stub.ClientCalls.blockingUnaryCall; +import static io.grpc.stub.ClientCalls.futureUnaryCall; +import static io.grpc.stub.ServerCalls.asyncUnaryCall; +import static io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall; + +/** + * + * + * 
+ * IAM Policy Troubleshooter service.
+ * This service helps you troubleshoot access issues for Google Cloud resources.
+ *
+ */ +@javax.annotation.Generated( + value = "by gRPC proto compiler", + comments = "Source: google/cloud/policytroubleshooter/v1/checker.proto") +public final class IamCheckerGrpc { + + private IamCheckerGrpc() {} + + public static final String SERVICE_NAME = "google.cloud.policytroubleshooter.v1.IamChecker"; + + // Static method descriptors that strictly reflect the proto. + private static volatile io.grpc.MethodDescriptor< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse> + getTroubleshootIamPolicyMethod; + + @io.grpc.stub.annotations.RpcMethod( + fullMethodName = SERVICE_NAME + '/' + "TroubleshootIamPolicy", + requestType = com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest.class, + responseType = com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse.class, + methodType = io.grpc.MethodDescriptor.MethodType.UNARY) + public static io.grpc.MethodDescriptor< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse> + getTroubleshootIamPolicyMethod() { + io.grpc.MethodDescriptor< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse> + getTroubleshootIamPolicyMethod; + if ((getTroubleshootIamPolicyMethod = IamCheckerGrpc.getTroubleshootIamPolicyMethod) == null) { + synchronized (IamCheckerGrpc.class) { + if ((getTroubleshootIamPolicyMethod = IamCheckerGrpc.getTroubleshootIamPolicyMethod) + == null) { + IamCheckerGrpc.getTroubleshootIamPolicyMethod = + getTroubleshootIamPolicyMethod = + io.grpc.MethodDescriptor + . + newBuilder() + .setType(io.grpc.MethodDescriptor.MethodType.UNARY) + .setFullMethodName( + generateFullMethodName(SERVICE_NAME, "TroubleshootIamPolicy")) + .setSampledToLocalTracing(true) + .setRequestMarshaller( + io.grpc.protobuf.ProtoUtils.marshaller( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + .getDefaultInstance())) + .setResponseMarshaller( + io.grpc.protobuf.ProtoUtils.marshaller( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + .getDefaultInstance())) + .setSchemaDescriptor( + new IamCheckerMethodDescriptorSupplier("TroubleshootIamPolicy")) + .build(); + } + } + } + return getTroubleshootIamPolicyMethod; + } + + /** Creates a new async stub that supports all call types for the service */ + public static IamCheckerStub newStub(io.grpc.Channel channel) { + io.grpc.stub.AbstractStub.StubFactory factory = + new io.grpc.stub.AbstractStub.StubFactory() { + @java.lang.Override + public IamCheckerStub newStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + return new IamCheckerStub(channel, callOptions); + } + }; + return IamCheckerStub.newStub(factory, channel); + } + + /** + * Creates a new blocking-style stub that supports unary and streaming output calls on the service + */ + public static IamCheckerBlockingStub newBlockingStub(io.grpc.Channel channel) { + io.grpc.stub.AbstractStub.StubFactory factory = + new io.grpc.stub.AbstractStub.StubFactory() { + @java.lang.Override + public IamCheckerBlockingStub newStub( + io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + return new IamCheckerBlockingStub(channel, callOptions); + } + }; + return IamCheckerBlockingStub.newStub(factory, channel); + } + + /** Creates a new ListenableFuture-style stub that supports unary calls on the service */ + public static IamCheckerFutureStub newFutureStub(io.grpc.Channel channel) { + io.grpc.stub.AbstractStub.StubFactory factory = + new io.grpc.stub.AbstractStub.StubFactory() { + @java.lang.Override + public IamCheckerFutureStub newStub( + io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + return new IamCheckerFutureStub(channel, callOptions); + } + }; + return IamCheckerFutureStub.newStub(factory, channel); + } + + /** + * + * + * 
+   * IAM Policy Troubleshooter service.
+   * This service helps you troubleshoot access issues for Google Cloud resources.
+   *
+ */ + public abstract static class IamCheckerImplBase implements io.grpc.BindableService { + + /** + * + * + * 
+     * Checks whether a member has a specific permission for a specific resource,
+     * and explains why the member does or does not have that permission.
+     *
+ */ + public void troubleshootIamPolicy( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest request, + io.grpc.stub.StreamObserver< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse> + responseObserver) { + asyncUnimplementedUnaryCall(getTroubleshootIamPolicyMethod(), responseObserver); + } + + @java.lang.Override + public final io.grpc.ServerServiceDefinition bindService() { + return io.grpc.ServerServiceDefinition.builder(getServiceDescriptor()) + .addMethod( + getTroubleshootIamPolicyMethod(), + asyncUnaryCall( + new MethodHandlers< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse>( + this, METHODID_TROUBLESHOOT_IAM_POLICY))) + .build(); + } + } + + /** + * + * + * 
+   * IAM Policy Troubleshooter service.
+   * This service helps you troubleshoot access issues for Google Cloud resources.
+   *
+ */ + public static final class IamCheckerStub extends io.grpc.stub.AbstractAsyncStub { + private IamCheckerStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + super(channel, callOptions); + } + + @java.lang.Override + protected IamCheckerStub build(io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + return new IamCheckerStub(channel, callOptions); + } + + /** + * + * + * 
+     * Checks whether a member has a specific permission for a specific resource,
+     * and explains why the member does or does not have that permission.
+     *
+ */ + public void troubleshootIamPolicy( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest request, + io.grpc.stub.StreamObserver< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse> + responseObserver) { + asyncUnaryCall( + getChannel().newCall(getTroubleshootIamPolicyMethod(), getCallOptions()), + request, + responseObserver); + } + } + + /** + * + * + * 
+   * IAM Policy Troubleshooter service.
+   * This service helps you troubleshoot access issues for Google Cloud resources.
+   *
+ */ + public static final class IamCheckerBlockingStub + extends io.grpc.stub.AbstractBlockingStub { + private IamCheckerBlockingStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + super(channel, callOptions); + } + + @java.lang.Override + protected IamCheckerBlockingStub build( + io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + return new IamCheckerBlockingStub(channel, callOptions); + } + + /** + * + * + * 
+     * Checks whether a member has a specific permission for a specific resource,
+     * and explains why the member does or does not have that permission.
+     *
+ */ + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + troubleshootIamPolicy( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest request) { + return blockingUnaryCall( + getChannel(), getTroubleshootIamPolicyMethod(), getCallOptions(), request); + } + } + + /** + * + * + * 
+   * IAM Policy Troubleshooter service.
+   * This service helps you troubleshoot access issues for Google Cloud resources.
+   *
+ */ + public static final class IamCheckerFutureStub + extends io.grpc.stub.AbstractFutureStub { + private IamCheckerFutureStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + super(channel, callOptions); + } + + @java.lang.Override + protected IamCheckerFutureStub build(io.grpc.Channel channel, io.grpc.CallOptions callOptions) { + return new IamCheckerFutureStub(channel, callOptions); + } + + /** + * + * + * 
+     * Checks whether a member has a specific permission for a specific resource,
+     * and explains why the member does or does not have that permission.
+     *
+ */ + public com.google.common.util.concurrent.ListenableFuture< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse> + troubleshootIamPolicy( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest request) { + return futureUnaryCall( + getChannel().newCall(getTroubleshootIamPolicyMethod(), getCallOptions()), request); + } + } + + private static final int METHODID_TROUBLESHOOT_IAM_POLICY = 0; + + private static final class MethodHandlers + implements io.grpc.stub.ServerCalls.UnaryMethod, + io.grpc.stub.ServerCalls.ServerStreamingMethod, + io.grpc.stub.ServerCalls.ClientStreamingMethod, + io.grpc.stub.ServerCalls.BidiStreamingMethod { + private final IamCheckerImplBase serviceImpl; + private final int methodId; + + MethodHandlers(IamCheckerImplBase serviceImpl, int methodId) { + this.serviceImpl = serviceImpl; + this.methodId = methodId; + } + + @java.lang.Override + @java.lang.SuppressWarnings("unchecked") + public void invoke(Req request, io.grpc.stub.StreamObserver responseObserver) { + switch (methodId) { + case METHODID_TROUBLESHOOT_IAM_POLICY: + serviceImpl.troubleshootIamPolicy( + (com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) request, + (io.grpc.stub.StreamObserver< + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse>) + responseObserver); + break; + default: + throw new AssertionError(); + } + } + + @java.lang.Override + @java.lang.SuppressWarnings("unchecked") + public io.grpc.stub.StreamObserver invoke( + io.grpc.stub.StreamObserver responseObserver) { + switch (methodId) { + default: + throw new AssertionError(); + } + } + } + + private abstract static class IamCheckerBaseDescriptorSupplier + implements io.grpc.protobuf.ProtoFileDescriptorSupplier, + io.grpc.protobuf.ProtoServiceDescriptorSupplier { + IamCheckerBaseDescriptorSupplier() {} + + @java.lang.Override + public com.google.protobuf.Descriptors.FileDescriptor getFileDescriptor() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto.getDescriptor(); + } + + @java.lang.Override + public com.google.protobuf.Descriptors.ServiceDescriptor getServiceDescriptor() { + return getFileDescriptor().findServiceByName("IamChecker"); + } + } + + private static final class IamCheckerFileDescriptorSupplier + extends IamCheckerBaseDescriptorSupplier { + IamCheckerFileDescriptorSupplier() {} + } + + private static final class IamCheckerMethodDescriptorSupplier + extends IamCheckerBaseDescriptorSupplier + implements io.grpc.protobuf.ProtoMethodDescriptorSupplier { + private final String methodName; + + IamCheckerMethodDescriptorSupplier(String methodName) { + this.methodName = methodName; + } + + @java.lang.Override + public com.google.protobuf.Descriptors.MethodDescriptor getMethodDescriptor() { + return getServiceDescriptor().findMethodByName(methodName); + } + } + + private static volatile io.grpc.ServiceDescriptor serviceDescriptor; + + public static io.grpc.ServiceDescriptor getServiceDescriptor() { + io.grpc.ServiceDescriptor result = serviceDescriptor; + if (result == null) { + synchronized (IamCheckerGrpc.class) { + result = serviceDescriptor; + if (result == null) { + serviceDescriptor = + result = + io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME) + .setSchemaDescriptor(new IamCheckerFileDescriptorSupplier()) + .addMethod(getTroubleshootIamPolicyMethod()) + .build(); + } + } + } + return result; + } +} diff --git a/java.header b/java.header new file mode 100644 index 0000000..3a9b503 --- /dev/null +++ b/java.header @@ -0,0 +1,15 @@ +^/\*$ +^ \* Copyright \d\d\d\d,? Google (Inc\.|LLC)( All [rR]ights [rR]eserved\.)?$ +^ \*$ +^ \* Licensed under the Apache License, Version 2\.0 \(the "License"\);$ +^ \* you may not use this file except in compliance with the License\.$ +^ \* You may obtain a copy of the License at$ +^ \*$ +^ \*[ ]+https?://www.apache.org/licenses/LICENSE-2\.0$ +^ \*$ +^ \* Unless required by applicable law or agreed to in writing, software$ +^ \* distributed under the License is distributed on an "AS IS" BASIS,$ +^ \* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied\.$ +^ \* See the License for the specific language governing permissions and$ +^ \* limitations under the License\.$ +^ \*/$ diff --git a/license-checks.xml b/license-checks.xml new file mode 100644 index 0000000..6597fce --- /dev/null +++ b/license-checks.xml @@ -0,0 +1,10 @@ + + + + + + + + diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..5db8a3b --- /dev/null +++ b/pom.xml @@ -0,0 +1,189 @@ + + + 4.0.0 + com.google.cloud + google-cloud-policy-troubleshooter-parent + pom + 0.0.1-SNAPSHOT + Google IAM Policy Troubleshooter API Parent + https://github.com/googleapis/java-policy-troubleshooter + + Java idiomatic client for Google Cloud Platform services. + + + + com.google.cloud + google-cloud-shared-config + 0.10.0 + + + + + chingor + Jeff Ching + chingor@google.com + Google + + Developer + + + + + Google LLC + + + scm:git:git@github.com:googleapis/java-policy-troubleshooter.git + scm:git:git@github.com:googleapis/java-policy-troubleshooter.git + https://github.com/googleapis/java-policy-troubleshooter + HEAD + + + https://github.com/googleapis/java-policy-troubleshooter/issues + GitHub Issues + + + + sonatype-nexus-snapshots + https://oss.sonatype.org/content/repositories/snapshots + + + sonatype-nexus-staging + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + + + + + Apache-2.0 + https://www.apache.org/licenses/LICENSE-2.0.txt + + + + + UTF-8 + UTF-8 + github + google-cloud-policy-troubleshooter-parent + + + + + + com.google.cloud + google-cloud-policy-troubleshooter + 0.0.1-SNAPSHOT + + + com.google.api.grpc + proto-google-cloud-policy-troubleshooter-v1 + 0.0.1-SNAPSHOT + + + com.google.api.grpc + grpc-google-cloud-policy-troubleshooter-v1 + 0.0.1-SNAPSHOT + + + + com.google.cloud + google-cloud-shared-dependencies + 0.18.0 + pom + import + + + + + + + + + org.apache.maven.plugins + maven-dependency-plugin + + + org.objenesis:objenesis + javax.annotation:javax.annotation-api + + + + + + + + + google-cloud-policy-troubleshooter + proto-google-cloud-policy-troubleshooter-v1 + grpc-google-cloud-policy-troubleshooter-v1 + google-cloud-policy-troubleshooter-bom + + + + + + org.apache.maven.plugins + maven-project-info-reports-plugin + 3.1.1 + + + + index + dependency-info + team + ci-management + issue-management + licenses + scm + dependency-management + distribution-management + summary + modules + + + + + true + ${site.installationModule} + jar + + + + org.apache.maven.plugins + maven-javadoc-plugin + 3.2.0 + + + html + + aggregate + javadoc + + + + + none + protected + true + ${project.build.directory}/javadoc + + + Test helpers packages + com.google.cloud.testing + + + SPI packages + com.google.cloud.spi* + + + + + https://grpc.io/grpc-java/javadoc/ + https://developers.google.com/protocol-buffers/docs/reference/java/ + https://googleapis.dev/java/google-auth-library/latest/ + https://googleapis.dev/java/gax/latest/ + https://googleapis.github.io/api-common-java/${google.api-common.version}/apidocs/ + + + + + + \ No newline at end of file diff --git a/proto-google-cloud-policy-troubleshooter-v1/pom.xml b/proto-google-cloud-policy-troubleshooter-v1/pom.xml new file mode 100644 index 0000000..72aaf74 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/pom.xml @@ -0,0 +1,46 @@ + + 4.0.0 + com.google.api.grpc + proto-google-cloud-policy-troubleshooter-v1 + 0.0.1-SNAPSHOT + proto-google-cloud-policy-troubleshooter-v1 + Proto library for google-cloud-policy-troubleshooter + + com.google.cloud + google-cloud-policy-troubleshooter-parent + 0.0.1-SNAPSHOT + + + + com.google.protobuf + protobuf-java + + + com.google.api.grpc + proto-google-common-protos + + + com.google.api.grpc + proto-google-iam-v1 + + + com.google.api + api-common + + + com.google.guava + guava + + + + + + + org.codehaus.mojo + flatten-maven-plugin + + + + diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IAMCheckerProto.java b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IAMCheckerProto.java new file mode 100644 index 0000000..b15cad6 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IAMCheckerProto.java @@ -0,0 +1,112 @@ +/* + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Generated by the protocol buffer compiler. DO NOT EDIT! +// source: google/cloud/policytroubleshooter/v1/checker.proto + +package com.google.cloud.policytroubleshooter.v1; + +public final class IAMCheckerProto { + private IAMCheckerProto() {} + + public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {} + + public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) { + registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry); + } + + static final com.google.protobuf.Descriptors.Descriptor + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_descriptor; + static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_fieldAccessorTable; + static final com.google.protobuf.Descriptors.Descriptor + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_descriptor; + static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_fieldAccessorTable; + + public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() { + return descriptor; + } + + private static com.google.protobuf.Descriptors.FileDescriptor descriptor; + + static { + java.lang.String[] descriptorData = { + "\n2google/cloud/policytroubleshooter/v1/c" + + "hecker.proto\022$google.cloud.policytrouble" + + "shooter.v1\0327google/cloud/policytroublesh" + + "ooter/v1/explanations.proto\032\034google/api/" + + "annotations.proto\032\027google/api/client.pro" + + "to\"g\n\034TroubleshootIamPolicyRequest\022G\n\014ac" + + "cess_tuple\030\001 \001(\01321.google.cloud.policytr" + + "oubleshooter.v1.AccessTuple\"\265\001\n\035Troubles" + + "hootIamPolicyResponse\022A\n\006access\030\001 \001(\01621." + + "google.cloud.policytroubleshooter.v1.Acc" + + "essState\022Q\n\022explained_policies\030\002 \003(\01325.g" + + "oogle.cloud.policytroubleshooter.v1.Expl" + + "ainedPolicy2\251\002\n\nIamChecker\022\301\001\n\025Troublesh" + + "ootIamPolicy\022B.google.cloud.policytroubl" + + "eshooter.v1.TroubleshootIamPolicyRequest" + + "\032C.google.cloud.policytroubleshooter.v1." + + "TroubleshootIamPolicyResponse\"\037\202\323\344\223\002\031\"\024/" + + "v1/iam:troubleshoot:\001*\032W\312A#policytrouble" + + "shooter.googleapis.com\322A.https://www.goo" + + "gleapis.com/auth/cloud-platformB\222\002\n(com." + + "google.cloud.policytroubleshooter.v1B\017IA" + + "MCheckerProtoP\001ZXgoogle.golang.org/genpr" + + "oto/googleapis/cloud/policytroubleshoote" + + "r/v1;policytroubleshooter\370\001\001\252\002$Google.Cl" + + "oud.PolicyTroubleshooter.V1\312\002$Google\\Clo" + + "ud\\PolicyTroubleshooter\\V1\352\002\'Google::Clo" + + "ud::PolicyTroubleshooter::V1P\000b\006proto3" + }; + descriptor = + com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom( + descriptorData, + new com.google.protobuf.Descriptors.FileDescriptor[] { + google.cloud.policytroubleshooter.v1.Explanations.getDescriptor(), + com.google.api.AnnotationsProto.getDescriptor(), + com.google.api.ClientProto.getDescriptor(), + }); + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_descriptor = + getDescriptor().getMessageTypes().get(0); + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_fieldAccessorTable = + new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_descriptor, + new java.lang.String[] { + "AccessTuple", + }); + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_descriptor = + getDescriptor().getMessageTypes().get(1); + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_fieldAccessorTable = + new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_descriptor, + new java.lang.String[] { + "Access", "ExplainedPolicies", + }); + com.google.protobuf.ExtensionRegistry registry = + com.google.protobuf.ExtensionRegistry.newInstance(); + registry.add(com.google.api.ClientProto.defaultHost); + registry.add(com.google.api.AnnotationsProto.http); + registry.add(com.google.api.ClientProto.oauthScopes); + com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor( + descriptor, registry); + google.cloud.policytroubleshooter.v1.Explanations.getDescriptor(); + com.google.api.AnnotationsProto.getDescriptor(); + com.google.api.ClientProto.getDescriptor(); + } + + // @@protoc_insertion_point(outer_class_scope) +} diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequest.java b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequest.java new file mode 100644 index 0000000..17e2e72 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequest.java @@ -0,0 +1,765 @@ +/* + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Generated by the protocol buffer compiler. DO NOT EDIT! +// source: google/cloud/policytroubleshooter/v1/checker.proto + +package com.google.cloud.policytroubleshooter.v1; + +/** + * + * + * 
+ * Request for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
+ *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest} + */ +public final class TroubleshootIamPolicyRequest extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) + TroubleshootIamPolicyRequestOrBuilder { + private static final long serialVersionUID = 0L; + // Use TroubleshootIamPolicyRequest.newBuilder() to construct. + private TroubleshootIamPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private TroubleshootIamPolicyRequest() {} + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new TroubleshootIamPolicyRequest(); + } + + @java.lang.Override + public final com.google.protobuf.UnknownFieldSet getUnknownFields() { + return this.unknownFields; + } + + private TroubleshootIamPolicyRequest( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + this(); + if (extensionRegistry == null) { + throw new java.lang.NullPointerException(); + } + com.google.protobuf.UnknownFieldSet.Builder unknownFields = + com.google.protobuf.UnknownFieldSet.newBuilder(); + try { + boolean done = false; + while (!done) { + int tag = input.readTag(); + switch (tag) { + case 0: + done = true; + break; + case 10: + { + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder subBuilder = + null; + if (accessTuple_ != null) { + subBuilder = accessTuple_.toBuilder(); + } + accessTuple_ = + input.readMessage( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.parser(), + extensionRegistry); + if (subBuilder != null) { + subBuilder.mergeFrom(accessTuple_); + accessTuple_ = subBuilder.buildPartial(); + } + + break; + } + default: + { + if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) { + done = true; + } + break; + } + } + } + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + throw e.setUnfinishedMessage(this); + } catch (java.io.IOException e) { + throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this); + } finally { + this.unknownFields = unknownFields.build(); + makeExtensionsImmutable(); + } + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest.class, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest.Builder.class); + } + + public static final int ACCESS_TUPLE_FIELD_NUMBER = 1; + private google.cloud.policytroubleshooter.v1.Explanations.AccessTuple accessTuple_; + /** + * + * + * 
+   * The information to use for checking whether a member has a permission for a
+   * resource.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + * + * @return Whether the accessTuple field is set. + */ + @java.lang.Override + public boolean hasAccessTuple() { + return accessTuple_ != null; + } + /** + * + * + * 
+   * The information to use for checking whether a member has a permission for a
+   * resource.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + * + * @return The accessTuple. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple getAccessTuple() { + return accessTuple_ == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.getDefaultInstance() + : accessTuple_; + } + /** + * + * + * 
+   * The information to use for checking whether a member has a permission for a
+   * resource.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessTupleOrBuilder + getAccessTupleOrBuilder() { + return getAccessTuple(); + } + + private byte memoizedIsInitialized = -1; + + @java.lang.Override + public final boolean isInitialized() { + byte isInitialized = memoizedIsInitialized; + if (isInitialized == 1) return true; + if (isInitialized == 0) return false; + + memoizedIsInitialized = 1; + return true; + } + + @java.lang.Override + public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException { + if (accessTuple_ != null) { + output.writeMessage(1, getAccessTuple()); + } + unknownFields.writeTo(output); + } + + @java.lang.Override + public int getSerializedSize() { + int size = memoizedSize; + if (size != -1) return size; + + size = 0; + if (accessTuple_ != null) { + size += com.google.protobuf.CodedOutputStream.computeMessageSize(1, getAccessTuple()); + } + size += unknownFields.getSerializedSize(); + memoizedSize = size; + return size; + } + + @java.lang.Override + public boolean equals(final java.lang.Object obj) { + if (obj == this) { + return true; + } + if (!(obj instanceof com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest)) { + return super.equals(obj); + } + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest other = + (com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) obj; + + if (hasAccessTuple() != other.hasAccessTuple()) return false; + if (hasAccessTuple()) { + if (!getAccessTuple().equals(other.getAccessTuple())) return false; + } + if (!unknownFields.equals(other.unknownFields)) return false; + return true; + } + + @java.lang.Override + public int hashCode() { + if (memoizedHashCode != 0) { + return memoizedHashCode; + } + int hash = 41; + hash = (19 * hash) + getDescriptor().hashCode(); + if (hasAccessTuple()) { + hash = (37 * hash) + ACCESS_TUPLE_FIELD_NUMBER; + hash = (53 * hash) + getAccessTuple().hashCode(); + } + hash = (29 * hash) + unknownFields.hashCode(); + memoizedHashCode = hash; + return hash; + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + com.google.protobuf.ByteString data) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + com.google.protobuf.ByteString data, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + byte[] data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + parseDelimitedFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException( + PARSER, input, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + com.google.protobuf.CodedInputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parseFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + @java.lang.Override + public Builder newBuilderForType() { + return newBuilder(); + } + + public static Builder newBuilder() { + return DEFAULT_INSTANCE.toBuilder(); + } + + public static Builder newBuilder( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest prototype) { + return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype); + } + + @java.lang.Override + public Builder toBuilder() { + return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this); + } + + @java.lang.Override + protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + Builder builder = new Builder(parent); + return builder; + } + /** + * + * + * 
+   * Request for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
+   *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest} + */ + public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder + implements + // @@protoc_insertion_point(builder_implements:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequestOrBuilder { + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest.class, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest.Builder.class); + } + + // Construct using + // com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest.newBuilder() + private Builder() { + maybeForceBuilderInitialization(); + } + + private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + super(parent); + maybeForceBuilderInitialization(); + } + + private void maybeForceBuilderInitialization() { + if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {} + } + + @java.lang.Override + public Builder clear() { + super.clear(); + if (accessTupleBuilder_ == null) { + accessTuple_ = null; + } else { + accessTuple_ = null; + accessTupleBuilder_ = null; + } + return this; + } + + @java.lang.Override + public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_descriptor; + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + getDefaultInstanceForType() { + return com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + .getDefaultInstance(); + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest build() { + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest result = buildPartial(); + if (!result.isInitialized()) { + throw newUninitializedMessageException(result); + } + return result; + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest buildPartial() { + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest result = + new com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest(this); + if (accessTupleBuilder_ == null) { + result.accessTuple_ = accessTuple_; + } else { + result.accessTuple_ = accessTupleBuilder_.build(); + } + onBuilt(); + return result; + } + + @java.lang.Override + public Builder clone() { + return super.clone(); + } + + @java.lang.Override + public Builder setField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.setField(field, value); + } + + @java.lang.Override + public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) { + return super.clearField(field); + } + + @java.lang.Override + public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) { + return super.clearOneof(oneof); + } + + @java.lang.Override + public Builder setRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) { + return super.setRepeatedField(field, index, value); + } + + @java.lang.Override + public Builder addRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.addRepeatedField(field, value); + } + + @java.lang.Override + public Builder mergeFrom(com.google.protobuf.Message other) { + if (other instanceof com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) { + return mergeFrom( + (com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) other); + } else { + super.mergeFrom(other); + return this; + } + } + + public Builder mergeFrom( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest other) { + if (other + == com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + .getDefaultInstance()) return this; + if (other.hasAccessTuple()) { + mergeAccessTuple(other.getAccessTuple()); + } + this.mergeUnknownFields(other.unknownFields); + onChanged(); + return this; + } + + @java.lang.Override + public final boolean isInitialized() { + return true; + } + + @java.lang.Override + public Builder mergeFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest parsedMessage = null; + try { + parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry); + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + parsedMessage = + (com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) + e.getUnfinishedMessage(); + throw e.unwrapIOException(); + } finally { + if (parsedMessage != null) { + mergeFrom(parsedMessage); + } + } + return this; + } + + private google.cloud.policytroubleshooter.v1.Explanations.AccessTuple accessTuple_; + private com.google.protobuf.SingleFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple, + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder, + google.cloud.policytroubleshooter.v1.Explanations.AccessTupleOrBuilder> + accessTupleBuilder_; + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + * + * @return Whether the accessTuple field is set. + */ + public boolean hasAccessTuple() { + return accessTupleBuilder_ != null || accessTuple_ != null; + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + * + * @return The accessTuple. + */ + public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple getAccessTuple() { + if (accessTupleBuilder_ == null) { + return accessTuple_ == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.getDefaultInstance() + : accessTuple_; + } else { + return accessTupleBuilder_.getMessage(); + } + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + public Builder setAccessTuple( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple value) { + if (accessTupleBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + accessTuple_ = value; + onChanged(); + } else { + accessTupleBuilder_.setMessage(value); + } + + return this; + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + public Builder setAccessTuple( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder builderForValue) { + if (accessTupleBuilder_ == null) { + accessTuple_ = builderForValue.build(); + onChanged(); + } else { + accessTupleBuilder_.setMessage(builderForValue.build()); + } + + return this; + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + public Builder mergeAccessTuple( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple value) { + if (accessTupleBuilder_ == null) { + if (accessTuple_ != null) { + accessTuple_ = + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.newBuilder(accessTuple_) + .mergeFrom(value) + .buildPartial(); + } else { + accessTuple_ = value; + } + onChanged(); + } else { + accessTupleBuilder_.mergeFrom(value); + } + + return this; + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + public Builder clearAccessTuple() { + if (accessTupleBuilder_ == null) { + accessTuple_ = null; + onChanged(); + } else { + accessTuple_ = null; + accessTupleBuilder_ = null; + } + + return this; + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder + getAccessTupleBuilder() { + + onChanged(); + return getAccessTupleFieldBuilder().getBuilder(); + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + public google.cloud.policytroubleshooter.v1.Explanations.AccessTupleOrBuilder + getAccessTupleOrBuilder() { + if (accessTupleBuilder_ != null) { + return accessTupleBuilder_.getMessageOrBuilder(); + } else { + return accessTuple_ == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.getDefaultInstance() + : accessTuple_; + } + } + /** + * + * + * 
+     * The information to use for checking whether a member has a permission for a
+     * resource.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + private com.google.protobuf.SingleFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple, + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder, + google.cloud.policytroubleshooter.v1.Explanations.AccessTupleOrBuilder> + getAccessTupleFieldBuilder() { + if (accessTupleBuilder_ == null) { + accessTupleBuilder_ = + new com.google.protobuf.SingleFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple, + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder, + google.cloud.policytroubleshooter.v1.Explanations.AccessTupleOrBuilder>( + getAccessTuple(), getParentForChildren(), isClean()); + accessTuple_ = null; + } + return accessTupleBuilder_; + } + + @java.lang.Override + public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.setUnknownFields(unknownFields); + } + + @java.lang.Override + public final Builder mergeUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.mergeUnknownFields(unknownFields); + } + + // @@protoc_insertion_point(builder_scope:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) + } + + // @@protoc_insertion_point(class_scope:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) + private static final com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + DEFAULT_INSTANCE; + + static { + DEFAULT_INSTANCE = new com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest(); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + getDefaultInstance() { + return DEFAULT_INSTANCE; + } + + private static final com.google.protobuf.Parser PARSER = + new com.google.protobuf.AbstractParser() { + @java.lang.Override + public TroubleshootIamPolicyRequest parsePartialFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return new TroubleshootIamPolicyRequest(input, extensionRegistry); + } + }; + + public static com.google.protobuf.Parser parser() { + return PARSER; + } + + @java.lang.Override + public com.google.protobuf.Parser getParserForType() { + return PARSER; + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest + getDefaultInstanceForType() { + return DEFAULT_INSTANCE; + } +} diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequestOrBuilder.java b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequestOrBuilder.java new file mode 100644 index 0000000..50037ee --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequestOrBuilder.java @@ -0,0 +1,63 @@ +/* + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Generated by the protocol buffer compiler. DO NOT EDIT! +// source: google/cloud/policytroubleshooter/v1/checker.proto + +package com.google.cloud.policytroubleshooter.v1; + +public interface TroubleshootIamPolicyRequestOrBuilder + extends + // @@protoc_insertion_point(interface_extends:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest) + com.google.protobuf.MessageOrBuilder { + + /** + * + * + * 
+   * The information to use for checking whether a member has a permission for a
+   * resource.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + * + * @return Whether the accessTuple field is set. + */ + boolean hasAccessTuple(); + /** + * + * + * 
+   * The information to use for checking whether a member has a permission for a
+   * resource.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + * + * @return The accessTuple. + */ + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple getAccessTuple(); + /** + * + * + * 
+   * The information to use for checking whether a member has a permission for a
+   * resource.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1; + */ + google.cloud.policytroubleshooter.v1.Explanations.AccessTupleOrBuilder getAccessTupleOrBuilder(); +} diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyResponse.java b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyResponse.java new file mode 100644 index 0000000..75161a4 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyResponse.java @@ -0,0 +1,1346 @@ +/* + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Generated by the protocol buffer compiler. DO NOT EDIT! +// source: google/cloud/policytroubleshooter/v1/checker.proto + +package com.google.cloud.policytroubleshooter.v1; + +/** + * + * + * 
+ * Response for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
+ *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse} + */ +public final class TroubleshootIamPolicyResponse extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) + TroubleshootIamPolicyResponseOrBuilder { + private static final long serialVersionUID = 0L; + // Use TroubleshootIamPolicyResponse.newBuilder() to construct. + private TroubleshootIamPolicyResponse(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private TroubleshootIamPolicyResponse() { + access_ = 0; + explainedPolicies_ = java.util.Collections.emptyList(); + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new TroubleshootIamPolicyResponse(); + } + + @java.lang.Override + public final com.google.protobuf.UnknownFieldSet getUnknownFields() { + return this.unknownFields; + } + + private TroubleshootIamPolicyResponse( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + this(); + if (extensionRegistry == null) { + throw new java.lang.NullPointerException(); + } + int mutable_bitField0_ = 0; + com.google.protobuf.UnknownFieldSet.Builder unknownFields = + com.google.protobuf.UnknownFieldSet.newBuilder(); + try { + boolean done = false; + while (!done) { + int tag = input.readTag(); + switch (tag) { + case 0: + done = true; + break; + case 8: + { + int rawValue = input.readEnum(); + + access_ = rawValue; + break; + } + case 18: + { + if (!((mutable_bitField0_ & 0x00000001) != 0)) { + explainedPolicies_ = + new java.util.ArrayList< + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy>(); + mutable_bitField0_ |= 0x00000001; + } + explainedPolicies_.add( + input.readMessage( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.parser(), + extensionRegistry)); + break; + } + default: + { + if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) { + done = true; + } + break; + } + } + } + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + throw e.setUnfinishedMessage(this); + } catch (java.io.IOException e) { + throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this); + } finally { + if (((mutable_bitField0_ & 0x00000001) != 0)) { + explainedPolicies_ = java.util.Collections.unmodifiableList(explainedPolicies_); + } + this.unknownFields = unknownFields.build(); + makeExtensionsImmutable(); + } + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse.class, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse.Builder.class); + } + + public static final int ACCESS_FIELD_NUMBER = 1; + private int access_; + /** + * + * + * 
+   * Indicates whether the member has the specified permission for the specified
+   * resource, based on evaluating all of the applicable IAM policies.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The enum numeric value on the wire for access. + */ + @java.lang.Override + public int getAccessValue() { + return access_; + } + /** + * + * + * 
+   * Indicates whether the member has the specified permission for the specified
+   * resource, based on evaluating all of the applicable IAM policies.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The access. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.AccessState result = + google.cloud.policytroubleshooter.v1.Explanations.AccessState.valueOf(access_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessState.UNRECOGNIZED + : result; + } + + public static final int EXPLAINED_POLICIES_FIELD_NUMBER = 2; + private java.util.List + explainedPolicies_; + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + @java.lang.Override + public java.util.List + getExplainedPoliciesList() { + return explainedPolicies_; + } + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + @java.lang.Override + public java.util.List< + ? extends google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder> + getExplainedPoliciesOrBuilderList() { + return explainedPolicies_; + } + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + @java.lang.Override + public int getExplainedPoliciesCount() { + return explainedPolicies_.size(); + } + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy getExplainedPolicies( + int index) { + return explainedPolicies_.get(index); + } + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder + getExplainedPoliciesOrBuilder(int index) { + return explainedPolicies_.get(index); + } + + private byte memoizedIsInitialized = -1; + + @java.lang.Override + public final boolean isInitialized() { + byte isInitialized = memoizedIsInitialized; + if (isInitialized == 1) return true; + if (isInitialized == 0) return false; + + memoizedIsInitialized = 1; + return true; + } + + @java.lang.Override + public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException { + if (access_ + != google.cloud.policytroubleshooter.v1.Explanations.AccessState.ACCESS_STATE_UNSPECIFIED + .getNumber()) { + output.writeEnum(1, access_); + } + for (int i = 0; i < explainedPolicies_.size(); i++) { + output.writeMessage(2, explainedPolicies_.get(i)); + } + unknownFields.writeTo(output); + } + + @java.lang.Override + public int getSerializedSize() { + int size = memoizedSize; + if (size != -1) return size; + + size = 0; + if (access_ + != google.cloud.policytroubleshooter.v1.Explanations.AccessState.ACCESS_STATE_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(1, access_); + } + for (int i = 0; i < explainedPolicies_.size(); i++) { + size += + com.google.protobuf.CodedOutputStream.computeMessageSize(2, explainedPolicies_.get(i)); + } + size += unknownFields.getSerializedSize(); + memoizedSize = size; + return size; + } + + @java.lang.Override + public boolean equals(final java.lang.Object obj) { + if (obj == this) { + return true; + } + if (!(obj instanceof com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse)) { + return super.equals(obj); + } + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse other = + (com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) obj; + + if (access_ != other.access_) return false; + if (!getExplainedPoliciesList().equals(other.getExplainedPoliciesList())) return false; + if (!unknownFields.equals(other.unknownFields)) return false; + return true; + } + + @java.lang.Override + public int hashCode() { + if (memoizedHashCode != 0) { + return memoizedHashCode; + } + int hash = 41; + hash = (19 * hash) + getDescriptor().hashCode(); + hash = (37 * hash) + ACCESS_FIELD_NUMBER; + hash = (53 * hash) + access_; + if (getExplainedPoliciesCount() > 0) { + hash = (37 * hash) + EXPLAINED_POLICIES_FIELD_NUMBER; + hash = (53 * hash) + getExplainedPoliciesList().hashCode(); + } + hash = (29 * hash) + unknownFields.hashCode(); + memoizedHashCode = hash; + return hash; + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + com.google.protobuf.ByteString data) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + com.google.protobuf.ByteString data, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + byte[] data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + parseDelimitedFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException( + PARSER, input, extensionRegistry); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + com.google.protobuf.CodedInputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parseFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + @java.lang.Override + public Builder newBuilderForType() { + return newBuilder(); + } + + public static Builder newBuilder() { + return DEFAULT_INSTANCE.toBuilder(); + } + + public static Builder newBuilder( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse prototype) { + return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype); + } + + @java.lang.Override + public Builder toBuilder() { + return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this); + } + + @java.lang.Override + protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + Builder builder = new Builder(parent); + return builder; + } + /** + * + * + * 
+   * Response for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
+   *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse} + */ + public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder + implements + // @@protoc_insertion_point(builder_implements:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponseOrBuilder { + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse.class, + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse.Builder.class); + } + + // Construct using + // com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse.newBuilder() + private Builder() { + maybeForceBuilderInitialization(); + } + + private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + super(parent); + maybeForceBuilderInitialization(); + } + + private void maybeForceBuilderInitialization() { + if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) { + getExplainedPoliciesFieldBuilder(); + } + } + + @java.lang.Override + public Builder clear() { + super.clear(); + access_ = 0; + + if (explainedPoliciesBuilder_ == null) { + explainedPolicies_ = java.util.Collections.emptyList(); + bitField0_ = (bitField0_ & ~0x00000001); + } else { + explainedPoliciesBuilder_.clear(); + } + return this; + } + + @java.lang.Override + public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() { + return com.google.cloud.policytroubleshooter.v1.IAMCheckerProto + .internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_descriptor; + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + getDefaultInstanceForType() { + return com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + .getDefaultInstance(); + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse build() { + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse result = + buildPartial(); + if (!result.isInitialized()) { + throw newUninitializedMessageException(result); + } + return result; + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse buildPartial() { + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse result = + new com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse(this); + int from_bitField0_ = bitField0_; + result.access_ = access_; + if (explainedPoliciesBuilder_ == null) { + if (((bitField0_ & 0x00000001) != 0)) { + explainedPolicies_ = java.util.Collections.unmodifiableList(explainedPolicies_); + bitField0_ = (bitField0_ & ~0x00000001); + } + result.explainedPolicies_ = explainedPolicies_; + } else { + result.explainedPolicies_ = explainedPoliciesBuilder_.build(); + } + onBuilt(); + return result; + } + + @java.lang.Override + public Builder clone() { + return super.clone(); + } + + @java.lang.Override + public Builder setField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.setField(field, value); + } + + @java.lang.Override + public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) { + return super.clearField(field); + } + + @java.lang.Override + public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) { + return super.clearOneof(oneof); + } + + @java.lang.Override + public Builder setRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) { + return super.setRepeatedField(field, index, value); + } + + @java.lang.Override + public Builder addRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.addRepeatedField(field, value); + } + + @java.lang.Override + public Builder mergeFrom(com.google.protobuf.Message other) { + if (other instanceof com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) { + return mergeFrom( + (com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) other); + } else { + super.mergeFrom(other); + return this; + } + } + + public Builder mergeFrom( + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse other) { + if (other + == com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + .getDefaultInstance()) return this; + if (other.access_ != 0) { + setAccessValue(other.getAccessValue()); + } + if (explainedPoliciesBuilder_ == null) { + if (!other.explainedPolicies_.isEmpty()) { + if (explainedPolicies_.isEmpty()) { + explainedPolicies_ = other.explainedPolicies_; + bitField0_ = (bitField0_ & ~0x00000001); + } else { + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.addAll(other.explainedPolicies_); + } + onChanged(); + } + } else { + if (!other.explainedPolicies_.isEmpty()) { + if (explainedPoliciesBuilder_.isEmpty()) { + explainedPoliciesBuilder_.dispose(); + explainedPoliciesBuilder_ = null; + explainedPolicies_ = other.explainedPolicies_; + bitField0_ = (bitField0_ & ~0x00000001); + explainedPoliciesBuilder_ = + com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders + ? getExplainedPoliciesFieldBuilder() + : null; + } else { + explainedPoliciesBuilder_.addAllMessages(other.explainedPolicies_); + } + } + } + this.mergeUnknownFields(other.unknownFields); + onChanged(); + return this; + } + + @java.lang.Override + public final boolean isInitialized() { + return true; + } + + @java.lang.Override + public Builder mergeFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse parsedMessage = null; + try { + parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry); + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + parsedMessage = + (com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) + e.getUnfinishedMessage(); + throw e.unwrapIOException(); + } finally { + if (parsedMessage != null) { + mergeFrom(parsedMessage); + } + } + return this; + } + + private int bitField0_; + + private int access_ = 0; + /** + * + * + * 
+     * Indicates whether the member has the specified permission for the specified
+     * resource, based on evaluating all of the applicable IAM policies.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The enum numeric value on the wire for access. + */ + @java.lang.Override + public int getAccessValue() { + return access_; + } + /** + * + * + * 
+     * Indicates whether the member has the specified permission for the specified
+     * resource, based on evaluating all of the applicable IAM policies.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @param value The enum numeric value on the wire for access to set. + * @return This builder for chaining. + */ + public Builder setAccessValue(int value) { + + access_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+     * Indicates whether the member has the specified permission for the specified
+     * resource, based on evaluating all of the applicable IAM policies.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The access. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.AccessState result = + google.cloud.policytroubleshooter.v1.Explanations.AccessState.valueOf(access_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessState.UNRECOGNIZED + : result; + } + /** + * + * + * 
+     * Indicates whether the member has the specified permission for the specified
+     * resource, based on evaluating all of the applicable IAM policies.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @param value The access to set. + * @return This builder for chaining. + */ + public Builder setAccess(google.cloud.policytroubleshooter.v1.Explanations.AccessState value) { + if (value == null) { + throw new NullPointerException(); + } + + access_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+     * Indicates whether the member has the specified permission for the specified
+     * resource, based on evaluating all of the applicable IAM policies.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return This builder for chaining. + */ + public Builder clearAccess() { + + access_ = 0; + onChanged(); + return this; + } + + private java.util.List + explainedPolicies_ = java.util.Collections.emptyList(); + + private void ensureExplainedPoliciesIsMutable() { + if (!((bitField0_ & 0x00000001) != 0)) { + explainedPolicies_ = + new java.util.ArrayList< + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy>( + explainedPolicies_); + bitField0_ |= 0x00000001; + } + } + + private com.google.protobuf.RepeatedFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder> + explainedPoliciesBuilder_; + + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public java.util.List + getExplainedPoliciesList() { + if (explainedPoliciesBuilder_ == null) { + return java.util.Collections.unmodifiableList(explainedPolicies_); + } else { + return explainedPoliciesBuilder_.getMessageList(); + } + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public int getExplainedPoliciesCount() { + if (explainedPoliciesBuilder_ == null) { + return explainedPolicies_.size(); + } else { + return explainedPoliciesBuilder_.getCount(); + } + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy getExplainedPolicies( + int index) { + if (explainedPoliciesBuilder_ == null) { + return explainedPolicies_.get(index); + } else { + return explainedPoliciesBuilder_.getMessage(index); + } + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder setExplainedPolicies( + int index, google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy value) { + if (explainedPoliciesBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.set(index, value); + onChanged(); + } else { + explainedPoliciesBuilder_.setMessage(index, value); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder setExplainedPolicies( + int index, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder builderForValue) { + if (explainedPoliciesBuilder_ == null) { + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.set(index, builderForValue.build()); + onChanged(); + } else { + explainedPoliciesBuilder_.setMessage(index, builderForValue.build()); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder addExplainedPolicies( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy value) { + if (explainedPoliciesBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.add(value); + onChanged(); + } else { + explainedPoliciesBuilder_.addMessage(value); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder addExplainedPolicies( + int index, google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy value) { + if (explainedPoliciesBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.add(index, value); + onChanged(); + } else { + explainedPoliciesBuilder_.addMessage(index, value); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder addExplainedPolicies( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder builderForValue) { + if (explainedPoliciesBuilder_ == null) { + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.add(builderForValue.build()); + onChanged(); + } else { + explainedPoliciesBuilder_.addMessage(builderForValue.build()); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder addExplainedPolicies( + int index, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder builderForValue) { + if (explainedPoliciesBuilder_ == null) { + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.add(index, builderForValue.build()); + onChanged(); + } else { + explainedPoliciesBuilder_.addMessage(index, builderForValue.build()); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder addAllExplainedPolicies( + java.lang.Iterable< + ? extends google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy> + values) { + if (explainedPoliciesBuilder_ == null) { + ensureExplainedPoliciesIsMutable(); + com.google.protobuf.AbstractMessageLite.Builder.addAll(values, explainedPolicies_); + onChanged(); + } else { + explainedPoliciesBuilder_.addAllMessages(values); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder clearExplainedPolicies() { + if (explainedPoliciesBuilder_ == null) { + explainedPolicies_ = java.util.Collections.emptyList(); + bitField0_ = (bitField0_ & ~0x00000001); + onChanged(); + } else { + explainedPoliciesBuilder_.clear(); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public Builder removeExplainedPolicies(int index) { + if (explainedPoliciesBuilder_ == null) { + ensureExplainedPoliciesIsMutable(); + explainedPolicies_.remove(index); + onChanged(); + } else { + explainedPoliciesBuilder_.remove(index); + } + return this; + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder + getExplainedPoliciesBuilder(int index) { + return getExplainedPoliciesFieldBuilder().getBuilder(index); + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder + getExplainedPoliciesOrBuilder(int index) { + if (explainedPoliciesBuilder_ == null) { + return explainedPolicies_.get(index); + } else { + return explainedPoliciesBuilder_.getMessageOrBuilder(index); + } + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public java.util.List< + ? extends google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder> + getExplainedPoliciesOrBuilderList() { + if (explainedPoliciesBuilder_ != null) { + return explainedPoliciesBuilder_.getMessageOrBuilderList(); + } else { + return java.util.Collections.unmodifiableList(explainedPolicies_); + } + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder + addExplainedPoliciesBuilder() { + return getExplainedPoliciesFieldBuilder() + .addBuilder( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + .getDefaultInstance()); + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder + addExplainedPoliciesBuilder(int index) { + return getExplainedPoliciesFieldBuilder() + .addBuilder( + index, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + .getDefaultInstance()); + } + /** + * + * + * 
+     * List of IAM policies that were evaluated to check the member's permissions,
+     * with annotations to indicate how each policy contributed to the final
+     * result.
+     * The list of policies can include the policy for the resource itself. It can
+     * also include policies that are inherited from higher levels of the resource
+     * hierarchy, including the organization, the folder, and the project.
+     * To learn more about the resource hierarchy, see
+     * https://cloud.google.com/iam/help/resource-hierarchy.
+     *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + public java.util.List + getExplainedPoliciesBuilderList() { + return getExplainedPoliciesFieldBuilder().getBuilderList(); + } + + private com.google.protobuf.RepeatedFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder> + getExplainedPoliciesFieldBuilder() { + if (explainedPoliciesBuilder_ == null) { + explainedPoliciesBuilder_ = + new com.google.protobuf.RepeatedFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder>( + explainedPolicies_, + ((bitField0_ & 0x00000001) != 0), + getParentForChildren(), + isClean()); + explainedPolicies_ = null; + } + return explainedPoliciesBuilder_; + } + + @java.lang.Override + public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.setUnknownFields(unknownFields); + } + + @java.lang.Override + public final Builder mergeUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.mergeUnknownFields(unknownFields); + } + + // @@protoc_insertion_point(builder_scope:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) + } + + // @@protoc_insertion_point(class_scope:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) + private static final com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + DEFAULT_INSTANCE; + + static { + DEFAULT_INSTANCE = new com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse(); + } + + public static com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + getDefaultInstance() { + return DEFAULT_INSTANCE; + } + + private static final com.google.protobuf.Parser PARSER = + new com.google.protobuf.AbstractParser() { + @java.lang.Override + public TroubleshootIamPolicyResponse parsePartialFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return new TroubleshootIamPolicyResponse(input, extensionRegistry); + } + }; + + public static com.google.protobuf.Parser parser() { + return PARSER; + } + + @java.lang.Override + public com.google.protobuf.Parser getParserForType() { + return PARSER; + } + + @java.lang.Override + public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse + getDefaultInstanceForType() { + return DEFAULT_INSTANCE; + } +} diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyResponseOrBuilder.java b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyResponseOrBuilder.java new file mode 100644 index 0000000..559ce96 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyResponseOrBuilder.java @@ -0,0 +1,147 @@ +/* + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Generated by the protocol buffer compiler. DO NOT EDIT! +// source: google/cloud/policytroubleshooter/v1/checker.proto + +package com.google.cloud.policytroubleshooter.v1; + +public interface TroubleshootIamPolicyResponseOrBuilder + extends + // @@protoc_insertion_point(interface_extends:google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse) + com.google.protobuf.MessageOrBuilder { + + /** + * + * + * 
+   * Indicates whether the member has the specified permission for the specified
+   * resource, based on evaluating all of the applicable IAM policies.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The enum numeric value on the wire for access. + */ + int getAccessValue(); + /** + * + * + * 
+   * Indicates whether the member has the specified permission for the specified
+   * resource, based on evaluating all of the applicable IAM policies.
+   *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The access. + */ + google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess(); + + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + java.util.List + getExplainedPoliciesList(); + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy getExplainedPolicies(int index); + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + int getExplainedPoliciesCount(); + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + java.util.List< + ? extends google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder> + getExplainedPoliciesOrBuilderList(); + /** + * + * + * 
+   * List of IAM policies that were evaluated to check the member's permissions,
+   * with annotations to indicate how each policy contributed to the final
+   * result.
+   * The list of policies can include the policy for the resource itself. It can
+   * also include policies that are inherited from higher levels of the resource
+   * hierarchy, including the organization, the folder, and the project.
+   * To learn more about the resource hierarchy, see
+   * https://cloud.google.com/iam/help/resource-hierarchy.
+   *
+ * + * repeated .google.cloud.policytroubleshooter.v1.ExplainedPolicy explained_policies = 2; + * + */ + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder + getExplainedPoliciesOrBuilder(int index); +} diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/java/google/cloud/policytroubleshooter/v1/Explanations.java b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/google/cloud/policytroubleshooter/v1/Explanations.java new file mode 100644 index 0000000..d0b9cb8 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/java/google/cloud/policytroubleshooter/v1/Explanations.java @@ -0,0 +1,7937 @@ +/* + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Generated by the protocol buffer compiler. DO NOT EDIT! +// source: google/cloud/policytroubleshooter/v1/explanations.proto + +package google.cloud.policytroubleshooter.v1; + +public final class Explanations { + private Explanations() {} + + public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {} + + public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) { + registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry); + } + /** + * + * + * 
+   * Whether a member has a permission for a resource.
+   *
+ * + * Protobuf enum {@code google.cloud.policytroubleshooter.v1.AccessState} + */ + public enum AccessState implements com.google.protobuf.ProtocolMessageEnum { + /** + * + * + * 
+     * Reserved for future use.
+     *
+ * + * ACCESS_STATE_UNSPECIFIED = 0; + */ + ACCESS_STATE_UNSPECIFIED(0), + /** + * + * + * 
+     * The member has the permission.
+     *
+ * + * GRANTED = 1; + */ + GRANTED(1), + /** + * + * + * 
+     * The member does not have the permission.
+     *
+ * + * NOT_GRANTED = 2; + */ + NOT_GRANTED(2), + /** + * + * + * 
+     * The member has the permission only if a condition expression evaluates to
+     * `true`.
+     *
+ * + * UNKNOWN_CONDITIONAL = 3; + */ + UNKNOWN_CONDITIONAL(3), + /** + * + * + * 
+     * The sender of the request does not have access to all of the policies that
+     * Policy Troubleshooter needs to evaluate.
+     *
+ * + * UNKNOWN_INFO_DENIED = 4; + */ + UNKNOWN_INFO_DENIED(4), + UNRECOGNIZED(-1), + ; + + /** + * + * + * 
+     * Reserved for future use.
+     *
+ * + * ACCESS_STATE_UNSPECIFIED = 0; + */ + public static final int ACCESS_STATE_UNSPECIFIED_VALUE = 0; + /** + * + * + * 
+     * The member has the permission.
+     *
+ * + * GRANTED = 1; + */ + public static final int GRANTED_VALUE = 1; + /** + * + * + * 
+     * The member does not have the permission.
+     *
+ * + * NOT_GRANTED = 2; + */ + public static final int NOT_GRANTED_VALUE = 2; + /** + * + * + * 
+     * The member has the permission only if a condition expression evaluates to
+     * `true`.
+     *
+ * + * UNKNOWN_CONDITIONAL = 3; + */ + public static final int UNKNOWN_CONDITIONAL_VALUE = 3; + /** + * + * + * 
+     * The sender of the request does not have access to all of the policies that
+     * Policy Troubleshooter needs to evaluate.
+     *
+ * + * UNKNOWN_INFO_DENIED = 4; + */ + public static final int UNKNOWN_INFO_DENIED_VALUE = 4; + + public final int getNumber() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalArgumentException( + "Can't get the number of an unknown enum value."); + } + return value; + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + * @deprecated Use {@link #forNumber(int)} instead. + */ + @java.lang.Deprecated + public static AccessState valueOf(int value) { + return forNumber(value); + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + */ + public static AccessState forNumber(int value) { + switch (value) { + case 0: + return ACCESS_STATE_UNSPECIFIED; + case 1: + return GRANTED; + case 2: + return NOT_GRANTED; + case 3: + return UNKNOWN_CONDITIONAL; + case 4: + return UNKNOWN_INFO_DENIED; + default: + return null; + } + } + + public static com.google.protobuf.Internal.EnumLiteMap internalGetValueMap() { + return internalValueMap; + } + + private static final com.google.protobuf.Internal.EnumLiteMap internalValueMap = + new com.google.protobuf.Internal.EnumLiteMap() { + public AccessState findValueByNumber(int number) { + return AccessState.forNumber(number); + } + }; + + public final com.google.protobuf.Descriptors.EnumValueDescriptor getValueDescriptor() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalStateException( + "Can't get the descriptor of an unrecognized enum value."); + } + return getDescriptor().getValues().get(ordinal()); + } + + public final com.google.protobuf.Descriptors.EnumDescriptor getDescriptorForType() { + return getDescriptor(); + } + + public static final com.google.protobuf.Descriptors.EnumDescriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations.getDescriptor() + .getEnumTypes() + .get(0); + } + + private static final AccessState[] VALUES = values(); + + public static AccessState valueOf(com.google.protobuf.Descriptors.EnumValueDescriptor desc) { + if (desc.getType() != getDescriptor()) { + throw new java.lang.IllegalArgumentException("EnumValueDescriptor is not for this type."); + } + if (desc.getIndex() == -1) { + return UNRECOGNIZED; + } + return VALUES[desc.getIndex()]; + } + + private final int value; + + private AccessState(int value) { + this.value = value; + } + + // @@protoc_insertion_point(enum_scope:google.cloud.policytroubleshooter.v1.AccessState) + } + + /** + * + * + * 
+   * The extent to which a single data point contributes to an overall
+   * determination.
+   *
+ * + * Protobuf enum {@code google.cloud.policytroubleshooter.v1.HeuristicRelevance} + */ + public enum HeuristicRelevance implements com.google.protobuf.ProtocolMessageEnum { + /** + * + * + * 
+     * Reserved for future use.
+     *
+ * + * HEURISTIC_RELEVANCE_UNSPECIFIED = 0; + */ + HEURISTIC_RELEVANCE_UNSPECIFIED(0), + /** + * + * + * 
+     * The data point has a limited effect on the result. Changing the data point
+     * is unlikely to affect the overall determination.
+     *
+ * + * NORMAL = 1; + */ + NORMAL(1), + /** + * + * + * 
+     * The data point has a strong effect on the result. Changing the data point
+     * is likely to affect the overall determination.
+     *
+ * + * HIGH = 2; + */ + HIGH(2), + UNRECOGNIZED(-1), + ; + + /** + * + * + * 
+     * Reserved for future use.
+     *
+ * + * HEURISTIC_RELEVANCE_UNSPECIFIED = 0; + */ + public static final int HEURISTIC_RELEVANCE_UNSPECIFIED_VALUE = 0; + /** + * + * + * 
+     * The data point has a limited effect on the result. Changing the data point
+     * is unlikely to affect the overall determination.
+     *
+ * + * NORMAL = 1; + */ + public static final int NORMAL_VALUE = 1; + /** + * + * + * 
+     * The data point has a strong effect on the result. Changing the data point
+     * is likely to affect the overall determination.
+     *
+ * + * HIGH = 2; + */ + public static final int HIGH_VALUE = 2; + + public final int getNumber() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalArgumentException( + "Can't get the number of an unknown enum value."); + } + return value; + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + * @deprecated Use {@link #forNumber(int)} instead. + */ + @java.lang.Deprecated + public static HeuristicRelevance valueOf(int value) { + return forNumber(value); + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + */ + public static HeuristicRelevance forNumber(int value) { + switch (value) { + case 0: + return HEURISTIC_RELEVANCE_UNSPECIFIED; + case 1: + return NORMAL; + case 2: + return HIGH; + default: + return null; + } + } + + public static com.google.protobuf.Internal.EnumLiteMap + internalGetValueMap() { + return internalValueMap; + } + + private static final com.google.protobuf.Internal.EnumLiteMap + internalValueMap = + new com.google.protobuf.Internal.EnumLiteMap() { + public HeuristicRelevance findValueByNumber(int number) { + return HeuristicRelevance.forNumber(number); + } + }; + + public final com.google.protobuf.Descriptors.EnumValueDescriptor getValueDescriptor() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalStateException( + "Can't get the descriptor of an unrecognized enum value."); + } + return getDescriptor().getValues().get(ordinal()); + } + + public final com.google.protobuf.Descriptors.EnumDescriptor getDescriptorForType() { + return getDescriptor(); + } + + public static final com.google.protobuf.Descriptors.EnumDescriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations.getDescriptor() + .getEnumTypes() + .get(1); + } + + private static final HeuristicRelevance[] VALUES = values(); + + public static HeuristicRelevance valueOf( + com.google.protobuf.Descriptors.EnumValueDescriptor desc) { + if (desc.getType() != getDescriptor()) { + throw new java.lang.IllegalArgumentException("EnumValueDescriptor is not for this type."); + } + if (desc.getIndex() == -1) { + return UNRECOGNIZED; + } + return VALUES[desc.getIndex()]; + } + + private final int value; + + private HeuristicRelevance(int value) { + this.value = value; + } + + // @@protoc_insertion_point(enum_scope:google.cloud.policytroubleshooter.v1.HeuristicRelevance) + } + + public interface AccessTupleOrBuilder + extends + // @@protoc_insertion_point(interface_extends:google.cloud.policytroubleshooter.v1.AccessTuple) + com.google.protobuf.MessageOrBuilder { + + /** + * + * + * 
+     * Required. The member, or principal, whose access you want to check, in the form of
+     * the email address that represents that member. For example,
+     * `alice@example.com` or
+     * `my-service-account@my-project.iam.gserviceaccount.com`.
+     * The member must be a Google Account or a service account. Other types of
+     * members are not supported.
+     *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The principal. + */ + java.lang.String getPrincipal(); + /** + * + * + * 
+     * Required. The member, or principal, whose access you want to check, in the form of
+     * the email address that represents that member. For example,
+     * `alice@example.com` or
+     * `my-service-account@my-project.iam.gserviceaccount.com`.
+     * The member must be a Google Account or a service account. Other types of
+     * members are not supported.
+     *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for principal. + */ + com.google.protobuf.ByteString getPrincipalBytes(); + + /** + * + * + * 
+     * Required. The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The fullResourceName. + */ + java.lang.String getFullResourceName(); + /** + * + * + * 
+     * Required. The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for fullResourceName. + */ + com.google.protobuf.ByteString getFullResourceNameBytes(); + + /** + * + * + * 
+     * Required. The IAM permission to check for the specified member and resource.
+     * For a complete list of IAM permissions, see
+     * https://cloud.google.com/iam/help/permissions/reference.
+     * For a complete list of predefined IAM roles and the permissions in each
+     * role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The permission. + */ + java.lang.String getPermission(); + /** + * + * + * 
+     * Required. The IAM permission to check for the specified member and resource.
+     * For a complete list of IAM permissions, see
+     * https://cloud.google.com/iam/help/permissions/reference.
+     * For a complete list of predefined IAM roles and the permissions in each
+     * role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for permission. + */ + com.google.protobuf.ByteString getPermissionBytes(); + } + /** + * + * + * 
+   * Information about the member, resource, and permission to check.
+   *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.AccessTuple} + */ + public static final class AccessTuple extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.policytroubleshooter.v1.AccessTuple) + AccessTupleOrBuilder { + private static final long serialVersionUID = 0L; + // Use AccessTuple.newBuilder() to construct. + private AccessTuple(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private AccessTuple() { + principal_ = ""; + fullResourceName_ = ""; + permission_ = ""; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new AccessTuple(); + } + + @java.lang.Override + public final com.google.protobuf.UnknownFieldSet getUnknownFields() { + return this.unknownFields; + } + + private AccessTuple( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + this(); + if (extensionRegistry == null) { + throw new java.lang.NullPointerException(); + } + com.google.protobuf.UnknownFieldSet.Builder unknownFields = + com.google.protobuf.UnknownFieldSet.newBuilder(); + try { + boolean done = false; + while (!done) { + int tag = input.readTag(); + switch (tag) { + case 0: + done = true; + break; + case 10: + { + java.lang.String s = input.readStringRequireUtf8(); + + principal_ = s; + break; + } + case 18: + { + java.lang.String s = input.readStringRequireUtf8(); + + fullResourceName_ = s; + break; + } + case 26: + { + java.lang.String s = input.readStringRequireUtf8(); + + permission_ = s; + break; + } + default: + { + if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) { + done = true; + } + break; + } + } + } + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + throw e.setUnfinishedMessage(this); + } catch (java.io.IOException e) { + throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this); + } finally { + this.unknownFields = unknownFields.build(); + makeExtensionsImmutable(); + } + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.class, + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder.class); + } + + public static final int PRINCIPAL_FIELD_NUMBER = 1; + private volatile java.lang.Object principal_; + /** + * + * + * 
+     * Required. The member, or principal, whose access you want to check, in the form of
+     * the email address that represents that member. For example,
+     * `alice@example.com` or
+     * `my-service-account@my-project.iam.gserviceaccount.com`.
+     * The member must be a Google Account or a service account. Other types of
+     * members are not supported.
+     *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The principal. + */ + @java.lang.Override + public java.lang.String getPrincipal() { + java.lang.Object ref = principal_; + if (ref instanceof java.lang.String) { + return (java.lang.String) ref; + } else { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + principal_ = s; + return s; + } + } + /** + * + * + * 
+     * Required. The member, or principal, whose access you want to check, in the form of
+     * the email address that represents that member. For example,
+     * `alice@example.com` or
+     * `my-service-account@my-project.iam.gserviceaccount.com`.
+     * The member must be a Google Account or a service account. Other types of
+     * members are not supported.
+     *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for principal. + */ + @java.lang.Override + public com.google.protobuf.ByteString getPrincipalBytes() { + java.lang.Object ref = principal_; + if (ref instanceof java.lang.String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + principal_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + + public static final int FULL_RESOURCE_NAME_FIELD_NUMBER = 2; + private volatile java.lang.Object fullResourceName_; + /** + * + * + * 
+     * Required. The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The fullResourceName. + */ + @java.lang.Override + public java.lang.String getFullResourceName() { + java.lang.Object ref = fullResourceName_; + if (ref instanceof java.lang.String) { + return (java.lang.String) ref; + } else { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + fullResourceName_ = s; + return s; + } + } + /** + * + * + * 
+     * Required. The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for fullResourceName. + */ + @java.lang.Override + public com.google.protobuf.ByteString getFullResourceNameBytes() { + java.lang.Object ref = fullResourceName_; + if (ref instanceof java.lang.String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + fullResourceName_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + + public static final int PERMISSION_FIELD_NUMBER = 3; + private volatile java.lang.Object permission_; + /** + * + * + * 
+     * Required. The IAM permission to check for the specified member and resource.
+     * For a complete list of IAM permissions, see
+     * https://cloud.google.com/iam/help/permissions/reference.
+     * For a complete list of predefined IAM roles and the permissions in each
+     * role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The permission. + */ + @java.lang.Override + public java.lang.String getPermission() { + java.lang.Object ref = permission_; + if (ref instanceof java.lang.String) { + return (java.lang.String) ref; + } else { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + permission_ = s; + return s; + } + } + /** + * + * + * 
+     * Required. The IAM permission to check for the specified member and resource.
+     * For a complete list of IAM permissions, see
+     * https://cloud.google.com/iam/help/permissions/reference.
+     * For a complete list of predefined IAM roles and the permissions in each
+     * role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for permission. + */ + @java.lang.Override + public com.google.protobuf.ByteString getPermissionBytes() { + java.lang.Object ref = permission_; + if (ref instanceof java.lang.String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + permission_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + + private byte memoizedIsInitialized = -1; + + @java.lang.Override + public final boolean isInitialized() { + byte isInitialized = memoizedIsInitialized; + if (isInitialized == 1) return true; + if (isInitialized == 0) return false; + + memoizedIsInitialized = 1; + return true; + } + + @java.lang.Override + public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException { + if (!getPrincipalBytes().isEmpty()) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 1, principal_); + } + if (!getFullResourceNameBytes().isEmpty()) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 2, fullResourceName_); + } + if (!getPermissionBytes().isEmpty()) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 3, permission_); + } + unknownFields.writeTo(output); + } + + @java.lang.Override + public int getSerializedSize() { + int size = memoizedSize; + if (size != -1) return size; + + size = 0; + if (!getPrincipalBytes().isEmpty()) { + size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, principal_); + } + if (!getFullResourceNameBytes().isEmpty()) { + size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, fullResourceName_); + } + if (!getPermissionBytes().isEmpty()) { + size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, permission_); + } + size += unknownFields.getSerializedSize(); + memoizedSize = size; + return size; + } + + @java.lang.Override + public boolean equals(final java.lang.Object obj) { + if (obj == this) { + return true; + } + if (!(obj instanceof google.cloud.policytroubleshooter.v1.Explanations.AccessTuple)) { + return super.equals(obj); + } + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple other = + (google.cloud.policytroubleshooter.v1.Explanations.AccessTuple) obj; + + if (!getPrincipal().equals(other.getPrincipal())) return false; + if (!getFullResourceName().equals(other.getFullResourceName())) return false; + if (!getPermission().equals(other.getPermission())) return false; + if (!unknownFields.equals(other.unknownFields)) return false; + return true; + } + + @java.lang.Override + public int hashCode() { + if (memoizedHashCode != 0) { + return memoizedHashCode; + } + int hash = 41; + hash = (19 * hash) + getDescriptor().hashCode(); + hash = (37 * hash) + PRINCIPAL_FIELD_NUMBER; + hash = (53 * hash) + getPrincipal().hashCode(); + hash = (37 * hash) + FULL_RESOURCE_NAME_FIELD_NUMBER; + hash = (53 * hash) + getFullResourceName().hashCode(); + hash = (37 * hash) + PERMISSION_FIELD_NUMBER; + hash = (53 * hash) + getPermission().hashCode(); + hash = (29 * hash) + unknownFields.hashCode(); + memoizedHashCode = hash; + return hash; + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + com.google.protobuf.ByteString data) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + com.google.protobuf.ByteString data, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + byte[] data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseDelimitedFrom( + java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseDelimitedFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + com.google.protobuf.CodedInputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parseFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + @java.lang.Override + public Builder newBuilderForType() { + return newBuilder(); + } + + public static Builder newBuilder() { + return DEFAULT_INSTANCE.toBuilder(); + } + + public static Builder newBuilder( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple prototype) { + return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype); + } + + @java.lang.Override + public Builder toBuilder() { + return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this); + } + + @java.lang.Override + protected Builder newBuilderForType( + com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + Builder builder = new Builder(parent); + return builder; + } + /** + * + * + * 
+     * Information about the member, resource, and permission to check.
+     *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.AccessTuple} + */ + public static final class Builder + extends com.google.protobuf.GeneratedMessageV3.Builder + implements + // @@protoc_insertion_point(builder_implements:google.cloud.policytroubleshooter.v1.AccessTuple) + google.cloud.policytroubleshooter.v1.Explanations.AccessTupleOrBuilder { + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.class, + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.Builder.class); + } + + // Construct using google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.newBuilder() + private Builder() { + maybeForceBuilderInitialization(); + } + + private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + super(parent); + maybeForceBuilderInitialization(); + } + + private void maybeForceBuilderInitialization() { + if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {} + } + + @java.lang.Override + public Builder clear() { + super.clear(); + principal_ = ""; + + fullResourceName_ = ""; + + permission_ = ""; + + return this; + } + + @java.lang.Override + public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_descriptor; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple + getDefaultInstanceForType() { + return google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.getDefaultInstance(); + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple build() { + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple result = buildPartial(); + if (!result.isInitialized()) { + throw newUninitializedMessageException(result); + } + return result; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple buildPartial() { + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple result = + new google.cloud.policytroubleshooter.v1.Explanations.AccessTuple(this); + result.principal_ = principal_; + result.fullResourceName_ = fullResourceName_; + result.permission_ = permission_; + onBuilt(); + return result; + } + + @java.lang.Override + public Builder clone() { + return super.clone(); + } + + @java.lang.Override + public Builder setField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.setField(field, value); + } + + @java.lang.Override + public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) { + return super.clearField(field); + } + + @java.lang.Override + public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) { + return super.clearOneof(oneof); + } + + @java.lang.Override + public Builder setRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, + int index, + java.lang.Object value) { + return super.setRepeatedField(field, index, value); + } + + @java.lang.Override + public Builder addRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.addRepeatedField(field, value); + } + + @java.lang.Override + public Builder mergeFrom(com.google.protobuf.Message other) { + if (other instanceof google.cloud.policytroubleshooter.v1.Explanations.AccessTuple) { + return mergeFrom((google.cloud.policytroubleshooter.v1.Explanations.AccessTuple) other); + } else { + super.mergeFrom(other); + return this; + } + } + + public Builder mergeFrom( + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple other) { + if (other + == google.cloud.policytroubleshooter.v1.Explanations.AccessTuple.getDefaultInstance()) + return this; + if (!other.getPrincipal().isEmpty()) { + principal_ = other.principal_; + onChanged(); + } + if (!other.getFullResourceName().isEmpty()) { + fullResourceName_ = other.fullResourceName_; + onChanged(); + } + if (!other.getPermission().isEmpty()) { + permission_ = other.permission_; + onChanged(); + } + this.mergeUnknownFields(other.unknownFields); + onChanged(); + return this; + } + + @java.lang.Override + public final boolean isInitialized() { + return true; + } + + @java.lang.Override + public Builder mergeFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + google.cloud.policytroubleshooter.v1.Explanations.AccessTuple parsedMessage = null; + try { + parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry); + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + parsedMessage = + (google.cloud.policytroubleshooter.v1.Explanations.AccessTuple) + e.getUnfinishedMessage(); + throw e.unwrapIOException(); + } finally { + if (parsedMessage != null) { + mergeFrom(parsedMessage); + } + } + return this; + } + + private java.lang.Object principal_ = ""; + /** + * + * + * 
+       * Required. The member, or principal, whose access you want to check, in the form of
+       * the email address that represents that member. For example,
+       * `alice@example.com` or
+       * `my-service-account@my-project.iam.gserviceaccount.com`.
+       * The member must be a Google Account or a service account. Other types of
+       * members are not supported.
+       *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The principal. + */ + public java.lang.String getPrincipal() { + java.lang.Object ref = principal_; + if (!(ref instanceof java.lang.String)) { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + principal_ = s; + return s; + } else { + return (java.lang.String) ref; + } + } + /** + * + * + * 
+       * Required. The member, or principal, whose access you want to check, in the form of
+       * the email address that represents that member. For example,
+       * `alice@example.com` or
+       * `my-service-account@my-project.iam.gserviceaccount.com`.
+       * The member must be a Google Account or a service account. Other types of
+       * members are not supported.
+       *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for principal. + */ + public com.google.protobuf.ByteString getPrincipalBytes() { + java.lang.Object ref = principal_; + if (ref instanceof String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + principal_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + /** + * + * + * 
+       * Required. The member, or principal, whose access you want to check, in the form of
+       * the email address that represents that member. For example,
+       * `alice@example.com` or
+       * `my-service-account@my-project.iam.gserviceaccount.com`.
+       * The member must be a Google Account or a service account. Other types of
+       * members are not supported.
+       *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @param value The principal to set. + * @return This builder for chaining. + */ + public Builder setPrincipal(java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + + principal_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. The member, or principal, whose access you want to check, in the form of
+       * the email address that represents that member. For example,
+       * `alice@example.com` or
+       * `my-service-account@my-project.iam.gserviceaccount.com`.
+       * The member must be a Google Account or a service account. Other types of
+       * members are not supported.
+       *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @return This builder for chaining. + */ + public Builder clearPrincipal() { + + principal_ = getDefaultInstance().getPrincipal(); + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. The member, or principal, whose access you want to check, in the form of
+       * the email address that represents that member. For example,
+       * `alice@example.com` or
+       * `my-service-account@my-project.iam.gserviceaccount.com`.
+       * The member must be a Google Account or a service account. Other types of
+       * members are not supported.
+       *
+ * + * string principal = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * @param value The bytes for principal to set. + * @return This builder for chaining. + */ + public Builder setPrincipalBytes(com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + + principal_ = value; + onChanged(); + return this; + } + + private java.lang.Object fullResourceName_ = ""; + /** + * + * + * 
+       * Required. The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The fullResourceName. + */ + public java.lang.String getFullResourceName() { + java.lang.Object ref = fullResourceName_; + if (!(ref instanceof java.lang.String)) { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + fullResourceName_ = s; + return s; + } else { + return (java.lang.String) ref; + } + } + /** + * + * + * 
+       * Required. The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for fullResourceName. + */ + public com.google.protobuf.ByteString getFullResourceNameBytes() { + java.lang.Object ref = fullResourceName_; + if (ref instanceof String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + fullResourceName_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + /** + * + * + * 
+       * Required. The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @param value The fullResourceName to set. + * @return This builder for chaining. + */ + public Builder setFullResourceName(java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + + fullResourceName_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @return This builder for chaining. + */ + public Builder clearFullResourceName() { + + fullResourceName_ = getDefaultInstance().getFullResourceName(); + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2 [(.google.api.field_behavior) = REQUIRED]; + * + * @param value The bytes for fullResourceName to set. + * @return This builder for chaining. + */ + public Builder setFullResourceNameBytes(com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + + fullResourceName_ = value; + onChanged(); + return this; + } + + private java.lang.Object permission_ = ""; + /** + * + * + * 
+       * Required. The IAM permission to check for the specified member and resource.
+       * For a complete list of IAM permissions, see
+       * https://cloud.google.com/iam/help/permissions/reference.
+       * For a complete list of predefined IAM roles and the permissions in each
+       * role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The permission. + */ + public java.lang.String getPermission() { + java.lang.Object ref = permission_; + if (!(ref instanceof java.lang.String)) { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + permission_ = s; + return s; + } else { + return (java.lang.String) ref; + } + } + /** + * + * + * 
+       * Required. The IAM permission to check for the specified member and resource.
+       * For a complete list of IAM permissions, see
+       * https://cloud.google.com/iam/help/permissions/reference.
+       * For a complete list of predefined IAM roles and the permissions in each
+       * role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @return The bytes for permission. + */ + public com.google.protobuf.ByteString getPermissionBytes() { + java.lang.Object ref = permission_; + if (ref instanceof String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + permission_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + /** + * + * + * 
+       * Required. The IAM permission to check for the specified member and resource.
+       * For a complete list of IAM permissions, see
+       * https://cloud.google.com/iam/help/permissions/reference.
+       * For a complete list of predefined IAM roles and the permissions in each
+       * role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @param value The permission to set. + * @return This builder for chaining. + */ + public Builder setPermission(java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + + permission_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. The IAM permission to check for the specified member and resource.
+       * For a complete list of IAM permissions, see
+       * https://cloud.google.com/iam/help/permissions/reference.
+       * For a complete list of predefined IAM roles and the permissions in each
+       * role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @return This builder for chaining. + */ + public Builder clearPermission() { + + permission_ = getDefaultInstance().getPermission(); + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. The IAM permission to check for the specified member and resource.
+       * For a complete list of IAM permissions, see
+       * https://cloud.google.com/iam/help/permissions/reference.
+       * For a complete list of predefined IAM roles and the permissions in each
+       * role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string permission = 3 [(.google.api.field_behavior) = REQUIRED]; + * + * @param value The bytes for permission to set. + * @return This builder for chaining. + */ + public Builder setPermissionBytes(com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + + permission_ = value; + onChanged(); + return this; + } + + @java.lang.Override + public final Builder setUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.setUnknownFields(unknownFields); + } + + @java.lang.Override + public final Builder mergeUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.mergeUnknownFields(unknownFields); + } + + // @@protoc_insertion_point(builder_scope:google.cloud.policytroubleshooter.v1.AccessTuple) + } + + // @@protoc_insertion_point(class_scope:google.cloud.policytroubleshooter.v1.AccessTuple) + private static final google.cloud.policytroubleshooter.v1.Explanations.AccessTuple + DEFAULT_INSTANCE; + + static { + DEFAULT_INSTANCE = new google.cloud.policytroubleshooter.v1.Explanations.AccessTuple(); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.AccessTuple + getDefaultInstance() { + return DEFAULT_INSTANCE; + } + + private static final com.google.protobuf.Parser PARSER = + new com.google.protobuf.AbstractParser() { + @java.lang.Override + public AccessTuple parsePartialFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return new AccessTuple(input, extensionRegistry); + } + }; + + public static com.google.protobuf.Parser parser() { + return PARSER; + } + + @java.lang.Override + public com.google.protobuf.Parser getParserForType() { + return PARSER; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple + getDefaultInstanceForType() { + return DEFAULT_INSTANCE; + } + } + + public interface ExplainedPolicyOrBuilder + extends + // @@protoc_insertion_point(interface_extends:google.cloud.policytroubleshooter.v1.ExplainedPolicy) + com.google.protobuf.MessageOrBuilder { + + /** + * + * + * 
+     * Indicates whether _this policy_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another policy that overrides
+     * this policy. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The enum numeric value on the wire for access. + */ + int getAccessValue(); + /** + * + * + * 
+     * Indicates whether _this policy_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another policy that overrides
+     * this policy. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The access. + */ + google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess(); + + /** + * + * + * 
+     * The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2; + * + * @return The fullResourceName. + */ + java.lang.String getFullResourceName(); + /** + * + * + * 
+     * The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2; + * + * @return The bytes for fullResourceName. + */ + com.google.protobuf.ByteString getFullResourceNameBytes(); + + /** + * + * + * 
+     * The IAM policy attached to the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is empty.
+     *
+ * + * .google.iam.v1.Policy policy = 3; + * + * @return Whether the policy field is set. + */ + boolean hasPolicy(); + /** + * + * + * 
+     * The IAM policy attached to the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is empty.
+     *
+ * + * .google.iam.v1.Policy policy = 3; + * + * @return The policy. + */ + com.google.iam.v1.Policy getPolicy(); + /** + * + * + * 
+     * The IAM policy attached to the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is empty.
+     *
+ * + * .google.iam.v1.Policy policy = 3; + */ + com.google.iam.v1.PolicyOrBuilder getPolicyOrBuilder(); + + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + java.util.List + getBindingExplanationsList(); + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation getBindingExplanations( + int index); + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + int getBindingExplanationsCount(); + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + java.util.List< + ? extends google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder> + getBindingExplanationsOrBuilderList(); + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder + getBindingExplanationsOrBuilder(int index); + + /** + * + * + * 
+     * The relevance of this policy to the overall determination in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @return The enum numeric value on the wire for relevance. + */ + int getRelevanceValue(); + /** + * + * + * 
+     * The relevance of this policy to the overall determination in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @return The relevance. + */ + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance(); + } + /** + * + * + * 
+   * Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed
+   * to the access check.
+   *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.ExplainedPolicy} + */ + public static final class ExplainedPolicy extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.policytroubleshooter.v1.ExplainedPolicy) + ExplainedPolicyOrBuilder { + private static final long serialVersionUID = 0L; + // Use ExplainedPolicy.newBuilder() to construct. + private ExplainedPolicy(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private ExplainedPolicy() { + access_ = 0; + fullResourceName_ = ""; + bindingExplanations_ = java.util.Collections.emptyList(); + relevance_ = 0; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new ExplainedPolicy(); + } + + @java.lang.Override + public final com.google.protobuf.UnknownFieldSet getUnknownFields() { + return this.unknownFields; + } + + private ExplainedPolicy( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + this(); + if (extensionRegistry == null) { + throw new java.lang.NullPointerException(); + } + int mutable_bitField0_ = 0; + com.google.protobuf.UnknownFieldSet.Builder unknownFields = + com.google.protobuf.UnknownFieldSet.newBuilder(); + try { + boolean done = false; + while (!done) { + int tag = input.readTag(); + switch (tag) { + case 0: + done = true; + break; + case 8: + { + int rawValue = input.readEnum(); + + access_ = rawValue; + break; + } + case 18: + { + java.lang.String s = input.readStringRequireUtf8(); + + fullResourceName_ = s; + break; + } + case 26: + { + com.google.iam.v1.Policy.Builder subBuilder = null; + if (policy_ != null) { + subBuilder = policy_.toBuilder(); + } + policy_ = input.readMessage(com.google.iam.v1.Policy.parser(), extensionRegistry); + if (subBuilder != null) { + subBuilder.mergeFrom(policy_); + policy_ = subBuilder.buildPartial(); + } + + break; + } + case 34: + { + if (!((mutable_bitField0_ & 0x00000001) != 0)) { + bindingExplanations_ = + new java.util.ArrayList< + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation>(); + mutable_bitField0_ |= 0x00000001; + } + bindingExplanations_.add( + input.readMessage( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .parser(), + extensionRegistry)); + break; + } + case 40: + { + int rawValue = input.readEnum(); + + relevance_ = rawValue; + break; + } + default: + { + if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) { + done = true; + } + break; + } + } + } + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + throw e.setUnfinishedMessage(this); + } catch (java.io.IOException e) { + throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this); + } finally { + if (((mutable_bitField0_ & 0x00000001) != 0)) { + bindingExplanations_ = java.util.Collections.unmodifiableList(bindingExplanations_); + } + this.unknownFields = unknownFields.build(); + makeExtensionsImmutable(); + } + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.class, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder.class); + } + + public static final int ACCESS_FIELD_NUMBER = 1; + private int access_; + /** + * + * + * 
+     * Indicates whether _this policy_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another policy that overrides
+     * this policy. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The enum numeric value on the wire for access. + */ + @java.lang.Override + public int getAccessValue() { + return access_; + } + /** + * + * + * 
+     * Indicates whether _this policy_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another policy that overrides
+     * this policy. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The access. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.AccessState result = + google.cloud.policytroubleshooter.v1.Explanations.AccessState.valueOf(access_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessState.UNRECOGNIZED + : result; + } + + public static final int FULL_RESOURCE_NAME_FIELD_NUMBER = 2; + private volatile java.lang.Object fullResourceName_; + /** + * + * + * 
+     * The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2; + * + * @return The fullResourceName. + */ + @java.lang.Override + public java.lang.String getFullResourceName() { + java.lang.Object ref = fullResourceName_; + if (ref instanceof java.lang.String) { + return (java.lang.String) ref; + } else { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + fullResourceName_ = s; + return s; + } + } + /** + * + * + * 
+     * The full resource name that identifies the resource. For example,
+     * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     * For examples of full resource names for Google Cloud services, see
+     * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+     *
+ * + * string full_resource_name = 2; + * + * @return The bytes for fullResourceName. + */ + @java.lang.Override + public com.google.protobuf.ByteString getFullResourceNameBytes() { + java.lang.Object ref = fullResourceName_; + if (ref instanceof java.lang.String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + fullResourceName_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + + public static final int POLICY_FIELD_NUMBER = 3; + private com.google.iam.v1.Policy policy_; + /** + * + * + * 
+     * The IAM policy attached to the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is empty.
+     *
+ * + * .google.iam.v1.Policy policy = 3; + * + * @return Whether the policy field is set. + */ + @java.lang.Override + public boolean hasPolicy() { + return policy_ != null; + } + /** + * + * + * 
+     * The IAM policy attached to the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is empty.
+     *
+ * + * .google.iam.v1.Policy policy = 3; + * + * @return The policy. + */ + @java.lang.Override + public com.google.iam.v1.Policy getPolicy() { + return policy_ == null ? com.google.iam.v1.Policy.getDefaultInstance() : policy_; + } + /** + * + * + * 
+     * The IAM policy attached to the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is empty.
+     *
+ * + * .google.iam.v1.Policy policy = 3; + */ + @java.lang.Override + public com.google.iam.v1.PolicyOrBuilder getPolicyOrBuilder() { + return getPolicy(); + } + + public static final int BINDING_EXPLANATIONS_FIELD_NUMBER = 4; + private java.util.List + bindingExplanations_; + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + @java.lang.Override + public java.util.List + getBindingExplanationsList() { + return bindingExplanations_; + } + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + @java.lang.Override + public java.util.List< + ? extends google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder> + getBindingExplanationsOrBuilderList() { + return bindingExplanations_; + } + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + @java.lang.Override + public int getBindingExplanationsCount() { + return bindingExplanations_.size(); + } + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + getBindingExplanations(int index) { + return bindingExplanations_.get(index); + } + /** + * + * + * 
+     * Details about how each binding in the policy affects the member's ability,
+     * or inability, to use the permission for the resource.
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder + getBindingExplanationsOrBuilder(int index) { + return bindingExplanations_.get(index); + } + + public static final int RELEVANCE_FIELD_NUMBER = 5; + private int relevance_; + /** + * + * + * 
+     * The relevance of this policy to the overall determination in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @return The enum numeric value on the wire for relevance. + */ + @java.lang.Override + public int getRelevanceValue() { + return relevance_; + } + /** + * + * + * 
+     * The relevance of this policy to the overall determination in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     * If the sender of the request does not have access to the policy, this field
+     * is omitted.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @return The relevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf(relevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + + private byte memoizedIsInitialized = -1; + + @java.lang.Override + public final boolean isInitialized() { + byte isInitialized = memoizedIsInitialized; + if (isInitialized == 1) return true; + if (isInitialized == 0) return false; + + memoizedIsInitialized = 1; + return true; + } + + @java.lang.Override + public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException { + if (access_ + != google.cloud.policytroubleshooter.v1.Explanations.AccessState.ACCESS_STATE_UNSPECIFIED + .getNumber()) { + output.writeEnum(1, access_); + } + if (!getFullResourceNameBytes().isEmpty()) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 2, fullResourceName_); + } + if (policy_ != null) { + output.writeMessage(3, getPolicy()); + } + for (int i = 0; i < bindingExplanations_.size(); i++) { + output.writeMessage(4, bindingExplanations_.get(i)); + } + if (relevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + output.writeEnum(5, relevance_); + } + unknownFields.writeTo(output); + } + + @java.lang.Override + public int getSerializedSize() { + int size = memoizedSize; + if (size != -1) return size; + + size = 0; + if (access_ + != google.cloud.policytroubleshooter.v1.Explanations.AccessState.ACCESS_STATE_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(1, access_); + } + if (!getFullResourceNameBytes().isEmpty()) { + size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, fullResourceName_); + } + if (policy_ != null) { + size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getPolicy()); + } + for (int i = 0; i < bindingExplanations_.size(); i++) { + size += + com.google.protobuf.CodedOutputStream.computeMessageSize( + 4, bindingExplanations_.get(i)); + } + if (relevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(5, relevance_); + } + size += unknownFields.getSerializedSize(); + memoizedSize = size; + return size; + } + + @java.lang.Override + public boolean equals(final java.lang.Object obj) { + if (obj == this) { + return true; + } + if (!(obj instanceof google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy)) { + return super.equals(obj); + } + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy other = + (google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy) obj; + + if (access_ != other.access_) return false; + if (!getFullResourceName().equals(other.getFullResourceName())) return false; + if (hasPolicy() != other.hasPolicy()) return false; + if (hasPolicy()) { + if (!getPolicy().equals(other.getPolicy())) return false; + } + if (!getBindingExplanationsList().equals(other.getBindingExplanationsList())) return false; + if (relevance_ != other.relevance_) return false; + if (!unknownFields.equals(other.unknownFields)) return false; + return true; + } + + @java.lang.Override + public int hashCode() { + if (memoizedHashCode != 0) { + return memoizedHashCode; + } + int hash = 41; + hash = (19 * hash) + getDescriptor().hashCode(); + hash = (37 * hash) + ACCESS_FIELD_NUMBER; + hash = (53 * hash) + access_; + hash = (37 * hash) + FULL_RESOURCE_NAME_FIELD_NUMBER; + hash = (53 * hash) + getFullResourceName().hashCode(); + if (hasPolicy()) { + hash = (37 * hash) + POLICY_FIELD_NUMBER; + hash = (53 * hash) + getPolicy().hashCode(); + } + if (getBindingExplanationsCount() > 0) { + hash = (37 * hash) + BINDING_EXPLANATIONS_FIELD_NUMBER; + hash = (53 * hash) + getBindingExplanationsList().hashCode(); + } + hash = (37 * hash) + RELEVANCE_FIELD_NUMBER; + hash = (53 * hash) + relevance_; + hash = (29 * hash) + unknownFields.hashCode(); + memoizedHashCode = hash; + return hash; + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + com.google.protobuf.ByteString data) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + com.google.protobuf.ByteString data, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + byte[] data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + parseDelimitedFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + com.google.protobuf.CodedInputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parseFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + @java.lang.Override + public Builder newBuilderForType() { + return newBuilder(); + } + + public static Builder newBuilder() { + return DEFAULT_INSTANCE.toBuilder(); + } + + public static Builder newBuilder( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy prototype) { + return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype); + } + + @java.lang.Override + public Builder toBuilder() { + return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this); + } + + @java.lang.Override + protected Builder newBuilderForType( + com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + Builder builder = new Builder(parent); + return builder; + } + /** + * + * + * 
+     * Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed
+     * to the access check.
+     *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.ExplainedPolicy} + */ + public static final class Builder + extends com.google.protobuf.GeneratedMessageV3.Builder + implements + // @@protoc_insertion_point(builder_implements:google.cloud.policytroubleshooter.v1.ExplainedPolicy) + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicyOrBuilder { + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.class, + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.Builder.class); + } + + // Construct using + // google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy.newBuilder() + private Builder() { + maybeForceBuilderInitialization(); + } + + private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + super(parent); + maybeForceBuilderInitialization(); + } + + private void maybeForceBuilderInitialization() { + if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) { + getBindingExplanationsFieldBuilder(); + } + } + + @java.lang.Override + public Builder clear() { + super.clear(); + access_ = 0; + + fullResourceName_ = ""; + + if (policyBuilder_ == null) { + policy_ = null; + } else { + policy_ = null; + policyBuilder_ = null; + } + if (bindingExplanationsBuilder_ == null) { + bindingExplanations_ = java.util.Collections.emptyList(); + bitField0_ = (bitField0_ & ~0x00000001); + } else { + bindingExplanationsBuilder_.clear(); + } + relevance_ = 0; + + return this; + } + + @java.lang.Override + public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_descriptor; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + getDefaultInstanceForType() { + return google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + .getDefaultInstance(); + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy build() { + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy result = buildPartial(); + if (!result.isInitialized()) { + throw newUninitializedMessageException(result); + } + return result; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy buildPartial() { + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy result = + new google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy(this); + int from_bitField0_ = bitField0_; + result.access_ = access_; + result.fullResourceName_ = fullResourceName_; + if (policyBuilder_ == null) { + result.policy_ = policy_; + } else { + result.policy_ = policyBuilder_.build(); + } + if (bindingExplanationsBuilder_ == null) { + if (((bitField0_ & 0x00000001) != 0)) { + bindingExplanations_ = java.util.Collections.unmodifiableList(bindingExplanations_); + bitField0_ = (bitField0_ & ~0x00000001); + } + result.bindingExplanations_ = bindingExplanations_; + } else { + result.bindingExplanations_ = bindingExplanationsBuilder_.build(); + } + result.relevance_ = relevance_; + onBuilt(); + return result; + } + + @java.lang.Override + public Builder clone() { + return super.clone(); + } + + @java.lang.Override + public Builder setField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.setField(field, value); + } + + @java.lang.Override + public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) { + return super.clearField(field); + } + + @java.lang.Override + public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) { + return super.clearOneof(oneof); + } + + @java.lang.Override + public Builder setRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, + int index, + java.lang.Object value) { + return super.setRepeatedField(field, index, value); + } + + @java.lang.Override + public Builder addRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.addRepeatedField(field, value); + } + + @java.lang.Override + public Builder mergeFrom(com.google.protobuf.Message other) { + if (other instanceof google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy) { + return mergeFrom( + (google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy) other); + } else { + super.mergeFrom(other); + return this; + } + } + + public Builder mergeFrom( + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy other) { + if (other + == google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + .getDefaultInstance()) return this; + if (other.access_ != 0) { + setAccessValue(other.getAccessValue()); + } + if (!other.getFullResourceName().isEmpty()) { + fullResourceName_ = other.fullResourceName_; + onChanged(); + } + if (other.hasPolicy()) { + mergePolicy(other.getPolicy()); + } + if (bindingExplanationsBuilder_ == null) { + if (!other.bindingExplanations_.isEmpty()) { + if (bindingExplanations_.isEmpty()) { + bindingExplanations_ = other.bindingExplanations_; + bitField0_ = (bitField0_ & ~0x00000001); + } else { + ensureBindingExplanationsIsMutable(); + bindingExplanations_.addAll(other.bindingExplanations_); + } + onChanged(); + } + } else { + if (!other.bindingExplanations_.isEmpty()) { + if (bindingExplanationsBuilder_.isEmpty()) { + bindingExplanationsBuilder_.dispose(); + bindingExplanationsBuilder_ = null; + bindingExplanations_ = other.bindingExplanations_; + bitField0_ = (bitField0_ & ~0x00000001); + bindingExplanationsBuilder_ = + com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders + ? getBindingExplanationsFieldBuilder() + : null; + } else { + bindingExplanationsBuilder_.addAllMessages(other.bindingExplanations_); + } + } + } + if (other.relevance_ != 0) { + setRelevanceValue(other.getRelevanceValue()); + } + this.mergeUnknownFields(other.unknownFields); + onChanged(); + return this; + } + + @java.lang.Override + public final boolean isInitialized() { + return true; + } + + @java.lang.Override + public Builder mergeFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy parsedMessage = null; + try { + parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry); + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + parsedMessage = + (google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy) + e.getUnfinishedMessage(); + throw e.unwrapIOException(); + } finally { + if (parsedMessage != null) { + mergeFrom(parsedMessage); + } + } + return this; + } + + private int bitField0_; + + private int access_ = 0; + /** + * + * + * 
+       * Indicates whether _this policy_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another policy that overrides
+       * this policy. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The enum numeric value on the wire for access. + */ + @java.lang.Override + public int getAccessValue() { + return access_; + } + /** + * + * + * 
+       * Indicates whether _this policy_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another policy that overrides
+       * this policy. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @param value The enum numeric value on the wire for access to set. + * @return This builder for chaining. + */ + public Builder setAccessValue(int value) { + + access_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * Indicates whether _this policy_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another policy that overrides
+       * this policy. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return The access. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.AccessState result = + google.cloud.policytroubleshooter.v1.Explanations.AccessState.valueOf(access_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessState.UNRECOGNIZED + : result; + } + /** + * + * + * 
+       * Indicates whether _this policy_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another policy that overrides
+       * this policy. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @param value The access to set. + * @return This builder for chaining. + */ + public Builder setAccess( + google.cloud.policytroubleshooter.v1.Explanations.AccessState value) { + if (value == null) { + throw new NullPointerException(); + } + + access_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+       * Indicates whether _this policy_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another policy that overrides
+       * this policy. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1; + * + * @return This builder for chaining. + */ + public Builder clearAccess() { + + access_ = 0; + onChanged(); + return this; + } + + private java.lang.Object fullResourceName_ = ""; + /** + * + * + * 
+       * The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2; + * + * @return The fullResourceName. + */ + public java.lang.String getFullResourceName() { + java.lang.Object ref = fullResourceName_; + if (!(ref instanceof java.lang.String)) { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + fullResourceName_ = s; + return s; + } else { + return (java.lang.String) ref; + } + } + /** + * + * + * 
+       * The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2; + * + * @return The bytes for fullResourceName. + */ + public com.google.protobuf.ByteString getFullResourceNameBytes() { + java.lang.Object ref = fullResourceName_; + if (ref instanceof String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + fullResourceName_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + /** + * + * + * 
+       * The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2; + * + * @param value The fullResourceName to set. + * @return This builder for chaining. + */ + public Builder setFullResourceName(java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + + fullResourceName_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2; + * + * @return This builder for chaining. + */ + public Builder clearFullResourceName() { + + fullResourceName_ = getDefaultInstance().getFullResourceName(); + onChanged(); + return this; + } + /** + * + * + * 
+       * The full resource name that identifies the resource. For example,
+       * `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       * For examples of full resource names for Google Cloud services, see
+       * https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
+       *
+ * + * string full_resource_name = 2; + * + * @param value The bytes for fullResourceName to set. + * @return This builder for chaining. + */ + public Builder setFullResourceNameBytes(com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + + fullResourceName_ = value; + onChanged(); + return this; + } + + private com.google.iam.v1.Policy policy_; + private com.google.protobuf.SingleFieldBuilderV3< + com.google.iam.v1.Policy, + com.google.iam.v1.Policy.Builder, + com.google.iam.v1.PolicyOrBuilder> + policyBuilder_; + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + * + * @return Whether the policy field is set. + */ + public boolean hasPolicy() { + return policyBuilder_ != null || policy_ != null; + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + * + * @return The policy. + */ + public com.google.iam.v1.Policy getPolicy() { + if (policyBuilder_ == null) { + return policy_ == null ? com.google.iam.v1.Policy.getDefaultInstance() : policy_; + } else { + return policyBuilder_.getMessage(); + } + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + */ + public Builder setPolicy(com.google.iam.v1.Policy value) { + if (policyBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + policy_ = value; + onChanged(); + } else { + policyBuilder_.setMessage(value); + } + + return this; + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + */ + public Builder setPolicy(com.google.iam.v1.Policy.Builder builderForValue) { + if (policyBuilder_ == null) { + policy_ = builderForValue.build(); + onChanged(); + } else { + policyBuilder_.setMessage(builderForValue.build()); + } + + return this; + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + */ + public Builder mergePolicy(com.google.iam.v1.Policy value) { + if (policyBuilder_ == null) { + if (policy_ != null) { + policy_ = com.google.iam.v1.Policy.newBuilder(policy_).mergeFrom(value).buildPartial(); + } else { + policy_ = value; + } + onChanged(); + } else { + policyBuilder_.mergeFrom(value); + } + + return this; + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + */ + public Builder clearPolicy() { + if (policyBuilder_ == null) { + policy_ = null; + onChanged(); + } else { + policy_ = null; + policyBuilder_ = null; + } + + return this; + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + */ + public com.google.iam.v1.Policy.Builder getPolicyBuilder() { + + onChanged(); + return getPolicyFieldBuilder().getBuilder(); + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + */ + public com.google.iam.v1.PolicyOrBuilder getPolicyOrBuilder() { + if (policyBuilder_ != null) { + return policyBuilder_.getMessageOrBuilder(); + } else { + return policy_ == null ? com.google.iam.v1.Policy.getDefaultInstance() : policy_; + } + } + /** + * + * + * 
+       * The IAM policy attached to the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is empty.
+       *
+ * + * .google.iam.v1.Policy policy = 3; + */ + private com.google.protobuf.SingleFieldBuilderV3< + com.google.iam.v1.Policy, + com.google.iam.v1.Policy.Builder, + com.google.iam.v1.PolicyOrBuilder> + getPolicyFieldBuilder() { + if (policyBuilder_ == null) { + policyBuilder_ = + new com.google.protobuf.SingleFieldBuilderV3< + com.google.iam.v1.Policy, + com.google.iam.v1.Policy.Builder, + com.google.iam.v1.PolicyOrBuilder>( + getPolicy(), getParentForChildren(), isClean()); + policy_ = null; + } + return policyBuilder_; + } + + private java.util.List + bindingExplanations_ = java.util.Collections.emptyList(); + + private void ensureBindingExplanationsIsMutable() { + if (!((bitField0_ & 0x00000001) != 0)) { + bindingExplanations_ = + new java.util.ArrayList< + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation>( + bindingExplanations_); + bitField0_ |= 0x00000001; + } + } + + private com.google.protobuf.RepeatedFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder> + bindingExplanationsBuilder_; + + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public java.util.List + getBindingExplanationsList() { + if (bindingExplanationsBuilder_ == null) { + return java.util.Collections.unmodifiableList(bindingExplanations_); + } else { + return bindingExplanationsBuilder_.getMessageList(); + } + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public int getBindingExplanationsCount() { + if (bindingExplanationsBuilder_ == null) { + return bindingExplanations_.size(); + } else { + return bindingExplanationsBuilder_.getCount(); + } + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + getBindingExplanations(int index) { + if (bindingExplanationsBuilder_ == null) { + return bindingExplanations_.get(index); + } else { + return bindingExplanationsBuilder_.getMessage(index); + } + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder setBindingExplanations( + int index, google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation value) { + if (bindingExplanationsBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + ensureBindingExplanationsIsMutable(); + bindingExplanations_.set(index, value); + onChanged(); + } else { + bindingExplanationsBuilder_.setMessage(index, value); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder setBindingExplanations( + int index, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder + builderForValue) { + if (bindingExplanationsBuilder_ == null) { + ensureBindingExplanationsIsMutable(); + bindingExplanations_.set(index, builderForValue.build()); + onChanged(); + } else { + bindingExplanationsBuilder_.setMessage(index, builderForValue.build()); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder addBindingExplanations( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation value) { + if (bindingExplanationsBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + ensureBindingExplanationsIsMutable(); + bindingExplanations_.add(value); + onChanged(); + } else { + bindingExplanationsBuilder_.addMessage(value); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder addBindingExplanations( + int index, google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation value) { + if (bindingExplanationsBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + ensureBindingExplanationsIsMutable(); + bindingExplanations_.add(index, value); + onChanged(); + } else { + bindingExplanationsBuilder_.addMessage(index, value); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder addBindingExplanations( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder + builderForValue) { + if (bindingExplanationsBuilder_ == null) { + ensureBindingExplanationsIsMutable(); + bindingExplanations_.add(builderForValue.build()); + onChanged(); + } else { + bindingExplanationsBuilder_.addMessage(builderForValue.build()); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder addBindingExplanations( + int index, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder + builderForValue) { + if (bindingExplanationsBuilder_ == null) { + ensureBindingExplanationsIsMutable(); + bindingExplanations_.add(index, builderForValue.build()); + onChanged(); + } else { + bindingExplanationsBuilder_.addMessage(index, builderForValue.build()); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder addAllBindingExplanations( + java.lang.Iterable< + ? extends google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation> + values) { + if (bindingExplanationsBuilder_ == null) { + ensureBindingExplanationsIsMutable(); + com.google.protobuf.AbstractMessageLite.Builder.addAll(values, bindingExplanations_); + onChanged(); + } else { + bindingExplanationsBuilder_.addAllMessages(values); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder clearBindingExplanations() { + if (bindingExplanationsBuilder_ == null) { + bindingExplanations_ = java.util.Collections.emptyList(); + bitField0_ = (bitField0_ & ~0x00000001); + onChanged(); + } else { + bindingExplanationsBuilder_.clear(); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public Builder removeBindingExplanations(int index) { + if (bindingExplanationsBuilder_ == null) { + ensureBindingExplanationsIsMutable(); + bindingExplanations_.remove(index); + onChanged(); + } else { + bindingExplanationsBuilder_.remove(index); + } + return this; + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder + getBindingExplanationsBuilder(int index) { + return getBindingExplanationsFieldBuilder().getBuilder(index); + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder + getBindingExplanationsOrBuilder(int index) { + if (bindingExplanationsBuilder_ == null) { + return bindingExplanations_.get(index); + } else { + return bindingExplanationsBuilder_.getMessageOrBuilder(index); + } + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public java.util.List< + ? extends + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder> + getBindingExplanationsOrBuilderList() { + if (bindingExplanationsBuilder_ != null) { + return bindingExplanationsBuilder_.getMessageOrBuilderList(); + } else { + return java.util.Collections.unmodifiableList(bindingExplanations_); + } + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder + addBindingExplanationsBuilder() { + return getBindingExplanationsFieldBuilder() + .addBuilder( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .getDefaultInstance()); + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder + addBindingExplanationsBuilder(int index) { + return getBindingExplanationsFieldBuilder() + .addBuilder( + index, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .getDefaultInstance()); + } + /** + * + * + * 
+       * Details about how each binding in the policy affects the member's ability,
+       * or inability, to use the permission for the resource.
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * + * repeated .google.cloud.policytroubleshooter.v1.BindingExplanation binding_explanations = 4; + * + */ + public java.util.List< + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder> + getBindingExplanationsBuilderList() { + return getBindingExplanationsFieldBuilder().getBuilderList(); + } + + private com.google.protobuf.RepeatedFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder> + getBindingExplanationsFieldBuilder() { + if (bindingExplanationsBuilder_ == null) { + bindingExplanationsBuilder_ = + new com.google.protobuf.RepeatedFieldBuilderV3< + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder>( + bindingExplanations_, + ((bitField0_ & 0x00000001) != 0), + getParentForChildren(), + isClean()); + bindingExplanations_ = null; + } + return bindingExplanationsBuilder_; + } + + private int relevance_ = 0; + /** + * + * + * 
+       * The relevance of this policy to the overall determination in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @return The enum numeric value on the wire for relevance. + */ + @java.lang.Override + public int getRelevanceValue() { + return relevance_; + } + /** + * + * + * 
+       * The relevance of this policy to the overall determination in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @param value The enum numeric value on the wire for relevance to set. + * @return This builder for chaining. + */ + public Builder setRelevanceValue(int value) { + + relevance_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * The relevance of this policy to the overall determination in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @return The relevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf( + relevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + /** + * + * + * 
+       * The relevance of this policy to the overall determination in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @param value The relevance to set. + * @return This builder for chaining. + */ + public Builder setRelevance( + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance value) { + if (value == null) { + throw new NullPointerException(); + } + + relevance_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+       * The relevance of this policy to the overall determination in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       * If the sender of the request does not have access to the policy, this field
+       * is omitted.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 5; + * + * @return This builder for chaining. + */ + public Builder clearRelevance() { + + relevance_ = 0; + onChanged(); + return this; + } + + @java.lang.Override + public final Builder setUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.setUnknownFields(unknownFields); + } + + @java.lang.Override + public final Builder mergeUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.mergeUnknownFields(unknownFields); + } + + // @@protoc_insertion_point(builder_scope:google.cloud.policytroubleshooter.v1.ExplainedPolicy) + } + + // @@protoc_insertion_point(class_scope:google.cloud.policytroubleshooter.v1.ExplainedPolicy) + private static final google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + DEFAULT_INSTANCE; + + static { + DEFAULT_INSTANCE = new google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy(); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + getDefaultInstance() { + return DEFAULT_INSTANCE; + } + + private static final com.google.protobuf.Parser PARSER = + new com.google.protobuf.AbstractParser() { + @java.lang.Override + public ExplainedPolicy parsePartialFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return new ExplainedPolicy(input, extensionRegistry); + } + }; + + public static com.google.protobuf.Parser parser() { + return PARSER; + } + + @java.lang.Override + public com.google.protobuf.Parser getParserForType() { + return PARSER; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.ExplainedPolicy + getDefaultInstanceForType() { + return DEFAULT_INSTANCE; + } + } + + public interface BindingExplanationOrBuilder + extends + // @@protoc_insertion_point(interface_extends:google.cloud.policytroubleshooter.v1.BindingExplanation) + com.google.protobuf.MessageOrBuilder { + + /** + * + * + * 
+     * Required. Indicates whether _this binding_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another binding that overrides
+     * this binding. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @return The enum numeric value on the wire for access. + */ + int getAccessValue(); + /** + * + * + * 
+     * Required. Indicates whether _this binding_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another binding that overrides
+     * this binding. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @return The access. + */ + google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess(); + + /** + * + * + * 
+     * The role that this binding grants. For example,
+     * `roles/compute.serviceAgent`.
+     * For a complete list of predefined IAM roles, as well as the permissions in
+     * each role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string role = 2; + * + * @return The role. + */ + java.lang.String getRole(); + /** + * + * + * 
+     * The role that this binding grants. For example,
+     * `roles/compute.serviceAgent`.
+     * For a complete list of predefined IAM roles, as well as the permissions in
+     * each role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string role = 2; + * + * @return The bytes for role. + */ + com.google.protobuf.ByteString getRoleBytes(); + + /** + * + * + * 
+     * Indicates whether the role granted by this binding contains the specified
+     * permission.
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @return The enum numeric value on the wire for rolePermission. + */ + int getRolePermissionValue(); + /** + * + * + * 
+     * Indicates whether the role granted by this binding contains the specified
+     * permission.
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @return The rolePermission. + */ + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + getRolePermission(); + + /** + * + * + * 
+     * The relevance of the permission's existence, or nonexistence, in the role
+     * to the overall determination for the entire policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @return The enum numeric value on the wire for rolePermissionRelevance. + */ + int getRolePermissionRelevanceValue(); + /** + * + * + * 
+     * The relevance of the permission's existence, or nonexistence, in the role
+     * to the overall determination for the entire policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @return The rolePermissionRelevance. + */ + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + getRolePermissionRelevance(); + + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + int getMembershipsCount(); + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + boolean containsMemberships(java.lang.String key); + /** Use {@link #getMembershipsMap()} instead. */ + @java.lang.Deprecated + java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + getMemberships(); + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + getMembershipsMap(); + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + getMembershipsOrDefault( + java.lang.String key, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + defaultValue); + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + getMembershipsOrThrow(java.lang.String key); + + /** + * + * + * 
+     * The relevance of this binding to the overall determination for the entire
+     * policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @return The enum numeric value on the wire for relevance. + */ + int getRelevanceValue(); + /** + * + * + * 
+     * The relevance of this binding to the overall determination for the entire
+     * policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @return The relevance. + */ + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance(); + + /** + * + * + * 
+     * A condition expression that prevents access unless the expression evaluates
+     * to `true`.
+     * To learn about IAM Conditions, see
+     * http://cloud.google.com/iam/help/conditions/overview.
+     *
+ * + * .google.type.Expr condition = 7; + * + * @return Whether the condition field is set. + */ + boolean hasCondition(); + /** + * + * + * 
+     * A condition expression that prevents access unless the expression evaluates
+     * to `true`.
+     * To learn about IAM Conditions, see
+     * http://cloud.google.com/iam/help/conditions/overview.
+     *
+ * + * .google.type.Expr condition = 7; + * + * @return The condition. + */ + com.google.type.Expr getCondition(); + /** + * + * + * 
+     * A condition expression that prevents access unless the expression evaluates
+     * to `true`.
+     * To learn about IAM Conditions, see
+     * http://cloud.google.com/iam/help/conditions/overview.
+     *
+ * + * .google.type.Expr condition = 7; + */ + com.google.type.ExprOrBuilder getConditionOrBuilder(); + } + /** + * + * + * 
+   * Details about how a binding in a policy affects a member's ability to use a
+   * permission.
+   *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.BindingExplanation} + */ + public static final class BindingExplanation extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.policytroubleshooter.v1.BindingExplanation) + BindingExplanationOrBuilder { + private static final long serialVersionUID = 0L; + // Use BindingExplanation.newBuilder() to construct. + private BindingExplanation(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private BindingExplanation() { + access_ = 0; + role_ = ""; + rolePermission_ = 0; + rolePermissionRelevance_ = 0; + relevance_ = 0; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new BindingExplanation(); + } + + @java.lang.Override + public final com.google.protobuf.UnknownFieldSet getUnknownFields() { + return this.unknownFields; + } + + private BindingExplanation( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + this(); + if (extensionRegistry == null) { + throw new java.lang.NullPointerException(); + } + int mutable_bitField0_ = 0; + com.google.protobuf.UnknownFieldSet.Builder unknownFields = + com.google.protobuf.UnknownFieldSet.newBuilder(); + try { + boolean done = false; + while (!done) { + int tag = input.readTag(); + switch (tag) { + case 0: + done = true; + break; + case 8: + { + int rawValue = input.readEnum(); + + access_ = rawValue; + break; + } + case 18: + { + java.lang.String s = input.readStringRequireUtf8(); + + role_ = s; + break; + } + case 24: + { + int rawValue = input.readEnum(); + + rolePermission_ = rawValue; + break; + } + case 32: + { + int rawValue = input.readEnum(); + + rolePermissionRelevance_ = rawValue; + break; + } + case 42: + { + if (!((mutable_bitField0_ & 0x00000001) != 0)) { + memberships_ = + com.google.protobuf.MapField.newMapField( + MembershipsDefaultEntryHolder.defaultEntry); + mutable_bitField0_ |= 0x00000001; + } + com.google.protobuf.MapEntry< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + memberships__ = + input.readMessage( + MembershipsDefaultEntryHolder.defaultEntry.getParserForType(), + extensionRegistry); + memberships_.getMutableMap().put(memberships__.getKey(), memberships__.getValue()); + break; + } + case 48: + { + int rawValue = input.readEnum(); + + relevance_ = rawValue; + break; + } + case 58: + { + com.google.type.Expr.Builder subBuilder = null; + if (condition_ != null) { + subBuilder = condition_.toBuilder(); + } + condition_ = input.readMessage(com.google.type.Expr.parser(), extensionRegistry); + if (subBuilder != null) { + subBuilder.mergeFrom(condition_); + condition_ = subBuilder.buildPartial(); + } + + break; + } + default: + { + if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) { + done = true; + } + break; + } + } + } + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + throw e.setUnfinishedMessage(this); + } catch (java.io.IOException e) { + throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this); + } finally { + this.unknownFields = unknownFields.build(); + makeExtensionsImmutable(); + } + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor; + } + + @SuppressWarnings({"rawtypes"}) + @java.lang.Override + protected com.google.protobuf.MapField internalGetMapField(int number) { + switch (number) { + case 5: + return internalGetMemberships(); + default: + throw new RuntimeException("Invalid map field number: " + number); + } + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.class, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder.class); + } + + /** + * + * + * 
+     * Whether a role includes a specific permission.
+     *
+ * + * Protobuf enum {@code google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission} + */ + public enum RolePermission implements com.google.protobuf.ProtocolMessageEnum { + /** + * + * + * 
+       * Reserved for future use.
+       *
+ * + * ROLE_PERMISSION_UNSPECIFIED = 0; + */ + ROLE_PERMISSION_UNSPECIFIED(0), + /** + * + * + * 
+       * The permission is included in the role.
+       *
+ * + * ROLE_PERMISSION_INCLUDED = 1; + */ + ROLE_PERMISSION_INCLUDED(1), + /** + * + * + * 
+       * The permission is not included in the role.
+       *
+ * + * ROLE_PERMISSION_NOT_INCLUDED = 2; + */ + ROLE_PERMISSION_NOT_INCLUDED(2), + /** + * + * + * 
+       * The sender of the request is not allowed to access the binding.
+       *
+ * + * ROLE_PERMISSION_UNKNOWN_INFO_DENIED = 3; + */ + ROLE_PERMISSION_UNKNOWN_INFO_DENIED(3), + UNRECOGNIZED(-1), + ; + + /** + * + * + * 
+       * Reserved for future use.
+       *
+ * + * ROLE_PERMISSION_UNSPECIFIED = 0; + */ + public static final int ROLE_PERMISSION_UNSPECIFIED_VALUE = 0; + /** + * + * + * 
+       * The permission is included in the role.
+       *
+ * + * ROLE_PERMISSION_INCLUDED = 1; + */ + public static final int ROLE_PERMISSION_INCLUDED_VALUE = 1; + /** + * + * + * 
+       * The permission is not included in the role.
+       *
+ * + * ROLE_PERMISSION_NOT_INCLUDED = 2; + */ + public static final int ROLE_PERMISSION_NOT_INCLUDED_VALUE = 2; + /** + * + * + * 
+       * The sender of the request is not allowed to access the binding.
+       *
+ * + * ROLE_PERMISSION_UNKNOWN_INFO_DENIED = 3; + */ + public static final int ROLE_PERMISSION_UNKNOWN_INFO_DENIED_VALUE = 3; + + public final int getNumber() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalArgumentException( + "Can't get the number of an unknown enum value."); + } + return value; + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + * @deprecated Use {@link #forNumber(int)} instead. + */ + @java.lang.Deprecated + public static RolePermission valueOf(int value) { + return forNumber(value); + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + */ + public static RolePermission forNumber(int value) { + switch (value) { + case 0: + return ROLE_PERMISSION_UNSPECIFIED; + case 1: + return ROLE_PERMISSION_INCLUDED; + case 2: + return ROLE_PERMISSION_NOT_INCLUDED; + case 3: + return ROLE_PERMISSION_UNKNOWN_INFO_DENIED; + default: + return null; + } + } + + public static com.google.protobuf.Internal.EnumLiteMap internalGetValueMap() { + return internalValueMap; + } + + private static final com.google.protobuf.Internal.EnumLiteMap + internalValueMap = + new com.google.protobuf.Internal.EnumLiteMap() { + public RolePermission findValueByNumber(int number) { + return RolePermission.forNumber(number); + } + }; + + public final com.google.protobuf.Descriptors.EnumValueDescriptor getValueDescriptor() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalStateException( + "Can't get the descriptor of an unrecognized enum value."); + } + return getDescriptor().getValues().get(ordinal()); + } + + public final com.google.protobuf.Descriptors.EnumDescriptor getDescriptorForType() { + return getDescriptor(); + } + + public static final com.google.protobuf.Descriptors.EnumDescriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.getDescriptor() + .getEnumTypes() + .get(0); + } + + private static final RolePermission[] VALUES = values(); + + public static RolePermission valueOf( + com.google.protobuf.Descriptors.EnumValueDescriptor desc) { + if (desc.getType() != getDescriptor()) { + throw new java.lang.IllegalArgumentException("EnumValueDescriptor is not for this type."); + } + if (desc.getIndex() == -1) { + return UNRECOGNIZED; + } + return VALUES[desc.getIndex()]; + } + + private final int value; + + private RolePermission(int value) { + this.value = value; + } + + // @@protoc_insertion_point(enum_scope:google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission) + } + + /** + * + * + * 
+     * Whether the binding includes the member.
+     *
+ * + * Protobuf enum {@code google.cloud.policytroubleshooter.v1.BindingExplanation.Membership} + */ + public enum Membership implements com.google.protobuf.ProtocolMessageEnum { + /** + * + * + * 
+       * Reserved for future use.
+       *
+ * + * MEMBERSHIP_UNSPECIFIED = 0; + */ + MEMBERSHIP_UNSPECIFIED(0), + /** + * + * + * 
+       * The binding includes the member. The member can be included directly
+       * or indirectly. For example:
+       * * A member is included directly if that member is listed in the binding.
+       * * A member is included indirectly if that member is in a Google group or
+       *   G Suite domain that is listed in the binding.
+       *
+ * + * MEMBERSHIP_INCLUDED = 1; + */ + MEMBERSHIP_INCLUDED(1), + /** + * + * + * 
+       * The binding does not include the member.
+       *
+ * + * MEMBERSHIP_NOT_INCLUDED = 2; + */ + MEMBERSHIP_NOT_INCLUDED(2), + /** + * + * + * 
+       * The sender of the request is not allowed to access the binding.
+       *
+ * + * MEMBERSHIP_UNKNOWN_INFO_DENIED = 3; + */ + MEMBERSHIP_UNKNOWN_INFO_DENIED(3), + /** + * + * + * 
+       * The member is an unsupported type. Only Google Accounts and service
+       * accounts are supported.
+       *
+ * + * MEMBERSHIP_UNKNOWN_UNSUPPORTED = 4; + */ + MEMBERSHIP_UNKNOWN_UNSUPPORTED(4), + UNRECOGNIZED(-1), + ; + + /** + * + * + * 
+       * Reserved for future use.
+       *
+ * + * MEMBERSHIP_UNSPECIFIED = 0; + */ + public static final int MEMBERSHIP_UNSPECIFIED_VALUE = 0; + /** + * + * + * 
+       * The binding includes the member. The member can be included directly
+       * or indirectly. For example:
+       * * A member is included directly if that member is listed in the binding.
+       * * A member is included indirectly if that member is in a Google group or
+       *   G Suite domain that is listed in the binding.
+       *
+ * + * MEMBERSHIP_INCLUDED = 1; + */ + public static final int MEMBERSHIP_INCLUDED_VALUE = 1; + /** + * + * + * 
+       * The binding does not include the member.
+       *
+ * + * MEMBERSHIP_NOT_INCLUDED = 2; + */ + public static final int MEMBERSHIP_NOT_INCLUDED_VALUE = 2; + /** + * + * + * 
+       * The sender of the request is not allowed to access the binding.
+       *
+ * + * MEMBERSHIP_UNKNOWN_INFO_DENIED = 3; + */ + public static final int MEMBERSHIP_UNKNOWN_INFO_DENIED_VALUE = 3; + /** + * + * + * 
+       * The member is an unsupported type. Only Google Accounts and service
+       * accounts are supported.
+       *
+ * + * MEMBERSHIP_UNKNOWN_UNSUPPORTED = 4; + */ + public static final int MEMBERSHIP_UNKNOWN_UNSUPPORTED_VALUE = 4; + + public final int getNumber() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalArgumentException( + "Can't get the number of an unknown enum value."); + } + return value; + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + * @deprecated Use {@link #forNumber(int)} instead. + */ + @java.lang.Deprecated + public static Membership valueOf(int value) { + return forNumber(value); + } + + /** + * @param value The numeric wire value of the corresponding enum entry. + * @return The enum associated with the given numeric wire value. + */ + public static Membership forNumber(int value) { + switch (value) { + case 0: + return MEMBERSHIP_UNSPECIFIED; + case 1: + return MEMBERSHIP_INCLUDED; + case 2: + return MEMBERSHIP_NOT_INCLUDED; + case 3: + return MEMBERSHIP_UNKNOWN_INFO_DENIED; + case 4: + return MEMBERSHIP_UNKNOWN_UNSUPPORTED; + default: + return null; + } + } + + public static com.google.protobuf.Internal.EnumLiteMap internalGetValueMap() { + return internalValueMap; + } + + private static final com.google.protobuf.Internal.EnumLiteMap internalValueMap = + new com.google.protobuf.Internal.EnumLiteMap() { + public Membership findValueByNumber(int number) { + return Membership.forNumber(number); + } + }; + + public final com.google.protobuf.Descriptors.EnumValueDescriptor getValueDescriptor() { + if (this == UNRECOGNIZED) { + throw new java.lang.IllegalStateException( + "Can't get the descriptor of an unrecognized enum value."); + } + return getDescriptor().getValues().get(ordinal()); + } + + public final com.google.protobuf.Descriptors.EnumDescriptor getDescriptorForType() { + return getDescriptor(); + } + + public static final com.google.protobuf.Descriptors.EnumDescriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.getDescriptor() + .getEnumTypes() + .get(1); + } + + private static final Membership[] VALUES = values(); + + public static Membership valueOf(com.google.protobuf.Descriptors.EnumValueDescriptor desc) { + if (desc.getType() != getDescriptor()) { + throw new java.lang.IllegalArgumentException("EnumValueDescriptor is not for this type."); + } + if (desc.getIndex() == -1) { + return UNRECOGNIZED; + } + return VALUES[desc.getIndex()]; + } + + private final int value; + + private Membership(int value) { + this.value = value; + } + + // @@protoc_insertion_point(enum_scope:google.cloud.policytroubleshooter.v1.BindingExplanation.Membership) + } + + public interface AnnotatedMembershipOrBuilder + extends + // @@protoc_insertion_point(interface_extends:google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership) + com.google.protobuf.MessageOrBuilder { + + /** + * + * + * 
+       * Indicates whether the binding includes the member.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @return The enum numeric value on the wire for membership. + */ + int getMembershipValue(); + /** + * + * + * 
+       * Indicates whether the binding includes the member.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @return The membership. + */ + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + getMembership(); + + /** + * + * + * 
+       * The relevance of the member's status to the overall determination for the
+       * binding.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @return The enum numeric value on the wire for relevance. + */ + int getRelevanceValue(); + /** + * + * + * 
+       * The relevance of the member's status to the overall determination for the
+       * binding.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @return The relevance. + */ + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance(); + } + /** + * + * + * 
+     * Details about whether the binding includes the member.
+     *
+ * + * Protobuf type {@code + * google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership} + */ + public static final class AnnotatedMembership extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership) + AnnotatedMembershipOrBuilder { + private static final long serialVersionUID = 0L; + // Use AnnotatedMembership.newBuilder() to construct. + private AnnotatedMembership(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private AnnotatedMembership() { + membership_ = 0; + relevance_ = 0; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new AnnotatedMembership(); + } + + @java.lang.Override + public final com.google.protobuf.UnknownFieldSet getUnknownFields() { + return this.unknownFields; + } + + private AnnotatedMembership( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + this(); + if (extensionRegistry == null) { + throw new java.lang.NullPointerException(); + } + com.google.protobuf.UnknownFieldSet.Builder unknownFields = + com.google.protobuf.UnknownFieldSet.newBuilder(); + try { + boolean done = false; + while (!done) { + int tag = input.readTag(); + switch (tag) { + case 0: + done = true; + break; + case 8: + { + int rawValue = input.readEnum(); + + membership_ = rawValue; + break; + } + case 16: + { + int rawValue = input.readEnum(); + + relevance_ = rawValue; + break; + } + default: + { + if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) { + done = true; + } + break; + } + } + } + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + throw e.setUnfinishedMessage(this); + } catch (java.io.IOException e) { + throw new com.google.protobuf.InvalidProtocolBufferException(e) + .setUnfinishedMessage(this); + } finally { + this.unknownFields = unknownFields.build(); + makeExtensionsImmutable(); + } + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership.class, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership.Builder.class); + } + + public static final int MEMBERSHIP_FIELD_NUMBER = 1; + private int membership_; + /** + * + * + * 
+       * Indicates whether the binding includes the member.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @return The enum numeric value on the wire for membership. + */ + @java.lang.Override + public int getMembershipValue() { + return membership_; + } + /** + * + * + * 
+       * Indicates whether the binding includes the member.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @return The membership. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + getMembership() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership result = + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership.valueOf( + membership_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + .UNRECOGNIZED + : result; + } + + public static final int RELEVANCE_FIELD_NUMBER = 2; + private int relevance_; + /** + * + * + * 
+       * The relevance of the member's status to the overall determination for the
+       * binding.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @return The enum numeric value on the wire for relevance. + */ + @java.lang.Override + public int getRelevanceValue() { + return relevance_; + } + /** + * + * + * 
+       * The relevance of the member's status to the overall determination for the
+       * binding.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @return The relevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf( + relevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + + private byte memoizedIsInitialized = -1; + + @java.lang.Override + public final boolean isInitialized() { + byte isInitialized = memoizedIsInitialized; + if (isInitialized == 1) return true; + if (isInitialized == 0) return false; + + memoizedIsInitialized = 1; + return true; + } + + @java.lang.Override + public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException { + if (membership_ + != google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + .MEMBERSHIP_UNSPECIFIED + .getNumber()) { + output.writeEnum(1, membership_); + } + if (relevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + output.writeEnum(2, relevance_); + } + unknownFields.writeTo(output); + } + + @java.lang.Override + public int getSerializedSize() { + int size = memoizedSize; + if (size != -1) return size; + + size = 0; + if (membership_ + != google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + .MEMBERSHIP_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(1, membership_); + } + if (relevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(2, relevance_); + } + size += unknownFields.getSerializedSize(); + memoizedSize = size; + return size; + } + + @java.lang.Override + public boolean equals(final java.lang.Object obj) { + if (obj == this) { + return true; + } + if (!(obj + instanceof + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership)) { + return super.equals(obj); + } + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + other = + (google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership) + obj; + + if (membership_ != other.membership_) return false; + if (relevance_ != other.relevance_) return false; + if (!unknownFields.equals(other.unknownFields)) return false; + return true; + } + + @java.lang.Override + public int hashCode() { + if (memoizedHashCode != 0) { + return memoizedHashCode; + } + int hash = 41; + hash = (19 * hash) + getDescriptor().hashCode(); + hash = (37 * hash) + MEMBERSHIP_FIELD_NUMBER; + hash = (53 * hash) + membership_; + hash = (37 * hash) + RELEVANCE_FIELD_NUMBER; + hash = (53 * hash) + relevance_; + hash = (29 * hash) + unknownFields.hashCode(); + memoizedHashCode = hash; + return hash; + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom(java.nio.ByteBuffer data) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom( + java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom(com.google.protobuf.ByteString data) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom( + com.google.protobuf.ByteString data, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom(java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom( + java.io.InputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseDelimitedFrom( + java.io.InputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom(com.google.protobuf.CodedInputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + parseFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + @java.lang.Override + public Builder newBuilderForType() { + return newBuilder(); + } + + public static Builder newBuilder() { + return DEFAULT_INSTANCE.toBuilder(); + } + + public static Builder newBuilder( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + prototype) { + return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype); + } + + @java.lang.Override + public Builder toBuilder() { + return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this); + } + + @java.lang.Override + protected Builder newBuilderForType( + com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + Builder builder = new Builder(parent); + return builder; + } + /** + * + * + * 
+       * Details about whether the binding includes the member.
+       *
+ * + * Protobuf type {@code + * google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership} + */ + public static final class Builder + extends com.google.protobuf.GeneratedMessageV3.Builder + implements + // @@protoc_insertion_point(builder_implements:google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership) + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembershipOrBuilder { + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership.class, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership.Builder.class); + } + + // Construct using + // google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership.newBuilder() + private Builder() { + maybeForceBuilderInitialization(); + } + + private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + super(parent); + maybeForceBuilderInitialization(); + } + + private void maybeForceBuilderInitialization() { + if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {} + } + + @java.lang.Override + public Builder clear() { + super.clear(); + membership_ = 0; + + relevance_ = 0; + + return this; + } + + @java.lang.Override + public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_descriptor; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + getDefaultInstanceForType() { + return google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership.getDefaultInstance(); + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + build() { + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + result = buildPartial(); + if (!result.isInitialized()) { + throw newUninitializedMessageException(result); + } + return result; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + buildPartial() { + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + result = + new google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership(this); + result.membership_ = membership_; + result.relevance_ = relevance_; + onBuilt(); + return result; + } + + @java.lang.Override + public Builder clone() { + return super.clone(); + } + + @java.lang.Override + public Builder setField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.setField(field, value); + } + + @java.lang.Override + public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) { + return super.clearField(field); + } + + @java.lang.Override + public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) { + return super.clearOneof(oneof); + } + + @java.lang.Override + public Builder setRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, + int index, + java.lang.Object value) { + return super.setRepeatedField(field, index, value); + } + + @java.lang.Override + public Builder addRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.addRepeatedField(field, value); + } + + @java.lang.Override + public Builder mergeFrom(com.google.protobuf.Message other) { + if (other + instanceof + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership) { + return mergeFrom( + (google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership) + other); + } else { + super.mergeFrom(other); + return this; + } + } + + public Builder mergeFrom( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + other) { + if (other + == google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership.getDefaultInstance()) return this; + if (other.membership_ != 0) { + setMembershipValue(other.getMembershipValue()); + } + if (other.relevance_ != 0) { + setRelevanceValue(other.getRelevanceValue()); + } + this.mergeUnknownFields(other.unknownFields); + onChanged(); + return this; + } + + @java.lang.Override + public final boolean isInitialized() { + return true; + } + + @java.lang.Override + public Builder mergeFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + parsedMessage = null; + try { + parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry); + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + parsedMessage = + (google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership) + e.getUnfinishedMessage(); + throw e.unwrapIOException(); + } finally { + if (parsedMessage != null) { + mergeFrom(parsedMessage); + } + } + return this; + } + + private int membership_ = 0; + /** + * + * + * 
+         * Indicates whether the binding includes the member.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @return The enum numeric value on the wire for membership. + */ + @java.lang.Override + public int getMembershipValue() { + return membership_; + } + /** + * + * + * 
+         * Indicates whether the binding includes the member.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @param value The enum numeric value on the wire for membership to set. + * @return This builder for chaining. + */ + public Builder setMembershipValue(int value) { + + membership_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+         * Indicates whether the binding includes the member.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @return The membership. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + getMembership() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership result = + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + .valueOf(membership_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership + .UNRECOGNIZED + : result; + } + /** + * + * + * 
+         * Indicates whether the binding includes the member.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @param value The membership to set. + * @return This builder for chaining. + */ + public Builder setMembership( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Membership value) { + if (value == null) { + throw new NullPointerException(); + } + + membership_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+         * Indicates whether the binding includes the member.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.Membership membership = 1; + * + * + * @return This builder for chaining. + */ + public Builder clearMembership() { + + membership_ = 0; + onChanged(); + return this; + } + + private int relevance_ = 0; + /** + * + * + * 
+         * The relevance of the member's status to the overall determination for the
+         * binding.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @return The enum numeric value on the wire for relevance. + */ + @java.lang.Override + public int getRelevanceValue() { + return relevance_; + } + /** + * + * + * 
+         * The relevance of the member's status to the overall determination for the
+         * binding.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @param value The enum numeric value on the wire for relevance to set. + * @return This builder for chaining. + */ + public Builder setRelevanceValue(int value) { + + relevance_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+         * The relevance of the member's status to the overall determination for the
+         * binding.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @return The relevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf( + relevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + /** + * + * + * 
+         * The relevance of the member's status to the overall determination for the
+         * binding.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @param value The relevance to set. + * @return This builder for chaining. + */ + public Builder setRelevance( + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance value) { + if (value == null) { + throw new NullPointerException(); + } + + relevance_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+         * The relevance of the member's status to the overall determination for the
+         * binding.
+         *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 2; + * + * @return This builder for chaining. + */ + public Builder clearRelevance() { + + relevance_ = 0; + onChanged(); + return this; + } + + @java.lang.Override + public final Builder setUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.setUnknownFields(unknownFields); + } + + @java.lang.Override + public final Builder mergeUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.mergeUnknownFields(unknownFields); + } + + // @@protoc_insertion_point(builder_scope:google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership) + } + + // @@protoc_insertion_point(class_scope:google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership) + private static final google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + DEFAULT_INSTANCE; + + static { + DEFAULT_INSTANCE = + new google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership(); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + getDefaultInstance() { + return DEFAULT_INSTANCE; + } + + private static final com.google.protobuf.Parser PARSER = + new com.google.protobuf.AbstractParser() { + @java.lang.Override + public AnnotatedMembership parsePartialFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return new AnnotatedMembership(input, extensionRegistry); + } + }; + + public static com.google.protobuf.Parser parser() { + return PARSER; + } + + @java.lang.Override + public com.google.protobuf.Parser getParserForType() { + return PARSER; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + getDefaultInstanceForType() { + return DEFAULT_INSTANCE; + } + } + + public static final int ACCESS_FIELD_NUMBER = 1; + private int access_; + /** + * + * + * 
+     * Required. Indicates whether _this binding_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another binding that overrides
+     * this binding. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @return The enum numeric value on the wire for access. + */ + @java.lang.Override + public int getAccessValue() { + return access_; + } + /** + * + * + * 
+     * Required. Indicates whether _this binding_ provides the specified permission to the
+     * specified member for the specified resource.
+     * This field does _not_ indicate whether the member actually has the
+     * permission for the resource. There might be another binding that overrides
+     * this binding. To determine whether the member actually has the permission,
+     * use the `access` field in the
+     * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @return The access. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.AccessState result = + google.cloud.policytroubleshooter.v1.Explanations.AccessState.valueOf(access_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessState.UNRECOGNIZED + : result; + } + + public static final int ROLE_FIELD_NUMBER = 2; + private volatile java.lang.Object role_; + /** + * + * + * 
+     * The role that this binding grants. For example,
+     * `roles/compute.serviceAgent`.
+     * For a complete list of predefined IAM roles, as well as the permissions in
+     * each role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string role = 2; + * + * @return The role. + */ + @java.lang.Override + public java.lang.String getRole() { + java.lang.Object ref = role_; + if (ref instanceof java.lang.String) { + return (java.lang.String) ref; + } else { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + role_ = s; + return s; + } + } + /** + * + * + * 
+     * The role that this binding grants. For example,
+     * `roles/compute.serviceAgent`.
+     * For a complete list of predefined IAM roles, as well as the permissions in
+     * each role, see https://cloud.google.com/iam/help/roles/reference.
+     *
+ * + * string role = 2; + * + * @return The bytes for role. + */ + @java.lang.Override + public com.google.protobuf.ByteString getRoleBytes() { + java.lang.Object ref = role_; + if (ref instanceof java.lang.String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + role_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + + public static final int ROLE_PERMISSION_FIELD_NUMBER = 3; + private int rolePermission_; + /** + * + * + * 
+     * Indicates whether the role granted by this binding contains the specified
+     * permission.
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @return The enum numeric value on the wire for rolePermission. + */ + @java.lang.Override + public int getRolePermissionValue() { + return rolePermission_; + } + /** + * + * + * 
+     * Indicates whether the role granted by this binding contains the specified
+     * permission.
+     *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @return The rolePermission. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + getRolePermission() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission result = + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + .valueOf(rolePermission_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + .UNRECOGNIZED + : result; + } + + public static final int ROLE_PERMISSION_RELEVANCE_FIELD_NUMBER = 4; + private int rolePermissionRelevance_; + /** + * + * + * 
+     * The relevance of the permission's existence, or nonexistence, in the role
+     * to the overall determination for the entire policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @return The enum numeric value on the wire for rolePermissionRelevance. + */ + @java.lang.Override + public int getRolePermissionRelevanceValue() { + return rolePermissionRelevance_; + } + /** + * + * + * 
+     * The relevance of the permission's existence, or nonexistence, in the role
+     * to the overall determination for the entire policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @return The rolePermissionRelevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + getRolePermissionRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf( + rolePermissionRelevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + + public static final int MEMBERSHIPS_FIELD_NUMBER = 5; + + private static final class MembershipsDefaultEntryHolder { + static final com.google.protobuf.MapEntry< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + defaultEntry = + com.google.protobuf.MapEntry + . + newDefaultInstance( + google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_MembershipsEntry_descriptor, + com.google.protobuf.WireFormat.FieldType.STRING, + "", + com.google.protobuf.WireFormat.FieldType.MESSAGE, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership.getDefaultInstance()); + } + + private com.google.protobuf.MapField< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + memberships_; + + private com.google.protobuf.MapField< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + internalGetMemberships() { + if (memberships_ == null) { + return com.google.protobuf.MapField.emptyMapField( + MembershipsDefaultEntryHolder.defaultEntry); + } + return memberships_; + } + + public int getMembershipsCount() { + return internalGetMemberships().getMap().size(); + } + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public boolean containsMemberships(java.lang.String key) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + return internalGetMemberships().getMap().containsKey(key); + } + /** Use {@link #getMembershipsMap()} instead. */ + @java.lang.Override + @java.lang.Deprecated + public java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + getMemberships() { + return getMembershipsMap(); + } + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + getMembershipsMap() { + return internalGetMemberships().getMap(); + } + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + getMembershipsOrDefault( + java.lang.String key, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + defaultValue) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + map = internalGetMemberships().getMap(); + return map.containsKey(key) ? map.get(key) : defaultValue; + } + /** + * + * + * 
+     * Indicates whether each member in the binding includes the member specified
+     * in the request, either directly or indirectly. Each key identifies a member
+     * in the binding, and each value indicates whether the member in the binding
+     * includes the member in the request.
+     * For example, suppose that a binding includes the following members:
+     * * `user:alice@example.com`
+     * * `group:product-eng@example.com`
+     * You want to troubleshoot access for `user:bob@example.com`. This user is a
+     * member of the group `group:product-eng@example.com`.
+     * For the first member in the binding, the key is `user:alice@example.com`,
+     * and the `membership` field in the value is set to
+     * `MEMBERSHIP_NOT_INCLUDED`.
+     * For the second member in the binding, the key is
+     * `group:product-eng@example.com`, and the `membership` field in the value is
+     * set to `MEMBERSHIP_INCLUDED`.
+     *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + getMembershipsOrThrow(java.lang.String key) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + map = internalGetMemberships().getMap(); + if (!map.containsKey(key)) { + throw new java.lang.IllegalArgumentException(); + } + return map.get(key); + } + + public static final int RELEVANCE_FIELD_NUMBER = 6; + private int relevance_; + /** + * + * + * 
+     * The relevance of this binding to the overall determination for the entire
+     * policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @return The enum numeric value on the wire for relevance. + */ + @java.lang.Override + public int getRelevanceValue() { + return relevance_; + } + /** + * + * + * 
+     * The relevance of this binding to the overall determination for the entire
+     * policy.
+     *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @return The relevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf(relevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + + public static final int CONDITION_FIELD_NUMBER = 7; + private com.google.type.Expr condition_; + /** + * + * + * 
+     * A condition expression that prevents access unless the expression evaluates
+     * to `true`.
+     * To learn about IAM Conditions, see
+     * http://cloud.google.com/iam/help/conditions/overview.
+     *
+ * + * .google.type.Expr condition = 7; + * + * @return Whether the condition field is set. + */ + @java.lang.Override + public boolean hasCondition() { + return condition_ != null; + } + /** + * + * + * 
+     * A condition expression that prevents access unless the expression evaluates
+     * to `true`.
+     * To learn about IAM Conditions, see
+     * http://cloud.google.com/iam/help/conditions/overview.
+     *
+ * + * .google.type.Expr condition = 7; + * + * @return The condition. + */ + @java.lang.Override + public com.google.type.Expr getCondition() { + return condition_ == null ? com.google.type.Expr.getDefaultInstance() : condition_; + } + /** + * + * + * 
+     * A condition expression that prevents access unless the expression evaluates
+     * to `true`.
+     * To learn about IAM Conditions, see
+     * http://cloud.google.com/iam/help/conditions/overview.
+     *
+ * + * .google.type.Expr condition = 7; + */ + @java.lang.Override + public com.google.type.ExprOrBuilder getConditionOrBuilder() { + return getCondition(); + } + + private byte memoizedIsInitialized = -1; + + @java.lang.Override + public final boolean isInitialized() { + byte isInitialized = memoizedIsInitialized; + if (isInitialized == 1) return true; + if (isInitialized == 0) return false; + + memoizedIsInitialized = 1; + return true; + } + + @java.lang.Override + public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException { + if (access_ + != google.cloud.policytroubleshooter.v1.Explanations.AccessState.ACCESS_STATE_UNSPECIFIED + .getNumber()) { + output.writeEnum(1, access_); + } + if (!getRoleBytes().isEmpty()) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 2, role_); + } + if (rolePermission_ + != google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + .ROLE_PERMISSION_UNSPECIFIED + .getNumber()) { + output.writeEnum(3, rolePermission_); + } + if (rolePermissionRelevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + output.writeEnum(4, rolePermissionRelevance_); + } + com.google.protobuf.GeneratedMessageV3.serializeStringMapTo( + output, internalGetMemberships(), MembershipsDefaultEntryHolder.defaultEntry, 5); + if (relevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + output.writeEnum(6, relevance_); + } + if (condition_ != null) { + output.writeMessage(7, getCondition()); + } + unknownFields.writeTo(output); + } + + @java.lang.Override + public int getSerializedSize() { + int size = memoizedSize; + if (size != -1) return size; + + size = 0; + if (access_ + != google.cloud.policytroubleshooter.v1.Explanations.AccessState.ACCESS_STATE_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(1, access_); + } + if (!getRoleBytes().isEmpty()) { + size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, role_); + } + if (rolePermission_ + != google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + .ROLE_PERMISSION_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(3, rolePermission_); + } + if (rolePermissionRelevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(4, rolePermissionRelevance_); + } + for (java.util.Map.Entry< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + entry : internalGetMemberships().getMap().entrySet()) { + com.google.protobuf.MapEntry< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + memberships__ = + MembershipsDefaultEntryHolder.defaultEntry + .newBuilderForType() + .setKey(entry.getKey()) + .setValue(entry.getValue()) + .build(); + size += com.google.protobuf.CodedOutputStream.computeMessageSize(5, memberships__); + } + if (relevance_ + != google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + .HEURISTIC_RELEVANCE_UNSPECIFIED + .getNumber()) { + size += com.google.protobuf.CodedOutputStream.computeEnumSize(6, relevance_); + } + if (condition_ != null) { + size += com.google.protobuf.CodedOutputStream.computeMessageSize(7, getCondition()); + } + size += unknownFields.getSerializedSize(); + memoizedSize = size; + return size; + } + + @java.lang.Override + public boolean equals(final java.lang.Object obj) { + if (obj == this) { + return true; + } + if (!(obj instanceof google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation)) { + return super.equals(obj); + } + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation other = + (google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation) obj; + + if (access_ != other.access_) return false; + if (!getRole().equals(other.getRole())) return false; + if (rolePermission_ != other.rolePermission_) return false; + if (rolePermissionRelevance_ != other.rolePermissionRelevance_) return false; + if (!internalGetMemberships().equals(other.internalGetMemberships())) return false; + if (relevance_ != other.relevance_) return false; + if (hasCondition() != other.hasCondition()) return false; + if (hasCondition()) { + if (!getCondition().equals(other.getCondition())) return false; + } + if (!unknownFields.equals(other.unknownFields)) return false; + return true; + } + + @java.lang.Override + public int hashCode() { + if (memoizedHashCode != 0) { + return memoizedHashCode; + } + int hash = 41; + hash = (19 * hash) + getDescriptor().hashCode(); + hash = (37 * hash) + ACCESS_FIELD_NUMBER; + hash = (53 * hash) + access_; + hash = (37 * hash) + ROLE_FIELD_NUMBER; + hash = (53 * hash) + getRole().hashCode(); + hash = (37 * hash) + ROLE_PERMISSION_FIELD_NUMBER; + hash = (53 * hash) + rolePermission_; + hash = (37 * hash) + ROLE_PERMISSION_RELEVANCE_FIELD_NUMBER; + hash = (53 * hash) + rolePermissionRelevance_; + if (!internalGetMemberships().getMap().isEmpty()) { + hash = (37 * hash) + MEMBERSHIPS_FIELD_NUMBER; + hash = (53 * hash) + internalGetMemberships().hashCode(); + } + hash = (37 * hash) + RELEVANCE_FIELD_NUMBER; + hash = (53 * hash) + relevance_; + if (hasCondition()) { + hash = (37 * hash) + CONDITION_FIELD_NUMBER; + hash = (53 * hash) + getCondition().hashCode(); + } + hash = (29 * hash) + unknownFields.hashCode(); + memoizedHashCode = hash; + return hash; + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + com.google.protobuf.ByteString data) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + com.google.protobuf.ByteString data, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + byte[] data) throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return PARSER.parseFrom(data, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + parseDelimitedFrom( + java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException( + PARSER, input, extensionRegistry); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + com.google.protobuf.CodedInputStream input) throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parseFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + return com.google.protobuf.GeneratedMessageV3.parseWithIOException( + PARSER, input, extensionRegistry); + } + + @java.lang.Override + public Builder newBuilderForType() { + return newBuilder(); + } + + public static Builder newBuilder() { + return DEFAULT_INSTANCE.toBuilder(); + } + + public static Builder newBuilder( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation prototype) { + return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype); + } + + @java.lang.Override + public Builder toBuilder() { + return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this); + } + + @java.lang.Override + protected Builder newBuilderForType( + com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + Builder builder = new Builder(parent); + return builder; + } + /** + * + * + * 
+     * Details about how a binding in a policy affects a member's ability to use a
+     * permission.
+     *
+ * + * Protobuf type {@code google.cloud.policytroubleshooter.v1.BindingExplanation} + */ + public static final class Builder + extends com.google.protobuf.GeneratedMessageV3.Builder + implements + // @@protoc_insertion_point(builder_implements:google.cloud.policytroubleshooter.v1.BindingExplanation) + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanationOrBuilder { + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor; + } + + @SuppressWarnings({"rawtypes"}) + protected com.google.protobuf.MapField internalGetMapField(int number) { + switch (number) { + case 5: + return internalGetMemberships(); + default: + throw new RuntimeException("Invalid map field number: " + number); + } + } + + @SuppressWarnings({"rawtypes"}) + protected com.google.protobuf.MapField internalGetMutableMapField(int number) { + switch (number) { + case 5: + return internalGetMutableMemberships(); + default: + throw new RuntimeException("Invalid map field number: " + number); + } + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_fieldAccessorTable + .ensureFieldAccessorsInitialized( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.class, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.Builder.class); + } + + // Construct using + // google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.newBuilder() + private Builder() { + maybeForceBuilderInitialization(); + } + + private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) { + super(parent); + maybeForceBuilderInitialization(); + } + + private void maybeForceBuilderInitialization() { + if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {} + } + + @java.lang.Override + public Builder clear() { + super.clear(); + access_ = 0; + + role_ = ""; + + rolePermission_ = 0; + + rolePermissionRelevance_ = 0; + + internalGetMutableMemberships().clear(); + relevance_ = 0; + + if (conditionBuilder_ == null) { + condition_ = null; + } else { + condition_ = null; + conditionBuilder_ = null; + } + return this; + } + + @java.lang.Override + public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() { + return google.cloud.policytroubleshooter.v1.Explanations + .internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + getDefaultInstanceForType() { + return google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .getDefaultInstance(); + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation build() { + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation result = + buildPartial(); + if (!result.isInitialized()) { + throw newUninitializedMessageException(result); + } + return result; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation buildPartial() { + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation result = + new google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation(this); + int from_bitField0_ = bitField0_; + result.access_ = access_; + result.role_ = role_; + result.rolePermission_ = rolePermission_; + result.rolePermissionRelevance_ = rolePermissionRelevance_; + result.memberships_ = internalGetMemberships(); + result.memberships_.makeImmutable(); + result.relevance_ = relevance_; + if (conditionBuilder_ == null) { + result.condition_ = condition_; + } else { + result.condition_ = conditionBuilder_.build(); + } + onBuilt(); + return result; + } + + @java.lang.Override + public Builder clone() { + return super.clone(); + } + + @java.lang.Override + public Builder setField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.setField(field, value); + } + + @java.lang.Override + public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) { + return super.clearField(field); + } + + @java.lang.Override + public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) { + return super.clearOneof(oneof); + } + + @java.lang.Override + public Builder setRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, + int index, + java.lang.Object value) { + return super.setRepeatedField(field, index, value); + } + + @java.lang.Override + public Builder addRepeatedField( + com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) { + return super.addRepeatedField(field, value); + } + + @java.lang.Override + public Builder mergeFrom(com.google.protobuf.Message other) { + if (other instanceof google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation) { + return mergeFrom( + (google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation) other); + } else { + super.mergeFrom(other); + return this; + } + } + + public Builder mergeFrom( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation other) { + if (other + == google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .getDefaultInstance()) return this; + if (other.access_ != 0) { + setAccessValue(other.getAccessValue()); + } + if (!other.getRole().isEmpty()) { + role_ = other.role_; + onChanged(); + } + if (other.rolePermission_ != 0) { + setRolePermissionValue(other.getRolePermissionValue()); + } + if (other.rolePermissionRelevance_ != 0) { + setRolePermissionRelevanceValue(other.getRolePermissionRelevanceValue()); + } + internalGetMutableMemberships().mergeFrom(other.internalGetMemberships()); + if (other.relevance_ != 0) { + setRelevanceValue(other.getRelevanceValue()); + } + if (other.hasCondition()) { + mergeCondition(other.getCondition()); + } + this.mergeUnknownFields(other.unknownFields); + onChanged(); + return this; + } + + @java.lang.Override + public final boolean isInitialized() { + return true; + } + + @java.lang.Override + public Builder mergeFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws java.io.IOException { + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation parsedMessage = null; + try { + parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry); + } catch (com.google.protobuf.InvalidProtocolBufferException e) { + parsedMessage = + (google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation) + e.getUnfinishedMessage(); + throw e.unwrapIOException(); + } finally { + if (parsedMessage != null) { + mergeFrom(parsedMessage); + } + } + return this; + } + + private int bitField0_; + + private int access_ = 0; + /** + * + * + * 
+       * Required. Indicates whether _this binding_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another binding that overrides
+       * this binding. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @return The enum numeric value on the wire for access. + */ + @java.lang.Override + public int getAccessValue() { + return access_; + } + /** + * + * + * 
+       * Required. Indicates whether _this binding_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another binding that overrides
+       * this binding. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @param value The enum numeric value on the wire for access to set. + * @return This builder for chaining. + */ + public Builder setAccessValue(int value) { + + access_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. Indicates whether _this binding_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another binding that overrides
+       * this binding. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @return The access. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.AccessState getAccess() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.AccessState result = + google.cloud.policytroubleshooter.v1.Explanations.AccessState.valueOf(access_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.AccessState.UNRECOGNIZED + : result; + } + /** + * + * + * 
+       * Required. Indicates whether _this binding_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another binding that overrides
+       * this binding. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @param value The access to set. + * @return This builder for chaining. + */ + public Builder setAccess( + google.cloud.policytroubleshooter.v1.Explanations.AccessState value) { + if (value == null) { + throw new NullPointerException(); + } + + access_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+       * Required. Indicates whether _this binding_ provides the specified permission to the
+       * specified member for the specified resource.
+       * This field does _not_ indicate whether the member actually has the
+       * permission for the resource. There might be another binding that overrides
+       * this binding. To determine whether the member actually has the permission,
+       * use the `access` field in the
+       * [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED]; + * + * + * @return This builder for chaining. + */ + public Builder clearAccess() { + + access_ = 0; + onChanged(); + return this; + } + + private java.lang.Object role_ = ""; + /** + * + * + * 
+       * The role that this binding grants. For example,
+       * `roles/compute.serviceAgent`.
+       * For a complete list of predefined IAM roles, as well as the permissions in
+       * each role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string role = 2; + * + * @return The role. + */ + public java.lang.String getRole() { + java.lang.Object ref = role_; + if (!(ref instanceof java.lang.String)) { + com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + role_ = s; + return s; + } else { + return (java.lang.String) ref; + } + } + /** + * + * + * 
+       * The role that this binding grants. For example,
+       * `roles/compute.serviceAgent`.
+       * For a complete list of predefined IAM roles, as well as the permissions in
+       * each role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string role = 2; + * + * @return The bytes for role. + */ + public com.google.protobuf.ByteString getRoleBytes() { + java.lang.Object ref = role_; + if (ref instanceof String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref); + role_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + /** + * + * + * 
+       * The role that this binding grants. For example,
+       * `roles/compute.serviceAgent`.
+       * For a complete list of predefined IAM roles, as well as the permissions in
+       * each role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string role = 2; + * + * @param value The role to set. + * @return This builder for chaining. + */ + public Builder setRole(java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + + role_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * The role that this binding grants. For example,
+       * `roles/compute.serviceAgent`.
+       * For a complete list of predefined IAM roles, as well as the permissions in
+       * each role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string role = 2; + * + * @return This builder for chaining. + */ + public Builder clearRole() { + + role_ = getDefaultInstance().getRole(); + onChanged(); + return this; + } + /** + * + * + * 
+       * The role that this binding grants. For example,
+       * `roles/compute.serviceAgent`.
+       * For a complete list of predefined IAM roles, as well as the permissions in
+       * each role, see https://cloud.google.com/iam/help/roles/reference.
+       *
+ * + * string role = 2; + * + * @param value The bytes for role to set. + * @return This builder for chaining. + */ + public Builder setRoleBytes(com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + + role_ = value; + onChanged(); + return this; + } + + private int rolePermission_ = 0; + /** + * + * + * 
+       * Indicates whether the role granted by this binding contains the specified
+       * permission.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @return The enum numeric value on the wire for rolePermission. + */ + @java.lang.Override + public int getRolePermissionValue() { + return rolePermission_; + } + /** + * + * + * 
+       * Indicates whether the role granted by this binding contains the specified
+       * permission.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @param value The enum numeric value on the wire for rolePermission to set. + * @return This builder for chaining. + */ + public Builder setRolePermissionValue(int value) { + + rolePermission_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * Indicates whether the role granted by this binding contains the specified
+       * permission.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @return The rolePermission. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + getRolePermission() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission result = + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + .valueOf(rolePermission_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + .UNRECOGNIZED + : result; + } + /** + * + * + * 
+       * Indicates whether the role granted by this binding contains the specified
+       * permission.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @param value The rolePermission to set. + * @return This builder for chaining. + */ + public Builder setRolePermission( + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.RolePermission + value) { + if (value == null) { + throw new NullPointerException(); + } + + rolePermission_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+       * Indicates whether the role granted by this binding contains the specified
+       * permission.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3; + * + * + * @return This builder for chaining. + */ + public Builder clearRolePermission() { + + rolePermission_ = 0; + onChanged(); + return this; + } + + private int rolePermissionRelevance_ = 0; + /** + * + * + * 
+       * The relevance of the permission's existence, or nonexistence, in the role
+       * to the overall determination for the entire policy.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @return The enum numeric value on the wire for rolePermissionRelevance. + */ + @java.lang.Override + public int getRolePermissionRelevanceValue() { + return rolePermissionRelevance_; + } + /** + * + * + * 
+       * The relevance of the permission's existence, or nonexistence, in the role
+       * to the overall determination for the entire policy.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @param value The enum numeric value on the wire for rolePermissionRelevance to set. + * @return This builder for chaining. + */ + public Builder setRolePermissionRelevanceValue(int value) { + + rolePermissionRelevance_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * The relevance of the permission's existence, or nonexistence, in the role
+       * to the overall determination for the entire policy.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @return The rolePermissionRelevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance + getRolePermissionRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf( + rolePermissionRelevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + /** + * + * + * 
+       * The relevance of the permission's existence, or nonexistence, in the role
+       * to the overall determination for the entire policy.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @param value The rolePermissionRelevance to set. + * @return This builder for chaining. + */ + public Builder setRolePermissionRelevance( + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance value) { + if (value == null) { + throw new NullPointerException(); + } + + rolePermissionRelevance_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+       * The relevance of the permission's existence, or nonexistence, in the role
+       * to the overall determination for the entire policy.
+       *
+ * + * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4; + * + * + * @return This builder for chaining. + */ + public Builder clearRolePermissionRelevance() { + + rolePermissionRelevance_ = 0; + onChanged(); + return this; + } + + private com.google.protobuf.MapField< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + memberships_; + + private com.google.protobuf.MapField< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + internalGetMemberships() { + if (memberships_ == null) { + return com.google.protobuf.MapField.emptyMapField( + MembershipsDefaultEntryHolder.defaultEntry); + } + return memberships_; + } + + private com.google.protobuf.MapField< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + internalGetMutableMemberships() { + onChanged(); + ; + if (memberships_ == null) { + memberships_ = + com.google.protobuf.MapField.newMapField(MembershipsDefaultEntryHolder.defaultEntry); + } + if (!memberships_.isMutable()) { + memberships_ = memberships_.copy(); + } + return memberships_; + } + + public int getMembershipsCount() { + return internalGetMemberships().getMap().size(); + } + /** + * + * + * 
+       * Indicates whether each member in the binding includes the member specified
+       * in the request, either directly or indirectly. Each key identifies a member
+       * in the binding, and each value indicates whether the member in the binding
+       * includes the member in the request.
+       * For example, suppose that a binding includes the following members:
+       * * `user:alice@example.com`
+       * * `group:product-eng@example.com`
+       * You want to troubleshoot access for `user:bob@example.com`. This user is a
+       * member of the group `group:product-eng@example.com`.
+       * For the first member in the binding, the key is `user:alice@example.com`,
+       * and the `membership` field in the value is set to
+       * `MEMBERSHIP_NOT_INCLUDED`.
+       * For the second member in the binding, the key is
+       * `group:product-eng@example.com`, and the `membership` field in the value is
+       * set to `MEMBERSHIP_INCLUDED`.
+       *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public boolean containsMemberships(java.lang.String key) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + return internalGetMemberships().getMap().containsKey(key); + } + /** Use {@link #getMembershipsMap()} instead. */ + @java.lang.Override + @java.lang.Deprecated + public java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + getMemberships() { + return getMembershipsMap(); + } + /** + * + * + * 
+       * Indicates whether each member in the binding includes the member specified
+       * in the request, either directly or indirectly. Each key identifies a member
+       * in the binding, and each value indicates whether the member in the binding
+       * includes the member in the request.
+       * For example, suppose that a binding includes the following members:
+       * * `user:alice@example.com`
+       * * `group:product-eng@example.com`
+       * You want to troubleshoot access for `user:bob@example.com`. This user is a
+       * member of the group `group:product-eng@example.com`.
+       * For the first member in the binding, the key is `user:alice@example.com`,
+       * and the `membership` field in the value is set to
+       * `MEMBERSHIP_NOT_INCLUDED`.
+       * For the second member in the binding, the key is
+       * `group:product-eng@example.com`, and the `membership` field in the value is
+       * set to `MEMBERSHIP_INCLUDED`.
+       *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + getMembershipsMap() { + return internalGetMemberships().getMap(); + } + /** + * + * + * 
+       * Indicates whether each member in the binding includes the member specified
+       * in the request, either directly or indirectly. Each key identifies a member
+       * in the binding, and each value indicates whether the member in the binding
+       * includes the member in the request.
+       * For example, suppose that a binding includes the following members:
+       * * `user:alice@example.com`
+       * * `group:product-eng@example.com`
+       * You want to troubleshoot access for `user:bob@example.com`. This user is a
+       * member of the group `group:product-eng@example.com`.
+       * For the first member in the binding, the key is `user:alice@example.com`,
+       * and the `membership` field in the value is set to
+       * `MEMBERSHIP_NOT_INCLUDED`.
+       * For the second member in the binding, the key is
+       * `group:product-eng@example.com`, and the `membership` field in the value is
+       * set to `MEMBERSHIP_INCLUDED`.
+       *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + getMembershipsOrDefault( + java.lang.String key, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + defaultValue) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + map = internalGetMemberships().getMap(); + return map.containsKey(key) ? map.get(key) : defaultValue; + } + /** + * + * + * 
+       * Indicates whether each member in the binding includes the member specified
+       * in the request, either directly or indirectly. Each key identifies a member
+       * in the binding, and each value indicates whether the member in the binding
+       * includes the member in the request.
+       * For example, suppose that a binding includes the following members:
+       * * `user:alice@example.com`
+       * * `group:product-eng@example.com`
+       * You want to troubleshoot access for `user:bob@example.com`. This user is a
+       * member of the group `group:product-eng@example.com`.
+       * For the first member in the binding, the key is `user:alice@example.com`,
+       * and the `membership` field in the value is set to
+       * `MEMBERSHIP_NOT_INCLUDED`.
+       * For the second member in the binding, the key is
+       * `group:product-eng@example.com`, and the `membership` field in the value is
+       * set to `MEMBERSHIP_INCLUDED`.
+       *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership + getMembershipsOrThrow(java.lang.String key) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + map = internalGetMemberships().getMap(); + if (!map.containsKey(key)) { + throw new java.lang.IllegalArgumentException(); + } + return map.get(key); + } + + public Builder clearMemberships() { + internalGetMutableMemberships().getMutableMap().clear(); + return this; + } + /** + * + * + * 
+       * Indicates whether each member in the binding includes the member specified
+       * in the request, either directly or indirectly. Each key identifies a member
+       * in the binding, and each value indicates whether the member in the binding
+       * includes the member in the request.
+       * For example, suppose that a binding includes the following members:
+       * * `user:alice@example.com`
+       * * `group:product-eng@example.com`
+       * You want to troubleshoot access for `user:bob@example.com`. This user is a
+       * member of the group `group:product-eng@example.com`.
+       * For the first member in the binding, the key is `user:alice@example.com`,
+       * and the `membership` field in the value is set to
+       * `MEMBERSHIP_NOT_INCLUDED`.
+       * For the second member in the binding, the key is
+       * `group:product-eng@example.com`, and the `membership` field in the value is
+       * set to `MEMBERSHIP_INCLUDED`.
+       *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + public Builder removeMemberships(java.lang.String key) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + internalGetMutableMemberships().getMutableMap().remove(key); + return this; + } + /** Use alternate mutation accessors instead. */ + @java.lang.Deprecated + public java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + getMutableMemberships() { + return internalGetMutableMemberships().getMutableMap(); + } + /** + * + * + * 
+       * Indicates whether each member in the binding includes the member specified
+       * in the request, either directly or indirectly. Each key identifies a member
+       * in the binding, and each value indicates whether the member in the binding
+       * includes the member in the request.
+       * For example, suppose that a binding includes the following members:
+       * * `user:alice@example.com`
+       * * `group:product-eng@example.com`
+       * You want to troubleshoot access for `user:bob@example.com`. This user is a
+       * member of the group `group:product-eng@example.com`.
+       * For the first member in the binding, the key is `user:alice@example.com`,
+       * and the `membership` field in the value is set to
+       * `MEMBERSHIP_NOT_INCLUDED`.
+       * For the second member in the binding, the key is
+       * `group:product-eng@example.com`, and the `membership` field in the value is
+       * set to `MEMBERSHIP_INCLUDED`.
+       *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + public Builder putMemberships( + java.lang.String key, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation.AnnotatedMembership + value) { + if (key == null) { + throw new java.lang.NullPointerException(); + } + if (value == null) { + throw new java.lang.NullPointerException(); + } + internalGetMutableMemberships().getMutableMap().put(key, value); + return this; + } + /** + * + * + * 
+       * Indicates whether each member in the binding includes the member specified
+       * in the request, either directly or indirectly. Each key identifies a member
+       * in the binding, and each value indicates whether the member in the binding
+       * includes the member in the request.
+       * For example, suppose that a binding includes the following members:
+       * * `user:alice@example.com`
+       * * `group:product-eng@example.com`
+       * You want to troubleshoot access for `user:bob@example.com`. This user is a
+       * member of the group `group:product-eng@example.com`.
+       * For the first member in the binding, the key is `user:alice@example.com`,
+       * and the `membership` field in the value is set to
+       * `MEMBERSHIP_NOT_INCLUDED`.
+       * For the second member in the binding, the key is
+       * `group:product-eng@example.com`, and the `membership` field in the value is
+       * set to `MEMBERSHIP_INCLUDED`.
+       *
+ * + * + * map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5; + * + */ + public Builder putAllMemberships( + java.util.Map< + java.lang.String, + google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + .AnnotatedMembership> + values) { + internalGetMutableMemberships().getMutableMap().putAll(values); + return this; + } + + private int relevance_ = 0; + /** + * + * + * 
+       * The relevance of this binding to the overall determination for the entire
+       * policy.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @return The enum numeric value on the wire for relevance. + */ + @java.lang.Override + public int getRelevanceValue() { + return relevance_; + } + /** + * + * + * 
+       * The relevance of this binding to the overall determination for the entire
+       * policy.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @param value The enum numeric value on the wire for relevance to set. + * @return This builder for chaining. + */ + public Builder setRelevanceValue(int value) { + + relevance_ = value; + onChanged(); + return this; + } + /** + * + * + * 
+       * The relevance of this binding to the overall determination for the entire
+       * policy.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @return The relevance. + */ + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance getRelevance() { + @SuppressWarnings("deprecation") + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance result = + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.valueOf( + relevance_); + return result == null + ? google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance.UNRECOGNIZED + : result; + } + /** + * + * + * 
+       * The relevance of this binding to the overall determination for the entire
+       * policy.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @param value The relevance to set. + * @return This builder for chaining. + */ + public Builder setRelevance( + google.cloud.policytroubleshooter.v1.Explanations.HeuristicRelevance value) { + if (value == null) { + throw new NullPointerException(); + } + + relevance_ = value.getNumber(); + onChanged(); + return this; + } + /** + * + * + * 
+       * The relevance of this binding to the overall determination for the entire
+       * policy.
+       *
+ * + * .google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6; + * + * @return This builder for chaining. + */ + public Builder clearRelevance() { + + relevance_ = 0; + onChanged(); + return this; + } + + private com.google.type.Expr condition_; + private com.google.protobuf.SingleFieldBuilderV3< + com.google.type.Expr, com.google.type.Expr.Builder, com.google.type.ExprOrBuilder> + conditionBuilder_; + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + * + * @return Whether the condition field is set. + */ + public boolean hasCondition() { + return conditionBuilder_ != null || condition_ != null; + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + * + * @return The condition. + */ + public com.google.type.Expr getCondition() { + if (conditionBuilder_ == null) { + return condition_ == null ? com.google.type.Expr.getDefaultInstance() : condition_; + } else { + return conditionBuilder_.getMessage(); + } + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + */ + public Builder setCondition(com.google.type.Expr value) { + if (conditionBuilder_ == null) { + if (value == null) { + throw new NullPointerException(); + } + condition_ = value; + onChanged(); + } else { + conditionBuilder_.setMessage(value); + } + + return this; + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + */ + public Builder setCondition(com.google.type.Expr.Builder builderForValue) { + if (conditionBuilder_ == null) { + condition_ = builderForValue.build(); + onChanged(); + } else { + conditionBuilder_.setMessage(builderForValue.build()); + } + + return this; + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + */ + public Builder mergeCondition(com.google.type.Expr value) { + if (conditionBuilder_ == null) { + if (condition_ != null) { + condition_ = + com.google.type.Expr.newBuilder(condition_).mergeFrom(value).buildPartial(); + } else { + condition_ = value; + } + onChanged(); + } else { + conditionBuilder_.mergeFrom(value); + } + + return this; + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + */ + public Builder clearCondition() { + if (conditionBuilder_ == null) { + condition_ = null; + onChanged(); + } else { + condition_ = null; + conditionBuilder_ = null; + } + + return this; + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + */ + public com.google.type.Expr.Builder getConditionBuilder() { + + onChanged(); + return getConditionFieldBuilder().getBuilder(); + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + */ + public com.google.type.ExprOrBuilder getConditionOrBuilder() { + if (conditionBuilder_ != null) { + return conditionBuilder_.getMessageOrBuilder(); + } else { + return condition_ == null ? com.google.type.Expr.getDefaultInstance() : condition_; + } + } + /** + * + * + * 
+       * A condition expression that prevents access unless the expression evaluates
+       * to `true`.
+       * To learn about IAM Conditions, see
+       * http://cloud.google.com/iam/help/conditions/overview.
+       *
+ * + * .google.type.Expr condition = 7; + */ + private com.google.protobuf.SingleFieldBuilderV3< + com.google.type.Expr, com.google.type.Expr.Builder, com.google.type.ExprOrBuilder> + getConditionFieldBuilder() { + if (conditionBuilder_ == null) { + conditionBuilder_ = + new com.google.protobuf.SingleFieldBuilderV3< + com.google.type.Expr, + com.google.type.Expr.Builder, + com.google.type.ExprOrBuilder>(getCondition(), getParentForChildren(), isClean()); + condition_ = null; + } + return conditionBuilder_; + } + + @java.lang.Override + public final Builder setUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.setUnknownFields(unknownFields); + } + + @java.lang.Override + public final Builder mergeUnknownFields( + final com.google.protobuf.UnknownFieldSet unknownFields) { + return super.mergeUnknownFields(unknownFields); + } + + // @@protoc_insertion_point(builder_scope:google.cloud.policytroubleshooter.v1.BindingExplanation) + } + + // @@protoc_insertion_point(class_scope:google.cloud.policytroubleshooter.v1.BindingExplanation) + private static final google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + DEFAULT_INSTANCE; + + static { + DEFAULT_INSTANCE = new google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation(); + } + + public static google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + getDefaultInstance() { + return DEFAULT_INSTANCE; + } + + private static final com.google.protobuf.Parser PARSER = + new com.google.protobuf.AbstractParser() { + @java.lang.Override + public BindingExplanation parsePartialFrom( + com.google.protobuf.CodedInputStream input, + com.google.protobuf.ExtensionRegistryLite extensionRegistry) + throws com.google.protobuf.InvalidProtocolBufferException { + return new BindingExplanation(input, extensionRegistry); + } + }; + + public static com.google.protobuf.Parser parser() { + return PARSER; + } + + @java.lang.Override + public com.google.protobuf.Parser getParserForType() { + return PARSER; + } + + @java.lang.Override + public google.cloud.policytroubleshooter.v1.Explanations.BindingExplanation + getDefaultInstanceForType() { + return DEFAULT_INSTANCE; + } + } + + private static final com.google.protobuf.Descriptors.Descriptor + internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_descriptor; + private static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_fieldAccessorTable; + private static final com.google.protobuf.Descriptors.Descriptor + internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_descriptor; + private static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_fieldAccessorTable; + private static final com.google.protobuf.Descriptors.Descriptor + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor; + private static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_fieldAccessorTable; + private static final com.google.protobuf.Descriptors.Descriptor + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_descriptor; + private static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_fieldAccessorTable; + private static final com.google.protobuf.Descriptors.Descriptor + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_MembershipsEntry_descriptor; + private static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_MembershipsEntry_fieldAccessorTable; + + public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() { + return descriptor; + } + + private static com.google.protobuf.Descriptors.FileDescriptor descriptor; + + static { + java.lang.String[] descriptorData = { + "\n7google/cloud/policytroubleshooter/v1/e" + + "xplanations.proto\022$google.cloud.policytr" + + "oubleshooter.v1\032\037google/api/field_behavi" + + "or.proto\032\032google/iam/v1/policy.proto\032\026go" + + "ogle/type/expr.proto\"_\n\013AccessTuple\022\026\n\tp" + + "rincipal\030\001 \001(\tB\003\340A\002\022\037\n\022full_resource_nam" + + "e\030\002 \001(\tB\003\340A\002\022\027\n\npermission\030\003 \001(\tB\003\340A\002\"\274\002" + + "\n\017ExplainedPolicy\022A\n\006access\030\001 \001(\01621.goog" + + "le.cloud.policytroubleshooter.v1.AccessS" + + "tate\022\032\n\022full_resource_name\030\002 \001(\t\022%\n\006poli" + + "cy\030\003 \001(\0132\025.google.iam.v1.Policy\022V\n\024bindi" + + "ng_explanations\030\004 \003(\01328.google.cloud.pol" + + "icytroubleshooter.v1.BindingExplanation\022" + + "K\n\trelevance\030\005 \001(\01628.google.cloud.policy" + + "troubleshooter.v1.HeuristicRelevance\"\203\t\n" + + "\022BindingExplanation\022F\n\006access\030\001 \001(\01621.go" + + "ogle.cloud.policytroubleshooter.v1.Acces" + + "sStateB\003\340A\002\022\014\n\004role\030\002 \001(\t\022`\n\017role_permis" + + "sion\030\003 \001(\0162G.google.cloud.policytroubles" + + "hooter.v1.BindingExplanation.RolePermiss" + + "ion\022[\n\031role_permission_relevance\030\004 \001(\01628" + + ".google.cloud.policytroubleshooter.v1.He" + + "uristicRelevance\022^\n\013memberships\030\005 \003(\0132I." + + "google.cloud.policytroubleshooter.v1.Bin" + + "dingExplanation.MembershipsEntry\022K\n\trele" + + "vance\030\006 \001(\01628.google.cloud.policytrouble" + + "shooter.v1.HeuristicRelevance\022$\n\tconditi" + + "on\030\007 \001(\0132\021.google.type.Expr\032\273\001\n\023Annotate" + + "dMembership\022W\n\nmembership\030\001 \001(\0162C.google" + + ".cloud.policytroubleshooter.v1.BindingEx" + + "planation.Membership\022K\n\trelevance\030\002 \001(\0162" + + "8.google.cloud.policytroubleshooter.v1.H" + + "euristicRelevance\032\200\001\n\020MembershipsEntry\022\013" + + "\n\003key\030\001 \001(\t\022[\n\005value\030\002 \001(\0132L.google.clou" + + "d.policytroubleshooter.v1.BindingExplana" + + "tion.AnnotatedMembership:\0028\001\"\232\001\n\016RolePer" + + "mission\022\037\n\033ROLE_PERMISSION_UNSPECIFIED\020\000" + + "\022\034\n\030ROLE_PERMISSION_INCLUDED\020\001\022 \n\034ROLE_P" + + "ERMISSION_NOT_INCLUDED\020\002\022\'\n#ROLE_PERMISS" + + "ION_UNKNOWN_INFO_DENIED\020\003\"\246\001\n\nMembership" + + "\022\032\n\026MEMBERSHIP_UNSPECIFIED\020\000\022\027\n\023MEMBERSH" + + "IP_INCLUDED\020\001\022\033\n\027MEMBERSHIP_NOT_INCLUDED" + + "\020\002\022\"\n\036MEMBERSHIP_UNKNOWN_INFO_DENIED\020\003\022\"" + + "\n\036MEMBERSHIP_UNKNOWN_UNSUPPORTED\020\004*{\n\013Ac" + + "cessState\022\034\n\030ACCESS_STATE_UNSPECIFIED\020\000\022" + + "\013\n\007GRANTED\020\001\022\017\n\013NOT_GRANTED\020\002\022\027\n\023UNKNOWN" + + "_CONDITIONAL\020\003\022\027\n\023UNKNOWN_INFO_DENIED\020\004*" + + "O\n\022HeuristicRelevance\022#\n\037HEURISTIC_RELEV" + + "ANCE_UNSPECIFIED\020\000\022\n\n\006NORMAL\020\001\022\010\n\004HIGH\020\002" + + "B\322\001ZXgoogle.golang.org/genproto/googleap" + + "is/cloud/policytroubleshooter/v1;policyt" + + "roubleshooter\252\002$Google.Cloud.PolicyTroub" + + "leshooter.V1\312\002$Google\\Cloud\\PolicyTroubl" + + "eshooter\\V1\352\002\'Google::Cloud::PolicyTroub" + + "leshooter::V1b\006proto3" + }; + descriptor = + com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom( + descriptorData, + new com.google.protobuf.Descriptors.FileDescriptor[] { + com.google.api.FieldBehaviorProto.getDescriptor(), + com.google.iam.v1.PolicyProto.getDescriptor(), + com.google.type.ExprProto.getDescriptor(), + }); + internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_descriptor = + getDescriptor().getMessageTypes().get(0); + internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_fieldAccessorTable = + new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_google_cloud_policytroubleshooter_v1_AccessTuple_descriptor, + new java.lang.String[] { + "Principal", "FullResourceName", "Permission", + }); + internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_descriptor = + getDescriptor().getMessageTypes().get(1); + internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_fieldAccessorTable = + new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_google_cloud_policytroubleshooter_v1_ExplainedPolicy_descriptor, + new java.lang.String[] { + "Access", "FullResourceName", "Policy", "BindingExplanations", "Relevance", + }); + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor = + getDescriptor().getMessageTypes().get(2); + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_fieldAccessorTable = + new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor, + new java.lang.String[] { + "Access", + "Role", + "RolePermission", + "RolePermissionRelevance", + "Memberships", + "Relevance", + "Condition", + }); + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_descriptor = + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor + .getNestedTypes() + .get(0); + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_fieldAccessorTable = + new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_AnnotatedMembership_descriptor, + new java.lang.String[] { + "Membership", "Relevance", + }); + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_MembershipsEntry_descriptor = + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_descriptor + .getNestedTypes() + .get(1); + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_MembershipsEntry_fieldAccessorTable = + new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_google_cloud_policytroubleshooter_v1_BindingExplanation_MembershipsEntry_descriptor, + new java.lang.String[] { + "Key", "Value", + }); + com.google.protobuf.ExtensionRegistry registry = + com.google.protobuf.ExtensionRegistry.newInstance(); + registry.add(com.google.api.FieldBehaviorProto.fieldBehavior); + com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor( + descriptor, registry); + com.google.api.FieldBehaviorProto.getDescriptor(); + com.google.iam.v1.PolicyProto.getDescriptor(); + com.google.type.ExprProto.getDescriptor(); + } + + // @@protoc_insertion_point(outer_class_scope) +} diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/proto/google/cloud/policytroubleshooter/v1/checker.proto b/proto-google-cloud-policy-troubleshooter-v1/src/main/proto/google/cloud/policytroubleshooter/v1/checker.proto new file mode 100644 index 0000000..1b20892 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/proto/google/cloud/policytroubleshooter/v1/checker.proto @@ -0,0 +1,74 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.policytroubleshooter.v1; + +import public "google/cloud/policytroubleshooter/v1/explanations.proto"; +import "google/api/annotations.proto"; +import "google/api/client.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.PolicyTroubleshooter.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/policytroubleshooter/v1;policytroubleshooter"; +option java_multiple_files = true; +option java_outer_classname = "IAMCheckerProto"; +option java_package = "com.google.cloud.policytroubleshooter.v1"; +option php_namespace = "Google\\Cloud\\PolicyTroubleshooter\\V1"; +option ruby_package = "Google::Cloud::PolicyTroubleshooter::V1"; + +// IAM Policy Troubleshooter service. +// +// This service helps you troubleshoot access issues for Google Cloud resources. +service IamChecker { + option (google.api.default_host) = "policytroubleshooter.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // Checks whether a member has a specific permission for a specific resource, + // and explains why the member does or does not have that permission. + rpc TroubleshootIamPolicy(TroubleshootIamPolicyRequest) returns (TroubleshootIamPolicyResponse) { + option (google.api.http) = { + post: "/v1/iam:troubleshoot" + body: "*" + }; + } +} + +// Request for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy]. +message TroubleshootIamPolicyRequest { + // The information to use for checking whether a member has a permission for a + // resource. + AccessTuple access_tuple = 1; +} + +// Response for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy]. +message TroubleshootIamPolicyResponse { + // Indicates whether the member has the specified permission for the specified + // resource, based on evaluating all of the applicable IAM policies. + AccessState access = 1; + + // List of IAM policies that were evaluated to check the member's permissions, + // with annotations to indicate how each policy contributed to the final + // result. + // + // The list of policies can include the policy for the resource itself. It can + // also include policies that are inherited from higher levels of the resource + // hierarchy, including the organization, the folder, and the project. + // + // To learn more about the resource hierarchy, see + // https://cloud.google.com/iam/help/resource-hierarchy. + repeated ExplainedPolicy explained_policies = 2; +} diff --git a/proto-google-cloud-policy-troubleshooter-v1/src/main/proto/google/cloud/policytroubleshooter/v1/explanations.proto b/proto-google-cloud-policy-troubleshooter-v1/src/main/proto/google/cloud/policytroubleshooter/v1/explanations.proto new file mode 100644 index 0000000..1eb2a58 --- /dev/null +++ b/proto-google-cloud-policy-troubleshooter-v1/src/main/proto/google/cloud/policytroubleshooter/v1/explanations.proto @@ -0,0 +1,245 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.policytroubleshooter.v1; + +import "google/api/field_behavior.proto"; +import "google/iam/v1/policy.proto"; +import "google/type/expr.proto"; + +option csharp_namespace = "Google.Cloud.PolicyTroubleshooter.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/policytroubleshooter/v1;policytroubleshooter"; +option php_namespace = "Google\\Cloud\\PolicyTroubleshooter\\V1"; +option ruby_package = "Google::Cloud::PolicyTroubleshooter::V1"; + +// Information about the member, resource, and permission to check. +message AccessTuple { + // Required. The member, or principal, whose access you want to check, in the form of + // the email address that represents that member. For example, + // `alice@example.com` or + // `my-service-account@my-project.iam.gserviceaccount.com`. + // + // The member must be a Google Account or a service account. Other types of + // members are not supported. + string principal = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. The full resource name that identifies the resource. For example, + // `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. + // + // For examples of full resource names for Google Cloud services, see + // https://cloud.google.com/iam/help/troubleshooter/full-resource-names. + string full_resource_name = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The IAM permission to check for the specified member and resource. + // + // For a complete list of IAM permissions, see + // https://cloud.google.com/iam/help/permissions/reference. + // + // For a complete list of predefined IAM roles and the permissions in each + // role, see https://cloud.google.com/iam/help/roles/reference. + string permission = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed +// to the access check. +message ExplainedPolicy { + // Indicates whether _this policy_ provides the specified permission to the + // specified member for the specified resource. + // + // This field does _not_ indicate whether the member actually has the + // permission for the resource. There might be another policy that overrides + // this policy. To determine whether the member actually has the permission, + // use the `access` field in the + // [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse]. + AccessState access = 1; + + // The full resource name that identifies the resource. For example, + // `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. + // + // If the sender of the request does not have access to the policy, this field + // is omitted. + // + // For examples of full resource names for Google Cloud services, see + // https://cloud.google.com/iam/help/troubleshooter/full-resource-names. + string full_resource_name = 2; + + // The IAM policy attached to the resource. + // + // If the sender of the request does not have access to the policy, this field + // is empty. + google.iam.v1.Policy policy = 3; + + // Details about how each binding in the policy affects the member's ability, + // or inability, to use the permission for the resource. + // + // If the sender of the request does not have access to the policy, this field + // is omitted. + repeated BindingExplanation binding_explanations = 4; + + // The relevance of this policy to the overall determination in the + // [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse]. + // + // If the sender of the request does not have access to the policy, this field + // is omitted. + HeuristicRelevance relevance = 5; +} + +// Details about how a binding in a policy affects a member's ability to use a +// permission. +message BindingExplanation { + // Details about whether the binding includes the member. + message AnnotatedMembership { + // Indicates whether the binding includes the member. + Membership membership = 1; + + // The relevance of the member's status to the overall determination for the + // binding. + HeuristicRelevance relevance = 2; + } + + // Whether a role includes a specific permission. + enum RolePermission { + // Reserved for future use. + ROLE_PERMISSION_UNSPECIFIED = 0; + + // The permission is included in the role. + ROLE_PERMISSION_INCLUDED = 1; + + // The permission is not included in the role. + ROLE_PERMISSION_NOT_INCLUDED = 2; + + // The sender of the request is not allowed to access the binding. + ROLE_PERMISSION_UNKNOWN_INFO_DENIED = 3; + } + + // Whether the binding includes the member. + enum Membership { + // Reserved for future use. + MEMBERSHIP_UNSPECIFIED = 0; + + // The binding includes the member. The member can be included directly + // or indirectly. For example: + // + // * A member is included directly if that member is listed in the binding. + // * A member is included indirectly if that member is in a Google group or + // G Suite domain that is listed in the binding. + MEMBERSHIP_INCLUDED = 1; + + // The binding does not include the member. + MEMBERSHIP_NOT_INCLUDED = 2; + + // The sender of the request is not allowed to access the binding. + MEMBERSHIP_UNKNOWN_INFO_DENIED = 3; + + // The member is an unsupported type. Only Google Accounts and service + // accounts are supported. + MEMBERSHIP_UNKNOWN_UNSUPPORTED = 4; + } + + // Required. Indicates whether _this binding_ provides the specified permission to the + // specified member for the specified resource. + // + // This field does _not_ indicate whether the member actually has the + // permission for the resource. There might be another binding that overrides + // this binding. To determine whether the member actually has the permission, + // use the `access` field in the + // [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse]. + AccessState access = 1 [(google.api.field_behavior) = REQUIRED]; + + // The role that this binding grants. For example, + // `roles/compute.serviceAgent`. + // + // For a complete list of predefined IAM roles, as well as the permissions in + // each role, see https://cloud.google.com/iam/help/roles/reference. + string role = 2; + + // Indicates whether the role granted by this binding contains the specified + // permission. + RolePermission role_permission = 3; + + // The relevance of the permission's existence, or nonexistence, in the role + // to the overall determination for the entire policy. + HeuristicRelevance role_permission_relevance = 4; + + // Indicates whether each member in the binding includes the member specified + // in the request, either directly or indirectly. Each key identifies a member + // in the binding, and each value indicates whether the member in the binding + // includes the member in the request. + // + // For example, suppose that a binding includes the following members: + // + // * `user:alice@example.com` + // * `group:product-eng@example.com` + // + // You want to troubleshoot access for `user:bob@example.com`. This user is a + // member of the group `group:product-eng@example.com`. + // + // For the first member in the binding, the key is `user:alice@example.com`, + // and the `membership` field in the value is set to + // `MEMBERSHIP_NOT_INCLUDED`. + // + // For the second member in the binding, the key is + // `group:product-eng@example.com`, and the `membership` field in the value is + // set to `MEMBERSHIP_INCLUDED`. + map memberships = 5; + + // The relevance of this binding to the overall determination for the entire + // policy. + HeuristicRelevance relevance = 6; + + // A condition expression that prevents access unless the expression evaluates + // to `true`. + // + // To learn about IAM Conditions, see + // http://cloud.google.com/iam/help/conditions/overview. + google.type.Expr condition = 7; +} + +// Whether a member has a permission for a resource. +enum AccessState { + // Reserved for future use. + ACCESS_STATE_UNSPECIFIED = 0; + + // The member has the permission. + GRANTED = 1; + + // The member does not have the permission. + NOT_GRANTED = 2; + + // The member has the permission only if a condition expression evaluates to + // `true`. + UNKNOWN_CONDITIONAL = 3; + + // The sender of the request does not have access to all of the policies that + // Policy Troubleshooter needs to evaluate. + UNKNOWN_INFO_DENIED = 4; +} + +// The extent to which a single data point contributes to an overall +// determination. +enum HeuristicRelevance { + // Reserved for future use. + HEURISTIC_RELEVANCE_UNSPECIFIED = 0; + + // The data point has a limited effect on the result. Changing the data point + // is unlikely to affect the overall determination. + NORMAL = 1; + + // The data point has a strong effect on the result. Changing the data point + // is likely to affect the overall determination. + HIGH = 2; +} diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..efad1e9 --- /dev/null +++ b/renovate.json @@ -0,0 +1,73 @@ +{ + "extends": [ + ":separateMajorReleases", + ":combinePatchMinorReleases", + ":ignoreUnstable", + ":prImmediately", + ":updateNotScheduled", + ":automergeDisabled", + ":ignoreModulesAndTests", + ":maintainLockFilesDisabled", + ":autodetectPinVersions" + ], + "packageRules": [ + { + "packagePatterns": [ + "^com.google.guava:" + ], + "versionScheme": "docker" + }, + { + "packagePatterns": [ + "*" + ], + "semanticCommitType": "deps", + "semanticCommitScope": null + }, + { + "packagePatterns": [ + "^org.apache.maven", + "^org.jacoco:", + "^org.codehaus.mojo:", + "^org.sonatype.plugins:", + "^com.coveo:", + "^com.google.cloud:google-cloud-shared-config" + ], + "semanticCommitType": "build", + "semanticCommitScope": "deps" + }, + { + "packagePatterns": [ + "^com.google.cloud:google-cloud-policy-troubleshooter", + "^com.google.cloud:libraries-bom", + "^com.google.cloud.samples:shared-configuration" + ], + "semanticCommitType": "chore", + "semanticCommitScope": "deps" + }, + { + "packagePatterns": [ + "^junit:junit", + "^com.google.truth:truth", + "^org.mockito:mockito-core", + "^org.objenesis:objenesis" + ], + "semanticCommitType": "test", + "semanticCommitScope": "deps" + }, + { + "packagePatterns": [ + "^com.google.cloud:google-cloud-" + ], + "ignoreUnstable": false + }, + { + "packagePatterns": [ + "^com.fasterxml.jackson.core" + ], + "groupName": "jackson dependencies" + } + ], + "semanticCommits": true, + "masterIssue": true +} diff --git a/samples/install-without-bom/pom.xml b/samples/install-without-bom/pom.xml new file mode 100644 index 0000000..0e6e012 --- /dev/null +++ b/samples/install-without-bom/pom.xml @@ -0,0 +1,84 @@ + + + 4.0.0 + com.google.cloud + policy-troubleshooter-install-without-bom + jar + Google IAM Policy Troubleshooter API Install Without Bom + https://github.com/googleapis/java-policy-troubleshooter + + + + com.google.cloud.samples + shared-configuration + 1.0.12 + + + + 1.8 + 1.8 + UTF-8 + + + + + + + com.google.cloud + google-cloud-policy-troubleshooter + 0.0.0 + + + + + junit + junit + 4.13 + test + + + com.google.truth + truth + 1.0.1 + test + + + + + + + + org.codehaus.mojo + build-helper-maven-plugin + 3.1.0 + + + add-snippets-source + + add-source + + + + ../snippets/src/main/java + + + + + add-snippets-tests + + add-test-source + + + + ../snippets/src/test/java + + + + + + + + diff --git a/samples/pom.xml b/samples/pom.xml new file mode 100644 index 0000000..262e78c --- /dev/null +++ b/samples/pom.xml @@ -0,0 +1,56 @@ + + + 4.0.0 + com.google.cloud + google-cloud-policy-troubleshooter-samples + 0.0.1-SNAPSHOT + pom + Google IAM Policy Troubleshooter API Samples Parent + https://github.com/googleapis/java-policy-troubleshooter + + Java idiomatic client for Google Cloud Platform services. + + + + + com.google.cloud.samples + shared-configuration + 1.0.18 + + + + 1.8 + 1.8 + UTF-8 + + + + install-without-bom + snapshot + snippets + + + + + + org.apache.maven.plugins + maven-deploy-plugin + 2.8.2 + + true + + + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.8 + + true + + + + + diff --git a/samples/snapshot/pom.xml b/samples/snapshot/pom.xml new file mode 100644 index 0000000..bf7259b --- /dev/null +++ b/samples/snapshot/pom.xml @@ -0,0 +1,83 @@ + + + 4.0.0 + com.google.cloud + policy-troubleshooter-snapshot + jar + Google IAM Policy Troubleshooter API Snapshot Samples + https://github.com/googleapis/java-policy-troubleshooter + + + + com.google.cloud.samples + shared-configuration + 1.0.12 + + + + 1.8 + 1.8 + UTF-8 + + + + + + com.google.cloud + google-cloud-policy-troubleshooter + 0.0.0 + + + + + junit + junit + 4.13 + test + + + com.google.truth + truth + 1.0.1 + test + + + + + + + + org.codehaus.mojo + build-helper-maven-plugin + 3.1.0 + + + add-snippets-source + + add-source + + + + ../snippets/src/main/java + + + + + add-snippets-tests + + add-test-source + + + + ../snippets/src/test/java + + + + + + + + \ No newline at end of file diff --git a/samples/snippets/pom.xml b/samples/snippets/pom.xml new file mode 100644 index 0000000..e1dc029 --- /dev/null +++ b/samples/snippets/pom.xml @@ -0,0 +1,47 @@ + + + 4.0.0 + com.google.cloud + policy-troubleshooter-snippets + jar + Google IAM Policy Troubleshooter API Snippets + https://github.com/googleapis/java-policy-troubleshooter + + + + com.google.cloud.samples + shared-configuration + 1.0.12 + + + + 1.8 + 1.8 + UTF-8 + + + + + + com.google.cloud + google-cloud-policy-troubleshooter + 0.0.0 + + + + junit + junit + 4.13 + test + + + com.google.truth + truth + 1.0.1 + test + + + diff --git a/synth.metadata b/synth.metadata new file mode 100644 index 0000000..1e2668f --- /dev/null +++ b/synth.metadata @@ -0,0 +1,33 @@ +{ + "sources": [ + { + "git": { + "name": ".", + "remote": "sso://devrel/cloud/libraries/java/repo-splitter", + "sha": "ca29df05f9d15166e064c322aa01596764873fdd" + } + }, + { + "git": { + "name": "googleapis-gen", + "remote": "https://github.com/googleapis/googleapis-gen.git", + "sha": "1ad043d44370c3639640b1f1f549296c005448f5", + "internalRef": "360805639" + } + }, + { + "git": { + "name": "synthtool", + "remote": "https://github.com/googleapis/synthtool.git", + "sha": "2e7bd5cc66a3f0b90ce1c150eb35c89eeb9872d6" + } + }, + { + "git": { + "name": "synthtool", + "remote": "https://github.com/googleapis/synthtool.git", + "sha": "2e7bd5cc66a3f0b90ce1c150eb35c89eeb9872d6" + } + } + ] +} \ No newline at end of file diff --git a/synth.py b/synth.py new file mode 100644 index 0000000..30b3002 --- /dev/null +++ b/synth.py @@ -0,0 +1,31 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""This script is used to synthesize generated parts of this library.""" + +import synthtool.languages.java as java + +service = 'policytroubleshooter' +versions = ['v1'] + +for version in versions: + java.pregenerated_library( + service=service, + version=version, + path=f'google/cloud/policytroubleshooter/{version}', + destination_name='policy-troubleshooter', + ) + +java.common_templates() + diff --git a/versions.txt b/versions.txt new file mode 100644 index 0000000..184715d --- /dev/null +++ b/versions.txt @@ -0,0 +1,6 @@ +# Format: +# module:released-version:current-version + +google-cloud-policy-troubleshooter:0.0.0:0.0.1-SNAPSHOT +proto-google-cloud-policy-troubleshooter-v1:0.0.0:0.0.1-SNAPSHOT +grpc-google-cloud-policy-troubleshooter-v1:0.0.0:0.0.1-SNAPSHOT \ No newline at end of file