K hdZddlmZddlmZddlmZddlmZddlmZddlm Z ddl m Z d Z d Z y ) z)Helpers for dealing with storage buckets.)absolute_import)division)unicode_literals) storage_api) storage_util) exceptions)logct|jDcgc]>}|jjdk(xr|jjdk(@c}Scc}w)Nallusersreader)anydefaultObjectAclentitylowerrole)bucketacls 3lib/googlecloudsdk/command_lib/privateca/storage.py_BucketAllowsPublicObjectReadsrs_ 0020#jj J.O388>>3Cx3OO02 332sAAc|tj}tj|} |j ||j j j}t|stjdtj|S#tj$rtjddwxYw)a$Validates that a user-specified bucket can be used with a Private CA. Args: bucket_name: The name of the GCS bucket to validate. Returns: A BucketReference wrapping the given bucket name. Raises: InvalidArgumentException: when the given bucket can't be used with a CA. )messageszThe specified bucket does not publicly expose new objects by default, so some clients may not be able to access the CA certificate or CRLs. For more details, see https://cloud.google.com/storage/docs/access-control/making-data-publicz gcs-bucketz The given bucket does not exist.)r GetMessagesr StorageClient GetBucketStorageBucketsGetRequestProjectionValueValuesEnumfullrr warningBucketReferenceBucketNotFoundErrorrInvalidArgumentException) bucket_namerclientrs r%ValidateBucketForCertificateAuthorityr$ s % % '(  $ $h 7&:   ))CCHHJF *& 1 kk T  ' ' 44  ( (:  - -8 :::s A$B*B;N)__doc__ __future__rrrgooglecloudsdk.api_lib.storagerrgooglecloudsdk.calliopergooglecloudsdk.corer rr$rr,s)0&'67.#3 :r+