dZddlmZddlmZddlmZddlmZddlmZddl m Z ddl m Z dd l mZdd lmZdd lmZdd lmZdd lmZe j*Gdde j,Zy)zAImplementation of managed-folders add-iam-policy-binding command.)absolute_import)division)unicode_literals) api_factory)errors)apis)base)iam_util) errors_util)iam_command_util) storage_url)set_iam_policy_taskc0eZdZdZdddZedZdZy)AddIamPolicyBindingz.Add an IAM policy binding to a managed folder.z Add an IAM policy binding to a managed folder. For more information, see [Cloud Identity and Access Management](https://cloud.google.com/storage/docs/access-control/iam). aZ To grant a single role to a single principal for a managed folder `managed-folder` in a bucket `bucket`: $ {command} gs://bucket/managed-folder --member=user:john.doe@example.com --role=roles/storage.objectCreator To make objects in `gs://bucket/managed-folder` publicly readable: $ {command} gs://bucket/managed-folder --member=allUsers --role=roles/storage.objectViewer To specify a custom role for a principal on `gs://bucket/managed-folder`: $ {command} gs://bucket/managed-folder --member=user:john.doe@example.com --role=roles/customRoleName ) DESCRIPTIONEXAMPLEScX|jddtj|dy)Nurlz7URL of the managed folder to add IAM policy binding to.)helpT) add_condition) add_argumentr AddArgsForAddIamPolicyBinding)parsers =lib/surface/storage/managed_folders/add_iam_policy_binding.pyArgszAddIamPolicyBinding.Args9s-  M **6Fc$tj|j}tj|j |t j|j}tjdd} |j|j|j}t%j&||||t(j*S#tj$r9|j!|j|j|j#}YrwxYw)Nstoragev1)r storage_url_from_stringrr "raise_error_if_not_gcs_folder_type command_pathrget_apischemerGetMessagesModuleget_managed_folder_iam_policy bucket_name resource_name api_errors NotFoundErrorcreate_managed_folderPolicyr add_iam_binding_to_resourcerSetManagedFolderIamPolicyTask)selfargsr api_clientmessagespolicys rRunzAddIamPolicyBinding.Run@s  - -dhh 7C2243D3DcJ$$SZZ0J%%i6H!77 //3,,f  7 7  99    # #!&&s8I8IJ f!s6&CA DDN)__name__ __module__ __qualname____doc__ detailed_help staticmethodrr4rrrr s16  -*GG rrN)r8 __future__rrrgooglecloudsdk.api_lib.storagerrr)googlecloudsdk.api_lib.utilrgooglecloudsdk.callioper googlecloudsdk.command_lib.iamr "googlecloudsdk.command_lib.storager r r (googlecloudsdk.command_lib.storage.tasksrUniverseCompatibleCommandrr;rrrEsTH&'6?,(3:?:H4$,,44r