• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# -*- coding: utf-8 -*-
2# Copyright 2012 Google Inc. All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#     http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15"""Additional help about Google Cloud Storage projects."""
16
17from __future__ import absolute_import
18
19from gslib.help_provider import HelpProvider
20
21_DETAILED_HELP_TEXT = ("""
22<B>OVERVIEW</B>
23  This section discusses how to work with projects in Google Cloud Storage.
24
25
26<B>PROJECT MEMBERS AND PERMISSIONS</B>
27  There are three groups of users associated with each project:
28
29  - Project Owners are allowed to list, create, and delete buckets,
30    and can also perform administrative tasks like adding and removing team
31    members and changing billing. The project owners group is the owner
32    of all buckets within a project, regardless of who may be the original
33    bucket creator.
34
35  - Project Editors are allowed to list, create, and delete buckets.
36
37  - All Project Team Members are allowed to list buckets within a project.
38
39  These projects make it easy to set up a bucket and start uploading objects
40  with access control appropriate for a project at your company, as the three
41  group memberships can be configured by your administrative staff. Control
42  over projects and their associated memberships is provided by the
43  `Google Developers Console <https://cloud.google.com/console#/project>`_.
44
45
46<B>HOW PROJECT MEMBERSHIP IS REFLECTED IN BUCKET ACLS</B>
47  When you create a bucket without specifying an ACL the bucket is given a
48  "project-private" ACL, which grants the permissions described in the previous
49  section. Here's an example of such an ACL:
50
51    [
52      {
53        "entity": "group-00b4903a9740e42c29800f53bd5a9a62a2f96eb3f64a4313a115df3f3a776bf7",
54        "entityId": "00b4903a9740e42c29800f53bd5a9a62a2f96eb3f64a4313a115df3f3a776bf7",
55        "role": "OWNER"
56      },
57      {
58        "entity": "group-00b4903a977fd817e9da167bc81306489181a110456bb635f466d71cf90a0d51",
59        "entityId": "00b4903a977fd817e9da167bc81306489181a110456bb635f466d71cf90a0d51",
60        "role": "OWNER"
61      },
62      {
63        "entity": "00b4903a974898cc8fc309f2f2835308ba3d3df1b889d3fc7e33e187d52d8e71",
64        "entityId": "00b4903a974898cc8fc309f2f2835308ba3d3df1b889d3fc7e33e187d52d8e71",
65        "role": "READER"
66      }
67    ]
68
69  The three "entityId"s are the canonical IDs for the Project Owners,
70  Project Editors, and All Project Team Members groups.
71
72  You can edit the bucket ACL if you want to (see "gsutil help acl"),
73  but for many cases you'll never need to, and instead can change group
74  membership via the
75  `Google Developers Console <https://cloud.google.com/console#/project>`_.
76
77
78<B>IDENTIFYING PROJECTS WHEN CREATING AND LISTING BUCKETS</B>
79  When you create a bucket or list your buckets, you need to provide the
80  project ID that you want to create or list (using the gsutil mb -p option or
81  the gsutil ls -p option, respectively). The project's name shown in the
82  Google Developers Console is a user-friendly name that you can choose; this is
83  not the project ID required by the gsutil mb and ls commands. To find the
84  project ID, go to the Cloud Storage pane in the Google Developers Console.
85  The project ID is listed as "Project Number" in the Overview pane of your
86  project.
87""")
88
89
90class CommandOptions(HelpProvider):
91  """Additional help about Google Cloud Storage projects."""
92
93  # Help specification. See help_provider.py for documentation.
94  help_spec = HelpProvider.HelpSpec(
95      help_name='projects',
96      help_name_aliases=[
97          'apis console', 'cloud console', 'console', 'dev console', 'project',
98          'proj', 'project-id'],
99      help_type='additional_help',
100      help_one_line_summary='Working With Projects',
101      help_text=_DETAILED_HELP_TEXT,
102      subcommand_help_text={},
103  )
104