HEX
Server: Apache/2.4.65 (Ubuntu)
System: Linux ielts-store-v2 6.8.0-1036-gcp #38~22.04.1-Ubuntu SMP Thu Aug 14 01:19:18 UTC 2025 x86_64
User: root (0)
PHP: 7.2.34-54+ubuntu20.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /snap/google-cloud-cli/394/lib/googlecloudsdk/api_lib/access_approval/
Upload Files
File: //snap/google-cloud-cli/394/lib/googlecloudsdk/api_lib/access_approval/settings.py
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Access approval settings API helper."""

from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals

from googlecloudsdk.api_lib.util import apis


def Delete(name):
  """Delete the access approval settings for a resource."""
  client = apis.GetClientInstance('accessapproval', 'v1')
  msgs = apis.GetMessagesModule('accessapproval', 'v1')

  if 'organizations/' in name:
    req = msgs.AccessapprovalOrganizationsDeleteAccessApprovalSettingsRequest(
        name=name
    )
    return client.organizations.DeleteAccessApprovalSettings(req)
  if 'folders/' in name:
    req = msgs.AccessapprovalFoldersDeleteAccessApprovalSettingsRequest(
        name=name
    )
    return client.folders.DeleteAccessApprovalSettings(req)

  req = msgs.AccessapprovalProjectsDeleteAccessApprovalSettingsRequest(
      name=name
  )
  return client.projects.DeleteAccessApprovalSettings(req)


def Get(name):
  """Get the access approval settings for a resource."""
  client = apis.GetClientInstance('accessapproval', 'v1')
  msgs = apis.GetMessagesModule('accessapproval', 'v1')

  if 'organizations/' in name:
    req = msgs.AccessapprovalOrganizationsGetAccessApprovalSettingsRequest(
        name=name
    )
    return client.organizations.GetAccessApprovalSettings(req)
  if 'folders/' in name:
    req = msgs.AccessapprovalFoldersGetAccessApprovalSettingsRequest(name=name)
    return client.folders.GetAccessApprovalSettings(req)

  req = msgs.AccessapprovalProjectsGetAccessApprovalSettingsRequest(name=name)
  return client.projects.GetAccessApprovalSettings(req)


def Update(
    name,
    notification_emails,
    enrolled_services,
    active_key_version,
    preferred_request_expiration_days,
    prefer_no_broad_approval_requests,
    notification_pubsub_topic,
    request_scope_max_width_preference,
    require_customer_visible_justification,
    approval_policy,
    update_mask,
):
  """Update the access approval settings for a resource.

  Args:
    name: the settings resource name (e.g. projects/123/accessApprovalSettings)
    notification_emails: list of email addresses
    enrolled_services: list of services
    active_key_version: KMS signing key version resource name
    preferred_request_expiration_days: the default expiration time for approval
      requests
    prefer_no_broad_approval_requests: communicates the preference to Google
      personnel to request access with as targeted a resource scope as possible
    notification_pubsub_topic: A pubsub topic to which notifications relating to
      approval requests should be sent
    request_scope_max_width_preference: specifies broadest scope of access for
      access requests without a specific method
    require_customer_visible_justification: to configure if a customer visible
      justification (i.e. Vector Case) is required for a Googler to create an
      Access Ticket to send to the customer when attempting to access customer
      resources.
    approval_policy: the policy for approving requests
    update_mask: which fields to update

  Returns:
    updated settings
  """
  client = apis.GetClientInstance('accessapproval', 'v1')
  msgs = apis.GetMessagesModule('accessapproval', 'v1')

  settings = None
  services_protos = [
      msgs.EnrolledService(cloudProduct=s) for s in enrolled_services
  ]
  settings = msgs.AccessApprovalSettings(
      name=name,
      enrolledServices=services_protos,
      notificationEmails=notification_emails,
      activeKeyVersion=active_key_version,
      preferredRequestExpirationDays=preferred_request_expiration_days,
      preferNoBroadApprovalRequests=prefer_no_broad_approval_requests,
      notificationPubsubTopic=notification_pubsub_topic,
      requestScopeMaxWidthPreference=request_scope_max_width_preference,
      requireCustomerVisibleJustification=require_customer_visible_justification,
      approvalPolicy=approval_policy,
  )

  if 'organizations/' in name:
    req = msgs.AccessapprovalOrganizationsUpdateAccessApprovalSettingsRequest(
        name=name, accessApprovalSettings=settings, updateMask=update_mask
    )
    return client.organizations.UpdateAccessApprovalSettings(req)
  if 'folders/' in name:
    req = msgs.AccessapprovalFoldersUpdateAccessApprovalSettingsRequest(
        name=name, accessApprovalSettings=settings, updateMask=update_mask
    )
    return client.folders.UpdateAccessApprovalSettings(req)

  req = msgs.AccessapprovalProjectsUpdateAccessApprovalSettingsRequest(
      name=name, accessApprovalSettings=settings, updateMask=update_mask
  )
  return client.projects.UpdateAccessApprovalSettings(req)
@ Telegram