feat: fgac support and samples by asthamohta · Pull Request #867 · googleapis/python-spanner · GitHub
Skip to content
This repository was archived by the owner on Jun 8, 2026. It is now read-only.

feat: fgac support and samples #867

Merged
asthamohta merged 8 commits into from
Dec 13, 2022
Merged

feat: fgac support and samples #867

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
87eac27
feat:fgac changes and samples
asthamohta Dec 12, 2022
9ba5bb4
linting
asthamohta Dec 13, 2022
15cede6
fixing samples
asthamohta Dec 13, 2022
6d88700
linting
asthamohta Dec 13, 2022
b9b46d5
linting
asthamohta Dec 13, 2022
7bcb094
Update database.py
asthamohta Dec 13, 2022
b8dc809
Update pool.py
asthamohta Dec 13, 2022
e6b7853
Update snippets.py
asthamohta Dec 13, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion google/cloud/spanner_dbapi/parse_utils.py
View file
Open in desktop
99 changes: 95 additions & 4 deletions google/cloud/spanner_v1/database.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,12 @@
from google.cloud.exceptions import NotFound
from google.api_core.exceptions import Aborted
from google.api_core import gapic_v1
from google.iam.v1 import iam_policy_pb2
from google.iam.v1 import options_pb2

from google.cloud.spanner_admin_database_v1 import CreateDatabaseRequest
from google.cloud.spanner_admin_database_v1 import Database as DatabasePB
from google.cloud.spanner_admin_database_v1 import ListDatabaseRolesRequest
from google.cloud.spanner_admin_database_v1 import EncryptionConfig
from google.cloud.spanner_admin_database_v1 import RestoreDatabaseEncryptionConfig
from google.cloud.spanner_admin_database_v1 import RestoreDatabaseRequest
Expand Down Expand Up @@ -119,7 +122,8 @@ class Database(object):
:class:`~google.cloud.spanner_admin_database_v1.types.DatabaseDialect`
:param database_dialect:
(Optional) database dialect for the database

:type database_role: str or None
:param database_role: (Optional) user-assigned database_role for the session.
"""

_spanner_api = None
Expand All @@ -133,6 +137,7 @@ def __init__(
logger=None,
encryption_config=None,
database_dialect=DatabaseDialect.DATABASE_DIALECT_UNSPECIFIED,
database_role=None,
):
self.database_id = database_id
self._instance = instance
Expand All @@ -149,9 +154,10 @@ def __init__(
self._logger = logger
self._encryption_config = encryption_config
self._database_dialect = database_dialect
self._database_role = database_role

if pool is None:
pool = BurstyPool()
pool = BurstyPool(database_role=database_role)

self._pool = pool
pool.bind(self)
Expand Down Expand Up @@ -314,6 +320,14 @@ def database_dialect(self):
"""
return self._database_dialect

@property
def database_role(self):
"""User-assigned database_role for sessions created by the pool.
:rtype: str
:returns: a str with the name of the database role.
"""
return self._database_role

@property
def logger(self):
"""Logger used by the database.
Expand Down Expand Up @@ -584,16 +598,22 @@ def execute_pdml():

return _retry_on_aborted(execute_pdml, DEFAULT_RETRY_BACKOFF)()

def session(self, labels=None):
def session(self, labels=None, database_role=None):
"""Factory to create a session for this database.

:type labels: dict (str -> str) or None
:param labels: (Optional) user-assigned labels for the session.

:type database_role: str
:param database_role: (Optional) user-assigned database_role for the session.

:rtype: :class:`~google.cloud.spanner_v1.session.Session`
:returns: a session bound to this database.
"""
return Session(self, labels=labels)
# If role is specified in param, then that role is used
# instead.
role = database_role or self._database_role
return Session(self, labels=labels, database_role=role)

def snapshot(self, **kw):
"""Return an object which wraps a snapshot.
Expand Down Expand Up @@ -772,6 +792,29 @@ def list_database_operations(self, filter_="", page_size=None):
filter_=database_filter, page_size=page_size
)

def list_database_roles(self, page_size=None):
"""Lists Cloud Spanner database roles.

:type page_size: int
:param page_size:
Optional. The maximum number of database roles in each page of results
from this request. Non-positive values are ignored. Defaults to a
sensible value set by the API.

:type: Iterable
:returns:
Iterable of :class:`~google.cloud.spanner_admin_database_v1.types.spanner_database_admin.DatabaseRole`
resources within the current database.
"""
api = self._instance._client.database_admin_api
metadata = _metadata_with_prefix(self.name)

request = ListDatabaseRolesRequest(
parent=self.name,
page_size=page_size,
)
return api.list_database_roles(request=request, metadata=metadata)

def table(self, table_id):
"""Factory to create a table object within this database.

Expand Down Expand Up @@ -811,6 +854,54 @@ def list_tables(self):
for row in results:
yield self.table(row[0])

def get_iam_policy(self, policy_version=None):
"""Gets the access control policy for a database resource.

:type policy_version: int
:param policy_version:
(Optional) the maximum policy version that will be
used to format the policy. Valid values are 0, 1 ,3.

:rtype: :class:`~google.iam.v1.policy_pb2.Policy`
:returns:
returns an Identity and Access Management (IAM) policy. It is used to
specify access control policies for Cloud Platform
resources.
"""
api = self._instance._client.database_admin_api
metadata = _metadata_with_prefix(self.name)

request = iam_policy_pb2.GetIamPolicyRequest(
resource=self.name,
options=options_pb2.GetPolicyOptions(
requested_policy_version=policy_version
),
)
response = api.get_iam_policy(request=request, metadata=metadata)
return response

def set_iam_policy(self, policy):
"""Sets the access control policy on a database resource.
Replaces any existing policy.

:type policy: :class:`~google.iam.v1.policy_pb2.Policy`
:param policy_version:
the complete policy to be applied to the resource.

:rtype: :class:`~google.iam.v1.policy_pb2.Policy`
:returns:
returns the new Identity and Access Management (IAM) policy.
"""
api = self._instance._client.database_admin_api
metadata = _metadata_with_prefix(self.name)

request = iam_policy_pb2.SetIamPolicyRequest(
resource=self.name,
policy=policy,
)
response = api.set_iam_policy(request=request, metadata=metadata)
return response


class BatchCheckout(object):
"""Context manager for using a batch from a database.
Expand Down
2 changes: 2 additions & 0 deletions google/cloud/spanner_v1/instance.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -431,6 +431,7 @@ def database(
logger=None,
encryption_config=None,
database_dialect=DatabaseDialect.DATABASE_DIALECT_UNSPECIFIED,
database_role=None,
):
"""Factory to create a database within this instance.

Expand Down Expand Up @@ -477,6 +478,7 @@ def database(
logger=logger,
encryption_config=encryption_config,
database_dialect=database_dialect,
database_role=database_role,
)

def list_databases(self, page_size=None):
Expand Down
88 changes: 76 additions & 12 deletions google/cloud/spanner_v1/pool.py
View file
Open in desktop
Loading