我想检查运行的代码是否有权在特定项目中执行“ pubsub.topics.list”。 这段代码:
<table id="tblMain" cellspacing="1" class="table table-bordered table-hover dataTable" border="0" style="border-color:SaddleBrown;font-size:Small;">
<tr style="background-color:#3C8DBC;">
<td colspan="2"><select name="cmbWeeks" onchange="javascript:setTimeout('__doPostBack(\'cmbWeeks\',\'\')', 0)" id="cmbWeeks" class="form-control" style="font-family:Arial;font-size:9pt;">
<option value="12-May-2019">Week:-1 12-May-2019</option>
<option value="19-May-2019">Week:-2 19-May-2019</option>
<option value="26-May-2019">Week:-3 26-May-2019</option>
<option value="02-Jun-2019">Week:-4 02-Jun-2019</option>
<option selected="selected" value="">[Select Week]</option>
</select><br />
<select name="ddllocation" onchange="javascript:setTimeout('__doPostBack(\'ddllocation\',\'\')', 0)" id="ddllocation" class="form-control" style="font-family:Arial;font-size:9pt;">
<option selected="selected" value="GPC">GPC</option>
抛出public ActionResult Index()
{
ModulesViewModel mvm = new ModulesViewModel();
List<Modules> modules = new List<Modules>();
var userId = User.Identity.GetUserId();
var projects = _adsDbContext.Project.Where(x=>x.UserID == userId).ToList();
foreach (var pro in projects)
{
var productData = _adsDbContext.Product.Where(x => x.ProjectID == pro.ProjectID);
modules.AddRange(productData);
}
modules = modules.OrderBy(x => x.ProjectID).OrderBy(x=>x.ModuleNumber).ToList();
mvm.Modules = modules;
return View(mvm);
}
public class Project
{
public int ProjectID { get; set; }
public string Name { get; set; }
public virtual ICollection<ProductData> Products { get; set; }
public string UserID { get; set; }
public virtual ApplicationUser ApplicationUser { get; set; }
}
public class ProductData : Modules
{
public int ProductDataID { get; set; }
public float ConversionRate { get; set; }
public float Price { get; set; }
public float TotalSales { get; set; }
public float GrossSales { get; set; }
public float NetProfit { get; set; }
public float ProfitPerLead { get; set; }
}
public abstract class Modules
{
public int ProjectID { get; set; }
public virtual Project Project { get; set; }
}
当我将try (TopicAdminClient admin = getTopicAdmin()) {
List<String> existing = admin.testIamPermissions("projects/my-proj/topics/my-topic",
Collections.singletonList("pubsub.topics.list")).getPermissionsList();
}
替换为io.grpc.StatusRuntimeException: INVALID_ARGUMENT: Permission pubsub.topics.list is not valid for this resource.或"projects/my-proj/topics/my-topic"时
它抛出:"projects/my-proj/topics",从docs看来,唯一有效的资源名称是"projects/my-proj"
测试pubsub.topics.list权限的正确方法是什么?
答案 0 :(得分:1)
每https://cloud.google.com/pubsub/docs/access-control#tbl_perm,pubsub.topics.list是Cloud项目的权限。 Cloud Pub / Sub服务不管理对Cloud项目的权限。而是,资源管理器服务管理对云项目的权限。参见https://cloud.google.com/resource-manager/docs/access-control-proj和https://cloud.google.com/iam/docs/testing-permissions。