github.com/instill-ai/component@v0.16.0-beta/pkg/connector/googlecloudstorage/v0/upload.go (about) 1 package googlecloudstorage 2 3 import ( 4 "context" 5 "encoding/base64" 6 "io" 7 8 "cloud.google.com/go/iam" 9 "cloud.google.com/go/storage" 10 11 "github.com/instill-ai/component/pkg/base" 12 ) 13 14 func uploadToGCS(client *storage.Client, bucketName, objectName, data string) error { 15 wc := client.Bucket(bucketName).Object(objectName).NewWriter(context.Background()) 16 b, _ := base64.StdEncoding.DecodeString(base.TrimBase64Mime(data)) 17 if _, err := io.WriteString(wc, string(b)); err != nil { 18 return err 19 } 20 return wc.Close() 21 } 22 23 // Check if an object in GCS is public or not 24 // Refer to https://stackoverflow.com/questions/68722565/how-to-check-if-a-file-in-gcp-storage-is-public-or-not 25 func isObjectPublic(client *storage.Client, bucketName, objectName string) (bool, error) { 26 ctx := context.Background() 27 bucket := client.Bucket(bucketName) 28 attrs, err := bucket.Attrs(ctx) 29 if err != nil { 30 return false, err 31 } 32 33 public := false 34 // When uniform bucket-level access is enabled on a bucket, Access Control Lists (ACLs) are disabled, 35 // and only bucket-level Identity and Access Management (IAM) permissions grant access to that bucket and the objects it contains. 36 // You revoke all access granted by object ACLs and the ability to administrate permissions using bucket ACLs. 37 if attrs.UniformBucketLevelAccess.Enabled { 38 policy, err := bucket.IAM().Policy(ctx) 39 if err != nil { 40 return false, err 41 } 42 for _, r := range policy.Roles() { 43 for _, m := range policy.Members(r) { 44 if m == iam.AllUsers { 45 public = true 46 break 47 } 48 } 49 } 50 } else { 51 objAttrs, err := bucket.Object(objectName).Attrs(ctx) 52 if err != nil { 53 return false, err 54 } 55 for _, v := range objAttrs.ACL { 56 if v.Entity == storage.AllUsers { 57 public = true 58 break 59 } 60 } 61 } 62 return public, nil 63 }