▽

Source file src/google.golang.org/api/accesscontextmanager/v1/accesscontextmanager-gen.go

Documentation: google.golang.org/api/accesscontextmanager/v1

     1  // Copyright 2024 Google LLC.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // Code generated file. DO NOT EDIT.
     6  
     7  // Package accesscontextmanager provides access to the Access Context Manager API.
     8  //
     9  // For product documentation, see: https://cloud.google.com/access-context-manager/docs/reference/rest/
    10  //
    11  // # Library status
    12  //
    13  // These client libraries are officially supported by Google. However, this
    14  // library is considered complete and is in maintenance mode. This means
    15  // that we will address critical bugs and security issues but will not add
    16  // any new features.
    17  //
    18  // When possible, we recommend using our newer
    19  // [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go)
    20  // that are still actively being worked and iterated on.
    21  //
    22  // # Creating a client
    23  //
    24  // Usage example:
    25  //
    26  //	import "google.golang.org/api/accesscontextmanager/v1"
    27  //	...
    28  //	ctx := context.Background()
    29  //	accesscontextmanagerService, err := accesscontextmanager.NewService(ctx)
    30  //
    31  // In this example, Google Application Default Credentials are used for
    32  // authentication. For information on how to create and obtain Application
    33  // Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
    34  //
    35  // # Other authentication options
    36  //
    37  // To use an API key for authentication (note: some APIs do not support API
    38  // keys), use [google.golang.org/api/option.WithAPIKey]:
    39  //
    40  //	accesscontextmanagerService, err := accesscontextmanager.NewService(ctx, option.WithAPIKey("AIza..."))
    41  //
    42  // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth
    43  // flow, use [google.golang.org/api/option.WithTokenSource]:
    44  //
    45  //	config := &oauth2.Config{...}
    46  //	// ...
    47  //	token, err := config.Exchange(ctx, ...)
    48  //	accesscontextmanagerService, err := accesscontextmanager.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
    49  //
    50  // See [google.golang.org/api/option.ClientOption] for details on options.
    51  package accesscontextmanager // import "google.golang.org/api/accesscontextmanager/v1"
    52  
    53  import (
    54  	"bytes"
    55  	"context"
    56  	"encoding/json"
    57  	"errors"
    58  	"fmt"
    59  	"io"
    60  	"net/http"
    61  	"net/url"
    62  	"strconv"
    63  	"strings"
    64  
    65  	googleapi "google.golang.org/api/googleapi"
    66  	internal "google.golang.org/api/internal"
    67  	gensupport "google.golang.org/api/internal/gensupport"
    68  	option "google.golang.org/api/option"
    69  	internaloption "google.golang.org/api/option/internaloption"
    70  	htransport "google.golang.org/api/transport/http"
    71  )
    72  
    73  // Always reference these packages, just in case the auto-generated code
    74  // below doesn't.
    75  var _ = bytes.NewBuffer
    76  var _ = strconv.Itoa
    77  var _ = fmt.Sprintf
    78  var _ = json.NewDecoder
    79  var _ = io.Copy
    80  var _ = url.Parse
    81  var _ = gensupport.MarshalJSON
    82  var _ = googleapi.Version
    83  var _ = errors.New
    84  var _ = strings.Replace
    85  var _ = context.Canceled
    86  var _ = internaloption.WithDefaultEndpoint
    87  var _ = internal.Version
    88  
    89  const apiId = "accesscontextmanager:v1"
    90  const apiName = "accesscontextmanager"
    91  const apiVersion = "v1"
    92  const basePath = "https://accesscontextmanager.googleapis.com/"
    93  const basePathTemplate = "https://accesscontextmanager.UNIVERSE_DOMAIN/"
    94  const mtlsBasePath = "https://accesscontextmanager.mtls.googleapis.com/"
    95  
    96  // OAuth2 scopes used by this API.
    97  const (
    98  	// See, edit, configure, and delete your Google Cloud data and see the email
    99  	// address for your Google Account.
   100  	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
   101  )
   102  
   103  // NewService creates a new Service.
   104  func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
   105  	scopesOption := internaloption.WithDefaultScopes(
   106  		"https://www.googleapis.com/auth/cloud-platform",
   107  	)
   108  	// NOTE: prepend, so we don't override user-specified scopes.
   109  	opts = append([]option.ClientOption{scopesOption}, opts...)
   110  	opts = append(opts, internaloption.WithDefaultEndpoint(basePath))
   111  	opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate))
   112  	opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath))
   113  	opts = append(opts, internaloption.EnableNewAuthLibrary())
   114  	client, endpoint, err := htransport.NewClient(ctx, opts...)
   115  	if err != nil {
   116  		return nil, err
   117  	}
   118  	s, err := New(client)
   119  	if err != nil {
   120  		return nil, err
   121  	}
   122  	if endpoint != "" {
   123  		s.BasePath = endpoint
   124  	}
   125  	return s, nil
   126  }
   127  
   128  // New creates a new Service. It uses the provided http.Client for requests.
   129  //
   130  // Deprecated: please use NewService instead.
   131  // To provide a custom HTTP client, use option.WithHTTPClient.
   132  // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
   133  func New(client *http.Client) (*Service, error) {
   134  	if client == nil {
   135  		return nil, errors.New("client is nil")
   136  	}
   137  	s := &Service{client: client, BasePath: basePath}
   138  	s.AccessPolicies = NewAccessPoliciesService(s)
   139  	s.Operations = NewOperationsService(s)
   140  	s.Organizations = NewOrganizationsService(s)
   141  	s.Services = NewServicesService(s)
   142  	return s, nil
   143  }
   144  
   145  type Service struct {
   146  	client    *http.Client
   147  	BasePath  string // API endpoint base URL
   148  	UserAgent string // optional additional User-Agent fragment
   149  
   150  	AccessPolicies *AccessPoliciesService
   151  
   152  	Operations *OperationsService
   153  
   154  	Organizations *OrganizationsService
   155  
   156  	Services *ServicesService
   157  }
   158  
   159  func (s *Service) userAgent() string {
   160  	if s.UserAgent == "" {
   161  		return googleapi.UserAgent
   162  	}
   163  	return googleapi.UserAgent + " " + s.UserAgent
   164  }
   165  
   166  func NewAccessPoliciesService(s *Service) *AccessPoliciesService {
   167  	rs := &AccessPoliciesService{s: s}
   168  	rs.AccessLevels = NewAccessPoliciesAccessLevelsService(s)
   169  	rs.AuthorizedOrgsDescs = NewAccessPoliciesAuthorizedOrgsDescsService(s)
   170  	rs.ServicePerimeters = NewAccessPoliciesServicePerimetersService(s)
   171  	return rs
   172  }
   173  
   174  type AccessPoliciesService struct {
   175  	s *Service
   176  
   177  	AccessLevels *AccessPoliciesAccessLevelsService
   178  
   179  	AuthorizedOrgsDescs *AccessPoliciesAuthorizedOrgsDescsService
   180  
   181  	ServicePerimeters *AccessPoliciesServicePerimetersService
   182  }
   183  
   184  func NewAccessPoliciesAccessLevelsService(s *Service) *AccessPoliciesAccessLevelsService {
   185  	rs := &AccessPoliciesAccessLevelsService{s: s}
   186  	return rs
   187  }
   188  
   189  type AccessPoliciesAccessLevelsService struct {
   190  	s *Service
   191  }
   192  
   193  func NewAccessPoliciesAuthorizedOrgsDescsService(s *Service) *AccessPoliciesAuthorizedOrgsDescsService {
   194  	rs := &AccessPoliciesAuthorizedOrgsDescsService{s: s}
   195  	return rs
   196  }
   197  
   198  type AccessPoliciesAuthorizedOrgsDescsService struct {
   199  	s *Service
   200  }
   201  
   202  func NewAccessPoliciesServicePerimetersService(s *Service) *AccessPoliciesServicePerimetersService {
   203  	rs := &AccessPoliciesServicePerimetersService{s: s}
   204  	return rs
   205  }
   206  
   207  type AccessPoliciesServicePerimetersService struct {
   208  	s *Service
   209  }
   210  
   211  func NewOperationsService(s *Service) *OperationsService {
   212  	rs := &OperationsService{s: s}
   213  	return rs
   214  }
   215  
   216  type OperationsService struct {
   217  	s *Service
   218  }
   219  
   220  func NewOrganizationsService(s *Service) *OrganizationsService {
   221  	rs := &OrganizationsService{s: s}
   222  	rs.GcpUserAccessBindings = NewOrganizationsGcpUserAccessBindingsService(s)
   223  	return rs
   224  }
   225  
   226  type OrganizationsService struct {
   227  	s *Service
   228  
   229  	GcpUserAccessBindings *OrganizationsGcpUserAccessBindingsService
   230  }
   231  
   232  func NewOrganizationsGcpUserAccessBindingsService(s *Service) *OrganizationsGcpUserAccessBindingsService {
   233  	rs := &OrganizationsGcpUserAccessBindingsService{s: s}
   234  	return rs
   235  }
   236  
   237  type OrganizationsGcpUserAccessBindingsService struct {
   238  	s *Service
   239  }
   240  
   241  func NewServicesService(s *Service) *ServicesService {
   242  	rs := &ServicesService{s: s}
   243  	return rs
   244  }
   245  
   246  type ServicesService struct {
   247  	s *Service
   248  }
   249  
   250  // AccessContextManagerOperationMetadata: Metadata of Access Context Manager's
   251  // Long Running Operations.
   252  type AccessContextManagerOperationMetadata struct {
   253  }
   254  
   255  // AccessLevel: An `AccessLevel` is a label that can be applied to requests to
   256  // Google Cloud services, along with a list of requirements necessary for the
   257  // label to be applied.
   258  type AccessLevel struct {
   259  	// Basic: A `BasicLevel` composed of `Conditions`.
   260  	Basic *BasicLevel `json:"basic,omitempty"`
   261  	// Custom: A `CustomLevel` written in the Common Expression Language.
   262  	Custom *CustomLevel `json:"custom,omitempty"`
   263  	// Description: Description of the `AccessLevel` and its use. Does not affect
   264  	// behavior.
   265  	Description string `json:"description,omitempty"`
   266  	// Name: Resource name for the `AccessLevel`. Format:
   267  	// `accessPolicies/{access_policy}/accessLevels/{access_level}`. The
   268  	// `access_level` component must begin with a letter, followed by alphanumeric
   269  	// characters or `_`. Its maximum length is 50 characters. After you create an
   270  	// `AccessLevel`, you cannot change its `name`.
   271  	Name string `json:"name,omitempty"`
   272  	// Title: Human readable title. Must be unique within the Policy.
   273  	Title string `json:"title,omitempty"`
   274  
   275  	// ServerResponse contains the HTTP response code and headers from the server.
   276  	googleapi.ServerResponse `json:"-"`
   277  	// ForceSendFields is a list of field names (e.g. "Basic") to unconditionally
   278  	// include in API requests. By default, fields with empty or default values are
   279  	// omitted from API requests. See
   280  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   281  	// details.
   282  	ForceSendFields []string `json:"-"`
   283  	// NullFields is a list of field names (e.g. "Basic") to include in API
   284  	// requests with the JSON null value. By default, fields with empty values are
   285  	// omitted from API requests. See
   286  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   287  	NullFields []string `json:"-"`
   288  }
   289  
   290  func (s *AccessLevel) MarshalJSON() ([]byte, error) {
   291  	type NoMethod AccessLevel
   292  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   293  }
   294  
   295  // AccessPolicy: `AccessPolicy` is a container for `AccessLevels` (which define
   296  // the necessary attributes to use Google Cloud services) and
   297  // `ServicePerimeters` (which define regions of services able to freely pass
   298  // data within a perimeter). An access policy is globally visible within an
   299  // organization, and the restrictions it specifies apply to all projects within
   300  // an organization.
   301  type AccessPolicy struct {
   302  	// Etag: Output only. An opaque identifier for the current version of the
   303  	// `AccessPolicy`. This will always be a strongly validated etag, meaning that
   304  	// two Access Polices will be identical if and only if their etags are
   305  	// identical. Clients should not expect this to be in any specific format.
   306  	Etag string `json:"etag,omitempty"`
   307  	// Name: Output only. Resource name of the `AccessPolicy`. Format:
   308  	// `accessPolicies/{access_policy}`
   309  	Name string `json:"name,omitempty"`
   310  	// Parent: Required. The parent of this `AccessPolicy` in the Cloud Resource
   311  	// Hierarchy. Currently immutable once created. Format:
   312  	// `organizations/{organization_id}`
   313  	Parent string `json:"parent,omitempty"`
   314  	// Scopes: The scopes of the AccessPolicy. Scopes define which resources a
   315  	// policy can restrict and where its resources can be referenced. For example,
   316  	// policy A with `scopes=["folders/123"]` has the following behavior: -
   317  	// ServicePerimeter can only restrict projects within `folders/123`. -
   318  	// ServicePerimeter within policy A can only reference access levels defined
   319  	// within policy A. - Only one policy can include a given scope; thus,
   320  	// attempting to create a second policy which includes `folders/123` will
   321  	// result in an error. If no scopes are provided, then any resource within the
   322  	// organization can be restricted. Scopes cannot be modified after a policy is
   323  	// created. Policies can only have a single scope. Format: list of
   324  	// `folders/{folder_number}` or `projects/{project_number}`
   325  	Scopes []string `json:"scopes,omitempty"`
   326  	// Title: Required. Human readable title. Does not affect behavior.
   327  	Title string `json:"title,omitempty"`
   328  
   329  	// ServerResponse contains the HTTP response code and headers from the server.
   330  	googleapi.ServerResponse `json:"-"`
   331  	// ForceSendFields is a list of field names (e.g. "Etag") to unconditionally
   332  	// include in API requests. By default, fields with empty or default values are
   333  	// omitted from API requests. See
   334  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   335  	// details.
   336  	ForceSendFields []string `json:"-"`
   337  	// NullFields is a list of field names (e.g. "Etag") to include in API requests
   338  	// with the JSON null value. By default, fields with empty values are omitted
   339  	// from API requests. See
   340  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   341  	NullFields []string `json:"-"`
   342  }
   343  
   344  func (s *AccessPolicy) MarshalJSON() ([]byte, error) {
   345  	type NoMethod AccessPolicy
   346  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   347  }
   348  
   349  // ApiOperation: Identification for an API Operation.
   350  type ApiOperation struct {
   351  	// MethodSelectors: API methods or permissions to allow. Method or permission
   352  	// must belong to the service specified by `service_name` field. A single
   353  	// MethodSelector entry with `*` specified for the `method` field will allow
   354  	// all methods AND permissions for the service specified in `service_name`.
   355  	MethodSelectors []*MethodSelector `json:"methodSelectors,omitempty"`
   356  	// ServiceName: The name of the API whose methods or permissions the
   357  	// IngressPolicy or EgressPolicy want to allow. A single ApiOperation with
   358  	// `service_name` field set to `*` will allow all methods AND permissions for
   359  	// all services.
   360  	ServiceName string `json:"serviceName,omitempty"`
   361  	// ForceSendFields is a list of field names (e.g. "MethodSelectors") to
   362  	// unconditionally include in API requests. By default, fields with empty or
   363  	// default values are omitted from API requests. See
   364  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   365  	// details.
   366  	ForceSendFields []string `json:"-"`
   367  	// NullFields is a list of field names (e.g. "MethodSelectors") to include in
   368  	// API requests with the JSON null value. By default, fields with empty values
   369  	// are omitted from API requests. See
   370  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   371  	NullFields []string `json:"-"`
   372  }
   373  
   374  func (s *ApiOperation) MarshalJSON() ([]byte, error) {
   375  	type NoMethod ApiOperation
   376  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   377  }
   378  
   379  // Application: An application that accesses Google Cloud APIs.
   380  type Application struct {
   381  	// ClientId: The OAuth client ID of the application.
   382  	ClientId string `json:"clientId,omitempty"`
   383  	// Name: The name of the application. Example: "Cloud Console"
   384  	Name string `json:"name,omitempty"`
   385  	// ForceSendFields is a list of field names (e.g. "ClientId") to
   386  	// unconditionally include in API requests. By default, fields with empty or
   387  	// default values are omitted from API requests. See
   388  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   389  	// details.
   390  	ForceSendFields []string `json:"-"`
   391  	// NullFields is a list of field names (e.g. "ClientId") to include in API
   392  	// requests with the JSON null value. By default, fields with empty values are
   393  	// omitted from API requests. See
   394  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   395  	NullFields []string `json:"-"`
   396  }
   397  
   398  func (s *Application) MarshalJSON() ([]byte, error) {
   399  	type NoMethod Application
   400  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   401  }
   402  
   403  // AuditConfig: Specifies the audit configuration for a service. The
   404  // configuration determines which permission types are logged, and what
   405  // identities, if any, are exempted from logging. An AuditConfig must have one
   406  // or more AuditLogConfigs. If there are AuditConfigs for both `allServices`
   407  // and a specific service, the union of the two AuditConfigs is used for that
   408  // service: the log_types specified in each AuditConfig are enabled, and the
   409  // exempted_members in each AuditLogConfig are exempted. Example Policy with
   410  // multiple AuditConfigs: { "audit_configs": [ { "service": "allServices",
   411  // "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [
   412  // "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type":
   413  // "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com",
   414  // "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type":
   415  // "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For
   416  // sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
   417  // logging. It also exempts `jose@example.com` from DATA_READ logging, and
   418  // `aliya@example.com` from DATA_WRITE logging.
   419  type AuditConfig struct {
   420  	// AuditLogConfigs: The configuration for logging of each type of permission.
   421  	AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"`
   422  	// Service: Specifies a service that will be enabled for audit logging. For
   423  	// example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices`
   424  	// is a special value that covers all services.
   425  	Service string `json:"service,omitempty"`
   426  	// ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to
   427  	// unconditionally include in API requests. By default, fields with empty or
   428  	// default values are omitted from API requests. See
   429  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   430  	// details.
   431  	ForceSendFields []string `json:"-"`
   432  	// NullFields is a list of field names (e.g. "AuditLogConfigs") to include in
   433  	// API requests with the JSON null value. By default, fields with empty values
   434  	// are omitted from API requests. See
   435  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   436  	NullFields []string `json:"-"`
   437  }
   438  
   439  func (s *AuditConfig) MarshalJSON() ([]byte, error) {
   440  	type NoMethod AuditConfig
   441  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   442  }
   443  
   444  // AuditLogConfig: Provides the configuration for logging a type of
   445  // permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ",
   446  // "exempted_members": [ "user:jose@example.com" ] }, { "log_type":
   447  // "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while
   448  // exempting jose@example.com from DATA_READ logging.
   449  type AuditLogConfig struct {
   450  	// ExemptedMembers: Specifies the identities that do not cause logging for this
   451  	// type of permission. Follows the same format of Binding.members.
   452  	ExemptedMembers []string `json:"exemptedMembers,omitempty"`
   453  	// LogType: The log type that this config enables.
   454  	//
   455  	// Possible values:
   456  	//   "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this.
   457  	//   "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy
   458  	//   "DATA_WRITE" - Data writes. Example: CloudSQL Users create
   459  	//   "DATA_READ" - Data reads. Example: CloudSQL Users list
   460  	LogType string `json:"logType,omitempty"`
   461  	// ForceSendFields is a list of field names (e.g. "ExemptedMembers") to
   462  	// unconditionally include in API requests. By default, fields with empty or
   463  	// default values are omitted from API requests. See
   464  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   465  	// details.
   466  	ForceSendFields []string `json:"-"`
   467  	// NullFields is a list of field names (e.g. "ExemptedMembers") to include in
   468  	// API requests with the JSON null value. By default, fields with empty values
   469  	// are omitted from API requests. See
   470  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   471  	NullFields []string `json:"-"`
   472  }
   473  
   474  func (s *AuditLogConfig) MarshalJSON() ([]byte, error) {
   475  	type NoMethod AuditLogConfig
   476  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   477  }
   478  
   479  // AuthorizedOrgsDesc: `AuthorizedOrgsDesc` contains data for an organization's
   480  // authorization policy.
   481  type AuthorizedOrgsDesc struct {
   482  	// AssetType: The asset type of this authorized orgs desc. Valid values are
   483  	// `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.
   484  	//
   485  	// Possible values:
   486  	//   "ASSET_TYPE_UNSPECIFIED" - No asset type specified.
   487  	//   "ASSET_TYPE_DEVICE" - Device asset type.
   488  	//   "ASSET_TYPE_CREDENTIAL_STRENGTH" - Credential strength asset type.
   489  	AssetType string `json:"assetType,omitempty"`
   490  	// AuthorizationDirection: The direction of the authorization relationship
   491  	// between this organization and the organizations listed in the `orgs` field.
   492  	// The valid values for this field include the following:
   493  	// `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic
   494  	// in the organizations listed in the `orgs` field.
   495  	// `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs`
   496  	// field to evaluate the traffic in this organization. For the authorization
   497  	// relationship to take effect, all of the organizations must authorize and
   498  	// specify the appropriate relationship direction. For example, if organization
   499  	// A authorized organization B and C to evaluate its traffic, by specifying
   500  	// `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B
   501  	// and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization
   502  	// direction in their `AuthorizedOrgsDesc` resource.
   503  	//
   504  	// Possible values:
   505  	//   "AUTHORIZATION_DIRECTION_UNSPECIFIED" - No direction specified.
   506  	//   "AUTHORIZATION_DIRECTION_TO" - The specified organizations are authorized
   507  	// to evaluate traffic in this organization.
   508  	//   "AUTHORIZATION_DIRECTION_FROM" - The traffic of the specified
   509  	// organizations can be evaluated by this organization.
   510  	AuthorizationDirection string `json:"authorizationDirection,omitempty"`
   511  	// AuthorizationType: A granular control type for authorization levels. Valid
   512  	// value is `AUTHORIZATION_TYPE_TRUST`.
   513  	//
   514  	// Possible values:
   515  	//   "AUTHORIZATION_TYPE_UNSPECIFIED" - No authorization type specified.
   516  	//   "AUTHORIZATION_TYPE_TRUST" - This authorization relationship is "trust".
   517  	AuthorizationType string `json:"authorizationType,omitempty"`
   518  	// Name: Resource name for the `AuthorizedOrgsDesc`. Format:
   519  	// `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`.
   520  	// The `authorized_orgs_desc` component must begin with a letter, followed by
   521  	// alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`,
   522  	// you cannot change its `name`.
   523  	Name string `json:"name,omitempty"`
   524  	// Orgs: The list of organization ids in this AuthorizedOrgsDesc. Format:
   525  	// `organizations/` Example: `organizations/123456`
   526  	Orgs []string `json:"orgs,omitempty"`
   527  
   528  	// ServerResponse contains the HTTP response code and headers from the server.
   529  	googleapi.ServerResponse `json:"-"`
   530  	// ForceSendFields is a list of field names (e.g. "AssetType") to
   531  	// unconditionally include in API requests. By default, fields with empty or
   532  	// default values are omitted from API requests. See
   533  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   534  	// details.
   535  	ForceSendFields []string `json:"-"`
   536  	// NullFields is a list of field names (e.g. "AssetType") to include in API
   537  	// requests with the JSON null value. By default, fields with empty values are
   538  	// omitted from API requests. See
   539  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   540  	NullFields []string `json:"-"`
   541  }
   542  
   543  func (s *AuthorizedOrgsDesc) MarshalJSON() ([]byte, error) {
   544  	type NoMethod AuthorizedOrgsDesc
   545  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   546  }
   547  
   548  // BasicLevel: `BasicLevel` is an `AccessLevel` using a set of recommended
   549  // features.
   550  type BasicLevel struct {
   551  	// CombiningFunction: How the `conditions` list should be combined to determine
   552  	// if a request is granted this `AccessLevel`. If AND is used, each `Condition`
   553  	// in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR
   554  	// is used, at least one `Condition` in `conditions` must be satisfied for the
   555  	// `AccessLevel` to be applied. Default behavior is AND.
   556  	//
   557  	// Possible values:
   558  	//   "AND" - All `Conditions` must be true for the `BasicLevel` to be true.
   559  	//   "OR" - If at least one `Condition` is true, then the `BasicLevel` is true.
   560  	CombiningFunction string `json:"combiningFunction,omitempty"`
   561  	// Conditions: Required. A list of requirements for the `AccessLevel` to be
   562  	// granted.
   563  	Conditions []*Condition `json:"conditions,omitempty"`
   564  	// ForceSendFields is a list of field names (e.g. "CombiningFunction") to
   565  	// unconditionally include in API requests. By default, fields with empty or
   566  	// default values are omitted from API requests. See
   567  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   568  	// details.
   569  	ForceSendFields []string `json:"-"`
   570  	// NullFields is a list of field names (e.g. "CombiningFunction") to include in
   571  	// API requests with the JSON null value. By default, fields with empty values
   572  	// are omitted from API requests. See
   573  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   574  	NullFields []string `json:"-"`
   575  }
   576  
   577  func (s *BasicLevel) MarshalJSON() ([]byte, error) {
   578  	type NoMethod BasicLevel
   579  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   580  }
   581  
   582  // Binding: Associates `members`, or principals, with a `role`.
   583  type Binding struct {
   584  	// Condition: The condition that is associated with this binding. If the
   585  	// condition evaluates to `true`, then this binding applies to the current
   586  	// request. If the condition evaluates to `false`, then this binding does not
   587  	// apply to the current request. However, a different role binding might grant
   588  	// the same role to one or more of the principals in this binding. To learn
   589  	// which resources support conditions in their IAM policies, see the IAM
   590  	// documentation
   591  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
   592  	Condition *Expr `json:"condition,omitempty"`
   593  	// Members: Specifies the principals requesting access for a Google Cloud
   594  	// resource. `members` can have the following values: * `allUsers`: A special
   595  	// identifier that represents anyone who is on the internet; with or without a
   596  	// Google account. * `allAuthenticatedUsers`: A special identifier that
   597  	// represents anyone who is authenticated with a Google account or a service
   598  	// account. Does not include identities that come from external identity
   599  	// providers (IdPs) through identity federation. * `user:{emailid}`: An email
   600  	// address that represents a specific Google account. For example,
   601  	// `alice@example.com` . * `serviceAccount:{emailid}`: An email address that
   602  	// represents a Google service account. For example,
   603  	// `my-other-app@appspot.gserviceaccount.com`. *
   604  	// `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An
   605  	// identifier for a Kubernetes service account
   606  	// (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts).
   607  	// For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
   608  	// `group:{emailid}`: An email address that represents a Google group. For
   609  	// example, `admins@example.com`. * `domain:{domain}`: The G Suite domain
   610  	// (primary) that represents all the users of that domain. For example,
   611  	// `google.com` or `example.com`. *
   612  	// `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/sub
   613  	// ject/{subject_attribute_value}`: A single identity in a workforce identity
   614  	// pool. *
   615  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   616  	// group/{group_id}`: All workforce identities in a group. *
   617  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   618  	// attribute.{attribute_name}/{attribute_value}`: All workforce identities with
   619  	// a specific attribute value. *
   620  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   621  	// *`: All identities in a workforce identity pool. *
   622  	// `principal://iam.googleapis.com/projects/{project_number}/locations/global/wo
   623  	// rkloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
   624  	// identity in a workload identity pool. *
   625  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   626  	// /workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool
   627  	// group. *
   628  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   629  	// /workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}
   630  	// `: All identities in a workload identity pool with a certain attribute. *
   631  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   632  	// /workloadIdentityPools/{pool_id}/*`: All identities in a workload identity
   633  	// pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
   634  	// unique identifier) representing a user that has been recently deleted. For
   635  	// example, `alice@example.com?uid=123456789012345678901`. If the user is
   636  	// recovered, this value reverts to `user:{emailid}` and the recovered user
   637  	// retains the role in the binding. *
   638  	// `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
   639  	// unique identifier) representing a service account that has been recently
   640  	// deleted. For example,
   641  	// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the
   642  	// service account is undeleted, this value reverts to
   643  	// `serviceAccount:{emailid}` and the undeleted service account retains the
   644  	// role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email
   645  	// address (plus unique identifier) representing a Google group that has been
   646  	// recently deleted. For example,
   647  	// `admins@example.com?uid=123456789012345678901`. If the group is recovered,
   648  	// this value reverts to `group:{emailid}` and the recovered group retains the
   649  	// role in the binding. *
   650  	// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool
   651  	// _id}/subject/{subject_attribute_value}`: Deleted single identity in a
   652  	// workforce identity pool. For example,
   653  	// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-po
   654  	// ol-id/subject/my-subject-attribute-value`.
   655  	Members []string `json:"members,omitempty"`
   656  	// Role: Role that is assigned to the list of `members`, or principals. For
   657  	// example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview
   658  	// of the IAM roles and permissions, see the IAM documentation
   659  	// (https://cloud.google.com/iam/docs/roles-overview). For a list of the
   660  	// available pre-defined roles, see here
   661  	// (https://cloud.google.com/iam/docs/understanding-roles).
   662  	Role string `json:"role,omitempty"`
   663  	// ForceSendFields is a list of field names (e.g. "Condition") to
   664  	// unconditionally include in API requests. By default, fields with empty or
   665  	// default values are omitted from API requests. See
   666  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   667  	// details.
   668  	ForceSendFields []string `json:"-"`
   669  	// NullFields is a list of field names (e.g. "Condition") to include in API
   670  	// requests with the JSON null value. By default, fields with empty values are
   671  	// omitted from API requests. See
   672  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   673  	NullFields []string `json:"-"`
   674  }
   675  
   676  func (s *Binding) MarshalJSON() ([]byte, error) {
   677  	type NoMethod Binding
   678  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   679  }
   680  
   681  // CancelOperationRequest: The request message for Operations.CancelOperation.
   682  type CancelOperationRequest struct {
   683  }
   684  
   685  // CommitServicePerimetersRequest: A request to commit dry-run specs in all
   686  // Service Perimeters belonging to an Access Policy.
   687  type CommitServicePerimetersRequest struct {
   688  	// Etag: Optional. The etag for the version of the Access Policy that this
   689  	// commit operation is to be performed on. If, at the time of commit, the etag
   690  	// for the Access Policy stored in Access Context Manager is different from the
   691  	// specified etag, then the commit operation will not be performed and the call
   692  	// will fail. This field is not required. If etag is not provided, the
   693  	// operation will be performed as if a valid etag is provided.
   694  	Etag string `json:"etag,omitempty"`
   695  	// ForceSendFields is a list of field names (e.g. "Etag") to unconditionally
   696  	// include in API requests. By default, fields with empty or default values are
   697  	// omitted from API requests. See
   698  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   699  	// details.
   700  	ForceSendFields []string `json:"-"`
   701  	// NullFields is a list of field names (e.g. "Etag") to include in API requests
   702  	// with the JSON null value. By default, fields with empty values are omitted
   703  	// from API requests. See
   704  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   705  	NullFields []string `json:"-"`
   706  }
   707  
   708  func (s *CommitServicePerimetersRequest) MarshalJSON() ([]byte, error) {
   709  	type NoMethod CommitServicePerimetersRequest
   710  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   711  }
   712  
   713  // CommitServicePerimetersResponse: A response to
   714  // CommitServicePerimetersRequest. This will be put inside of
   715  // Operation.response field.
   716  type CommitServicePerimetersResponse struct {
   717  	// ServicePerimeters: List of all the Service Perimeter instances in the Access
   718  	// Policy.
   719  	ServicePerimeters []*ServicePerimeter `json:"servicePerimeters,omitempty"`
   720  	// ForceSendFields is a list of field names (e.g. "ServicePerimeters") to
   721  	// unconditionally include in API requests. By default, fields with empty or
   722  	// default values are omitted from API requests. See
   723  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   724  	// details.
   725  	ForceSendFields []string `json:"-"`
   726  	// NullFields is a list of field names (e.g. "ServicePerimeters") to include in
   727  	// API requests with the JSON null value. By default, fields with empty values
   728  	// are omitted from API requests. See
   729  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   730  	NullFields []string `json:"-"`
   731  }
   732  
   733  func (s *CommitServicePerimetersResponse) MarshalJSON() ([]byte, error) {
   734  	type NoMethod CommitServicePerimetersResponse
   735  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   736  }
   737  
   738  // Condition: A condition necessary for an `AccessLevel` to be granted. The
   739  // Condition is an AND over its fields. So a Condition is true if: 1) the
   740  // request IP is from one of the listed subnetworks AND 2) the originating
   741  // device complies with the listed device policy AND 3) all listed access
   742  // levels are granted AND 4) the request was sent at a time allowed by the
   743  // DateTimeRestriction.
   744  type Condition struct {
   745  	// DevicePolicy: Device specific restrictions, all restrictions must hold for
   746  	// the Condition to be true. If not specified, all devices are allowed.
   747  	DevicePolicy *DevicePolicy `json:"devicePolicy,omitempty"`
   748  	// IpSubnetworks: CIDR block IP subnetwork specification. May be IPv4 or IPv6.
   749  	// Note that for a CIDR IP address block, the specified IP address portion must
   750  	// be properly truncated (i.e. all the host bits must be zero) or the input is
   751  	// considered malformed. For example, "192.0.2.0/24" is accepted but
   752  	// "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted
   753  	// whereas "2001:db8::1/32" is not. The originating IP of a request must be in
   754  	// one of the listed subnets in order for this Condition to be true. If empty,
   755  	// all IP addresses are allowed.
   756  	IpSubnetworks []string `json:"ipSubnetworks,omitempty"`
   757  	// Members: The request must be made by one of the provided user or service
   758  	// accounts. Groups are not supported. Syntax: `user:{emailid}`
   759  	// `serviceAccount:{emailid}` If not specified, a request may come from any
   760  	// user.
   761  	Members []string `json:"members,omitempty"`
   762  	// Negate: Whether to negate the Condition. If true, the Condition becomes a
   763  	// NAND over its non-empty fields. Any non-empty field criteria evaluating to
   764  	// false will result in the Condition to be satisfied. Defaults to false.
   765  	Negate bool `json:"negate,omitempty"`
   766  	// Regions: The request must originate from one of the provided
   767  	// countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
   768  	Regions []string `json:"regions,omitempty"`
   769  	// RequiredAccessLevels: A list of other access levels defined in the same
   770  	// `Policy`, referenced by resource name. Referencing an `AccessLevel` which
   771  	// does not exist is an error. All access levels listed must be granted for the
   772  	// Condition to be true. Example:
   773  	// "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
   774  	RequiredAccessLevels []string `json:"requiredAccessLevels,omitempty"`
   775  	// VpcNetworkSources: The request must originate from one of the provided VPC
   776  	// networks in Google Cloud. Cannot specify this field together with
   777  	// `ip_subnetworks`.
   778  	VpcNetworkSources []*VpcNetworkSource `json:"vpcNetworkSources,omitempty"`
   779  	// ForceSendFields is a list of field names (e.g. "DevicePolicy") to
   780  	// unconditionally include in API requests. By default, fields with empty or
   781  	// default values are omitted from API requests. See
   782  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   783  	// details.
   784  	ForceSendFields []string `json:"-"`
   785  	// NullFields is a list of field names (e.g. "DevicePolicy") to include in API
   786  	// requests with the JSON null value. By default, fields with empty values are
   787  	// omitted from API requests. See
   788  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   789  	NullFields []string `json:"-"`
   790  }
   791  
   792  func (s *Condition) MarshalJSON() ([]byte, error) {
   793  	type NoMethod Condition
   794  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   795  }
   796  
   797  // CustomLevel: `CustomLevel` is an `AccessLevel` using the Cloud Common
   798  // Expression Language to represent the necessary conditions for the level to
   799  // apply to a request. See CEL spec at: https://github.com/google/cel-spec
   800  type CustomLevel struct {
   801  	// Expr: Required. A Cloud CEL expression evaluating to a boolean.
   802  	Expr *Expr `json:"expr,omitempty"`
   803  	// ForceSendFields is a list of field names (e.g. "Expr") to unconditionally
   804  	// include in API requests. By default, fields with empty or default values are
   805  	// omitted from API requests. See
   806  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   807  	// details.
   808  	ForceSendFields []string `json:"-"`
   809  	// NullFields is a list of field names (e.g. "Expr") to include in API requests
   810  	// with the JSON null value. By default, fields with empty values are omitted
   811  	// from API requests. See
   812  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   813  	NullFields []string `json:"-"`
   814  }
   815  
   816  func (s *CustomLevel) MarshalJSON() ([]byte, error) {
   817  	type NoMethod CustomLevel
   818  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   819  }
   820  
   821  // DevicePolicy: `DevicePolicy` specifies device specific restrictions
   822  // necessary to acquire a given access level. A `DevicePolicy` specifies
   823  // requirements for requests from devices to be granted access levels, it does
   824  // not do any enforcement on the device. `DevicePolicy` acts as an AND over all
   825  // specified fields, and each repeated field is an OR over its elements. Any
   826  // unset fields are ignored. For example, if the proto is { os_type :
   827  // DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED},
   828  // then the DevicePolicy will be true for requests originating from encrypted
   829  // Linux desktops and encrypted Windows desktops.
   830  type DevicePolicy struct {
   831  	// AllowedDeviceManagementLevels: Allowed device management levels, an empty
   832  	// list allows all management levels.
   833  	//
   834  	// Possible values:
   835  	//   "MANAGEMENT_UNSPECIFIED" - The device's management level is not specified
   836  	// or not known.
   837  	//   "NONE" - The device is not managed.
   838  	//   "BASIC" - Basic management is enabled, which is generally limited to
   839  	// monitoring and wiping the corporate account.
   840  	//   "COMPLETE" - Complete device management. This includes more thorough
   841  	// monitoring and the ability to directly manage the device (such as remote
   842  	// wiping). This can be enabled through the Android Enterprise Platform.
   843  	AllowedDeviceManagementLevels []string `json:"allowedDeviceManagementLevels,omitempty"`
   844  	// AllowedEncryptionStatuses: Allowed encryptions statuses, an empty list
   845  	// allows all statuses.
   846  	//
   847  	// Possible values:
   848  	//   "ENCRYPTION_UNSPECIFIED" - The encryption status of the device is not
   849  	// specified or not known.
   850  	//   "ENCRYPTION_UNSUPPORTED" - The device does not support encryption.
   851  	//   "UNENCRYPTED" - The device supports encryption, but is currently
   852  	// unencrypted.
   853  	//   "ENCRYPTED" - The device is encrypted.
   854  	AllowedEncryptionStatuses []string `json:"allowedEncryptionStatuses,omitempty"`
   855  	// OsConstraints: Allowed OS versions, an empty list allows all types and all
   856  	// versions.
   857  	OsConstraints []*OsConstraint `json:"osConstraints,omitempty"`
   858  	// RequireAdminApproval: Whether the device needs to be approved by the
   859  	// customer admin.
   860  	RequireAdminApproval bool `json:"requireAdminApproval,omitempty"`
   861  	// RequireCorpOwned: Whether the device needs to be corp owned.
   862  	RequireCorpOwned bool `json:"requireCorpOwned,omitempty"`
   863  	// RequireScreenlock: Whether or not screenlock is required for the
   864  	// DevicePolicy to be true. Defaults to `false`.
   865  	RequireScreenlock bool `json:"requireScreenlock,omitempty"`
   866  	// ForceSendFields is a list of field names (e.g.
   867  	// "AllowedDeviceManagementLevels") to unconditionally include in API requests.
   868  	// By default, fields with empty or default values are omitted from API
   869  	// requests. See https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields
   870  	// for more details.
   871  	ForceSendFields []string `json:"-"`
   872  	// NullFields is a list of field names (e.g. "AllowedDeviceManagementLevels")
   873  	// to include in API requests with the JSON null value. By default, fields with
   874  	// empty values are omitted from API requests. See
   875  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   876  	NullFields []string `json:"-"`
   877  }
   878  
   879  func (s *DevicePolicy) MarshalJSON() ([]byte, error) {
   880  	type NoMethod DevicePolicy
   881  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   882  }
   883  
   884  // EgressFrom: Defines the conditions under which an EgressPolicy matches a
   885  // request. Conditions based on information about the source of the request.
   886  // Note that if the destination of the request is also protected by a
   887  // ServicePerimeter, then that ServicePerimeter must have an IngressPolicy
   888  // which allows access in order for this request to succeed.
   889  type EgressFrom struct {
   890  	// Identities: A list of identities that are allowed access through
   891  	// [EgressPolicy]. Identities can be an individual user, service account,
   892  	// Google group, or third-party identity. The `v1` identities that have the
   893  	// prefix `user`, `group`, `serviceAccount`, `principal`, and `principalSet` in
   894  	// https://cloud.google.com/iam/docs/principal-identifiers#v1 are supported.
   895  	Identities []string `json:"identities,omitempty"`
   896  	// IdentityType: Specifies the type of identities that are allowed access to
   897  	// outside the perimeter. If left unspecified, then members of `identities`
   898  	// field will be allowed access.
   899  	//
   900  	// Possible values:
   901  	//   "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified.
   902  	//   "ANY_IDENTITY" - Authorize access from all identities outside the
   903  	// perimeter.
   904  	//   "ANY_USER_ACCOUNT" - Authorize access from all human users outside the
   905  	// perimeter.
   906  	//   "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts outside
   907  	// the perimeter.
   908  	IdentityType string `json:"identityType,omitempty"`
   909  	// SourceRestriction: Whether to enforce traffic restrictions based on
   910  	// `sources` field. If the `sources` fields is non-empty, then this field must
   911  	// be set to `SOURCE_RESTRICTION_ENABLED`.
   912  	//
   913  	// Possible values:
   914  	//   "SOURCE_RESTRICTION_UNSPECIFIED" - Enforcement preference unspecified,
   915  	// will not enforce traffic restrictions based on `sources` in EgressFrom.
   916  	//   "SOURCE_RESTRICTION_ENABLED" - Enforcement preference enabled, traffic
   917  	// restrictions will be enforced based on `sources` in EgressFrom.
   918  	//   "SOURCE_RESTRICTION_DISABLED" - Enforcement preference disabled, will not
   919  	// enforce traffic restrictions based on `sources` in EgressFrom.
   920  	SourceRestriction string `json:"sourceRestriction,omitempty"`
   921  	// Sources: Sources that this EgressPolicy authorizes access from. If this
   922  	// field is not empty, then `source_restriction` must be set to
   923  	// `SOURCE_RESTRICTION_ENABLED`.
   924  	Sources []*EgressSource `json:"sources,omitempty"`
   925  	// ForceSendFields is a list of field names (e.g. "Identities") to
   926  	// unconditionally include in API requests. By default, fields with empty or
   927  	// default values are omitted from API requests. See
   928  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   929  	// details.
   930  	ForceSendFields []string `json:"-"`
   931  	// NullFields is a list of field names (e.g. "Identities") to include in API
   932  	// requests with the JSON null value. By default, fields with empty values are
   933  	// omitted from API requests. See
   934  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   935  	NullFields []string `json:"-"`
   936  }
   937  
   938  func (s *EgressFrom) MarshalJSON() ([]byte, error) {
   939  	type NoMethod EgressFrom
   940  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   941  }
   942  
   943  // EgressPolicy: Policy for egress from perimeter. EgressPolicies match
   944  // requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy
   945  // to match, both `egress_from` and `egress_to` stanzas must be matched. If an
   946  // EgressPolicy matches a request, the request is allowed to span the
   947  // ServicePerimeter boundary. For example, an EgressPolicy can be used to allow
   948  // VMs on networks within the ServicePerimeter to access a defined set of
   949  // projects outside the perimeter in certain contexts (e.g. to read data from a
   950  // Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies
   951  // are concerned with the *resources* that a request relates as well as the API
   952  // services and API actions being used. They do not related to the direction of
   953  // data movement. More detailed documentation for this concept can be found in
   954  // the descriptions of EgressFrom and EgressTo.
   955  type EgressPolicy struct {
   956  	// EgressFrom: Defines conditions on the source of a request causing this
   957  	// EgressPolicy to apply.
   958  	EgressFrom *EgressFrom `json:"egressFrom,omitempty"`
   959  	// EgressTo: Defines the conditions on the ApiOperation and destination
   960  	// resources that cause this EgressPolicy to apply.
   961  	EgressTo *EgressTo `json:"egressTo,omitempty"`
   962  	// ForceSendFields is a list of field names (e.g. "EgressFrom") to
   963  	// unconditionally include in API requests. By default, fields with empty or
   964  	// default values are omitted from API requests. See
   965  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   966  	// details.
   967  	ForceSendFields []string `json:"-"`
   968  	// NullFields is a list of field names (e.g. "EgressFrom") to include in API
   969  	// requests with the JSON null value. By default, fields with empty values are
   970  	// omitted from API requests. See
   971  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   972  	NullFields []string `json:"-"`
   973  }
   974  
   975  func (s *EgressPolicy) MarshalJSON() ([]byte, error) {
   976  	type NoMethod EgressPolicy
   977  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   978  }
   979  
   980  // EgressSource: The source that EgressPolicy authorizes access from inside the
   981  // ServicePerimeter to somewhere outside the ServicePerimeter boundaries.
   982  type EgressSource struct {
   983  	// AccessLevel: An AccessLevel resource name that allows protected resources
   984  	// inside the ServicePerimeters to access outside the ServicePerimeter
   985  	// boundaries. AccessLevels listed must be in the same policy as this
   986  	// ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error.
   987  	// If an AccessLevel name is not specified, only resources within the perimeter
   988  	// can be accessed through Google Cloud calls with request origins within the
   989  	// perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a
   990  	// single `*` is specified for `access_level`, then all EgressSources will be
   991  	// allowed.
   992  	AccessLevel string `json:"accessLevel,omitempty"`
   993  	// ForceSendFields is a list of field names (e.g. "AccessLevel") to
   994  	// unconditionally include in API requests. By default, fields with empty or
   995  	// default values are omitted from API requests. See
   996  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   997  	// details.
   998  	ForceSendFields []string `json:"-"`
   999  	// NullFields is a list of field names (e.g. "AccessLevel") to include in API
  1000  	// requests with the JSON null value. By default, fields with empty values are
  1001  	// omitted from API requests. See
  1002  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1003  	NullFields []string `json:"-"`
  1004  }
  1005  
  1006  func (s *EgressSource) MarshalJSON() ([]byte, error) {
  1007  	type NoMethod EgressSource
  1008  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1009  }
  1010  
  1011  // EgressTo: Defines the conditions under which an EgressPolicy matches a
  1012  // request. Conditions are based on information about the ApiOperation intended
  1013  // to be performed on the `resources` specified. Note that if the destination
  1014  // of the request is also protected by a ServicePerimeter, then that
  1015  // ServicePerimeter must have an IngressPolicy which allows access in order for
  1016  // this request to succeed. The request must match `operations` AND `resources`
  1017  // fields in order to be allowed egress out of the perimeter.
  1018  type EgressTo struct {
  1019  	// ExternalResources: A list of external resources that are allowed to be
  1020  	// accessed. Only AWS and Azure resources are supported. For Amazon S3, the
  1021  	// supported formats are s3://BUCKET_NAME, s3a://BUCKET_NAME, and
  1022  	// s3n://BUCKET_NAME. For Azure Storage, the supported format is
  1023  	// azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if
  1024  	// it contains an external resource in this list (Example: s3://bucket/path).
  1025  	// Currently '*' is not allowed.
  1026  	ExternalResources []string `json:"externalResources,omitempty"`
  1027  	// Operations: A list of ApiOperations allowed to be performed by the sources
  1028  	// specified in the corresponding EgressFrom. A request matches if it uses an
  1029  	// operation/service in this list.
  1030  	Operations []*ApiOperation `json:"operations,omitempty"`
  1031  	// Resources: A list of resources, currently only projects in the form
  1032  	// `projects/`, that are allowed to be accessed by sources defined in the
  1033  	// corresponding EgressFrom. A request matches if it contains a resource in
  1034  	// this list. If `*` is specified for `resources`, then this EgressTo rule will
  1035  	// authorize access to all resources outside the perimeter.
  1036  	Resources []string `json:"resources,omitempty"`
  1037  	// ForceSendFields is a list of field names (e.g. "ExternalResources") to
  1038  	// unconditionally include in API requests. By default, fields with empty or
  1039  	// default values are omitted from API requests. See
  1040  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1041  	// details.
  1042  	ForceSendFields []string `json:"-"`
  1043  	// NullFields is a list of field names (e.g. "ExternalResources") to include in
  1044  	// API requests with the JSON null value. By default, fields with empty values
  1045  	// are omitted from API requests. See
  1046  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1047  	NullFields []string `json:"-"`
  1048  }
  1049  
  1050  func (s *EgressTo) MarshalJSON() ([]byte, error) {
  1051  	type NoMethod EgressTo
  1052  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1053  }
  1054  
  1055  // Empty: A generic empty message that you can re-use to avoid defining
  1056  // duplicated empty messages in your APIs. A typical example is to use it as
  1057  // the request or the response type of an API method. For instance: service Foo
  1058  // { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
  1059  type Empty struct {
  1060  	// ServerResponse contains the HTTP response code and headers from the server.
  1061  	googleapi.ServerResponse `json:"-"`
  1062  }
  1063  
  1064  // Expr: Represents a textual expression in the Common Expression Language
  1065  // (CEL) syntax. CEL is a C-like expression language. The syntax and semantics
  1066  // of CEL are documented at https://github.com/google/cel-spec. Example
  1067  // (Comparison): title: "Summary size limit" description: "Determines if a
  1068  // summary is less than 100 chars" expression: "document.summary.size() < 100"
  1069  // Example (Equality): title: "Requestor is owner" description: "Determines if
  1070  // requestor is the document owner" expression: "document.owner ==
  1071  // request.auth.claims.email" Example (Logic): title: "Public documents"
  1072  // description: "Determine whether the document should be publicly visible"
  1073  // expression: "document.type != 'private' && document.type != 'internal'"
  1074  // Example (Data Manipulation): title: "Notification string" description:
  1075  // "Create a notification string with a timestamp." expression: "'New message
  1076  // received at ' + string(document.create_time)" The exact variables and
  1077  // functions that may be referenced within an expression are determined by the
  1078  // service that evaluates it. See the service documentation for additional
  1079  // information.
  1080  type Expr struct {
  1081  	// Description: Optional. Description of the expression. This is a longer text
  1082  	// which describes the expression, e.g. when hovered over it in a UI.
  1083  	Description string `json:"description,omitempty"`
  1084  	// Expression: Textual representation of an expression in Common Expression
  1085  	// Language syntax.
  1086  	Expression string `json:"expression,omitempty"`
  1087  	// Location: Optional. String indicating the location of the expression for
  1088  	// error reporting, e.g. a file name and a position in the file.
  1089  	Location string `json:"location,omitempty"`
  1090  	// Title: Optional. Title for the expression, i.e. a short string describing
  1091  	// its purpose. This can be used e.g. in UIs which allow to enter the
  1092  	// expression.
  1093  	Title string `json:"title,omitempty"`
  1094  	// ForceSendFields is a list of field names (e.g. "Description") to
  1095  	// unconditionally include in API requests. By default, fields with empty or
  1096  	// default values are omitted from API requests. See
  1097  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1098  	// details.
  1099  	ForceSendFields []string `json:"-"`
  1100  	// NullFields is a list of field names (e.g. "Description") to include in API
  1101  	// requests with the JSON null value. By default, fields with empty values are
  1102  	// omitted from API requests. See
  1103  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1104  	NullFields []string `json:"-"`
  1105  }
  1106  
  1107  func (s *Expr) MarshalJSON() ([]byte, error) {
  1108  	type NoMethod Expr
  1109  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1110  }
  1111  
  1112  // GcpUserAccessBinding: Restricts access to Cloud Console and Google Cloud
  1113  // APIs for a set of users using Context-Aware Access.
  1114  type GcpUserAccessBinding struct {
  1115  	// AccessLevels: Optional. Access level that a user must have to be granted
  1116  	// access. Only one access level is supported, not multiple. This repeated
  1117  	// field must have exactly one element. Example:
  1118  	// "accessPolicies/9522/accessLevels/device_trusted"
  1119  	AccessLevels []string `json:"accessLevels,omitempty"`
  1120  	// DryRunAccessLevels: Optional. Dry run access level that will be evaluated
  1121  	// but will not be enforced. The access denial based on dry run policy will be
  1122  	// logged. Only one access level is supported, not multiple. This list must
  1123  	// have exactly one element. Example:
  1124  	// "accessPolicies/9522/accessLevels/device_trusted"
  1125  	DryRunAccessLevels []string `json:"dryRunAccessLevels,omitempty"`
  1126  	// GroupKey: Required. Immutable. Google Group id whose members are subject to
  1127  	// this binding's restrictions. See "id" in the [G Suite Directory API's Groups
  1128  	// resource]
  1129  	// (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource).
  1130  	// If a group's email address/alias is changed, this resource will continue to
  1131  	// point at the changed group. This field does not accept group email addresses
  1132  	// or aliases. Example: "01d520gv4vjcrht"
  1133  	GroupKey string `json:"groupKey,omitempty"`
  1134  	// Name: Immutable. Assigned by the server during creation. The last segment
  1135  	// has an arbitrary length and has only URI unreserved characters (as defined
  1136  	// by RFC 3986 Section 2.3 (https://tools.ietf.org/html/rfc3986#section-2.3)).
  1137  	// Should not be specified by the client during creation. Example:
  1138  	// "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
  1139  	Name string `json:"name,omitempty"`
  1140  	// RestrictedClientApplications: Optional. A list of applications that are
  1141  	// subject to this binding's restrictions. If the list is empty, the binding
  1142  	// restrictions will universally apply to all applications.
  1143  	RestrictedClientApplications []*Application `json:"restrictedClientApplications,omitempty"`
  1144  
  1145  	// ServerResponse contains the HTTP response code and headers from the server.
  1146  	googleapi.ServerResponse `json:"-"`
  1147  	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
  1148  	// unconditionally include in API requests. By default, fields with empty or
  1149  	// default values are omitted from API requests. See
  1150  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1151  	// details.
  1152  	ForceSendFields []string `json:"-"`
  1153  	// NullFields is a list of field names (e.g. "AccessLevels") to include in API
  1154  	// requests with the JSON null value. By default, fields with empty values are
  1155  	// omitted from API requests. See
  1156  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1157  	NullFields []string `json:"-"`
  1158  }
  1159  
  1160  func (s *GcpUserAccessBinding) MarshalJSON() ([]byte, error) {
  1161  	type NoMethod GcpUserAccessBinding
  1162  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1163  }
  1164  
  1165  // GcpUserAccessBindingOperationMetadata: Metadata of GCP Access Binding Long
  1166  // Running Operations.
  1167  type GcpUserAccessBindingOperationMetadata struct {
  1168  }
  1169  
  1170  // GetIamPolicyRequest: Request message for `GetIamPolicy` method.
  1171  type GetIamPolicyRequest struct {
  1172  	// Options: OPTIONAL: A `GetPolicyOptions` object for specifying options to
  1173  	// `GetIamPolicy`.
  1174  	Options *GetPolicyOptions `json:"options,omitempty"`
  1175  	// ForceSendFields is a list of field names (e.g. "Options") to unconditionally
  1176  	// include in API requests. By default, fields with empty or default values are
  1177  	// omitted from API requests. See
  1178  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1179  	// details.
  1180  	ForceSendFields []string `json:"-"`
  1181  	// NullFields is a list of field names (e.g. "Options") to include in API
  1182  	// requests with the JSON null value. By default, fields with empty values are
  1183  	// omitted from API requests. See
  1184  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1185  	NullFields []string `json:"-"`
  1186  }
  1187  
  1188  func (s *GetIamPolicyRequest) MarshalJSON() ([]byte, error) {
  1189  	type NoMethod GetIamPolicyRequest
  1190  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1191  }
  1192  
  1193  // GetPolicyOptions: Encapsulates settings provided to GetIamPolicy.
  1194  type GetPolicyOptions struct {
  1195  	// RequestedPolicyVersion: Optional. The maximum policy version that will be
  1196  	// used to format the policy. Valid values are 0, 1, and 3. Requests specifying
  1197  	// an invalid value will be rejected. Requests for policies with any
  1198  	// conditional role bindings must specify version 3. Policies with no
  1199  	// conditional role bindings may specify any valid value or leave the field
  1200  	// unset. The policy in the response might use the policy version that you
  1201  	// specified, or it might use a lower policy version. For example, if you
  1202  	// specify version 3, but the policy has no conditional role bindings, the
  1203  	// response uses version 1. To learn which resources support conditions in
  1204  	// their IAM policies, see the IAM documentation
  1205  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
  1206  	RequestedPolicyVersion int64 `json:"requestedPolicyVersion,omitempty"`
  1207  	// ForceSendFields is a list of field names (e.g. "RequestedPolicyVersion") to
  1208  	// unconditionally include in API requests. By default, fields with empty or
  1209  	// default values are omitted from API requests. See
  1210  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1211  	// details.
  1212  	ForceSendFields []string `json:"-"`
  1213  	// NullFields is a list of field names (e.g. "RequestedPolicyVersion") to
  1214  	// include in API requests with the JSON null value. By default, fields with
  1215  	// empty values are omitted from API requests. See
  1216  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1217  	NullFields []string `json:"-"`
  1218  }
  1219  
  1220  func (s *GetPolicyOptions) MarshalJSON() ([]byte, error) {
  1221  	type NoMethod GetPolicyOptions
  1222  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1223  }
  1224  
  1225  // IngressFrom: Defines the conditions under which an IngressPolicy matches a
  1226  // request. Conditions are based on information about the source of the
  1227  // request. The request must satisfy what is defined in `sources` AND identity
  1228  // related fields in order to match.
  1229  type IngressFrom struct {
  1230  	// Identities: A list of identities that are allowed access through
  1231  	// [IngressPolicy]. Identities can be an individual user, service account,
  1232  	// Google group, or third-party identity. The `v1` identities that have the
  1233  	// prefix `user`, `group`, `serviceAccount`, `principal`, and `principalSet` in
  1234  	// https://cloud.google.com/iam/docs/principal-identifiers#v1 are supported.
  1235  	Identities []string `json:"identities,omitempty"`
  1236  	// IdentityType: Specifies the type of identities that are allowed access from
  1237  	// outside the perimeter. If left unspecified, then members of `identities`
  1238  	// field will be allowed access.
  1239  	//
  1240  	// Possible values:
  1241  	//   "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified.
  1242  	//   "ANY_IDENTITY" - Authorize access from all identities outside the
  1243  	// perimeter.
  1244  	//   "ANY_USER_ACCOUNT" - Authorize access from all human users outside the
  1245  	// perimeter.
  1246  	//   "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts outside
  1247  	// the perimeter.
  1248  	IdentityType string `json:"identityType,omitempty"`
  1249  	// Sources: Sources that this IngressPolicy authorizes access from.
  1250  	Sources []*IngressSource `json:"sources,omitempty"`
  1251  	// ForceSendFields is a list of field names (e.g. "Identities") to
  1252  	// unconditionally include in API requests. By default, fields with empty or
  1253  	// default values are omitted from API requests. See
  1254  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1255  	// details.
  1256  	ForceSendFields []string `json:"-"`
  1257  	// NullFields is a list of field names (e.g. "Identities") to include in API
  1258  	// requests with the JSON null value. By default, fields with empty values are
  1259  	// omitted from API requests. See
  1260  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1261  	NullFields []string `json:"-"`
  1262  }
  1263  
  1264  func (s *IngressFrom) MarshalJSON() ([]byte, error) {
  1265  	type NoMethod IngressFrom
  1266  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1267  }
  1268  
  1269  // IngressPolicy: Policy for ingress into ServicePerimeter. IngressPolicies
  1270  // match requests based on `ingress_from` and `ingress_to` stanzas. For an
  1271  // ingress policy to match, both the `ingress_from` and `ingress_to` stanzas
  1272  // must be matched. If an IngressPolicy matches a request, the request is
  1273  // allowed through the perimeter boundary from outside the perimeter. For
  1274  // example, access from the internet can be allowed either based on an
  1275  // AccessLevel or, for traffic hosted on Google Cloud, the project of the
  1276  // source network. For access from private networks, using the project of the
  1277  // hosting network is required. Individual ingress policies can be limited by
  1278  // restricting which services and/or actions they match using the `ingress_to`
  1279  // field.
  1280  type IngressPolicy struct {
  1281  	// IngressFrom: Defines the conditions on the source of a request causing this
  1282  	// IngressPolicy to apply.
  1283  	IngressFrom *IngressFrom `json:"ingressFrom,omitempty"`
  1284  	// IngressTo: Defines the conditions on the ApiOperation and request
  1285  	// destination that cause this IngressPolicy to apply.
  1286  	IngressTo *IngressTo `json:"ingressTo,omitempty"`
  1287  	// ForceSendFields is a list of field names (e.g. "IngressFrom") to
  1288  	// unconditionally include in API requests. By default, fields with empty or
  1289  	// default values are omitted from API requests. See
  1290  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1291  	// details.
  1292  	ForceSendFields []string `json:"-"`
  1293  	// NullFields is a list of field names (e.g. "IngressFrom") to include in API
  1294  	// requests with the JSON null value. By default, fields with empty values are
  1295  	// omitted from API requests. See
  1296  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1297  	NullFields []string `json:"-"`
  1298  }
  1299  
  1300  func (s *IngressPolicy) MarshalJSON() ([]byte, error) {
  1301  	type NoMethod IngressPolicy
  1302  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1303  }
  1304  
  1305  // IngressSource: The source that IngressPolicy authorizes access from.
  1306  type IngressSource struct {
  1307  	// AccessLevel: An AccessLevel resource name that allow resources within the
  1308  	// ServicePerimeters to be accessed from the internet. AccessLevels listed must
  1309  	// be in the same policy as this ServicePerimeter. Referencing a nonexistent
  1310  	// AccessLevel will cause an error. If no AccessLevel names are listed,
  1311  	// resources within the perimeter can only be accessed via Google Cloud calls
  1312  	// with request origins within the perimeter. Example:
  1313  	// `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is
  1314  	// specified for `access_level`, then all IngressSources will be allowed.
  1315  	AccessLevel string `json:"accessLevel,omitempty"`
  1316  	// Resource: A Google Cloud resource that is allowed to ingress the perimeter.
  1317  	// Requests from these resources will be allowed to access perimeter data.
  1318  	// Currently only projects and VPCs are allowed. Project format:
  1319  	// `projects/{project_number}` VPC network format:
  1320  	// `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The
  1321  	// project may be in any Google Cloud organization, not just the organization
  1322  	// that the perimeter is defined in. `*` is not allowed, the case of allowing
  1323  	// all Google Cloud resources only is not supported.
  1324  	Resource string `json:"resource,omitempty"`
  1325  	// ForceSendFields is a list of field names (e.g. "AccessLevel") to
  1326  	// unconditionally include in API requests. By default, fields with empty or
  1327  	// default values are omitted from API requests. See
  1328  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1329  	// details.
  1330  	ForceSendFields []string `json:"-"`
  1331  	// NullFields is a list of field names (e.g. "AccessLevel") to include in API
  1332  	// requests with the JSON null value. By default, fields with empty values are
  1333  	// omitted from API requests. See
  1334  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1335  	NullFields []string `json:"-"`
  1336  }
  1337  
  1338  func (s *IngressSource) MarshalJSON() ([]byte, error) {
  1339  	type NoMethod IngressSource
  1340  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1341  }
  1342  
  1343  // IngressTo: Defines the conditions under which an IngressPolicy matches a
  1344  // request. Conditions are based on information about the ApiOperation intended
  1345  // to be performed on the target resource of the request. The request must
  1346  // satisfy what is defined in `operations` AND `resources` in order to match.
  1347  type IngressTo struct {
  1348  	// Operations: A list of ApiOperations allowed to be performed by the sources
  1349  	// specified in corresponding IngressFrom in this ServicePerimeter.
  1350  	Operations []*ApiOperation `json:"operations,omitempty"`
  1351  	// Resources: A list of resources, currently only projects in the form
  1352  	// `projects/`, protected by this ServicePerimeter that are allowed to be
  1353  	// accessed by sources defined in the corresponding IngressFrom. If a single
  1354  	// `*` is specified, then access to all resources inside the perimeter are
  1355  	// allowed.
  1356  	Resources []string `json:"resources,omitempty"`
  1357  	// ForceSendFields is a list of field names (e.g. "Operations") to
  1358  	// unconditionally include in API requests. By default, fields with empty or
  1359  	// default values are omitted from API requests. See
  1360  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1361  	// details.
  1362  	ForceSendFields []string `json:"-"`
  1363  	// NullFields is a list of field names (e.g. "Operations") to include in API
  1364  	// requests with the JSON null value. By default, fields with empty values are
  1365  	// omitted from API requests. See
  1366  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1367  	NullFields []string `json:"-"`
  1368  }
  1369  
  1370  func (s *IngressTo) MarshalJSON() ([]byte, error) {
  1371  	type NoMethod IngressTo
  1372  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1373  }
  1374  
  1375  // ListAccessLevelsResponse: A response to `ListAccessLevelsRequest`.
  1376  type ListAccessLevelsResponse struct {
  1377  	// AccessLevels: List of the Access Level instances.
  1378  	AccessLevels []*AccessLevel `json:"accessLevels,omitempty"`
  1379  	// NextPageToken: The pagination token to retrieve the next page of results. If
  1380  	// the value is empty, no further results remain.
  1381  	NextPageToken string `json:"nextPageToken,omitempty"`
  1382  
  1383  	// ServerResponse contains the HTTP response code and headers from the server.
  1384  	googleapi.ServerResponse `json:"-"`
  1385  	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
  1386  	// unconditionally include in API requests. By default, fields with empty or
  1387  	// default values are omitted from API requests. See
  1388  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1389  	// details.
  1390  	ForceSendFields []string `json:"-"`
  1391  	// NullFields is a list of field names (e.g. "AccessLevels") to include in API
  1392  	// requests with the JSON null value. By default, fields with empty values are
  1393  	// omitted from API requests. See
  1394  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1395  	NullFields []string `json:"-"`
  1396  }
  1397  
  1398  func (s *ListAccessLevelsResponse) MarshalJSON() ([]byte, error) {
  1399  	type NoMethod ListAccessLevelsResponse
  1400  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1401  }
  1402  
  1403  // ListAccessPoliciesResponse: A response to `ListAccessPoliciesRequest`.
  1404  type ListAccessPoliciesResponse struct {
  1405  	// AccessPolicies: List of the AccessPolicy instances.
  1406  	AccessPolicies []*AccessPolicy `json:"accessPolicies,omitempty"`
  1407  	// NextPageToken: The pagination token to retrieve the next page of results. If
  1408  	// the value is empty, no further results remain.
  1409  	NextPageToken string `json:"nextPageToken,omitempty"`
  1410  
  1411  	// ServerResponse contains the HTTP response code and headers from the server.
  1412  	googleapi.ServerResponse `json:"-"`
  1413  	// ForceSendFields is a list of field names (e.g. "AccessPolicies") to
  1414  	// unconditionally include in API requests. By default, fields with empty or
  1415  	// default values are omitted from API requests. See
  1416  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1417  	// details.
  1418  	ForceSendFields []string `json:"-"`
  1419  	// NullFields is a list of field names (e.g. "AccessPolicies") to include in
  1420  	// API requests with the JSON null value. By default, fields with empty values
  1421  	// are omitted from API requests. See
  1422  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1423  	NullFields []string `json:"-"`
  1424  }
  1425  
  1426  func (s *ListAccessPoliciesResponse) MarshalJSON() ([]byte, error) {
  1427  	type NoMethod ListAccessPoliciesResponse
  1428  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1429  }
  1430  
  1431  // ListAuthorizedOrgsDescsResponse: A response to
  1432  // `ListAuthorizedOrgsDescsRequest`.
  1433  type ListAuthorizedOrgsDescsResponse struct {
  1434  	// AuthorizedOrgsDescs: List of all the Authorized Orgs Desc instances.
  1435  	AuthorizedOrgsDescs []*AuthorizedOrgsDesc `json:"authorizedOrgsDescs,omitempty"`
  1436  	// NextPageToken: The pagination token to retrieve the next page of results. If
  1437  	// the value is empty, no further results remain.
  1438  	NextPageToken string `json:"nextPageToken,omitempty"`
  1439  
  1440  	// ServerResponse contains the HTTP response code and headers from the server.
  1441  	googleapi.ServerResponse `json:"-"`
  1442  	// ForceSendFields is a list of field names (e.g. "AuthorizedOrgsDescs") to
  1443  	// unconditionally include in API requests. By default, fields with empty or
  1444  	// default values are omitted from API requests. See
  1445  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1446  	// details.
  1447  	ForceSendFields []string `json:"-"`
  1448  	// NullFields is a list of field names (e.g. "AuthorizedOrgsDescs") to include
  1449  	// in API requests with the JSON null value. By default, fields with empty
  1450  	// values are omitted from API requests. See
  1451  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1452  	NullFields []string `json:"-"`
  1453  }
  1454  
  1455  func (s *ListAuthorizedOrgsDescsResponse) MarshalJSON() ([]byte, error) {
  1456  	type NoMethod ListAuthorizedOrgsDescsResponse
  1457  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1458  }
  1459  
  1460  // ListGcpUserAccessBindingsResponse: Response of ListGcpUserAccessBindings.
  1461  type ListGcpUserAccessBindingsResponse struct {
  1462  	// GcpUserAccessBindings: GcpUserAccessBinding
  1463  	GcpUserAccessBindings []*GcpUserAccessBinding `json:"gcpUserAccessBindings,omitempty"`
  1464  	// NextPageToken: Token to get the next page of items. If blank, there are no
  1465  	// more items.
  1466  	NextPageToken string `json:"nextPageToken,omitempty"`
  1467  
  1468  	// ServerResponse contains the HTTP response code and headers from the server.
  1469  	googleapi.ServerResponse `json:"-"`
  1470  	// ForceSendFields is a list of field names (e.g. "GcpUserAccessBindings") to
  1471  	// unconditionally include in API requests. By default, fields with empty or
  1472  	// default values are omitted from API requests. See
  1473  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1474  	// details.
  1475  	ForceSendFields []string `json:"-"`
  1476  	// NullFields is a list of field names (e.g. "GcpUserAccessBindings") to
  1477  	// include in API requests with the JSON null value. By default, fields with
  1478  	// empty values are omitted from API requests. See
  1479  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1480  	NullFields []string `json:"-"`
  1481  }
  1482  
  1483  func (s *ListGcpUserAccessBindingsResponse) MarshalJSON() ([]byte, error) {
  1484  	type NoMethod ListGcpUserAccessBindingsResponse
  1485  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1486  }
  1487  
  1488  // ListOperationsResponse: The response message for Operations.ListOperations.
  1489  type ListOperationsResponse struct {
  1490  	// NextPageToken: The standard List next-page token.
  1491  	NextPageToken string `json:"nextPageToken,omitempty"`
  1492  	// Operations: A list of operations that matches the specified filter in the
  1493  	// request.
  1494  	Operations []*Operation `json:"operations,omitempty"`
  1495  
  1496  	// ServerResponse contains the HTTP response code and headers from the server.
  1497  	googleapi.ServerResponse `json:"-"`
  1498  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1499  	// unconditionally include in API requests. By default, fields with empty or
  1500  	// default values are omitted from API requests. See
  1501  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1502  	// details.
  1503  	ForceSendFields []string `json:"-"`
  1504  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1505  	// requests with the JSON null value. By default, fields with empty values are
  1506  	// omitted from API requests. See
  1507  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1508  	NullFields []string `json:"-"`
  1509  }
  1510  
  1511  func (s *ListOperationsResponse) MarshalJSON() ([]byte, error) {
  1512  	type NoMethod ListOperationsResponse
  1513  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1514  }
  1515  
  1516  // ListServicePerimetersResponse: A response to `ListServicePerimetersRequest`.
  1517  type ListServicePerimetersResponse struct {
  1518  	// NextPageToken: The pagination token to retrieve the next page of results. If
  1519  	// the value is empty, no further results remain.
  1520  	NextPageToken string `json:"nextPageToken,omitempty"`
  1521  	// ServicePerimeters: List of the Service Perimeter instances.
  1522  	ServicePerimeters []*ServicePerimeter `json:"servicePerimeters,omitempty"`
  1523  
  1524  	// ServerResponse contains the HTTP response code and headers from the server.
  1525  	googleapi.ServerResponse `json:"-"`
  1526  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1527  	// unconditionally include in API requests. By default, fields with empty or
  1528  	// default values are omitted from API requests. See
  1529  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1530  	// details.
  1531  	ForceSendFields []string `json:"-"`
  1532  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1533  	// requests with the JSON null value. By default, fields with empty values are
  1534  	// omitted from API requests. See
  1535  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1536  	NullFields []string `json:"-"`
  1537  }
  1538  
  1539  func (s *ListServicePerimetersResponse) MarshalJSON() ([]byte, error) {
  1540  	type NoMethod ListServicePerimetersResponse
  1541  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1542  }
  1543  
  1544  // ListSupportedServicesResponse: A response to `ListSupportedServicesRequest`.
  1545  type ListSupportedServicesResponse struct {
  1546  	// NextPageToken: The pagination token to retrieve the next page of results. If
  1547  	// the value is empty, no further results remain.
  1548  	NextPageToken string `json:"nextPageToken,omitempty"`
  1549  	// SupportedServices: List of services supported by VPC Service Controls
  1550  	// instances.
  1551  	SupportedServices []*SupportedService `json:"supportedServices,omitempty"`
  1552  
  1553  	// ServerResponse contains the HTTP response code and headers from the server.
  1554  	googleapi.ServerResponse `json:"-"`
  1555  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1556  	// unconditionally include in API requests. By default, fields with empty or
  1557  	// default values are omitted from API requests. See
  1558  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1559  	// details.
  1560  	ForceSendFields []string `json:"-"`
  1561  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1562  	// requests with the JSON null value. By default, fields with empty values are
  1563  	// omitted from API requests. See
  1564  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1565  	NullFields []string `json:"-"`
  1566  }
  1567  
  1568  func (s *ListSupportedServicesResponse) MarshalJSON() ([]byte, error) {
  1569  	type NoMethod ListSupportedServicesResponse
  1570  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1571  }
  1572  
  1573  // MethodSelector: An allowed method or permission of a service specified in
  1574  // ApiOperation.
  1575  type MethodSelector struct {
  1576  	// Method: A valid method name for the corresponding `service_name` in
  1577  	// ApiOperation. If `*` is used as the value for the `method`, then ALL methods
  1578  	// and permissions are allowed.
  1579  	Method string `json:"method,omitempty"`
  1580  	// Permission: A valid Cloud IAM permission for the corresponding
  1581  	// `service_name` in ApiOperation.
  1582  	Permission string `json:"permission,omitempty"`
  1583  	// ForceSendFields is a list of field names (e.g. "Method") to unconditionally
  1584  	// include in API requests. By default, fields with empty or default values are
  1585  	// omitted from API requests. See
  1586  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1587  	// details.
  1588  	ForceSendFields []string `json:"-"`
  1589  	// NullFields is a list of field names (e.g. "Method") to include in API
  1590  	// requests with the JSON null value. By default, fields with empty values are
  1591  	// omitted from API requests. See
  1592  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1593  	NullFields []string `json:"-"`
  1594  }
  1595  
  1596  func (s *MethodSelector) MarshalJSON() ([]byte, error) {
  1597  	type NoMethod MethodSelector
  1598  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1599  }
  1600  
  1601  // Operation: This resource represents a long-running operation that is the
  1602  // result of a network API call.
  1603  type Operation struct {
  1604  	// Done: If the value is `false`, it means the operation is still in progress.
  1605  	// If `true`, the operation is completed, and either `error` or `response` is
  1606  	// available.
  1607  	Done bool `json:"done,omitempty"`
  1608  	// Error: The error result of the operation in case of failure or cancellation.
  1609  	Error *Status `json:"error,omitempty"`
  1610  	// Metadata: Service-specific metadata associated with the operation. It
  1611  	// typically contains progress information and common metadata such as create
  1612  	// time. Some services might not provide such metadata. Any method that returns
  1613  	// a long-running operation should document the metadata type, if any.
  1614  	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
  1615  	// Name: The server-assigned name, which is only unique within the same service
  1616  	// that originally returns it. If you use the default HTTP mapping, the `name`
  1617  	// should be a resource name ending with `operations/{unique_id}`.
  1618  	Name string `json:"name,omitempty"`
  1619  	// Response: The normal, successful response of the operation. If the original
  1620  	// method returns no data on success, such as `Delete`, the response is
  1621  	// `google.protobuf.Empty`. If the original method is standard
  1622  	// `Get`/`Create`/`Update`, the response should be the resource. For other
  1623  	// methods, the response should have the type `XxxResponse`, where `Xxx` is the
  1624  	// original method name. For example, if the original method name is
  1625  	// `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
  1626  	Response googleapi.RawMessage `json:"response,omitempty"`
  1627  
  1628  	// ServerResponse contains the HTTP response code and headers from the server.
  1629  	googleapi.ServerResponse `json:"-"`
  1630  	// ForceSendFields is a list of field names (e.g. "Done") to unconditionally
  1631  	// include in API requests. By default, fields with empty or default values are
  1632  	// omitted from API requests. See
  1633  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1634  	// details.
  1635  	ForceSendFields []string `json:"-"`
  1636  	// NullFields is a list of field names (e.g. "Done") to include in API requests
  1637  	// with the JSON null value. By default, fields with empty values are omitted
  1638  	// from API requests. See
  1639  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1640  	NullFields []string `json:"-"`
  1641  }
  1642  
  1643  func (s *Operation) MarshalJSON() ([]byte, error) {
  1644  	type NoMethod Operation
  1645  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1646  }
  1647  
  1648  // OsConstraint: A restriction on the OS type and version of devices making
  1649  // requests.
  1650  type OsConstraint struct {
  1651  	// MinimumVersion: The minimum allowed OS version. If not set, any version of
  1652  	// this OS satisfies the constraint. Format: "major.minor.patch". Examples:
  1653  	// "10.5.301", "9.2.1".
  1654  	MinimumVersion string `json:"minimumVersion,omitempty"`
  1655  	// OsType: Required. The allowed OS type.
  1656  	//
  1657  	// Possible values:
  1658  	//   "OS_UNSPECIFIED" - The operating system of the device is not specified or
  1659  	// not known.
  1660  	//   "DESKTOP_MAC" - A desktop Mac operating system.
  1661  	//   "DESKTOP_WINDOWS" - A desktop Windows operating system.
  1662  	//   "DESKTOP_LINUX" - A desktop Linux operating system.
  1663  	//   "DESKTOP_CHROME_OS" - A desktop ChromeOS operating system.
  1664  	//   "ANDROID" - An Android operating system.
  1665  	//   "IOS" - An iOS operating system.
  1666  	OsType string `json:"osType,omitempty"`
  1667  	// RequireVerifiedChromeOs: Only allows requests from devices with a verified
  1668  	// Chrome OS. Verifications includes requirements that the device is
  1669  	// enterprise-managed, conformant to domain policies, and the caller has
  1670  	// permission to call the API targeted by the request.
  1671  	RequireVerifiedChromeOs bool `json:"requireVerifiedChromeOs,omitempty"`
  1672  	// ForceSendFields is a list of field names (e.g. "MinimumVersion") to
  1673  	// unconditionally include in API requests. By default, fields with empty or
  1674  	// default values are omitted from API requests. See
  1675  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1676  	// details.
  1677  	ForceSendFields []string `json:"-"`
  1678  	// NullFields is a list of field names (e.g. "MinimumVersion") to include in
  1679  	// API requests with the JSON null value. By default, fields with empty values
  1680  	// are omitted from API requests. See
  1681  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1682  	NullFields []string `json:"-"`
  1683  }
  1684  
  1685  func (s *OsConstraint) MarshalJSON() ([]byte, error) {
  1686  	type NoMethod OsConstraint
  1687  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1688  }
  1689  
  1690  // Policy: An Identity and Access Management (IAM) policy, which specifies
  1691  // access controls for Google Cloud resources. A `Policy` is a collection of
  1692  // `bindings`. A `binding` binds one or more `members`, or principals, to a
  1693  // single `role`. Principals can be user accounts, service accounts, Google
  1694  // groups, and domains (such as G Suite). A `role` is a named list of
  1695  // permissions; each `role` can be an IAM predefined role or a user-created
  1696  // custom role. For some types of Google Cloud resources, a `binding` can also
  1697  // specify a `condition`, which is a logical expression that allows access to a
  1698  // resource only if the expression evaluates to `true`. A condition can add
  1699  // constraints based on attributes of the request, the resource, or both. To
  1700  // learn which resources support conditions in their IAM policies, see the IAM
  1701  // documentation
  1702  // (https://cloud.google.com/iam/help/conditions/resource-policies). **JSON
  1703  // example:** ``` { "bindings": [ { "role":
  1704  // "roles/resourcemanager.organizationAdmin", "members": [
  1705  // "user:mike@example.com", "group:admins@example.com", "domain:google.com",
  1706  // "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role":
  1707  // "roles/resourcemanager.organizationViewer", "members": [
  1708  // "user:eve@example.com" ], "condition": { "title": "expirable access",
  1709  // "description": "Does not grant access after Sep 2020", "expression":
  1710  // "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag":
  1711  // "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: -
  1712  // members: - user:mike@example.com - group:admins@example.com -
  1713  // domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
  1714  // role: roles/resourcemanager.organizationAdmin - members: -
  1715  // user:eve@example.com role: roles/resourcemanager.organizationViewer
  1716  // condition: title: expirable access description: Does not grant access after
  1717  // Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
  1718  // etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features,
  1719  // see the IAM documentation (https://cloud.google.com/iam/docs/).
  1720  type Policy struct {
  1721  	// AuditConfigs: Specifies cloud audit logging configuration for this policy.
  1722  	AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"`
  1723  	// Bindings: Associates a list of `members`, or principals, with a `role`.
  1724  	// Optionally, may specify a `condition` that determines how and when the
  1725  	// `bindings` are applied. Each of the `bindings` must contain at least one
  1726  	// principal. The `bindings` in a `Policy` can refer to up to 1,500 principals;
  1727  	// up to 250 of these principals can be Google groups. Each occurrence of a
  1728  	// principal counts towards these limits. For example, if the `bindings` grant
  1729  	// 50 different roles to `user:alice@example.com`, and not to any other
  1730  	// principal, then you can add another 1,450 principals to the `bindings` in
  1731  	// the `Policy`.
  1732  	Bindings []*Binding `json:"bindings,omitempty"`
  1733  	// Etag: `etag` is used for optimistic concurrency control as a way to help
  1734  	// prevent simultaneous updates of a policy from overwriting each other. It is
  1735  	// strongly suggested that systems make use of the `etag` in the
  1736  	// read-modify-write cycle to perform policy updates in order to avoid race
  1737  	// conditions: An `etag` is returned in the response to `getIamPolicy`, and
  1738  	// systems are expected to put that etag in the request to `setIamPolicy` to
  1739  	// ensure that their change will be applied to the same version of the policy.
  1740  	// **Important:** If you use IAM Conditions, you must include the `etag` field
  1741  	// whenever you call `setIamPolicy`. If you omit this field, then IAM allows
  1742  	// you to overwrite a version `3` policy with a version `1` policy, and all of
  1743  	// the conditions in the version `3` policy are lost.
  1744  	Etag string `json:"etag,omitempty"`
  1745  	// Version: Specifies the format of the policy. Valid values are `0`, `1`, and
  1746  	// `3`. Requests that specify an invalid value are rejected. Any operation that
  1747  	// affects conditional role bindings must specify version `3`. This requirement
  1748  	// applies to the following operations: * Getting a policy that includes a
  1749  	// conditional role binding * Adding a conditional role binding to a policy *
  1750  	// Changing a conditional role binding in a policy * Removing any role binding,
  1751  	// with or without a condition, from a policy that includes conditions
  1752  	// **Important:** If you use IAM Conditions, you must include the `etag` field
  1753  	// whenever you call `setIamPolicy`. If you omit this field, then IAM allows
  1754  	// you to overwrite a version `3` policy with a version `1` policy, and all of
  1755  	// the conditions in the version `3` policy are lost. If a policy does not
  1756  	// include any conditions, operations on that policy may specify any valid
  1757  	// version or leave the field unset. To learn which resources support
  1758  	// conditions in their IAM policies, see the IAM documentation
  1759  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
  1760  	Version int64 `json:"version,omitempty"`
  1761  
  1762  	// ServerResponse contains the HTTP response code and headers from the server.
  1763  	googleapi.ServerResponse `json:"-"`
  1764  	// ForceSendFields is a list of field names (e.g. "AuditConfigs") to
  1765  	// unconditionally include in API requests. By default, fields with empty or
  1766  	// default values are omitted from API requests. See
  1767  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1768  	// details.
  1769  	ForceSendFields []string `json:"-"`
  1770  	// NullFields is a list of field names (e.g. "AuditConfigs") to include in API
  1771  	// requests with the JSON null value. By default, fields with empty values are
  1772  	// omitted from API requests. See
  1773  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1774  	NullFields []string `json:"-"`
  1775  }
  1776  
  1777  func (s *Policy) MarshalJSON() ([]byte, error) {
  1778  	type NoMethod Policy
  1779  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1780  }
  1781  
  1782  // ReplaceAccessLevelsRequest: A request to replace all existing Access Levels
  1783  // in an Access Policy with the Access Levels provided. This is done
  1784  // atomically.
  1785  type ReplaceAccessLevelsRequest struct {
  1786  	// AccessLevels: Required. The desired Access Levels that should replace all
  1787  	// existing Access Levels in the Access Policy.
  1788  	AccessLevels []*AccessLevel `json:"accessLevels,omitempty"`
  1789  	// Etag: Optional. The etag for the version of the Access Policy that this
  1790  	// replace operation is to be performed on. If, at the time of replace, the
  1791  	// etag for the Access Policy stored in Access Context Manager is different
  1792  	// from the specified etag, then the replace operation will not be performed
  1793  	// and the call will fail. This field is not required. If etag is not provided,
  1794  	// the operation will be performed as if a valid etag is provided.
  1795  	Etag string `json:"etag,omitempty"`
  1796  	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
  1797  	// unconditionally include in API requests. By default, fields with empty or
  1798  	// default values are omitted from API requests. See
  1799  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1800  	// details.
  1801  	ForceSendFields []string `json:"-"`
  1802  	// NullFields is a list of field names (e.g. "AccessLevels") to include in API
  1803  	// requests with the JSON null value. By default, fields with empty values are
  1804  	// omitted from API requests. See
  1805  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1806  	NullFields []string `json:"-"`
  1807  }
  1808  
  1809  func (s *ReplaceAccessLevelsRequest) MarshalJSON() ([]byte, error) {
  1810  	type NoMethod ReplaceAccessLevelsRequest
  1811  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1812  }
  1813  
  1814  // ReplaceAccessLevelsResponse: A response to ReplaceAccessLevelsRequest. This
  1815  // will be put inside of Operation.response field.
  1816  type ReplaceAccessLevelsResponse struct {
  1817  	// AccessLevels: List of the Access Level instances.
  1818  	AccessLevels []*AccessLevel `json:"accessLevels,omitempty"`
  1819  	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
  1820  	// unconditionally include in API requests. By default, fields with empty or
  1821  	// default values are omitted from API requests. See
  1822  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1823  	// details.
  1824  	ForceSendFields []string `json:"-"`
  1825  	// NullFields is a list of field names (e.g. "AccessLevels") to include in API
  1826  	// requests with the JSON null value. By default, fields with empty values are
  1827  	// omitted from API requests. See
  1828  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1829  	NullFields []string `json:"-"`
  1830  }
  1831  
  1832  func (s *ReplaceAccessLevelsResponse) MarshalJSON() ([]byte, error) {
  1833  	type NoMethod ReplaceAccessLevelsResponse
  1834  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1835  }
  1836  
  1837  // ReplaceServicePerimetersRequest: A request to replace all existing Service
  1838  // Perimeters in an Access Policy with the Service Perimeters provided. This is
  1839  // done atomically.
  1840  type ReplaceServicePerimetersRequest struct {
  1841  	// Etag: Optional. The etag for the version of the Access Policy that this
  1842  	// replace operation is to be performed on. If, at the time of replace, the
  1843  	// etag for the Access Policy stored in Access Context Manager is different
  1844  	// from the specified etag, then the replace operation will not be performed
  1845  	// and the call will fail. This field is not required. If etag is not provided,
  1846  	// the operation will be performed as if a valid etag is provided.
  1847  	Etag string `json:"etag,omitempty"`
  1848  	// ServicePerimeters: Required. The desired Service Perimeters that should
  1849  	// replace all existing Service Perimeters in the Access Policy.
  1850  	ServicePerimeters []*ServicePerimeter `json:"servicePerimeters,omitempty"`
  1851  	// ForceSendFields is a list of field names (e.g. "Etag") to unconditionally
  1852  	// include in API requests. By default, fields with empty or default values are
  1853  	// omitted from API requests. See
  1854  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1855  	// details.
  1856  	ForceSendFields []string `json:"-"`
  1857  	// NullFields is a list of field names (e.g. "Etag") to include in API requests
  1858  	// with the JSON null value. By default, fields with empty values are omitted
  1859  	// from API requests. See
  1860  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1861  	NullFields []string `json:"-"`
  1862  }
  1863  
  1864  func (s *ReplaceServicePerimetersRequest) MarshalJSON() ([]byte, error) {
  1865  	type NoMethod ReplaceServicePerimetersRequest
  1866  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1867  }
  1868  
  1869  // ReplaceServicePerimetersResponse: A response to
  1870  // ReplaceServicePerimetersRequest. This will be put inside of
  1871  // Operation.response field.
  1872  type ReplaceServicePerimetersResponse struct {
  1873  	// ServicePerimeters: List of the Service Perimeter instances.
  1874  	ServicePerimeters []*ServicePerimeter `json:"servicePerimeters,omitempty"`
  1875  	// ForceSendFields is a list of field names (e.g. "ServicePerimeters") to
  1876  	// unconditionally include in API requests. By default, fields with empty or
  1877  	// default values are omitted from API requests. See
  1878  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1879  	// details.
  1880  	ForceSendFields []string `json:"-"`
  1881  	// NullFields is a list of field names (e.g. "ServicePerimeters") to include in
  1882  	// API requests with the JSON null value. By default, fields with empty values
  1883  	// are omitted from API requests. See
  1884  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1885  	NullFields []string `json:"-"`
  1886  }
  1887  
  1888  func (s *ReplaceServicePerimetersResponse) MarshalJSON() ([]byte, error) {
  1889  	type NoMethod ReplaceServicePerimetersResponse
  1890  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1891  }
  1892  
  1893  // ServicePerimeter: `ServicePerimeter` describes a set of Google Cloud
  1894  // resources which can freely import and export data amongst themselves, but
  1895  // not export outside of the `ServicePerimeter`. If a request with a source
  1896  // within this `ServicePerimeter` has a target outside of the
  1897  // `ServicePerimeter`, the request will be blocked. Otherwise the request is
  1898  // allowed. There are two types of Service Perimeter - Regular and Bridge.
  1899  // Regular Service Perimeters cannot overlap, a single Google Cloud project or
  1900  // VPC network can only belong to a single regular Service Perimeter. Service
  1901  // Perimeter Bridges can contain only Google Cloud projects as members, a
  1902  // single Google Cloud project may belong to multiple Service Perimeter
  1903  // Bridges.
  1904  type ServicePerimeter struct {
  1905  	// Description: Description of the `ServicePerimeter` and its use. Does not
  1906  	// affect behavior.
  1907  	Description string `json:"description,omitempty"`
  1908  	// Name: Resource name for the `ServicePerimeter`. Format:
  1909  	// `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The
  1910  	// `service_perimeter` component must begin with a letter, followed by
  1911  	// alphanumeric characters or `_`. After you create a `ServicePerimeter`, you
  1912  	// cannot change its `name`.
  1913  	Name string `json:"name,omitempty"`
  1914  	// PerimeterType: Perimeter type indicator. A single project or VPC network is
  1915  	// allowed to be a member of single regular perimeter, but multiple service
  1916  	// perimeter bridges. A project cannot be a included in a perimeter bridge
  1917  	// without being included in regular perimeter. For perimeter bridges, the
  1918  	// restricted service list as well as access level lists must be empty.
  1919  	//
  1920  	// Possible values:
  1921  	//   "PERIMETER_TYPE_REGULAR" - Regular Perimeter. When no value is specified,
  1922  	// the perimeter uses this type.
  1923  	//   "PERIMETER_TYPE_BRIDGE" - Perimeter Bridge.
  1924  	PerimeterType string `json:"perimeterType,omitempty"`
  1925  	// Spec: Proposed (or dry run) ServicePerimeter configuration. This
  1926  	// configuration allows to specify and test ServicePerimeter configuration
  1927  	// without enforcing actual access restrictions. Only allowed to be set when
  1928  	// the "use_explicit_dry_run_spec" flag is set.
  1929  	Spec *ServicePerimeterConfig `json:"spec,omitempty"`
  1930  	// Status: Current ServicePerimeter configuration. Specifies sets of resources,
  1931  	// restricted services and access levels that determine perimeter content and
  1932  	// boundaries.
  1933  	Status *ServicePerimeterConfig `json:"status,omitempty"`
  1934  	// Title: Human readable title. Must be unique within the Policy.
  1935  	Title string `json:"title,omitempty"`
  1936  	// UseExplicitDryRunSpec: Use explicit dry run spec flag. Ordinarily, a dry-run
  1937  	// spec implicitly exists for all Service Perimeters, and that spec is
  1938  	// identical to the status for those Service Perimeters. When this flag is set,
  1939  	// it inhibits the generation of the implicit spec, thereby allowing the user
  1940  	// to explicitly provide a configuration ("spec") to use in a dry-run version
  1941  	// of the Service Perimeter. This allows the user to test changes to the
  1942  	// enforced config ("status") without actually enforcing them. This testing is
  1943  	// done through analyzing the differences between currently enforced and
  1944  	// suggested restrictions. use_explicit_dry_run_spec must bet set to True if
  1945  	// any of the fields in the spec are set to non-default values.
  1946  	UseExplicitDryRunSpec bool `json:"useExplicitDryRunSpec,omitempty"`
  1947  
  1948  	// ServerResponse contains the HTTP response code and headers from the server.
  1949  	googleapi.ServerResponse `json:"-"`
  1950  	// ForceSendFields is a list of field names (e.g. "Description") to
  1951  	// unconditionally include in API requests. By default, fields with empty or
  1952  	// default values are omitted from API requests. See
  1953  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1954  	// details.
  1955  	ForceSendFields []string `json:"-"`
  1956  	// NullFields is a list of field names (e.g. "Description") to include in API
  1957  	// requests with the JSON null value. By default, fields with empty values are
  1958  	// omitted from API requests. See
  1959  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1960  	NullFields []string `json:"-"`
  1961  }
  1962  
  1963  func (s *ServicePerimeter) MarshalJSON() ([]byte, error) {
  1964  	type NoMethod ServicePerimeter
  1965  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1966  }
  1967  
  1968  // ServicePerimeterConfig: `ServicePerimeterConfig` specifies a set of Google
  1969  // Cloud resources that describe specific Service Perimeter configuration.
  1970  type ServicePerimeterConfig struct {
  1971  	// AccessLevels: A list of `AccessLevel` resource names that allow resources
  1972  	// within the `ServicePerimeter` to be accessed from the internet.
  1973  	// `AccessLevels` listed must be in the same policy as this `ServicePerimeter`.
  1974  	// Referencing a nonexistent `AccessLevel` is a syntax error. If no
  1975  	// `AccessLevel` names are listed, resources within the perimeter can only be
  1976  	// accessed via Google Cloud calls with request origins within the perimeter.
  1977  	// Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service
  1978  	// Perimeter Bridge, must be empty.
  1979  	AccessLevels []string `json:"accessLevels,omitempty"`
  1980  	// EgressPolicies: List of EgressPolicies to apply to the perimeter. A
  1981  	// perimeter may have multiple EgressPolicies, each of which is evaluated
  1982  	// separately. Access is granted if any EgressPolicy grants it. Must be empty
  1983  	// for a perimeter bridge.
  1984  	EgressPolicies []*EgressPolicy `json:"egressPolicies,omitempty"`
  1985  	// IngressPolicies: List of IngressPolicies to apply to the perimeter. A
  1986  	// perimeter may have multiple IngressPolicies, each of which is evaluated
  1987  	// separately. Access is granted if any Ingress Policy grants it. Must be empty
  1988  	// for a perimeter bridge.
  1989  	IngressPolicies []*IngressPolicy `json:"ingressPolicies,omitempty"`
  1990  	// Resources: A list of Google Cloud resources that are inside of the service
  1991  	// perimeter. Currently only projects and VPCs are allowed. Project format:
  1992  	// `projects/{project_number}` VPC network format:
  1993  	// `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.
  1994  	Resources []string `json:"resources,omitempty"`
  1995  	// RestrictedServices: Google Cloud services that are subject to the Service
  1996  	// Perimeter restrictions. For example, if `storage.googleapis.com` is
  1997  	// specified, access to the storage buckets inside the perimeter must meet the
  1998  	// perimeter's access restrictions.
  1999  	RestrictedServices []string `json:"restrictedServices,omitempty"`
  2000  	// VpcAccessibleServices: Configuration for APIs allowed within Perimeter.
  2001  	VpcAccessibleServices *VpcAccessibleServices `json:"vpcAccessibleServices,omitempty"`
  2002  	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
  2003  	// unconditionally include in API requests. By default, fields with empty or
  2004  	// default values are omitted from API requests. See
  2005  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2006  	// details.
  2007  	ForceSendFields []string `json:"-"`
  2008  	// NullFields is a list of field names (e.g. "AccessLevels") to include in API
  2009  	// requests with the JSON null value. By default, fields with empty values are
  2010  	// omitted from API requests. See
  2011  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2012  	NullFields []string `json:"-"`
  2013  }
  2014  
  2015  func (s *ServicePerimeterConfig) MarshalJSON() ([]byte, error) {
  2016  	type NoMethod ServicePerimeterConfig
  2017  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2018  }
  2019  
  2020  // SetIamPolicyRequest: Request message for `SetIamPolicy` method.
  2021  type SetIamPolicyRequest struct {
  2022  	// Policy: REQUIRED: The complete policy to be applied to the `resource`. The
  2023  	// size of the policy is limited to a few 10s of KB. An empty policy is a valid
  2024  	// policy but certain Google Cloud services (such as Projects) might reject
  2025  	// them.
  2026  	Policy *Policy `json:"policy,omitempty"`
  2027  	// UpdateMask: OPTIONAL: A FieldMask specifying which fields of the policy to
  2028  	// modify. Only the fields in the mask will be modified. If no mask is
  2029  	// provided, the following default mask is used: `paths: "bindings, etag"
  2030  	UpdateMask string `json:"updateMask,omitempty"`
  2031  	// ForceSendFields is a list of field names (e.g. "Policy") to unconditionally
  2032  	// include in API requests. By default, fields with empty or default values are
  2033  	// omitted from API requests. See
  2034  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2035  	// details.
  2036  	ForceSendFields []string `json:"-"`
  2037  	// NullFields is a list of field names (e.g. "Policy") to include in API
  2038  	// requests with the JSON null value. By default, fields with empty values are
  2039  	// omitted from API requests. See
  2040  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2041  	NullFields []string `json:"-"`
  2042  }
  2043  
  2044  func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) {
  2045  	type NoMethod SetIamPolicyRequest
  2046  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2047  }
  2048  
  2049  // Status: The `Status` type defines a logical error model that is suitable for
  2050  // different programming environments, including REST APIs and RPC APIs. It is
  2051  // used by gRPC (https://github.com/grpc). Each `Status` message contains three
  2052  // pieces of data: error code, error message, and error details. You can find
  2053  // out more about this error model and how to work with it in the API Design
  2054  // Guide (https://cloud.google.com/apis/design/errors).
  2055  type Status struct {
  2056  	// Code: The status code, which should be an enum value of google.rpc.Code.
  2057  	Code int64 `json:"code,omitempty"`
  2058  	// Details: A list of messages that carry the error details. There is a common
  2059  	// set of message types for APIs to use.
  2060  	Details []googleapi.RawMessage `json:"details,omitempty"`
  2061  	// Message: A developer-facing error message, which should be in English. Any
  2062  	// user-facing error message should be localized and sent in the
  2063  	// google.rpc.Status.details field, or localized by the client.
  2064  	Message string `json:"message,omitempty"`
  2065  	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
  2066  	// include in API requests. By default, fields with empty or default values are
  2067  	// omitted from API requests. See
  2068  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2069  	// details.
  2070  	ForceSendFields []string `json:"-"`
  2071  	// NullFields is a list of field names (e.g. "Code") to include in API requests
  2072  	// with the JSON null value. By default, fields with empty values are omitted
  2073  	// from API requests. See
  2074  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2075  	NullFields []string `json:"-"`
  2076  }
  2077  
  2078  func (s *Status) MarshalJSON() ([]byte, error) {
  2079  	type NoMethod Status
  2080  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2081  }
  2082  
  2083  // SupportedService: `SupportedService` specifies the VPC Service Controls and
  2084  // its properties.
  2085  type SupportedService struct {
  2086  	// AvailableOnRestrictedVip: True if the service is available on the restricted
  2087  	// VIP. Services on the restricted VIP typically either support VPC Service
  2088  	// Controls or are core infrastructure services required for the functioning of
  2089  	// Google Cloud.
  2090  	AvailableOnRestrictedVip bool `json:"availableOnRestrictedVip,omitempty"`
  2091  	// KnownLimitations: True if the service is supported with some limitations.
  2092  	// Check documentation
  2093  	// (https://cloud.google.com/vpc-service-controls/docs/supported-products) for
  2094  	// details.
  2095  	KnownLimitations bool `json:"knownLimitations,omitempty"`
  2096  	// Name: The service name or address of the supported service, such as
  2097  	// `service.googleapis.com`.
  2098  	Name string `json:"name,omitempty"`
  2099  	// SupportStage: The support stage of the service.
  2100  	//
  2101  	// Possible values:
  2102  	//   "LAUNCH_STAGE_UNSPECIFIED" - Do not use this default value.
  2103  	//   "UNIMPLEMENTED" - The feature is not yet implemented. Users can not use
  2104  	// it.
  2105  	//   "PRELAUNCH" - Prelaunch features are hidden from users and are only
  2106  	// visible internally.
  2107  	//   "EARLY_ACCESS" - Early Access features are limited to a closed group of
  2108  	// testers. To use these features, you must sign up in advance and sign a
  2109  	// Trusted Tester agreement (which includes confidentiality provisions). These
  2110  	// features may be unstable, changed in backward-incompatible ways, and are not
  2111  	// guaranteed to be released.
  2112  	//   "ALPHA" - Alpha is a limited availability test for releases before they
  2113  	// are cleared for widespread use. By Alpha, all significant design issues are
  2114  	// resolved and we are in the process of verifying functionality. Alpha
  2115  	// customers need to apply for access, agree to applicable terms, and have
  2116  	// their projects allowlisted. Alpha releases don't have to be feature
  2117  	// complete, no SLAs are provided, and there are no technical support
  2118  	// obligations, but they will be far enough along that customers can actually
  2119  	// use them in test environments or for limited-use tests -- just like they
  2120  	// would in normal production cases.
  2121  	//   "BETA" - Beta is the point at which we are ready to open a release for any
  2122  	// customer to use. There are no SLA or technical support obligations in a Beta
  2123  	// release. Products will be complete from a feature perspective, but may have
  2124  	// some open outstanding issues. Beta releases are suitable for limited
  2125  	// production use cases.
  2126  	//   "GA" - GA features are open to all developers and are considered stable
  2127  	// and fully qualified for production use.
  2128  	//   "DEPRECATED" - Deprecated features are scheduled to be shut down and
  2129  	// removed. For more information, see the "Deprecation Policy" section of our
  2130  	// [Terms of Service](https://cloud.google.com/terms/) and the [Google Cloud
  2131  	// Platform Subject to the Deprecation
  2132  	// Policy](https://cloud.google.com/terms/deprecation) documentation.
  2133  	SupportStage string `json:"supportStage,omitempty"`
  2134  	// SupportedMethods: The list of the supported methods. This field exists only
  2135  	// in response to GetSupportedService
  2136  	SupportedMethods []*MethodSelector `json:"supportedMethods,omitempty"`
  2137  	// Title: The name of the supported product, such as 'Cloud Product API'.
  2138  	Title string `json:"title,omitempty"`
  2139  
  2140  	// ServerResponse contains the HTTP response code and headers from the server.
  2141  	googleapi.ServerResponse `json:"-"`
  2142  	// ForceSendFields is a list of field names (e.g. "AvailableOnRestrictedVip")
  2143  	// to unconditionally include in API requests. By default, fields with empty or
  2144  	// default values are omitted from API requests. See
  2145  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2146  	// details.
  2147  	ForceSendFields []string `json:"-"`
  2148  	// NullFields is a list of field names (e.g. "AvailableOnRestrictedVip") to
  2149  	// include in API requests with the JSON null value. By default, fields with
  2150  	// empty values are omitted from API requests. See
  2151  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2152  	NullFields []string `json:"-"`
  2153  }
  2154  
  2155  func (s *SupportedService) MarshalJSON() ([]byte, error) {
  2156  	type NoMethod SupportedService
  2157  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2158  }
  2159  
  2160  // TestIamPermissionsRequest: Request message for `TestIamPermissions` method.
  2161  type TestIamPermissionsRequest struct {
  2162  	// Permissions: The set of permissions to check for the `resource`. Permissions
  2163  	// with wildcards (such as `*` or `storage.*`) are not allowed. For more
  2164  	// information see IAM Overview
  2165  	// (https://cloud.google.com/iam/docs/overview#permissions).
  2166  	Permissions []string `json:"permissions,omitempty"`
  2167  	// ForceSendFields is a list of field names (e.g. "Permissions") to
  2168  	// unconditionally include in API requests. By default, fields with empty or
  2169  	// default values are omitted from API requests. See
  2170  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2171  	// details.
  2172  	ForceSendFields []string `json:"-"`
  2173  	// NullFields is a list of field names (e.g. "Permissions") to include in API
  2174  	// requests with the JSON null value. By default, fields with empty values are
  2175  	// omitted from API requests. See
  2176  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2177  	NullFields []string `json:"-"`
  2178  }
  2179  
  2180  func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) {
  2181  	type NoMethod TestIamPermissionsRequest
  2182  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2183  }
  2184  
  2185  // TestIamPermissionsResponse: Response message for `TestIamPermissions`
  2186  // method.
  2187  type TestIamPermissionsResponse struct {
  2188  	// Permissions: A subset of `TestPermissionsRequest.permissions` that the
  2189  	// caller is allowed.
  2190  	Permissions []string `json:"permissions,omitempty"`
  2191  
  2192  	// ServerResponse contains the HTTP response code and headers from the server.
  2193  	googleapi.ServerResponse `json:"-"`
  2194  	// ForceSendFields is a list of field names (e.g. "Permissions") to
  2195  	// unconditionally include in API requests. By default, fields with empty or
  2196  	// default values are omitted from API requests. See
  2197  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2198  	// details.
  2199  	ForceSendFields []string `json:"-"`
  2200  	// NullFields is a list of field names (e.g. "Permissions") to include in API
  2201  	// requests with the JSON null value. By default, fields with empty values are
  2202  	// omitted from API requests. See
  2203  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2204  	NullFields []string `json:"-"`
  2205  }
  2206  
  2207  func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) {
  2208  	type NoMethod TestIamPermissionsResponse
  2209  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2210  }
  2211  
  2212  // VpcAccessibleServices: Specifies how APIs are allowed to communicate within
  2213  // the Service Perimeter.
  2214  type VpcAccessibleServices struct {
  2215  	// AllowedServices: The list of APIs usable within the Service Perimeter. Must
  2216  	// be empty unless 'enable_restriction' is True. You can specify a list of
  2217  	// individual services, as well as include the 'RESTRICTED-SERVICES' value,
  2218  	// which automatically includes all of the services protected by the perimeter.
  2219  	AllowedServices []string `json:"allowedServices,omitempty"`
  2220  	// EnableRestriction: Whether to restrict API calls within the Service
  2221  	// Perimeter to the list of APIs specified in 'allowed_services'.
  2222  	EnableRestriction bool `json:"enableRestriction,omitempty"`
  2223  	// ForceSendFields is a list of field names (e.g. "AllowedServices") to
  2224  	// unconditionally include in API requests. By default, fields with empty or
  2225  	// default values are omitted from API requests. See
  2226  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2227  	// details.
  2228  	ForceSendFields []string `json:"-"`
  2229  	// NullFields is a list of field names (e.g. "AllowedServices") to include in
  2230  	// API requests with the JSON null value. By default, fields with empty values
  2231  	// are omitted from API requests. See
  2232  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2233  	NullFields []string `json:"-"`
  2234  }
  2235  
  2236  func (s *VpcAccessibleServices) MarshalJSON() ([]byte, error) {
  2237  	type NoMethod VpcAccessibleServices
  2238  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2239  }
  2240  
  2241  // VpcNetworkSource: The originating network source in Google Cloud.
  2242  type VpcNetworkSource struct {
  2243  	// VpcSubnetwork: Sub-segment ranges of a VPC network.
  2244  	VpcSubnetwork *VpcSubNetwork `json:"vpcSubnetwork,omitempty"`
  2245  	// ForceSendFields is a list of field names (e.g. "VpcSubnetwork") to
  2246  	// unconditionally include in API requests. By default, fields with empty or
  2247  	// default values are omitted from API requests. See
  2248  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2249  	// details.
  2250  	ForceSendFields []string `json:"-"`
  2251  	// NullFields is a list of field names (e.g. "VpcSubnetwork") to include in API
  2252  	// requests with the JSON null value. By default, fields with empty values are
  2253  	// omitted from API requests. See
  2254  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2255  	NullFields []string `json:"-"`
  2256  }
  2257  
  2258  func (s *VpcNetworkSource) MarshalJSON() ([]byte, error) {
  2259  	type NoMethod VpcNetworkSource
  2260  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2261  }
  2262  
  2263  // VpcSubNetwork: Sub-segment ranges inside of a VPC Network.
  2264  type VpcSubNetwork struct {
  2265  	// Network: Required. Network name. If the network is not part of the
  2266  	// organization, the `compute.network.get` permission must be granted to the
  2267  	// caller. Format:
  2268  	// `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME
  2269  	// }` Example:
  2270  	// `//compute.googleapis.com/projects/my-project/global/networks/network-1`
  2271  	Network string `json:"network,omitempty"`
  2272  	// VpcIpSubnetworks: CIDR block IP subnetwork specification. The IP address
  2273  	// must be an IPv4 address and can be a public or private IP address. Note that
  2274  	// for a CIDR IP address block, the specified IP address portion must be
  2275  	// properly truncated (i.e. all the host bits must be zero) or the input is
  2276  	// considered malformed. For example, "192.0.2.0/24" is accepted but
  2277  	// "192.0.2.1/24" is not. If empty, all IP addresses are allowed.
  2278  	VpcIpSubnetworks []string `json:"vpcIpSubnetworks,omitempty"`
  2279  	// ForceSendFields is a list of field names (e.g. "Network") to unconditionally
  2280  	// include in API requests. By default, fields with empty or default values are
  2281  	// omitted from API requests. See
  2282  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2283  	// details.
  2284  	ForceSendFields []string `json:"-"`
  2285  	// NullFields is a list of field names (e.g. "Network") to include in API
  2286  	// requests with the JSON null value. By default, fields with empty values are
  2287  	// omitted from API requests. See
  2288  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2289  	NullFields []string `json:"-"`
  2290  }
  2291  
  2292  func (s *VpcSubNetwork) MarshalJSON() ([]byte, error) {
  2293  	type NoMethod VpcSubNetwork
  2294  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2295  }
  2296  
  2297  type AccessPoliciesCreateCall struct {
  2298  	s            *Service
  2299  	accesspolicy *AccessPolicy
  2300  	urlParams_   gensupport.URLParams
  2301  	ctx_         context.Context
  2302  	header_      http.Header
  2303  }
  2304  
  2305  // Create: Creates an access policy. This method fails if the organization
  2306  // already has an access policy. The long-running operation has a successful
  2307  // status after the access policy propagates to long-lasting storage. Syntactic
  2308  // and basic semantic errors are returned in `metadata` as a BadRequest proto.
  2309  func (r *AccessPoliciesService) Create(accesspolicy *AccessPolicy) *AccessPoliciesCreateCall {
  2310  	c := &AccessPoliciesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2311  	c.accesspolicy = accesspolicy
  2312  	return c
  2313  }
  2314  
  2315  // Fields allows partial responses to be retrieved. See
  2316  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2317  // details.
  2318  func (c *AccessPoliciesCreateCall) Fields(s ...googleapi.Field) *AccessPoliciesCreateCall {
  2319  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2320  	return c
  2321  }
  2322  
  2323  // Context sets the context to be used in this call's Do method.
  2324  func (c *AccessPoliciesCreateCall) Context(ctx context.Context) *AccessPoliciesCreateCall {
  2325  	c.ctx_ = ctx
  2326  	return c
  2327  }
  2328  
  2329  // Header returns a http.Header that can be modified by the caller to add
  2330  // headers to the request.
  2331  func (c *AccessPoliciesCreateCall) Header() http.Header {
  2332  	if c.header_ == nil {
  2333  		c.header_ = make(http.Header)
  2334  	}
  2335  	return c.header_
  2336  }
  2337  
  2338  func (c *AccessPoliciesCreateCall) doRequest(alt string) (*http.Response, error) {
  2339  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  2340  	var body io.Reader = nil
  2341  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.accesspolicy)
  2342  	if err != nil {
  2343  		return nil, err
  2344  	}
  2345  	c.urlParams_.Set("alt", alt)
  2346  	c.urlParams_.Set("prettyPrint", "false")
  2347  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/accessPolicies")
  2348  	urls += "?" + c.urlParams_.Encode()
  2349  	req, err := http.NewRequest("POST", urls, body)
  2350  	if err != nil {
  2351  		return nil, err
  2352  	}
  2353  	req.Header = reqHeaders
  2354  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  2355  }
  2356  
  2357  // Do executes the "accesscontextmanager.accessPolicies.create" call.
  2358  // Any non-2xx status code is an error. Response headers are in either
  2359  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  2360  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  2361  // whether the returned error was because http.StatusNotModified was returned.
  2362  func (c *AccessPoliciesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  2363  	gensupport.SetOptions(c.urlParams_, opts...)
  2364  	res, err := c.doRequest("json")
  2365  	if res != nil && res.StatusCode == http.StatusNotModified {
  2366  		if res.Body != nil {
  2367  			res.Body.Close()
  2368  		}
  2369  		return nil, gensupport.WrapError(&googleapi.Error{
  2370  			Code:   res.StatusCode,
  2371  			Header: res.Header,
  2372  		})
  2373  	}
  2374  	if err != nil {
  2375  		return nil, err
  2376  	}
  2377  	defer googleapi.CloseBody(res)
  2378  	if err := googleapi.CheckResponse(res); err != nil {
  2379  		return nil, gensupport.WrapError(err)
  2380  	}
  2381  	ret := &Operation{
  2382  		ServerResponse: googleapi.ServerResponse{
  2383  			Header:         res.Header,
  2384  			HTTPStatusCode: res.StatusCode,
  2385  		},
  2386  	}
  2387  	target := &ret
  2388  	if err := gensupport.DecodeResponse(target, res); err != nil {
  2389  		return nil, err
  2390  	}
  2391  	return ret, nil
  2392  }
  2393  
  2394  type AccessPoliciesDeleteCall struct {
  2395  	s          *Service
  2396  	name       string
  2397  	urlParams_ gensupport.URLParams
  2398  	ctx_       context.Context
  2399  	header_    http.Header
  2400  }
  2401  
  2402  // Delete: Deletes an access policy based on the resource name. The
  2403  // long-running operation has a successful status after the access policy is
  2404  // removed from long-lasting storage.
  2405  //
  2406  //   - name: Resource name for the access policy to delete. Format
  2407  //     `accessPolicies/{policy_id}`.
  2408  func (r *AccessPoliciesService) Delete(name string) *AccessPoliciesDeleteCall {
  2409  	c := &AccessPoliciesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2410  	c.name = name
  2411  	return c
  2412  }
  2413  
  2414  // Fields allows partial responses to be retrieved. See
  2415  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2416  // details.
  2417  func (c *AccessPoliciesDeleteCall) Fields(s ...googleapi.Field) *AccessPoliciesDeleteCall {
  2418  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2419  	return c
  2420  }
  2421  
  2422  // Context sets the context to be used in this call's Do method.
  2423  func (c *AccessPoliciesDeleteCall) Context(ctx context.Context) *AccessPoliciesDeleteCall {
  2424  	c.ctx_ = ctx
  2425  	return c
  2426  }
  2427  
  2428  // Header returns a http.Header that can be modified by the caller to add
  2429  // headers to the request.
  2430  func (c *AccessPoliciesDeleteCall) Header() http.Header {
  2431  	if c.header_ == nil {
  2432  		c.header_ = make(http.Header)
  2433  	}
  2434  	return c.header_
  2435  }
  2436  
  2437  func (c *AccessPoliciesDeleteCall) doRequest(alt string) (*http.Response, error) {
  2438  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  2439  	var body io.Reader = nil
  2440  	c.urlParams_.Set("alt", alt)
  2441  	c.urlParams_.Set("prettyPrint", "false")
  2442  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  2443  	urls += "?" + c.urlParams_.Encode()
  2444  	req, err := http.NewRequest("DELETE", urls, body)
  2445  	if err != nil {
  2446  		return nil, err
  2447  	}
  2448  	req.Header = reqHeaders
  2449  	googleapi.Expand(req.URL, map[string]string{
  2450  		"name": c.name,
  2451  	})
  2452  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  2453  }
  2454  
  2455  // Do executes the "accesscontextmanager.accessPolicies.delete" call.
  2456  // Any non-2xx status code is an error. Response headers are in either
  2457  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  2458  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  2459  // whether the returned error was because http.StatusNotModified was returned.
  2460  func (c *AccessPoliciesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  2461  	gensupport.SetOptions(c.urlParams_, opts...)
  2462  	res, err := c.doRequest("json")
  2463  	if res != nil && res.StatusCode == http.StatusNotModified {
  2464  		if res.Body != nil {
  2465  			res.Body.Close()
  2466  		}
  2467  		return nil, gensupport.WrapError(&googleapi.Error{
  2468  			Code:   res.StatusCode,
  2469  			Header: res.Header,
  2470  		})
  2471  	}
  2472  	if err != nil {
  2473  		return nil, err
  2474  	}
  2475  	defer googleapi.CloseBody(res)
  2476  	if err := googleapi.CheckResponse(res); err != nil {
  2477  		return nil, gensupport.WrapError(err)
  2478  	}
  2479  	ret := &Operation{
  2480  		ServerResponse: googleapi.ServerResponse{
  2481  			Header:         res.Header,
  2482  			HTTPStatusCode: res.StatusCode,
  2483  		},
  2484  	}
  2485  	target := &ret
  2486  	if err := gensupport.DecodeResponse(target, res); err != nil {
  2487  		return nil, err
  2488  	}
  2489  	return ret, nil
  2490  }
  2491  
  2492  type AccessPoliciesGetCall struct {
  2493  	s            *Service
  2494  	name         string
  2495  	urlParams_   gensupport.URLParams
  2496  	ifNoneMatch_ string
  2497  	ctx_         context.Context
  2498  	header_      http.Header
  2499  }
  2500  
  2501  // Get: Returns an access policy based on the name.
  2502  //
  2503  //   - name: Resource name for the access policy to get. Format
  2504  //     `accessPolicies/{policy_id}`.
  2505  func (r *AccessPoliciesService) Get(name string) *AccessPoliciesGetCall {
  2506  	c := &AccessPoliciesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2507  	c.name = name
  2508  	return c
  2509  }
  2510  
  2511  // Fields allows partial responses to be retrieved. See
  2512  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2513  // details.
  2514  func (c *AccessPoliciesGetCall) Fields(s ...googleapi.Field) *AccessPoliciesGetCall {
  2515  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2516  	return c
  2517  }
  2518  
  2519  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  2520  // object's ETag matches the given value. This is useful for getting updates
  2521  // only after the object has changed since the last request.
  2522  func (c *AccessPoliciesGetCall) IfNoneMatch(entityTag string) *AccessPoliciesGetCall {
  2523  	c.ifNoneMatch_ = entityTag
  2524  	return c
  2525  }
  2526  
  2527  // Context sets the context to be used in this call's Do method.
  2528  func (c *AccessPoliciesGetCall) Context(ctx context.Context) *AccessPoliciesGetCall {
  2529  	c.ctx_ = ctx
  2530  	return c
  2531  }
  2532  
  2533  // Header returns a http.Header that can be modified by the caller to add
  2534  // headers to the request.
  2535  func (c *AccessPoliciesGetCall) Header() http.Header {
  2536  	if c.header_ == nil {
  2537  		c.header_ = make(http.Header)
  2538  	}
  2539  	return c.header_
  2540  }
  2541  
  2542  func (c *AccessPoliciesGetCall) doRequest(alt string) (*http.Response, error) {
  2543  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  2544  	if c.ifNoneMatch_ != "" {
  2545  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  2546  	}
  2547  	var body io.Reader = nil
  2548  	c.urlParams_.Set("alt", alt)
  2549  	c.urlParams_.Set("prettyPrint", "false")
  2550  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  2551  	urls += "?" + c.urlParams_.Encode()
  2552  	req, err := http.NewRequest("GET", urls, body)
  2553  	if err != nil {
  2554  		return nil, err
  2555  	}
  2556  	req.Header = reqHeaders
  2557  	googleapi.Expand(req.URL, map[string]string{
  2558  		"name": c.name,
  2559  	})
  2560  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  2561  }
  2562  
  2563  // Do executes the "accesscontextmanager.accessPolicies.get" call.
  2564  // Any non-2xx status code is an error. Response headers are in either
  2565  // *AccessPolicy.ServerResponse.Header or (if a response was returned at all)
  2566  // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  2567  // whether the returned error was because http.StatusNotModified was returned.
  2568  func (c *AccessPoliciesGetCall) Do(opts ...googleapi.CallOption) (*AccessPolicy, error) {
  2569  	gensupport.SetOptions(c.urlParams_, opts...)
  2570  	res, err := c.doRequest("json")
  2571  	if res != nil && res.StatusCode == http.StatusNotModified {
  2572  		if res.Body != nil {
  2573  			res.Body.Close()
  2574  		}
  2575  		return nil, gensupport.WrapError(&googleapi.Error{
  2576  			Code:   res.StatusCode,
  2577  			Header: res.Header,
  2578  		})
  2579  	}
  2580  	if err != nil {
  2581  		return nil, err
  2582  	}
  2583  	defer googleapi.CloseBody(res)
  2584  	if err := googleapi.CheckResponse(res); err != nil {
  2585  		return nil, gensupport.WrapError(err)
  2586  	}
  2587  	ret := &AccessPolicy{
  2588  		ServerResponse: googleapi.ServerResponse{
  2589  			Header:         res.Header,
  2590  			HTTPStatusCode: res.StatusCode,
  2591  		},
  2592  	}
  2593  	target := &ret
  2594  	if err := gensupport.DecodeResponse(target, res); err != nil {
  2595  		return nil, err
  2596  	}
  2597  	return ret, nil
  2598  }
  2599  
  2600  type AccessPoliciesGetIamPolicyCall struct {
  2601  	s                   *Service
  2602  	resource            string
  2603  	getiampolicyrequest *GetIamPolicyRequest
  2604  	urlParams_          gensupport.URLParams
  2605  	ctx_                context.Context
  2606  	header_             http.Header
  2607  }
  2608  
  2609  // GetIamPolicy: Gets the IAM policy for the specified Access Context Manager
  2610  // access policy.
  2611  //
  2612  //   - resource: REQUIRED: The resource for which the policy is being requested.
  2613  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  2614  //     for the appropriate value for this field.
  2615  func (r *AccessPoliciesService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *AccessPoliciesGetIamPolicyCall {
  2616  	c := &AccessPoliciesGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2617  	c.resource = resource
  2618  	c.getiampolicyrequest = getiampolicyrequest
  2619  	return c
  2620  }
  2621  
  2622  // Fields allows partial responses to be retrieved. See
  2623  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2624  // details.
  2625  func (c *AccessPoliciesGetIamPolicyCall) Fields(s ...googleapi.Field) *AccessPoliciesGetIamPolicyCall {
  2626  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2627  	return c
  2628  }
  2629  
  2630  // Context sets the context to be used in this call's Do method.
  2631  func (c *AccessPoliciesGetIamPolicyCall) Context(ctx context.Context) *AccessPoliciesGetIamPolicyCall {
  2632  	c.ctx_ = ctx
  2633  	return c
  2634  }
  2635  
  2636  // Header returns a http.Header that can be modified by the caller to add
  2637  // headers to the request.
  2638  func (c *AccessPoliciesGetIamPolicyCall) Header() http.Header {
  2639  	if c.header_ == nil {
  2640  		c.header_ = make(http.Header)
  2641  	}
  2642  	return c.header_
  2643  }
  2644  
  2645  func (c *AccessPoliciesGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  2646  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  2647  	var body io.Reader = nil
  2648  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest)
  2649  	if err != nil {
  2650  		return nil, err
  2651  	}
  2652  	c.urlParams_.Set("alt", alt)
  2653  	c.urlParams_.Set("prettyPrint", "false")
  2654  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy")
  2655  	urls += "?" + c.urlParams_.Encode()
  2656  	req, err := http.NewRequest("POST", urls, body)
  2657  	if err != nil {
  2658  		return nil, err
  2659  	}
  2660  	req.Header = reqHeaders
  2661  	googleapi.Expand(req.URL, map[string]string{
  2662  		"resource": c.resource,
  2663  	})
  2664  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  2665  }
  2666  
  2667  // Do executes the "accesscontextmanager.accessPolicies.getIamPolicy" call.
  2668  // Any non-2xx status code is an error. Response headers are in either
  2669  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  2670  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  2671  // whether the returned error was because http.StatusNotModified was returned.
  2672  func (c *AccessPoliciesGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  2673  	gensupport.SetOptions(c.urlParams_, opts...)
  2674  	res, err := c.doRequest("json")
  2675  	if res != nil && res.StatusCode == http.StatusNotModified {
  2676  		if res.Body != nil {
  2677  			res.Body.Close()
  2678  		}
  2679  		return nil, gensupport.WrapError(&googleapi.Error{
  2680  			Code:   res.StatusCode,
  2681  			Header: res.Header,
  2682  		})
  2683  	}
  2684  	if err != nil {
  2685  		return nil, err
  2686  	}
  2687  	defer googleapi.CloseBody(res)
  2688  	if err := googleapi.CheckResponse(res); err != nil {
  2689  		return nil, gensupport.WrapError(err)
  2690  	}
  2691  	ret := &Policy{
  2692  		ServerResponse: googleapi.ServerResponse{
  2693  			Header:         res.Header,
  2694  			HTTPStatusCode: res.StatusCode,
  2695  		},
  2696  	}
  2697  	target := &ret
  2698  	if err := gensupport.DecodeResponse(target, res); err != nil {
  2699  		return nil, err
  2700  	}
  2701  	return ret, nil
  2702  }
  2703  
  2704  type AccessPoliciesListCall struct {
  2705  	s            *Service
  2706  	urlParams_   gensupport.URLParams
  2707  	ifNoneMatch_ string
  2708  	ctx_         context.Context
  2709  	header_      http.Header
  2710  }
  2711  
  2712  // List: Lists all access policies in an organization.
  2713  func (r *AccessPoliciesService) List() *AccessPoliciesListCall {
  2714  	c := &AccessPoliciesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2715  	return c
  2716  }
  2717  
  2718  // PageSize sets the optional parameter "pageSize": Number of AccessPolicy
  2719  // instances to include in the list. Default 100.
  2720  func (c *AccessPoliciesListCall) PageSize(pageSize int64) *AccessPoliciesListCall {
  2721  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  2722  	return c
  2723  }
  2724  
  2725  // PageToken sets the optional parameter "pageToken": Next page token for the
  2726  // next batch of AccessPolicy instances. Defaults to the first page of results.
  2727  func (c *AccessPoliciesListCall) PageToken(pageToken string) *AccessPoliciesListCall {
  2728  	c.urlParams_.Set("pageToken", pageToken)
  2729  	return c
  2730  }
  2731  
  2732  // Parent sets the optional parameter "parent": Required. Resource name for the
  2733  // container to list AccessPolicy instances from. Format:
  2734  // `organizations/{org_id}`
  2735  func (c *AccessPoliciesListCall) Parent(parent string) *AccessPoliciesListCall {
  2736  	c.urlParams_.Set("parent", parent)
  2737  	return c
  2738  }
  2739  
  2740  // Fields allows partial responses to be retrieved. See
  2741  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2742  // details.
  2743  func (c *AccessPoliciesListCall) Fields(s ...googleapi.Field) *AccessPoliciesListCall {
  2744  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2745  	return c
  2746  }
  2747  
  2748  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  2749  // object's ETag matches the given value. This is useful for getting updates
  2750  // only after the object has changed since the last request.
  2751  func (c *AccessPoliciesListCall) IfNoneMatch(entityTag string) *AccessPoliciesListCall {
  2752  	c.ifNoneMatch_ = entityTag
  2753  	return c
  2754  }
  2755  
  2756  // Context sets the context to be used in this call's Do method.
  2757  func (c *AccessPoliciesListCall) Context(ctx context.Context) *AccessPoliciesListCall {
  2758  	c.ctx_ = ctx
  2759  	return c
  2760  }
  2761  
  2762  // Header returns a http.Header that can be modified by the caller to add
  2763  // headers to the request.
  2764  func (c *AccessPoliciesListCall) Header() http.Header {
  2765  	if c.header_ == nil {
  2766  		c.header_ = make(http.Header)
  2767  	}
  2768  	return c.header_
  2769  }
  2770  
  2771  func (c *AccessPoliciesListCall) doRequest(alt string) (*http.Response, error) {
  2772  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  2773  	if c.ifNoneMatch_ != "" {
  2774  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  2775  	}
  2776  	var body io.Reader = nil
  2777  	c.urlParams_.Set("alt", alt)
  2778  	c.urlParams_.Set("prettyPrint", "false")
  2779  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/accessPolicies")
  2780  	urls += "?" + c.urlParams_.Encode()
  2781  	req, err := http.NewRequest("GET", urls, body)
  2782  	if err != nil {
  2783  		return nil, err
  2784  	}
  2785  	req.Header = reqHeaders
  2786  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  2787  }
  2788  
  2789  // Do executes the "accesscontextmanager.accessPolicies.list" call.
  2790  // Any non-2xx status code is an error. Response headers are in either
  2791  // *ListAccessPoliciesResponse.ServerResponse.Header or (if a response was
  2792  // returned at all) in error.(*googleapi.Error).Header. Use
  2793  // googleapi.IsNotModified to check whether the returned error was because
  2794  // http.StatusNotModified was returned.
  2795  func (c *AccessPoliciesListCall) Do(opts ...googleapi.CallOption) (*ListAccessPoliciesResponse, error) {
  2796  	gensupport.SetOptions(c.urlParams_, opts...)
  2797  	res, err := c.doRequest("json")
  2798  	if res != nil && res.StatusCode == http.StatusNotModified {
  2799  		if res.Body != nil {
  2800  			res.Body.Close()
  2801  		}
  2802  		return nil, gensupport.WrapError(&googleapi.Error{
  2803  			Code:   res.StatusCode,
  2804  			Header: res.Header,
  2805  		})
  2806  	}
  2807  	if err != nil {
  2808  		return nil, err
  2809  	}
  2810  	defer googleapi.CloseBody(res)
  2811  	if err := googleapi.CheckResponse(res); err != nil {
  2812  		return nil, gensupport.WrapError(err)
  2813  	}
  2814  	ret := &ListAccessPoliciesResponse{
  2815  		ServerResponse: googleapi.ServerResponse{
  2816  			Header:         res.Header,
  2817  			HTTPStatusCode: res.StatusCode,
  2818  		},
  2819  	}
  2820  	target := &ret
  2821  	if err := gensupport.DecodeResponse(target, res); err != nil {
  2822  		return nil, err
  2823  	}
  2824  	return ret, nil
  2825  }
  2826  
  2827  // Pages invokes f for each page of results.
  2828  // A non-nil error returned from f will halt the iteration.
  2829  // The provided context supersedes any context provided to the Context method.
  2830  func (c *AccessPoliciesListCall) Pages(ctx context.Context, f func(*ListAccessPoliciesResponse) error) error {
  2831  	c.ctx_ = ctx
  2832  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  2833  	for {
  2834  		x, err := c.Do()
  2835  		if err != nil {
  2836  			return err
  2837  		}
  2838  		if err := f(x); err != nil {
  2839  			return err
  2840  		}
  2841  		if x.NextPageToken == "" {
  2842  			return nil
  2843  		}
  2844  		c.PageToken(x.NextPageToken)
  2845  	}
  2846  }
  2847  
  2848  type AccessPoliciesPatchCall struct {
  2849  	s            *Service
  2850  	name         string
  2851  	accesspolicy *AccessPolicy
  2852  	urlParams_   gensupport.URLParams
  2853  	ctx_         context.Context
  2854  	header_      http.Header
  2855  }
  2856  
  2857  // Patch: Updates an access policy. The long-running operation from this RPC
  2858  // has a successful status after the changes to the access policy propagate to
  2859  // long-lasting storage.
  2860  //
  2861  //   - name: Output only. Resource name of the `AccessPolicy`. Format:
  2862  //     `accessPolicies/{access_policy}`.
  2863  func (r *AccessPoliciesService) Patch(name string, accesspolicy *AccessPolicy) *AccessPoliciesPatchCall {
  2864  	c := &AccessPoliciesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2865  	c.name = name
  2866  	c.accesspolicy = accesspolicy
  2867  	return c
  2868  }
  2869  
  2870  // UpdateMask sets the optional parameter "updateMask": Required. Mask to
  2871  // control which fields get updated. Must be non-empty.
  2872  func (c *AccessPoliciesPatchCall) UpdateMask(updateMask string) *AccessPoliciesPatchCall {
  2873  	c.urlParams_.Set("updateMask", updateMask)
  2874  	return c
  2875  }
  2876  
  2877  // Fields allows partial responses to be retrieved. See
  2878  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2879  // details.
  2880  func (c *AccessPoliciesPatchCall) Fields(s ...googleapi.Field) *AccessPoliciesPatchCall {
  2881  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2882  	return c
  2883  }
  2884  
  2885  // Context sets the context to be used in this call's Do method.
  2886  func (c *AccessPoliciesPatchCall) Context(ctx context.Context) *AccessPoliciesPatchCall {
  2887  	c.ctx_ = ctx
  2888  	return c
  2889  }
  2890  
  2891  // Header returns a http.Header that can be modified by the caller to add
  2892  // headers to the request.
  2893  func (c *AccessPoliciesPatchCall) Header() http.Header {
  2894  	if c.header_ == nil {
  2895  		c.header_ = make(http.Header)
  2896  	}
  2897  	return c.header_
  2898  }
  2899  
  2900  func (c *AccessPoliciesPatchCall) doRequest(alt string) (*http.Response, error) {
  2901  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  2902  	var body io.Reader = nil
  2903  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.accesspolicy)
  2904  	if err != nil {
  2905  		return nil, err
  2906  	}
  2907  	c.urlParams_.Set("alt", alt)
  2908  	c.urlParams_.Set("prettyPrint", "false")
  2909  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  2910  	urls += "?" + c.urlParams_.Encode()
  2911  	req, err := http.NewRequest("PATCH", urls, body)
  2912  	if err != nil {
  2913  		return nil, err
  2914  	}
  2915  	req.Header = reqHeaders
  2916  	googleapi.Expand(req.URL, map[string]string{
  2917  		"name": c.name,
  2918  	})
  2919  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  2920  }
  2921  
  2922  // Do executes the "accesscontextmanager.accessPolicies.patch" call.
  2923  // Any non-2xx status code is an error. Response headers are in either
  2924  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  2925  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  2926  // whether the returned error was because http.StatusNotModified was returned.
  2927  func (c *AccessPoliciesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  2928  	gensupport.SetOptions(c.urlParams_, opts...)
  2929  	res, err := c.doRequest("json")
  2930  	if res != nil && res.StatusCode == http.StatusNotModified {
  2931  		if res.Body != nil {
  2932  			res.Body.Close()
  2933  		}
  2934  		return nil, gensupport.WrapError(&googleapi.Error{
  2935  			Code:   res.StatusCode,
  2936  			Header: res.Header,
  2937  		})
  2938  	}
  2939  	if err != nil {
  2940  		return nil, err
  2941  	}
  2942  	defer googleapi.CloseBody(res)
  2943  	if err := googleapi.CheckResponse(res); err != nil {
  2944  		return nil, gensupport.WrapError(err)
  2945  	}
  2946  	ret := &Operation{
  2947  		ServerResponse: googleapi.ServerResponse{
  2948  			Header:         res.Header,
  2949  			HTTPStatusCode: res.StatusCode,
  2950  		},
  2951  	}
  2952  	target := &ret
  2953  	if err := gensupport.DecodeResponse(target, res); err != nil {
  2954  		return nil, err
  2955  	}
  2956  	return ret, nil
  2957  }
  2958  
  2959  type AccessPoliciesSetIamPolicyCall struct {
  2960  	s                   *Service
  2961  	resource            string
  2962  	setiampolicyrequest *SetIamPolicyRequest
  2963  	urlParams_          gensupport.URLParams
  2964  	ctx_                context.Context
  2965  	header_             http.Header
  2966  }
  2967  
  2968  // SetIamPolicy: Sets the IAM policy for the specified Access Context Manager
  2969  // access policy. This method replaces the existing IAM policy on the access
  2970  // policy. The IAM policy controls the set of users who can perform specific
  2971  // operations on the Access Context Manager access policy.
  2972  //
  2973  //   - resource: REQUIRED: The resource for which the policy is being specified.
  2974  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  2975  //     for the appropriate value for this field.
  2976  func (r *AccessPoliciesService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *AccessPoliciesSetIamPolicyCall {
  2977  	c := &AccessPoliciesSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2978  	c.resource = resource
  2979  	c.setiampolicyrequest = setiampolicyrequest
  2980  	return c
  2981  }
  2982  
  2983  // Fields allows partial responses to be retrieved. See
  2984  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2985  // details.
  2986  func (c *AccessPoliciesSetIamPolicyCall) Fields(s ...googleapi.Field) *AccessPoliciesSetIamPolicyCall {
  2987  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2988  	return c
  2989  }
  2990  
  2991  // Context sets the context to be used in this call's Do method.
  2992  func (c *AccessPoliciesSetIamPolicyCall) Context(ctx context.Context) *AccessPoliciesSetIamPolicyCall {
  2993  	c.ctx_ = ctx
  2994  	return c
  2995  }
  2996  
  2997  // Header returns a http.Header that can be modified by the caller to add
  2998  // headers to the request.
  2999  func (c *AccessPoliciesSetIamPolicyCall) Header() http.Header {
  3000  	if c.header_ == nil {
  3001  		c.header_ = make(http.Header)
  3002  	}
  3003  	return c.header_
  3004  }
  3005  
  3006  func (c *AccessPoliciesSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  3007  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3008  	var body io.Reader = nil
  3009  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
  3010  	if err != nil {
  3011  		return nil, err
  3012  	}
  3013  	c.urlParams_.Set("alt", alt)
  3014  	c.urlParams_.Set("prettyPrint", "false")
  3015  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy")
  3016  	urls += "?" + c.urlParams_.Encode()
  3017  	req, err := http.NewRequest("POST", urls, body)
  3018  	if err != nil {
  3019  		return nil, err
  3020  	}
  3021  	req.Header = reqHeaders
  3022  	googleapi.Expand(req.URL, map[string]string{
  3023  		"resource": c.resource,
  3024  	})
  3025  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3026  }
  3027  
  3028  // Do executes the "accesscontextmanager.accessPolicies.setIamPolicy" call.
  3029  // Any non-2xx status code is an error. Response headers are in either
  3030  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  3031  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3032  // whether the returned error was because http.StatusNotModified was returned.
  3033  func (c *AccessPoliciesSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  3034  	gensupport.SetOptions(c.urlParams_, opts...)
  3035  	res, err := c.doRequest("json")
  3036  	if res != nil && res.StatusCode == http.StatusNotModified {
  3037  		if res.Body != nil {
  3038  			res.Body.Close()
  3039  		}
  3040  		return nil, gensupport.WrapError(&googleapi.Error{
  3041  			Code:   res.StatusCode,
  3042  			Header: res.Header,
  3043  		})
  3044  	}
  3045  	if err != nil {
  3046  		return nil, err
  3047  	}
  3048  	defer googleapi.CloseBody(res)
  3049  	if err := googleapi.CheckResponse(res); err != nil {
  3050  		return nil, gensupport.WrapError(err)
  3051  	}
  3052  	ret := &Policy{
  3053  		ServerResponse: googleapi.ServerResponse{
  3054  			Header:         res.Header,
  3055  			HTTPStatusCode: res.StatusCode,
  3056  		},
  3057  	}
  3058  	target := &ret
  3059  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3060  		return nil, err
  3061  	}
  3062  	return ret, nil
  3063  }
  3064  
  3065  type AccessPoliciesTestIamPermissionsCall struct {
  3066  	s                         *Service
  3067  	resource                  string
  3068  	testiampermissionsrequest *TestIamPermissionsRequest
  3069  	urlParams_                gensupport.URLParams
  3070  	ctx_                      context.Context
  3071  	header_                   http.Header
  3072  }
  3073  
  3074  // TestIamPermissions: Returns the IAM permissions that the caller has on the
  3075  // specified Access Context Manager resource. The resource can be an
  3076  // AccessPolicy, AccessLevel, or ServicePerimeter. This method does not support
  3077  // other resources.
  3078  //
  3079  //   - resource: REQUIRED: The resource for which the policy detail is being
  3080  //     requested. See Resource names
  3081  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
  3082  //     value for this field.
  3083  func (r *AccessPoliciesService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *AccessPoliciesTestIamPermissionsCall {
  3084  	c := &AccessPoliciesTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3085  	c.resource = resource
  3086  	c.testiampermissionsrequest = testiampermissionsrequest
  3087  	return c
  3088  }
  3089  
  3090  // Fields allows partial responses to be retrieved. See
  3091  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3092  // details.
  3093  func (c *AccessPoliciesTestIamPermissionsCall) Fields(s ...googleapi.Field) *AccessPoliciesTestIamPermissionsCall {
  3094  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3095  	return c
  3096  }
  3097  
  3098  // Context sets the context to be used in this call's Do method.
  3099  func (c *AccessPoliciesTestIamPermissionsCall) Context(ctx context.Context) *AccessPoliciesTestIamPermissionsCall {
  3100  	c.ctx_ = ctx
  3101  	return c
  3102  }
  3103  
  3104  // Header returns a http.Header that can be modified by the caller to add
  3105  // headers to the request.
  3106  func (c *AccessPoliciesTestIamPermissionsCall) Header() http.Header {
  3107  	if c.header_ == nil {
  3108  		c.header_ = make(http.Header)
  3109  	}
  3110  	return c.header_
  3111  }
  3112  
  3113  func (c *AccessPoliciesTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
  3114  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3115  	var body io.Reader = nil
  3116  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
  3117  	if err != nil {
  3118  		return nil, err
  3119  	}
  3120  	c.urlParams_.Set("alt", alt)
  3121  	c.urlParams_.Set("prettyPrint", "false")
  3122  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
  3123  	urls += "?" + c.urlParams_.Encode()
  3124  	req, err := http.NewRequest("POST", urls, body)
  3125  	if err != nil {
  3126  		return nil, err
  3127  	}
  3128  	req.Header = reqHeaders
  3129  	googleapi.Expand(req.URL, map[string]string{
  3130  		"resource": c.resource,
  3131  	})
  3132  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3133  }
  3134  
  3135  // Do executes the "accesscontextmanager.accessPolicies.testIamPermissions" call.
  3136  // Any non-2xx status code is an error. Response headers are in either
  3137  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
  3138  // returned at all) in error.(*googleapi.Error).Header. Use
  3139  // googleapi.IsNotModified to check whether the returned error was because
  3140  // http.StatusNotModified was returned.
  3141  func (c *AccessPoliciesTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
  3142  	gensupport.SetOptions(c.urlParams_, opts...)
  3143  	res, err := c.doRequest("json")
  3144  	if res != nil && res.StatusCode == http.StatusNotModified {
  3145  		if res.Body != nil {
  3146  			res.Body.Close()
  3147  		}
  3148  		return nil, gensupport.WrapError(&googleapi.Error{
  3149  			Code:   res.StatusCode,
  3150  			Header: res.Header,
  3151  		})
  3152  	}
  3153  	if err != nil {
  3154  		return nil, err
  3155  	}
  3156  	defer googleapi.CloseBody(res)
  3157  	if err := googleapi.CheckResponse(res); err != nil {
  3158  		return nil, gensupport.WrapError(err)
  3159  	}
  3160  	ret := &TestIamPermissionsResponse{
  3161  		ServerResponse: googleapi.ServerResponse{
  3162  			Header:         res.Header,
  3163  			HTTPStatusCode: res.StatusCode,
  3164  		},
  3165  	}
  3166  	target := &ret
  3167  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3168  		return nil, err
  3169  	}
  3170  	return ret, nil
  3171  }
  3172  
  3173  type AccessPoliciesAccessLevelsCreateCall struct {
  3174  	s           *Service
  3175  	parent      string
  3176  	accesslevel *AccessLevel
  3177  	urlParams_  gensupport.URLParams
  3178  	ctx_        context.Context
  3179  	header_     http.Header
  3180  }
  3181  
  3182  // Create: Creates an access level. The long-running operation from this RPC
  3183  // has a successful status after the access level propagates to long-lasting
  3184  // storage. If access levels contain errors, an error response is returned for
  3185  // the first error encountered.
  3186  //
  3187  //   - parent: Resource name for the access policy which owns this Access Level.
  3188  //     Format: `accessPolicies/{policy_id}`.
  3189  func (r *AccessPoliciesAccessLevelsService) Create(parent string, accesslevel *AccessLevel) *AccessPoliciesAccessLevelsCreateCall {
  3190  	c := &AccessPoliciesAccessLevelsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3191  	c.parent = parent
  3192  	c.accesslevel = accesslevel
  3193  	return c
  3194  }
  3195  
  3196  // Fields allows partial responses to be retrieved. See
  3197  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3198  // details.
  3199  func (c *AccessPoliciesAccessLevelsCreateCall) Fields(s ...googleapi.Field) *AccessPoliciesAccessLevelsCreateCall {
  3200  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3201  	return c
  3202  }
  3203  
  3204  // Context sets the context to be used in this call's Do method.
  3205  func (c *AccessPoliciesAccessLevelsCreateCall) Context(ctx context.Context) *AccessPoliciesAccessLevelsCreateCall {
  3206  	c.ctx_ = ctx
  3207  	return c
  3208  }
  3209  
  3210  // Header returns a http.Header that can be modified by the caller to add
  3211  // headers to the request.
  3212  func (c *AccessPoliciesAccessLevelsCreateCall) Header() http.Header {
  3213  	if c.header_ == nil {
  3214  		c.header_ = make(http.Header)
  3215  	}
  3216  	return c.header_
  3217  }
  3218  
  3219  func (c *AccessPoliciesAccessLevelsCreateCall) doRequest(alt string) (*http.Response, error) {
  3220  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3221  	var body io.Reader = nil
  3222  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.accesslevel)
  3223  	if err != nil {
  3224  		return nil, err
  3225  	}
  3226  	c.urlParams_.Set("alt", alt)
  3227  	c.urlParams_.Set("prettyPrint", "false")
  3228  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/accessLevels")
  3229  	urls += "?" + c.urlParams_.Encode()
  3230  	req, err := http.NewRequest("POST", urls, body)
  3231  	if err != nil {
  3232  		return nil, err
  3233  	}
  3234  	req.Header = reqHeaders
  3235  	googleapi.Expand(req.URL, map[string]string{
  3236  		"parent": c.parent,
  3237  	})
  3238  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3239  }
  3240  
  3241  // Do executes the "accesscontextmanager.accessPolicies.accessLevels.create" call.
  3242  // Any non-2xx status code is an error. Response headers are in either
  3243  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3244  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3245  // whether the returned error was because http.StatusNotModified was returned.
  3246  func (c *AccessPoliciesAccessLevelsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3247  	gensupport.SetOptions(c.urlParams_, opts...)
  3248  	res, err := c.doRequest("json")
  3249  	if res != nil && res.StatusCode == http.StatusNotModified {
  3250  		if res.Body != nil {
  3251  			res.Body.Close()
  3252  		}
  3253  		return nil, gensupport.WrapError(&googleapi.Error{
  3254  			Code:   res.StatusCode,
  3255  			Header: res.Header,
  3256  		})
  3257  	}
  3258  	if err != nil {
  3259  		return nil, err
  3260  	}
  3261  	defer googleapi.CloseBody(res)
  3262  	if err := googleapi.CheckResponse(res); err != nil {
  3263  		return nil, gensupport.WrapError(err)
  3264  	}
  3265  	ret := &Operation{
  3266  		ServerResponse: googleapi.ServerResponse{
  3267  			Header:         res.Header,
  3268  			HTTPStatusCode: res.StatusCode,
  3269  		},
  3270  	}
  3271  	target := &ret
  3272  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3273  		return nil, err
  3274  	}
  3275  	return ret, nil
  3276  }
  3277  
  3278  type AccessPoliciesAccessLevelsDeleteCall struct {
  3279  	s          *Service
  3280  	name       string
  3281  	urlParams_ gensupport.URLParams
  3282  	ctx_       context.Context
  3283  	header_    http.Header
  3284  }
  3285  
  3286  // Delete: Deletes an access level based on the resource name. The long-running
  3287  // operation from this RPC has a successful status after the access level has
  3288  // been removed from long-lasting storage.
  3289  //
  3290  //   - name: Resource name for the Access Level. Format:
  3291  //     `accessPolicies/{policy_id}/accessLevels/{access_level_id}`.
  3292  func (r *AccessPoliciesAccessLevelsService) Delete(name string) *AccessPoliciesAccessLevelsDeleteCall {
  3293  	c := &AccessPoliciesAccessLevelsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3294  	c.name = name
  3295  	return c
  3296  }
  3297  
  3298  // Fields allows partial responses to be retrieved. See
  3299  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3300  // details.
  3301  func (c *AccessPoliciesAccessLevelsDeleteCall) Fields(s ...googleapi.Field) *AccessPoliciesAccessLevelsDeleteCall {
  3302  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3303  	return c
  3304  }
  3305  
  3306  // Context sets the context to be used in this call's Do method.
  3307  func (c *AccessPoliciesAccessLevelsDeleteCall) Context(ctx context.Context) *AccessPoliciesAccessLevelsDeleteCall {
  3308  	c.ctx_ = ctx
  3309  	return c
  3310  }
  3311  
  3312  // Header returns a http.Header that can be modified by the caller to add
  3313  // headers to the request.
  3314  func (c *AccessPoliciesAccessLevelsDeleteCall) Header() http.Header {
  3315  	if c.header_ == nil {
  3316  		c.header_ = make(http.Header)
  3317  	}
  3318  	return c.header_
  3319  }
  3320  
  3321  func (c *AccessPoliciesAccessLevelsDeleteCall) doRequest(alt string) (*http.Response, error) {
  3322  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3323  	var body io.Reader = nil
  3324  	c.urlParams_.Set("alt", alt)
  3325  	c.urlParams_.Set("prettyPrint", "false")
  3326  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  3327  	urls += "?" + c.urlParams_.Encode()
  3328  	req, err := http.NewRequest("DELETE", urls, body)
  3329  	if err != nil {
  3330  		return nil, err
  3331  	}
  3332  	req.Header = reqHeaders
  3333  	googleapi.Expand(req.URL, map[string]string{
  3334  		"name": c.name,
  3335  	})
  3336  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3337  }
  3338  
  3339  // Do executes the "accesscontextmanager.accessPolicies.accessLevels.delete" call.
  3340  // Any non-2xx status code is an error. Response headers are in either
  3341  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3342  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3343  // whether the returned error was because http.StatusNotModified was returned.
  3344  func (c *AccessPoliciesAccessLevelsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3345  	gensupport.SetOptions(c.urlParams_, opts...)
  3346  	res, err := c.doRequest("json")
  3347  	if res != nil && res.StatusCode == http.StatusNotModified {
  3348  		if res.Body != nil {
  3349  			res.Body.Close()
  3350  		}
  3351  		return nil, gensupport.WrapError(&googleapi.Error{
  3352  			Code:   res.StatusCode,
  3353  			Header: res.Header,
  3354  		})
  3355  	}
  3356  	if err != nil {
  3357  		return nil, err
  3358  	}
  3359  	defer googleapi.CloseBody(res)
  3360  	if err := googleapi.CheckResponse(res); err != nil {
  3361  		return nil, gensupport.WrapError(err)
  3362  	}
  3363  	ret := &Operation{
  3364  		ServerResponse: googleapi.ServerResponse{
  3365  			Header:         res.Header,
  3366  			HTTPStatusCode: res.StatusCode,
  3367  		},
  3368  	}
  3369  	target := &ret
  3370  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3371  		return nil, err
  3372  	}
  3373  	return ret, nil
  3374  }
  3375  
  3376  type AccessPoliciesAccessLevelsGetCall struct {
  3377  	s            *Service
  3378  	name         string
  3379  	urlParams_   gensupport.URLParams
  3380  	ifNoneMatch_ string
  3381  	ctx_         context.Context
  3382  	header_      http.Header
  3383  }
  3384  
  3385  // Get: Gets an access level based on the resource name.
  3386  //
  3387  //   - name: Resource name for the Access Level. Format:
  3388  //     `accessPolicies/{policy_id}/accessLevels/{access_level_id}`.
  3389  func (r *AccessPoliciesAccessLevelsService) Get(name string) *AccessPoliciesAccessLevelsGetCall {
  3390  	c := &AccessPoliciesAccessLevelsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3391  	c.name = name
  3392  	return c
  3393  }
  3394  
  3395  // AccessLevelFormat sets the optional parameter "accessLevelFormat": Whether
  3396  // to return `BasicLevels` in the Cloud Common Expression Language rather than
  3397  // as `BasicLevels`. Defaults to AS_DEFINED, where Access Levels are returned
  3398  // as `BasicLevels` or `CustomLevels` based on how they were created. If set to
  3399  // CEL, all Access Levels are returned as `CustomLevels`. In the CEL case,
  3400  // `BasicLevels` are translated to equivalent `CustomLevels`.
  3401  //
  3402  // Possible values:
  3403  //
  3404  //	"LEVEL_FORMAT_UNSPECIFIED" - The format was not specified.
  3405  //	"AS_DEFINED" - Uses the format the resource was defined in. BasicLevels
  3406  //
  3407  // are returned as BasicLevels, CustomLevels are returned as CustomLevels.
  3408  //
  3409  //	"CEL" - Use Cloud Common Expression Language when returning the resource.
  3410  //
  3411  // Both BasicLevels and CustomLevels are returned as CustomLevels.
  3412  func (c *AccessPoliciesAccessLevelsGetCall) AccessLevelFormat(accessLevelFormat string) *AccessPoliciesAccessLevelsGetCall {
  3413  	c.urlParams_.Set("accessLevelFormat", accessLevelFormat)
  3414  	return c
  3415  }
  3416  
  3417  // Fields allows partial responses to be retrieved. See
  3418  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3419  // details.
  3420  func (c *AccessPoliciesAccessLevelsGetCall) Fields(s ...googleapi.Field) *AccessPoliciesAccessLevelsGetCall {
  3421  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3422  	return c
  3423  }
  3424  
  3425  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  3426  // object's ETag matches the given value. This is useful for getting updates
  3427  // only after the object has changed since the last request.
  3428  func (c *AccessPoliciesAccessLevelsGetCall) IfNoneMatch(entityTag string) *AccessPoliciesAccessLevelsGetCall {
  3429  	c.ifNoneMatch_ = entityTag
  3430  	return c
  3431  }
  3432  
  3433  // Context sets the context to be used in this call's Do method.
  3434  func (c *AccessPoliciesAccessLevelsGetCall) Context(ctx context.Context) *AccessPoliciesAccessLevelsGetCall {
  3435  	c.ctx_ = ctx
  3436  	return c
  3437  }
  3438  
  3439  // Header returns a http.Header that can be modified by the caller to add
  3440  // headers to the request.
  3441  func (c *AccessPoliciesAccessLevelsGetCall) Header() http.Header {
  3442  	if c.header_ == nil {
  3443  		c.header_ = make(http.Header)
  3444  	}
  3445  	return c.header_
  3446  }
  3447  
  3448  func (c *AccessPoliciesAccessLevelsGetCall) doRequest(alt string) (*http.Response, error) {
  3449  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3450  	if c.ifNoneMatch_ != "" {
  3451  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  3452  	}
  3453  	var body io.Reader = nil
  3454  	c.urlParams_.Set("alt", alt)
  3455  	c.urlParams_.Set("prettyPrint", "false")
  3456  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  3457  	urls += "?" + c.urlParams_.Encode()
  3458  	req, err := http.NewRequest("GET", urls, body)
  3459  	if err != nil {
  3460  		return nil, err
  3461  	}
  3462  	req.Header = reqHeaders
  3463  	googleapi.Expand(req.URL, map[string]string{
  3464  		"name": c.name,
  3465  	})
  3466  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3467  }
  3468  
  3469  // Do executes the "accesscontextmanager.accessPolicies.accessLevels.get" call.
  3470  // Any non-2xx status code is an error. Response headers are in either
  3471  // *AccessLevel.ServerResponse.Header or (if a response was returned at all) in
  3472  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3473  // whether the returned error was because http.StatusNotModified was returned.
  3474  func (c *AccessPoliciesAccessLevelsGetCall) Do(opts ...googleapi.CallOption) (*AccessLevel, error) {
  3475  	gensupport.SetOptions(c.urlParams_, opts...)
  3476  	res, err := c.doRequest("json")
  3477  	if res != nil && res.StatusCode == http.StatusNotModified {
  3478  		if res.Body != nil {
  3479  			res.Body.Close()
  3480  		}
  3481  		return nil, gensupport.WrapError(&googleapi.Error{
  3482  			Code:   res.StatusCode,
  3483  			Header: res.Header,
  3484  		})
  3485  	}
  3486  	if err != nil {
  3487  		return nil, err
  3488  	}
  3489  	defer googleapi.CloseBody(res)
  3490  	if err := googleapi.CheckResponse(res); err != nil {
  3491  		return nil, gensupport.WrapError(err)
  3492  	}
  3493  	ret := &AccessLevel{
  3494  		ServerResponse: googleapi.ServerResponse{
  3495  			Header:         res.Header,
  3496  			HTTPStatusCode: res.StatusCode,
  3497  		},
  3498  	}
  3499  	target := &ret
  3500  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3501  		return nil, err
  3502  	}
  3503  	return ret, nil
  3504  }
  3505  
  3506  type AccessPoliciesAccessLevelsListCall struct {
  3507  	s            *Service
  3508  	parent       string
  3509  	urlParams_   gensupport.URLParams
  3510  	ifNoneMatch_ string
  3511  	ctx_         context.Context
  3512  	header_      http.Header
  3513  }
  3514  
  3515  // List: Lists all access levels for an access policy.
  3516  //
  3517  //   - parent: Resource name for the access policy to list Access Levels from.
  3518  //     Format: `accessPolicies/{policy_id}`.
  3519  func (r *AccessPoliciesAccessLevelsService) List(parent string) *AccessPoliciesAccessLevelsListCall {
  3520  	c := &AccessPoliciesAccessLevelsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3521  	c.parent = parent
  3522  	return c
  3523  }
  3524  
  3525  // AccessLevelFormat sets the optional parameter "accessLevelFormat": Whether
  3526  // to return `BasicLevels` in the Cloud Common Expression language, as
  3527  // `CustomLevels`, rather than as `BasicLevels`. Defaults to returning
  3528  // `AccessLevels` in the format they were defined.
  3529  //
  3530  // Possible values:
  3531  //
  3532  //	"LEVEL_FORMAT_UNSPECIFIED" - The format was not specified.
  3533  //	"AS_DEFINED" - Uses the format the resource was defined in. BasicLevels
  3534  //
  3535  // are returned as BasicLevels, CustomLevels are returned as CustomLevels.
  3536  //
  3537  //	"CEL" - Use Cloud Common Expression Language when returning the resource.
  3538  //
  3539  // Both BasicLevels and CustomLevels are returned as CustomLevels.
  3540  func (c *AccessPoliciesAccessLevelsListCall) AccessLevelFormat(accessLevelFormat string) *AccessPoliciesAccessLevelsListCall {
  3541  	c.urlParams_.Set("accessLevelFormat", accessLevelFormat)
  3542  	return c
  3543  }
  3544  
  3545  // PageSize sets the optional parameter "pageSize": Number of Access Levels to
  3546  // include in the list. Default 100.
  3547  func (c *AccessPoliciesAccessLevelsListCall) PageSize(pageSize int64) *AccessPoliciesAccessLevelsListCall {
  3548  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  3549  	return c
  3550  }
  3551  
  3552  // PageToken sets the optional parameter "pageToken": Next page token for the
  3553  // next batch of Access Level instances. Defaults to the first page of results.
  3554  func (c *AccessPoliciesAccessLevelsListCall) PageToken(pageToken string) *AccessPoliciesAccessLevelsListCall {
  3555  	c.urlParams_.Set("pageToken", pageToken)
  3556  	return c
  3557  }
  3558  
  3559  // Fields allows partial responses to be retrieved. See
  3560  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3561  // details.
  3562  func (c *AccessPoliciesAccessLevelsListCall) Fields(s ...googleapi.Field) *AccessPoliciesAccessLevelsListCall {
  3563  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3564  	return c
  3565  }
  3566  
  3567  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  3568  // object's ETag matches the given value. This is useful for getting updates
  3569  // only after the object has changed since the last request.
  3570  func (c *AccessPoliciesAccessLevelsListCall) IfNoneMatch(entityTag string) *AccessPoliciesAccessLevelsListCall {
  3571  	c.ifNoneMatch_ = entityTag
  3572  	return c
  3573  }
  3574  
  3575  // Context sets the context to be used in this call's Do method.
  3576  func (c *AccessPoliciesAccessLevelsListCall) Context(ctx context.Context) *AccessPoliciesAccessLevelsListCall {
  3577  	c.ctx_ = ctx
  3578  	return c
  3579  }
  3580  
  3581  // Header returns a http.Header that can be modified by the caller to add
  3582  // headers to the request.
  3583  func (c *AccessPoliciesAccessLevelsListCall) Header() http.Header {
  3584  	if c.header_ == nil {
  3585  		c.header_ = make(http.Header)
  3586  	}
  3587  	return c.header_
  3588  }
  3589  
  3590  func (c *AccessPoliciesAccessLevelsListCall) doRequest(alt string) (*http.Response, error) {
  3591  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3592  	if c.ifNoneMatch_ != "" {
  3593  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  3594  	}
  3595  	var body io.Reader = nil
  3596  	c.urlParams_.Set("alt", alt)
  3597  	c.urlParams_.Set("prettyPrint", "false")
  3598  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/accessLevels")
  3599  	urls += "?" + c.urlParams_.Encode()
  3600  	req, err := http.NewRequest("GET", urls, body)
  3601  	if err != nil {
  3602  		return nil, err
  3603  	}
  3604  	req.Header = reqHeaders
  3605  	googleapi.Expand(req.URL, map[string]string{
  3606  		"parent": c.parent,
  3607  	})
  3608  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3609  }
  3610  
  3611  // Do executes the "accesscontextmanager.accessPolicies.accessLevels.list" call.
  3612  // Any non-2xx status code is an error. Response headers are in either
  3613  // *ListAccessLevelsResponse.ServerResponse.Header or (if a response was
  3614  // returned at all) in error.(*googleapi.Error).Header. Use
  3615  // googleapi.IsNotModified to check whether the returned error was because
  3616  // http.StatusNotModified was returned.
  3617  func (c *AccessPoliciesAccessLevelsListCall) Do(opts ...googleapi.CallOption) (*ListAccessLevelsResponse, error) {
  3618  	gensupport.SetOptions(c.urlParams_, opts...)
  3619  	res, err := c.doRequest("json")
  3620  	if res != nil && res.StatusCode == http.StatusNotModified {
  3621  		if res.Body != nil {
  3622  			res.Body.Close()
  3623  		}
  3624  		return nil, gensupport.WrapError(&googleapi.Error{
  3625  			Code:   res.StatusCode,
  3626  			Header: res.Header,
  3627  		})
  3628  	}
  3629  	if err != nil {
  3630  		return nil, err
  3631  	}
  3632  	defer googleapi.CloseBody(res)
  3633  	if err := googleapi.CheckResponse(res); err != nil {
  3634  		return nil, gensupport.WrapError(err)
  3635  	}
  3636  	ret := &ListAccessLevelsResponse{
  3637  		ServerResponse: googleapi.ServerResponse{
  3638  			Header:         res.Header,
  3639  			HTTPStatusCode: res.StatusCode,
  3640  		},
  3641  	}
  3642  	target := &ret
  3643  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3644  		return nil, err
  3645  	}
  3646  	return ret, nil
  3647  }
  3648  
  3649  // Pages invokes f for each page of results.
  3650  // A non-nil error returned from f will halt the iteration.
  3651  // The provided context supersedes any context provided to the Context method.
  3652  func (c *AccessPoliciesAccessLevelsListCall) Pages(ctx context.Context, f func(*ListAccessLevelsResponse) error) error {
  3653  	c.ctx_ = ctx
  3654  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  3655  	for {
  3656  		x, err := c.Do()
  3657  		if err != nil {
  3658  			return err
  3659  		}
  3660  		if err := f(x); err != nil {
  3661  			return err
  3662  		}
  3663  		if x.NextPageToken == "" {
  3664  			return nil
  3665  		}
  3666  		c.PageToken(x.NextPageToken)
  3667  	}
  3668  }
  3669  
  3670  type AccessPoliciesAccessLevelsPatchCall struct {
  3671  	s           *Service
  3672  	name        string
  3673  	accesslevel *AccessLevel
  3674  	urlParams_  gensupport.URLParams
  3675  	ctx_        context.Context
  3676  	header_     http.Header
  3677  }
  3678  
  3679  // Patch: Updates an access level. The long-running operation from this RPC has
  3680  // a successful status after the changes to the access level propagate to
  3681  // long-lasting storage. If access levels contain errors, an error response is
  3682  // returned for the first error encountered.
  3683  //
  3684  //   - name: Resource name for the `AccessLevel`. Format:
  3685  //     `accessPolicies/{access_policy}/accessLevels/{access_level}`. The
  3686  //     `access_level` component must begin with a letter, followed by
  3687  //     alphanumeric characters or `_`. Its maximum length is 50 characters. After
  3688  //     you create an `AccessLevel`, you cannot change its `name`.
  3689  func (r *AccessPoliciesAccessLevelsService) Patch(name string, accesslevel *AccessLevel) *AccessPoliciesAccessLevelsPatchCall {
  3690  	c := &AccessPoliciesAccessLevelsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3691  	c.name = name
  3692  	c.accesslevel = accesslevel
  3693  	return c
  3694  }
  3695  
  3696  // UpdateMask sets the optional parameter "updateMask": Required. Mask to
  3697  // control which fields get updated. Must be non-empty.
  3698  func (c *AccessPoliciesAccessLevelsPatchCall) UpdateMask(updateMask string) *AccessPoliciesAccessLevelsPatchCall {
  3699  	c.urlParams_.Set("updateMask", updateMask)
  3700  	return c
  3701  }
  3702  
  3703  // Fields allows partial responses to be retrieved. See
  3704  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3705  // details.
  3706  func (c *AccessPoliciesAccessLevelsPatchCall) Fields(s ...googleapi.Field) *AccessPoliciesAccessLevelsPatchCall {
  3707  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3708  	return c
  3709  }
  3710  
  3711  // Context sets the context to be used in this call's Do method.
  3712  func (c *AccessPoliciesAccessLevelsPatchCall) Context(ctx context.Context) *AccessPoliciesAccessLevelsPatchCall {
  3713  	c.ctx_ = ctx
  3714  	return c
  3715  }
  3716  
  3717  // Header returns a http.Header that can be modified by the caller to add
  3718  // headers to the request.
  3719  func (c *AccessPoliciesAccessLevelsPatchCall) Header() http.Header {
  3720  	if c.header_ == nil {
  3721  		c.header_ = make(http.Header)
  3722  	}
  3723  	return c.header_
  3724  }
  3725  
  3726  func (c *AccessPoliciesAccessLevelsPatchCall) doRequest(alt string) (*http.Response, error) {
  3727  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3728  	var body io.Reader = nil
  3729  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.accesslevel)
  3730  	if err != nil {
  3731  		return nil, err
  3732  	}
  3733  	c.urlParams_.Set("alt", alt)
  3734  	c.urlParams_.Set("prettyPrint", "false")
  3735  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  3736  	urls += "?" + c.urlParams_.Encode()
  3737  	req, err := http.NewRequest("PATCH", urls, body)
  3738  	if err != nil {
  3739  		return nil, err
  3740  	}
  3741  	req.Header = reqHeaders
  3742  	googleapi.Expand(req.URL, map[string]string{
  3743  		"name": c.name,
  3744  	})
  3745  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3746  }
  3747  
  3748  // Do executes the "accesscontextmanager.accessPolicies.accessLevels.patch" call.
  3749  // Any non-2xx status code is an error. Response headers are in either
  3750  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3751  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3752  // whether the returned error was because http.StatusNotModified was returned.
  3753  func (c *AccessPoliciesAccessLevelsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3754  	gensupport.SetOptions(c.urlParams_, opts...)
  3755  	res, err := c.doRequest("json")
  3756  	if res != nil && res.StatusCode == http.StatusNotModified {
  3757  		if res.Body != nil {
  3758  			res.Body.Close()
  3759  		}
  3760  		return nil, gensupport.WrapError(&googleapi.Error{
  3761  			Code:   res.StatusCode,
  3762  			Header: res.Header,
  3763  		})
  3764  	}
  3765  	if err != nil {
  3766  		return nil, err
  3767  	}
  3768  	defer googleapi.CloseBody(res)
  3769  	if err := googleapi.CheckResponse(res); err != nil {
  3770  		return nil, gensupport.WrapError(err)
  3771  	}
  3772  	ret := &Operation{
  3773  		ServerResponse: googleapi.ServerResponse{
  3774  			Header:         res.Header,
  3775  			HTTPStatusCode: res.StatusCode,
  3776  		},
  3777  	}
  3778  	target := &ret
  3779  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3780  		return nil, err
  3781  	}
  3782  	return ret, nil
  3783  }
  3784  
  3785  type AccessPoliciesAccessLevelsReplaceAllCall struct {
  3786  	s                          *Service
  3787  	parent                     string
  3788  	replaceaccesslevelsrequest *ReplaceAccessLevelsRequest
  3789  	urlParams_                 gensupport.URLParams
  3790  	ctx_                       context.Context
  3791  	header_                    http.Header
  3792  }
  3793  
  3794  // ReplaceAll: Replaces all existing access levels in an access policy with the
  3795  // access levels provided. This is done atomically. The long-running operation
  3796  // from this RPC has a successful status after all replacements propagate to
  3797  // long-lasting storage. If the replacement contains errors, an error response
  3798  // is returned for the first error encountered. Upon error, the replacement is
  3799  // cancelled, and existing access levels are not affected. The
  3800  // Operation.response field contains ReplaceAccessLevelsResponse. Removing
  3801  // access levels contained in existing service perimeters result in an error.
  3802  //
  3803  //   - parent: Resource name for the access policy which owns these Access
  3804  //     Levels. Format: `accessPolicies/{policy_id}`.
  3805  func (r *AccessPoliciesAccessLevelsService) ReplaceAll(parent string, replaceaccesslevelsrequest *ReplaceAccessLevelsRequest) *AccessPoliciesAccessLevelsReplaceAllCall {
  3806  	c := &AccessPoliciesAccessLevelsReplaceAllCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3807  	c.parent = parent
  3808  	c.replaceaccesslevelsrequest = replaceaccesslevelsrequest
  3809  	return c
  3810  }
  3811  
  3812  // Fields allows partial responses to be retrieved. See
  3813  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3814  // details.
  3815  func (c *AccessPoliciesAccessLevelsReplaceAllCall) Fields(s ...googleapi.Field) *AccessPoliciesAccessLevelsReplaceAllCall {
  3816  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3817  	return c
  3818  }
  3819  
  3820  // Context sets the context to be used in this call's Do method.
  3821  func (c *AccessPoliciesAccessLevelsReplaceAllCall) Context(ctx context.Context) *AccessPoliciesAccessLevelsReplaceAllCall {
  3822  	c.ctx_ = ctx
  3823  	return c
  3824  }
  3825  
  3826  // Header returns a http.Header that can be modified by the caller to add
  3827  // headers to the request.
  3828  func (c *AccessPoliciesAccessLevelsReplaceAllCall) Header() http.Header {
  3829  	if c.header_ == nil {
  3830  		c.header_ = make(http.Header)
  3831  	}
  3832  	return c.header_
  3833  }
  3834  
  3835  func (c *AccessPoliciesAccessLevelsReplaceAllCall) doRequest(alt string) (*http.Response, error) {
  3836  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3837  	var body io.Reader = nil
  3838  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.replaceaccesslevelsrequest)
  3839  	if err != nil {
  3840  		return nil, err
  3841  	}
  3842  	c.urlParams_.Set("alt", alt)
  3843  	c.urlParams_.Set("prettyPrint", "false")
  3844  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/accessLevels:replaceAll")
  3845  	urls += "?" + c.urlParams_.Encode()
  3846  	req, err := http.NewRequest("POST", urls, body)
  3847  	if err != nil {
  3848  		return nil, err
  3849  	}
  3850  	req.Header = reqHeaders
  3851  	googleapi.Expand(req.URL, map[string]string{
  3852  		"parent": c.parent,
  3853  	})
  3854  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3855  }
  3856  
  3857  // Do executes the "accesscontextmanager.accessPolicies.accessLevels.replaceAll" call.
  3858  // Any non-2xx status code is an error. Response headers are in either
  3859  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3860  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3861  // whether the returned error was because http.StatusNotModified was returned.
  3862  func (c *AccessPoliciesAccessLevelsReplaceAllCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3863  	gensupport.SetOptions(c.urlParams_, opts...)
  3864  	res, err := c.doRequest("json")
  3865  	if res != nil && res.StatusCode == http.StatusNotModified {
  3866  		if res.Body != nil {
  3867  			res.Body.Close()
  3868  		}
  3869  		return nil, gensupport.WrapError(&googleapi.Error{
  3870  			Code:   res.StatusCode,
  3871  			Header: res.Header,
  3872  		})
  3873  	}
  3874  	if err != nil {
  3875  		return nil, err
  3876  	}
  3877  	defer googleapi.CloseBody(res)
  3878  	if err := googleapi.CheckResponse(res); err != nil {
  3879  		return nil, gensupport.WrapError(err)
  3880  	}
  3881  	ret := &Operation{
  3882  		ServerResponse: googleapi.ServerResponse{
  3883  			Header:         res.Header,
  3884  			HTTPStatusCode: res.StatusCode,
  3885  		},
  3886  	}
  3887  	target := &ret
  3888  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3889  		return nil, err
  3890  	}
  3891  	return ret, nil
  3892  }
  3893  
  3894  type AccessPoliciesAccessLevelsTestIamPermissionsCall struct {
  3895  	s                         *Service
  3896  	resource                  string
  3897  	testiampermissionsrequest *TestIamPermissionsRequest
  3898  	urlParams_                gensupport.URLParams
  3899  	ctx_                      context.Context
  3900  	header_                   http.Header
  3901  }
  3902  
  3903  // TestIamPermissions: Returns the IAM permissions that the caller has on the
  3904  // specified Access Context Manager resource. The resource can be an
  3905  // AccessPolicy, AccessLevel, or ServicePerimeter. This method does not support
  3906  // other resources.
  3907  //
  3908  //   - resource: REQUIRED: The resource for which the policy detail is being
  3909  //     requested. See Resource names
  3910  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
  3911  //     value for this field.
  3912  func (r *AccessPoliciesAccessLevelsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *AccessPoliciesAccessLevelsTestIamPermissionsCall {
  3913  	c := &AccessPoliciesAccessLevelsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3914  	c.resource = resource
  3915  	c.testiampermissionsrequest = testiampermissionsrequest
  3916  	return c
  3917  }
  3918  
  3919  // Fields allows partial responses to be retrieved. See
  3920  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3921  // details.
  3922  func (c *AccessPoliciesAccessLevelsTestIamPermissionsCall) Fields(s ...googleapi.Field) *AccessPoliciesAccessLevelsTestIamPermissionsCall {
  3923  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3924  	return c
  3925  }
  3926  
  3927  // Context sets the context to be used in this call's Do method.
  3928  func (c *AccessPoliciesAccessLevelsTestIamPermissionsCall) Context(ctx context.Context) *AccessPoliciesAccessLevelsTestIamPermissionsCall {
  3929  	c.ctx_ = ctx
  3930  	return c
  3931  }
  3932  
  3933  // Header returns a http.Header that can be modified by the caller to add
  3934  // headers to the request.
  3935  func (c *AccessPoliciesAccessLevelsTestIamPermissionsCall) Header() http.Header {
  3936  	if c.header_ == nil {
  3937  		c.header_ = make(http.Header)
  3938  	}
  3939  	return c.header_
  3940  }
  3941  
  3942  func (c *AccessPoliciesAccessLevelsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
  3943  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3944  	var body io.Reader = nil
  3945  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
  3946  	if err != nil {
  3947  		return nil, err
  3948  	}
  3949  	c.urlParams_.Set("alt", alt)
  3950  	c.urlParams_.Set("prettyPrint", "false")
  3951  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
  3952  	urls += "?" + c.urlParams_.Encode()
  3953  	req, err := http.NewRequest("POST", urls, body)
  3954  	if err != nil {
  3955  		return nil, err
  3956  	}
  3957  	req.Header = reqHeaders
  3958  	googleapi.Expand(req.URL, map[string]string{
  3959  		"resource": c.resource,
  3960  	})
  3961  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3962  }
  3963  
  3964  // Do executes the "accesscontextmanager.accessPolicies.accessLevels.testIamPermissions" call.
  3965  // Any non-2xx status code is an error. Response headers are in either
  3966  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
  3967  // returned at all) in error.(*googleapi.Error).Header. Use
  3968  // googleapi.IsNotModified to check whether the returned error was because
  3969  // http.StatusNotModified was returned.
  3970  func (c *AccessPoliciesAccessLevelsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
  3971  	gensupport.SetOptions(c.urlParams_, opts...)
  3972  	res, err := c.doRequest("json")
  3973  	if res != nil && res.StatusCode == http.StatusNotModified {
  3974  		if res.Body != nil {
  3975  			res.Body.Close()
  3976  		}
  3977  		return nil, gensupport.WrapError(&googleapi.Error{
  3978  			Code:   res.StatusCode,
  3979  			Header: res.Header,
  3980  		})
  3981  	}
  3982  	if err != nil {
  3983  		return nil, err
  3984  	}
  3985  	defer googleapi.CloseBody(res)
  3986  	if err := googleapi.CheckResponse(res); err != nil {
  3987  		return nil, gensupport.WrapError(err)
  3988  	}
  3989  	ret := &TestIamPermissionsResponse{
  3990  		ServerResponse: googleapi.ServerResponse{
  3991  			Header:         res.Header,
  3992  			HTTPStatusCode: res.StatusCode,
  3993  		},
  3994  	}
  3995  	target := &ret
  3996  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3997  		return nil, err
  3998  	}
  3999  	return ret, nil
  4000  }
  4001  
  4002  type AccessPoliciesAuthorizedOrgsDescsCreateCall struct {
  4003  	s                  *Service
  4004  	parent             string
  4005  	authorizedorgsdesc *AuthorizedOrgsDesc
  4006  	urlParams_         gensupport.URLParams
  4007  	ctx_               context.Context
  4008  	header_            http.Header
  4009  }
  4010  
  4011  // Create: Creates an authorized orgs desc. The long-running operation from
  4012  // this RPC has a successful status after the authorized orgs desc propagates
  4013  // to long-lasting storage. If a authorized orgs desc contains errors, an error
  4014  // response is returned for the first error encountered. The name of this
  4015  // `AuthorizedOrgsDesc` will be assigned during creation.
  4016  //
  4017  //   - parent: Resource name for the access policy which owns this Authorized
  4018  //     Orgs Desc. Format: `accessPolicies/{policy_id}`.
  4019  func (r *AccessPoliciesAuthorizedOrgsDescsService) Create(parent string, authorizedorgsdesc *AuthorizedOrgsDesc) *AccessPoliciesAuthorizedOrgsDescsCreateCall {
  4020  	c := &AccessPoliciesAuthorizedOrgsDescsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4021  	c.parent = parent
  4022  	c.authorizedorgsdesc = authorizedorgsdesc
  4023  	return c
  4024  }
  4025  
  4026  // Fields allows partial responses to be retrieved. See
  4027  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4028  // details.
  4029  func (c *AccessPoliciesAuthorizedOrgsDescsCreateCall) Fields(s ...googleapi.Field) *AccessPoliciesAuthorizedOrgsDescsCreateCall {
  4030  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4031  	return c
  4032  }
  4033  
  4034  // Context sets the context to be used in this call's Do method.
  4035  func (c *AccessPoliciesAuthorizedOrgsDescsCreateCall) Context(ctx context.Context) *AccessPoliciesAuthorizedOrgsDescsCreateCall {
  4036  	c.ctx_ = ctx
  4037  	return c
  4038  }
  4039  
  4040  // Header returns a http.Header that can be modified by the caller to add
  4041  // headers to the request.
  4042  func (c *AccessPoliciesAuthorizedOrgsDescsCreateCall) Header() http.Header {
  4043  	if c.header_ == nil {
  4044  		c.header_ = make(http.Header)
  4045  	}
  4046  	return c.header_
  4047  }
  4048  
  4049  func (c *AccessPoliciesAuthorizedOrgsDescsCreateCall) doRequest(alt string) (*http.Response, error) {
  4050  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4051  	var body io.Reader = nil
  4052  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.authorizedorgsdesc)
  4053  	if err != nil {
  4054  		return nil, err
  4055  	}
  4056  	c.urlParams_.Set("alt", alt)
  4057  	c.urlParams_.Set("prettyPrint", "false")
  4058  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/authorizedOrgsDescs")
  4059  	urls += "?" + c.urlParams_.Encode()
  4060  	req, err := http.NewRequest("POST", urls, body)
  4061  	if err != nil {
  4062  		return nil, err
  4063  	}
  4064  	req.Header = reqHeaders
  4065  	googleapi.Expand(req.URL, map[string]string{
  4066  		"parent": c.parent,
  4067  	})
  4068  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4069  }
  4070  
  4071  // Do executes the "accesscontextmanager.accessPolicies.authorizedOrgsDescs.create" call.
  4072  // Any non-2xx status code is an error. Response headers are in either
  4073  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4074  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4075  // whether the returned error was because http.StatusNotModified was returned.
  4076  func (c *AccessPoliciesAuthorizedOrgsDescsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4077  	gensupport.SetOptions(c.urlParams_, opts...)
  4078  	res, err := c.doRequest("json")
  4079  	if res != nil && res.StatusCode == http.StatusNotModified {
  4080  		if res.Body != nil {
  4081  			res.Body.Close()
  4082  		}
  4083  		return nil, gensupport.WrapError(&googleapi.Error{
  4084  			Code:   res.StatusCode,
  4085  			Header: res.Header,
  4086  		})
  4087  	}
  4088  	if err != nil {
  4089  		return nil, err
  4090  	}
  4091  	defer googleapi.CloseBody(res)
  4092  	if err := googleapi.CheckResponse(res); err != nil {
  4093  		return nil, gensupport.WrapError(err)
  4094  	}
  4095  	ret := &Operation{
  4096  		ServerResponse: googleapi.ServerResponse{
  4097  			Header:         res.Header,
  4098  			HTTPStatusCode: res.StatusCode,
  4099  		},
  4100  	}
  4101  	target := &ret
  4102  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4103  		return nil, err
  4104  	}
  4105  	return ret, nil
  4106  }
  4107  
  4108  type AccessPoliciesAuthorizedOrgsDescsDeleteCall struct {
  4109  	s          *Service
  4110  	name       string
  4111  	urlParams_ gensupport.URLParams
  4112  	ctx_       context.Context
  4113  	header_    http.Header
  4114  }
  4115  
  4116  // Delete: Deletes an authorized orgs desc based on the resource name. The
  4117  // long-running operation from this RPC has a successful status after the
  4118  // authorized orgs desc is removed from long-lasting storage.
  4119  //
  4120  //   - name: Resource name for the Authorized Orgs Desc. Format:
  4121  //     `accessPolicies/{policy_id}/authorizedOrgsDesc/{authorized_orgs_desc_id}`.
  4122  func (r *AccessPoliciesAuthorizedOrgsDescsService) Delete(name string) *AccessPoliciesAuthorizedOrgsDescsDeleteCall {
  4123  	c := &AccessPoliciesAuthorizedOrgsDescsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4124  	c.name = name
  4125  	return c
  4126  }
  4127  
  4128  // Fields allows partial responses to be retrieved. See
  4129  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4130  // details.
  4131  func (c *AccessPoliciesAuthorizedOrgsDescsDeleteCall) Fields(s ...googleapi.Field) *AccessPoliciesAuthorizedOrgsDescsDeleteCall {
  4132  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4133  	return c
  4134  }
  4135  
  4136  // Context sets the context to be used in this call's Do method.
  4137  func (c *AccessPoliciesAuthorizedOrgsDescsDeleteCall) Context(ctx context.Context) *AccessPoliciesAuthorizedOrgsDescsDeleteCall {
  4138  	c.ctx_ = ctx
  4139  	return c
  4140  }
  4141  
  4142  // Header returns a http.Header that can be modified by the caller to add
  4143  // headers to the request.
  4144  func (c *AccessPoliciesAuthorizedOrgsDescsDeleteCall) Header() http.Header {
  4145  	if c.header_ == nil {
  4146  		c.header_ = make(http.Header)
  4147  	}
  4148  	return c.header_
  4149  }
  4150  
  4151  func (c *AccessPoliciesAuthorizedOrgsDescsDeleteCall) doRequest(alt string) (*http.Response, error) {
  4152  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4153  	var body io.Reader = nil
  4154  	c.urlParams_.Set("alt", alt)
  4155  	c.urlParams_.Set("prettyPrint", "false")
  4156  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4157  	urls += "?" + c.urlParams_.Encode()
  4158  	req, err := http.NewRequest("DELETE", urls, body)
  4159  	if err != nil {
  4160  		return nil, err
  4161  	}
  4162  	req.Header = reqHeaders
  4163  	googleapi.Expand(req.URL, map[string]string{
  4164  		"name": c.name,
  4165  	})
  4166  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4167  }
  4168  
  4169  // Do executes the "accesscontextmanager.accessPolicies.authorizedOrgsDescs.delete" call.
  4170  // Any non-2xx status code is an error. Response headers are in either
  4171  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4172  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4173  // whether the returned error was because http.StatusNotModified was returned.
  4174  func (c *AccessPoliciesAuthorizedOrgsDescsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4175  	gensupport.SetOptions(c.urlParams_, opts...)
  4176  	res, err := c.doRequest("json")
  4177  	if res != nil && res.StatusCode == http.StatusNotModified {
  4178  		if res.Body != nil {
  4179  			res.Body.Close()
  4180  		}
  4181  		return nil, gensupport.WrapError(&googleapi.Error{
  4182  			Code:   res.StatusCode,
  4183  			Header: res.Header,
  4184  		})
  4185  	}
  4186  	if err != nil {
  4187  		return nil, err
  4188  	}
  4189  	defer googleapi.CloseBody(res)
  4190  	if err := googleapi.CheckResponse(res); err != nil {
  4191  		return nil, gensupport.WrapError(err)
  4192  	}
  4193  	ret := &Operation{
  4194  		ServerResponse: googleapi.ServerResponse{
  4195  			Header:         res.Header,
  4196  			HTTPStatusCode: res.StatusCode,
  4197  		},
  4198  	}
  4199  	target := &ret
  4200  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4201  		return nil, err
  4202  	}
  4203  	return ret, nil
  4204  }
  4205  
  4206  type AccessPoliciesAuthorizedOrgsDescsGetCall struct {
  4207  	s            *Service
  4208  	name         string
  4209  	urlParams_   gensupport.URLParams
  4210  	ifNoneMatch_ string
  4211  	ctx_         context.Context
  4212  	header_      http.Header
  4213  }
  4214  
  4215  // Get: Gets an authorized orgs desc based on the resource name.
  4216  //
  4217  //   - name: Resource name for the Authorized Orgs Desc. Format:
  4218  //     `accessPolicies/{policy_id}/authorizedOrgsDescs/{authorized_orgs_descs_id}`.
  4219  func (r *AccessPoliciesAuthorizedOrgsDescsService) Get(name string) *AccessPoliciesAuthorizedOrgsDescsGetCall {
  4220  	c := &AccessPoliciesAuthorizedOrgsDescsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4221  	c.name = name
  4222  	return c
  4223  }
  4224  
  4225  // Fields allows partial responses to be retrieved. See
  4226  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4227  // details.
  4228  func (c *AccessPoliciesAuthorizedOrgsDescsGetCall) Fields(s ...googleapi.Field) *AccessPoliciesAuthorizedOrgsDescsGetCall {
  4229  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4230  	return c
  4231  }
  4232  
  4233  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4234  // object's ETag matches the given value. This is useful for getting updates
  4235  // only after the object has changed since the last request.
  4236  func (c *AccessPoliciesAuthorizedOrgsDescsGetCall) IfNoneMatch(entityTag string) *AccessPoliciesAuthorizedOrgsDescsGetCall {
  4237  	c.ifNoneMatch_ = entityTag
  4238  	return c
  4239  }
  4240  
  4241  // Context sets the context to be used in this call's Do method.
  4242  func (c *AccessPoliciesAuthorizedOrgsDescsGetCall) Context(ctx context.Context) *AccessPoliciesAuthorizedOrgsDescsGetCall {
  4243  	c.ctx_ = ctx
  4244  	return c
  4245  }
  4246  
  4247  // Header returns a http.Header that can be modified by the caller to add
  4248  // headers to the request.
  4249  func (c *AccessPoliciesAuthorizedOrgsDescsGetCall) Header() http.Header {
  4250  	if c.header_ == nil {
  4251  		c.header_ = make(http.Header)
  4252  	}
  4253  	return c.header_
  4254  }
  4255  
  4256  func (c *AccessPoliciesAuthorizedOrgsDescsGetCall) doRequest(alt string) (*http.Response, error) {
  4257  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4258  	if c.ifNoneMatch_ != "" {
  4259  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4260  	}
  4261  	var body io.Reader = nil
  4262  	c.urlParams_.Set("alt", alt)
  4263  	c.urlParams_.Set("prettyPrint", "false")
  4264  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4265  	urls += "?" + c.urlParams_.Encode()
  4266  	req, err := http.NewRequest("GET", urls, body)
  4267  	if err != nil {
  4268  		return nil, err
  4269  	}
  4270  	req.Header = reqHeaders
  4271  	googleapi.Expand(req.URL, map[string]string{
  4272  		"name": c.name,
  4273  	})
  4274  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4275  }
  4276  
  4277  // Do executes the "accesscontextmanager.accessPolicies.authorizedOrgsDescs.get" call.
  4278  // Any non-2xx status code is an error. Response headers are in either
  4279  // *AuthorizedOrgsDesc.ServerResponse.Header or (if a response was returned at
  4280  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  4281  // check whether the returned error was because http.StatusNotModified was
  4282  // returned.
  4283  func (c *AccessPoliciesAuthorizedOrgsDescsGetCall) Do(opts ...googleapi.CallOption) (*AuthorizedOrgsDesc, error) {
  4284  	gensupport.SetOptions(c.urlParams_, opts...)
  4285  	res, err := c.doRequest("json")
  4286  	if res != nil && res.StatusCode == http.StatusNotModified {
  4287  		if res.Body != nil {
  4288  			res.Body.Close()
  4289  		}
  4290  		return nil, gensupport.WrapError(&googleapi.Error{
  4291  			Code:   res.StatusCode,
  4292  			Header: res.Header,
  4293  		})
  4294  	}
  4295  	if err != nil {
  4296  		return nil, err
  4297  	}
  4298  	defer googleapi.CloseBody(res)
  4299  	if err := googleapi.CheckResponse(res); err != nil {
  4300  		return nil, gensupport.WrapError(err)
  4301  	}
  4302  	ret := &AuthorizedOrgsDesc{
  4303  		ServerResponse: googleapi.ServerResponse{
  4304  			Header:         res.Header,
  4305  			HTTPStatusCode: res.StatusCode,
  4306  		},
  4307  	}
  4308  	target := &ret
  4309  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4310  		return nil, err
  4311  	}
  4312  	return ret, nil
  4313  }
  4314  
  4315  type AccessPoliciesAuthorizedOrgsDescsListCall struct {
  4316  	s            *Service
  4317  	parent       string
  4318  	urlParams_   gensupport.URLParams
  4319  	ifNoneMatch_ string
  4320  	ctx_         context.Context
  4321  	header_      http.Header
  4322  }
  4323  
  4324  // List: Lists all authorized orgs descs for an access policy.
  4325  //
  4326  //   - parent: Resource name for the access policy to list Authorized Orgs Desc
  4327  //     from. Format: `accessPolicies/{policy_id}`.
  4328  func (r *AccessPoliciesAuthorizedOrgsDescsService) List(parent string) *AccessPoliciesAuthorizedOrgsDescsListCall {
  4329  	c := &AccessPoliciesAuthorizedOrgsDescsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4330  	c.parent = parent
  4331  	return c
  4332  }
  4333  
  4334  // PageSize sets the optional parameter "pageSize": Number of Authorized Orgs
  4335  // Descs to include in the list. Default 100.
  4336  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) PageSize(pageSize int64) *AccessPoliciesAuthorizedOrgsDescsListCall {
  4337  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  4338  	return c
  4339  }
  4340  
  4341  // PageToken sets the optional parameter "pageToken": Next page token for the
  4342  // next batch of Authorized Orgs Desc instances. Defaults to the first page of
  4343  // results.
  4344  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) PageToken(pageToken string) *AccessPoliciesAuthorizedOrgsDescsListCall {
  4345  	c.urlParams_.Set("pageToken", pageToken)
  4346  	return c
  4347  }
  4348  
  4349  // Fields allows partial responses to be retrieved. See
  4350  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4351  // details.
  4352  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) Fields(s ...googleapi.Field) *AccessPoliciesAuthorizedOrgsDescsListCall {
  4353  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4354  	return c
  4355  }
  4356  
  4357  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4358  // object's ETag matches the given value. This is useful for getting updates
  4359  // only after the object has changed since the last request.
  4360  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) IfNoneMatch(entityTag string) *AccessPoliciesAuthorizedOrgsDescsListCall {
  4361  	c.ifNoneMatch_ = entityTag
  4362  	return c
  4363  }
  4364  
  4365  // Context sets the context to be used in this call's Do method.
  4366  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) Context(ctx context.Context) *AccessPoliciesAuthorizedOrgsDescsListCall {
  4367  	c.ctx_ = ctx
  4368  	return c
  4369  }
  4370  
  4371  // Header returns a http.Header that can be modified by the caller to add
  4372  // headers to the request.
  4373  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) Header() http.Header {
  4374  	if c.header_ == nil {
  4375  		c.header_ = make(http.Header)
  4376  	}
  4377  	return c.header_
  4378  }
  4379  
  4380  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) doRequest(alt string) (*http.Response, error) {
  4381  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4382  	if c.ifNoneMatch_ != "" {
  4383  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4384  	}
  4385  	var body io.Reader = nil
  4386  	c.urlParams_.Set("alt", alt)
  4387  	c.urlParams_.Set("prettyPrint", "false")
  4388  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/authorizedOrgsDescs")
  4389  	urls += "?" + c.urlParams_.Encode()
  4390  	req, err := http.NewRequest("GET", urls, body)
  4391  	if err != nil {
  4392  		return nil, err
  4393  	}
  4394  	req.Header = reqHeaders
  4395  	googleapi.Expand(req.URL, map[string]string{
  4396  		"parent": c.parent,
  4397  	})
  4398  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4399  }
  4400  
  4401  // Do executes the "accesscontextmanager.accessPolicies.authorizedOrgsDescs.list" call.
  4402  // Any non-2xx status code is an error. Response headers are in either
  4403  // *ListAuthorizedOrgsDescsResponse.ServerResponse.Header or (if a response was
  4404  // returned at all) in error.(*googleapi.Error).Header. Use
  4405  // googleapi.IsNotModified to check whether the returned error was because
  4406  // http.StatusNotModified was returned.
  4407  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) Do(opts ...googleapi.CallOption) (*ListAuthorizedOrgsDescsResponse, error) {
  4408  	gensupport.SetOptions(c.urlParams_, opts...)
  4409  	res, err := c.doRequest("json")
  4410  	if res != nil && res.StatusCode == http.StatusNotModified {
  4411  		if res.Body != nil {
  4412  			res.Body.Close()
  4413  		}
  4414  		return nil, gensupport.WrapError(&googleapi.Error{
  4415  			Code:   res.StatusCode,
  4416  			Header: res.Header,
  4417  		})
  4418  	}
  4419  	if err != nil {
  4420  		return nil, err
  4421  	}
  4422  	defer googleapi.CloseBody(res)
  4423  	if err := googleapi.CheckResponse(res); err != nil {
  4424  		return nil, gensupport.WrapError(err)
  4425  	}
  4426  	ret := &ListAuthorizedOrgsDescsResponse{
  4427  		ServerResponse: googleapi.ServerResponse{
  4428  			Header:         res.Header,
  4429  			HTTPStatusCode: res.StatusCode,
  4430  		},
  4431  	}
  4432  	target := &ret
  4433  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4434  		return nil, err
  4435  	}
  4436  	return ret, nil
  4437  }
  4438  
  4439  // Pages invokes f for each page of results.
  4440  // A non-nil error returned from f will halt the iteration.
  4441  // The provided context supersedes any context provided to the Context method.
  4442  func (c *AccessPoliciesAuthorizedOrgsDescsListCall) Pages(ctx context.Context, f func(*ListAuthorizedOrgsDescsResponse) error) error {
  4443  	c.ctx_ = ctx
  4444  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  4445  	for {
  4446  		x, err := c.Do()
  4447  		if err != nil {
  4448  			return err
  4449  		}
  4450  		if err := f(x); err != nil {
  4451  			return err
  4452  		}
  4453  		if x.NextPageToken == "" {
  4454  			return nil
  4455  		}
  4456  		c.PageToken(x.NextPageToken)
  4457  	}
  4458  }
  4459  
  4460  type AccessPoliciesAuthorizedOrgsDescsPatchCall struct {
  4461  	s                  *Service
  4462  	name               string
  4463  	authorizedorgsdesc *AuthorizedOrgsDesc
  4464  	urlParams_         gensupport.URLParams
  4465  	ctx_               context.Context
  4466  	header_            http.Header
  4467  }
  4468  
  4469  // Patch: Updates an authorized orgs desc. The long-running operation from this
  4470  // RPC has a successful status after the authorized orgs desc propagates to
  4471  // long-lasting storage. If a authorized orgs desc contains errors, an error
  4472  // response is returned for the first error encountered. Only the organization
  4473  // list in `AuthorizedOrgsDesc` can be updated. The name, authorization_type,
  4474  // asset_type and authorization_direction cannot be updated.
  4475  //
  4476  //   - name: Resource name for the `AuthorizedOrgsDesc`. Format:
  4477  //     `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`
  4478  //     . The `authorized_orgs_desc` component must begin with a letter, followed
  4479  //     by alphanumeric characters or `_`. After you create an
  4480  //     `AuthorizedOrgsDesc`, you cannot change its `name`.
  4481  func (r *AccessPoliciesAuthorizedOrgsDescsService) Patch(name string, authorizedorgsdesc *AuthorizedOrgsDesc) *AccessPoliciesAuthorizedOrgsDescsPatchCall {
  4482  	c := &AccessPoliciesAuthorizedOrgsDescsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4483  	c.name = name
  4484  	c.authorizedorgsdesc = authorizedorgsdesc
  4485  	return c
  4486  }
  4487  
  4488  // UpdateMask sets the optional parameter "updateMask": Required. Mask to
  4489  // control which fields get updated. Must be non-empty.
  4490  func (c *AccessPoliciesAuthorizedOrgsDescsPatchCall) UpdateMask(updateMask string) *AccessPoliciesAuthorizedOrgsDescsPatchCall {
  4491  	c.urlParams_.Set("updateMask", updateMask)
  4492  	return c
  4493  }
  4494  
  4495  // Fields allows partial responses to be retrieved. See
  4496  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4497  // details.
  4498  func (c *AccessPoliciesAuthorizedOrgsDescsPatchCall) Fields(s ...googleapi.Field) *AccessPoliciesAuthorizedOrgsDescsPatchCall {
  4499  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4500  	return c
  4501  }
  4502  
  4503  // Context sets the context to be used in this call's Do method.
  4504  func (c *AccessPoliciesAuthorizedOrgsDescsPatchCall) Context(ctx context.Context) *AccessPoliciesAuthorizedOrgsDescsPatchCall {
  4505  	c.ctx_ = ctx
  4506  	return c
  4507  }
  4508  
  4509  // Header returns a http.Header that can be modified by the caller to add
  4510  // headers to the request.
  4511  func (c *AccessPoliciesAuthorizedOrgsDescsPatchCall) Header() http.Header {
  4512  	if c.header_ == nil {
  4513  		c.header_ = make(http.Header)
  4514  	}
  4515  	return c.header_
  4516  }
  4517  
  4518  func (c *AccessPoliciesAuthorizedOrgsDescsPatchCall) doRequest(alt string) (*http.Response, error) {
  4519  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4520  	var body io.Reader = nil
  4521  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.authorizedorgsdesc)
  4522  	if err != nil {
  4523  		return nil, err
  4524  	}
  4525  	c.urlParams_.Set("alt", alt)
  4526  	c.urlParams_.Set("prettyPrint", "false")
  4527  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4528  	urls += "?" + c.urlParams_.Encode()
  4529  	req, err := http.NewRequest("PATCH", urls, body)
  4530  	if err != nil {
  4531  		return nil, err
  4532  	}
  4533  	req.Header = reqHeaders
  4534  	googleapi.Expand(req.URL, map[string]string{
  4535  		"name": c.name,
  4536  	})
  4537  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4538  }
  4539  
  4540  // Do executes the "accesscontextmanager.accessPolicies.authorizedOrgsDescs.patch" call.
  4541  // Any non-2xx status code is an error. Response headers are in either
  4542  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4543  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4544  // whether the returned error was because http.StatusNotModified was returned.
  4545  func (c *AccessPoliciesAuthorizedOrgsDescsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4546  	gensupport.SetOptions(c.urlParams_, opts...)
  4547  	res, err := c.doRequest("json")
  4548  	if res != nil && res.StatusCode == http.StatusNotModified {
  4549  		if res.Body != nil {
  4550  			res.Body.Close()
  4551  		}
  4552  		return nil, gensupport.WrapError(&googleapi.Error{
  4553  			Code:   res.StatusCode,
  4554  			Header: res.Header,
  4555  		})
  4556  	}
  4557  	if err != nil {
  4558  		return nil, err
  4559  	}
  4560  	defer googleapi.CloseBody(res)
  4561  	if err := googleapi.CheckResponse(res); err != nil {
  4562  		return nil, gensupport.WrapError(err)
  4563  	}
  4564  	ret := &Operation{
  4565  		ServerResponse: googleapi.ServerResponse{
  4566  			Header:         res.Header,
  4567  			HTTPStatusCode: res.StatusCode,
  4568  		},
  4569  	}
  4570  	target := &ret
  4571  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4572  		return nil, err
  4573  	}
  4574  	return ret, nil
  4575  }
  4576  
  4577  type AccessPoliciesServicePerimetersCommitCall struct {
  4578  	s                              *Service
  4579  	parent                         string
  4580  	commitserviceperimetersrequest *CommitServicePerimetersRequest
  4581  	urlParams_                     gensupport.URLParams
  4582  	ctx_                           context.Context
  4583  	header_                        http.Header
  4584  }
  4585  
  4586  // Commit: Commits the dry-run specification for all the service perimeters in
  4587  // an access policy. A commit operation on a service perimeter involves copying
  4588  // its `spec` field to the `status` field of the service perimeter. Only
  4589  // service perimeters with `use_explicit_dry_run_spec` field set to true are
  4590  // affected by a commit operation. The long-running operation from this RPC has
  4591  // a successful status after the dry-run specifications for all the service
  4592  // perimeters have been committed. If a commit fails, it causes the
  4593  // long-running operation to return an error response and the entire commit
  4594  // operation is cancelled. When successful, the Operation.response field
  4595  // contains CommitServicePerimetersResponse. The `dry_run` and the `spec`
  4596  // fields are cleared after a successful commit operation.
  4597  //
  4598  //   - parent: Resource name for the parent Access Policy which owns all Service
  4599  //     Perimeters in scope for the commit operation. Format:
  4600  //     `accessPolicies/{policy_id}`.
  4601  func (r *AccessPoliciesServicePerimetersService) Commit(parent string, commitserviceperimetersrequest *CommitServicePerimetersRequest) *AccessPoliciesServicePerimetersCommitCall {
  4602  	c := &AccessPoliciesServicePerimetersCommitCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4603  	c.parent = parent
  4604  	c.commitserviceperimetersrequest = commitserviceperimetersrequest
  4605  	return c
  4606  }
  4607  
  4608  // Fields allows partial responses to be retrieved. See
  4609  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4610  // details.
  4611  func (c *AccessPoliciesServicePerimetersCommitCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersCommitCall {
  4612  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4613  	return c
  4614  }
  4615  
  4616  // Context sets the context to be used in this call's Do method.
  4617  func (c *AccessPoliciesServicePerimetersCommitCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersCommitCall {
  4618  	c.ctx_ = ctx
  4619  	return c
  4620  }
  4621  
  4622  // Header returns a http.Header that can be modified by the caller to add
  4623  // headers to the request.
  4624  func (c *AccessPoliciesServicePerimetersCommitCall) Header() http.Header {
  4625  	if c.header_ == nil {
  4626  		c.header_ = make(http.Header)
  4627  	}
  4628  	return c.header_
  4629  }
  4630  
  4631  func (c *AccessPoliciesServicePerimetersCommitCall) doRequest(alt string) (*http.Response, error) {
  4632  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4633  	var body io.Reader = nil
  4634  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.commitserviceperimetersrequest)
  4635  	if err != nil {
  4636  		return nil, err
  4637  	}
  4638  	c.urlParams_.Set("alt", alt)
  4639  	c.urlParams_.Set("prettyPrint", "false")
  4640  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/servicePerimeters:commit")
  4641  	urls += "?" + c.urlParams_.Encode()
  4642  	req, err := http.NewRequest("POST", urls, body)
  4643  	if err != nil {
  4644  		return nil, err
  4645  	}
  4646  	req.Header = reqHeaders
  4647  	googleapi.Expand(req.URL, map[string]string{
  4648  		"parent": c.parent,
  4649  	})
  4650  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4651  }
  4652  
  4653  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.commit" call.
  4654  // Any non-2xx status code is an error. Response headers are in either
  4655  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4656  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4657  // whether the returned error was because http.StatusNotModified was returned.
  4658  func (c *AccessPoliciesServicePerimetersCommitCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4659  	gensupport.SetOptions(c.urlParams_, opts...)
  4660  	res, err := c.doRequest("json")
  4661  	if res != nil && res.StatusCode == http.StatusNotModified {
  4662  		if res.Body != nil {
  4663  			res.Body.Close()
  4664  		}
  4665  		return nil, gensupport.WrapError(&googleapi.Error{
  4666  			Code:   res.StatusCode,
  4667  			Header: res.Header,
  4668  		})
  4669  	}
  4670  	if err != nil {
  4671  		return nil, err
  4672  	}
  4673  	defer googleapi.CloseBody(res)
  4674  	if err := googleapi.CheckResponse(res); err != nil {
  4675  		return nil, gensupport.WrapError(err)
  4676  	}
  4677  	ret := &Operation{
  4678  		ServerResponse: googleapi.ServerResponse{
  4679  			Header:         res.Header,
  4680  			HTTPStatusCode: res.StatusCode,
  4681  		},
  4682  	}
  4683  	target := &ret
  4684  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4685  		return nil, err
  4686  	}
  4687  	return ret, nil
  4688  }
  4689  
  4690  type AccessPoliciesServicePerimetersCreateCall struct {
  4691  	s                *Service
  4692  	parent           string
  4693  	serviceperimeter *ServicePerimeter
  4694  	urlParams_       gensupport.URLParams
  4695  	ctx_             context.Context
  4696  	header_          http.Header
  4697  }
  4698  
  4699  // Create: Creates a service perimeter. The long-running operation from this
  4700  // RPC has a successful status after the service perimeter propagates to
  4701  // long-lasting storage. If a service perimeter contains errors, an error
  4702  // response is returned for the first error encountered.
  4703  //
  4704  //   - parent: Resource name for the access policy which owns this Service
  4705  //     Perimeter. Format: `accessPolicies/{policy_id}`.
  4706  func (r *AccessPoliciesServicePerimetersService) Create(parent string, serviceperimeter *ServicePerimeter) *AccessPoliciesServicePerimetersCreateCall {
  4707  	c := &AccessPoliciesServicePerimetersCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4708  	c.parent = parent
  4709  	c.serviceperimeter = serviceperimeter
  4710  	return c
  4711  }
  4712  
  4713  // Fields allows partial responses to be retrieved. See
  4714  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4715  // details.
  4716  func (c *AccessPoliciesServicePerimetersCreateCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersCreateCall {
  4717  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4718  	return c
  4719  }
  4720  
  4721  // Context sets the context to be used in this call's Do method.
  4722  func (c *AccessPoliciesServicePerimetersCreateCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersCreateCall {
  4723  	c.ctx_ = ctx
  4724  	return c
  4725  }
  4726  
  4727  // Header returns a http.Header that can be modified by the caller to add
  4728  // headers to the request.
  4729  func (c *AccessPoliciesServicePerimetersCreateCall) Header() http.Header {
  4730  	if c.header_ == nil {
  4731  		c.header_ = make(http.Header)
  4732  	}
  4733  	return c.header_
  4734  }
  4735  
  4736  func (c *AccessPoliciesServicePerimetersCreateCall) doRequest(alt string) (*http.Response, error) {
  4737  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4738  	var body io.Reader = nil
  4739  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceperimeter)
  4740  	if err != nil {
  4741  		return nil, err
  4742  	}
  4743  	c.urlParams_.Set("alt", alt)
  4744  	c.urlParams_.Set("prettyPrint", "false")
  4745  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/servicePerimeters")
  4746  	urls += "?" + c.urlParams_.Encode()
  4747  	req, err := http.NewRequest("POST", urls, body)
  4748  	if err != nil {
  4749  		return nil, err
  4750  	}
  4751  	req.Header = reqHeaders
  4752  	googleapi.Expand(req.URL, map[string]string{
  4753  		"parent": c.parent,
  4754  	})
  4755  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4756  }
  4757  
  4758  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.create" call.
  4759  // Any non-2xx status code is an error. Response headers are in either
  4760  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4761  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4762  // whether the returned error was because http.StatusNotModified was returned.
  4763  func (c *AccessPoliciesServicePerimetersCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4764  	gensupport.SetOptions(c.urlParams_, opts...)
  4765  	res, err := c.doRequest("json")
  4766  	if res != nil && res.StatusCode == http.StatusNotModified {
  4767  		if res.Body != nil {
  4768  			res.Body.Close()
  4769  		}
  4770  		return nil, gensupport.WrapError(&googleapi.Error{
  4771  			Code:   res.StatusCode,
  4772  			Header: res.Header,
  4773  		})
  4774  	}
  4775  	if err != nil {
  4776  		return nil, err
  4777  	}
  4778  	defer googleapi.CloseBody(res)
  4779  	if err := googleapi.CheckResponse(res); err != nil {
  4780  		return nil, gensupport.WrapError(err)
  4781  	}
  4782  	ret := &Operation{
  4783  		ServerResponse: googleapi.ServerResponse{
  4784  			Header:         res.Header,
  4785  			HTTPStatusCode: res.StatusCode,
  4786  		},
  4787  	}
  4788  	target := &ret
  4789  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4790  		return nil, err
  4791  	}
  4792  	return ret, nil
  4793  }
  4794  
  4795  type AccessPoliciesServicePerimetersDeleteCall struct {
  4796  	s          *Service
  4797  	name       string
  4798  	urlParams_ gensupport.URLParams
  4799  	ctx_       context.Context
  4800  	header_    http.Header
  4801  }
  4802  
  4803  // Delete: Deletes a service perimeter based on the resource name. The
  4804  // long-running operation from this RPC has a successful status after the
  4805  // service perimeter is removed from long-lasting storage.
  4806  //
  4807  //   - name: Resource name for the Service Perimeter. Format:
  4808  //     `accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}`.
  4809  func (r *AccessPoliciesServicePerimetersService) Delete(name string) *AccessPoliciesServicePerimetersDeleteCall {
  4810  	c := &AccessPoliciesServicePerimetersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4811  	c.name = name
  4812  	return c
  4813  }
  4814  
  4815  // Fields allows partial responses to be retrieved. See
  4816  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4817  // details.
  4818  func (c *AccessPoliciesServicePerimetersDeleteCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersDeleteCall {
  4819  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4820  	return c
  4821  }
  4822  
  4823  // Context sets the context to be used in this call's Do method.
  4824  func (c *AccessPoliciesServicePerimetersDeleteCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersDeleteCall {
  4825  	c.ctx_ = ctx
  4826  	return c
  4827  }
  4828  
  4829  // Header returns a http.Header that can be modified by the caller to add
  4830  // headers to the request.
  4831  func (c *AccessPoliciesServicePerimetersDeleteCall) Header() http.Header {
  4832  	if c.header_ == nil {
  4833  		c.header_ = make(http.Header)
  4834  	}
  4835  	return c.header_
  4836  }
  4837  
  4838  func (c *AccessPoliciesServicePerimetersDeleteCall) doRequest(alt string) (*http.Response, error) {
  4839  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4840  	var body io.Reader = nil
  4841  	c.urlParams_.Set("alt", alt)
  4842  	c.urlParams_.Set("prettyPrint", "false")
  4843  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4844  	urls += "?" + c.urlParams_.Encode()
  4845  	req, err := http.NewRequest("DELETE", urls, body)
  4846  	if err != nil {
  4847  		return nil, err
  4848  	}
  4849  	req.Header = reqHeaders
  4850  	googleapi.Expand(req.URL, map[string]string{
  4851  		"name": c.name,
  4852  	})
  4853  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4854  }
  4855  
  4856  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.delete" call.
  4857  // Any non-2xx status code is an error. Response headers are in either
  4858  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4859  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4860  // whether the returned error was because http.StatusNotModified was returned.
  4861  func (c *AccessPoliciesServicePerimetersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4862  	gensupport.SetOptions(c.urlParams_, opts...)
  4863  	res, err := c.doRequest("json")
  4864  	if res != nil && res.StatusCode == http.StatusNotModified {
  4865  		if res.Body != nil {
  4866  			res.Body.Close()
  4867  		}
  4868  		return nil, gensupport.WrapError(&googleapi.Error{
  4869  			Code:   res.StatusCode,
  4870  			Header: res.Header,
  4871  		})
  4872  	}
  4873  	if err != nil {
  4874  		return nil, err
  4875  	}
  4876  	defer googleapi.CloseBody(res)
  4877  	if err := googleapi.CheckResponse(res); err != nil {
  4878  		return nil, gensupport.WrapError(err)
  4879  	}
  4880  	ret := &Operation{
  4881  		ServerResponse: googleapi.ServerResponse{
  4882  			Header:         res.Header,
  4883  			HTTPStatusCode: res.StatusCode,
  4884  		},
  4885  	}
  4886  	target := &ret
  4887  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4888  		return nil, err
  4889  	}
  4890  	return ret, nil
  4891  }
  4892  
  4893  type AccessPoliciesServicePerimetersGetCall struct {
  4894  	s            *Service
  4895  	name         string
  4896  	urlParams_   gensupport.URLParams
  4897  	ifNoneMatch_ string
  4898  	ctx_         context.Context
  4899  	header_      http.Header
  4900  }
  4901  
  4902  // Get: Gets a service perimeter based on the resource name.
  4903  //
  4904  //   - name: Resource name for the Service Perimeter. Format:
  4905  //     `accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}`.
  4906  func (r *AccessPoliciesServicePerimetersService) Get(name string) *AccessPoliciesServicePerimetersGetCall {
  4907  	c := &AccessPoliciesServicePerimetersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4908  	c.name = name
  4909  	return c
  4910  }
  4911  
  4912  // Fields allows partial responses to be retrieved. See
  4913  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4914  // details.
  4915  func (c *AccessPoliciesServicePerimetersGetCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersGetCall {
  4916  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4917  	return c
  4918  }
  4919  
  4920  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4921  // object's ETag matches the given value. This is useful for getting updates
  4922  // only after the object has changed since the last request.
  4923  func (c *AccessPoliciesServicePerimetersGetCall) IfNoneMatch(entityTag string) *AccessPoliciesServicePerimetersGetCall {
  4924  	c.ifNoneMatch_ = entityTag
  4925  	return c
  4926  }
  4927  
  4928  // Context sets the context to be used in this call's Do method.
  4929  func (c *AccessPoliciesServicePerimetersGetCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersGetCall {
  4930  	c.ctx_ = ctx
  4931  	return c
  4932  }
  4933  
  4934  // Header returns a http.Header that can be modified by the caller to add
  4935  // headers to the request.
  4936  func (c *AccessPoliciesServicePerimetersGetCall) Header() http.Header {
  4937  	if c.header_ == nil {
  4938  		c.header_ = make(http.Header)
  4939  	}
  4940  	return c.header_
  4941  }
  4942  
  4943  func (c *AccessPoliciesServicePerimetersGetCall) doRequest(alt string) (*http.Response, error) {
  4944  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4945  	if c.ifNoneMatch_ != "" {
  4946  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4947  	}
  4948  	var body io.Reader = nil
  4949  	c.urlParams_.Set("alt", alt)
  4950  	c.urlParams_.Set("prettyPrint", "false")
  4951  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4952  	urls += "?" + c.urlParams_.Encode()
  4953  	req, err := http.NewRequest("GET", urls, body)
  4954  	if err != nil {
  4955  		return nil, err
  4956  	}
  4957  	req.Header = reqHeaders
  4958  	googleapi.Expand(req.URL, map[string]string{
  4959  		"name": c.name,
  4960  	})
  4961  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4962  }
  4963  
  4964  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.get" call.
  4965  // Any non-2xx status code is an error. Response headers are in either
  4966  // *ServicePerimeter.ServerResponse.Header or (if a response was returned at
  4967  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  4968  // check whether the returned error was because http.StatusNotModified was
  4969  // returned.
  4970  func (c *AccessPoliciesServicePerimetersGetCall) Do(opts ...googleapi.CallOption) (*ServicePerimeter, error) {
  4971  	gensupport.SetOptions(c.urlParams_, opts...)
  4972  	res, err := c.doRequest("json")
  4973  	if res != nil && res.StatusCode == http.StatusNotModified {
  4974  		if res.Body != nil {
  4975  			res.Body.Close()
  4976  		}
  4977  		return nil, gensupport.WrapError(&googleapi.Error{
  4978  			Code:   res.StatusCode,
  4979  			Header: res.Header,
  4980  		})
  4981  	}
  4982  	if err != nil {
  4983  		return nil, err
  4984  	}
  4985  	defer googleapi.CloseBody(res)
  4986  	if err := googleapi.CheckResponse(res); err != nil {
  4987  		return nil, gensupport.WrapError(err)
  4988  	}
  4989  	ret := &ServicePerimeter{
  4990  		ServerResponse: googleapi.ServerResponse{
  4991  			Header:         res.Header,
  4992  			HTTPStatusCode: res.StatusCode,
  4993  		},
  4994  	}
  4995  	target := &ret
  4996  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4997  		return nil, err
  4998  	}
  4999  	return ret, nil
  5000  }
  5001  
  5002  type AccessPoliciesServicePerimetersListCall struct {
  5003  	s            *Service
  5004  	parent       string
  5005  	urlParams_   gensupport.URLParams
  5006  	ifNoneMatch_ string
  5007  	ctx_         context.Context
  5008  	header_      http.Header
  5009  }
  5010  
  5011  // List: Lists all service perimeters for an access policy.
  5012  //
  5013  //   - parent: Resource name for the access policy to list Service Perimeters
  5014  //     from. Format: `accessPolicies/{policy_id}`.
  5015  func (r *AccessPoliciesServicePerimetersService) List(parent string) *AccessPoliciesServicePerimetersListCall {
  5016  	c := &AccessPoliciesServicePerimetersListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5017  	c.parent = parent
  5018  	return c
  5019  }
  5020  
  5021  // PageSize sets the optional parameter "pageSize": Number of Service
  5022  // Perimeters to include in the list. Default 100.
  5023  func (c *AccessPoliciesServicePerimetersListCall) PageSize(pageSize int64) *AccessPoliciesServicePerimetersListCall {
  5024  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  5025  	return c
  5026  }
  5027  
  5028  // PageToken sets the optional parameter "pageToken": Next page token for the
  5029  // next batch of Service Perimeter instances. Defaults to the first page of
  5030  // results.
  5031  func (c *AccessPoliciesServicePerimetersListCall) PageToken(pageToken string) *AccessPoliciesServicePerimetersListCall {
  5032  	c.urlParams_.Set("pageToken", pageToken)
  5033  	return c
  5034  }
  5035  
  5036  // Fields allows partial responses to be retrieved. See
  5037  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5038  // details.
  5039  func (c *AccessPoliciesServicePerimetersListCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersListCall {
  5040  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5041  	return c
  5042  }
  5043  
  5044  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5045  // object's ETag matches the given value. This is useful for getting updates
  5046  // only after the object has changed since the last request.
  5047  func (c *AccessPoliciesServicePerimetersListCall) IfNoneMatch(entityTag string) *AccessPoliciesServicePerimetersListCall {
  5048  	c.ifNoneMatch_ = entityTag
  5049  	return c
  5050  }
  5051  
  5052  // Context sets the context to be used in this call's Do method.
  5053  func (c *AccessPoliciesServicePerimetersListCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersListCall {
  5054  	c.ctx_ = ctx
  5055  	return c
  5056  }
  5057  
  5058  // Header returns a http.Header that can be modified by the caller to add
  5059  // headers to the request.
  5060  func (c *AccessPoliciesServicePerimetersListCall) Header() http.Header {
  5061  	if c.header_ == nil {
  5062  		c.header_ = make(http.Header)
  5063  	}
  5064  	return c.header_
  5065  }
  5066  
  5067  func (c *AccessPoliciesServicePerimetersListCall) doRequest(alt string) (*http.Response, error) {
  5068  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5069  	if c.ifNoneMatch_ != "" {
  5070  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5071  	}
  5072  	var body io.Reader = nil
  5073  	c.urlParams_.Set("alt", alt)
  5074  	c.urlParams_.Set("prettyPrint", "false")
  5075  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/servicePerimeters")
  5076  	urls += "?" + c.urlParams_.Encode()
  5077  	req, err := http.NewRequest("GET", urls, body)
  5078  	if err != nil {
  5079  		return nil, err
  5080  	}
  5081  	req.Header = reqHeaders
  5082  	googleapi.Expand(req.URL, map[string]string{
  5083  		"parent": c.parent,
  5084  	})
  5085  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5086  }
  5087  
  5088  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.list" call.
  5089  // Any non-2xx status code is an error. Response headers are in either
  5090  // *ListServicePerimetersResponse.ServerResponse.Header or (if a response was
  5091  // returned at all) in error.(*googleapi.Error).Header. Use
  5092  // googleapi.IsNotModified to check whether the returned error was because
  5093  // http.StatusNotModified was returned.
  5094  func (c *AccessPoliciesServicePerimetersListCall) Do(opts ...googleapi.CallOption) (*ListServicePerimetersResponse, error) {
  5095  	gensupport.SetOptions(c.urlParams_, opts...)
  5096  	res, err := c.doRequest("json")
  5097  	if res != nil && res.StatusCode == http.StatusNotModified {
  5098  		if res.Body != nil {
  5099  			res.Body.Close()
  5100  		}
  5101  		return nil, gensupport.WrapError(&googleapi.Error{
  5102  			Code:   res.StatusCode,
  5103  			Header: res.Header,
  5104  		})
  5105  	}
  5106  	if err != nil {
  5107  		return nil, err
  5108  	}
  5109  	defer googleapi.CloseBody(res)
  5110  	if err := googleapi.CheckResponse(res); err != nil {
  5111  		return nil, gensupport.WrapError(err)
  5112  	}
  5113  	ret := &ListServicePerimetersResponse{
  5114  		ServerResponse: googleapi.ServerResponse{
  5115  			Header:         res.Header,
  5116  			HTTPStatusCode: res.StatusCode,
  5117  		},
  5118  	}
  5119  	target := &ret
  5120  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5121  		return nil, err
  5122  	}
  5123  	return ret, nil
  5124  }
  5125  
  5126  // Pages invokes f for each page of results.
  5127  // A non-nil error returned from f will halt the iteration.
  5128  // The provided context supersedes any context provided to the Context method.
  5129  func (c *AccessPoliciesServicePerimetersListCall) Pages(ctx context.Context, f func(*ListServicePerimetersResponse) error) error {
  5130  	c.ctx_ = ctx
  5131  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  5132  	for {
  5133  		x, err := c.Do()
  5134  		if err != nil {
  5135  			return err
  5136  		}
  5137  		if err := f(x); err != nil {
  5138  			return err
  5139  		}
  5140  		if x.NextPageToken == "" {
  5141  			return nil
  5142  		}
  5143  		c.PageToken(x.NextPageToken)
  5144  	}
  5145  }
  5146  
  5147  type AccessPoliciesServicePerimetersPatchCall struct {
  5148  	s                *Service
  5149  	name             string
  5150  	serviceperimeter *ServicePerimeter
  5151  	urlParams_       gensupport.URLParams
  5152  	ctx_             context.Context
  5153  	header_          http.Header
  5154  }
  5155  
  5156  // Patch: Updates a service perimeter. The long-running operation from this RPC
  5157  // has a successful status after the service perimeter propagates to
  5158  // long-lasting storage. If a service perimeter contains errors, an error
  5159  // response is returned for the first error encountered.
  5160  //
  5161  //   - name: Resource name for the `ServicePerimeter`. Format:
  5162  //     `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`.
  5163  //     The `service_perimeter` component must begin with a letter, followed by
  5164  //     alphanumeric characters or `_`. After you create a `ServicePerimeter`, you
  5165  //     cannot change its `name`.
  5166  func (r *AccessPoliciesServicePerimetersService) Patch(name string, serviceperimeter *ServicePerimeter) *AccessPoliciesServicePerimetersPatchCall {
  5167  	c := &AccessPoliciesServicePerimetersPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5168  	c.name = name
  5169  	c.serviceperimeter = serviceperimeter
  5170  	return c
  5171  }
  5172  
  5173  // UpdateMask sets the optional parameter "updateMask": Required. Mask to
  5174  // control which fields get updated. Must be non-empty.
  5175  func (c *AccessPoliciesServicePerimetersPatchCall) UpdateMask(updateMask string) *AccessPoliciesServicePerimetersPatchCall {
  5176  	c.urlParams_.Set("updateMask", updateMask)
  5177  	return c
  5178  }
  5179  
  5180  // Fields allows partial responses to be retrieved. See
  5181  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5182  // details.
  5183  func (c *AccessPoliciesServicePerimetersPatchCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersPatchCall {
  5184  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5185  	return c
  5186  }
  5187  
  5188  // Context sets the context to be used in this call's Do method.
  5189  func (c *AccessPoliciesServicePerimetersPatchCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersPatchCall {
  5190  	c.ctx_ = ctx
  5191  	return c
  5192  }
  5193  
  5194  // Header returns a http.Header that can be modified by the caller to add
  5195  // headers to the request.
  5196  func (c *AccessPoliciesServicePerimetersPatchCall) Header() http.Header {
  5197  	if c.header_ == nil {
  5198  		c.header_ = make(http.Header)
  5199  	}
  5200  	return c.header_
  5201  }
  5202  
  5203  func (c *AccessPoliciesServicePerimetersPatchCall) doRequest(alt string) (*http.Response, error) {
  5204  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5205  	var body io.Reader = nil
  5206  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceperimeter)
  5207  	if err != nil {
  5208  		return nil, err
  5209  	}
  5210  	c.urlParams_.Set("alt", alt)
  5211  	c.urlParams_.Set("prettyPrint", "false")
  5212  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5213  	urls += "?" + c.urlParams_.Encode()
  5214  	req, err := http.NewRequest("PATCH", urls, body)
  5215  	if err != nil {
  5216  		return nil, err
  5217  	}
  5218  	req.Header = reqHeaders
  5219  	googleapi.Expand(req.URL, map[string]string{
  5220  		"name": c.name,
  5221  	})
  5222  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5223  }
  5224  
  5225  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.patch" call.
  5226  // Any non-2xx status code is an error. Response headers are in either
  5227  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5228  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5229  // whether the returned error was because http.StatusNotModified was returned.
  5230  func (c *AccessPoliciesServicePerimetersPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5231  	gensupport.SetOptions(c.urlParams_, opts...)
  5232  	res, err := c.doRequest("json")
  5233  	if res != nil && res.StatusCode == http.StatusNotModified {
  5234  		if res.Body != nil {
  5235  			res.Body.Close()
  5236  		}
  5237  		return nil, gensupport.WrapError(&googleapi.Error{
  5238  			Code:   res.StatusCode,
  5239  			Header: res.Header,
  5240  		})
  5241  	}
  5242  	if err != nil {
  5243  		return nil, err
  5244  	}
  5245  	defer googleapi.CloseBody(res)
  5246  	if err := googleapi.CheckResponse(res); err != nil {
  5247  		return nil, gensupport.WrapError(err)
  5248  	}
  5249  	ret := &Operation{
  5250  		ServerResponse: googleapi.ServerResponse{
  5251  			Header:         res.Header,
  5252  			HTTPStatusCode: res.StatusCode,
  5253  		},
  5254  	}
  5255  	target := &ret
  5256  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5257  		return nil, err
  5258  	}
  5259  	return ret, nil
  5260  }
  5261  
  5262  type AccessPoliciesServicePerimetersReplaceAllCall struct {
  5263  	s                               *Service
  5264  	parent                          string
  5265  	replaceserviceperimetersrequest *ReplaceServicePerimetersRequest
  5266  	urlParams_                      gensupport.URLParams
  5267  	ctx_                            context.Context
  5268  	header_                         http.Header
  5269  }
  5270  
  5271  // ReplaceAll: Replace all existing service perimeters in an access policy with
  5272  // the service perimeters provided. This is done atomically. The long-running
  5273  // operation from this RPC has a successful status after all replacements
  5274  // propagate to long-lasting storage. Replacements containing errors result in
  5275  // an error response for the first error encountered. Upon an error,
  5276  // replacement are cancelled and existing service perimeters are not affected.
  5277  // The Operation.response field contains ReplaceServicePerimetersResponse.
  5278  //
  5279  //   - parent: Resource name for the access policy which owns these Service
  5280  //     Perimeters. Format: `accessPolicies/{policy_id}`.
  5281  func (r *AccessPoliciesServicePerimetersService) ReplaceAll(parent string, replaceserviceperimetersrequest *ReplaceServicePerimetersRequest) *AccessPoliciesServicePerimetersReplaceAllCall {
  5282  	c := &AccessPoliciesServicePerimetersReplaceAllCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5283  	c.parent = parent
  5284  	c.replaceserviceperimetersrequest = replaceserviceperimetersrequest
  5285  	return c
  5286  }
  5287  
  5288  // Fields allows partial responses to be retrieved. See
  5289  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5290  // details.
  5291  func (c *AccessPoliciesServicePerimetersReplaceAllCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersReplaceAllCall {
  5292  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5293  	return c
  5294  }
  5295  
  5296  // Context sets the context to be used in this call's Do method.
  5297  func (c *AccessPoliciesServicePerimetersReplaceAllCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersReplaceAllCall {
  5298  	c.ctx_ = ctx
  5299  	return c
  5300  }
  5301  
  5302  // Header returns a http.Header that can be modified by the caller to add
  5303  // headers to the request.
  5304  func (c *AccessPoliciesServicePerimetersReplaceAllCall) Header() http.Header {
  5305  	if c.header_ == nil {
  5306  		c.header_ = make(http.Header)
  5307  	}
  5308  	return c.header_
  5309  }
  5310  
  5311  func (c *AccessPoliciesServicePerimetersReplaceAllCall) doRequest(alt string) (*http.Response, error) {
  5312  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5313  	var body io.Reader = nil
  5314  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.replaceserviceperimetersrequest)
  5315  	if err != nil {
  5316  		return nil, err
  5317  	}
  5318  	c.urlParams_.Set("alt", alt)
  5319  	c.urlParams_.Set("prettyPrint", "false")
  5320  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/servicePerimeters:replaceAll")
  5321  	urls += "?" + c.urlParams_.Encode()
  5322  	req, err := http.NewRequest("POST", urls, body)
  5323  	if err != nil {
  5324  		return nil, err
  5325  	}
  5326  	req.Header = reqHeaders
  5327  	googleapi.Expand(req.URL, map[string]string{
  5328  		"parent": c.parent,
  5329  	})
  5330  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5331  }
  5332  
  5333  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.replaceAll" call.
  5334  // Any non-2xx status code is an error. Response headers are in either
  5335  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5336  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5337  // whether the returned error was because http.StatusNotModified was returned.
  5338  func (c *AccessPoliciesServicePerimetersReplaceAllCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5339  	gensupport.SetOptions(c.urlParams_, opts...)
  5340  	res, err := c.doRequest("json")
  5341  	if res != nil && res.StatusCode == http.StatusNotModified {
  5342  		if res.Body != nil {
  5343  			res.Body.Close()
  5344  		}
  5345  		return nil, gensupport.WrapError(&googleapi.Error{
  5346  			Code:   res.StatusCode,
  5347  			Header: res.Header,
  5348  		})
  5349  	}
  5350  	if err != nil {
  5351  		return nil, err
  5352  	}
  5353  	defer googleapi.CloseBody(res)
  5354  	if err := googleapi.CheckResponse(res); err != nil {
  5355  		return nil, gensupport.WrapError(err)
  5356  	}
  5357  	ret := &Operation{
  5358  		ServerResponse: googleapi.ServerResponse{
  5359  			Header:         res.Header,
  5360  			HTTPStatusCode: res.StatusCode,
  5361  		},
  5362  	}
  5363  	target := &ret
  5364  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5365  		return nil, err
  5366  	}
  5367  	return ret, nil
  5368  }
  5369  
  5370  type AccessPoliciesServicePerimetersTestIamPermissionsCall struct {
  5371  	s                         *Service
  5372  	resource                  string
  5373  	testiampermissionsrequest *TestIamPermissionsRequest
  5374  	urlParams_                gensupport.URLParams
  5375  	ctx_                      context.Context
  5376  	header_                   http.Header
  5377  }
  5378  
  5379  // TestIamPermissions: Returns the IAM permissions that the caller has on the
  5380  // specified Access Context Manager resource. The resource can be an
  5381  // AccessPolicy, AccessLevel, or ServicePerimeter. This method does not support
  5382  // other resources.
  5383  //
  5384  //   - resource: REQUIRED: The resource for which the policy detail is being
  5385  //     requested. See Resource names
  5386  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
  5387  //     value for this field.
  5388  func (r *AccessPoliciesServicePerimetersService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *AccessPoliciesServicePerimetersTestIamPermissionsCall {
  5389  	c := &AccessPoliciesServicePerimetersTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5390  	c.resource = resource
  5391  	c.testiampermissionsrequest = testiampermissionsrequest
  5392  	return c
  5393  }
  5394  
  5395  // Fields allows partial responses to be retrieved. See
  5396  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5397  // details.
  5398  func (c *AccessPoliciesServicePerimetersTestIamPermissionsCall) Fields(s ...googleapi.Field) *AccessPoliciesServicePerimetersTestIamPermissionsCall {
  5399  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5400  	return c
  5401  }
  5402  
  5403  // Context sets the context to be used in this call's Do method.
  5404  func (c *AccessPoliciesServicePerimetersTestIamPermissionsCall) Context(ctx context.Context) *AccessPoliciesServicePerimetersTestIamPermissionsCall {
  5405  	c.ctx_ = ctx
  5406  	return c
  5407  }
  5408  
  5409  // Header returns a http.Header that can be modified by the caller to add
  5410  // headers to the request.
  5411  func (c *AccessPoliciesServicePerimetersTestIamPermissionsCall) Header() http.Header {
  5412  	if c.header_ == nil {
  5413  		c.header_ = make(http.Header)
  5414  	}
  5415  	return c.header_
  5416  }
  5417  
  5418  func (c *AccessPoliciesServicePerimetersTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
  5419  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5420  	var body io.Reader = nil
  5421  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
  5422  	if err != nil {
  5423  		return nil, err
  5424  	}
  5425  	c.urlParams_.Set("alt", alt)
  5426  	c.urlParams_.Set("prettyPrint", "false")
  5427  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
  5428  	urls += "?" + c.urlParams_.Encode()
  5429  	req, err := http.NewRequest("POST", urls, body)
  5430  	if err != nil {
  5431  		return nil, err
  5432  	}
  5433  	req.Header = reqHeaders
  5434  	googleapi.Expand(req.URL, map[string]string{
  5435  		"resource": c.resource,
  5436  	})
  5437  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5438  }
  5439  
  5440  // Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.testIamPermissions" call.
  5441  // Any non-2xx status code is an error. Response headers are in either
  5442  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
  5443  // returned at all) in error.(*googleapi.Error).Header. Use
  5444  // googleapi.IsNotModified to check whether the returned error was because
  5445  // http.StatusNotModified was returned.
  5446  func (c *AccessPoliciesServicePerimetersTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
  5447  	gensupport.SetOptions(c.urlParams_, opts...)
  5448  	res, err := c.doRequest("json")
  5449  	if res != nil && res.StatusCode == http.StatusNotModified {
  5450  		if res.Body != nil {
  5451  			res.Body.Close()
  5452  		}
  5453  		return nil, gensupport.WrapError(&googleapi.Error{
  5454  			Code:   res.StatusCode,
  5455  			Header: res.Header,
  5456  		})
  5457  	}
  5458  	if err != nil {
  5459  		return nil, err
  5460  	}
  5461  	defer googleapi.CloseBody(res)
  5462  	if err := googleapi.CheckResponse(res); err != nil {
  5463  		return nil, gensupport.WrapError(err)
  5464  	}
  5465  	ret := &TestIamPermissionsResponse{
  5466  		ServerResponse: googleapi.ServerResponse{
  5467  			Header:         res.Header,
  5468  			HTTPStatusCode: res.StatusCode,
  5469  		},
  5470  	}
  5471  	target := &ret
  5472  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5473  		return nil, err
  5474  	}
  5475  	return ret, nil
  5476  }
  5477  
  5478  type OperationsCancelCall struct {
  5479  	s                      *Service
  5480  	name                   string
  5481  	canceloperationrequest *CancelOperationRequest
  5482  	urlParams_             gensupport.URLParams
  5483  	ctx_                   context.Context
  5484  	header_                http.Header
  5485  }
  5486  
  5487  // Cancel: Starts asynchronous cancellation on a long-running operation. The
  5488  // server makes a best effort to cancel the operation, but success is not
  5489  // guaranteed. If the server doesn't support this method, it returns
  5490  // `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or
  5491  // other methods to check whether the cancellation succeeded or whether the
  5492  // operation completed despite cancellation. On successful cancellation, the
  5493  // operation is not deleted; instead, it becomes an operation with an
  5494  // Operation.error value with a google.rpc.Status.code of 1, corresponding to
  5495  // `Code.CANCELLED`.
  5496  //
  5497  // - name: The name of the operation resource to be cancelled.
  5498  func (r *OperationsService) Cancel(name string, canceloperationrequest *CancelOperationRequest) *OperationsCancelCall {
  5499  	c := &OperationsCancelCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5500  	c.name = name
  5501  	c.canceloperationrequest = canceloperationrequest
  5502  	return c
  5503  }
  5504  
  5505  // Fields allows partial responses to be retrieved. See
  5506  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5507  // details.
  5508  func (c *OperationsCancelCall) Fields(s ...googleapi.Field) *OperationsCancelCall {
  5509  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5510  	return c
  5511  }
  5512  
  5513  // Context sets the context to be used in this call's Do method.
  5514  func (c *OperationsCancelCall) Context(ctx context.Context) *OperationsCancelCall {
  5515  	c.ctx_ = ctx
  5516  	return c
  5517  }
  5518  
  5519  // Header returns a http.Header that can be modified by the caller to add
  5520  // headers to the request.
  5521  func (c *OperationsCancelCall) Header() http.Header {
  5522  	if c.header_ == nil {
  5523  		c.header_ = make(http.Header)
  5524  	}
  5525  	return c.header_
  5526  }
  5527  
  5528  func (c *OperationsCancelCall) doRequest(alt string) (*http.Response, error) {
  5529  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5530  	var body io.Reader = nil
  5531  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.canceloperationrequest)
  5532  	if err != nil {
  5533  		return nil, err
  5534  	}
  5535  	c.urlParams_.Set("alt", alt)
  5536  	c.urlParams_.Set("prettyPrint", "false")
  5537  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:cancel")
  5538  	urls += "?" + c.urlParams_.Encode()
  5539  	req, err := http.NewRequest("POST", urls, body)
  5540  	if err != nil {
  5541  		return nil, err
  5542  	}
  5543  	req.Header = reqHeaders
  5544  	googleapi.Expand(req.URL, map[string]string{
  5545  		"name": c.name,
  5546  	})
  5547  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5548  }
  5549  
  5550  // Do executes the "accesscontextmanager.operations.cancel" call.
  5551  // Any non-2xx status code is an error. Response headers are in either
  5552  // *Empty.ServerResponse.Header or (if a response was returned at all) in
  5553  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5554  // whether the returned error was because http.StatusNotModified was returned.
  5555  func (c *OperationsCancelCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
  5556  	gensupport.SetOptions(c.urlParams_, opts...)
  5557  	res, err := c.doRequest("json")
  5558  	if res != nil && res.StatusCode == http.StatusNotModified {
  5559  		if res.Body != nil {
  5560  			res.Body.Close()
  5561  		}
  5562  		return nil, gensupport.WrapError(&googleapi.Error{
  5563  			Code:   res.StatusCode,
  5564  			Header: res.Header,
  5565  		})
  5566  	}
  5567  	if err != nil {
  5568  		return nil, err
  5569  	}
  5570  	defer googleapi.CloseBody(res)
  5571  	if err := googleapi.CheckResponse(res); err != nil {
  5572  		return nil, gensupport.WrapError(err)
  5573  	}
  5574  	ret := &Empty{
  5575  		ServerResponse: googleapi.ServerResponse{
  5576  			Header:         res.Header,
  5577  			HTTPStatusCode: res.StatusCode,
  5578  		},
  5579  	}
  5580  	target := &ret
  5581  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5582  		return nil, err
  5583  	}
  5584  	return ret, nil
  5585  }
  5586  
  5587  type OperationsDeleteCall struct {
  5588  	s          *Service
  5589  	name       string
  5590  	urlParams_ gensupport.URLParams
  5591  	ctx_       context.Context
  5592  	header_    http.Header
  5593  }
  5594  
  5595  // Delete: Deletes a long-running operation. This method indicates that the
  5596  // client is no longer interested in the operation result. It does not cancel
  5597  // the operation. If the server doesn't support this method, it returns
  5598  // `google.rpc.Code.UNIMPLEMENTED`.
  5599  //
  5600  // - name: The name of the operation resource to be deleted.
  5601  func (r *OperationsService) Delete(name string) *OperationsDeleteCall {
  5602  	c := &OperationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5603  	c.name = name
  5604  	return c
  5605  }
  5606  
  5607  // Fields allows partial responses to be retrieved. See
  5608  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5609  // details.
  5610  func (c *OperationsDeleteCall) Fields(s ...googleapi.Field) *OperationsDeleteCall {
  5611  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5612  	return c
  5613  }
  5614  
  5615  // Context sets the context to be used in this call's Do method.
  5616  func (c *OperationsDeleteCall) Context(ctx context.Context) *OperationsDeleteCall {
  5617  	c.ctx_ = ctx
  5618  	return c
  5619  }
  5620  
  5621  // Header returns a http.Header that can be modified by the caller to add
  5622  // headers to the request.
  5623  func (c *OperationsDeleteCall) Header() http.Header {
  5624  	if c.header_ == nil {
  5625  		c.header_ = make(http.Header)
  5626  	}
  5627  	return c.header_
  5628  }
  5629  
  5630  func (c *OperationsDeleteCall) doRequest(alt string) (*http.Response, error) {
  5631  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5632  	var body io.Reader = nil
  5633  	c.urlParams_.Set("alt", alt)
  5634  	c.urlParams_.Set("prettyPrint", "false")
  5635  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5636  	urls += "?" + c.urlParams_.Encode()
  5637  	req, err := http.NewRequest("DELETE", urls, body)
  5638  	if err != nil {
  5639  		return nil, err
  5640  	}
  5641  	req.Header = reqHeaders
  5642  	googleapi.Expand(req.URL, map[string]string{
  5643  		"name": c.name,
  5644  	})
  5645  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5646  }
  5647  
  5648  // Do executes the "accesscontextmanager.operations.delete" call.
  5649  // Any non-2xx status code is an error. Response headers are in either
  5650  // *Empty.ServerResponse.Header or (if a response was returned at all) in
  5651  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5652  // whether the returned error was because http.StatusNotModified was returned.
  5653  func (c *OperationsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
  5654  	gensupport.SetOptions(c.urlParams_, opts...)
  5655  	res, err := c.doRequest("json")
  5656  	if res != nil && res.StatusCode == http.StatusNotModified {
  5657  		if res.Body != nil {
  5658  			res.Body.Close()
  5659  		}
  5660  		return nil, gensupport.WrapError(&googleapi.Error{
  5661  			Code:   res.StatusCode,
  5662  			Header: res.Header,
  5663  		})
  5664  	}
  5665  	if err != nil {
  5666  		return nil, err
  5667  	}
  5668  	defer googleapi.CloseBody(res)
  5669  	if err := googleapi.CheckResponse(res); err != nil {
  5670  		return nil, gensupport.WrapError(err)
  5671  	}
  5672  	ret := &Empty{
  5673  		ServerResponse: googleapi.ServerResponse{
  5674  			Header:         res.Header,
  5675  			HTTPStatusCode: res.StatusCode,
  5676  		},
  5677  	}
  5678  	target := &ret
  5679  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5680  		return nil, err
  5681  	}
  5682  	return ret, nil
  5683  }
  5684  
  5685  type OperationsGetCall struct {
  5686  	s            *Service
  5687  	name         string
  5688  	urlParams_   gensupport.URLParams
  5689  	ifNoneMatch_ string
  5690  	ctx_         context.Context
  5691  	header_      http.Header
  5692  }
  5693  
  5694  // Get: Gets the latest state of a long-running operation. Clients can use this
  5695  // method to poll the operation result at intervals as recommended by the API
  5696  // service.
  5697  //
  5698  // - name: The name of the operation resource.
  5699  func (r *OperationsService) Get(name string) *OperationsGetCall {
  5700  	c := &OperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5701  	c.name = name
  5702  	return c
  5703  }
  5704  
  5705  // Fields allows partial responses to be retrieved. See
  5706  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5707  // details.
  5708  func (c *OperationsGetCall) Fields(s ...googleapi.Field) *OperationsGetCall {
  5709  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5710  	return c
  5711  }
  5712  
  5713  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5714  // object's ETag matches the given value. This is useful for getting updates
  5715  // only after the object has changed since the last request.
  5716  func (c *OperationsGetCall) IfNoneMatch(entityTag string) *OperationsGetCall {
  5717  	c.ifNoneMatch_ = entityTag
  5718  	return c
  5719  }
  5720  
  5721  // Context sets the context to be used in this call's Do method.
  5722  func (c *OperationsGetCall) Context(ctx context.Context) *OperationsGetCall {
  5723  	c.ctx_ = ctx
  5724  	return c
  5725  }
  5726  
  5727  // Header returns a http.Header that can be modified by the caller to add
  5728  // headers to the request.
  5729  func (c *OperationsGetCall) Header() http.Header {
  5730  	if c.header_ == nil {
  5731  		c.header_ = make(http.Header)
  5732  	}
  5733  	return c.header_
  5734  }
  5735  
  5736  func (c *OperationsGetCall) doRequest(alt string) (*http.Response, error) {
  5737  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5738  	if c.ifNoneMatch_ != "" {
  5739  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5740  	}
  5741  	var body io.Reader = nil
  5742  	c.urlParams_.Set("alt", alt)
  5743  	c.urlParams_.Set("prettyPrint", "false")
  5744  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5745  	urls += "?" + c.urlParams_.Encode()
  5746  	req, err := http.NewRequest("GET", urls, body)
  5747  	if err != nil {
  5748  		return nil, err
  5749  	}
  5750  	req.Header = reqHeaders
  5751  	googleapi.Expand(req.URL, map[string]string{
  5752  		"name": c.name,
  5753  	})
  5754  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5755  }
  5756  
  5757  // Do executes the "accesscontextmanager.operations.get" call.
  5758  // Any non-2xx status code is an error. Response headers are in either
  5759  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5760  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5761  // whether the returned error was because http.StatusNotModified was returned.
  5762  func (c *OperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5763  	gensupport.SetOptions(c.urlParams_, opts...)
  5764  	res, err := c.doRequest("json")
  5765  	if res != nil && res.StatusCode == http.StatusNotModified {
  5766  		if res.Body != nil {
  5767  			res.Body.Close()
  5768  		}
  5769  		return nil, gensupport.WrapError(&googleapi.Error{
  5770  			Code:   res.StatusCode,
  5771  			Header: res.Header,
  5772  		})
  5773  	}
  5774  	if err != nil {
  5775  		return nil, err
  5776  	}
  5777  	defer googleapi.CloseBody(res)
  5778  	if err := googleapi.CheckResponse(res); err != nil {
  5779  		return nil, gensupport.WrapError(err)
  5780  	}
  5781  	ret := &Operation{
  5782  		ServerResponse: googleapi.ServerResponse{
  5783  			Header:         res.Header,
  5784  			HTTPStatusCode: res.StatusCode,
  5785  		},
  5786  	}
  5787  	target := &ret
  5788  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5789  		return nil, err
  5790  	}
  5791  	return ret, nil
  5792  }
  5793  
  5794  type OperationsListCall struct {
  5795  	s            *Service
  5796  	name         string
  5797  	urlParams_   gensupport.URLParams
  5798  	ifNoneMatch_ string
  5799  	ctx_         context.Context
  5800  	header_      http.Header
  5801  }
  5802  
  5803  // List: Lists operations that match the specified filter in the request. If
  5804  // the server doesn't support this method, it returns `UNIMPLEMENTED`.
  5805  //
  5806  // - name: The name of the operation's parent resource.
  5807  func (r *OperationsService) List(name string) *OperationsListCall {
  5808  	c := &OperationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5809  	c.name = name
  5810  	return c
  5811  }
  5812  
  5813  // Filter sets the optional parameter "filter": The standard list filter.
  5814  func (c *OperationsListCall) Filter(filter string) *OperationsListCall {
  5815  	c.urlParams_.Set("filter", filter)
  5816  	return c
  5817  }
  5818  
  5819  // PageSize sets the optional parameter "pageSize": The standard list page
  5820  // size.
  5821  func (c *OperationsListCall) PageSize(pageSize int64) *OperationsListCall {
  5822  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  5823  	return c
  5824  }
  5825  
  5826  // PageToken sets the optional parameter "pageToken": The standard list page
  5827  // token.
  5828  func (c *OperationsListCall) PageToken(pageToken string) *OperationsListCall {
  5829  	c.urlParams_.Set("pageToken", pageToken)
  5830  	return c
  5831  }
  5832  
  5833  // Fields allows partial responses to be retrieved. See
  5834  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5835  // details.
  5836  func (c *OperationsListCall) Fields(s ...googleapi.Field) *OperationsListCall {
  5837  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5838  	return c
  5839  }
  5840  
  5841  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5842  // object's ETag matches the given value. This is useful for getting updates
  5843  // only after the object has changed since the last request.
  5844  func (c *OperationsListCall) IfNoneMatch(entityTag string) *OperationsListCall {
  5845  	c.ifNoneMatch_ = entityTag
  5846  	return c
  5847  }
  5848  
  5849  // Context sets the context to be used in this call's Do method.
  5850  func (c *OperationsListCall) Context(ctx context.Context) *OperationsListCall {
  5851  	c.ctx_ = ctx
  5852  	return c
  5853  }
  5854  
  5855  // Header returns a http.Header that can be modified by the caller to add
  5856  // headers to the request.
  5857  func (c *OperationsListCall) Header() http.Header {
  5858  	if c.header_ == nil {
  5859  		c.header_ = make(http.Header)
  5860  	}
  5861  	return c.header_
  5862  }
  5863  
  5864  func (c *OperationsListCall) doRequest(alt string) (*http.Response, error) {
  5865  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5866  	if c.ifNoneMatch_ != "" {
  5867  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5868  	}
  5869  	var body io.Reader = nil
  5870  	c.urlParams_.Set("alt", alt)
  5871  	c.urlParams_.Set("prettyPrint", "false")
  5872  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5873  	urls += "?" + c.urlParams_.Encode()
  5874  	req, err := http.NewRequest("GET", urls, body)
  5875  	if err != nil {
  5876  		return nil, err
  5877  	}
  5878  	req.Header = reqHeaders
  5879  	googleapi.Expand(req.URL, map[string]string{
  5880  		"name": c.name,
  5881  	})
  5882  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5883  }
  5884  
  5885  // Do executes the "accesscontextmanager.operations.list" call.
  5886  // Any non-2xx status code is an error. Response headers are in either
  5887  // *ListOperationsResponse.ServerResponse.Header or (if a response was returned
  5888  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  5889  // check whether the returned error was because http.StatusNotModified was
  5890  // returned.
  5891  func (c *OperationsListCall) Do(opts ...googleapi.CallOption) (*ListOperationsResponse, error) {
  5892  	gensupport.SetOptions(c.urlParams_, opts...)
  5893  	res, err := c.doRequest("json")
  5894  	if res != nil && res.StatusCode == http.StatusNotModified {
  5895  		if res.Body != nil {
  5896  			res.Body.Close()
  5897  		}
  5898  		return nil, gensupport.WrapError(&googleapi.Error{
  5899  			Code:   res.StatusCode,
  5900  			Header: res.Header,
  5901  		})
  5902  	}
  5903  	if err != nil {
  5904  		return nil, err
  5905  	}
  5906  	defer googleapi.CloseBody(res)
  5907  	if err := googleapi.CheckResponse(res); err != nil {
  5908  		return nil, gensupport.WrapError(err)
  5909  	}
  5910  	ret := &ListOperationsResponse{
  5911  		ServerResponse: googleapi.ServerResponse{
  5912  			Header:         res.Header,
  5913  			HTTPStatusCode: res.StatusCode,
  5914  		},
  5915  	}
  5916  	target := &ret
  5917  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5918  		return nil, err
  5919  	}
  5920  	return ret, nil
  5921  }
  5922  
  5923  // Pages invokes f for each page of results.
  5924  // A non-nil error returned from f will halt the iteration.
  5925  // The provided context supersedes any context provided to the Context method.
  5926  func (c *OperationsListCall) Pages(ctx context.Context, f func(*ListOperationsResponse) error) error {
  5927  	c.ctx_ = ctx
  5928  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  5929  	for {
  5930  		x, err := c.Do()
  5931  		if err != nil {
  5932  			return err
  5933  		}
  5934  		if err := f(x); err != nil {
  5935  			return err
  5936  		}
  5937  		if x.NextPageToken == "" {
  5938  			return nil
  5939  		}
  5940  		c.PageToken(x.NextPageToken)
  5941  	}
  5942  }
  5943  
  5944  type OrganizationsGcpUserAccessBindingsCreateCall struct {
  5945  	s                    *Service
  5946  	parent               string
  5947  	gcpuseraccessbinding *GcpUserAccessBinding
  5948  	urlParams_           gensupport.URLParams
  5949  	ctx_                 context.Context
  5950  	header_              http.Header
  5951  }
  5952  
  5953  // Create: Creates a GcpUserAccessBinding. If the client specifies a name, the
  5954  // server ignores it. Fails if a resource already exists with the same
  5955  // group_key. Completion of this long-running operation does not necessarily
  5956  // signify that the new binding is deployed onto all affected users, which may
  5957  // take more time.
  5958  //
  5959  // - parent: Example: "organizations/256".
  5960  func (r *OrganizationsGcpUserAccessBindingsService) Create(parent string, gcpuseraccessbinding *GcpUserAccessBinding) *OrganizationsGcpUserAccessBindingsCreateCall {
  5961  	c := &OrganizationsGcpUserAccessBindingsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5962  	c.parent = parent
  5963  	c.gcpuseraccessbinding = gcpuseraccessbinding
  5964  	return c
  5965  }
  5966  
  5967  // Fields allows partial responses to be retrieved. See
  5968  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5969  // details.
  5970  func (c *OrganizationsGcpUserAccessBindingsCreateCall) Fields(s ...googleapi.Field) *OrganizationsGcpUserAccessBindingsCreateCall {
  5971  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5972  	return c
  5973  }
  5974  
  5975  // Context sets the context to be used in this call's Do method.
  5976  func (c *OrganizationsGcpUserAccessBindingsCreateCall) Context(ctx context.Context) *OrganizationsGcpUserAccessBindingsCreateCall {
  5977  	c.ctx_ = ctx
  5978  	return c
  5979  }
  5980  
  5981  // Header returns a http.Header that can be modified by the caller to add
  5982  // headers to the request.
  5983  func (c *OrganizationsGcpUserAccessBindingsCreateCall) Header() http.Header {
  5984  	if c.header_ == nil {
  5985  		c.header_ = make(http.Header)
  5986  	}
  5987  	return c.header_
  5988  }
  5989  
  5990  func (c *OrganizationsGcpUserAccessBindingsCreateCall) doRequest(alt string) (*http.Response, error) {
  5991  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5992  	var body io.Reader = nil
  5993  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.gcpuseraccessbinding)
  5994  	if err != nil {
  5995  		return nil, err
  5996  	}
  5997  	c.urlParams_.Set("alt", alt)
  5998  	c.urlParams_.Set("prettyPrint", "false")
  5999  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/gcpUserAccessBindings")
  6000  	urls += "?" + c.urlParams_.Encode()
  6001  	req, err := http.NewRequest("POST", urls, body)
  6002  	if err != nil {
  6003  		return nil, err
  6004  	}
  6005  	req.Header = reqHeaders
  6006  	googleapi.Expand(req.URL, map[string]string{
  6007  		"parent": c.parent,
  6008  	})
  6009  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6010  }
  6011  
  6012  // Do executes the "accesscontextmanager.organizations.gcpUserAccessBindings.create" call.
  6013  // Any non-2xx status code is an error. Response headers are in either
  6014  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6015  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6016  // whether the returned error was because http.StatusNotModified was returned.
  6017  func (c *OrganizationsGcpUserAccessBindingsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6018  	gensupport.SetOptions(c.urlParams_, opts...)
  6019  	res, err := c.doRequest("json")
  6020  	if res != nil && res.StatusCode == http.StatusNotModified {
  6021  		if res.Body != nil {
  6022  			res.Body.Close()
  6023  		}
  6024  		return nil, gensupport.WrapError(&googleapi.Error{
  6025  			Code:   res.StatusCode,
  6026  			Header: res.Header,
  6027  		})
  6028  	}
  6029  	if err != nil {
  6030  		return nil, err
  6031  	}
  6032  	defer googleapi.CloseBody(res)
  6033  	if err := googleapi.CheckResponse(res); err != nil {
  6034  		return nil, gensupport.WrapError(err)
  6035  	}
  6036  	ret := &Operation{
  6037  		ServerResponse: googleapi.ServerResponse{
  6038  			Header:         res.Header,
  6039  			HTTPStatusCode: res.StatusCode,
  6040  		},
  6041  	}
  6042  	target := &ret
  6043  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6044  		return nil, err
  6045  	}
  6046  	return ret, nil
  6047  }
  6048  
  6049  type OrganizationsGcpUserAccessBindingsDeleteCall struct {
  6050  	s          *Service
  6051  	name       string
  6052  	urlParams_ gensupport.URLParams
  6053  	ctx_       context.Context
  6054  	header_    http.Header
  6055  }
  6056  
  6057  // Delete: Deletes a GcpUserAccessBinding. Completion of this long-running
  6058  // operation does not necessarily signify that the binding deletion is deployed
  6059  // onto all affected users, which may take more time.
  6060  //
  6061  // - name: Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N".
  6062  func (r *OrganizationsGcpUserAccessBindingsService) Delete(name string) *OrganizationsGcpUserAccessBindingsDeleteCall {
  6063  	c := &OrganizationsGcpUserAccessBindingsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6064  	c.name = name
  6065  	return c
  6066  }
  6067  
  6068  // Fields allows partial responses to be retrieved. See
  6069  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6070  // details.
  6071  func (c *OrganizationsGcpUserAccessBindingsDeleteCall) Fields(s ...googleapi.Field) *OrganizationsGcpUserAccessBindingsDeleteCall {
  6072  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6073  	return c
  6074  }
  6075  
  6076  // Context sets the context to be used in this call's Do method.
  6077  func (c *OrganizationsGcpUserAccessBindingsDeleteCall) Context(ctx context.Context) *OrganizationsGcpUserAccessBindingsDeleteCall {
  6078  	c.ctx_ = ctx
  6079  	return c
  6080  }
  6081  
  6082  // Header returns a http.Header that can be modified by the caller to add
  6083  // headers to the request.
  6084  func (c *OrganizationsGcpUserAccessBindingsDeleteCall) Header() http.Header {
  6085  	if c.header_ == nil {
  6086  		c.header_ = make(http.Header)
  6087  	}
  6088  	return c.header_
  6089  }
  6090  
  6091  func (c *OrganizationsGcpUserAccessBindingsDeleteCall) doRequest(alt string) (*http.Response, error) {
  6092  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6093  	var body io.Reader = nil
  6094  	c.urlParams_.Set("alt", alt)
  6095  	c.urlParams_.Set("prettyPrint", "false")
  6096  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6097  	urls += "?" + c.urlParams_.Encode()
  6098  	req, err := http.NewRequest("DELETE", urls, body)
  6099  	if err != nil {
  6100  		return nil, err
  6101  	}
  6102  	req.Header = reqHeaders
  6103  	googleapi.Expand(req.URL, map[string]string{
  6104  		"name": c.name,
  6105  	})
  6106  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6107  }
  6108  
  6109  // Do executes the "accesscontextmanager.organizations.gcpUserAccessBindings.delete" call.
  6110  // Any non-2xx status code is an error. Response headers are in either
  6111  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6112  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6113  // whether the returned error was because http.StatusNotModified was returned.
  6114  func (c *OrganizationsGcpUserAccessBindingsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6115  	gensupport.SetOptions(c.urlParams_, opts...)
  6116  	res, err := c.doRequest("json")
  6117  	if res != nil && res.StatusCode == http.StatusNotModified {
  6118  		if res.Body != nil {
  6119  			res.Body.Close()
  6120  		}
  6121  		return nil, gensupport.WrapError(&googleapi.Error{
  6122  			Code:   res.StatusCode,
  6123  			Header: res.Header,
  6124  		})
  6125  	}
  6126  	if err != nil {
  6127  		return nil, err
  6128  	}
  6129  	defer googleapi.CloseBody(res)
  6130  	if err := googleapi.CheckResponse(res); err != nil {
  6131  		return nil, gensupport.WrapError(err)
  6132  	}
  6133  	ret := &Operation{
  6134  		ServerResponse: googleapi.ServerResponse{
  6135  			Header:         res.Header,
  6136  			HTTPStatusCode: res.StatusCode,
  6137  		},
  6138  	}
  6139  	target := &ret
  6140  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6141  		return nil, err
  6142  	}
  6143  	return ret, nil
  6144  }
  6145  
  6146  type OrganizationsGcpUserAccessBindingsGetCall struct {
  6147  	s            *Service
  6148  	name         string
  6149  	urlParams_   gensupport.URLParams
  6150  	ifNoneMatch_ string
  6151  	ctx_         context.Context
  6152  	header_      http.Header
  6153  }
  6154  
  6155  // Get: Gets the GcpUserAccessBinding with the given name.
  6156  //
  6157  // - name: Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N".
  6158  func (r *OrganizationsGcpUserAccessBindingsService) Get(name string) *OrganizationsGcpUserAccessBindingsGetCall {
  6159  	c := &OrganizationsGcpUserAccessBindingsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6160  	c.name = name
  6161  	return c
  6162  }
  6163  
  6164  // Fields allows partial responses to be retrieved. See
  6165  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6166  // details.
  6167  func (c *OrganizationsGcpUserAccessBindingsGetCall) Fields(s ...googleapi.Field) *OrganizationsGcpUserAccessBindingsGetCall {
  6168  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6169  	return c
  6170  }
  6171  
  6172  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6173  // object's ETag matches the given value. This is useful for getting updates
  6174  // only after the object has changed since the last request.
  6175  func (c *OrganizationsGcpUserAccessBindingsGetCall) IfNoneMatch(entityTag string) *OrganizationsGcpUserAccessBindingsGetCall {
  6176  	c.ifNoneMatch_ = entityTag
  6177  	return c
  6178  }
  6179  
  6180  // Context sets the context to be used in this call's Do method.
  6181  func (c *OrganizationsGcpUserAccessBindingsGetCall) Context(ctx context.Context) *OrganizationsGcpUserAccessBindingsGetCall {
  6182  	c.ctx_ = ctx
  6183  	return c
  6184  }
  6185  
  6186  // Header returns a http.Header that can be modified by the caller to add
  6187  // headers to the request.
  6188  func (c *OrganizationsGcpUserAccessBindingsGetCall) Header() http.Header {
  6189  	if c.header_ == nil {
  6190  		c.header_ = make(http.Header)
  6191  	}
  6192  	return c.header_
  6193  }
  6194  
  6195  func (c *OrganizationsGcpUserAccessBindingsGetCall) doRequest(alt string) (*http.Response, error) {
  6196  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6197  	if c.ifNoneMatch_ != "" {
  6198  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6199  	}
  6200  	var body io.Reader = nil
  6201  	c.urlParams_.Set("alt", alt)
  6202  	c.urlParams_.Set("prettyPrint", "false")
  6203  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6204  	urls += "?" + c.urlParams_.Encode()
  6205  	req, err := http.NewRequest("GET", urls, body)
  6206  	if err != nil {
  6207  		return nil, err
  6208  	}
  6209  	req.Header = reqHeaders
  6210  	googleapi.Expand(req.URL, map[string]string{
  6211  		"name": c.name,
  6212  	})
  6213  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6214  }
  6215  
  6216  // Do executes the "accesscontextmanager.organizations.gcpUserAccessBindings.get" call.
  6217  // Any non-2xx status code is an error. Response headers are in either
  6218  // *GcpUserAccessBinding.ServerResponse.Header or (if a response was returned
  6219  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  6220  // check whether the returned error was because http.StatusNotModified was
  6221  // returned.
  6222  func (c *OrganizationsGcpUserAccessBindingsGetCall) Do(opts ...googleapi.CallOption) (*GcpUserAccessBinding, error) {
  6223  	gensupport.SetOptions(c.urlParams_, opts...)
  6224  	res, err := c.doRequest("json")
  6225  	if res != nil && res.StatusCode == http.StatusNotModified {
  6226  		if res.Body != nil {
  6227  			res.Body.Close()
  6228  		}
  6229  		return nil, gensupport.WrapError(&googleapi.Error{
  6230  			Code:   res.StatusCode,
  6231  			Header: res.Header,
  6232  		})
  6233  	}
  6234  	if err != nil {
  6235  		return nil, err
  6236  	}
  6237  	defer googleapi.CloseBody(res)
  6238  	if err := googleapi.CheckResponse(res); err != nil {
  6239  		return nil, gensupport.WrapError(err)
  6240  	}
  6241  	ret := &GcpUserAccessBinding{
  6242  		ServerResponse: googleapi.ServerResponse{
  6243  			Header:         res.Header,
  6244  			HTTPStatusCode: res.StatusCode,
  6245  		},
  6246  	}
  6247  	target := &ret
  6248  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6249  		return nil, err
  6250  	}
  6251  	return ret, nil
  6252  }
  6253  
  6254  type OrganizationsGcpUserAccessBindingsListCall struct {
  6255  	s            *Service
  6256  	parent       string
  6257  	urlParams_   gensupport.URLParams
  6258  	ifNoneMatch_ string
  6259  	ctx_         context.Context
  6260  	header_      http.Header
  6261  }
  6262  
  6263  // List: Lists all GcpUserAccessBindings for a Google Cloud organization.
  6264  //
  6265  // - parent: Example: "organizations/256".
  6266  func (r *OrganizationsGcpUserAccessBindingsService) List(parent string) *OrganizationsGcpUserAccessBindingsListCall {
  6267  	c := &OrganizationsGcpUserAccessBindingsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6268  	c.parent = parent
  6269  	return c
  6270  }
  6271  
  6272  // PageSize sets the optional parameter "pageSize": Maximum number of items to
  6273  // return. The server may return fewer items. If left blank, the server may
  6274  // return any number of items.
  6275  func (c *OrganizationsGcpUserAccessBindingsListCall) PageSize(pageSize int64) *OrganizationsGcpUserAccessBindingsListCall {
  6276  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  6277  	return c
  6278  }
  6279  
  6280  // PageToken sets the optional parameter "pageToken": If left blank, returns
  6281  // the first page. To enumerate all items, use the next_page_token from your
  6282  // previous list operation.
  6283  func (c *OrganizationsGcpUserAccessBindingsListCall) PageToken(pageToken string) *OrganizationsGcpUserAccessBindingsListCall {
  6284  	c.urlParams_.Set("pageToken", pageToken)
  6285  	return c
  6286  }
  6287  
  6288  // Fields allows partial responses to be retrieved. See
  6289  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6290  // details.
  6291  func (c *OrganizationsGcpUserAccessBindingsListCall) Fields(s ...googleapi.Field) *OrganizationsGcpUserAccessBindingsListCall {
  6292  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6293  	return c
  6294  }
  6295  
  6296  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6297  // object's ETag matches the given value. This is useful for getting updates
  6298  // only after the object has changed since the last request.
  6299  func (c *OrganizationsGcpUserAccessBindingsListCall) IfNoneMatch(entityTag string) *OrganizationsGcpUserAccessBindingsListCall {
  6300  	c.ifNoneMatch_ = entityTag
  6301  	return c
  6302  }
  6303  
  6304  // Context sets the context to be used in this call's Do method.
  6305  func (c *OrganizationsGcpUserAccessBindingsListCall) Context(ctx context.Context) *OrganizationsGcpUserAccessBindingsListCall {
  6306  	c.ctx_ = ctx
  6307  	return c
  6308  }
  6309  
  6310  // Header returns a http.Header that can be modified by the caller to add
  6311  // headers to the request.
  6312  func (c *OrganizationsGcpUserAccessBindingsListCall) Header() http.Header {
  6313  	if c.header_ == nil {
  6314  		c.header_ = make(http.Header)
  6315  	}
  6316  	return c.header_
  6317  }
  6318  
  6319  func (c *OrganizationsGcpUserAccessBindingsListCall) doRequest(alt string) (*http.Response, error) {
  6320  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6321  	if c.ifNoneMatch_ != "" {
  6322  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6323  	}
  6324  	var body io.Reader = nil
  6325  	c.urlParams_.Set("alt", alt)
  6326  	c.urlParams_.Set("prettyPrint", "false")
  6327  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/gcpUserAccessBindings")
  6328  	urls += "?" + c.urlParams_.Encode()
  6329  	req, err := http.NewRequest("GET", urls, body)
  6330  	if err != nil {
  6331  		return nil, err
  6332  	}
  6333  	req.Header = reqHeaders
  6334  	googleapi.Expand(req.URL, map[string]string{
  6335  		"parent": c.parent,
  6336  	})
  6337  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6338  }
  6339  
  6340  // Do executes the "accesscontextmanager.organizations.gcpUserAccessBindings.list" call.
  6341  // Any non-2xx status code is an error. Response headers are in either
  6342  // *ListGcpUserAccessBindingsResponse.ServerResponse.Header or (if a response
  6343  // was returned at all) in error.(*googleapi.Error).Header. Use
  6344  // googleapi.IsNotModified to check whether the returned error was because
  6345  // http.StatusNotModified was returned.
  6346  func (c *OrganizationsGcpUserAccessBindingsListCall) Do(opts ...googleapi.CallOption) (*ListGcpUserAccessBindingsResponse, error) {
  6347  	gensupport.SetOptions(c.urlParams_, opts...)
  6348  	res, err := c.doRequest("json")
  6349  	if res != nil && res.StatusCode == http.StatusNotModified {
  6350  		if res.Body != nil {
  6351  			res.Body.Close()
  6352  		}
  6353  		return nil, gensupport.WrapError(&googleapi.Error{
  6354  			Code:   res.StatusCode,
  6355  			Header: res.Header,
  6356  		})
  6357  	}
  6358  	if err != nil {
  6359  		return nil, err
  6360  	}
  6361  	defer googleapi.CloseBody(res)
  6362  	if err := googleapi.CheckResponse(res); err != nil {
  6363  		return nil, gensupport.WrapError(err)
  6364  	}
  6365  	ret := &ListGcpUserAccessBindingsResponse{
  6366  		ServerResponse: googleapi.ServerResponse{
  6367  			Header:         res.Header,
  6368  			HTTPStatusCode: res.StatusCode,
  6369  		},
  6370  	}
  6371  	target := &ret
  6372  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6373  		return nil, err
  6374  	}
  6375  	return ret, nil
  6376  }
  6377  
  6378  // Pages invokes f for each page of results.
  6379  // A non-nil error returned from f will halt the iteration.
  6380  // The provided context supersedes any context provided to the Context method.
  6381  func (c *OrganizationsGcpUserAccessBindingsListCall) Pages(ctx context.Context, f func(*ListGcpUserAccessBindingsResponse) error) error {
  6382  	c.ctx_ = ctx
  6383  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  6384  	for {
  6385  		x, err := c.Do()
  6386  		if err != nil {
  6387  			return err
  6388  		}
  6389  		if err := f(x); err != nil {
  6390  			return err
  6391  		}
  6392  		if x.NextPageToken == "" {
  6393  			return nil
  6394  		}
  6395  		c.PageToken(x.NextPageToken)
  6396  	}
  6397  }
  6398  
  6399  type OrganizationsGcpUserAccessBindingsPatchCall struct {
  6400  	s                    *Service
  6401  	name                 string
  6402  	gcpuseraccessbinding *GcpUserAccessBinding
  6403  	urlParams_           gensupport.URLParams
  6404  	ctx_                 context.Context
  6405  	header_              http.Header
  6406  }
  6407  
  6408  // Patch: Updates a GcpUserAccessBinding. Completion of this long-running
  6409  // operation does not necessarily signify that the changed binding is deployed
  6410  // onto all affected users, which may take more time.
  6411  //
  6412  //   - name: Immutable. Assigned by the server during creation. The last segment
  6413  //     has an arbitrary length and has only URI unreserved characters (as defined
  6414  //     by RFC 3986 Section 2.3
  6415  //     (https://tools.ietf.org/html/rfc3986#section-2.3)). Should not be
  6416  //     specified by the client during creation. Example:
  6417  //     "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N".
  6418  func (r *OrganizationsGcpUserAccessBindingsService) Patch(name string, gcpuseraccessbinding *GcpUserAccessBinding) *OrganizationsGcpUserAccessBindingsPatchCall {
  6419  	c := &OrganizationsGcpUserAccessBindingsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6420  	c.name = name
  6421  	c.gcpuseraccessbinding = gcpuseraccessbinding
  6422  	return c
  6423  }
  6424  
  6425  // UpdateMask sets the optional parameter "updateMask": Required. Only the
  6426  // fields specified in this mask are updated. Because name and group_key cannot
  6427  // be changed, update_mask is required and may only contain the following
  6428  // fields: `access_levels`, `dry_run_access_levels`. update_mask { paths:
  6429  // "access_levels" }
  6430  func (c *OrganizationsGcpUserAccessBindingsPatchCall) UpdateMask(updateMask string) *OrganizationsGcpUserAccessBindingsPatchCall {
  6431  	c.urlParams_.Set("updateMask", updateMask)
  6432  	return c
  6433  }
  6434  
  6435  // Fields allows partial responses to be retrieved. See
  6436  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6437  // details.
  6438  func (c *OrganizationsGcpUserAccessBindingsPatchCall) Fields(s ...googleapi.Field) *OrganizationsGcpUserAccessBindingsPatchCall {
  6439  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6440  	return c
  6441  }
  6442  
  6443  // Context sets the context to be used in this call's Do method.
  6444  func (c *OrganizationsGcpUserAccessBindingsPatchCall) Context(ctx context.Context) *OrganizationsGcpUserAccessBindingsPatchCall {
  6445  	c.ctx_ = ctx
  6446  	return c
  6447  }
  6448  
  6449  // Header returns a http.Header that can be modified by the caller to add
  6450  // headers to the request.
  6451  func (c *OrganizationsGcpUserAccessBindingsPatchCall) Header() http.Header {
  6452  	if c.header_ == nil {
  6453  		c.header_ = make(http.Header)
  6454  	}
  6455  	return c.header_
  6456  }
  6457  
  6458  func (c *OrganizationsGcpUserAccessBindingsPatchCall) doRequest(alt string) (*http.Response, error) {
  6459  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6460  	var body io.Reader = nil
  6461  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.gcpuseraccessbinding)
  6462  	if err != nil {
  6463  		return nil, err
  6464  	}
  6465  	c.urlParams_.Set("alt", alt)
  6466  	c.urlParams_.Set("prettyPrint", "false")
  6467  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6468  	urls += "?" + c.urlParams_.Encode()
  6469  	req, err := http.NewRequest("PATCH", urls, body)
  6470  	if err != nil {
  6471  		return nil, err
  6472  	}
  6473  	req.Header = reqHeaders
  6474  	googleapi.Expand(req.URL, map[string]string{
  6475  		"name": c.name,
  6476  	})
  6477  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6478  }
  6479  
  6480  // Do executes the "accesscontextmanager.organizations.gcpUserAccessBindings.patch" call.
  6481  // Any non-2xx status code is an error. Response headers are in either
  6482  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6483  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6484  // whether the returned error was because http.StatusNotModified was returned.
  6485  func (c *OrganizationsGcpUserAccessBindingsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6486  	gensupport.SetOptions(c.urlParams_, opts...)
  6487  	res, err := c.doRequest("json")
  6488  	if res != nil && res.StatusCode == http.StatusNotModified {
  6489  		if res.Body != nil {
  6490  			res.Body.Close()
  6491  		}
  6492  		return nil, gensupport.WrapError(&googleapi.Error{
  6493  			Code:   res.StatusCode,
  6494  			Header: res.Header,
  6495  		})
  6496  	}
  6497  	if err != nil {
  6498  		return nil, err
  6499  	}
  6500  	defer googleapi.CloseBody(res)
  6501  	if err := googleapi.CheckResponse(res); err != nil {
  6502  		return nil, gensupport.WrapError(err)
  6503  	}
  6504  	ret := &Operation{
  6505  		ServerResponse: googleapi.ServerResponse{
  6506  			Header:         res.Header,
  6507  			HTTPStatusCode: res.StatusCode,
  6508  		},
  6509  	}
  6510  	target := &ret
  6511  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6512  		return nil, err
  6513  	}
  6514  	return ret, nil
  6515  }
  6516  
  6517  type ServicesGetCall struct {
  6518  	s            *Service
  6519  	name         string
  6520  	urlParams_   gensupport.URLParams
  6521  	ifNoneMatch_ string
  6522  	ctx_         context.Context
  6523  	header_      http.Header
  6524  }
  6525  
  6526  // Get: Returns a VPC-SC supported service based on the service name.
  6527  //
  6528  //   - name: The name of the service to get information about. The names must be
  6529  //     in the same format as used in defining a service perimeter, for example,
  6530  //     `storage.googleapis.com`.
  6531  func (r *ServicesService) Get(name string) *ServicesGetCall {
  6532  	c := &ServicesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6533  	c.name = name
  6534  	return c
  6535  }
  6536  
  6537  // Fields allows partial responses to be retrieved. See
  6538  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6539  // details.
  6540  func (c *ServicesGetCall) Fields(s ...googleapi.Field) *ServicesGetCall {
  6541  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6542  	return c
  6543  }
  6544  
  6545  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6546  // object's ETag matches the given value. This is useful for getting updates
  6547  // only after the object has changed since the last request.
  6548  func (c *ServicesGetCall) IfNoneMatch(entityTag string) *ServicesGetCall {
  6549  	c.ifNoneMatch_ = entityTag
  6550  	return c
  6551  }
  6552  
  6553  // Context sets the context to be used in this call's Do method.
  6554  func (c *ServicesGetCall) Context(ctx context.Context) *ServicesGetCall {
  6555  	c.ctx_ = ctx
  6556  	return c
  6557  }
  6558  
  6559  // Header returns a http.Header that can be modified by the caller to add
  6560  // headers to the request.
  6561  func (c *ServicesGetCall) Header() http.Header {
  6562  	if c.header_ == nil {
  6563  		c.header_ = make(http.Header)
  6564  	}
  6565  	return c.header_
  6566  }
  6567  
  6568  func (c *ServicesGetCall) doRequest(alt string) (*http.Response, error) {
  6569  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6570  	if c.ifNoneMatch_ != "" {
  6571  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6572  	}
  6573  	var body io.Reader = nil
  6574  	c.urlParams_.Set("alt", alt)
  6575  	c.urlParams_.Set("prettyPrint", "false")
  6576  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/services/{name}")
  6577  	urls += "?" + c.urlParams_.Encode()
  6578  	req, err := http.NewRequest("GET", urls, body)
  6579  	if err != nil {
  6580  		return nil, err
  6581  	}
  6582  	req.Header = reqHeaders
  6583  	googleapi.Expand(req.URL, map[string]string{
  6584  		"name": c.name,
  6585  	})
  6586  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6587  }
  6588  
  6589  // Do executes the "accesscontextmanager.services.get" call.
  6590  // Any non-2xx status code is an error. Response headers are in either
  6591  // *SupportedService.ServerResponse.Header or (if a response was returned at
  6592  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  6593  // check whether the returned error was because http.StatusNotModified was
  6594  // returned.
  6595  func (c *ServicesGetCall) Do(opts ...googleapi.CallOption) (*SupportedService, error) {
  6596  	gensupport.SetOptions(c.urlParams_, opts...)
  6597  	res, err := c.doRequest("json")
  6598  	if res != nil && res.StatusCode == http.StatusNotModified {
  6599  		if res.Body != nil {
  6600  			res.Body.Close()
  6601  		}
  6602  		return nil, gensupport.WrapError(&googleapi.Error{
  6603  			Code:   res.StatusCode,
  6604  			Header: res.Header,
  6605  		})
  6606  	}
  6607  	if err != nil {
  6608  		return nil, err
  6609  	}
  6610  	defer googleapi.CloseBody(res)
  6611  	if err := googleapi.CheckResponse(res); err != nil {
  6612  		return nil, gensupport.WrapError(err)
  6613  	}
  6614  	ret := &SupportedService{
  6615  		ServerResponse: googleapi.ServerResponse{
  6616  			Header:         res.Header,
  6617  			HTTPStatusCode: res.StatusCode,
  6618  		},
  6619  	}
  6620  	target := &ret
  6621  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6622  		return nil, err
  6623  	}
  6624  	return ret, nil
  6625  }
  6626  
  6627  type ServicesListCall struct {
  6628  	s            *Service
  6629  	urlParams_   gensupport.URLParams
  6630  	ifNoneMatch_ string
  6631  	ctx_         context.Context
  6632  	header_      http.Header
  6633  }
  6634  
  6635  // List: Lists all VPC-SC supported services.
  6636  func (r *ServicesService) List() *ServicesListCall {
  6637  	c := &ServicesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6638  	return c
  6639  }
  6640  
  6641  // PageSize sets the optional parameter "pageSize": This flag specifies the
  6642  // maximum number of services to return per page. Default is 100.
  6643  func (c *ServicesListCall) PageSize(pageSize int64) *ServicesListCall {
  6644  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  6645  	return c
  6646  }
  6647  
  6648  // PageToken sets the optional parameter "pageToken": Token to start on a later
  6649  // page. Default is the first page.
  6650  func (c *ServicesListCall) PageToken(pageToken string) *ServicesListCall {
  6651  	c.urlParams_.Set("pageToken", pageToken)
  6652  	return c
  6653  }
  6654  
  6655  // Fields allows partial responses to be retrieved. See
  6656  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6657  // details.
  6658  func (c *ServicesListCall) Fields(s ...googleapi.Field) *ServicesListCall {
  6659  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6660  	return c
  6661  }
  6662  
  6663  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6664  // object's ETag matches the given value. This is useful for getting updates
  6665  // only after the object has changed since the last request.
  6666  func (c *ServicesListCall) IfNoneMatch(entityTag string) *ServicesListCall {
  6667  	c.ifNoneMatch_ = entityTag
  6668  	return c
  6669  }
  6670  
  6671  // Context sets the context to be used in this call's Do method.
  6672  func (c *ServicesListCall) Context(ctx context.Context) *ServicesListCall {
  6673  	c.ctx_ = ctx
  6674  	return c
  6675  }
  6676  
  6677  // Header returns a http.Header that can be modified by the caller to add
  6678  // headers to the request.
  6679  func (c *ServicesListCall) Header() http.Header {
  6680  	if c.header_ == nil {
  6681  		c.header_ = make(http.Header)
  6682  	}
  6683  	return c.header_
  6684  }
  6685  
  6686  func (c *ServicesListCall) doRequest(alt string) (*http.Response, error) {
  6687  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6688  	if c.ifNoneMatch_ != "" {
  6689  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6690  	}
  6691  	var body io.Reader = nil
  6692  	c.urlParams_.Set("alt", alt)
  6693  	c.urlParams_.Set("prettyPrint", "false")
  6694  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/services")
  6695  	urls += "?" + c.urlParams_.Encode()
  6696  	req, err := http.NewRequest("GET", urls, body)
  6697  	if err != nil {
  6698  		return nil, err
  6699  	}
  6700  	req.Header = reqHeaders
  6701  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6702  }
  6703  
  6704  // Do executes the "accesscontextmanager.services.list" call.
  6705  // Any non-2xx status code is an error. Response headers are in either
  6706  // *ListSupportedServicesResponse.ServerResponse.Header or (if a response was
  6707  // returned at all) in error.(*googleapi.Error).Header. Use
  6708  // googleapi.IsNotModified to check whether the returned error was because
  6709  // http.StatusNotModified was returned.
  6710  func (c *ServicesListCall) Do(opts ...googleapi.CallOption) (*ListSupportedServicesResponse, error) {
  6711  	gensupport.SetOptions(c.urlParams_, opts...)
  6712  	res, err := c.doRequest("json")
  6713  	if res != nil && res.StatusCode == http.StatusNotModified {
  6714  		if res.Body != nil {
  6715  			res.Body.Close()
  6716  		}
  6717  		return nil, gensupport.WrapError(&googleapi.Error{
  6718  			Code:   res.StatusCode,
  6719  			Header: res.Header,
  6720  		})
  6721  	}
  6722  	if err != nil {
  6723  		return nil, err
  6724  	}
  6725  	defer googleapi.CloseBody(res)
  6726  	if err := googleapi.CheckResponse(res); err != nil {
  6727  		return nil, gensupport.WrapError(err)
  6728  	}
  6729  	ret := &ListSupportedServicesResponse{
  6730  		ServerResponse: googleapi.ServerResponse{
  6731  			Header:         res.Header,
  6732  			HTTPStatusCode: res.StatusCode,
  6733  		},
  6734  	}
  6735  	target := &ret
  6736  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6737  		return nil, err
  6738  	}
  6739  	return ret, nil
  6740  }
  6741  
  6742  // Pages invokes f for each page of results.
  6743  // A non-nil error returned from f will halt the iteration.
  6744  // The provided context supersedes any context provided to the Context method.
  6745  func (c *ServicesListCall) Pages(ctx context.Context, f func(*ListSupportedServicesResponse) error) error {
  6746  	c.ctx_ = ctx
  6747  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  6748  	for {
  6749  		x, err := c.Do()
  6750  		if err != nil {
  6751  			return err
  6752  		}
  6753  		if err := f(x); err != nil {
  6754  			return err
  6755  		}
  6756  		if x.NextPageToken == "" {
  6757  			return nil
  6758  		}
  6759  		c.PageToken(x.NextPageToken)
  6760  	}
  6761  }
  6762  

View as plain text