From 8353637f2d74781cae24ebc907aeac2da8ddaa26 Mon Sep 17 00:00:00 2001 From: Jonas Maier Date: Wed, 16 Jul 2025 15:15:50 +0200 Subject: [PATCH 1/2] feat: Add support for Uniform Bucket Level Access visibility in Google Cloud Storage adapter --- src/Fs.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/Fs.php b/src/Fs.php index a15b1c8..808f821 100644 --- a/src/Fs.php +++ b/src/Fs.php @@ -24,6 +24,7 @@ use League\Flysystem\FilesystemAdapter; use League\Flysystem\GoogleCloudStorage\GoogleCloudStorageAdapter; use League\Flysystem\GoogleCloudStorage\PortableVisibilityHandler; +use League\Flysystem\GoogleCloudStorage\UniformBucketLevelAccessVisibility; use League\Flysystem\Visibility; /** @@ -36,6 +37,9 @@ */ class Fs extends FlysystemFs { + + public const UNIFORM_BUCKET_LEVEL_ACCESS = 'uniformBucketLevelAccess'; + /** * @inheritdoc */ @@ -135,6 +139,7 @@ public function getVisibilityOptions(): array ['value' => '', 'label' => Craft::t('google-cloud', 'Automatic')], ['value' => Visibility::PUBLIC, 'label' => Craft::t('google-cloud', 'Public')], ['value' => Visibility::PRIVATE, 'label' => Craft::t('google-cloud', 'Private')], + ['value' => self::UNIFORM_BUCKET_LEVEL_ACCESS, 'label' => Craft::t('google-cloud', 'Uniform Bucket Level Access')], ]; } @@ -253,7 +258,14 @@ protected function createAdapter(): FilesystemAdapter $client = static::client($config); $bucket = $client->bucket(Craft::parseEnv($this->bucket)); - return new GoogleCloudStorageAdapter($bucket, $this->_subfolder(), new PortableVisibilityHandler('allUsers')); + $visibilityHandler = null; + if ($this->visibility === self::UNIFORM_BUCKET_LEVEL_ACCESS) { + $visibilityHandler = new UniformBucketLevelAccessVisibility(); + } else { + $visibilityHandler = new PortableVisibilityHandler('allUsers'); + } + + return new GoogleCloudStorageAdapter($bucket, $this->_subfolder(), $visibilityHandler); } /** From 07436fdd77184aad0cfb5c11d2d6fbd4ed92ca80 Mon Sep 17 00:00:00 2001 From: Jonas Maier Date: Wed, 16 Jul 2025 15:22:40 +0200 Subject: [PATCH 2/2] chore: Update README and Fs.php for clarity on Google Cloud Storage permissions and visibility settings --- README.md | 5 +++-- src/Fs.php | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index ae22b2f..59b8ddd 100644 --- a/README.md +++ b/README.md @@ -31,10 +31,11 @@ composer require craftcms/google-cloud ## Setup -Your Google Cloud bucket must use Google's `Fine grained` (per object) permissions, not `Uniform` (per bucket). - +In case your Google Cloud bucket uses Google's `Fine grained` (per object) permissions: On the permissions table for the new bucket, grant `Storage Object Viewer` to `allUsers`. The `Storage Admin` role should be granted to the service account the credentials are tied to. To create a new asset volume for your Google Cloud Storage bucket, go to Settings → Assets, create a new volume, and set the Volume Type setting to “Google Cloud Storage”. > **Tip:** The Project ID, Bucket, and Subfolder settings can be set to environment variables. See [Environmental Configuration](https://docs.craftcms.com/v3/config/environments.html) in the Craft docs to learn more about that. + +In case your Google Cloud bucket uses Uniform bucket-level access, just make sure to set the `Visibility` in your volume settings to `Uniform Bucket-Level Access`. \ No newline at end of file diff --git a/src/Fs.php b/src/Fs.php index 808f821..c9b16c2 100644 --- a/src/Fs.php +++ b/src/Fs.php @@ -139,7 +139,7 @@ public function getVisibilityOptions(): array ['value' => '', 'label' => Craft::t('google-cloud', 'Automatic')], ['value' => Visibility::PUBLIC, 'label' => Craft::t('google-cloud', 'Public')], ['value' => Visibility::PRIVATE, 'label' => Craft::t('google-cloud', 'Private')], - ['value' => self::UNIFORM_BUCKET_LEVEL_ACCESS, 'label' => Craft::t('google-cloud', 'Uniform Bucket Level Access')], + ['value' => self::UNIFORM_BUCKET_LEVEL_ACCESS, 'label' => Craft::t('google-cloud', 'Uniform Bucket-Level Access')], ]; }