class Google::Apis::IamV1::IamService

Google Identity and Access Management API

Manages identity and access control for Google Cloud Platform resources,

including the creation of service accounts, which you can use to authenticate
to Google and make API calls.

@example

require 'google/apis/iam_v1'

Iam = Google::Apis::IamV1 # Alias the module
service = Iam::IamService.new

@see cloud.google.com/iam/

Attributes

key[RW]

@return [String]

API key. Your API key identifies your project and provides you with API access,
quota, and reports. Required unless you provide an OAuth 2.0 token.
quota_user[RW]

@return [String]

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

Public Class Methods

new() click to toggle source
Calls superclass method Google::Apis::Core::BaseService.new
# File generated/google/apis/iam_v1/service.rb, line 47
def initialize
  super('https://iam.googleapis.com/', '')
end

Public Instance Methods

create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Creates a service account and returns it. @param [String] name

Required. The resource name of the project associated with the service
accounts, such as "projects/123"

@param [Google::Apis::IamV1::CreateServiceAccountRequest] create_service_account_request_object @param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::ServiceAccount] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::ServiceAccount]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 146
def create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}/serviceAccounts', options)
  command.request_representation = Google::Apis::IamV1::CreateServiceAccountRequest::Representation
  command.request_object = create_service_account_request_object
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Creates a service account key and returns it. @param [String] name

The resource name of the service account in the format "projects/`project`/
serviceAccounts/`account`". Using '-' as a wildcard for the project, will
infer the project from the account. The account value can be the email address
or the unique_id of the service account.

@param [Google::Apis::IamV1::CreateServiceAccountKeyRequest] create_service_account_key_request_object @param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::ServiceAccountKey] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::ServiceAccountKey]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 466
def create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}/keys', options)
  command.request_representation = Google::Apis::IamV1::CreateServiceAccountKeyRequest::Representation
  command.request_object = create_service_account_key_request_object
  command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccountKey
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
delete_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Deletes a service acount. @param [String] name

The resource name of the service account in the format "projects/`project`/
serviceAccounts/`account`". Using '-' as a wildcard for the project, will
infer the project from the account. The account value can be the email address
or the unique_id of the service account.

@param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::Empty] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::Empty]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 220
def delete_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Deletes a service account key. @param [String] name

The resource name of the service account key in the format "projects/`project`/
serviceAccounts/`account`/keys/`key`". Using '-' as a wildcard for the project
will infer the project from the account. The account value can be the email
address or the unique_id of the service account.

@param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::Empty] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::Empty]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 501
def delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
get_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Gets a ServiceAccount @param [String] name

The resource name of the service account in the format "projects/`project`/
serviceAccounts/`account`". Using '-' as a wildcard for the project, will
infer the project from the account. The account value can be the email address
or the unique_id of the service account.

@param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::ServiceAccount] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::ServiceAccount]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 114
def get_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
get_project_service_account_iam_policy(resource, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Returns the IAM access control policy for specified IAM resource. @param [String] resource

REQUIRED: The resource for which the policy is being requested. `resource` is
usually specified as a path, such as `projects  project  zones  zone  disks/*
disk*`. The format for the path specified in this value is resource specific
and is specified in the `getIamPolicy` documentation.

@param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::Policy]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 289
def get_project_service_account_iam_policy(resource, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+resource}:getIamPolicy', options)
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
get_project_service_account_key(name, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Gets the ServiceAccountKey by key id. @param [String] name

The resource name of the service account key in the format "projects/`project`/
serviceAccounts/`account`/keys/`key`". Using '-' as a wildcard for the project
will infer the project from the account. The account value can be the email
address or the unique_id of the service account.

@param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::ServiceAccountKey] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::ServiceAccountKey]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 432
def get_project_service_account_key(name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccountKey
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Lists service account keys @param [String] name

The resource name of the service account in the format "projects/`project`/
serviceAccounts/`account`". Using '-' as a wildcard for the project, will
infer the project from the account. The account value can be the email address
or the unique_id of the service account.

@param [Array<String>, String] key_types

The type of keys the user wants to list. If empty, all key types are included
in the response. Duplicate key types are not allowed.

@param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::ListServiceAccountKeysResponse] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::ListServiceAccountKeysResponse]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 398
def list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}/keys', options)
  command.response_representation = Google::Apis::IamV1::ListServiceAccountKeysResponse::Representation
  command.response_class = Google::Apis::IamV1::ListServiceAccountKeysResponse
  command.params['name'] = name unless name.nil?
  command.query['keyTypes'] = key_types unless key_types.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Lists service accounts for a project. @param [String] name

Required. The resource name of the project associated with the service
accounts, such as "projects/123"

@param [Fixnum] page_size

Optional limit on the number of service accounts to include in the response.
Further accounts can subsequently be obtained by including the [
ListServiceAccountsResponse.next_page_token] in a subsequent request.

@param [String] page_token

Optional pagination token returned in an earlier [ListServiceAccountsResponse.
next_page_token].

@param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::ListServiceAccountsResponse] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::ListServiceAccountsResponse]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 79
def list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}/serviceAccounts', options)
  command.response_representation = Google::Apis::IamV1::ListServiceAccountsResponse::Representation
  command.response_class = Google::Apis::IamV1::ListServiceAccountsResponse
  command.params['name'] = name unless name.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Sets the IAM access control policy for the specified IAM resource. @param [String] resource

REQUIRED: The resource for which the policy is being specified. `resource` is
usually specified as a path, such as `projects  project  zones  zone  disks/*
disk*`. The format for the path specified in this value is resource specific
and is specified in the `setIamPolicy` documentation.

@param [Google::Apis::IamV1::SetIamPolicyRequest] set_iam_policy_request_object @param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::Policy]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 323
def set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
  command.request_representation = Google::Apis::IamV1::SetIamPolicyRequest::Representation
  command.request_object = set_iam_policy_request_object
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Signs a blob using a service account. @param [String] name

The resource name of the service account in the format "projects/`project`/
serviceAccounts/`account`". Using '-' as a wildcard for the project, will
infer the project from the account. The account value can be the email address
or the unique_id of the service account.

@param [Google::Apis::IamV1::SignBlobRequest] sign_blob_request_object @param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::SignBlobResponse] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::SignBlobResponse]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 254
def sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}:signBlob', options)
  command.request_representation = Google::Apis::IamV1::SignBlobRequest::Representation
  command.request_object = sign_blob_request_object
  command.response_representation = Google::Apis::IamV1::SignBlobResponse::Representation
  command.response_class = Google::Apis::IamV1::SignBlobResponse
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Tests the specified permissions against the IAM access control policy for the specified IAM resource. @param [String] resource

REQUIRED: The resource for which the policy detail is being requested. `
resource` is usually specified as a path, such as `projects  project  zones  
zone  disks/*disk*`. The format for the path specified in this value is
resource specific and is specified in the `testIamPermissions` documentation.

@param [Google::Apis::IamV1::TestIamPermissionsRequest] test_iam_permissions_request_object @param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::TestIamPermissionsResponse] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::TestIamPermissionsResponse]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 360
def test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
  command.request_representation = Google::Apis::IamV1::TestIamPermissionsRequest::Representation
  command.request_object = test_iam_permissions_request_object
  command.response_representation = Google::Apis::IamV1::TestIamPermissionsResponse::Representation
  command.response_class = Google::Apis::IamV1::TestIamPermissionsResponse
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end
update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil, &block) click to toggle source

Updates a service account. Currently, only the following fields are updatable: 'display_name' . The 'etag' is mandatory. @param [String] name

The resource name of the service account in the format "projects/`project`/
serviceAccounts/`account`". In requests using '-' as a wildcard for the
project, will infer the project from the account and the account value can be
the email address or the unique_id of the service account. In responses the
resource name will always be in the format "projects/`project`/serviceAccounts/
`email`".

@param [Google::Apis::IamV1::ServiceAccount] service_account_object @param [String] fields

Selector specifying which fields to include in a partial response.

@param [String] #quota_user

Available to use for quota purposes for server-side applications. Can be any
arbitrary string assigned to a user, but should not exceed 40 characters.

@param [Google::Apis::RequestOptions] options

Request-specific options

@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::IamV1::ServiceAccount] parsed result object @yieldparam err [StandardError] error object if request failed

@return [Google::Apis::IamV1::ServiceAccount]

@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required

# File generated/google/apis/iam_v1/service.rb, line 185
def update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:put, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.request_object = service_account_object
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

Protected Instance Methods

apply_command_defaults(command) click to toggle source
# File generated/google/apis/iam_v1/service.rb, line 513
def apply_command_defaults(command)
  command.query['key'] = key unless key.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
end