updating tests

shubhangi-google · shubhangi-google · commit b4e1f137ebe4 · 2026-04-07T12:39:53.000Z
diff --git a/google-cloud-storage/lib/google/cloud/storage/bucket.rb b/google-cloud-storage/lib/google/cloud/storage/bucket.rb
@@ -761,30 +761,50 @@ def customer_managed_encryption_enforcement_config= new_customer_managed_encrypt
           patch_gapi! :encryption
         end
 
-       # Updates the bucket's encryption enforcement configuration.
-       #
-       # This method applies a patch to the bucket's encryption settings using the 
-       # provided configuration.
-       #
-       # @param incoming_config [Hash, Google::Apis::StorageV1::Bucket::Encryption] 
-       #   The encryption configuration to apply. If a Hash is provided, it should 
-       #   contain keys corresponding to the encryption enforcement types.
-       #
-       # @example Updating to Google-Managed Encryption
-       #   storage = Google::Cloud::Storage.new
-       #   bucket = storage.bucket "my-bucket"
-       #
-       #   new_config = {
-       #     google_managed_encryption_enforcement_config: { restriction_mode: "NotRestricted" }
-       #   }
-       #
-       #   bucket.update_bucket_encryption_enforcement_config new_config
-       #
-       # @return [void]
-       # @raise [Google::Cloud::Error] If the API request fails (e.g., insufficient permissions).
-       def update_bucket_encryption_enforcement_config incoming_config
-         patch_gapi! :encryption, bucket_encryption_config: incoming_config
-       end
+        # Updates the bucket's encryption enforcement configuration.
+        #
+        # This method applies a patch to the bucket's encryption settings using the 
+        # provided configuration.
+        #
+        # @param incoming_config [Hash, Google::Apis::StorageV1::Bucket::Encryption] 
+        #   The encryption configuration to apply. If a Hash is provided, it should 
+        #   contain keys corresponding to the encryption enforcement types.
+        #
+        # @example Updating to Google-Managed Encryption
+        #   storage = Google::Cloud::Storage.new
+        #   bucket = storage.bucket "my-bucket"
+        #
+        #   new_config = {
+        #     google_managed_encryption_enforcement_config: { restriction_mode: "NotRestricted" }
+        #   }
+        #
+        #   bucket.update_bucket_encryption_enforcement_config new_config
+        #
+        # @return [void]
+        # @raise [Google::Cloud::Error] If the API request fails (e.g., insufficient permissions).
+        def update_bucket_encryption_enforcement_config incoming_config
+          allowed_keys = [
+            :google_managed_encryption_enforcement_config,
+            :customer_managed_encryption_enforcement_config,
+            :customer_supplied_encryption_enforcement_config
+          ]
+          # binding.pry
+          if incoming_config.is_a? Hash
+            input_keys = incoming_config.keys
+
+            raise ArgumentError, "Config cannot be empty" if input_keys.empty?
+
+            extra_keys = input_keys - allowed_keys
+            unless extra_keys.empty?
+              raise ArgumentError, "Invalid config detected: #{extra_keys.join(', ')}. " \
+                                  "Only #{allowed_keys.join(', ')} are allowed."
+            end
+          else
+            raise ArgumentError, "incoming_config must be a Hash"
+          end
+
+          patch_gapi! :encryption, bucket_encryption_config: incoming_config
+        end
 
         ##
         # The bucket's encryption configuration for customer-supplied encryption keys.
diff --git a/google-cloud-storage/samples/storage_update_bucket_encryption_enforcement_config.rb b/google-cloud-storage/samples/storage_update_bucket_encryption_enforcement_config.rb
@@ -23,11 +23,11 @@ def update_bucket_encryption_enforcement_config bucket_name:
   storage = Google::Cloud::Storage.new
   bucket = storage.bucket bucket_name
   # Update a specific type (e.g., change GMEK to NotRestricted)
-  google_managed_config =  {
+  new_config =  {
     google_managed_encryption_enforcement_config: { restriction_mode: "NotRestricted" }
   }
-  
-  bucket.update_bucket_encryption_enforcement_config google_managed_config
+
+  bucket.update_bucket_encryption_enforcement_config new_config
 
   puts "Updated google_managed_config to " \
        "#{bucket.google_managed_encryption_enforcement_config.restriction_mode} " \
diff --git a/google-cloud-storage/test/google/cloud/storage/bucket_encryption_test.rb b/google-cloud-storage/test/google/cloud/storage/bucket_encryption_test.rb
@@ -177,6 +177,25 @@
       mock.verify
     end
 
+    it "raises error when invalid config is provided for update " do
+      config = { 
+        wrongconfig: { restriction_mode: "NotRestricted" }
+      }
+      err = assert_raises(ArgumentError) do
+        bucket.update_bucket_encryption_enforcement_config(config)
+      end
+      assert_match /Invalid config detected: wrongconfig/, err.message
+
+    end
+
+    it "raises error when a Hash in not provided for update " do
+      config = "wrongconfig"
+      err = assert_raises(ArgumentError) do
+        bucket.update_bucket_encryption_enforcement_config(config)
+      end
+      assert /incoming_config must be a Hash/
+
+    end
 
     it "deletes all encryption enforcement configs together and preserves default_kms_key" do
       mock = Minitest::Mock.new
