deepblue/GoogleDriveManagement
1
0
Fork 0
mirror of https://github.com/GAM-team/GAM.git synced 2025-07-09 22:23:35 +00:00
Code Issues Actions 19 Packages Projects Releases Wiki Activity

More expireTime updates (#1299)

Browse Source
This commit is contained in:
Ross Scroggs
2020-12-31 08:38:14 -08:00
committed by GitHub
parent 4f8980184f
commit 0cda3fca31
3 changed files with 44 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/GamCommands.txt
View File

@ -1243,10 +1243,10 @@ gam print mobile [todrive] [(query <QueryMobile>)|(queries <QueryMobileList>)] [
gam create cigroup <EmailAddress> <CIGroupAttribute>*
[makeowner] [alias|aliases <AliasList>] [dynamic <QueryDynamicGroup>]
gam update cigroup <GroupItem> [email <EmailAddress>] <CIGroupAttribute>* [security]
gam update cigroup <GroupItem> add [owner|manager|member] [notsuspended|suspended] [expiretime <Time>] <UserTypeEntity>
gam update cigroup <GroupItem> add [owner|manager|member] [notsuspended|suspended] [expires never|<Time>] <UserTypeEntity>
gam update cigroup <GroupItem> delete|remove [owner|manager|member] [notsuspended|suspended] <UserTypeEntity>
gam update cigroup <GroupItem> sync [owner|manager|member] [notsuspended|suspended] [expiretime <Time>] <UserTypeEntity>
gam update cigroup <GroupItem> update [owner|manager|member] [notsuspended|suspended] [expiretime <Time>] <UserTypeEntity>
gam update cigroup <GroupItem> sync [owner|manager|member] [notsuspended|suspended] [expires never|<Time>] <UserTypeEntity>
gam update cigroup <GroupItem> update [owner|manager|member] [notsuspended|suspended] [expires never|<Time>] <UserTypeEntity>
gam update cigroup <GroupItem> clear [member] [manager] [owner] [notsuspended|suspended]
gam delete cigroup <GroupItem>
gam info cigroup <GroupItem> [nousers] [nojoindate] [showupdatedate]

45
src/gam/gapi/cloudidentity/groups.py
View File

@ -475,7 +475,7 @@ def update():
if role != ROLE_MEMBER:
controlflow.invalid_argument_exit(
sys.argv[i], f'role {role}')
expireTime = sys.argv[i+1]
expireTime = utils.get_time_or_delta_from_now(sys.argv[i+1])
i += 2
if sys.argv[i].lower() in usergroup_types:
users_email = gam.getUsersToModify(entity_type=sys.argv[i].lower(),
@ -525,7 +525,7 @@ def update():
}
if role != ROLE_MEMBER:
body['roles'].append({'name': role})
if expireTime:
elif expireTime not in {None, NEVER_TIME}:
for role in body['roles']:
if role['name'] == ROLE_MEMBER:
role['expiryDetail'] = {'expireTime': expireTime}
@ -596,7 +596,7 @@ def update():
for user in to_add:
item = ['gam', 'update', 'cigroup', f'id:{parent}', 'add',
role,]
if expireTime:
if role == ROLE_MEMBER and expireTime not in {None, NEVER_TIME}:
item.extend(['expires', expireTime])
item.append(user)
items.append(item)
@ -646,39 +646,48 @@ def update():
items.append(item)
elif len(users_email) > 0:
name = membership_email_to_id(ci, parent, users_email[0])
preUpdateRoles = []
addRoles = []
removeRoles = []
updateRoles = []
current_roles = gapi.call(ci.groups().memberships(),
postUpdateRoles = []
member_roles = gapi.call(ci.groups().memberships(),
'get',
name=name,
fields='roles').get('roles', [])
current_roles = [crole['name'] for crole in current_roles]
if expireTime:
if ROLE_MEMBER in current_roles:
updateRoles.append(
fields='roles').get('roles', [{'name': ROLE_MEMBER}])
current_roles = [crole['name'] for crole in member_roles]
# When upgrading role, strip any expiryDetail from member before role changes
if role != ROLE_MEMBER:
for crole in member_roles:
if 'expiryDetail' in crole:
preUpdateRoles.append(
{'fieldMask': 'expiryDetail.expireTime',
'membershipRole': {'name': ROLE_MEMBER,
'expiryDetail': {'expireTime': None}}})
break
# When downgrading role or simply updating member expireTime, update expiryDetail after role changes
elif expireTime:
postUpdateRoles.append(
{'fieldMask': 'expiryDetail.expireTime',
'membershipRole': {'name': role,
'expiryDetail': {'expireTime': expireTime}}})
else:
addRoles.append(
{'name': role, 'expiryDetail': {'expireTime': expireTime}})
else:
'expiryDetail': {'expireTime': expireTime if expireTime != NEVER_TIME else None}}})
for crole in current_roles:
if crole not in {ROLE_MEMBER, role}:
removeRoles.append(crole)
if role not in current_roles:
new_role = {'name': role}
if role == ROLE_MEMBER and expireTime:
if role == ROLE_MEMBER and expireTime not in {None, NEVER_TIME}:
new_role['expiryDetail'] = {'expireTime': expireTime}
postUpdateRoles = []
addRoles.append(new_role)
bodys = []
if preUpdateRoles:
bodys.append({'updateRolesParams': preUpdateRoles})
if addRoles:
bodys.append({'addRoles': addRoles})
if removeRoles:
bodys.append({'removeRoles': removeRoles})
if updateRoles:
bodys.append({'updateRolesParams': updateRoles})
if postUpdateRoles:
bodys.append({'updateRolesParams': postUpdateRoles})
for body in bodys:
try:
gapi.call(ci.groups().memberships(),

4
src/gam/utils.py
View File

@ -228,12 +228,14 @@ def get_yyyymmdd(argstr, minLen=1, returnTimeStamp=False, returnDateTime=False):
def get_time_or_delta_from_now(time_string):
"""Get an ISO 8601 time or a positive/negative delta applied to now.
Args:
time_string (string): The time or delta (e.g. '2017-09-01T12:34:56Z' or '-4h')
time_string (string): The time or delta (e.g. '2017-09-01T12:34:56Z' or '-4h') or never
Returns:
string: iso8601 formatted datetime in UTC.
"""
time_string = time_string.strip().upper()
if time_string:
if time_string == 'NEVER':
return NEVER_TIME
if time_string[0] not in ['+', '-']:
return time_string
return (datetime.datetime.utcnow() +