From 0feee6e00741384ce065e2a3a75e2e8930e79926 Mon Sep 17 00:00:00 2001
From: ejochman <34144949+ejochman@users.noreply.github.com>
Date: Fri, 20 Mar 2020 10:19:48 -0700
Subject: [PATCH] Avoid requests to impersonate a resource calendar (#1122)

* Avoid requests to impersonate a resource calendar

Fixes jay0lee/GAM#1120

* Also avoid impersonating Group calendars
---
 src/gapi/calendar.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/gapi/calendar.py b/src/gapi/calendar.py
index e86b241f..b8ae1a4e 100644
--- a/src/gapi/calendar.py
+++ b/src/gapi/calendar.py
@@ -30,14 +30,18 @@ def buildCalendarGAPIObject(calname):
 
 def buildCalendarDataGAPIObject(calname):
     calendarId = normalizeCalendarId(calname)
-    # Force service account token request. If we fail fall back to using
-    # admin for authentication
-    cal = __main__.buildGAPIServiceObject('calendar', calendarId, False)
+
+    # Try to impersonate the calendar owner. If we fail, fall back to using
+    # admin for authentication. Resource calendars cannot be impersonated,
+    # so we need to access them as the admin.
+    cal = None
+    if (not calname.endswith('@resource.calendar.google.com') and
+        not calname.endswith('@group.calendar.google.com')):
+        cal = __main__.buildGAPIServiceObject('calendar', calendarId, False)
     if cal is None:
         _, cal = buildCalendarGAPIObject(__main__._getValueFromOAuth('email'))
     return (calendarId, cal)
 
-
 def printShowACLs(csvFormat):
     calendarId, cal = buildCalendarDataGAPIObject(sys.argv[2])
     if not cal: