deepblue/GoogleDriveManagement
1
0
Fork 0
mirror of https://github.com/GAM-team/GAM.git synced 2026-06-20 22:21:37 +00:00
Code Issues Actions 13 Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/gam-team/gam
Some checks are pending
Build and test GAM / build (Win64, build, 8, VC-WIN64A, windows-2022) (push) Waiting to run
Details
Build and test GAM / build (aarch64, build, 3, linux-aarch64, [self-hosted linux arm64]) (push) Waiting to run
Details
Build and test GAM / build (aarch64, build, 5, linux-aarch64, [self-hosted linux arm64], yes) (push) Waiting to run
Details
Build and test GAM / build (aarch64, build, 7, darwin64-arm64, macos-14) (push) Waiting to run
Details
Build and test GAM / build (x86_64, build, 1, linux-x86_64, ubuntu-22.04) (push) Waiting to run
Details
Build and test GAM / build (x86_64, build, 2, linux-x86_64, ubuntu-24.04) (push) Waiting to run
Details
Build and test GAM / build (x86_64, build, 4, linux-x86_64, ubuntu-22.04, yes) (push) Waiting to run
Details
Build and test GAM / build (x86_64, build, 6, darwin64-x86_64, macos-13) (push) Waiting to run
Details
Build and test GAM / build (x86_64, test, 10, ubuntu-24.04, 3.10) (push) Waiting to run
Details
Build and test GAM / build (x86_64, test, 11, ubuntu-24.04, 3.11) (push) Waiting to run
Details
Build and test GAM / build (x86_64, test, 12, ubuntu-24.04, 3.12) (push) Waiting to run
Details
Build and test GAM / build (x86_64, test, 9, ubuntu-24.04, 3.9) (push) Waiting to run
Details
Build and test GAM / merge (push) Blocked by required conditions
Details
Build and test GAM / publish (push) Blocked by required conditions
Details
CodeQL / Analyze (python) (push) Waiting to run
Details
Check for Google Root CA Updates / check-apis (push) Waiting to run
Details

Browse Source
This commit is contained in:
Jay Lee
2024-10-22 20:32:54 -04:00
parent 0f8c361dcd beb75dbc20
commit 1474335a79
8 changed files with 56 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/build.yml vendored
View File

@@ -115,7 +115,7 @@ jobs:
with:
path: |
cache.tar.xz
key: gam-${{ matrix.jid }}-20241014
key: gam-${{ matrix.jid }}-20241022
- name: Untar Cache archive
if: matrix.goal == 'build' && steps.cache-python-ssl.outputs.cache-hit == 'true'

7
docs/Authorization.md
View File

@@ -163,12 +163,11 @@ as required by Google for headless computers/cloud shells; this is required as o
```
## Manage Projects
In all of the project commands, the Google Workspace admin/GCP project manager `<EmailAddress>` can be omitted; you will be prompted for a value.
You must enter a full address, i.e., user@domain.com; you will be required to enter the password.
You must enter a full address, i.e., user@domain.com; you will be required to authenticate.
For `print|show projects`, you can eliminate the password requirement by enabling the following scope in `gam update serviceaccount`;
GAM will then use Service Account access to display projects.
For `print|show projects`, you can eliminate the password prompt and authentication requirement by specifying the super admin emailaddress used in `gam oauth create`.
```
[*] 9) Cloud Resource Manager API v3
gam print projects admin admin@domain.com
```
## Authorize a super admin to create projects

11
docs/GamUpdates.md
View File

@@ -10,6 +10,17 @@ Add the `-s` option to the end of the above commands to suppress creating the `g
See [Downloads-Installs-GAM7](https://github.com/GAM-team/GAM/wiki/Downloads-Installs) for Windows or other options, including manual installation
### 7.00.26
Updated `drive_dir` in `gam.cfg` to allow the value `.` that causes `redirect csv|stdout|stderr <FileName>`
to write `<FileName>` in the current directory without having to prefix `<FileName>` with `./`.
Upgraded to OpenSSL 3.4.0 where possible.
### 7.00.25
Updated authentication process for `gam print|show projects`.
### 7.00.24
Updated `gam print|show projects ... showiampolicies 0|1|3` to use non-service account authentication.

4
docs/How-to-Upgrade-Legacy-GAM-to-GAM7.md
View File

@@ -251,7 +251,7 @@ writes the credentials into the file oauth2.txt.
admin@server:/Users/admin$ rm -f /Users/admin/GAMConfig/oauth2.txt
admin@server:/Users/admin$ gam version
WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.26 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -923,7 +923,7 @@ writes the credentials into the file oauth2.txt.
C:\>del C:\GAMConfig\oauth2.txt
C:\>gam version
WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found
GAM7 7.00.24 - https://github.com/GAM-team/GAM - pythonsource
GAM7 7.00.26 - https://github.com/GAM-team/GAM - pythonsource
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
Windows-10-10.0.17134 AMD64

30
docs/Version-and-Help.md
View File

@@ -3,7 +3,7 @@
Print the current version of Gam with details
```
gam version
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.26 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -15,7 +15,7 @@ Time: 2023-06-02T21:10:00-07:00
Print the current version of Gam with details and time offset information
```
gam version timeoffset
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.26 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -27,7 +27,7 @@ Your system time differs from www.googleapis.com by less than 1 second
Print the current version of Gam with extended details and SSL information
```
gam version extended
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.26 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -35,17 +35,17 @@ Path: /Users/Admin/bin/gam7
Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com
Time: 2023-06-02T21:10:00-07:00
Your system time differs from admin.googleapis.com by less than 1 second
OpenSSL 3.1.1 30 May 2023
cryptography 41.0.1
filelock 3.13.0
google-api-python-client 2.88.0
google-auth-httplib2 0.1.0
google-auth-oauthlib 1.0.0
google-auth 2.19.1
OpenSSL 3.4.0 22 Oct Sep 2024
cryptography 43.0.3
filelock 3.16.1
google-api-python-client 2.149.0
google-auth-httplib2 0.2.0
google-auth-oauthlib 1.2.1
google-auth 2.35.0
httplib2 0.22.0
passlib 1.7.4
python-dateutil 2.8.2
yubikey-manager 5.1.1
python-dateutil 2.9.0.post0
yubikey-manager 5.5.1
admin.googleapis.com connects using TLSv1.3 TLS_AES_256_GCM_SHA384
```
@@ -64,7 +64,7 @@ MacOS High Sierra 10.13.6 x86_64
Path: /Users/Admin/bin/gam7
Version Check:
Current: 5.35.08
Latest: 7.00.24
Latest: 7.00.26
echo $?
1
```
@@ -72,7 +72,7 @@ echo $?
Print the current version number without details
```
gam version simple
7.00.24
7.00.26
```
In Linux/MacOS you can do:
```
@@ -82,7 +82,7 @@ echo $VER
Print the current version of Gam and address of this Wiki
```
gam help
GAM 7.00.24 - https://github.com/GAM-team/GAM
GAM 7.00.26 - https://github.com/GAM-team/GAM
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64

9
src/GamUpdate.txt
View File

@@ -1,3 +1,12 @@
7.00.26
Updated `drive_dir` in `gam.cfg` to allow the value `.` that causes `redirect csv|stdout|stderr <FileName>`
to write `<FileName>` in the current directory without having to prefix `<FileName>` with `./`.
7.00.25
Updated authentication process for `gam print|show projects`.
7.00.24
Updated `gam print|show projects ... showiampolicies 0|1|3` to use non-service account authentication.

32
src/gam/__init__.py
View File

@@ -25,7 +25,7 @@ https://github.com/GAM-team/GAM/wiki
"""
__author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
__version__ = '7.00.24'
__version__ = '7.00.26'
__license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
#pylint: disable=wrong-import-position
@@ -3671,7 +3671,7 @@ def SetGlobalVariables():
dirPath = os.path.expanduser(_stripStringQuotes(GM.Globals[GM.PARSER].get(sectionName, itemName)))
if (not dirPath) and (itemName in {GC.GMAIL_CSE_INCERT_DIR, GC.GMAIL_CSE_INKEY_DIR}):
return dirPath
if (not dirPath) or (not os.path.isabs(dirPath)):
if (not dirPath) or (not os.path.isabs(dirPath) and dirPath != '.'):
if (sectionName != configparser.DEFAULTSECT) and (GM.Globals[GM.PARSER].has_option(sectionName, itemName)):
dirPath = os.path.join(os.path.expanduser(_stripStringQuotes(GM.Globals[GM.PARSER].get(configparser.DEFAULTSECT, itemName))), dirPath)
if not os.path.isabs(dirPath):
@@ -11381,19 +11381,21 @@ def _getProjects(crm, pfilter, returnNF=False):
query=pfilter)
if projects:
return projects
if not pfilter:
if (not pfilter) or pfilter == GAM_PROJECT_FILTER:
return []
if pfilter.startswith('id:'):
projects = [callGAPI(crm.projects(), 'get',
throwReasons=[GAPI.BAD_REQUEST, GAPI.INVALID_ARGUMENT, GAPI.PERMISSION_DENIED],
name=f'projects/{pfilter[3:]}')]
if projects or not returnNF:
return projects
return [{'projectId': pfilter[3:], 'state': 'NF'}]
if projects or not returnNF:
return projects
return []
except (GAPI.badRequest, GAPI.invalidArgument) as e:
entityActionFailedExit([Ent.PROJECT, pfilter], str(e))
except GAPI.permissionDenied:
return []
if (not pfilter) or (not pfilter.startswith('id:')) or (not returnNF):
return []
return [{'projectId': pfilter[3:], 'state': 'NF'}]
def _checkProjectFound(project, i, count):
if project.get('state', '') != 'NF':
@@ -11561,6 +11563,8 @@ def _getLoginHintProjects(createSvcAcctCmd=False, deleteSvcAcctCmd=False, printS
if login_hint and login_hint.find('@') == -1:
Cmd.Backup()
login_hint = None
if readOnly and login_hint and login_hint != _getAdminEmail():
readOnly = False
projectIds = None
pfilter = getString(Cmd.OB_STRING, optional=True)
if not pfilter:
@@ -11602,15 +11606,9 @@ def _getLoginHintProjects(createSvcAcctCmd=False, deleteSvcAcctCmd=False, printS
login_hint = _getValidateLoginHint(login_hint, projectId)
crm = None
if readOnly:
_getSvcAcctData()
if (GM.Globals[GM.SVCACCT_SCOPES_DEFINED] and
(API.CLOUDRESOURCEMANAGER in GM.Globals[GM.SVCACCT_SCOPES] or
API.CLOUDRESOURCEMANAGER_V1 in GM.Globals[GM.SVCACCT_SCOPES])): #Backwards compatibility hack
# Removed 6.21.05
# _, crm = buildGAPIServiceObject(API.CLOUDRESOURCEMANAGER, login_hint)
_, crm = buildGAPIServiceObject(API.CLOUDRESOURCEMANAGER, None)
if crm:
httpObj = crm._http
_, crm = buildGAPIServiceObject(API.CLOUDRESOURCEMANAGER, None)
if crm:
httpObj = crm._http
if not crm:
httpObj, crm = getCRMService(login_hint)
if projectIds is None:
@@ -11620,7 +11618,7 @@ def _getLoginHintProjects(createSvcAcctCmd=False, deleteSvcAcctCmd=False, printS
else:
projects = _getProjects(crm, f'id:{projectId}', returnNF=True)
else:
projects = _getProjects(crm, pfilter)
projects = _getProjects(crm, pfilter, returnNF=printShowCmd)
else:
projects = []
for projectId in projectIds:

5
src/gam/gamlib/glapi.py
View File

@@ -50,7 +50,6 @@ CLOUDIDENTITY_ORGUNITS = 'cloudidentityorgunits'
CLOUDIDENTITY_ORGUNITS_BETA = 'cloudidentityorgunitsbeta'
CLOUDIDENTITY_USERINVITATIONS = 'cloudidentityuserinvitations'
CLOUDRESOURCEMANAGER = 'cloudresourcemanager'
CLOUDRESOURCEMANAGER_V1 = 'cloudresourcemanager1'
CONTACTS = 'contacts'
CONTACTDELEGATION = 'contactdelegation'
DATATRANSFER = 'datatransfer'
@@ -702,10 +701,6 @@ _SVCACCT_SCOPES = [
]
_SVCACCT_SPECIAL_SCOPES = [
{'name': 'Cloud Resource Manager API v3',
'api': CLOUDRESOURCEMANAGER,
'subscopes': [],
'scope': CLOUD_PLATFORM_SCOPE},
{'name': 'Drive API - todrive',
'api': DRIVETD,
'subscopes': [],