Work around API restriction that roleId and userKey are mutually exclusive (#1406)

2026-06-28 09:51:36 +00:00 · 2021-08-10 03:30:52 -07:00
parent b42946bbe1
commit 1a9de867f9
1 changed files with 9 additions and 5 deletions
--- a/src/gam/init.py
+++ b/src/gam/init.py
@@ -1756,8 +1756,8 @@ def doCreateAdmin():
 def doPrintAdmins():
    cd = buildGAPIObject('directory')
    roleId = None
-    userKey = None
    todrive = False
+    kwargs = {}
    fields = 'nextPageToken,items(roleAssignmentId,roleId,assignedTo,scopeType,orgUnitId)'
    titles = [
        'roleAssignmentId', 'roleId', 'role', 'assignedTo', 'assignedToUser',
@@ -1768,7 +1768,7 @@ def doPrintAdmins():
    while i < len(sys.argv):
        myarg = sys.argv[i].lower()
        if myarg == 'user':
-            userKey = normalizeEmailAddressOrUID(sys.argv[i + 1])
+            kwargs['userKey'] = normalizeEmailAddressOrUID(sys.argv[i + 1])
            i += 2
        elif myarg == 'role':
            roleId = getRoleId(sys.argv[i + 1])
@@ -1778,14 +1778,18 @@ def doPrintAdmins():
            i += 1
        else:
            controlflow.invalid_argument_exit(sys.argv[i], 'gam print admins')
+    if roleId and not kwargs:
+        kwargs['roleId'] = roleId
+        roleId = None
    admins = gapi.get_all_pages(cd.roleAssignments(),
                                'list',
                                'items',
                                customer=GC_Values[GC_CUSTOMER_ID],
-                                userKey=userKey,
-                                roleId=roleId,
-                                fields=fields)
+                                fields=fields,
+                                **kwargs)
    for admin in admins:
+        if roleId and roleId != admin['roleId']:
+            continue
        admin_attrib = {}
        for key, value in list(admin.items()):
            if key == 'assignedTo':