Add verifytarget to update alias to address Issue #1479 (#1481)

* Add verifytarget to update alias to address Issue #1479 * Make default behavior in update alias to be verify; provide opt-out * Update __init__.py * Remove verifynotinvitable check on update alias
2025-05-11 11:47:21 +00:00 · 2022-02-12 07:59:27 -08:00 · 2022-02-12 07:59:27 -08:00 · 1d5a8ec81b
commit 1d5a8ec81b
parent f6c4e26b3b
2 changed files with 32 additions and 10 deletions
--- a/src/GamCommands.txt
+++ b/src/GamCommands.txt
@ -1052,7 +1052,7 @@ gam info org|ou <OrgUnitPath> [nousers|notsuspended|suspended] [children|child]
 gam print orgs|ous [todrive] [toplevelonly] [from_parent <OrgUnitPath>] [allfields|(fields <OrgUnitFieldNameList>)]

 gam create alias|nickname <EmailAddress> user|group|target <UniqueID>|<EmailAddress> [verifynotinvitable]
-gam update alias|nickname <EmailAddress> user|group|target <UniqueID>|<EmailAddress> [verifynotinvitable]
+gam update alias|nickname <EmailAddress> user|group|target <UniqueID>|<EmailAddress> [notargetverify]
 gam delete alias|nickname [user|group|target] <UniqueID>|<EmailAddress>
 gam info alias|nickname <EmailAddress>
 gam print aliases|nicknames [todrive] [shownoneditable] [nogroups] [nousers] [(query <QueryUser>)|(queries <QueryUserList)]
--- a/src/gam/init.py
+++ b/src/gam/init.py
@ -8327,6 +8327,24 @@ def doRemoveUsersAliases(users):


 def doUpdateAlias():
+    def verify_alias_target_exists():
+      if target_type != 'group':
+          try:
+              gapi.call(cd.users(), 'get',
+                        throw_reasons=[gapi_errors.ErrorReason.USER_NOT_FOUND],
+                        userKey=target_email)
+              return 'user'
+          except gapi_errors.GapiUserNotFoundError:
+              if target_type == 'user':
+                  return None
+      try:
+          gapi.call(cd.groups(), 'get',
+                    throw_reasons=[gapi_errors.ErrorReason.GROUP_NOT_FOUND],
+                    groupKey=target_email)
+          return 'group'
+      except gapi_errors.GapiGroupNotFoundError:
+          return None
+
    cd = buildGAPIObject('directory')
    alias = normalizeEmailAddressOrUID(sys.argv[3], noUid=True, noLower=True)
    target_type = sys.argv[4].lower()
@ -8334,15 +8352,19 @@ def doUpdateAlias():
        controlflow.expected_argument_exit(
            'target type', ', '.join(['user', 'group', 'target']), target_type)
    target_email = normalizeEmailAddressOrUID(sys.argv[5])
-    if len(sys.argv) > 6:
-        myarg = sys.argv[6].lower().replace('_', '')
-        if myarg != 'verifynotinvitable':
-            controlflow.system_error_exit(
-                3,
-                f'{myarg} is not a valid argument for "gam update alias"'
-                )
-        if gapi_cloudidentity_userinvitations.is_invitable_user(alias):
-            controlflow.system_error_exit(51, f'Alias not updated, {alias} is an unmanaged account')
+    verifyTarget = True
+    i = 6
+    while i < len(sys.argv):
+        myarg = sys.argv[i].lower().replace('_', '')
+        if myarg == 'noverifytarget':
+            verifyTarget = False
+            i += 1
+        else:
+            controlflow.system_error_exit(3, f'{myarg} is not a valid argument for "gam update alias"')
+    if verifyTarget:
+        target_type = verify_alias_target_exists()
+        if target_type is None:
+            controlflow.system_error_exit(51, f'Alias not updated, {target_email} does not exist')
    try:
        gapi.call(cd.users().aliases(),
                  'delete',