deepblue/GoogleDriveManagement
1
0
Fork 0
mirror of https://github.com/GAM-team/GAM.git synced 2025-07-06 04:33:34 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Fix missing scope issue; other minor fixs

Browse Source
This commit is contained in:
Ross Scroggs
2024-05-13 20:17:22 -07:00
parent 0cef0aecb5
commit 2c039c3730
3 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/gam/__init__.py
View File

@ -672,7 +672,7 @@ def SvcAcctAPIAccessDeniedExit():
apiOrScopes = API.getAPIName(GM.Globals[GM.CURRENT_SVCACCT_API]) if GM.Globals[GM.CURRENT_SVCACCT_API] else ','.join(sorted(GM.Globals[GM.CURRENT_SVCACCT_API_SCOPES])) apiOrScopes = API.getAPIName(GM.Globals[GM.CURRENT_SVCACCT_API]) if GM.Globals[GM.CURRENT_SVCACCT_API] else ','.join(sorted(GM.Globals[GM.CURRENT_SVCACCT_API_SCOPES]))
writeStderr(Msg.API_CHECK_SVCACCT_AUTHORIZATION.format(GM.Globals[GM.OAUTH2SERVICE_CLIENT_ID], writeStderr(Msg.API_CHECK_SVCACCT_AUTHORIZATION.format(GM.Globals[GM.OAUTH2SERVICE_CLIENT_ID],
apiOrScopes, apiOrScopes,
GM.Globals[GM.CURRENT_SVCACCT_USER])) GM.Globals[GM.CURRENT_SVCACCT_USER] or 'user@domain.com'))
systemErrorExit(API_ACCESS_DENIED_RC, None) systemErrorExit(API_ACCESS_DENIED_RC, None)
def SvcAcctAPIDisabledExit(): def SvcAcctAPIDisabledExit():
@ -11379,7 +11379,7 @@ def _getLoginHintProjectInfo(createCmd):
svcAcctInfo = {'name': '', 'displayName': '', 'description': ''} svcAcctInfo = {'name': '', 'displayName': '', 'description': ''}
if not Cmd.PeekArgumentPresent(['admin', 'appname', 'supportemail', 'project', 'parent', if not Cmd.PeekArgumentPresent(['admin', 'appname', 'supportemail', 'project', 'parent',
'projectname', 'saname', 'sadisplayname', 'sadescription', 'projectname', 'saname', 'sadisplayname', 'sadescription',
'algorithm', 'localkeysize', 'yubikey']): 'algorithm', 'localkeysize', 'validityhours', 'yubikey']):
login_hint = getString(Cmd.OB_EMAIL_ADDRESS, optional=True) login_hint = getString(Cmd.OB_EMAIL_ADDRESS, optional=True)
if login_hint and login_hint.find('@') == -1: if login_hint and login_hint.find('@') == -1:
Cmd.Backup() Cmd.Backup()
@ -11405,7 +11405,7 @@ def _getLoginHintProjectInfo(createCmd):
pass pass
elif createCmd and _getAppInfo(myarg, appInfo): elif createCmd and _getAppInfo(myarg, appInfo):
pass pass
elif myarg in {'algorithm', 'localkeysize', 'yubikey'}: elif myarg in {'algorithm', 'localkeysize', 'validityhours', 'yubikey'}:
Cmd.Backup() Cmd.Backup()
break break
else: else:
@ -12368,6 +12368,8 @@ def doProcessSvcAcctKeys(mode, iam=None, projectId=None, clientEmail=None, clien
local_key_size = 0 local_key_size = 0
elif myarg == 'localkeysize': elif myarg == 'localkeysize':
local_key_size = int(getChoice(['1024', '2048', '4096'])) local_key_size = int(getChoice(['1024', '2048', '4096']))
elif myarg == 'validityhours':
validityHours = getInteger()
elif myarg == 'yubikey': elif myarg == 'yubikey':
new_data['key_type'] = 'yubikey' new_data['key_type'] = 'yubikey'
elif myarg == 'yubikeyslot': elif myarg == 'yubikeyslot':
@ -12376,8 +12378,6 @@ def doProcessSvcAcctKeys(mode, iam=None, projectId=None, clientEmail=None, clien
new_data['yubikey_pin'] = readStdin('Enter your YubiKey PIN: ') new_data['yubikey_pin'] = readStdin('Enter your YubiKey PIN: ')
elif myarg == 'yubikeyserialnumber': elif myarg == 'yubikeyserialnumber':
new_data['yubikey_serial_number'] = getInteger() new_data['yubikey_serial_number'] = getInteger()
elif myarg == 'validityhours':
validityHours = getInteger()
else: else:
unknownArgumentExit() unknownArgumentExit()
@ -39132,7 +39132,7 @@ def _setHoldQuery(body, queryParameters):
if queryParameters.get('coveredData'): if queryParameters.get('coveredData'):
body['query'][queryType]['coveredData'] = queryParameters['coveredData'] body['query'][queryType]['coveredData'] = queryParameters['coveredData']
# gam create vaulthold|hold matter <MatterItem> [name <String>] corpus drive|mail|groups|hangouts_chat # gam create vaulthold|hold matter <MatterItem> [name <String>] corpus calendar|drive|mail|groups|hangouts_chat|voice
# [(accounts|groups|users <EmailItemList>) | (orgunit|org|ou <OrgUnit>)] # [(accounts|groups|users <EmailItemList>) | (orgunit|org|ou <OrgUnit>)]
# [query <QueryVaultCorpus>] # [query <QueryVaultCorpus>]
# [terms <String>] [start|starttime <Date>|<Time>] [end|endtime <Date>|<Time>] # [terms <String>] [start|starttime <Date>|<Time>] [end|endtime <Date>|<Time>]

1
src/gam/gamlib/glapi.py
View File

@ -113,6 +113,7 @@ REQUIRED_SCOPES_SET = set(REQUIRED_SCOPES)
JWT_APIS = { JWT_APIS = {
ACCESSCONTEXTMANAGER: [CLOUD_PLATFORM_SCOPE], ACCESSCONTEXTMANAGER: [CLOUD_PLATFORM_SCOPE],
CHAT: ['https://www.googleapis.com/auth/chat.bot'], CHAT: ['https://www.googleapis.com/auth/chat.bot'],
CLOUDRESOURCEMANAGER: [CLOUD_PLATFORM_SCOPE],
ORGPOLICY: [CLOUD_PLATFORM_SCOPE], ORGPOLICY: [CLOUD_PLATFORM_SCOPE],
} }
# #

4
src/gam/gamlib/glmsgs.py
View File

@ -111,7 +111,7 @@ Proceed to the authentication steps.
SYSTEM_TIME_STATUS = 'System time status' SYSTEM_TIME_STATUS = 'System time status'
YOUR_SYSTEM_TIME_DIFFERS_FROM_GOOGLE = 'Your system time differs from {0} by {1}' YOUR_SYSTEM_TIME_DIFFERS_FROM_GOOGLE = 'Your system time differs from {0} by {1}'
PRESS_ENTER_ONCE_AUTHORIZATION_IS_COMPLETE = 'Press enter once authorization is complete.' PRESS_ENTER_ONCE_AUTHORIZATION_IS_COMPLETE = 'Press enter once authorization is complete.'
SERVICE_ACCOUNT_API_DISABLED = '{0} not enabled. Please run "gam update project" and "gam user user@domain.com check serviceaccount"' SERVICE_ACCOUNT_API_DISABLED = '{0} not enabled. Please run "gam update project" and "gam user user@domain.com update serviceaccount"'
SERVICE_ACCOUNT_PRIVATE_KEY_AUTHENTICATION = 'Service Account Private Key Authentication' SERVICE_ACCOUNT_PRIVATE_KEY_AUTHENTICATION = 'Service Account Private Key Authentication'
SERVICE_ACCOUNT_CHECK_PRIVATE_KEY_AGE = 'Service Account Private Key age; Google recommends rotating keys on a routine basis' SERVICE_ACCOUNT_CHECK_PRIVATE_KEY_AGE = 'Service Account Private Key age; Google recommends rotating keys on a routine basis'
SERVICE_ACCOUNT_PRIVATE_KEY_AGE = 'Service Account Private Key age: {0} days' SERVICE_ACCOUNT_PRIVATE_KEY_AGE = 'Service Account Private Key age: {0} days'
@ -162,7 +162,7 @@ ALREADY_EXISTS_USE_MERGE_ARGUMENT = 'Already exists; use the "merge" argument to
API_ACCESS_DENIED = 'API access Denied' API_ACCESS_DENIED = 'API access Denied'
API_CALLS_RETRY_DATA = 'API calls retry data\n' API_CALLS_RETRY_DATA = 'API calls retry data\n'
API_CHECK_CLIENT_AUTHORIZATION = 'Please make sure the Client ID: {0} is authorized for the appropriate API or scopes:\n{1}\n\nRun: gam oauth create\n' API_CHECK_CLIENT_AUTHORIZATION = 'Please make sure the Client ID: {0} is authorized for the appropriate API or scopes:\n{1}\n\nRun: gam oauth create\n'
API_CHECK_SVCACCT_AUTHORIZATION = 'Please make sure the Service Account Client name: {0} is authorized for the appropriate API or scopes:\n{1}\n\nRun: gam user {2} check serviceaccount\n' API_CHECK_SVCACCT_AUTHORIZATION = 'Please make sure the Service Account Client name: {0} is authorized for the appropriate API or scopes:\n{1}\n\nRun: gam user {2} update serviceaccount\n'
API_ERROR_SETTINGS = 'API error, some settings not set' API_ERROR_SETTINGS = 'API error, some settings not set'
ARE_BOTH_REQUIRED = 'Arguments {0} and {1} are both required' ARE_BOTH_REQUIRED = 'Arguments {0} and {1} are both required'
ARE_MUTUALLY_EXCLUSIVE = 'Arguments {0} and {1} are mutually exclusive' ARE_MUTUALLY_EXCLUSIVE = 'Arguments {0} and {1} are mutually exclusive'