From 34e42a107675582ee1b2f2c51ba8f501da76fffc Mon Sep 17 00:00:00 2001 From: Ross Scroggs Date: Sun, 3 Sep 2023 19:16:56 -0700 Subject: [PATCH] Added option `addcsvdata ` to commands that print calendar acsl --- docs/Administrators.md | 15 ++++++++++ docs/Authorization.md | 7 +++-- docs/Calendars-Access.md | 9 ++++-- docs/GamUpdates.md | 11 +++++++ docs/Resources.md | 5 +++- docs/Users-Calendars-Access.md | 5 +++- src/GamCommands.txt | 10 +++---- src/GamUpdate.txt | 11 +++++++ src/gam/__init__.py | 53 ++++++++++++++++++++++++---------- 9 files changed, 99 insertions(+), 27 deletions(-) diff --git a/docs/Administrators.md b/docs/Administrators.md index 931b1267..b636756d 100644 --- a/docs/Administrators.md +++ b/docs/Administrators.md @@ -8,6 +8,7 @@ - [Create an administrator](#create-an-administrator) - [Delete an administrator](#delete-an-administrator) - [Display administrators](#display-administrators) +- [Copy roles from one administrator to another](#copy-roles-from-one-administrator-to-another) ## Administrator roles documentation * https://support.google.com/a/answer/33325?ref_topic=4514341 @@ -856,6 +857,7 @@ gam show adminroles|roles [todrive *] [privileges] * `privileges` - Display privileges associated with each role ## Create an administrator +Add an administrator role to an administrator. ``` gam create admin | customer|(org_unit ) [condition securitygroup|nonsecuritygroup] @@ -868,6 +870,7 @@ The option `condition` limits the conditions for delegate admin access. This cur * `condition nonsecuritygroup` - limit the delegated admin to managing non-security groups ## Delete an administrator +Remove an administrator role from an administrator. ``` gam delete admin ``` @@ -888,3 +891,15 @@ options to limit the display: In versions prior to 6.07.01, specification of both `user ` and `role ` generated no output due to an undocumented API rule that disallows both. + +## Copy roles from one administrator to another +Get roles for current admin. +``` +gam redirect csv ./CurrentAdminRoles.csv print admins user currentadmin@domain.com +``` +Add roles to new admin. +``` +gam config csv_input_row_filter "scopeType:regex:CUSTOMER" redirect stdout ./UpdateNewAdminCustomerRoles.txt multiprocess redirect stderr stdout csv CurrentAdminRoles.csv gam create admin newadmin@domain.com "id:~~roleId~~" customer +gam config csv_input_row_filter "scopeType:regex:ORG_UNIT" redirect stdout ./UpdateNewAdminOrgUnitRoles.txt multiprocess redirect stderr stdout csv CurrentAdminRoles.csv gam create admin newadmin@domain.com "id:~~roleId~~" org_unit "id:~~orgUnitId~~" +``` + diff --git a/docs/Authorization.md b/docs/Authorization.md index bf794524..109a1e7c 100644 --- a/docs/Authorization.md +++ b/docs/Authorization.md @@ -232,8 +232,11 @@ Create a new project to create and download two files: `client_secrets.json` for On-screen instructions lead you through the process. An existing project, `GAM Project Creation`, is used to create your GAM project. The initial instructions tell you how to -enable this project as a trusted app as your workspace may not allow untrusted third-party apps. You can skip these steps -if you know that untrusted third-party apps are allowed. +enable this project as a trusted app as your workspace may not allow untrusted third-party apps. +This is recommended but not mandatory unless your workspace has "Google Cloud" service restricted: +* https://support.google.com/a/answer/7281227?hl=en#zippy=%2Crestrict-or-unrestrict-google-services + +If it is restricted and you complete this step it may take an hour or so to take full affect and allow you to approve GAM project creation. The final instructions tell you how to enable your new GAM project as a trusted app as your workspace may not allow untrusted third-party apps. You can skip these steps if you know that untrusted third-party apps are allowed. diff --git a/docs/Calendars-Access.md b/docs/Calendars-Access.md index eebfb9b3..74727cb2 100644 --- a/docs/Calendars-Access.md +++ b/docs/Calendars-Access.md @@ -57,11 +57,14 @@ By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. ``` gam calendars print acls|calendaracls [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] ``` Option `noselfowner` suppresses the display of ACLs that reference the calendar itself as its owner. +Add additional columns of data from the command line to the output +* `addcsvdata ` + By default, when writing CSV files, Gam uses a quote character of double quote `"`. The quote character is used to enclose columns that contain the quote character itself, the column delimiter (comma by default) and new-line characters. Any quote characters within the column are doubled. When using the `formatjson` option, double quotes are used extensively in the data resulting in hard to read/process output. @@ -75,7 +78,9 @@ gam calendar add ([user] )|(gro gam calendar update ([user] )|(group )|(domain [])|default [sendnotifications ] gam calendar delete [] ([user] )|(group )|(domain [])|default gam calendar showacl [formatjson] -gam calendar printacl [todrive *] [formatjson [quotechar ]] +gam calendar printacl [todrive *] + (addcsvdata )* + [formatjson [quotechar ]] ``` By default, when you add or update a calendar ACL, notification is sent to the members referenced in the ``. Use `sendnotifications false` to suppress sending the notification. diff --git a/docs/GamUpdates.md b/docs/GamUpdates.md index f52dd1b6..931d8365 100644 --- a/docs/GamUpdates.md +++ b/docs/GamUpdates.md @@ -12,6 +12,17 @@ See [Downloads](https://github.com/taers232c/GAMADV-XTD3/wiki/Downloads) for Win ### 6.63.10 +Added option `addcsvdata ` to these commands. This adds additional columns of data to the CSV file output +when the `csv` option is used. If a CSV file of calendar information is being used to specify the calenders, fields, e.g., summary +can be added to the ACL output file. +``` +gam print calendaracls +gam resource print calendaracls +gam resources print calendaracls +gam calendar printacl +gam calendars print acls +``` + Added commands to show the number of CrOS devices or Users in an entity. ``` gam show count diff --git a/docs/Resources.md b/docs/Resources.md index a3c74bc9..20b98bc5 100644 --- a/docs/Resources.md +++ b/docs/Resources.md @@ -274,11 +274,14 @@ By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. ``` gam resources print acls|calendaracls [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] ``` Option `noselfowner` suppresses the display of ACLs that reference the calendar itself as its owner. +Add additional columns of data from the command line to the output +* `addcsvdata ` + By default, Gam displays the information as columns of fields; the following option causes the output to be in JSON format, * `formatjson` - Display the fields in JSON format. diff --git a/docs/Users-Calendars-Access.md b/docs/Users-Calendars-Access.md index ae76fa3b..d2f8ae6d 100644 --- a/docs/Users-Calendars-Access.md +++ b/docs/Users-Calendars-Access.md @@ -117,11 +117,14 @@ By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. ``` gam print calendaracls [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] ``` Option `noselfowner` suppresses the display of ACLs that reference the calendar itself as its owner. +Add additional columns of data from the command line to the output +* `addcsvdata ` + By default, when writing CSV files, Gam uses a quote character of double quote `"`. The quote character is used to enclose columns that contain the quote character itself, the column delimiter (comma by default) and new-line characters. Any quote characters within the column are doubled. When using the `formatjson` option, double quotes are used extensively in the data resulting in hard to read/process output. diff --git a/src/GamCommands.txt b/src/GamCommands.txt index bb14c476..013bc672 100644 --- a/src/GamCommands.txt +++ b/src/GamCommands.txt @@ -1530,7 +1530,7 @@ gam calendars show acls|calendaracls [noselfowner] [formatjson] gam calendars print acls|calendaracls [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] gam calendar create|add ([user] )|(group )|(domain [])|default [sendnotifications ] @@ -1540,7 +1540,7 @@ gam calendar showacl [noselfowner] [formatjson] gam calendar printacl [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] ::= optional|required @@ -4322,7 +4322,7 @@ gam resource show acls|calendaracls [noselfowner] [formatjson] gam resource print acls|calendaracls [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] gam resources create|add acls|calendaracls [sendnotifications ] @@ -4334,7 +4334,7 @@ gam resources show acls|calendaracls [noselfowner] [formatjson] gam resources print acls|calendaracls [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] # Schemas @@ -5496,7 +5496,7 @@ gam show calendaracls [noselfowner] [formatjson] gam print calendaracls [todrive *] - [noselfowner] + [noselfowner] (addcsvdata )* [formatjson [quotechar ]] Transfer ownership of a selection of users calendars to another user diff --git a/src/GamUpdate.txt b/src/GamUpdate.txt index 6a88de2c..0d0daaba 100644 --- a/src/GamUpdate.txt +++ b/src/GamUpdate.txt @@ -4,6 +4,17 @@ Merged GAM-Team version 6.63.10 +Added option `addcsvdata ` to these commands. This adds additional columns of data to the CSV file output +when the `csv` option is used. If a CSV file of calendar information is being used to specify the calenders, fields, e.g., summary +can be added to the ACL output file. +``` +gam print calendaracls +gam resource print calendaracls +gam resources print calendaracls +gam calendar printacl +gam calendars print acls +``` + Added commands to show the number of CrOS devices or Users in an entity. ``` gam show count diff --git a/src/gam/__init__.py b/src/gam/__init__.py index de715eb0..985dff3b 100755 --- a/src/gam/__init__.py +++ b/src/gam/__init__.py @@ -34834,7 +34834,7 @@ def doCalendarsInfoACLs(calIds): FJQC = _getCalendarInfoACLOptions() _doInfoCalendarACLs(None, None, None, calIds, len(calIds), ACLScopeEntity, FJQC) -def _printShowCalendarACLs(cal, user, entityType, calId, i, count, csvPF, FJQC, noSelfOwner): +def _printShowCalendarACLs(cal, user, entityType, calId, i, count, csvPF, FJQC, noSelfOwner, addCSVData): if csvPF: printGettingEntityItemForWhom(Ent.CALENDAR_ACL, calId, i, count) try: @@ -34873,6 +34873,8 @@ def _printShowCalendarACLs(cal, user, entityType, calId, i, count, csvPF, FJQC, row = {'calendarId': calId} if user: row['primaryEmail'] = user + if addCSVData: + row.update(addCSVData) flattenJSON(rule, flattened=row) if not FJQC.formatJSON: csvPF.WriteRowTitles(row) @@ -34881,6 +34883,8 @@ def _printShowCalendarACLs(cal, user, entityType, calId, i, count, csvPF, FJQC, ensure_ascii=False, sort_keys=False)} if user: row['primaryEmail'] = user + if addCSVData: + row.update(addCSVData) csvPF.WriteRowNoFilter(row) elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT] and user: csvPF.WriteRowNoFilter({'calendarId': calId, 'primaryEmail': user}) @@ -34888,41 +34892,58 @@ def _printShowCalendarACLs(cal, user, entityType, calId, i, count, csvPF, FJQC, for rule in acls: if noSelfOwner and rule['role'] == 'owner' and rule['scope']['value'] == calId: continue - row = flattenJSON(rule, flattened={'resourceId': user, 'resourceEmail': calId}) + row = {'resourceId': user, 'resourceEmail': calId} + if addCSVData: + row.update(addCSVData) + flattenJSON(rule, flattened=row) if not FJQC.formatJSON: csvPF.WriteRowTitles(row) elif csvPF.CheckRowTitles(row): - csvPF.WriteRowNoFilter({'resourceId': user, 'resourceEmail': calId, - 'JSON': json.dumps(cleanJSON(rule), ensure_ascii=False, sort_keys=False)}) + row = {'resourceId': user, 'resourceEmail': calId, 'JSON': json.dumps(cleanJSON(rule), + ensure_ascii=False, sort_keys=False)} + if addCSVData: + row.update(addCSVData) + csvPF.WriteRowNoFilter(row) def _getCalendarPrintShowACLOptions(titles): csvPF = CSVPrintFile(titles, 'sortall') if Act.csvFormat() else None FJQC = FormatJSONQuoteChar(csvPF) noSelfOwner = False + addCSVData = {} while Cmd.ArgumentsRemaining(): myarg = getArgument() if csvPF and myarg == 'todrive': csvPF.GetTodriveParameters() elif myarg == 'noselfowner': noSelfOwner = True + elif csvPF and myarg == 'addcsvdata': + k = getString(Cmd.OB_STRING) + addCSVData[k] = getString(Cmd.OB_STRING, minLen=0) else: FJQC.GetFormatJSONQuoteChar(myarg, True) - return (csvPF, FJQC, noSelfOwner) + if csvPF: + if addCSVData: + csvPF.AddTitles(sorted(addCSVData.keys())) + if FJQC.formatJSON: + csvPF.AddJSONTitles(sorted(addCSVData.keys())) + csvPF.MoveJSONTitlesToEnd(['JSON']) + csvPF.SetSortAllTitles() + return (csvPF, FJQC, noSelfOwner, addCSVData) # gam calendars print acls [todrive *] -# [noselfowner] +# [noselfowner] (addcsvdata )* # [formatjson [quotechar ]] # gam calendars show acls # [noselfowner] # [formatjson] # gam calendar printacl [todrive *] -# [noselfowner] +# [noselfowner] (addcsvdata )* # [formatjson] # gam calendar showacl # [noselfowner] # [formatjson] def doCalendarsPrintShowACLs(calIds): - csvPF, FJQC, noSelfOwner = _getCalendarPrintShowACLOptions(['calendarId']) + csvPF, FJQC, noSelfOwner, addCSVData = _getCalendarPrintShowACLOptions(['calendarId']) count = len(calIds) i = 0 for calId in calIds: @@ -34930,7 +34951,7 @@ def doCalendarsPrintShowACLs(calIds): calId, cal = validateCalendar(calId, i, count) if not cal: continue - _printShowCalendarACLs(cal, None, Ent.CALENDAR, calId, i, count, csvPF, FJQC, noSelfOwner) + _printShowCalendarACLs(cal, None, Ent.CALENDAR, calId, i, count, csvPF, FJQC, noSelfOwner, addCSVData) if csvPF: csvPF.writeCSVfile('Calendar ACLs') @@ -36490,10 +36511,10 @@ def doResourceInfoCalendarACLs(entityList): _infoCalendarACLs(cal, resourceId, Ent.RESOURCE_CALENDAR, calId, i, count, ruleIds, jcount, FJQC) # gam resource print calendaracls [todrive *] -# [noselfowner] +# [noselfowner] (addcsvdata )* # [formatjson [quotechar ]] # gam resources print calendaracls [todrive *] -# [noselfowner] +# [noselfowner] (addcsvdata )* # [formatjson [quotechar ]] # gam resource show calendaracls # [noselfowner] @@ -36503,7 +36524,7 @@ def doResourceInfoCalendarACLs(entityList): # [formatjson] def doResourcePrintShowCalendarACLs(entityList): cal = buildGAPIObject(API.CALENDAR) - csvPF, FJQC, noSelfOwner = _getCalendarPrintShowACLOptions(['resourceId', 'resourceEmail']) + csvPF, FJQC, noSelfOwner, addCSVData = _getCalendarPrintShowACLOptions(['resourceId', 'resourceEmail']) i = 0 count = len(entityList) for resourceId in entityList: @@ -36511,7 +36532,7 @@ def doResourcePrintShowCalendarACLs(entityList): calId = _validateResourceId(resourceId, i, count) if not calId: continue - _printShowCalendarACLs(cal, resourceId, Ent.RESOURCE_CALENDAR, calId, i, count, csvPF, FJQC, noSelfOwner) + _printShowCalendarACLs(cal, resourceId, Ent.RESOURCE_CALENDAR, calId, i, count, csvPF, FJQC, noSelfOwner, addCSVData) if csvPF: csvPF.writeCSVfile('Resource Calendar ACLs') @@ -47358,14 +47379,14 @@ def infoCalendarACLs(users): Ind.Decrement() # gam print calendaracls [todrive *] -# [noselfowner] +# [noselfowner] (addcsvdata )* # [formatjson [quotechar ]] # gam show calendaracls # [noselfowner] # [formatjson] def printShowCalendarACLs(users): calendarEntity = getUserCalendarEntity(default='all') - csvPF, FJQC, noSelfOwner = _getCalendarPrintShowACLOptions(['primaryEmail', 'calendarId']) + csvPF, FJQC, noSelfOwner, addCSVData = _getCalendarPrintShowACLOptions(['primaryEmail', 'calendarId']) i, count, users = getEntityArgument(users) for user in users: i += 1 @@ -47377,7 +47398,7 @@ def printShowCalendarACLs(users): for calId in calIds: j += 1 calId = convertUIDtoEmailAddress(calId) - _printShowCalendarACLs(cal, user, Ent.CALENDAR, calId, j, jcount, csvPF, FJQC, noSelfOwner) + _printShowCalendarACLs(cal, user, Ent.CALENDAR, calId, j, jcount, csvPF, FJQC, noSelfOwner, addCSVData) Ind.Decrement() if csvPF: csvPF.writeCSVfile('Calendar ACLs')