mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-04 12:51:36 +00:00
phase 2 prework 2
This commit is contained in:
@@ -167,30 +167,6 @@ from gam.util.email import ( # noqa: F401 # re-export
|
|||||||
_addAttachmentsToMessage, _addEmbeddedImagesToMessage, send_email,
|
_addAttachmentsToMessage, _addEmbeddedImagesToMessage, send_email,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
IS08601_TIME_FORMAT = '%Y-%m-%dT%H:%M:%S%:z'
|
IS08601_TIME_FORMAT = '%Y-%m-%dT%H:%M:%S%:z'
|
||||||
RFC2822_TIME_FORMAT = '%a, %d %b %Y %H:%M:%S %z'
|
RFC2822_TIME_FORMAT = '%a, %d %b %Y %H:%M:%S %z'
|
||||||
|
|
||||||
@@ -233,208 +209,7 @@ GAM_LATEST_RELEASE = f'https://api.github.com/repos/{GIT_USER}/{GAM}/releases/la
|
|||||||
GAM_PROJECT_CREATION = 'GAM Project Creation'
|
GAM_PROJECT_CREATION = 'GAM Project Creation'
|
||||||
GAM_PROJECT_CREATION_CLIENT_ID = '297408095146-fug707qsjv4ikron0hugpevbrjhkmsk7.apps.googleusercontent.com'
|
GAM_PROJECT_CREATION_CLIENT_ID = '297408095146-fug707qsjv4ikron0hugpevbrjhkmsk7.apps.googleusercontent.com'
|
||||||
|
|
||||||
TRUE = 'true'
|
from gam.constants import *
|
||||||
FALSE = 'false'
|
|
||||||
TRUE_VALUES = [TRUE, 'on', 'yes', 'enabled', '1']
|
|
||||||
FALSE_VALUES = [FALSE, 'off', 'no', 'disabled', '0']
|
|
||||||
TRUE_FALSE = [TRUE, FALSE]
|
|
||||||
ERROR = 'ERROR'
|
|
||||||
ERROR_PREFIX = ERROR+': '
|
|
||||||
WARNING = 'WARNING'
|
|
||||||
WARNING_PREFIX = WARNING+': '
|
|
||||||
ONE_KILO_10_BYTES = 1000
|
|
||||||
ONE_MEGA_10_BYTES = ONE_KILO_10_BYTES*ONE_KILO_10_BYTES
|
|
||||||
ONE_GIGA_10_BYTES = ONE_KILO_10_BYTES*ONE_MEGA_10_BYTES
|
|
||||||
ONE_TERA_10_BYTES = ONE_KILO_10_BYTES*ONE_GIGA_10_BYTES
|
|
||||||
ONE_KILO_BYTES = 1024
|
|
||||||
ONE_MEGA_BYTES = ONE_KILO_BYTES*ONE_KILO_BYTES
|
|
||||||
ONE_GIGA_BYTES = ONE_KILO_BYTES*ONE_MEGA_BYTES
|
|
||||||
ONE_TERA_BYTES = ONE_KILO_BYTES*ONE_GIGA_BYTES
|
|
||||||
DAYS_OF_WEEK = ['Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun']
|
|
||||||
SECONDS_PER_MINUTE = 60
|
|
||||||
SECONDS_PER_HOUR = 3600
|
|
||||||
SECONDS_PER_DAY = 86400
|
|
||||||
SECONDS_PER_WEEK = 604800
|
|
||||||
MAX_GOOGLE_SHEET_CELLS = 10000000 # See https://support.google.com/drive/answer/37603
|
|
||||||
MAX_LOCAL_GOOGLE_TIME_OFFSET = 30
|
|
||||||
SHARED_DRIVE_MAX_FILES_FOLDERS = 500000
|
|
||||||
UTF8 = 'utf-8'
|
|
||||||
UTF8_SIG = 'utf-8-sig'
|
|
||||||
EV_GAMCFGDIR = 'GAMCFGDIR'
|
|
||||||
EV_GAMCFGSECTION = 'GAMCFGSECTION'
|
|
||||||
EV_OLDGAMPATH = 'OLDGAMPATH'
|
|
||||||
FN_GAM_CFG = 'gam.cfg'
|
|
||||||
FN_LAST_UPDATE_CHECK_TXT = 'lastupdatecheck.txt'
|
|
||||||
FN_GAMCOMMANDS_TXT = 'GamCommands.txt'
|
|
||||||
MY_DRIVE = 'My Drive'
|
|
||||||
TEAM_DRIVE = 'Drive'
|
|
||||||
ROOT = 'root'
|
|
||||||
ROOTID = 'rootid'
|
|
||||||
ORPHANS = 'Orphans'
|
|
||||||
SHARED_WITHME = 'SharedWithMe'
|
|
||||||
SHARED_DRIVES = 'SharedDrives'
|
|
||||||
|
|
||||||
LOWERNUMERIC_CHARS = string.ascii_lowercase+string.digits
|
|
||||||
ALPHANUMERIC_CHARS = LOWERNUMERIC_CHARS+string.ascii_uppercase
|
|
||||||
URL_SAFE_CHARS = ALPHANUMERIC_CHARS+'-._~'
|
|
||||||
PASSWORD_SAFE_CHARS = ALPHANUMERIC_CHARS+'!#$%&()*-./:;<=>?@[\\]^_{|}~'
|
|
||||||
FILENAME_SAFE_CHARS = ALPHANUMERIC_CHARS+'-_.() '
|
|
||||||
CHAT_MESSAGEID_CHARS = string.ascii_lowercase+string.digits+'-'
|
|
||||||
|
|
||||||
GOOGLE_MEETID_PATTERN = re.compile(r'^[a-z]{3}-[a-z]{4}-[a-z]{3}$')
|
|
||||||
GOOGLE_MEETID_FORMAT_REQUIRED = 'abc-defg-hij'
|
|
||||||
|
|
||||||
ADMIN_ACCESS_OPTIONS = {'adminaccess', 'asadmin'}
|
|
||||||
OWNER_ACCESS_OPTIONS = {'owneraccess', 'asowner'}
|
|
||||||
|
|
||||||
# Python 3 values
|
|
||||||
DEFAULT_CSV_READ_MODE = 'r'
|
|
||||||
DEFAULT_FILE_APPEND_MODE = 'a'
|
|
||||||
DEFAULT_FILE_READ_MODE = 'r'
|
|
||||||
DEFAULT_FILE_WRITE_MODE = 'w'
|
|
||||||
|
|
||||||
# Google API constants
|
|
||||||
APPLICATION_VND_GOOGLE_APPS = 'application/vnd.google-apps.'
|
|
||||||
MIMETYPE_GA_DOCUMENT = f'{APPLICATION_VND_GOOGLE_APPS}document'
|
|
||||||
MIMETYPE_GA_DRAWING = f'{APPLICATION_VND_GOOGLE_APPS}drawing'
|
|
||||||
MIMETYPE_GA_FILE = f'{APPLICATION_VND_GOOGLE_APPS}file'
|
|
||||||
MIMETYPE_GA_FOLDER = f'{APPLICATION_VND_GOOGLE_APPS}folder'
|
|
||||||
MIMETYPE_GA_FORM = f'{APPLICATION_VND_GOOGLE_APPS}form'
|
|
||||||
MIMETYPE_GA_FUSIONTABLE = f'{APPLICATION_VND_GOOGLE_APPS}fusiontable'
|
|
||||||
MIMETYPE_GA_JAM = f'{APPLICATION_VND_GOOGLE_APPS}jam'
|
|
||||||
MIMETYPE_GA_MAP = f'{APPLICATION_VND_GOOGLE_APPS}map'
|
|
||||||
MIMETYPE_GA_PRESENTATION = f'{APPLICATION_VND_GOOGLE_APPS}presentation'
|
|
||||||
MIMETYPE_GA_SCRIPT = f'{APPLICATION_VND_GOOGLE_APPS}script'
|
|
||||||
MIMETYPE_GA_SCRIPT_JSON = f'{APPLICATION_VND_GOOGLE_APPS}script+json'
|
|
||||||
MIMETYPE_GA_SHORTCUT = f'{APPLICATION_VND_GOOGLE_APPS}shortcut'
|
|
||||||
MIMETYPE_GA_3P_SHORTCUT = f'{APPLICATION_VND_GOOGLE_APPS}drive-sdk'
|
|
||||||
MIMETYPE_GA_SITE = f'{APPLICATION_VND_GOOGLE_APPS}site'
|
|
||||||
MIMETYPE_GA_SPREADSHEET = f'{APPLICATION_VND_GOOGLE_APPS}spreadsheet'
|
|
||||||
MIMETYPE_TEXT_CSV = 'text/csv'
|
|
||||||
MIMETYPE_TEXT_HTML = 'text/html'
|
|
||||||
MIMETYPE_TEXT_PLAIN = 'text/plain'
|
|
||||||
|
|
||||||
GOOGLE_NAMESERVERS = ['8.8.8.8', '8.8.4.4']
|
|
||||||
GOOGLE_TIMECHECK_LOCATION = 'admin.googleapis.com'
|
|
||||||
NEVER_DATE = '1970-01-01'
|
|
||||||
NEVER_DATETIME = '1970-01-01 00:00'
|
|
||||||
NEVER_TIME = '1970-01-01T00:00:00.000Z'
|
|
||||||
NEVER_TIME_NOMS = '1970-01-01T00:00:00Z'
|
|
||||||
NEVER_END_DATE = '1969-12-31'
|
|
||||||
NEVER_START_DATE = NEVER_DATE
|
|
||||||
PROJECTION_CHOICE_MAP = {'basic': 'BASIC', 'full': 'FULL'}
|
|
||||||
REFRESH_EXPIRY = '1970-01-01T00:00:01Z'
|
|
||||||
REPLACE_GROUP_PATTERN = re.compile(r'\\(\d+)')
|
|
||||||
UNKNOWN = 'Unknown'
|
|
||||||
|
|
||||||
# Queries
|
|
||||||
ME_IN_OWNERS = "'me' in owners"
|
|
||||||
ME_IN_OWNERS_AND = ME_IN_OWNERS+" and "
|
|
||||||
AND_ME_IN_OWNERS = " and "+ME_IN_OWNERS
|
|
||||||
NOT_ME_IN_OWNERS = "not "+ME_IN_OWNERS
|
|
||||||
NOT_ME_IN_OWNERS_AND = NOT_ME_IN_OWNERS+" and "
|
|
||||||
AND_NOT_ME_IN_OWNERS = " and "+NOT_ME_IN_OWNERS
|
|
||||||
ANY_FOLDERS = "mimeType = '"+MIMETYPE_GA_FOLDER+"'"
|
|
||||||
MY_FOLDERS = ME_IN_OWNERS_AND+ANY_FOLDERS
|
|
||||||
NON_TRASHED = "trashed = false"
|
|
||||||
WITH_PARENTS = "'{0}' in parents"
|
|
||||||
ANY_NON_TRASHED_WITH_PARENTS = "trashed = false and '{0}' in parents"
|
|
||||||
ANY_NON_TRASHED_FOLDER_NAME = "mimeType = '"+MIMETYPE_GA_FOLDER+"' and name = '{0}' and trashed = false"
|
|
||||||
MY_NON_TRASHED_FOLDER_NAME = ME_IN_OWNERS_AND+ANY_NON_TRASHED_FOLDER_NAME
|
|
||||||
MY_NON_TRASHED_FOLDER_NAME_WITH_PARENTS = ME_IN_OWNERS_AND+"mimeType = '"+MIMETYPE_GA_FOLDER+"' and name = '{0}' and trashed = false and '{1}' in parents"
|
|
||||||
ANY_NON_TRASHED_FOLDER_NAME_WITH_PARENTS = "mimeType = '"+MIMETYPE_GA_FOLDER+"' and name = '{0}' and trashed = false and '{1}' in parents"
|
|
||||||
WITH_ANY_FILE_NAME = "name = '{0}'"
|
|
||||||
WITH_MY_FILE_NAME = ME_IN_OWNERS_AND+WITH_ANY_FILE_NAME
|
|
||||||
WITH_OTHER_FILE_NAME = NOT_ME_IN_OWNERS_AND+WITH_ANY_FILE_NAME
|
|
||||||
AND_NOT_SHORTCUT = " and mimeType != '"+MIMETYPE_GA_SHORTCUT+"'"
|
|
||||||
|
|
||||||
# Program return codes
|
|
||||||
UNKNOWN_ERROR_RC = 1
|
|
||||||
USAGE_ERROR_RC = 2
|
|
||||||
SOCKET_ERROR_RC = 3
|
|
||||||
GOOGLE_API_ERROR_RC = 4
|
|
||||||
NETWORK_ERROR_RC = 5
|
|
||||||
FILE_ERROR_RC = 6
|
|
||||||
MEMORY_ERROR_RC = 7
|
|
||||||
KEYBOARD_INTERRUPT_RC = 8
|
|
||||||
HTTP_ERROR_RC = 9
|
|
||||||
SCOPES_NOT_AUTHORIZED_RC = 10
|
|
||||||
DATA_ERROR_RC = 11
|
|
||||||
API_ACCESS_DENIED_RC = 12
|
|
||||||
CONFIG_ERROR_RC = 13
|
|
||||||
SYSTEM_ERROR_RC = 14
|
|
||||||
NO_SCOPES_FOR_API_RC = 15
|
|
||||||
CLIENT_SECRETS_JSON_REQUIRED_RC = 16
|
|
||||||
OAUTH2SERVICE_JSON_REQUIRED_RC = 16
|
|
||||||
OAUTH2_TXT_REQUIRED_RC = 16
|
|
||||||
INVALID_JSON_RC = 17
|
|
||||||
JSON_ALREADY_EXISTS_RC = 17
|
|
||||||
AUTHENTICATION_TOKEN_REFRESH_ERROR_RC = 18
|
|
||||||
HARD_ERROR_RC = 19
|
|
||||||
# Information
|
|
||||||
ENTITY_IS_A_USER_RC = 20
|
|
||||||
ENTITY_IS_A_USER_ALIAS_RC = 21
|
|
||||||
ENTITY_IS_A_GROUP_RC = 22
|
|
||||||
ENTITY_IS_A_GROUP_ALIAS_RC = 23
|
|
||||||
ENTITY_IS_AN_UNMANAGED_ACCOUNT_RC = 24
|
|
||||||
ORGUNIT_NOT_EMPTY_RC = 25
|
|
||||||
USER_SUSPENDED_RC = 26
|
|
||||||
CHECK_USER_GROUPS_ERROR_RC = 29
|
|
||||||
ORPHANS_COLLECTED_RC = 30
|
|
||||||
# Warnings/Errors
|
|
||||||
ACTION_FAILED_RC = 50
|
|
||||||
ACTION_NOT_PERFORMED_RC = 51
|
|
||||||
INVALID_ENTITY_RC = 52
|
|
||||||
BAD_REQUEST_RC = 53
|
|
||||||
ENTITY_IS_NOT_UNIQUE_RC = 54
|
|
||||||
DATA_NOT_AVALIABLE_RC = 55
|
|
||||||
ENTITY_DOES_NOT_EXIST_RC = 56
|
|
||||||
ENTITY_DUPLICATE_RC = 57
|
|
||||||
ENTITY_IS_NOT_AN_ALIAS_RC = 58
|
|
||||||
ENTITY_IS_UKNOWN_RC = 59
|
|
||||||
NO_ENTITIES_FOUND_RC = 60
|
|
||||||
INVALID_DOMAIN_RC = 61
|
|
||||||
INVALID_DOMAIN_VALUE_RC = 62
|
|
||||||
INVALID_TOKEN_RC = 63
|
|
||||||
JSON_LOADS_ERROR_RC = 64
|
|
||||||
MULTIPLE_DELETED_USERS_FOUND_RC = 65
|
|
||||||
MULTIPLE_PROJECT_FOLDERS_FOUND_RC = 65
|
|
||||||
STDOUT_STDERR_ERROR_RC = 66
|
|
||||||
INSUFFICIENT_PERMISSIONS_RC = 67
|
|
||||||
REQUEST_COMPLETED_NO_RESULTS_RC = 71
|
|
||||||
REQUEST_NOT_COMPLETED_RC = 72
|
|
||||||
SERVICE_NOT_APPLICABLE_RC = 73
|
|
||||||
TARGET_DRIVE_SPACE_ERROR_RC = 74
|
|
||||||
USER_REQUIRED_TO_CHANGE_PASSWORD_ERROR_RC = 75
|
|
||||||
USER_SUSPENDED_ERROR_RC = 76
|
|
||||||
NO_CSV_DATA_TO_UPLOAD_RC = 77
|
|
||||||
NO_SA_ACCESS_CONTEXT_MANAGER_EDITOR_ROLE_RC = 78
|
|
||||||
ACCESS_POLICY_ERROR_RC = 79
|
|
||||||
YUBIKEY_CONNECTION_ERROR_RC = 80
|
|
||||||
YUBIKEY_INVALID_KEY_TYPE_RC = 81
|
|
||||||
YUBIKEY_INVALID_SLOT_RC = 82
|
|
||||||
YUBIKEY_INVALID_PIN_RC = 83
|
|
||||||
YUBIKEY_APDU_ERROR_RC = 84
|
|
||||||
YUBIKEY_VALUE_ERROR_RC = 85
|
|
||||||
YUBIKEY_MULTIPLE_CONNECTED_RC = 86
|
|
||||||
YUBIKEY_NOT_FOUND_RC = 87
|
|
||||||
|
|
||||||
DEBUG_REDACTION_PATTERNS = [
|
|
||||||
# Positional patterns that redact sensitive credentials based on their location
|
|
||||||
(r'(Bearer\s+)\S+', r'\1*****'), # access tokens and JWTs in auth header
|
|
||||||
(r'([?&]refresh_token=)[^&]*', r'\1*****'), # refresh token URL parameter
|
|
||||||
(r'([?&]client_secret=)[^&]*', r'\1*****'), # client secret URL parameter
|
|
||||||
(r'([?&]key=)[^&]*', r'\1*****'), # API key URL parameter
|
|
||||||
(r'([?&]code=)[^&]*', r'\1*****'), # auth code URL parameter
|
|
||||||
|
|
||||||
# Pattern match patterns that redact sensitive credentials based on known credential pattern
|
|
||||||
(r'ya29.[0-9A-Za-z-_]+', '*****'), # Access token
|
|
||||||
(r'1%2F%2F[0-9A-Za-z-_]{100}|1%2F%2F[0-9A-Za-z-_]{64}|1%2F%2F[0-9A-Za-z-_]{43}', '*****'), # Refresh token
|
|
||||||
(r'4/[0-9A-Za-z-_]+', '*****'), # Auth code
|
|
||||||
(r'GOCSPX-[0-9a-zA-Z-_]{28}', '*****'), # Client secret
|
|
||||||
(r'AIza[0-9A-Za-z-_]{35}', '*****'), # API key
|
|
||||||
(r'eyJ[a-zA-Z0-9\-_]+\.eyJ[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]*', '*****'), # JWT
|
|
||||||
]
|
|
||||||
|
|
||||||
def redactable_debug_print(*args):
|
def redactable_debug_print(*args):
|
||||||
processed_args = []
|
processed_args = []
|
||||||
|
|||||||
Reference in New Issue
Block a user