mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-03 20:31:35 +00:00
Updated gam create project to handle the following error:
ERROR: 403: permissionDenied - Authentication error: 7; Error Details: User not allowed to access GCP services.
This commit is contained in:
@@ -10,6 +10,15 @@ Add the `-s` option to the end of the above commands to suppress creating the `g
|
|||||||
|
|
||||||
See [Downloads](https://github.com/taers232c/GAMADV-XTD3/wiki/Downloads) for Windows or other options, including manual installation
|
See [Downloads](https://github.com/taers232c/GAMADV-XTD3/wiki/Downloads) for Windows or other options, including manual installation
|
||||||
|
|
||||||
|
### 6.71.15
|
||||||
|
|
||||||
|
Updated `gam create project` to handle the following error:
|
||||||
|
```
|
||||||
|
ERROR: 403: permissionDenied - Authentication error: 7; Error Details: User not allowed to access GCP services.
|
||||||
|
```
|
||||||
|
This error occurs when the Google Workspace admin or GCP project manager email address used in the command
|
||||||
|
is in an OU where Google Cloud Platform is not enabled in Apps/Additional Google services.
|
||||||
|
|
||||||
### 6.71.14
|
### 6.71.14
|
||||||
|
|
||||||
Added a command to update a Gmail label's settings by specifying it's ID rather than it's name.
|
Added a command to update a Gmail label's settings by specifying it's ID rather than it's name.
|
||||||
|
|||||||
@@ -334,7 +334,7 @@ writes the credentials into the file oauth2.txt.
|
|||||||
admin@server:/Users/admin/bin/gamadv-xtd3$ rm -f /Users/admin/GAMConfig/oauth2.txt
|
admin@server:/Users/admin/bin/gamadv-xtd3$ rm -f /Users/admin/GAMConfig/oauth2.txt
|
||||||
admin@server:/Users/admin/bin/gamadv-xtd3$ ./gam version
|
admin@server:/Users/admin/bin/gamadv-xtd3$ ./gam version
|
||||||
WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found
|
WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found
|
||||||
GAMADV-XTD3 6.71.14 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
GAMADV-XTD3 6.71.15 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
||||||
Ross Scroggs <ross.scroggs@gmail.com>
|
Ross Scroggs <ross.scroggs@gmail.com>
|
||||||
Python 3.12.2 64-bit final
|
Python 3.12.2 64-bit final
|
||||||
MacOS Sonoma 14.2.1 x86_64
|
MacOS Sonoma 14.2.1 x86_64
|
||||||
@@ -1006,7 +1006,7 @@ writes the credentials into the file oauth2.txt.
|
|||||||
C:\GAMADV-XTD3>del C:\GAMConfig\oauth2.txt
|
C:\GAMADV-XTD3>del C:\GAMConfig\oauth2.txt
|
||||||
C:\GAMADV-XTD3>gam version
|
C:\GAMADV-XTD3>gam version
|
||||||
WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found
|
WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found
|
||||||
GAMADV-XTD3 6.71.14 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
GAMADV-XTD3 6.71.15 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
||||||
Ross Scroggs <ross.scroggs@gmail.com>
|
Ross Scroggs <ross.scroggs@gmail.com>
|
||||||
Python 3.12.2 64-bit final
|
Python 3.12.2 64-bit final
|
||||||
Windows-10-10.0.17134 AMD64
|
Windows-10-10.0.17134 AMD64
|
||||||
|
|||||||
@@ -3,7 +3,7 @@
|
|||||||
Print the current version of Gam with details
|
Print the current version of Gam with details
|
||||||
```
|
```
|
||||||
gam version
|
gam version
|
||||||
GAMADV-XTD3 6.71.14 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
GAMADV-XTD3 6.71.15 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
||||||
Ross Scroggs <ross.scroggs@gmail.com>
|
Ross Scroggs <ross.scroggs@gmail.com>
|
||||||
Python 3.12.2 64-bit final
|
Python 3.12.2 64-bit final
|
||||||
MacOS Sonoma 14.2.1 x86_64
|
MacOS Sonoma 14.2.1 x86_64
|
||||||
@@ -15,7 +15,7 @@ Time: 2023-06-02T21:10:00-07:00
|
|||||||
Print the current version of Gam with details and time offset information
|
Print the current version of Gam with details and time offset information
|
||||||
```
|
```
|
||||||
gam version timeoffset
|
gam version timeoffset
|
||||||
GAMADV-XTD3 6.71.14 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
GAMADV-XTD3 6.71.15 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
||||||
Ross Scroggs <ross.scroggs@gmail.com>
|
Ross Scroggs <ross.scroggs@gmail.com>
|
||||||
Python 3.12.2 64-bit final
|
Python 3.12.2 64-bit final
|
||||||
MacOS Sonoma 14.2.1 x86_64
|
MacOS Sonoma 14.2.1 x86_64
|
||||||
@@ -27,7 +27,7 @@ Your system time differs from www.googleapis.com by less than 1 second
|
|||||||
Print the current version of Gam with extended details and SSL information
|
Print the current version of Gam with extended details and SSL information
|
||||||
```
|
```
|
||||||
gam version extended
|
gam version extended
|
||||||
GAMADV-XTD3 6.71.14 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
GAMADV-XTD3 6.71.15 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
|
||||||
Ross Scroggs <ross.scroggs@gmail.com>
|
Ross Scroggs <ross.scroggs@gmail.com>
|
||||||
Python 3.12.2 64-bit final
|
Python 3.12.2 64-bit final
|
||||||
MacOS Sonoma 14.2.1 x86_64
|
MacOS Sonoma 14.2.1 x86_64
|
||||||
@@ -64,7 +64,7 @@ MacOS High Sierra 10.13.6 x86_64
|
|||||||
Path: /Users/Admin/bin/gamadv-xtd3
|
Path: /Users/Admin/bin/gamadv-xtd3
|
||||||
Version Check:
|
Version Check:
|
||||||
Current: 5.35.08
|
Current: 5.35.08
|
||||||
Latest: 6.71.14
|
Latest: 6.71.15
|
||||||
echo $?
|
echo $?
|
||||||
1
|
1
|
||||||
```
|
```
|
||||||
@@ -72,7 +72,7 @@ echo $?
|
|||||||
Print the current version number without details
|
Print the current version number without details
|
||||||
```
|
```
|
||||||
gam version simple
|
gam version simple
|
||||||
6.71.14
|
6.71.15
|
||||||
```
|
```
|
||||||
In Linux/MacOS you can do:
|
In Linux/MacOS you can do:
|
||||||
```
|
```
|
||||||
@@ -82,7 +82,7 @@ echo $VER
|
|||||||
Print the current version of Gam and address of this Wiki
|
Print the current version of Gam and address of this Wiki
|
||||||
```
|
```
|
||||||
gam help
|
gam help
|
||||||
GAM 6.71.14 - https://github.com/taers232c/GAMADV-XTD3
|
GAM 6.71.15 - https://github.com/taers232c/GAMADV-XTD3
|
||||||
Ross Scroggs <ross.scroggs@gmail.com>
|
Ross Scroggs <ross.scroggs@gmail.com>
|
||||||
Python 3.12.2 64-bit final
|
Python 3.12.2 64-bit final
|
||||||
MacOS Sonoma 14.2.1 x86_64
|
MacOS Sonoma 14.2.1 x86_64
|
||||||
|
|||||||
@@ -1843,7 +1843,7 @@ gam calendar <CalendarEntity> deleteevent (id|eventid <EventID>)+ [doit] [<Event
|
|||||||
[csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]]]
|
[csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]]]
|
||||||
gam calendar <CalendarEntity> moveevent (id|eventid <EventID>)+ destination <CalendarItem> [<EventNotificationAttribute>]
|
gam calendar <CalendarEntity> moveevent (id|eventid <EventID>)+ destination <CalendarItem> [<EventNotificationAttribute>]
|
||||||
gam calendar <CalendarEntity> wipe
|
gam calendar <CalendarEntity> wipe
|
||||||
gam calendar <CalendarEntity> printevents <EventSelectProperty>* <EventDisplayProperty>* [fields <EventFieldNameList>]
|
gam calendar <CalendarEntity> printevents <EventSelectProperty>* <EventDisplayProperty>*
|
||||||
[fields <EventFieldNameList>] [showdayofweek]
|
[fields <EventFieldNameList>] [showdayofweek]
|
||||||
[countsonly]
|
[countsonly]
|
||||||
[formatjson [quotechar <Character>]] [todrive <ToDriveAttribute>*]
|
[formatjson [quotechar <Character>]] [todrive <ToDriveAttribute>*]
|
||||||
|
|||||||
@@ -2,6 +2,15 @@
|
|||||||
|
|
||||||
Merged GAM-Team version
|
Merged GAM-Team version
|
||||||
|
|
||||||
|
6.71.15
|
||||||
|
|
||||||
|
Updated `gam create project` to handle the following error:
|
||||||
|
```
|
||||||
|
ERROR: 403: permissionDenied - Authentication error: 7; Error Details: User not allowed to access GCP services.
|
||||||
|
```
|
||||||
|
This error occurs when the Google Workspace admin or GCP project manager email address used in the command
|
||||||
|
is in an OU where Google Cloud Platform is not enabled in Apps/Additional Google services.
|
||||||
|
|
||||||
6.71.14
|
6.71.14
|
||||||
|
|
||||||
Added a command to update a Gmail label's settings by specifying it's ID rather than it's name.
|
Added a command to update a Gmail label's settings by specifying it's ID rather than it's name.
|
||||||
|
|||||||
@@ -11487,9 +11487,13 @@ def _checkForExistingProjectFiles(projectFiles):
|
|||||||
if os.path.exists(a_file):
|
if os.path.exists(a_file):
|
||||||
systemErrorExit(JSON_ALREADY_EXISTS_RC, Msg.AUTHORIZATION_FILE_ALREADY_EXISTS.format(a_file, Act.ToPerform()))
|
systemErrorExit(JSON_ALREADY_EXISTS_RC, Msg.AUTHORIZATION_FILE_ALREADY_EXISTS.format(a_file, Act.ToPerform()))
|
||||||
|
|
||||||
def getGCPOrg(crm, login_domain):
|
def getGCPOrg(crm, login_hint, login_domain):
|
||||||
getorg = callGAPI(crm.organizations(), 'search',
|
try:
|
||||||
query=f'domain:{login_domain}')
|
getorg = callGAPI(crm.organizations(), 'search',
|
||||||
|
throwReasons=[GAPI.INVALID_ARGUMENT, GAPI.PERMISSION_DENIED],
|
||||||
|
query=f'domain:{login_domain}')
|
||||||
|
except (GAPI.invalidArgument, GAPI.permissionDenied) as e:
|
||||||
|
entityActionFailedExit([Ent.USER, login_hint, Ent.DOMAIN, login_domain], str(e))
|
||||||
try:
|
try:
|
||||||
organization = getorg['organizations'][0]['name']
|
organization = getorg['organizations'][0]['name']
|
||||||
sys.stdout.write(Msg.YOUR_ORGANIZATION_NAME_IS.format(organization))
|
sys.stdout.write(Msg.YOUR_ORGANIZATION_NAME_IS.format(organization))
|
||||||
@@ -11519,7 +11523,7 @@ def doCreateGCPFolder():
|
|||||||
login_hint = _getValidateLoginHint(login_hint)
|
login_hint = _getValidateLoginHint(login_hint)
|
||||||
login_domain = getEmailAddressDomain(login_hint)
|
login_domain = getEmailAddressDomain(login_hint)
|
||||||
_, crm = getCRMService(login_hint)
|
_, crm = getCRMService(login_hint)
|
||||||
organization = getGCPOrg(crm, login_domain)
|
organization = getGCPOrg(crm, login_hint, login_domain)
|
||||||
try:
|
try:
|
||||||
result = callGAPI(crm.folders(), 'create',
|
result = callGAPI(crm.folders(), 'create',
|
||||||
throwReasons=[GAPI.INVALID_ARGUMENT, GAPI.PERMISSION_DENIED],
|
throwReasons=[GAPI.INVALID_ARGUMENT, GAPI.PERMISSION_DENIED],
|
||||||
@@ -11547,9 +11551,10 @@ def doCreateProject():
|
|||||||
sys.stdout.write(Msg.CREATING_PROJECT.format(body['displayName']))
|
sys.stdout.write(Msg.CREATING_PROJECT.format(body['displayName']))
|
||||||
try:
|
try:
|
||||||
create_operation = callGAPI(crm.projects(), 'create',
|
create_operation = callGAPI(crm.projects(), 'create',
|
||||||
throwReasons=[GAPI.BAD_REQUEST, GAPI.ALREADY_EXISTS, GAPI.FAILED_PRECONDITION],
|
throwReasons=[GAPI.BAD_REQUEST, GAPI.ALREADY_EXISTS,
|
||||||
|
GAPI.FAILED_PRECONDITION, GAPI.PERMISSION_DENIED],
|
||||||
body=body)
|
body=body)
|
||||||
except (GAPI.badRequest, GAPI.alreadyExists, GAPI.failedPrecondition) as e:
|
except (GAPI.badRequest, GAPI.alreadyExists, GAPI.failedPrecondition, GAPI.permissionDenied) as e:
|
||||||
entityActionFailedExit([Ent.USER, login_hint, Ent.PROJECT, projectInfo['projectId']], str(e))
|
entityActionFailedExit([Ent.USER, login_hint, Ent.PROJECT, projectInfo['projectId']], str(e))
|
||||||
operation_name = create_operation['name']
|
operation_name = create_operation['name']
|
||||||
time.sleep(5) # Google recommends always waiting at least 5 seconds
|
time.sleep(5) # Google recommends always waiting at least 5 seconds
|
||||||
@@ -11560,7 +11565,7 @@ def doCreateProject():
|
|||||||
if 'error' in status:
|
if 'error' in status:
|
||||||
if status['error'].get('message', '') == 'No permission to create project in organization':
|
if status['error'].get('message', '') == 'No permission to create project in organization':
|
||||||
sys.stdout.write(Msg.NO_RIGHTS_GOOGLE_CLOUD_ORGANIZATION)
|
sys.stdout.write(Msg.NO_RIGHTS_GOOGLE_CLOUD_ORGANIZATION)
|
||||||
organization = getGCPOrg(crm, login_domain)
|
organization = getGCPOrg(crm, login_hint, login_domain)
|
||||||
org_policy = callGAPI(crm.organizations(), 'getIamPolicy',
|
org_policy = callGAPI(crm.organizations(), 'getIamPolicy',
|
||||||
resource=organization)
|
resource=organization)
|
||||||
if 'bindings' not in org_policy:
|
if 'bindings' not in org_policy:
|
||||||
@@ -72271,6 +72276,7 @@ MAIN_ADD_CREATE_FUNCTIONS = {
|
|||||||
Cmd.ARG_DRIVEFILEACL: doCreateDriveFileACL,
|
Cmd.ARG_DRIVEFILEACL: doCreateDriveFileACL,
|
||||||
Cmd.ARG_DRIVELABELPERMISSION: doCreateDriveLabelPermissions,
|
Cmd.ARG_DRIVELABELPERMISSION: doCreateDriveLabelPermissions,
|
||||||
Cmd.ARG_FEATURE: doCreateFeature,
|
Cmd.ARG_FEATURE: doCreateFeature,
|
||||||
|
Cmd.ARG_GCPFOLDER: doCreateGCPFolder,
|
||||||
Cmd.ARG_GCPSERVICEACCOUNT: doCreateGCPServiceAccount,
|
Cmd.ARG_GCPSERVICEACCOUNT: doCreateGCPServiceAccount,
|
||||||
Cmd.ARG_GROUP: doCreateGroup,
|
Cmd.ARG_GROUP: doCreateGroup,
|
||||||
Cmd.ARG_GUARDIAN: doInviteGuardian,
|
Cmd.ARG_GUARDIAN: doInviteGuardian,
|
||||||
|
|||||||
Reference in New Issue
Block a user