From 93cf750249582fa971f1a240921ad599d32f6153 Mon Sep 17 00:00:00 2001
From: Ross Scroggs <ross.scroggs@gmail.com>
Date: Fri, 7 May 2021 06:07:44 -0700
Subject: [PATCH] Code cleanup; display role for group members (#1379)

* Code cleanup; display role for group members

* Standardize member and membertree output

Should dates be added to membergtree output?

* Use member_id to get subgroup, avoid call to convert email to id

* Only show role on top-level members

* Use v1beta1 for info user grouptree

* Update groups.py
---
 src/gam/__init__.py                  |  4 ++--
 src/gam/gapi/cloudidentity/groups.py | 32 ++++++++++++++--------------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/src/gam/__init__.py b/src/gam/__init__.py
index c5322575..bd7a5ed2 100755
--- a/src/gam/__init__.py
+++ b/src/gam/__init__.py
@@ -9018,7 +9018,7 @@ def doGetUserInfo(user_email=None):
             print('No access to show user groups.')
     elif getCIGroups:
         memberships = gapi_cloudidentity_groups.get_membership_graph(user_email)
-        print('\nGroup Membership Tree:')
+        print('Group Membership Tree:')
         if memberships:
             group_name_mapping = {}
             group_displayname_mapping = {}
@@ -9037,7 +9037,7 @@ def doGetUserInfo(user_email=None):
                 group_email = group_name_mapping[group_name]
                 for edge in adj.get('edges', []):
                     seen_group_count[group_email] = seen_group_count.get(group_email, 0) + 1
-                    member_email = edge.get('preferredMemberKey', {}).get('id')
+                    member_email = edge.get('memberKey', {}).get('id')
                     edges.append((member_email, group_email))
             print_group_map(user_email, group_displayname_mapping, seen_group_count, edges, 3, 'direct')
             if seen_group_count and max(seen_group_count.values()) > 1:
diff --git a/src/gam/gapi/cloudidentity/groups.py b/src/gam/gapi/cloudidentity/groups.py
index 5d34cb37..3f958704 100644
--- a/src/gam/gapi/cloudidentity/groups.py
+++ b/src/gam/gapi/cloudidentity/groups.py
@@ -118,6 +118,7 @@ def info():
         for member in members:
             role = get_single_role(member.get('roles', [])).lower()
             email = member.get('memberKey', {}).get('id')
+            member_type = member.get('type', 'USER').lower()
             jc_string = ''
             if showJoinDate:
                 joined = member.get('createTime', 'Unknown')
@@ -125,36 +126,35 @@ def info():
             if showUpdateDate:
                 updated = member.get('updateTime', 'Unknown')
                 jc_string += f'  updated {updated}'
-            print(
-                f'  {role}: {email}{jc_string}'
-                # f' {member.get("role", ROLE_MEMBER).lower()}: {member.get("email", member["id"])} ({member["type"].lower()})'
-            )
+            print(f'  {role}: {email} ({member_type}){jc_string}')
         print(f'Total {len(members)} users in group')
     elif showMemberTree:
-        print(' Member tree:')
-        global cached_group_members
+        print(' Membership Tree:')
         cached_group_members = {}
-        print_member_tree(ci, name, 2)
+        print_member_tree(ci, name, cached_group_members, 2, True)
 
 
-def print_member_tree(ci, group_id, spaces):
+def print_member_tree(ci, group_id, cached_group_members, spaces, show_role):
     if not group_id in cached_group_members:
         cached_group_members[group_id] = gapi.get_all_pages(ci.groups().memberships(),
                                                             'list',
                                                             'memberships',
                                                             parent=group_id,
+                                                            view='FULL',
                                                             fields='*',
                                                             pageSize=1000)
     for member in cached_group_members[group_id]:
         member_id = member.get('name', '')
         member_id = member_id.split('/')[-1]
-        member_email = member.get('memberKey', {}).get('id')
-        if member_id.isdigit():
-            print(f'{" " * spaces}{member_email} - user')
+        email = member.get('memberKey', {}).get('id')
+        member_type = member.get('type', 'USER').lower()
+        if show_role:
+            role = get_single_role(member.get('roles', [])).lower()
+            print(f'{" " * spaces}{role}: {email} ({member_type})')
         else:
-            print(f'{" " * spaces}{member_email} - group')
-            group_id = group_email_to_id(ci, member_email)
-            print_member_tree(ci, group_id, spaces + 2)
+            print(f'{" " * spaces}{email} ({member_type})')
+        if member_type == 'group':
+            print_member_tree(ci, f'groups/{member_id}', cached_group_members, spaces + 2, False)
 
 
 def info_member():
@@ -331,7 +331,7 @@ def print_():
                 ownersCount = 0
             for member in groupMembers:
                 member_email = member['memberKey']['id']
-                role = get_single_role(member.get('roles'))
+                role = get_single_role(member.get('roles', []))
                 if not validRoles or role in validRoles:
                     if role == ROLE_MEMBER:
                         if members:
@@ -413,7 +413,7 @@ def _get_groups_list(ci=None, member=None, parent=None):
 
 
 def get_membership_graph(member):
-    ci = gapi_cloudidentity.build()
+    ci = gapi_cloudidentity.build('cloudidentity_beta')
     query = f"member_key_id == '{member}' && 'cloudidentity.googleapis.com/groups.discussion_forum' in labels"
     result = gapi.call(ci.groups().memberships(),
                      'getMembershipGraph',