mirror of
https://github.com/GAM-team/GAM.git
synced 2026-06-03 22:01:39 +00:00
enforce_expansive_access variable/option deleted
This commit is contained in:
Ross Scroggs
@@ -5209,7 +5209,6 @@ gam create|add permissions <SharedDriveEntityAdmin> <DriveFilePermissionEntity>
|
||||
<PermissionMatch>* [<PermissionMatchAction>]
|
||||
gam delete permissions <SharedDriveEntityAdmin> <DriveFilePermissionIDEntity>
|
||||
<PermissionMatch>* [<PermissionMatchAction>]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
|
||||
In these commands, you specify an administrator and then indicate that you want domain administrator access with the adminaccess option.
|
||||
|
||||
@@ -5223,11 +5222,9 @@ gam <UserTypeEntity> create|add drivefileacl <SharedDriveEntityAdmin>
|
||||
adminaccess
|
||||
gam <UserTypeEntity> update drivefileacl <SharedDriveEntityAdmin> <DriveFilePermissionIDorEmail>
|
||||
(role <DriveFileACLRole>) [expires|expiration <Time>] [removeexpiration [<Boolean>]]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
[showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
||||
adminaccess
|
||||
gam <UserTypeEntity> delete drivefileacl <SharedDriveEntityAdmin> <DriveFilePermissionIDorEmail>
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
[showtitles] adminaccess
|
||||
gam <UserTypeEntity> info drivefileacl <SharedDriveEntityAdmin> <DriveFilePermissionIDorEmail> adminaccess
|
||||
[showtitles]
|
||||
@@ -5253,7 +5250,6 @@ gam <UserTypeEntity> create|add permissions <SharedDriveEntityAdmin> <DriveFileP
|
||||
<PermissionMatch>* [<PermissionMatchAction>]
|
||||
gam <UserTypeEntity> delete permissions <SharedDriveEntityAdmin> <DriveFilePermissionIDEntity> adminaccess
|
||||
<PermissionMatch>* [<PermissionMatchAction>]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
|
||||
In these commands, the Google administrator named in oauth2.txt is used.
|
||||
|
||||
@@ -6972,7 +6968,6 @@ gam <UserTypeEntity> copy drivefile <DriveFileEntity>
|
||||
[sendemailifrequired [<Boolean>]]
|
||||
[suppressnotselectedmessages [<Boolean>]]
|
||||
[verifyorganizer [<Boolean>]]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
|
||||
gam <UserTypeEntity> move drivefile <DriveFileEntity> [newfilename <DriveFileName>]
|
||||
[summary [<Boolean>]] [showpermissionmessages [<Boolean>]]
|
||||
@@ -6997,7 +6992,6 @@ gam <UserTypeEntity> move drivefile <DriveFileEntity> [newfilename <DriveFileNam
|
||||
[retainsourcefolders [<Boolean>]]
|
||||
[sendemailifrequired [<Boolean>]]
|
||||
[verifyorganizer [<Boolean>]]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
|
||||
gam <UserTypeEntity> get document <DriveFileEntity>
|
||||
[viewmode default|suggestions_inline|preview_suggestions_accepted|preview_without_suggestions]
|
||||
@@ -7104,10 +7098,10 @@ gam <UserTypeEntity> create|add drivefileacl <DriveFileEntity> [adminaccess|asad
|
||||
[showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
||||
gam <UserTypeEntity> update drivefileacl <DriveFileEntity> <DriveFilePermissionIDorEmail>
|
||||
(role <DriveFileACLRole>) [expires|expiration <Time>] [removeexpiration [<Boolean>]]
|
||||
[updatesheetprotectedranges [<Boolean>]] [enforceexpansiveaccess [<Boolean>]]
|
||||
[updatesheetprotectedranges [<Boolean>]]
|
||||
[showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
||||
gam <UserTypeEntity> delete drivefileacl <DriveFileEntity> <DriveFilePermissionIDorEmail>
|
||||
[updatesheetprotectedranges [<Boolean>]] [enforceexpansiveaccess [<Boolean>]]
|
||||
[updatesheetprotectedranges [<Boolean>]]
|
||||
[showtitles]
|
||||
gam <UserTypeEntity> info drivefileacl <DriveFileEntity> <DriveFilePermissionIDorEmail>
|
||||
[showtitles]
|
||||
@@ -7231,7 +7225,6 @@ gam <UserTypeEntity> print filerevisions <DriveFileEntity> [todrive <ToDriveAttr
|
||||
|
||||
gam <UserTypeEntity> transfer ownership <DriveFileEntity> <UserItem>
|
||||
[<DriveFileParentAttribute>] [includetrashed] [norecursion [<Boolean>]]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
(orderby <DriveFileOrderByFieldName> [ascending|descending])*
|
||||
[preview] [filepath] [pathdelimiter <Character>] [buildtree]
|
||||
[todrive <ToDriveAttribute>*]
|
||||
@@ -7240,7 +7233,6 @@ gam <UserTypeEntity> claim ownership <DriveFileEntity>
|
||||
[skipids <DriveFileEntity>] [onlyusers|skipusers <UserTypeEntity>] [subdomains <DomainNameEntity>]
|
||||
[restricted [<Boolean>]] [writerscanshare|writerscantshare [<Boolean>]]
|
||||
[keepuser | (retainrole commenter|reader|writer|editor|fileorganizer|none)] [noretentionmessages]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
(orderby <DriveFileOrderByFieldName> [ascending|descending])*
|
||||
[preview] [filepath] [pathdelimiter <Character>] [buildtree]
|
||||
[todrive <ToDriveAttribute>*]
|
||||
@@ -7248,7 +7240,6 @@ gam <UserTypeEntity> claim ownership <DriveFileEntity>
|
||||
gam <UserTypeEntity> transfer drive <UserItem> [select <DriveFileEntity>]
|
||||
[(targetfolderid <DriveFolderID>)|(targetfoldername <DriveFolderName>)]
|
||||
[targetuserfoldername <DriveFolderName>] [targetuserorphansfoldername <DriveFolderName>]
|
||||
[enforceexpansiveaccess [<Boolean>]]
|
||||
[mergewithtarget [<Boolean>]]
|
||||
[skipids <DriveFileEntity>]
|
||||
[keepuser | (retainrole reader|commenter|writer|editor|fileorganizer|none)] [noretentionmessages]
|
||||
|
||||
@@ -1,3 +1,17 @@
|
||||
7.39.00
|
||||
|
||||
Deleted variable `enforce_expansive_access` from `gam.cfg` and removed option `enforceexpansiveaccess`
|
||||
from the following commands as expansive access is now always enforced by Google on My Drives.
|
||||
```
|
||||
gam <UserTypeEntity> delete permissions
|
||||
gam <UserTypeEntity> delete drivefileacl
|
||||
gam <UserTypeEntity> update drivefileacl
|
||||
gam <UserTypeEntity> copy drivefile
|
||||
gam <UserTypeEntity> move drivefile
|
||||
gam <UserTypeEntity> transfer ownership
|
||||
gam <UserTypeEntity> claim ownership
|
||||
```
|
||||
|
||||
7.38.02
|
||||
|
||||
Added license SKU `1010470009` for `AI Expanded Access`; abbreviation `aiexpandedaccess`.
|
||||
|
||||
@@ -25,7 +25,7 @@ https://github.com/GAM-team/GAM/wiki
|
||||
"""
|
||||
|
||||
__author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
|
||||
__version__ = '7.38.02'
|
||||
__version__ = '7.39.00'
|
||||
__license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
|
||||
|
||||
# pylint: disable=wrong-import-position
|
||||
@@ -62364,7 +62364,6 @@ def initCopyMoveOptions(copyCmd):
|
||||
'showPermissionMessages': False,
|
||||
'sendEmailIfRequired': False,
|
||||
'useDomainAdminAccess': False,
|
||||
'enforceExpansiveAccess': GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS],
|
||||
'copiedShortcutsPointToCopiedFiles': True,
|
||||
'createShortcutsForNonmovableFiles': False,
|
||||
'duplicateFiles': DUPLICATE_FILE_OVERWRITE_OLDER,
|
||||
@@ -62491,8 +62490,6 @@ def getCopyMoveOptions(myarg, copyMoveOptions):
|
||||
elif myarg == 'mappermissionsdomain':
|
||||
oldDomain = getString(Cmd.OB_DOMAIN_NAME).lower()
|
||||
copyMoveOptions['mapPermissionsDomains'][oldDomain] = getString(Cmd.OB_DOMAIN_NAME).lower()
|
||||
elif myarg == 'enforceexpansiveaccess':
|
||||
copyMoveOptions['enforceExpansiveAccess'] = getBoolean()
|
||||
else:
|
||||
# Move arguments
|
||||
if not copyMoveOptions['copyCmd']:
|
||||
@@ -62778,8 +62775,6 @@ def _copyPermissions(drive, user, i, count, j, jcount,
|
||||
updateTargetPerms[permissionId]['updates'] = updatePerm
|
||||
copySourcePerms.pop(permissionId)
|
||||
deleteUpdateKwargs = {'useDomainAdminAccess': copyMoveOptions['useDomainAdminAccess']}
|
||||
if entityType != Ent.SHAREDDRIVE:
|
||||
deleteUpdateKwargs['enforceExpansiveAccess'] = copyMoveOptions['enforceExpansiveAccess']
|
||||
action = Act.Get()
|
||||
Act.Set(Act.COPY)
|
||||
kcount = len(copySourcePerms)
|
||||
@@ -63151,7 +63146,6 @@ copyReturnItemMap = {
|
||||
# [sendemailifrequired [<Boolean>]]
|
||||
# [suppressnotselectedmessages [<Boolean>]]
|
||||
# [verifyorganizer [<Boolean>]]
|
||||
# [enforceexpansiveaccess [<Boolean>]]
|
||||
def copyDriveFile(users):
|
||||
def _writeCSVData(user, oldName, oldId, newName, newId, mimeType):
|
||||
row = {'User': user, 'name': oldName, 'id': oldId,
|
||||
@@ -63917,7 +63911,6 @@ def _updateMoveFilePermissions(drive, user, i, count,
|
||||
callGAPI(drive.permissions(), 'delete',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+GAPI.DRIVE3_DELETE_ACL_THROW_REASONS+[GAPI.FILE_NEVER_WRITABLE],
|
||||
useDomainAdminAccess=copyMoveOptions['useDomainAdminAccess'],
|
||||
enforceExpansiveAccess=copyMoveOptions['enforceExpansiveAccess'],
|
||||
fileId=fileId, permissionId=permissionId, supportsAllDrives=True)
|
||||
if copyMoveOptions['showPermissionMessages']:
|
||||
entityActionPerformed(kvList, k, kcount)
|
||||
@@ -64037,7 +64030,6 @@ def _recursiveUpdateMovePermissions(drive, user, i, count,
|
||||
# [retainsourcefolders [<Boolean>]]
|
||||
# [sendemailifrequired [<Boolean>]]
|
||||
# [verifyorganizer [<Boolean>]]
|
||||
# [enforceexpansiveaccess [<Boolean>]]
|
||||
def moveDriveFile(users):
|
||||
def _cloneFolderMove(drive, user, i, count, j, jcount,
|
||||
source, targetChildren, newFolderName, newParentId, newParentName, mergeParentModifiedTime,
|
||||
@@ -65284,7 +65276,6 @@ TRANSFER_DRIVEFILE_ACL_ROLES_MAP = {
|
||||
# [nonowner_retainrole reader|commenter|writer|editor|fileorganizer|current|none]
|
||||
# [nonowner_targetrole reader|commenter|writer|editor|fileorganizer|current|none|source]
|
||||
# (orderby <DriveFileOrderByFieldName> [ascending|descending])*
|
||||
# [enforceexpansiveaccess [<Boolean>]]
|
||||
# [preview] [todrive <ToDriveAttribute>*]
|
||||
def transferDrive(users):
|
||||
|
||||
@@ -65471,7 +65462,6 @@ def transferDrive(users):
|
||||
callGAPI(sourceDrive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.BAD_REQUEST, GAPI.INVALID_OWNERSHIP_TRANSFER,
|
||||
GAPI.PERMISSION_NOT_FOUND, GAPI.SHARING_RATE_LIMIT_EXCEEDED],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=childFileId, permissionId=targetPermissionId,
|
||||
transferOwnership=True, body={'role': 'owner'}, fields='')
|
||||
if removeSourceParents:
|
||||
@@ -65660,7 +65650,6 @@ def transferDrive(users):
|
||||
if ownerRetainRoleBody['role'] != 'writer':
|
||||
callGAPI(targetDrive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.PERMISSION_NOT_FOUND, GAPI.BAD_REQUEST, GAPI.SHARING_RATE_LIMIT_EXCEEDED],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=childFileId, permissionId=sourcePermissionId, body=ownerRetainRoleBody, fields='')
|
||||
else:
|
||||
callGAPI(targetDrive.permissions(), 'delete',
|
||||
@@ -65710,7 +65699,6 @@ def transferDrive(users):
|
||||
if nonOwnerRetainRoleBody['role'] != 'current':
|
||||
callGAPI(ownerDrive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.PERMISSION_NOT_FOUND, GAPI.BAD_REQUEST, GAPI.SHARING_RATE_LIMIT_EXCEEDED],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=childFileId, permissionId=sourcePermissionId, body=sourceUpdateRole, fields='')
|
||||
else:
|
||||
try:
|
||||
@@ -65872,7 +65860,6 @@ def transferDrive(users):
|
||||
targetUserOrphansFolderPattern = '#user# orphaned files'
|
||||
targetIds = [None, None]
|
||||
createShortcutsForNonmovableFiles = False
|
||||
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
||||
mergeWithTarget = False
|
||||
thirdPartyOwners = {}
|
||||
skipFileIdEntity = initDriveFileEntity()
|
||||
@@ -65890,8 +65877,6 @@ def transferDrive(users):
|
||||
nonOwnerRetainRoleBody['role'] = 'current'
|
||||
elif myarg == 'nonownertargetrole':
|
||||
nonOwnerTargetRoleBody['role'] = getChoice(TRANSFER_DRIVEFILE_ACL_ROLES_MAP, mapChoice=True)
|
||||
elif myarg == 'enforceexpansiveaccess':
|
||||
enforceExpansiveAccess = getBoolean()
|
||||
elif myarg == 'noretentionmessages':
|
||||
showRetentionMessages = False
|
||||
elif myarg == 'orderby':
|
||||
@@ -66129,7 +66114,6 @@ def getPermissionIdForEmail(user, i, count, email):
|
||||
# [<DriveFileParentAttribute>] [includetrashed] [norecursion [<Boolean>]]
|
||||
# (orderby <DriveFileOrderByFieldName> [ascending|descending])*
|
||||
# [preview] [filepath] [pathdelimiter <Character>] [buildtree]
|
||||
# [enforceexpansiveaccess [<Boolean>]]
|
||||
# [todrive <ToDriveAttribute>*]
|
||||
def transferOwnership(users):
|
||||
def _identifyFilesToTransfer(fileEntry):
|
||||
@@ -66179,7 +66163,6 @@ def transferOwnership(users):
|
||||
newOwner = getEmailAddress()
|
||||
OBY = OrderBy(DRIVEFILE_ORDERBY_CHOICE_MAP)
|
||||
changeParents = filepath = includeTrashed = noRecursion = False
|
||||
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
||||
pathDelimiter = '/'
|
||||
csvPF = fileTree = None
|
||||
addParents = ''
|
||||
@@ -66206,8 +66189,6 @@ def transferOwnership(users):
|
||||
csvPF.GetTodriveParameters()
|
||||
elif getDriveFileParentAttribute(myarg, parentParms):
|
||||
changeParents = True
|
||||
elif myarg == 'enforceexpansiveaccess':
|
||||
enforceExpansiveAccess = getBoolean()
|
||||
else:
|
||||
unknownArgumentExit()
|
||||
Act.Set(Act.TRANSFER_OWNERSHIP)
|
||||
@@ -66325,7 +66306,6 @@ def transferOwnership(users):
|
||||
Act.Set(action)
|
||||
callGAPI(drive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.PERMISSION_NOT_FOUND],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=xferFileId, permissionId=permissionId, transferOwnership=True, body=body, fields='')
|
||||
entityModifierNewValueItemValueListActionPerformed(kvList, Act.MODIFIER_TO, None, [Ent.USER, newOwner], k, kcount)
|
||||
else:
|
||||
@@ -66347,7 +66327,6 @@ def transferOwnership(users):
|
||||
fileId=xferFileId, sendNotificationEmail=False, body=bodyAdd, fields='')
|
||||
callGAPI(drive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.PERMISSION_NOT_FOUND],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=xferFileId, permissionId=permissionId, transferOwnership=True, body=body, fields='')
|
||||
entityModifierNewValueItemValueListActionPerformed(kvList, Act.MODIFIER_TO, None, [Ent.USER, newOwner], k, kcount)
|
||||
except GAPI.invalidSharingRequest as e:
|
||||
@@ -66420,7 +66399,6 @@ def transferOwnership(users):
|
||||
# [keepuser | (retainrole reader|commenter|writer|editor|none)] [noretentionmessages]
|
||||
# (orderby <DriveFileOrderByFieldName> [ascending|descending])*
|
||||
# [preview] [filepath] [pathdelimiter <Character>] [buildtree]
|
||||
# [enforceexpansiveaccess [<Boolean>]]
|
||||
# [todrive <ToDriveAttribute>*]
|
||||
def claimOwnership(users):
|
||||
def _identifyFilesToClaim(fileEntry):
|
||||
@@ -66481,7 +66459,6 @@ def claimOwnership(users):
|
||||
if sourceRetainRoleBody['role'] != 'writer':
|
||||
callGAPI(sourceDrive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.PERMISSION_NOT_FOUND, GAPI.BAD_REQUEST],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=ofileId, permissionId=oldOwnerPermissionId, body=sourceRetainRoleBody, fields='')
|
||||
else:
|
||||
callGAPI(sourceDrive.permissions(), 'delete',
|
||||
@@ -66506,7 +66483,6 @@ def claimOwnership(users):
|
||||
skipOwners = set()
|
||||
subdomains = []
|
||||
filepath = includeTrashed = False
|
||||
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
||||
pathDelimiter = '/'
|
||||
addParents = ''
|
||||
parentBody = {}
|
||||
@@ -66541,8 +66517,6 @@ def claimOwnership(users):
|
||||
includeTrashed = True
|
||||
elif myarg == 'orderby':
|
||||
OBY.GetChoice()
|
||||
elif myarg == 'enforceexpansiveaccess':
|
||||
enforceExpansiveAccess = getBoolean()
|
||||
elif myarg == 'restricted':
|
||||
bodyShare['copyRequiresWriterPermission'] = getBoolean()
|
||||
elif myarg == 'writerscanshare':
|
||||
@@ -66713,7 +66687,6 @@ def claimOwnership(users):
|
||||
Act.Set(action)
|
||||
callGAPI(sourceDrive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.PERMISSION_NOT_FOUND],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=xferFileId, permissionId=permissionId, transferOwnership=True, body=body, fields='')
|
||||
kvList = [Ent.USER, user, entityType, fileDesc]
|
||||
entityModifierNewValueItemValueListActionPerformed(kvList, Act.MODIFIER_FROM, None, [Ent.USER, oldOwner], l, lcount)
|
||||
@@ -66738,7 +66711,6 @@ def claimOwnership(users):
|
||||
fileId=xferFileId, sendNotificationEmail=False, body=bodyAdd, fields='')
|
||||
callGAPI(sourceDrive.permissions(), 'update',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.PERMISSION_NOT_FOUND],
|
||||
enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
fileId=xferFileId, permissionId=permissionId, transferOwnership=True, body=body, fields='')
|
||||
entityModifierNewValueItemValueListActionPerformed(kvList, Act.MODIFIER_FROM, None, [Ent.USER, oldOwner], l, lcount)
|
||||
_processRetainedRole(user, i, count, oldOwner, entityType, xferFileId, fileDesc, l, lcount)
|
||||
@@ -67291,7 +67263,7 @@ def doCreateDriveFileACL():
|
||||
|
||||
# gam [<UserTypeEntity>] update drivefileacl <DriveFileEntity> <DriveFilePermissionIDorEmail> [asadmin]
|
||||
# (role <DriveFileACLRole>) [expiration <Time>] [removeexpiration [<Boolean>]]
|
||||
# [updatesheetprotectedranges [<Boolean>]] [enforceexpansiveaccess [<Boolean>]]
|
||||
# [updatesheetprotectedranges [<Boolean>]]
|
||||
# [showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
||||
def updateDriveFileACLs(users, useDomainAdminAccess=False):
|
||||
def _showResult(permission, showAction):
|
||||
@@ -67319,7 +67291,6 @@ def updateDriveFileACLs(users, useDomainAdminAccess=False):
|
||||
|
||||
fileIdEntity = getDriveFileEntity()
|
||||
isEmail, permissionId = getPermissionId()
|
||||
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
||||
removeExpiration = showTitles = updateSheetProtectedRanges = False
|
||||
showDetails = True
|
||||
csvPF = None
|
||||
@@ -67337,8 +67308,6 @@ def updateDriveFileACLs(users, useDomainAdminAccess=False):
|
||||
showTitles = True
|
||||
elif myarg == 'updatesheetprotectedranges':
|
||||
updateSheetProtectedRanges = getBoolean()
|
||||
elif myarg == 'enforceexpansiveaccess':
|
||||
enforceExpansiveAccess = getBoolean()
|
||||
elif myarg == 'nodetails':
|
||||
showDetails = False
|
||||
elif myarg == 'csv':
|
||||
@@ -67393,7 +67362,7 @@ def updateDriveFileACLs(users, useDomainAdminAccess=False):
|
||||
permission = callGAPI(drive.permissions(), 'update',
|
||||
bailOnInternalError=True,
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+GAPI.DRIVE3_UPDATE_ACL_THROW_REASONS+[GAPI.FILE_NEVER_WRITABLE],
|
||||
useDomainAdminAccess=useDomainAdminAccess, enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
useDomainAdminAccess=useDomainAdminAccess,
|
||||
fileId=fileId, permissionId=permissionId, removeExpiration=removeExpiration,
|
||||
transferOwnership=body.get('role', '') == 'owner', body=body, fields='*', supportsAllDrives=True)
|
||||
_showResult(permission, True)
|
||||
@@ -67622,12 +67591,11 @@ def doCreatePermissions():
|
||||
createDriveFilePermissions([_getAdminEmail()], True)
|
||||
|
||||
# gam [<UserTypeEntity>] delete drivefileacl <DriveFileEntity> <DriveFilePermissionIDorEmail> [asadmin]
|
||||
# [updatesheetprotectedranges [<Boolean>]] [enforceexpansiveaccess [<Boolean>]]
|
||||
# [updatesheetprotectedranges [<Boolean>]]
|
||||
# [showtitles]
|
||||
def deleteDriveFileACLs(users, useDomainAdminAccess=False):
|
||||
fileIdEntity = getDriveFileEntity()
|
||||
isEmail, permissionId = getPermissionId()
|
||||
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
||||
showTitles = updateSheetProtectedRanges = False
|
||||
while Cmd.ArgumentsRemaining():
|
||||
myarg = getArgument()
|
||||
@@ -67635,8 +67603,6 @@ def deleteDriveFileACLs(users, useDomainAdminAccess=False):
|
||||
showTitles = getBoolean()
|
||||
elif myarg == 'updatesheetprotectedranges':
|
||||
updateSheetProtectedRanges = getBoolean()
|
||||
elif myarg == 'enforceexpansiveaccess':
|
||||
enforceExpansiveAccess = getBoolean()
|
||||
elif myarg in ADMIN_ACCESS_OPTIONS:
|
||||
useDomainAdminAccess = True
|
||||
else:
|
||||
@@ -67674,7 +67640,7 @@ def deleteDriveFileACLs(users, useDomainAdminAccess=False):
|
||||
break
|
||||
callGAPI(drive.permissions(), 'delete',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+GAPI.DRIVE3_DELETE_ACL_THROW_REASONS+[GAPI.FILE_NEVER_WRITABLE],
|
||||
useDomainAdminAccess=useDomainAdminAccess, enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
useDomainAdminAccess=useDomainAdminAccess,
|
||||
fileId=fileId, permissionId=permissionId, supportsAllDrives=True)
|
||||
entityActionPerformed([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], j, jcount)
|
||||
if updateSheetProtectedRanges and mimeType == MIMETYPE_GA_SPREADSHEET:
|
||||
@@ -67698,7 +67664,6 @@ def doDeleteDriveFileACLs():
|
||||
|
||||
# gam [<UserTypeEntity>] delete permissions <DriveFileEntity> <DriveFilePermissionIDEntity> [asadmin]
|
||||
# <PermissionMatch>* [<PermissionMatchAction>]
|
||||
# [enforceexpansiveaccess [<Boolean>]]
|
||||
def deletePermissions(users, useDomainAdminAccess=False):
|
||||
def convertJSONPermissions(jsonPermissions):
|
||||
permissionIds = []
|
||||
@@ -67733,7 +67698,7 @@ def deletePermissions(users, useDomainAdminAccess=False):
|
||||
callGAPI(drive.permissions(), 'delete',
|
||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+GAPI.DRIVE3_DELETE_ACL_THROW_REASONS,
|
||||
retryReasons=[GAPI.SERVICE_LIMIT],
|
||||
useDomainAdminAccess=useDomainAdminAccess, enforceExpansiveAccess=enforceExpansiveAccess,
|
||||
useDomainAdminAccess=useDomainAdminAccess,
|
||||
fileId=ri[RI_ENTITY], permissionId=ri[RI_ITEM], supportsAllDrives=True)
|
||||
entityActionPerformed([Ent.DRIVE_FILE_OR_FOLDER_ID, ri[RI_ENTITY], Ent.PERMISSION_ID, ri[RI_ITEM]], int(ri[RI_J]), int(ri[RI_JCOUNT]))
|
||||
except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
|
||||
@@ -67755,15 +67720,12 @@ def deletePermissions(users, useDomainAdminAccess=False):
|
||||
jsonData = getJSON([])
|
||||
PM = PermissionMatch()
|
||||
PM.SetDefaultMatch(False, {'role': 'owner'})
|
||||
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
||||
while Cmd.ArgumentsRemaining():
|
||||
myarg = getArgument()
|
||||
if myarg in ADMIN_ACCESS_OPTIONS:
|
||||
useDomainAdminAccess = True
|
||||
elif PM and PM.ProcessArgument(myarg):
|
||||
pass
|
||||
elif myarg == 'enforceexpansiveaccess':
|
||||
enforceExpansiveAccess = getBoolean()
|
||||
else:
|
||||
unknownArgumentExit()
|
||||
_checkFileIdEntityDomainAccess(fileIdEntity, useDomainAdminAccess)
|
||||
|
||||
@@ -171,8 +171,6 @@ EMAIL_BATCH_SIZE = 'email_batch_size'
|
||||
ENABLE_DASA = 'enable_dasa'
|
||||
# Enable Cloud Session Reauthentication by borrowing a RAPT token from gcloud command
|
||||
ENABLE_GCLOUD_REAUTH = 'enable_gcloud_reauth'
|
||||
# Value for enforceExpansiveAccess for commands that delete or update drive file ACLs/permissions.
|
||||
ENFORCE_EXPANSIVE_ACCESS = 'enforce_expansive_access'
|
||||
# When retrieving lists of calendar events from API, how many should be retrieved in each chunk
|
||||
EVENT_MAX_RESULTS = 'event_max_results'
|
||||
# Path to extra_args.txt
|
||||
@@ -398,7 +396,6 @@ Defaults = {
|
||||
DEVICE_MAX_RESULTS: '200',
|
||||
DOMAIN: '',
|
||||
DRIVE_DIR: '',
|
||||
ENFORCE_EXPANSIVE_ACCESS: TRUE,
|
||||
DRIVE_MAX_RESULTS: '1000',
|
||||
EMAIL_BATCH_SIZE: '50',
|
||||
ENABLE_DASA: FALSE,
|
||||
@@ -573,7 +570,6 @@ VAR_INFO = {
|
||||
DEVICE_MAX_RESULTS: {VAR_TYPE: TYPE_INTEGER, VAR_LIMITS: (1, 200)},
|
||||
DOMAIN: {VAR_TYPE: TYPE_STRING, VAR_ENVVAR: 'GA_DOMAIN', VAR_LIMITS: (0, None)},
|
||||
DRIVE_DIR: {VAR_TYPE: TYPE_DIRECTORY, VAR_ENVVAR: 'GAMDRIVEDIR'},
|
||||
ENFORCE_EXPANSIVE_ACCESS: {VAR_TYPE: TYPE_BOOLEAN},
|
||||
DRIVE_MAX_RESULTS: {VAR_TYPE: TYPE_INTEGER, VAR_LIMITS: (1, 1000)},
|
||||
EMAIL_BATCH_SIZE: {VAR_TYPE: TYPE_INTEGER, VAR_LIMITS: (1, 100)},
|
||||
ENABLE_DASA: {VAR_TYPE: TYPE_BOOLEAN, VAR_SIGFILE: 'enabledasa.txt', VAR_SFFT: (FALSE, TRUE)},
|
||||
|
||||
Reference in New Issue
Block a user