mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-03 20:31:35 +00:00
Improved create drivefileacl error handling
This commit is contained in:
@@ -1,3 +1,37 @@
|
|||||||
|
7.34.04
|
||||||
|
|
||||||
|
Updated `gam <UserTypeEntity> create drivefileacl <DriveFileEntity> user <UserItem> role owner` to better
|
||||||
|
handle the case where the current owner of a file is suspended. Previously, the command was displayed as an error
|
||||||
|
even though the ownership was changed.
|
||||||
|
```
|
||||||
|
gam user currentowner@domain.com add drivefileacl <DriveFileID> user newowner@domain.com role owner
|
||||||
|
User: currentowner@domain.com, Add 1 Drive File/Folder ACL
|
||||||
|
User: currentowner@domain.com, Drive File/Folder ID: <DriveFileID>, Permission ID: newowner@domain.com, Add Failed: Sorry, the items were successfully shared but emails could not be sent to newowner@domain.com.
|
||||||
|
```
|
||||||
|
|
||||||
|
Now the command is displayed as a success with a note indicating that the ownership change email was not sent.
|
||||||
|
```
|
||||||
|
gam user currentowner@domain.com add drivefileacl <DriveFileID> user newowner@domain.com role owner
|
||||||
|
User: currentowner@domain.com, Add 1 Drive File/Folder ACL
|
||||||
|
User: currentowner@domain.com, Drive File/Folder ID: <DriveFileID>, Permission ID: newowner@domain.com, Added: Sorry, the items were successfully shared but emails could not be sent to newowner@domain.com.
|
||||||
|
New Owner
|
||||||
|
id: 10834698115409747890
|
||||||
|
type: user
|
||||||
|
emailAddress: newowner@domain.com
|
||||||
|
domain: domain.com
|
||||||
|
role: owner
|
||||||
|
permissionDetails:
|
||||||
|
role: writer
|
||||||
|
type: file
|
||||||
|
inherited: True
|
||||||
|
inheritedFrom: Unknown
|
||||||
|
role: owner
|
||||||
|
type: file
|
||||||
|
inherited: False
|
||||||
|
deleted: False
|
||||||
|
pendingOwner: False
|
||||||
|
```
|
||||||
|
|
||||||
7.34.03
|
7.34.03
|
||||||
|
|
||||||
Updated to Python 3.14.3
|
Updated to Python 3.14.3
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ https://github.com/GAM-team/GAM/wiki
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
__author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
|
__author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
|
||||||
__version__ = '7.34.03'
|
__version__ = '7.34.04'
|
||||||
__license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
|
__license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
|
||||||
|
|
||||||
# pylint: disable=wrong-import-position
|
# pylint: disable=wrong-import-position
|
||||||
@@ -66781,6 +66781,29 @@ def _checkFileIdEntityDomainAccess(fileIdEntity, useDomainAdminAccess):
|
|||||||
# [sendemail|sendnotification] [emailmessage <String>]
|
# [sendemail|sendnotification] [emailmessage <String>]
|
||||||
# [showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
# [showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
||||||
def createDriveFileACL(users, useDomainAdminAccess=False):
|
def createDriveFileACL(users, useDomainAdminAccess=False):
|
||||||
|
def _showResult(permission, showAction):
|
||||||
|
if updateSheetProtectedRanges and mimeType == MIMETYPE_GA_SPREADSHEET:
|
||||||
|
_updateSheetProtectedRangesACLchange(sheet, user, i, count, j, jcount, fileId, fileName, True, permission)
|
||||||
|
if csvPF:
|
||||||
|
baserow = {'Owner': user, 'id': fileId}
|
||||||
|
if showTitles:
|
||||||
|
baserow['name'] = fileName
|
||||||
|
row = baserow.copy()
|
||||||
|
_mapDrivePermissionNames(permission)
|
||||||
|
flattenJSON({'permission': permission}, flattened=row, timeObjects=timeObjects)
|
||||||
|
if not FJQC.formatJSON:
|
||||||
|
csvPF.WriteRowTitles(row)
|
||||||
|
elif csvPF.CheckRowTitles(row):
|
||||||
|
row = baserow.copy()
|
||||||
|
row['JSON'] = json.dumps(cleanJSON({'permission': permission}, timeObjects=timeObjects),
|
||||||
|
ensure_ascii=False, sort_keys=True)
|
||||||
|
csvPF.WriteRowNoFilter(row)
|
||||||
|
else:
|
||||||
|
if showAction:
|
||||||
|
entityActionPerformed([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], j, jcount)
|
||||||
|
if showDetails:
|
||||||
|
_showDriveFilePermission(permission, printKeys, timeObjects)
|
||||||
|
|
||||||
moveToNewOwnersRoot = False
|
moveToNewOwnersRoot = False
|
||||||
sendNotificationEmail = showTitles = _transferOwnership = updateSheetProtectedRanges = False
|
sendNotificationEmail = showTitles = _transferOwnership = updateSheetProtectedRanges = False
|
||||||
roleLocation = withLinkLocation = expirationLocation = None
|
roleLocation = withLinkLocation = expirationLocation = None
|
||||||
@@ -66890,6 +66913,7 @@ def createDriveFileACL(users, useDomainAdminAccess=False):
|
|||||||
_, sheet = buildGAPIServiceObject(API.SHEETS, user, i, count)
|
_, sheet = buildGAPIServiceObject(API.SHEETS, user, i, count)
|
||||||
if not sheet:
|
if not sheet:
|
||||||
break
|
break
|
||||||
|
try:
|
||||||
permission = callGAPI(drive.permissions(), 'create',
|
permission = callGAPI(drive.permissions(), 'create',
|
||||||
bailOnInternalError=True,
|
bailOnInternalError=True,
|
||||||
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+GAPI.DRIVE3_CREATE_ACL_THROW_REASONS+[GAPI.FILE_NEVER_WRITABLE],
|
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+GAPI.DRIVE3_CREATE_ACL_THROW_REASONS+[GAPI.FILE_NEVER_WRITABLE],
|
||||||
@@ -66897,28 +66921,22 @@ def createDriveFileACL(users, useDomainAdminAccess=False):
|
|||||||
useDomainAdminAccess=useDomainAdminAccess,
|
useDomainAdminAccess=useDomainAdminAccess,
|
||||||
fileId=fileId, sendNotificationEmail=sendNotificationEmail, emailMessage=emailMessage,
|
fileId=fileId, sendNotificationEmail=sendNotificationEmail, emailMessage=emailMessage,
|
||||||
transferOwnership=_transferOwnership, body=body, fields='*', supportsAllDrives=True)
|
transferOwnership=_transferOwnership, body=body, fields='*', supportsAllDrives=True)
|
||||||
if updateSheetProtectedRanges and mimeType == MIMETYPE_GA_SPREADSHEET:
|
_showResult(permission, True)
|
||||||
_updateSheetProtectedRangesACLchange(sheet, user, i, count, j, jcount, fileId, fileName, True, permission)
|
except GAPI.invalidSharingRequest as e:
|
||||||
if csvPF:
|
errMsg = str(e)
|
||||||
baserow = {'Owner': user, 'id': fileId}
|
if ('successfully shared but emails could not be sent' not in errMsg) or ('emailAddress' not in body):
|
||||||
if showTitles:
|
entityActionFailedWarning([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], errMsg, j, jcount)
|
||||||
baserow['name'] = fileName
|
|
||||||
row = baserow.copy()
|
|
||||||
_mapDrivePermissionNames(permission)
|
|
||||||
flattenJSON({'permission': permission}, flattened=row, timeObjects=timeObjects)
|
|
||||||
if not FJQC.formatJSON:
|
|
||||||
csvPF.WriteRowTitles(row)
|
|
||||||
elif csvPF.CheckRowTitles(row):
|
|
||||||
row = baserow.copy()
|
|
||||||
row['JSON'] = json.dumps(cleanJSON({'permission': permission}, timeObjects=timeObjects),
|
|
||||||
ensure_ascii=False, sort_keys=True)
|
|
||||||
csvPF.WriteRowNoFilter(row)
|
|
||||||
else:
|
else:
|
||||||
entityActionPerformed([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], j, jcount)
|
if not csvPF:
|
||||||
if showDetails:
|
entityActionPerformedMessage([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], errMsg, j, jcount)
|
||||||
_showDriveFilePermission(permission, printKeys, timeObjects)
|
tempPermId = getPermissionIdForEmail(user, i, count, body['emailAddress'])
|
||||||
|
permission = callGAPI(drive.permissions(), 'get',
|
||||||
|
throwReasons=GAPI.DRIVE_ACCESS_THROW_REASONS+[GAPI.BAD_REQUEST, GAPI.PERMISSION_NOT_FOUND, GAPI.INSUFFICIENT_ADMINISTRATOR_PRIVILEGES],
|
||||||
|
useDomainAdminAccess=useDomainAdminAccess,
|
||||||
|
fileId=fileId, permissionId=tempPermId, fields='*', supportsAllDrives=True)
|
||||||
|
_showResult(permission, False)
|
||||||
except (GAPI.badRequest, GAPI.invalid, GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError,
|
except (GAPI.badRequest, GAPI.invalid, GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError,
|
||||||
GAPI.cannotSetExpiration, GAPI.cannotSetExpirationOnAnyoneOrDomain,
|
GAPI.permissionNotFound, GAPI.cannotSetExpiration, GAPI.cannotSetExpirationOnAnyoneOrDomain,
|
||||||
GAPI.expirationDateNotAllowedForSharedDriveMembers, GAPI.expirationDatesMustBeInTheFuture,
|
GAPI.expirationDateNotAllowedForSharedDriveMembers, GAPI.expirationDatesMustBeInTheFuture,
|
||||||
GAPI.insufficientFilePermissions, GAPI.unknownError, GAPI.ownershipChangeAcrossDomainNotPermitted,
|
GAPI.insufficientFilePermissions, GAPI.unknownError, GAPI.ownershipChangeAcrossDomainNotPermitted,
|
||||||
GAPI.teamDriveDomainUsersOnlyRestriction, GAPI.teamDriveTeamMembersOnlyRestriction,
|
GAPI.teamDriveDomainUsersOnlyRestriction, GAPI.teamDriveTeamMembersOnlyRestriction,
|
||||||
@@ -66932,7 +66950,7 @@ def createDriveFileACL(users, useDomainAdminAccess=False):
|
|||||||
GAPI.fileOrganizerOnNonTeamDriveNotSupported,
|
GAPI.fileOrganizerOnNonTeamDriveNotSupported,
|
||||||
GAPI.cannotModifyInheritedPermission,
|
GAPI.cannotModifyInheritedPermission,
|
||||||
GAPI.teamDrivesFolderSharingNotSupported, GAPI.invalidLinkVisibility,
|
GAPI.teamDrivesFolderSharingNotSupported, GAPI.invalidLinkVisibility,
|
||||||
GAPI.invalidSharingRequest, GAPI.fileNeverWritable, GAPI.abusiveContentRestriction) as e:
|
GAPI.fileNeverWritable, GAPI.abusiveContentRestriction) as e:
|
||||||
entityActionFailedWarning([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], str(e), j, jcount)
|
entityActionFailedWarning([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], str(e), j, jcount)
|
||||||
except GAPI.notFound as e:
|
except GAPI.notFound as e:
|
||||||
entityActionFailedWarning([Ent.USER, user, Ent.SHAREDDRIVE, fileName], str(e), j, jcount)
|
entityActionFailedWarning([Ent.USER, user, Ent.SHAREDDRIVE, fileName], str(e), j, jcount)
|
||||||
@@ -66951,6 +66969,29 @@ def doCreateDriveFileACL():
|
|||||||
# [updatesheetprotectedranges [<Boolean>]] [enforceexpansiveaccess [<Boolean>]]
|
# [updatesheetprotectedranges [<Boolean>]] [enforceexpansiveaccess [<Boolean>]]
|
||||||
# [showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
# [showtitles] [nodetails|(csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]])]
|
||||||
def updateDriveFileACLs(users, useDomainAdminAccess=False):
|
def updateDriveFileACLs(users, useDomainAdminAccess=False):
|
||||||
|
def _showResult(permission, showAction):
|
||||||
|
if updateSheetProtectedRanges and mimeType == MIMETYPE_GA_SPREADSHEET:
|
||||||
|
_updateSheetProtectedRangesACLchange(sheet, user, i, count, j, jcount, fileId, fileName, True, permission)
|
||||||
|
if csvPF:
|
||||||
|
baserow = {'Owner': user, 'id': fileId}
|
||||||
|
if showTitles:
|
||||||
|
baserow['name'] = fileName
|
||||||
|
row = baserow.copy()
|
||||||
|
_mapDrivePermissionNames(permission)
|
||||||
|
flattenJSON({'permission': permission}, flattened=row, timeObjects=timeObjects)
|
||||||
|
if not FJQC.formatJSON:
|
||||||
|
csvPF.WriteRowTitles(row)
|
||||||
|
elif csvPF.CheckRowTitles(row):
|
||||||
|
row = baserow.copy()
|
||||||
|
row['JSON'] = json.dumps(cleanJSON({'permission': permission}, timeObjects=timeObjects),
|
||||||
|
ensure_ascii=False, sort_keys=True)
|
||||||
|
csvPF.WriteRowNoFilter(row)
|
||||||
|
else:
|
||||||
|
if showAction:
|
||||||
|
entityActionPerformed([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], j, jcount)
|
||||||
|
if showDetails:
|
||||||
|
_showDriveFilePermission(permission, printKeys, timeObjects)
|
||||||
|
|
||||||
fileIdEntity = getDriveFileEntity()
|
fileIdEntity = getDriveFileEntity()
|
||||||
isEmail, permissionId = getPermissionId()
|
isEmail, permissionId = getPermissionId()
|
||||||
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
enforceExpansiveAccess = GC.Values[GC.ENFORCE_EXPANSIVE_ACCESS]
|
||||||
@@ -67030,26 +67071,7 @@ def updateDriveFileACLs(users, useDomainAdminAccess=False):
|
|||||||
useDomainAdminAccess=useDomainAdminAccess, enforceExpansiveAccess=enforceExpansiveAccess,
|
useDomainAdminAccess=useDomainAdminAccess, enforceExpansiveAccess=enforceExpansiveAccess,
|
||||||
fileId=fileId, permissionId=permissionId, removeExpiration=removeExpiration,
|
fileId=fileId, permissionId=permissionId, removeExpiration=removeExpiration,
|
||||||
transferOwnership=body.get('role', '') == 'owner', body=body, fields='*', supportsAllDrives=True)
|
transferOwnership=body.get('role', '') == 'owner', body=body, fields='*', supportsAllDrives=True)
|
||||||
if updateSheetProtectedRanges and mimeType == MIMETYPE_GA_SPREADSHEET:
|
_showResult(permission, True)
|
||||||
_updateSheetProtectedRangesACLchange(sheet, user, i, count, j, jcount, fileId, fileName, True, permission)
|
|
||||||
if csvPF:
|
|
||||||
baserow = {'Owner': user, 'id': fileId}
|
|
||||||
if showTitles:
|
|
||||||
baserow['name'] = fileName
|
|
||||||
row = baserow.copy()
|
|
||||||
_mapDrivePermissionNames(permission)
|
|
||||||
flattenJSON({'permission': permission}, flattened=row, timeObjects=timeObjects)
|
|
||||||
if not FJQC.formatJSON:
|
|
||||||
csvPF.WriteRowTitles(row)
|
|
||||||
elif csvPF.CheckRowTitles(row):
|
|
||||||
row = baserow.copy()
|
|
||||||
row['JSON'] = json.dumps(cleanJSON({'permission': permission}, timeObjects=timeObjects),
|
|
||||||
ensure_ascii=False, sort_keys=True)
|
|
||||||
csvPF.WriteRowNoFilter(row)
|
|
||||||
else:
|
|
||||||
entityActionPerformed([Ent.USER, user, entityType, fileName, Ent.PERMISSION_ID, permissionId], j, jcount)
|
|
||||||
if showDetails:
|
|
||||||
_showDriveFilePermission(permission, printKeys, timeObjects)
|
|
||||||
except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
|
except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
|
||||||
GAPI.cannotSetExpiration, GAPI.cannotSetExpirationOnAnyoneOrDomain,
|
GAPI.cannotSetExpiration, GAPI.cannotSetExpirationOnAnyoneOrDomain,
|
||||||
GAPI.expirationDateNotAllowedForSharedDriveMembers, GAPI.expirationDatesMustBeInTheFuture,
|
GAPI.expirationDateNotAllowedForSharedDriveMembers, GAPI.expirationDatesMustBeInTheFuture,
|
||||||
|
|||||||
Reference in New Issue
Block a user