From b39a0efd8382a87744b10ce435713fad829a6fb4 Mon Sep 17 00:00:00 2001 From: Ross Scroggs Date: Mon, 5 May 2025 21:33:02 -0700 Subject: [PATCH] Improved adminrole commands --- wiki/Administrators.md | 34 +++++++++++++++++------ wiki/GamUpdates.md | 8 ++++++ wiki/How-to-Upgrade-Legacy-GAM-to-GAM7.md | 4 +-- wiki/Version-and-Help.md | 12 ++++---- 4 files changed, 42 insertions(+), 16 deletions(-) diff --git a/wiki/Administrators.md b/wiki/Administrators.md index 20ff6210..620f756d 100644 --- a/wiki/Administrators.md +++ b/wiki/Administrators.md @@ -7,13 +7,14 @@ - [Create an administrator](#create-an-administrator) - [Delete an administrator](#delete-an-administrator) - [Display administrators](#display-administrators) +- [Copy privileges from one role to a new role](#copy-privileges-from-one-role-to-a-new-role) - [Copy roles from one administrator to another](#copy-roles-from-one-administrator-to-another) ## API documentation * [About Administrator roles](https://support.google.com/a/answer/33325?ref_topic=4514341) * [Directory API - Privileges](https://developers.google.com/admin-sdk/directory/reference/rest/v1/privileges) * [Directory API - Roles](https://developers.google.com/admin-sdk/directory/reference/rest/v1/roles) -* [Directory API - Role SAssignments](https://developers.google.com/admin-sdk/directory/reference/rest/v1/roleAssignments) +* [Directory API - Role Assignments](https://developers.google.com/admin-sdk/directory/reference/rest/v1/roleAssignments) ## Definitions ``` @@ -36,7 +37,7 @@ gam print privileges [todrive *] gam show privileges ``` -Here is the output from `gam show privileges`; use this to find ``. +Here is the output from `gam show privileges`; use this to find a specific ``. ``` Show 111 Privileges Privilege: REPORTS_ACCESS (1/111) @@ -1381,24 +1382,33 @@ Show 111 Privileges ## Manage administrative roles ``` -gam create adminrole privileges all|all_ou| [description ] -gam update adminrole [name ] [privileges all|all_ou|] [description ] +gam create adminrole [description ] + privileges all|all_ou||(select |>) +gam update adminrole [name ] [description ] + [privileges all|all_ou||(select |>)] gam delete adminrole ``` * `privileges all` - All defined privileges * `privileges all_ou` - All defined privileges than can be scoped to an OU * `privileges ` - A specific list of privileges +* `privileges select |>` - A collection of privileges from a flat or CSV file ## Display administrative roles ``` gam info adminrole [privileges] -gam print adminroles|roles [todrive *] - [privileges] [oneitemperrow] -gam show adminroles|roles [todrive *] [privileges] ``` +* `privileges` - Display privileges associated with role +``` +gam print adminroles|roles [todrive *] + [role ] [privileges] [oneitemperrow] +gam show adminroles|roles + [role ] [privileges] +``` +By default, all roles are displayed, use `role ` to sisplay a specific role. + * `privileges` - Display privileges associated with each role -By default, all privileges for a role are shown on one row as a repeating item. +By default, with `print`, all privileges for a role are shown on one row as a repeating item. When `oneitemperrow` is specified, each privilege is output on a separate row/line with the other role fields. ## Create an administrator @@ -1438,6 +1448,14 @@ options to limit the display: By default, all role privileges for an admin are shown on one row as a repeating item. When `oneitemperrow` is specified, each role privilege is output on a separate row/line with the other admin fields. +## Copy privileges from one role to a new role +Get privileges for existing role; replace Role Name with actual role name +``` +gam redirect csv ./RolePrivileges.csv print adminrole role 'Role Name' privileges oneitemperrow + +# Create a new role with those privileges +gam create adminrole "New Role Name" privileges select csvfile RolePrivileges.csv:privilegeName + ## Copy roles from one administrator to another Get roles for current admin. ``` diff --git a/wiki/GamUpdates.md b/wiki/GamUpdates.md index 8b1349b2..b41ada43 100644 --- a/wiki/GamUpdates.md +++ b/wiki/GamUpdates.md @@ -10,6 +10,14 @@ Add the `-s` option to the end of the above commands to suppress creating the `g See [Downloads-Installs-GAM7](https://github.com/GAM-team/GAM/wiki/Downloads-Installs) for Windows or other options, including manual installation +### 7.06.14 + +Updated `create|update adminrole` to allow specifying a collection of privileges +with `privileges select |` which makes copying roles much simpler. + +Added option `role ` to `gam print|show adminroles` to allow display of information +for a specific role. + ### 7.06.13 Updated `gam print group-members ... recursive` and `gam print cigroup-members ... recursive` diff --git a/wiki/How-to-Upgrade-Legacy-GAM-to-GAM7.md b/wiki/How-to-Upgrade-Legacy-GAM-to-GAM7.md index 800e382c..4571a8e7 100644 --- a/wiki/How-to-Upgrade-Legacy-GAM-to-GAM7.md +++ b/wiki/How-to-Upgrade-Legacy-GAM-to-GAM7.md @@ -251,7 +251,7 @@ writes the credentials into the file oauth2.txt. admin@server:/Users/admin$ rm -f /Users/admin/GAMConfig/oauth2.txt admin@server:/Users/admin$ gam version WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found -GAM 7.06.13 - https://github.com/GAM-team/GAM - pyinstaller +GAM 7.06.14 - https://github.com/GAM-team/GAM - pyinstaller GAM Team Python 3.13.3 64-bit final MacOS Sequoia 15.4.1 x86_64 @@ -989,7 +989,7 @@ writes the credentials into the file oauth2.txt. C:\>del C:\GAMConfig\oauth2.txt C:\>gam version WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found -GAM 7.06.13 - https://github.com/GAM-team/GAM - pythonsource +GAM 7.06.14 - https://github.com/GAM-team/GAM - pythonsource GAM Team Python 3.13.3 64-bit final Windows-10-10.0.17134 AMD64 diff --git a/wiki/Version-and-Help.md b/wiki/Version-and-Help.md index 5bc8c444..8c048b9e 100644 --- a/wiki/Version-and-Help.md +++ b/wiki/Version-and-Help.md @@ -4,7 +4,7 @@ k Print the current version of Gam with details ``` gam version -GAM 7.06.13 - https://github.com/GAM-team/GAM - pyinstaller +GAM 7.06.14 - https://github.com/GAM-team/GAM - pyinstaller GAM Team Python 3.13.3 64-bit final MacOS Sequoia 15.4.1 x86_64 @@ -16,7 +16,7 @@ Time: 2023-06-02T21:10:00-07:00 Print the current version of Gam with details and time offset information ``` gam version timeoffset -GAM 7.06.13 - https://github.com/GAM-team/GAM - pyinstaller +GAM 7.06.14 - https://github.com/GAM-team/GAM - pyinstaller GAM Team Python 3.13.3 64-bit final MacOS Sequoia 15.4.1 x86_64 @@ -28,7 +28,7 @@ Your system time differs from www.googleapis.com by less than 1 second Print the current version of Gam with extended details and SSL information ``` gam version extended -GAM 7.06.13 - https://github.com/GAM-team/GAM - pyinstaller +GAM 7.06.14 - https://github.com/GAM-team/GAM - pyinstaller GAM Team Python 3.13.3 64-bit final MacOS Sequoia 15.4.1 x86_64 @@ -65,7 +65,7 @@ MacOS High Sierra 10.13.6 x86_64 Path: /Users/Admin/bin/gam7 Version Check: Current: 5.35.08 - Latest: 7.06.13 + Latest: 7.06.14 echo $? 1 ``` @@ -73,7 +73,7 @@ echo $? Print the current version number without details ``` gam version simple -7.06.13 +7.06.14 ``` In Linux/MacOS you can do: ``` @@ -83,7 +83,7 @@ echo $VER Print the current version of Gam and address of this Wiki ``` gam help -GAM 7.06.13 - https://github.com/GAM-team/GAM +GAM 7.06.14 - https://github.com/GAM-team/GAM GAM Team Python 3.13.3 64-bit final MacOS Sequoia 15.4.1 x86_64