Implement _getValueFromOauth (#491)

2025-07-09 14:13:35 +00:00 · 2017-04-26 10:34:52 -07:00
parent ee44ba67cf
commit be44d2c601
2 changed files with 17 additions and 17 deletions
--- a/src/GamCommands.txt
+++ b/src/GamCommands.txt
@ -695,7 +695,7 @@ gam info schema <SchemaName>
 gam show schema|schemas
 gam print schema|schemas

-gam create user <EmailAddress> <UserAttrubutes>*
+gam create user <EmailAddress> <UserAttributes>*
 gam update user <UserItem> <UserAttributes>* [clearschema <SchemaName>] [clearschema <SchemaName>.<FieldName>]
 gam delete user <UserItem>
 gam undelete user <UserItem> [org|ou <OrgUnitPath>]
@ -826,7 +826,7 @@ gam <UserTypeEntity> show tokens|token [clientid <ClientID>]
 gam <UserTypeEntity> print tokens|token [todrive] [clientid <ClientID>]
 gam print tokens|token [todrive] [clientid <ClientID>] [<UserTypeEntity>]

-gam <UserTypeEntity> update user <UserAttrubutes>
+gam <UserTypeEntity> update user <UserAttributes>

 gam <UserTypeEntity> deprovision|deprov

--- a/src/gam.py
+++ b/src/gam.py
@ -819,6 +819,8 @@ def buildActivityGAPIObject(user):
  return (userEmail, buildGAPIServiceObject(u'appsactivity', userEmail))

 def buildCalendarGAPIObject(calname):
+  if not GC_Values[GC_DOMAIN]:
+    GC_Values[GC_DOMAIN] = _getValueFromOAuth(u'hd').lower()
  calendarId = convertUserUIDtoEmailAddress(calname)
  return (calendarId, buildGAPIServiceObject(u'calendar', calendarId))

@ -3010,22 +3012,23 @@ def formatACLRule(rule):
  return u'(Scope: {0}, Role: {1})'.format(rule[u'scope'][u'type'], rule[u'role'])

 def doCalendarShowACL():
-  show_cal = sys.argv[2]
-  show_cal, cal = buildCalendarGAPIObject(show_cal)
+  calendarId, cal = buildCalendarGAPIObject(sys.argv[2])
  try:
    # Force service account token request. If we fail fall back to
    # using admin for delegation
    cal._http.request.credentials.refresh(httplib2.Http(disable_ssl_certificate_validation=GC_Values[GC_NO_VERIFY_SSL]))
  except oauth2client.client.HttpAccessTokenRefreshError:
-    _, cal = buildCalendarGAPIObject(_getAdminUserFromOAuth())
-  acls = callGAPIitems(cal.acl(), u'list', u'items', calendarId=show_cal)
+    _, cal = buildCalendarGAPIObject(_getValueFromOAuth(u'email'))
+  acls = callGAPIitems(cal.acl(), u'list', u'items', calendarId=calendarId)
  i = 0
  count = len(acls)
  for rule in acls:
    i += 1
-    print u'Calendar: {0}, ACL: {1}{2}'.format(show_cal, formatACLRule(rule), currentCount(i, count))
+    print u'Calendar: {0}, ACL: {1}{2}'.format(calendarId, formatACLRule(rule), currentCount(i, count))

 def doCalendarAddACL(calendarId=None, act_as=None, role=None, scope=None, entity=None):
+  if not GC_Values[GC_DOMAIN]:
+    GC_Values[GC_DOMAIN] = _getValueFromOAuth(u'hd').lower()
  if calendarId is None:
    calendarId = sys.argv[2]
  if calendarId.find(u'@') == -1:
@ -3038,7 +3041,7 @@ def doCalendarAddACL(calendarId=None, act_as=None, role=None, scope=None, entity
    # using admin for delegation
    cal._http.request.credentials.refresh(httplib2.Http(disable_ssl_certificate_validation=GC_Values[GC_NO_VERIFY_SSL]))
  except oauth2client.client.HttpAccessTokenRefreshError:
-    _, cal = buildCalendarGAPIObject(_getAdminUserFromOAuth())
+    _, cal = buildCalendarGAPIObject(_getValueFromOAuth(u'email'))
  body = {u'scope': {}}
  if role is not None:
    body[u'role'] = role
@ -3589,10 +3592,9 @@ def getPermissionId(argstr):
    return u'anyoneWithLink'
  if permissionId.find(u'@') == -1:
    permissionId = u'%s@%s' % (permissionId, GC_Values[GC_DOMAIN])
-  admin_email = _getAdminUserFromOAuth()
  # We have to use v2 here since v3 has no permissions.getIdForEmail equivalent
  # https://code.google.com/a/google.com/p/apps-api-issues/issues/detail?id=4313
-  _, drive2 = buildDriveGAPIObject(admin_email)
+  _, drive2 = buildDriveGAPIObject(_getValueFromOAuth(u'email'))
  return callGAPI(drive2.permissions(), u'getIdForEmail', email=permissionId, fields=u'id')[u'id']

 def delDriveFileACL(users):
@ -7735,12 +7737,12 @@ def doCreateResoldCustomer():
  result = callGAPI(res.customers(), u'insert', body=body, customerAuthToken=customerAuthToken, fields=u'customerId,customerDomain')
  print u'Created customer %s with id %s' % (result[u'customerDomain'], result[u'customerId'])

-def _getAdminUserFromOAuth():
+def _getValueFromOAuth(field):
  storage, credentials = getOauth2TxtStorageCredentials()
  if credentials is None or credentials.invalid:
    doRequestOAuth()
    credentials = storage.get()
-  return credentials.id_token.get(u'email', u'Unknown')
+  return credentials.id_token.get(field, u'Unknown')

 def doGetUserInfo(user_email=None):

@ -7755,7 +7757,7 @@ def doGetUserInfo(user_email=None):
      user_email = sys.argv[3]
      i = 4
    else:
-      user_email = _getAdminUserFromOAuth()
+      user_email = _getValueFromOAuth(u'email')
  if user_email[:4].lower() == u'uid:':
    user_email = user_email[4:]
  elif user_email.find(u'@') == -1:
@ -8749,8 +8751,7 @@ def doDeleteOrg():
 # Send an email
 def send_email(msg_subj, msg_txt, msg_rcpt=None):
  from email.mime.text import MIMEText
-  userId = _getAdminUserFromOAuth()
-  userId, gmail = buildGmailGAPIObject(userId)
+  userId, gmail = buildGmailGAPIObject(_getValueFromOAuth(u'email'))
  if not msg_rcpt:
    msg_rcpt = userId
  msg = MIMEText(msg_txt)
@ -8836,8 +8837,7 @@ def writeCSVfile(csvRows, titles, list_type, todrive):
    if cell_count > 500000 or columns > 256:
      print u'{0}{1}'.format(WARNING_PREFIX, MESSAGE_RESULTS_TOO_LARGE_FOR_GOOGLE_SPREADSHEET)
      mimeType = u'text/csv'
-    admin_user = _getAdminUserFromOAuth()
-    admin_user, drive = buildDrive3GAPIObject(admin_user)
+    _, drive = buildDrive3GAPIObject(_getValueFromOAuth(u'email'))
    body = {u'description': u' '.join(sys.argv),
            u'name': u'%s - %s' % (GC_Values[GC_DOMAIN], list_type),
            u'mimeType': mimeType}