gcpdetails/scopes cleanup #1891

This commit is contained in:
Ross Scroggs
2026-03-18 16:39:20 -07:00
parent d302563045
commit ce47c9bc7c
2 changed files with 51 additions and 49 deletions

View File

@@ -140,16 +140,16 @@ SCOPELESS_APIS = {
# Scopes not in the discovery doc that are still valid for the API.
EXTRA_SCOPES = {
BUSINESSACCOUNTMANAGEMENT: [ 'https://www.googleapis.com/auth/business.manage'],
CLOUDRESOURCEMANAGER: ['https://www.googleapis.com/auth/cloudplatformfolders',
'https://www.googleapis.com/auth/cloudplatformfolders.readonly',
'https://www.googleapis.com/auth/cloudplatformprojects',
'https://www.googleapis.com/auth/cloudplatformprojects.readonly',
'https://www.googleapis.com/auth/cloudplatformorganizations',
'https://www.googleapis.com/auth/cloudplatformorganizations.readonly',
],
VAULT: ['https://www.googleapis.com/auth/ediscovery', 'https://www.googleapis.com/auth/ediscovery.readonly'],
}
BUSINESSACCOUNTMANAGEMENT: ['https://www.googleapis.com/auth/business.manage'],
CLOUDRESOURCEMANAGER: ['https://www.googleapis.com/auth/cloudplatformfolders',
'https://www.googleapis.com/auth/cloudplatformfolders.readonly',
'https://www.googleapis.com/auth/cloudplatformprojects',
'https://www.googleapis.com/auth/cloudplatformprojects.readonly',
'https://www.googleapis.com/auth/cloudplatformorganizations',
'https://www.googleapis.com/auth/cloudplatformorganizations.readonly',
],
VAULT: ['https://www.googleapis.com/auth/ediscovery', 'https://www.googleapis.com/auth/ediscovery.readonly'],
}
EXTRA_SCOPES[CLOUDRESOURCEMANAGERV1] = EXTRA_SCOPES[CLOUDRESOURCEMANAGER]
APIS_NEEDING_ACCESS_TOKEN = {
@@ -330,18 +330,18 @@ _CLIENT_SCOPES = [
'api': CBCM,
'subscopes': READONLY,
'scope': 'https://www.googleapis.com/auth/admin.directory.device.chromebrowsers'},
{'name': 'Chrome Management API - read only',
{'name': 'Chrome Management API - readonly',
'api': CHROMEMANAGEMENT,
'subscopes': [],
'scope': 'https://www.googleapis.com/auth/chrome.management.reports.readonly'},
{'name': 'Chrome Management API - AppDetails read only',
{'name': 'Chrome Management API - AppDetails readonly',
'api': CHROMEMANAGEMENT_APPDETAILS,
'scope': 'https://www.googleapis.com/auth/chrome.management.appdetails.readonly'},
{'name': 'Chrome Management API - Profiles',
'api': CHROMEMANAGEMENT_CHROMEPROFILES,
'subscopes': READONLY,
'scope': 'https://www.googleapis.com/auth/chrome.management.profiles'},
{'name': 'Chrome Management API - Telemetry read only',
{'name': 'Chrome Management API - Telemetry readonly',
'api': CHROMEMANAGEMENT_TELEMETRY,
'scope': 'https://www.googleapis.com/auth/chrome.management.telemetry.readonly'},
{'name': 'Chrome Policy API',
@@ -456,7 +456,7 @@ _CLIENT_SCOPES = [
'scope': 'https://www.googleapis.com/auth/admin.directory.group'},
{'name': 'Directory API - Mobile Devices Directory',
'api': DIRECTORY,
'subscopes': ['readonly', 'action'],
'subscopes': ['readonly', 'actiononly'],
'scope': 'https://www.googleapis.com/auth/admin.directory.device.mobile'},
{'name': 'Directory API - Organizational Units',
'api': DIRECTORY,
@@ -494,7 +494,7 @@ _CLIENT_SCOPES = [
{'name': 'License Manager API',
'api': LICENSING,
'scope': 'https://www.googleapis.com/auth/apps.licensing'},
{'name': 'People Directory API - read only',
{'name': 'People Directory API - readonly',
'api': PEOPLE_DIRECTORY,
'scope': 'https://www.googleapis.com/auth/directory.readonly'},
{'name': 'People API',
@@ -505,21 +505,21 @@ _CLIENT_SCOPES = [
'api': PUBSUB,
'offByDefault': True,
'scope': 'https://www.googleapis.com/auth/pubsub'},
{'name': 'Reports API - Audit Reports',
{'name': 'Reports API - Audit Reports readonly',
'api': REPORTS,
'scope': 'https://www.googleapis.com/auth/admin.reports.audit.readonly'},
{'name': 'Reports API - Usage Reports',
{'name': 'Reports API - Usage Reports readonly',
'api': REPORTS,
'scope': 'https://www.googleapis.com/auth/admin.reports.usage.readonly'},
{'name': 'Reseller API',
'api': RESELLER,
'offByDefault': True,
'scope': 'https://www.googleapis.com/auth/apps.order'},
{'name': 'Resource Manager - Organizations',
{'name': 'Resource Manager - Organizations readonly',
'api': CLOUDRESOURCEMANAGER,
'offByDefault': True,
'scope': 'https://www.googleapis.com/auth/cloudplatformorganizations.readonly'},
{'name': 'Resource Manager - Projects',
{'name': 'Resource Manager - Projects readonly',
'api': CLOUDRESOURCEMANAGER,
'offByDefault': True,
'scope': 'https://www.googleapis.com/auth/cloudplatformprojects.readonly'},
@@ -541,7 +541,7 @@ _COMMANDDATA_CLIENT_SCOPES = [
'api': DRIVE3,
'subscopes': [],
'scope': DRIVE_READONLY_SCOPE},
{'name': 'Sheets API - commanddata_clientaccess',
{'name': 'Sheets API - commanddata_clientaccess readonly',
'api': SHEETS,
'subscopes': [],
'scope': 'https://www.googleapis.com/auth/spreadsheets.readonly'},
@@ -573,7 +573,7 @@ _SVCACCT_SCOPES = [
'api': ALERTCENTER,
'subscopes': [],
'scope': 'https://www.googleapis.com/auth/apps.alerts'},
{'name': 'Analytics Admin API - read only',
{'name': 'Analytics Admin API - readonly',
'api': ANALYTICS_ADMIN,
'subscopes': [],
'scope': 'https://www.googleapis.com/auth/analytics.readonly'},
@@ -729,7 +729,7 @@ _SVCACCT_SCOPES = [
'subscopes': [],
'scope': ['https://www.googleapis.com/auth/meetings.space.created',
'https://www.googleapis.com/auth/meetings.space.settings']},
{'name': 'Meet API - Read Meeting Spaces metadata',
{'name': 'Meet API - Read Meeting Spaces metadata readonly',
'api': MEET_READONLY,
'subscopes': [],
'scope': 'https://www.googleapis.com/auth/meetings.space.readonly'},
@@ -741,15 +741,15 @@ _SVCACCT_SCOPES = [
'api': PEOPLE,
'subscopes': READONLY,
'scope': PEOPLE_SCOPE},
{'name': 'People Directory API - read only',
{'name': 'People Directory API - readonly',
'api': PEOPLE_DIRECTORY,
'subscopes': [],
'scope': 'https://www.googleapis.com/auth/directory.readonly'},
{'name': 'People API - Other Contacts - read only',
{'name': 'People API - Other Contacts - readonly',
'api': PEOPLE_OTHERCONTACTS,
'subscopes': [],
'scope': 'https://www.googleapis.com/auth/contacts.other.readonly'},
{'name': 'Search Console API - read only',
{'name': 'Search Console API - readonly',
'api': SEARCHCONSOLE,
'subscopes': [],
'offByDefault': True,
@@ -763,7 +763,7 @@ _SVCACCT_SCOPES = [
'subscopes': [],
'offByDefault': True,
'scope': 'https://www.googleapis.com/auth/siteverification'},
{'name': 'Tag Manager API - Accounts, Containers, Workspaces, Tags - read only',
{'name': 'Tag Manager API - Accounts, Containers, Workspaces, Tags - readonly',
'api': TAGMANAGER,
'subscopes': [],
'offByDefault': True,
@@ -777,7 +777,7 @@ _SVCACCT_SCOPES = [
'api': TASKS,
'subscopes': READONLY,
'scope': 'https://www.googleapis.com/auth/tasks'},
{'name': 'Youtube API - read only',
{'name': 'Youtube API - readonly',
'api': YOUTUBE,
'subscopes': [],
'offByDefault': True,
@@ -790,7 +790,7 @@ _SVCACCT_SPECIAL_SCOPES = [
'subscopes': [],
'offByDefault': True,
'scope': DRIVE_SCOPE},
{'name': 'Gmail API - Full Access - read only',
{'name': 'Gmail API - Full Access - readonly',
'api': GMAIL,
'subscopes': [],
'offByDefault': True,