mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-04 04:41:35 +00:00
@@ -7,7 +7,6 @@ import gam
|
|||||||
from gam.var import *
|
from gam.var import *
|
||||||
from gam import controlflow
|
from gam import controlflow
|
||||||
from gam import display
|
from gam import display
|
||||||
from gam import fileutils
|
|
||||||
from gam import gapi
|
from gam import gapi
|
||||||
from gam import utils
|
from gam import utils
|
||||||
from gam.gapi import errors as gapi_errors
|
from gam.gapi import errors as gapi_errors
|
||||||
@@ -131,7 +130,7 @@ def build_device_policy(i, schemas):
|
|||||||
device_policy['allowedDeviceManagementLevels'] = sys.argv[i+1].upper().split(',')
|
device_policy['allowedDeviceManagementLevels'] = sys.argv[i+1].upper().split(',')
|
||||||
for level in device_policy['allowedDeviceManagementLevels']:
|
for level in device_policy['allowedDeviceManagementLevels']:
|
||||||
if level == 'ADVANCED':
|
if level == 'ADVANCED':
|
||||||
level == 'COMPLETE'
|
level = 'COMPLETE'
|
||||||
if level not in allowed_levels:
|
if level not in allowed_levels:
|
||||||
controlflow.system_error_exit(2, f'expected device management level of {", ".join(allowed_levels)} got {level}')
|
controlflow.system_error_exit(2, f'expected device management level of {", ".join(allowed_levels)} got {level}')
|
||||||
i += 2
|
i += 2
|
||||||
@@ -160,7 +159,7 @@ def build_condition(i, schemas):
|
|||||||
i += 1
|
i += 1
|
||||||
i, condition['devicePolicy'] = build_device_policy(i, schemas)
|
i, condition['devicePolicy'] = build_device_policy(i, schemas)
|
||||||
elif myarg == 'requiredaccesslevels':
|
elif myarg == 'requiredaccesslevels':
|
||||||
condition['requiredaccesslevels'] = sys.argv[i+1].split(',')
|
condition['requiredAccessLevels'] = sys.argv[i+1].split(',')
|
||||||
i += 2
|
i += 2
|
||||||
elif myarg == 'negate':
|
elif myarg == 'negate':
|
||||||
condition['negate'] = gam.getBoolean(sys.argv[i+1], myarg)
|
condition['negate'] = gam.getBoolean(sys.argv[i+1], myarg)
|
||||||
@@ -169,7 +168,7 @@ def build_condition(i, schemas):
|
|||||||
condition['members'] = sys.argv[i+1].split(',')
|
condition['members'] = sys.argv[i+1].split(',')
|
||||||
i += 2
|
i += 2
|
||||||
elif myarg == 'regions':
|
elif myarg == 'regions':
|
||||||
condition['regions'] = sys.argv[i+1].split(',')
|
condition['regions'] = sys.argv[i+1].upper().split(',')
|
||||||
i += 2
|
i += 2
|
||||||
elif myarg == 'endcondition':
|
elif myarg == 'endcondition':
|
||||||
i += 1
|
i += 1
|
||||||
@@ -199,6 +198,23 @@ def build_basic_level(i, schemas):
|
|||||||
return i, basic_level
|
return i, basic_level
|
||||||
|
|
||||||
|
|
||||||
|
def build_caa_level(i, caa, body):
|
||||||
|
while i < len(sys.argv):
|
||||||
|
myarg = sys.argv[i].lower().replace('_', '')
|
||||||
|
if myarg == 'basic':
|
||||||
|
schemas = caa._rootDesc['schemas']
|
||||||
|
i += 1
|
||||||
|
i, body['basic'] = build_basic_level(i, schemas)
|
||||||
|
elif myarg == 'custom':
|
||||||
|
body['custom'] = {'expr': {'expression': sys.argv[i+1], 'title': 'expr'}}
|
||||||
|
i += 2
|
||||||
|
elif myarg == 'description':
|
||||||
|
body['description'] = sys.argv[i+1]
|
||||||
|
i += 2
|
||||||
|
else:
|
||||||
|
controlflow.invalid_argument_exit(myarg, 'gam create/update caalevel')
|
||||||
|
|
||||||
|
|
||||||
def create_access_level():
|
def create_access_level():
|
||||||
caa = build()
|
caa = build()
|
||||||
ap_name = get_access_policy(caa)
|
ap_name = get_access_policy(caa)
|
||||||
@@ -210,18 +226,7 @@ def create_access_level():
|
|||||||
'name': name,
|
'name': name,
|
||||||
'title': title,
|
'title': title,
|
||||||
}
|
}
|
||||||
i = 4
|
build_caa_level(4, caa, body)
|
||||||
while i < len(sys.argv):
|
|
||||||
myarg = sys.argv[i].lower().replace('_', '')
|
|
||||||
if myarg == 'basic':
|
|
||||||
schemas = caa._rootDesc['schemas']
|
|
||||||
i += 1
|
|
||||||
i, body['basic'] = build_basic_level(i, schemas)
|
|
||||||
elif myarg == 'custom':
|
|
||||||
body['custom'] = {'expr': {'expression': sys.argv[i+1], 'title': 'expr'}}
|
|
||||||
i += 2
|
|
||||||
else:
|
|
||||||
controlflow.invalid_argument_exit(myarg, 'gam create caalevel')
|
|
||||||
print(f'Creating access level {name}...')
|
print(f'Creating access level {name}...')
|
||||||
try:
|
try:
|
||||||
gapi.call(caa.accessPolicies().accessLevels(),
|
gapi.call(caa.accessPolicies().accessLevels(),
|
||||||
@@ -232,25 +237,19 @@ def create_access_level():
|
|||||||
except googleapiclient.errors.HttpError:
|
except googleapiclient.errors.HttpError:
|
||||||
_gen_role_error(caa)
|
_gen_role_error(caa)
|
||||||
|
|
||||||
def update_access_level():
|
def get_access_level_name(i, caa):
|
||||||
caa = build()
|
name = sys.argv[i]
|
||||||
name = sys.argv[3]
|
|
||||||
if not name.startswith('accessPolicies/'):
|
if not name.startswith('accessPolicies/'):
|
||||||
ap_name = get_access_policy(caa)
|
ap_name = get_access_policy(caa)
|
||||||
name = f'{ap_name}/accessLevels/{name}'
|
name = f'{ap_name}/accessLevels/{name}'
|
||||||
|
return name
|
||||||
|
|
||||||
|
|
||||||
|
def update_access_level():
|
||||||
|
caa = build()
|
||||||
|
name = get_access_level_name(3, caa)
|
||||||
body = {}
|
body = {}
|
||||||
i = 4
|
build_caa_level(4, caa, body)
|
||||||
while i < len(sys.argv):
|
|
||||||
myarg = sys.argv[i].lower().replace('_', '')
|
|
||||||
if myarg == 'basic':
|
|
||||||
schemas = caa._rootDesc['schemas']
|
|
||||||
i += 1
|
|
||||||
i, body['basic'] = build_basic_level(i, schemas)
|
|
||||||
elif myarg == 'custom':
|
|
||||||
body['custom'] = {'expr': {'expression': sys.argv[i+1], 'title': 'expr'}}
|
|
||||||
i += 2
|
|
||||||
else:
|
|
||||||
controlflow.invalid_argument_exit(myarg, 'gam update caalevel')
|
|
||||||
updateMask = ','.join(body.keys())
|
updateMask = ','.join(body.keys())
|
||||||
print(f'Updating access level {name}...')
|
print(f'Updating access level {name}...')
|
||||||
try:
|
try:
|
||||||
@@ -265,10 +264,7 @@ def update_access_level():
|
|||||||
|
|
||||||
def delete_access_level():
|
def delete_access_level():
|
||||||
caa = build()
|
caa = build()
|
||||||
name = sys.argv[3]
|
name = get_access_level_name(3, caa)
|
||||||
if not name.startswith('accessPolicies/'):
|
|
||||||
ap_name = get_access_policy(caa)
|
|
||||||
name = f'{ap_name}/accessLevels/{name}'
|
|
||||||
print(f'Deleting access level {name}...')
|
print(f'Deleting access level {name}...')
|
||||||
try:
|
try:
|
||||||
gapi.call(caa.accessPolicies().accessLevels(),
|
gapi.call(caa.accessPolicies().accessLevels(),
|
||||||
|
|||||||
Reference in New Issue
Block a user