Updated authentication process for gam print|show projects.
Some checks failed
Build and test GAM / build (Win64, build, 8, VC-WIN64A, windows-2022) (push) Has been cancelled
Build and test GAM / build (aarch64, build, 3, linux-aarch64, [self-hosted linux arm64]) (push) Has been cancelled
Build and test GAM / build (aarch64, build, 5, linux-aarch64, [self-hosted linux arm64], yes) (push) Has been cancelled
Build and test GAM / build (aarch64, build, 7, darwin64-arm64, macos-14) (push) Has been cancelled
Build and test GAM / build (x86_64, build, 1, linux-x86_64, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (x86_64, build, 2, linux-x86_64, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (x86_64, build, 4, linux-x86_64, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (x86_64, build, 6, darwin64-x86_64, macos-13) (push) Has been cancelled
Build and test GAM / build (x86_64, test, 10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (x86_64, test, 11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (x86_64, test, 12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (x86_64, test, 9, ubuntu-24.04, 3.9) (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Check for Google Root CA Updates / check-apis (push) Has been cancelled
Build and test GAM / merge (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled

This commit is contained in:
Ross Scroggs
2024-10-21 10:17:34 -07:00
parent ef14359d9b
commit d7e36bc5eb
5 changed files with 26 additions and 28 deletions

View File

@@ -10,6 +10,10 @@ Add the `-s` option to the end of the above commands to suppress creating the `g
See [Downloads-Installs-GAM7](https://github.com/GAM-team/GAM/wiki/Downloads-Installs) for Windows or other options, including manual installation
### 7.00.25
Updated authentication process for `gam print|show projects`.
### 7.00.24
Updated `gam print|show projects ... showiampolicies 0|1|3` to use non-service account authentication.

View File

@@ -251,7 +251,7 @@ writes the credentials into the file oauth2.txt.
admin@server:/Users/admin$ rm -f /Users/admin/GAMConfig/oauth2.txt
admin@server:/Users/admin$ gam version
WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.25 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -923,7 +923,7 @@ writes the credentials into the file oauth2.txt.
C:\>del C:\GAMConfig\oauth2.txt
C:\>gam version
WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found
GAM7 7.00.24 - https://github.com/GAM-team/GAM - pythonsource
GAM7 7.00.25 - https://github.com/GAM-team/GAM - pythonsource
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
Windows-10-10.0.17134 AMD64

View File

@@ -3,7 +3,7 @@
Print the current version of Gam with details
```
gam version
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.25 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -15,7 +15,7 @@ Time: 2023-06-02T21:10:00-07:00
Print the current version of Gam with details and time offset information
```
gam version timeoffset
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.25 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -27,7 +27,7 @@ Your system time differs from www.googleapis.com by less than 1 second
Print the current version of Gam with extended details and SSL information
```
gam version extended
GAM 7.00.24 - https://github.com/GAM-team/GAM - pyinstaller
GAM 7.00.25 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64
@@ -64,7 +64,7 @@ MacOS High Sierra 10.13.6 x86_64
Path: /Users/Admin/bin/gam7
Version Check:
Current: 5.35.08
Latest: 7.00.24
Latest: 7.00.25
echo $?
1
```
@@ -72,7 +72,7 @@ echo $?
Print the current version number without details
```
gam version simple
7.00.24
7.00.25
```
In Linux/MacOS you can do:
```
@@ -82,7 +82,7 @@ echo $VER
Print the current version of Gam and address of this Wiki
```
gam help
GAM 7.00.24 - https://github.com/GAM-team/GAM
GAM 7.00.25 - https://github.com/GAM-team/GAM
GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.0 64-bit final
MacOS Sonoma 14.5 x86_64

View File

@@ -25,7 +25,7 @@ https://github.com/GAM-team/GAM/wiki
"""
__author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
__version__ = '7.00.24'
__version__ = '7.00.25'
__license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
#pylint: disable=wrong-import-position
@@ -11381,7 +11381,7 @@ def _getProjects(crm, pfilter, returnNF=False):
query=pfilter)
if projects:
return projects
if not pfilter:
if (not pfilter) or pfilter == GAM_PROJECT_FILTER:
return []
if pfilter.startswith('id:'):
projects = [callGAPI(crm.projects(), 'get',
@@ -11389,11 +11389,13 @@ def _getProjects(crm, pfilter, returnNF=False):
name=f'projects/{pfilter[3:]}')]
if projects or not returnNF:
return projects
return [{'projectId': pfilter[3:], 'state': 'NF'}]
return []
except (GAPI.badRequest, GAPI.invalidArgument) as e:
entityActionFailedExit([Ent.PROJECT, pfilter], str(e))
except GAPI.permissionDenied:
if (not pfilter) or (not pfilter.startswith('id:')) or (not returnNF):
return []
return [{'projectId': pfilter[3:], 'state': 'NF'}]
def _checkProjectFound(project, i, count):
if project.get('state', '') != 'NF':
@@ -11561,6 +11563,8 @@ def _getLoginHintProjects(createSvcAcctCmd=False, deleteSvcAcctCmd=False, printS
if login_hint and login_hint.find('@') == -1:
Cmd.Backup()
login_hint = None
if readOnly and login_hint and login_hint != _getAdminEmail():
readOnly = False
projectIds = None
pfilter = getString(Cmd.OB_STRING, optional=True)
if not pfilter:
@@ -11602,12 +11606,6 @@ def _getLoginHintProjects(createSvcAcctCmd=False, deleteSvcAcctCmd=False, printS
login_hint = _getValidateLoginHint(login_hint, projectId)
crm = None
if readOnly:
_getSvcAcctData()
if (GM.Globals[GM.SVCACCT_SCOPES_DEFINED] and
(API.CLOUDRESOURCEMANAGER in GM.Globals[GM.SVCACCT_SCOPES] or
API.CLOUDRESOURCEMANAGER_V1 in GM.Globals[GM.SVCACCT_SCOPES])): #Backwards compatibility hack
# Removed 6.21.05
# _, crm = buildGAPIServiceObject(API.CLOUDRESOURCEMANAGER, login_hint)
_, crm = buildGAPIServiceObject(API.CLOUDRESOURCEMANAGER, None)
if crm:
httpObj = crm._http
@@ -11620,7 +11618,7 @@ def _getLoginHintProjects(createSvcAcctCmd=False, deleteSvcAcctCmd=False, printS
else:
projects = _getProjects(crm, f'id:{projectId}', returnNF=True)
else:
projects = _getProjects(crm, pfilter)
projects = _getProjects(crm, pfilter, returnNF=printShowCmd)
else:
projects = []
for projectId in projectIds:

View File

@@ -695,10 +695,6 @@ _SVCACCT_SCOPES = [
]
_SVCACCT_SPECIAL_SCOPES = [
{'name': 'Cloud Resource Manager API v3',
'api': CLOUDRESOURCEMANAGER,
'subscopes': [],
'scope': CLOUD_PLATFORM_SCOPE},
{'name': 'Drive API - todrive',
'api': DRIVETD,
'subscopes': [],