Added column|field assignedToUnknown to gam print|show admins

ERROR: 404: notFound - Requested entity was not found.

docs/GamUpdates.md

@@ -10,6 +10,28 @@ Add the `-s` option to the end of the above commands to suppress creating the `g
 
 See [Downloads-Installs](https://github.com/taers232c/GAMADV-XTD3/wiki/Downloads-Installs) for Windows or other options, including manual installation
 
+### 6.79.03
+
+Added column|field `assignedToUnknown` to `gam print|show admins` that will be True when
+the API `assignedTo` value can not be converted to an email address; it will be False when
+the email address is determinable.
+
+### 6.79.02
+
+Updated `gam print admins` to handle the following error that occurs when a service account admin no longer exists.
+```
+ERROR: 404: notFound - Requested entity was not found.
+```
+
+### 6.79.01
+
+Updated commands that take `<RoleItem>` as an argument to take the value in any case,
+e.g., _SEED_ADMIN_ROLE or _seed_admin_role.
+
+### 6.79.00
+
+Updated code to work around a Cryptography library change that caused service account private key creation to fail.
+
 ### 6.78.00
 
 Added command to check if an OU contains items; this is useful when tryng to delete an OU

docs/How-to-Upgrade-from-Standard-GAM.md

@@ -251,7 +251,7 @@ writes the credentials into the file oauth2.txt.
 admin@server:/Users/admin$ rm -f /Users/admin/GAMConfig/oauth2.txt
 admin@server:/Users/admin$ gam version
 WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found
-GAMADV-XTD3 6.78.00 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
+GAMADV-XTD3 6.79.03 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
 Ross Scroggs <ross.scroggs@gmail.com>
 Python 3.12.4 64-bit final
 MacOS Sonoma 14.5 x86_64
@@ -923,7 +923,7 @@ writes the credentials into the file oauth2.txt.
 C:\>del C:\GAMConfig\oauth2.txt
 C:\>gam version
 WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found
-GAMADV-XTD3 6.78.00 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
+GAMADV-XTD3 6.79.03 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
 Ross Scroggs <ross.scroggs@gmail.com>
 Python 3.12.4 64-bit final
 Windows-10-10.0.17134 AMD64

docs/Version-and-Help.md

@@ -3,7 +3,7 @@
 Print the current version of Gam with details
 ```
 gam version
-GAMADV-XTD3 6.78.00 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
+GAMADV-XTD3 6.79.03 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
 Ross Scroggs <ross.scroggs@gmail.com>
 Python 3.12.4 64-bit final
 MacOS Sonoma 14.5 x86_64
@@ -15,7 +15,7 @@ Time: 2023-06-02T21:10:00-07:00
 Print the current version of Gam with details and time offset information
 ```
 gam version timeoffset
-GAMADV-XTD3 6.78.00 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
+GAMADV-XTD3 6.79.03 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
 Ross Scroggs <ross.scroggs@gmail.com>
 Python 3.12.4 64-bit final
 MacOS Sonoma 14.5 x86_64
@@ -27,7 +27,7 @@ Your system time differs from www.googleapis.com by less than 1 second
 Print the current version of Gam with extended details and SSL information
 ```
 gam version extended
-GAMADV-XTD3 6.78.00 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
+GAMADV-XTD3 6.79.03 - https://github.com/taers232c/GAMADV-XTD3 - pythonsource
 Ross Scroggs <ross.scroggs@gmail.com>
 Python 3.12.4 64-bit final
 MacOS Sonoma 14.5 x86_64
@@ -64,7 +64,7 @@ MacOS High Sierra 10.13.6 x86_64
 Path: /Users/Admin/bin/gamadv-xtd3
 Version Check:
   Current: 5.35.08
-   Latest: 6.78.00
+   Latest: 6.79.03
 echo $?
 1
 ```
@@ -72,7 +72,7 @@ echo $?
 Print the current version number without details
 ```
 gam version simple
-6.78.00
+6.79.03
 ```
 In Linux/MacOS you can do:
 ```
@@ -82,7 +82,7 @@ echo $VER
 Print the current version of Gam and address of this Wiki
 ```
 gam help
-GAM 6.78.00 - https://github.com/taers232c/GAMADV-XTD3
+GAM 6.79.03 - https://github.com/taers232c/GAMADV-XTD3
 Ross Scroggs <ross.scroggs@gmail.com>
 Python 3.12.4 64-bit final
 MacOS Sonoma 14.5 x86_64

src/GamUpdate.txt

@@ -2,6 +2,28 @@
 
 Merged GAM-Team version
 
+6.79.03
+
+Added column|field `assignedToUnknown` to `gam print|show admins` that will be True when
+the API `assignedTo` value can not be converted to an email address; it will be False when
+the email address is determinable.
+
+6.79.02
+
+Updated `gam print admins` to handle the following error that occurs when a service account admin no longer exists.
+```
+ERROR: 404: notFound - Requested entity was not found.
+```
+
+6.79.01
+
+Updated commands that take `<RoleItem>` as an argument to take the value in any case,
+e.g., _SEED_ADMIN_ROLE or _seed_admin_role.
+
+6.79.00
+
+Updated code to work around a Cryptography library change that caused service account private key creation to fail.
+
 6.78.00
 
 Added command to check if an OU contains items; this is useful when tryng to delete an OU

src/gam/__init__.py

@@ -5628,9 +5628,9 @@ def getServiceAccountEmailFromID(account_id, sal=None):
     sal = buildGAPIObject(API.SERVICEACCOUNTLOOKUP)
   try:
     certs = callGAPI(sal.serviceaccounts(), 'lookup',
-                     throwReasons = [GAPI.BAD_REQUEST, GAPI.RESOURCE_NOT_FOUND,  GAPI.INVALID_ARGUMENT],
+                     throwReasons = [GAPI.BAD_REQUEST, GAPI.NOT_FOUND, GAPI.RESOURCE_NOT_FOUND,  GAPI.INVALID_ARGUMENT],
                      account=account_id)
-  except (GAPI.badRequest, GAPI.resourceNotFound, GAPI.invalidArgument):
+  except (GAPI.badRequest, GAPI.notFound, GAPI.resourceNotFound, GAPI.invalidArgument):
     return None
   sa_cn_rx = r'CN=(.+)\.(.+)\.iam\.gservice.*'
   sa_emails = []
@@ -12348,8 +12348,8 @@ def _generatePrivateKeyAndPublicCert(projectId, clientEmail, name, key_size, b64
     writeStdout(Msg.EXTRACTING_PUBLIC_CERTIFICATE+'\n')
   public_key = private_key.public_key()
   builder = x509.CertificateBuilder()
-  builder = builder.subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, name)]))
-  builder = builder.issuer_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, name)]))
+  builder = builder.subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, name, _validate=False)]))
+  builder = builder.issuer_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, name, _validate=False)]))
   # Gooogle seems to enforce the not before date strictly. Set the not before
   # date to be UTC two minutes ago which should cover any clock skew.
   now = datetime.datetime.utcnow()
@@ -16210,7 +16210,7 @@ def makeRoleIdNameMap():
     accessErrorExit(cd)
   for role in result:
     GM.Globals[GM.MAP_ROLE_ID_TO_NAME][role['roleId']] = role['roleName']
-    GM.Globals[GM.MAP_ROLE_NAME_TO_ID][role['roleName']] = role['roleId']
+    GM.Globals[GM.MAP_ROLE_NAME_TO_ID][role['roleName'].lower()] = role['roleId']
 
 def role_from_roleid(roleid):
   if GM.Globals[GM.MAKE_ROLE_ID_NAME_MAP]:
@@ -16220,7 +16220,7 @@ def role_from_roleid(roleid):
 def roleid_from_role(role):
   if GM.Globals[GM.MAKE_ROLE_ID_NAME_MAP]:
     makeRoleIdNameMap()
-  return GM.Globals[GM.MAP_ROLE_NAME_TO_ID].get(role, None)
+  return GM.Globals[GM.MAP_ROLE_NAME_TO_ID].get(role.lower(), None)
 
 def getRoleId():
   role = getString(Cmd.OB_ROLE_ITEM)
@@ -16344,7 +16344,7 @@ def _showAdminRole(role, i=0, count=0):
 def doInfoAdminRole():
   cd = buildGAPIObject(API.DIRECTORY)
   fieldsList = PRINT_ADMIN_ROLES_FIELDS[:]
-  role, roleId = getRoleId()
+  _, roleId = getRoleId()
   while Cmd.ArgumentsRemaining():
     myarg = getArgument()
     if myarg == 'privileges':
@@ -16506,7 +16506,7 @@ ASSIGNEE_EMAILTYPE_TOFIELD_MAP = {
   }
 PRINT_ADMIN_FIELDS = ['roleAssignmentId', 'roleId', 'assignedTo', 'scopeType', 'orgUnitId']
 PRINT_ADMIN_TITLES = ['roleAssignmentId', 'roleId', 'role',
-                      'assignedTo', 'assignedToUser', 'assignedToGroup', 'assignedToServiceAccount',
+                      'assignedTo', 'assignedToUser', 'assignedToGroup', 'assignedToServiceAccount', 'assignedToUnknown',
                       'scopeType', 'orgUnitId', 'orgUnit']
 
 # gam print admins [todrive <ToDriveAttribute>*]
@@ -16536,6 +16536,7 @@ def doPrintShowAdmins():
   def _setNamesFromIds(admin, privileges):
     admin['role'] = role_from_roleid(admin['roleId'])
     assignedTo = admin['assignedTo']
+    admin['assignedToUnknown'] = False
     if assignedTo not in assignedToIdEmailMap:
       assigneeType = admin.get('assigneeType')
       assignedToField = ASSIGNEE_EMAILTYPE_TOFIELD_MAP.get(assigneeType, None)
@@ -16545,10 +16546,11 @@ def doPrintShowAdmins():
                                                                      emailTypes=list(ASSIGNEE_EMAILTYPE_TOFIELD_MAP.keys()))
       if not assignedToField and assigneeType in ASSIGNEE_EMAILTYPE_TOFIELD_MAP:
         assignedToField = ASSIGNEE_EMAILTYPE_TOFIELD_MAP[assigneeType]
+      if assigneeType == 'unknown':
+        assignedToField = 'assignedToUnknown'
+        assigneeEmail = True
       assignedToIdEmailMap[assignedTo] = {'assignedToField': assignedToField, 'assigneeEmail': assigneeEmail}
-    assignedToField = assignedToIdEmailMap[assignedTo]['assignedToField']
-    if assignedToField:
-      admin[assignedToField] = assignedToIdEmailMap[assignedTo]['assigneeEmail']
+    admin[assignedToIdEmailMap[assignedTo]['assignedToField']] = assignedToIdEmailMap[assignedTo]['assigneeEmail']
     if privileges is not None:
       admin.update(privileges)
     if 'orgUnitId' in admin: