mirror of
https://github.com/GAM-team/GAM.git
synced 2026-06-20 22:21:37 +00:00
Compare commits
3 Commits
20241204.2
...
20241207.0
| Author | SHA1 | Date | |
|---|---|---|---|
|
d0b7ac80da | ||
|
320827b76e | ||
|
|
65c2a7f3b8 |
20
.github/workflows/get-cacerts.yml
vendored
20
.github/workflows/get-cacerts.yml
vendored
@@ -20,8 +20,24 @@ jobs:
|
||||
persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token
|
||||
fetch-depth: 0 # otherwise, you will failed to push refs to dest repo
|
||||
|
||||
- name: Check for updates
|
||||
run: curl -o ./cacerts.pem -vvvv https://pki.goog/roots.pem
|
||||
- name: Get Current cacerts.pem hash
|
||||
run: |
|
||||
export CURRENT_HASH=$(sha256sum ./cacerts.pem)
|
||||
echo "Current hash is: ${CURRENT_HASH}"
|
||||
echo "CURRENT_HASH=${CURRENT_HASH}" >> $GITHUB_ENV
|
||||
|
||||
- name: Get latest cacerts.pem file from Google
|
||||
run: |
|
||||
curl -o ./cacerts.pem -vvvv https://pki.goog/roots.pem
|
||||
|
||||
- name: Compare hashes
|
||||
run: |
|
||||
export NEW_HASH=$(sha256sum ./cacerts.pem)
|
||||
if [ "$NEW_HASH" == "$CURRENT_HASH" ]; then
|
||||
echo "Same file."
|
||||
else
|
||||
echo "New file content. Was ${CURRENT_HASH} and now is ${NEW_HASH}"
|
||||
fi
|
||||
|
||||
- name: Commit file
|
||||
run: |
|
||||
|
||||
@@ -377,7 +377,7 @@ If an item contains spaces, it should be surrounded by ".
|
||||
<ChatThread> ::= spaces/<String>/threads/<String>
|
||||
<GIGroupAlias> ::= <EmailAddress>
|
||||
<GIGroupItem> ::= <EmailAddress>|<UniqueID>|groups/<String>
|
||||
<CIGroupType> ::= customer|group|other|serviceaccount|user
|
||||
<CIGroupMemberType> ::= cbcmbrowser|chromeosdevice|customer|group|other|serviceaccount|user
|
||||
<CIPolicyName> ::= policies/<String>|settings/<String>|<String>
|
||||
<ClassificationLabelID> ::= <String>
|
||||
<ClassificationLabelFieldID> ::= <String>
|
||||
@@ -468,7 +468,7 @@ If an item contains spaces, it should be surrounded by ".
|
||||
<FloorName> ::= <String>
|
||||
<GroupItem> ::= <EmailAddress>|<UniqueID>|<String>
|
||||
<GroupRole> ::= owner|manager|member
|
||||
<GroupType> ::= customer|group|user
|
||||
<GroupMemberType> ::= customer|group|user
|
||||
<GuardianItem> ::= <EmailAddress>|<UniqueID>|<String>
|
||||
<GuardianInvitationID> ::= <String>
|
||||
<HoldItem> ::= <UniqueID>|<String>
|
||||
@@ -664,7 +664,7 @@ If an item contains spaces, it should be surrounded by ".
|
||||
<CalendarList> ::= "<CalendarItem>(,<CalendarItem>)*"
|
||||
<ChatSpaceList> ::= "<ChatSpace>(,<ChatSpace>)*"
|
||||
<CIGroupAliasList> ::= "<CIGroupAlias>(,<CIGroupAlias>)*"
|
||||
<CIGroupTypeList> ::= "<CIGroupType>(,<CIGroupType>)*"
|
||||
<CIGroupMemberTypeList> ::= "<CIGroupMemberType>(,<CIGroupMemberType>)*"
|
||||
<CIPolicyNameList> ::= "<CIPolicyName>(,<CIPolicyName>)*"
|
||||
<ClassroomInvitationIDList> ::= "<ClassroomInvitationID>(,<ClassroomInvitationID>)*"
|
||||
<ContactGroupList> ::= "<ContactGroupItem>(,<ContactGroupItem>)*"
|
||||
@@ -707,7 +707,7 @@ If an item contains spaces, it should be surrounded by ".
|
||||
<GuardianInvitationIDList> ::= "<GuardianInvitationID>(,<GuardianInvitationID>)*"
|
||||
<GroupList> ::= "<GroupItem>(,<GroupItem>)*"
|
||||
<GroupRoleList> ::= "<GroupRole>(,<GroupRole>)*"
|
||||
<GroupTypeList> ::= "<GroupType>(,<GroupType>)*"
|
||||
<GroupMemberTypeList> ::= "<GroupMemberType>(,<GroupMemberType>)*"
|
||||
<LabelIDList> ::= "<LabelID>(,<LabelID>)*"
|
||||
<LabelNameList> ::= "'<LabelName>'(,'<LabelName>')*"
|
||||
<LanguageList> ::= "<Language>(,<Language>)*"
|
||||
@@ -3829,8 +3829,9 @@ gam info group|groups <GroupEntity>
|
||||
[basic] <GroupFieldName>* [fields <GroupFieldNameList>] [nodeprecated]
|
||||
[ciallfields|(cifields <CIGroupFieldNameList>)]
|
||||
[members] [managers] [owners]
|
||||
[internal] [internaldomains <DomainNameList>] [external]
|
||||
[notsuspended|suspended] [notarchived|archived]
|
||||
[types <GroupTypeList>]
|
||||
[types <GroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
[formatjson]
|
||||
gam print groups [todrive <ToDriveAttribute>*]
|
||||
@@ -3845,9 +3846,10 @@ gam print groups [todrive <ToDriveAttribute>*]
|
||||
[nodeprecated]
|
||||
[roles <GroupRoleList>]
|
||||
[members|memberscount] [managers|managerscount] [owners|ownerscount] [totalcount] [countsonly]
|
||||
[internal] [internaldomains <DomainNameList>] [external]
|
||||
[includederivedmembership]
|
||||
[notsuspended|suspended] [notarchived|archived]
|
||||
[types <GroupTypeList>]
|
||||
[types <GroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
[convertcrnl] [delimiter <Character>] [sortheaders]
|
||||
[formatjson [quotechar <Character>]]
|
||||
@@ -3880,10 +3882,11 @@ gam print group-members [todrive <ToDriveAttribute>*]
|
||||
[descriptionmatchpattern [not] <RegularExpression>]
|
||||
[admincreatedmatch <Boolean>]
|
||||
[roles <GroupRoleList>] [members] [managers] [owners]
|
||||
[internal] [internaldomains <DomainNameList>] [external]
|
||||
[membernames] [showdeliverysettings]
|
||||
<MembersFieldName>* [fields <MembersFieldNameList>]
|
||||
[notsuspended|suspended] [notarchived|archived]
|
||||
[types <GroupTypeList>]
|
||||
[types <GroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
[userfields <UserFieldNameList>]
|
||||
[allschemas|(schemas|custom|customschemas <SchemaNameList>)]
|
||||
@@ -3891,7 +3894,7 @@ gam print group-members [todrive <ToDriveAttribute>*]
|
||||
[peoplelookup|(peoplelookupuser <EmailAddress>)]
|
||||
[unknownname <String>] [cachememberinfo [Boolean]]
|
||||
[formatjson [quotechar <Character>]]
|
||||
gam show group-members
|
||||
`gam show group-members
|
||||
[([domain|domains <DomainNameEntity>] ([member|showownedby <EmailItem>]|[(query <QueryGroup>)|(queries <QueryGroupList>)]))|
|
||||
(group|group_ns|group_susp <GroupItem>)|
|
||||
(select <GroupEntity>)]
|
||||
@@ -3899,8 +3902,9 @@ gam show group-members
|
||||
[descriptionmatchpattern [not] <RegularExpression>]
|
||||
[admincreatedmatch <Boolean>]
|
||||
[roles <GroupRoleList>] [members] [managers] [owners] [depth <Number>]
|
||||
[internal] [internaldomains <DomainNameList>] [external]
|
||||
[notsuspended|suspended] [notarchived|archived]
|
||||
[types <GroupTypeList>]
|
||||
[types <GroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
[includederivedmembership]
|
||||
|
||||
@@ -3958,7 +3962,8 @@ gam info cigroups <GroupEntity>
|
||||
[nosecurity|nosecuritysettings]
|
||||
[allfields|<CIGroupFieldName>*|(fields <CIGroupFieldNameList>)]
|
||||
[roles <GroupRoleList>] [members] [managers] [owners]
|
||||
[types <CIGroupTypeList>]
|
||||
[internal] [internaldomains <DomainNameList>] [external]
|
||||
[types <CIGroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
[formatjson]
|
||||
gam print cigroups [todrive <ToDriveAttribute>*]
|
||||
@@ -3969,7 +3974,8 @@ gam print cigroups [todrive <ToDriveAttribute>*]
|
||||
[basic|allfields|(<CIGroupFieldName>* [fields <CIGroupFieldNameList>])]
|
||||
[roles <GroupRoleList>] [memberrestrictions]
|
||||
[members|memberscount] [managers|managerscount] [owners|ownerscount] [totalcount] [countsonly]
|
||||
[types <CIGroupTypeList>]
|
||||
[internal] [internaldomains <DomainNameList>] [external]
|
||||
[types <CIGroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
[convertcrnl] [delimiter <Character>]
|
||||
[formatjson [quotechar <Character>]]
|
||||
@@ -3994,7 +4000,7 @@ gam print cigroup-members [todrive <ToDriveAttribute>*]
|
||||
[emailmatchpattern [not] <RegularExpression>] [namematchpattern [not] <RegularExpression>]
|
||||
[descriptionmatchpattern [not] <RegularExpression>]
|
||||
[roles <GroupRoleList>] [members] [managers] [owners]
|
||||
[types <CIGroupTypeList>]
|
||||
[types <CIGroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
<CIGroupMembersFieldName>* [fields <CIGroupMembersFieldNameList>]
|
||||
[(recursive [noduplicates])includederivedmembership] [nogroupeemail]
|
||||
@@ -4005,7 +4011,7 @@ gam show cigroup-members
|
||||
[emailmatchpattern [not] <RegularExpression>] [namematchpattern [not] <RegularExpression>]
|
||||
[descriptionmatchpattern [not] <RegularExpression>]
|
||||
[roles <GroupRoleList>] [members] [managers] [owners] [depth <Number>]
|
||||
[types <CIGroupTypeList>]
|
||||
[types <CIGroupMemberTypeList>]
|
||||
[memberemaildisplaypattern|memberemailskippattern <RegularExpression>]
|
||||
|
||||
# Cloud Identity Devices
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
7.02.00
|
||||
|
||||
Improved the error message displayed for user service account access commands when:
|
||||
* The API is not enabled
|
||||
* The user does not exist
|
||||
* The user exists but is in a OU where the service is disabled
|
||||
|
||||
7.01.04
|
||||
|
||||
Admin role assignments are now in the v1 stable API, use that and remove custom local workaround for the beta. #1724
|
||||
@@ -22,13 +29,13 @@ By default, when listing group members, GAM does not take the domain of the memb
|
||||
* `internal external internaldomains <DomainNameList>` - Display all members, indicate their category: internal or external
|
||||
* `internaldomains <DomainNameList>` - Defaults to value of `domain` in `gam.cfg`
|
||||
|
||||
Members without an email address, e.g. `customer`, `chrome-os-device` and `cbcm-browser` are considered internal.
|
||||
Members without an email address, e.g. `customer`, `chromeosdevice` and `cbcmbrowser` are considered internal.
|
||||
|
||||
Updated to Python 3.13.1.
|
||||
|
||||
7.01.03
|
||||
|
||||
Fixed bug in `gam update cigroups <GroupEntity> delete|sync|update` where `cbcm-browser` and `chrome-os_device`
|
||||
Fixed bug in `gam update cigroups <GroupEntity> delete|sync|update` where `cbcmbrowser` and `chromeosdevice`
|
||||
addresses were not properly handled.
|
||||
|
||||
7.01.02
|
||||
|
||||
1115
src/gam/__init__.py
1115
src/gam/__init__.py
File diff suppressed because it is too large
Load Diff
@@ -116,7 +116,6 @@ LABEL_MUTATION_ILLEGAL_SELECTION = 'labelMutationIllegalSelection'
|
||||
LABEL_MUTATION_UNKNOWN_FIELD = 'labelMutationUnknownField'
|
||||
LIMIT_EXCEEDED = 'limitExceeded'
|
||||
LOGIN_REQUIRED = 'loginRequired'
|
||||
MAIL_SERVICE_NOT_ENABLED = 'mailServiceNotEnabled'
|
||||
MALFORMED_WORKING_LOCATION_EVENT = 'malformedWorkingLocationEvent'
|
||||
MEMBER_NOT_FOUND = 'memberNotFound'
|
||||
MYDRIVE_HIERARCHY_DEPTH_LIMIT_EXCEEDED = 'myDriveHierarchyDepthLimitExceeded'
|
||||
@@ -185,7 +184,7 @@ DEFAULT_RETRY_REASONS = [QUOTA_EXCEEDED, RATE_LIMIT_EXCEEDED, SHARING_RATE_LIMIT
|
||||
BACKEND_ERROR, BAD_GATEWAY, GATEWAY_TIMEOUT, INTERNAL_ERROR, TRANSIENT_ERROR]
|
||||
SERVICE_NOT_AVAILABLE_RETRY_REASONS = [SERVICE_NOT_AVAILABLE]
|
||||
ACTIVITY_THROW_REASONS = [SERVICE_NOT_AVAILABLE, BAD_REQUEST]
|
||||
ALERT_THROW_REASONS = [SERVICE_NOT_AVAILABLE, AUTH_ERROR]
|
||||
ALERT_THROW_REASONS = [SERVICE_NOT_AVAILABLE, AUTH_ERROR, PERMISSION_DENIED]
|
||||
CALENDAR_THROW_REASONS = [SERVICE_NOT_AVAILABLE, AUTH_ERROR, NOT_A_CALENDAR_USER]
|
||||
CIGROUP_CREATE_THROW_REASONS = [SERVICE_NOT_AVAILABLE, ALREADY_EXISTS, DOMAIN_NOT_FOUND, DOMAIN_CANNOT_USE_APIS, FORBIDDEN, INVALID, INVALID_ARGUMENT, PERMISSION_DENIED, FAILED_PRECONDITION]
|
||||
CIGROUP_GET_THROW_REASONS = [SERVICE_NOT_AVAILABLE, NOT_FOUND, GROUP_NOT_FOUND, DOMAIN_NOT_FOUND, DOMAIN_CANNOT_USE_APIS, FORBIDDEN, BAD_REQUEST, INVALID, SYSTEM_ERROR, PERMISSION_DENIED]
|
||||
@@ -256,9 +255,9 @@ DRIVE3_MODIFY_LABEL_THROW_REASONS = DRIVE_USER_THROW_REASONS+[FILE_NOT_FOUND, NO
|
||||
LABEL_MUTATION_ILLEGAL_SELECTION, LABEL_MUTATION_UNKNOWN_FIELD]
|
||||
DOCS_ACCESS_THROW_REASONS = DRIVE_USER_THROW_REASONS+[NOT_FOUND, PERMISSION_DENIED, FORBIDDEN, INTERNAL_ERROR, INSUFFICIENT_FILE_PERMISSIONS,
|
||||
BAD_REQUEST, INVALID, INVALID_ARGUMENT, FAILED_PRECONDITION]
|
||||
GMAIL_THROW_REASONS = [MAIL_SERVICE_NOT_ENABLED, BAD_REQUEST]
|
||||
GMAIL_THROW_REASONS = [SERVICE_NOT_AVAILABLE, BAD_REQUEST]
|
||||
GMAIL_LIST_THROW_REASONS = [FAILED_PRECONDITION, PERMISSION_DENIED, INVALID, INVALID_ARGUMENT]
|
||||
GMAIL_SMIME_THROW_REASONS = [MAIL_SERVICE_NOT_ENABLED, BAD_REQUEST, INVALID_ARGUMENT, FORBIDDEN, NOT_FOUND, PERMISSION_DENIED]
|
||||
GMAIL_SMIME_THROW_REASONS = [SERVICE_NOT_AVAILABLE, BAD_REQUEST, INVALID_ARGUMENT, FORBIDDEN, NOT_FOUND, PERMISSION_DENIED]
|
||||
GROUP_GET_THROW_REASONS = [GROUP_NOT_FOUND, DOMAIN_NOT_FOUND, DOMAIN_CANNOT_USE_APIS, FORBIDDEN, BAD_REQUEST, INVALID, SYSTEM_ERROR]
|
||||
GROUP_GET_RETRY_REASONS = [INVALID, SYSTEM_ERROR, SERVICE_NOT_AVAILABLE]
|
||||
GROUP_CREATE_THROW_REASONS = [DUPLICATE, DOMAIN_NOT_FOUND, DOMAIN_CANNOT_USE_APIS, FORBIDDEN, INVALID, INVALID_INPUT]
|
||||
@@ -294,7 +293,7 @@ REASON_MESSAGE_MAP = {
|
||||
],
|
||||
FAILED_PRECONDITION: [
|
||||
('Bad Request', BAD_REQUEST),
|
||||
('Mail service not enabled', MAIL_SERVICE_NOT_ENABLED),
|
||||
('Mail service not enabled', SERVICE_NOT_AVAILABLE),
|
||||
],
|
||||
INVALID: [
|
||||
('userId', USER_NOT_FOUND),
|
||||
@@ -537,8 +536,6 @@ class limitExceeded(Exception):
|
||||
pass
|
||||
class loginRequired(Exception):
|
||||
pass
|
||||
class mailServiceNotEnabled(Exception):
|
||||
pass
|
||||
class malformedWorkingLocationEvent(Exception):
|
||||
pass
|
||||
class memberNotFound(Exception):
|
||||
@@ -756,7 +753,6 @@ REASON_EXCEPTION_MAP = {
|
||||
LABEL_MUTATION_UNKNOWN_FIELD: labelMutationUnknownField,
|
||||
LIMIT_EXCEEDED: limitExceeded,
|
||||
LOGIN_REQUIRED: loginRequired,
|
||||
MAIL_SERVICE_NOT_ENABLED: mailServiceNotEnabled,
|
||||
MALFORMED_WORKING_LOCATION_EVENT: malformedWorkingLocationEvent,
|
||||
MEMBER_NOT_FOUND: memberNotFound,
|
||||
NO_LIST_TEAMDRIVES_ADMINISTRATOR_PRIVILEGE: noListTeamDrivesAdministratorPrivilege,
|
||||
|
||||
@@ -162,7 +162,7 @@ ALREADY_EXISTS_USE_MERGE_ARGUMENT = 'Already exists; use the "merge" argument to
|
||||
API_ACCESS_DENIED = 'API access Denied'
|
||||
API_CALLS_RETRY_DATA = 'API calls retry data\n'
|
||||
API_CHECK_CLIENT_AUTHORIZATION = 'Please make sure the Client ID: {0} is authorized for the appropriate API or scopes:\n{1}\n\nRun: gam oauth create\n'
|
||||
API_CHECK_SVCACCT_AUTHORIZATION = 'Please make sure the Service Account Client name: {0} is authorized for the appropriate API or scopes:\n{1}\n\nRun: gam user {2} update serviceaccount\n'
|
||||
API_CHECK_SVCACCT_AUTHORIZATION = 'Please make sure the Service Account Client ID: {0} is authorized for the appropriate API or scopes:\n{1}\n\nRun: gam user {2} update serviceaccount\n'
|
||||
API_ERROR_SETTINGS = 'API error, some settings not set'
|
||||
ARE_BOTH_REQUIRED = 'Arguments {0} and {1} are both required'
|
||||
ARE_MUTUALLY_EXCLUSIVE = 'Arguments {0} and {1} are mutually exclusive'
|
||||
|
||||
Reference in New Issue
Block a user