just use static recovery phone

* Fix group settings

Clean up md5MatchesFile

* Simplify doGetCustomerInfo

Avoid trap when doPrintDomains returned a domain creationTime with no fraction.
Traceback (most recent call last):
  File "gam.py", line 14761, in <module>
  File "gam.py", line 14159, in ProcessGAMCommand
  File "gam.py", line 2053, in doGetDomainInfo
  File "gam.py", line 2088, in doGetCustomerInfo
  File "_strptime.py", line 577, in _strptime_datetime
  File "_strptime.py", line 359, in _strptime
ValueError: time data '2019-04-23 16:14:56' does not match format '%Y-%m-%d %H:%
M:%S.%f'

lansa.co.uk,True,2019-04-23 16:14:13.041000,secondary,
lansa.com.au,True,2019-04-23 16:14:56,secondary

.travis.yml

@@ -70,7 +70,7 @@ matrix:
         - PLATFORM=x86_64
         - VMTYPE=build
     - os: linux
-      name: "Linux 64-bit Xenial - Python 3.5 Source Testing"
+      name: "Linux 64-bit - Python 3.5 Source Testing"
       dist: xenial
       language: python
       python:
@@ -80,8 +80,8 @@ matrix:
         - PLATFORM=x86_64
         - VMTYPE=test
     - os: linux
-      name: "Linux 64-bit Xenial - Python 3.6 Source Testing"
-      dist: xenial
+      name: "Linux 64-bit - Python 3.6 Source Testing"
+      dist: bionic
       language: python
       python:
         - "3.6"
@@ -90,8 +90,8 @@ matrix:
         - PLATFORM=x86_64
         - VMTYPE=test
     - os: linux
-      name: "Linux 64-bit Xenial - Python 3.8-dev Source Testing"
-      dist: xenial
+      name: "Linux 64-bit - Python 3.8-dev Source Testing"
+      dist: bionic
       language: python
       python:
         - "3.8-dev"
@@ -100,8 +100,8 @@ matrix:
         - PLATFORM=x86_64
         - VMTYPE=test
     - os: linux
-      name: "Linux 64-bit Xenial - Python nightly Source Testing"
-      dist: xenial
+      name: "Linux 64-bit - Python nightly Source Testing"
+      dist: bionic
       language: python
       python:
         - "nightly"
@@ -170,13 +170,14 @@ script:
   for i in {01..20};
     do echo $newbase-bulkuser-$i >> sample.csv;
   done; fi
-- if [ "$e2e" = true ]; then $gam create user $newuser firstname Travis lastname $jid password random travis.jid $jid; fi
+- if [ "$e2e" = true ]; then $gam create user $newuser firstname Travis lastname $jid password random recoveryphone 12125121110 recoveryemail jay0lee@gmail.com travis.jid $jid; fi
 - if [ "$e2e" = true ]; then $gam user $gam_user sendemail recipient $newuser subject "test message $newbase" message "Travis test message"; fi
 - if [ "$e2e" = true ]; then $gam create group $newgroup name "Travis $jid group" description "This is a description" isarchived true; fi
 - if [ "$e2e" = true ]; then $gam user $newuser add license gsuitebusiness; fi
 - if [ "$e2e" = true ]; then $gam update group $newgroup add owner $gam_user; fi
 - if [ "$e2e" = true ]; then $gam update group $newgroup add member $newuser; fi
 - if [ "$e2e" = true ]; then $gam csv sample.csv gam create user ~~email~~ firstname "Travis Bulk" lastname ~~email~~ travis.jid $jid; fi
+- if [ "$e2e" = true ]; then $gam csv sample.csv gam update user ~~email~~ recoveryphone 12125121110 recoveryemail jay0lee@gmail.com; fi
 - if [ "$e2e" = true ]; then $gam csv sample.csv gam user ~email add license gsuitebusiness; fi
 - if [ "$e2e" = true ]; then $gam csv sample.csv gam user $gam_user sendemail recipient ~~email~~@pdl.jaylee.us subject "test message $newbase" message "Travis test message"; fi
 - if [ "$e2e" = true ]; then $gam csv sample.csv gam update group $newgroup add member ~email; fi
@@ -227,6 +228,8 @@ script:
 - if [ "$e2e" = true ]; then $gam user $gam_user show tokens; fi
 - if [ "$e2e" = true ]; then $gam delete user $newuser; fi
 - if [ "$e2e" = true ]; then $gam print users query "travis.jid=$jid" | $gam csv - gam delete user ~primaryEmail; fi
+- if [ "$e2e" = true ]; then $gam print mobile; fi
+- if [ "$e2e" = true ]; then $gam print cros allfields nolists; fi
 
 before_deploy:
 - export TRAVIS_TAG="preview"

src/GamCommands.txt

@@ -874,7 +874,7 @@ gam info resoldsubscriptions <CustomerID> [customer_auth_token <String>]
 <ReportsAppList> ::= "<ReportsApp>(,<ReportsApp>)*"
 
 gam report users|user [todrive] [date <Date>] [fulldatarequired all|<ReportsAppList>]
-	[(user all|<UserItem>)|(orgunit|org|ou <OrgUnitPath>)] [filter|filters <String>] [fields|parameters <String>]
+	[(user <UserItem>)|(orgunit|org|ou <OrgUnitPath>)] [filter|filters <String>] [fields|parameters <String>]
 gam report customers|customer|domain [todrive] [date <Date>] [fulldatarequired all|<ReportsAppList>]
 	[fields|parameters <String>]
 gam report admin|calendar|calendars|drive|docs|doc|groups|group|logins|login|mobile|tokens|token [todrive]

src/gam.py

@@ -669,13 +669,8 @@ def SetGlobalVariables():
   _getOldEnvVar(GC_CUSTOMER_ID, 'CUSTOMER_ID')
   _getOldEnvVar(GC_CHARSET, 'GAM_CHARSET')
   _getOldEnvVar(GC_NUM_THREADS, 'GAM_THREADS')
-  _getOldEnvVar(GC_ACTIVITY_MAX_RESULTS, 'GAM_ACTIVITY_MAX_RESULTS')
   _getOldEnvVar(GC_AUTO_BATCH_MIN, 'GAM_AUTOBATCH')
   _getOldEnvVar(GC_BATCH_SIZE, 'GAM_BATCH_SIZE')
-  _getOldEnvVar(GC_DEVICE_MAX_RESULTS, 'GAM_DEVICE_MAX_RESULTS')
-  _getOldEnvVar(GC_DRIVE_MAX_RESULTS, 'GAM_DRIVE_MAX_RESULTS')
-  _getOldEnvVar(GC_MEMBER_MAX_RESULTS, 'GAM_MEMBER_MAX_RESULTS')
-  _getOldEnvVar(GC_USER_MAX_RESULTS, 'GAM_USER_MAX_RESULTS')
   _getOldEnvVar(GC_CSV_HEADER_FILTER, 'GAM_CSV_HEADER_FILTER')
   _getOldEnvVar(GC_CSV_ROW_FILTER, 'GAM_CSV_ROW_FILTER')
   _getOldEnvVar(GC_TLS_MIN_VERSION, 'GAM_TLS_MIN_VERSION')
@@ -683,6 +678,7 @@ def SetGlobalVariables():
   _getOldEnvVar(GC_CA_FILE, 'GAM_CA_FILE')
   _getOldSignalFile(GC_DEBUG_LEVEL, 'debug.gam', filePresentValue=4, fileAbsentValue=0)
   _getOldSignalFile(GC_NO_BROWSER, 'nobrowser.txt')
+  _getOldSignalFile(GC_OAUTH_BROWSER, 'oauthbrowser.txt')
 #  _getOldSignalFile(GC_NO_CACHE, u'nocache.txt')
 #  _getOldSignalFile(GC_CACHE_DISCOVERY_ONLY, u'allcache.txt', filePresentValue=False, fileAbsentValue=True)
   _getOldSignalFile(GC_NO_CACHE, 'allcache.txt', filePresentValue=False, fileAbsentValue=True)
@@ -1082,6 +1078,22 @@ def callGAPI(service, function,
     except TypeError as e:
       systemErrorExit(4, str(e))
 
+def getPageSize(service, function, kwargs):
+  """Gets maximum maxResults value for API call. Uses value from discovery if
+     it exists, otherwise value from MAX_RESULTS_API_EXCEPTIONS, otherwise None"""
+
+  method = getattr(service, function)
+  api_id = method(**kwargs).methodId
+  for resource in service._rootDesc.get('resources', {}).values():
+    for a_method in resource.get('methods', {}).values():
+      if a_method.get('id')  == api_id:
+        if not a_method.get('parameters') or a_method['parameters'].get('pageSize') or not a_method['parameters'].get('maxResults'):
+          # make sure API call supports maxResults. For now we don't care to
+          # set pageSize since all known pageSize API calls have
+          # default pageSize == max pageSize
+          return
+        return {'maxResults': a_method['parameters']['maxResults'].get('maximum', MAX_RESULTS_API_EXCEPTIONS.get(api_id, None))}
+
 def callGAPIpages(service, function, items='items',
                   page_message=None, message_attribute=None,
                   soft_errors=False, throw_reasons=None, retry_reasons=None,
@@ -1124,6 +1136,10 @@ def callGAPIpages(service, function, items='items',
   Returns:
     A list of all items received from all paged responses.
   """
+  if 'maxResults' not in kwargs and 'pageSize' not in kwargs:
+    page_key = getPageSize(service, function, kwargs)
+    if page_key:
+      kwargs.update(page_key)
   all_items = []
   page_token = None
   total_items = 0
@@ -2082,13 +2098,14 @@ def doGetCustomerInfo():
   # If customer has changed primary domain customerCreationTime is date
   # of current primary being added, not customer create date.
   # We should also get all domains and use oldest date
-  domains = doPrintDomains(return_results=True)
   oldest = datetime.datetime.strptime(customer_info['customerCreationTime'], '%Y-%m-%dT%H:%M:%S.%fZ')
+  domains = callGAPIitems(cd.domains(), 'list', 'domains',
+                          customer=GC_Values[GC_CUSTOMER_ID], fields='domains(creationTime)')
   for domain in domains:
-    domain_creation = datetime.datetime.strptime(domain['creationTime'], '%Y-%m-%d %H:%M:%S.%f')
+    domain_creation = datetime.datetime.fromtimestamp(int(domain['creationTime'])/1000)
     if domain_creation < oldest:
       oldest = domain_creation
-  print('Customer Creation Time: %s' % oldest)
+  print('Customer Creation Time: %s' % oldest.strftime('%Y-%m-%dT%H:%M:%SZ'))
   print('Default Language: %s' % customer_info.get('language', 'Unset (defaults to en)'))
   if 'postalAddress' in customer_info:
     print('Address:')
@@ -2167,7 +2184,7 @@ def doDelDomainAlias():
   domainAliasName = sys.argv[3]
   callGAPI(cd.domainAliases(), 'delete', customer=GC_Values[GC_CUSTOMER_ID], domainAliasName=domainAliasName)
 
-def doPrintDomains(return_results=False):
+def doPrintDomains():
   cd = buildGAPIObject('directory')
   todrive = False
   titles = ['domainName',]
@@ -2208,8 +2225,6 @@ def doPrintDomains(return_results=False):
             titles.append(attr)
           aliasdomain_attributes[attr] = aliasdomain[attr]
         csvRows.append(aliasdomain_attributes)
-  if return_results:
-    return csvRows
   writeCSVfile(csvRows, titles, 'Domains', todrive)
 
 def doPrintDomainAliases():
@@ -2344,8 +2359,7 @@ def buildRoleIdToNameToIdMap():
   cd = buildGAPIObject('directory')
   result = callGAPIpages(cd.roles(), 'list', 'items',
                          customer=GC_Values[GC_CUSTOMER_ID],
-                         fields='nextPageToken,items(roleId,roleName)',
-                         maxResults=100)
+                         fields='nextPageToken,items(roleId,roleName)')
   GM_Globals[GM_MAP_ROLE_ID_TO_NAME] = {}
   GM_Globals[GM_MAP_ROLE_NAME_TO_ID] = {}
   for role in result:
@@ -2376,8 +2390,7 @@ def buildUserIdToNameMap():
   cd = buildGAPIObject('directory')
   result = callGAPIpages(cd.users(), 'list', 'users',
                          customer=GC_Values[GC_CUSTOMER_ID],
-                         fields='nextPageToken,users(id,primaryEmail)',
-                         maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                         fields='nextPageToken,users(id,primaryEmail)')
   GM_Globals[GM_MAP_USER_ID_TO_NAME] = {}
   for user in result:
     GM_Globals[GM_MAP_USER_ID_TO_NAME][user['id']] = user['primaryEmail']
@@ -3162,7 +3175,10 @@ def changeCalendarAttendees(users):
       continue
     page_token = None
     while True:
-      events_page = callGAPI(cal.events(), 'list', calendarId=user, pageToken=page_token, timeMin=start_date, timeMax=end_date, showDeleted=False, showHiddenInvitations=False)
+      events_page = callGAPI(cal.events(), 'list', calendarId=user,
+                             pageToken=page_token, timeMin=start_date,
+                             timeMax=end_date, showDeleted=False,
+                             showHiddenInvitations=False)
       print('Got %s items' % len(events_page.get('items', [])))
       for event in events_page.get('items', []):
         if event['status'] == 'cancelled':
@@ -3843,8 +3859,8 @@ def doCalendarPrintEvents():
       systemErrorExit(2, '%s is not a valid argument for "gam calendar <email> printevents"' % sys.argv[i])
   page_message = 'Got %%%%total_items%%%% events for %s' % calendarId
   results = callGAPIpages(cal.events(), 'list', 'items', page_message=page_message,
-                          maxResults=2500, calendarId=calendarId,
-                          q=q, showDeleted=showDeleted, showHiddenInvitations=showHiddenInvitations,
+                          calendarId=calendarId, q=q, showDeleted=showDeleted,
+                          showHiddenInvitations=showHiddenInvitations,
                           timeMin=timeMin, timeMax=timeMax, timeZone=timeZone, updatedMin=updatedMin)
   for result in results:
     row = {'calendarId': calendarId}
@@ -4309,7 +4325,7 @@ def printDriveActivity(users):
     feed = callGAPIpages(activity.activities(), 'list', 'activities',
                          page_message=page_message, source='drive.google.com', userId='me',
                          drive_ancestorId=drive_ancestorId, groupingStrategy='none',
-                         drive_fileId=drive_fileId, pageSize=GC_Values[GC_ACTIVITY_MAX_RESULTS])
+                         drive_fileId=drive_fileId)
     for item in feed:
       addRowTitlesToCSVfile(flatten_json(item['combinedEvent']), csvRows, titles)
   writeCSVfile(csvRows, titles, 'Drive Activity', todrive)
@@ -4589,7 +4605,7 @@ def printDriveFileList(users):
     page_message = ' Got %%%%total_items%%%% files for %s...\n' % user
     feed = callGAPIpages(drive.files(), 'list', 'items',
                          page_message=page_message, soft_errors=True,
-                         q=query, orderBy=orderBy, fields=fields, maxResults=GC_Values[GC_DRIVE_MAX_RESULTS])
+                         q=query, orderBy=orderBy, fields=fields)
     for f_file in feed:
       a_file = {'Owner': user}
       for attrib in f_file:
@@ -4643,7 +4659,7 @@ def doDriveSearch(drive, query=None, quiet=False):
     page_message = None
   files = callGAPIpages(drive.files(), 'list', 'items',
                         page_message=page_message,
-                        q=query, fields='nextPageToken,items(id)', maxResults=GC_Values[GC_DRIVE_MAX_RESULTS])
+                        q=query, fields='nextPageToken,items(id)')
   ids = list()
   for f_file in files:
     ids.append(f_file['id'])
@@ -4763,7 +4779,7 @@ def showDriveFileTree(users):
     sys.stderr.write('Getting all files for %s...\n' % user)
     page_message = ' Got %%%%total_items%%%% files for %s...\n' % user
     feed = callGAPIpages(drive.files(), 'list', 'items', page_message=page_message,
-                         q=query, orderBy=orderBy, fields='items(id,title,parents(id),mimeType),nextPageToken', maxResults=GC_Values[GC_DRIVE_MAX_RESULTS])
+                         q=query, orderBy=orderBy, fields='items(id,title,parents(id),mimeType),nextPageToken')
     printDriveFolderContents(feed, root_folder, 0)
 
 def deleteEmptyDriveFolders(users):
@@ -4777,7 +4793,7 @@ def deleteEmptyDriveFolders(users):
       sys.stderr.write('Getting folders for %s...\n' % user)
       page_message = ' Got %%%%total_items%%%% folders for %s...\n' % user
       feed = callGAPIpages(drive.files(), 'list', 'items', page_message=page_message,
-                           q=query, fields='items(title,id),nextPageToken', maxResults=GC_Values[GC_DRIVE_MAX_RESULTS])
+                           q=query, fields='items(title,id),nextPageToken')
       deleted_empty = False
       for folder in feed:
         children = callGAPI(drive.children(), 'list',
@@ -7551,6 +7567,14 @@ def getUserAttributes(i, cd, updateCmd):
       keyword['value'] = sys.argv[i]
       i += 1
       appendItemToBodyList(body, 'keywords', keyword)
+    elif myarg in ['recoveryemail']:
+      body['recoveryEmail'] = sys.argv[i+1]
+      i += 2
+    elif myarg in ['recoveryphone']:
+      body['recoveryPhone'] = sys.argv[i+1]
+      if body['recoveryPhone'][0] != '+':
+        body['recoveryPhone'] = '+' + body['recoveryPhone']
+      i += 2
     elif myarg == 'clearschema':
       if not updateCmd:
         systemErrorExit(2, '%s is not a valid create user argument.' % sys.argv[i])
@@ -7605,6 +7629,21 @@ def getUserAttributes(i, cd, updateCmd):
     body['hashFunction'] = 'crypt'
   return body
 
+class ShortURLFlow(google_auth_oauthlib.flow.InstalledAppFlow):
+  def authorization_url(self, **kwargs):
+    long_url, state = super(ShortURLFlow, self).authorization_url(**kwargs)
+    simplehttp = httplib2.Http()
+    simplehttp.timeout = 10
+    url_shortnr = 'https://gam-shortn.appspot.com/create'
+    headers = {'Content-Type': 'application/json'}
+    try:
+      resp, content = simplehttp.request(url_shortnr, 'POST', '{"long_url": "%s"}' % long_url, headers=headers)
+    except:
+      return long_url, state
+    if resp.status != 200:
+      return long_url, state
+    return json.loads(content).get('short_url', ''), state
+
 def _run_oauth_flow(client_id, client_secret, scopes, access_type, login_hint=None):
   client_config = {
     'installed': {
@@ -7616,11 +7655,11 @@ def _run_oauth_flow(client_id, client_secret, scopes, access_type, login_hint=No
       }
     }
 
-  flow = google_auth_oauthlib.flow.InstalledAppFlow.from_client_config(client_config, scopes)
+  flow = ShortURLFlow.from_client_config(client_config, scopes)
   kwargs = {'access_type': access_type}
   if login_hint:
     kwargs['login_hint'] = login_hint
-  if GC_Values[GC_NO_BROWSER]:
+  if not GC_Values[GC_OAUTH_BROWSER]:
     flow.run_console(
             authorization_prompt_message=MESSAGE_CONSOLE_AUTHORIZATION_PROMPT,
             authorization_code_message=MESSAGE_CONSOLE_AUTHORIZATION_CODE,
@@ -8431,11 +8470,10 @@ def _getCloudStorageObject(s, bucket, object_, local_file=None, expectedMd5=None
     if expectedMd5:
       sys.stdout.write('Verifying %s hash...' % expectedMd5)
       sys.stdout.flush()
-      if md5MatchesFile(local_file, expectedMd5):
+      if md5MatchesFile(local_file, expectedMd5, False):
         print('VERIFIED')
         return
-      else:
-        print('not verified. Downloading again and over-writing...')
+      print('not verified. Downloading again and over-writing...')
     else:
       return # nothing to verify, just assume we're good.
   print('saving to %s' % local_file)
@@ -8460,19 +8498,18 @@ def _getCloudStorageObject(s, bucket, object_, local_file=None, expectedMd5=None
     f = openFile(local_file, 'rb')
     sys.stdout.write(' Verifying file hash is %s...' % expectedMd5)
     sys.stdout.flush()
-    if md5MatchesFile(local_file, expectedMd5):
-      print('VERIFIED')
-    else:
-      print('ERROR: actual hash was %s. Exiting on corrupt file.' % actual_hash)
-      sys.exit(6)
+    md5MatchesFile(local_file, expectedMd5, True)
+    print('VERIFIED')
     closeFile(f)
 
-def md5MatchesFile(local_file, expected_md5):
+def md5MatchesFile(local_file, expected_md5, exitOnError):
   f = openFile(local_file, 'rb')
   hash_md5 = hashlib.md5()
   for chunk in iter(lambda: f.read(4096), b""):
     hash_md5.update(chunk)
   actual_hash = hash_md5.hexdigest()
+  if exitOnError and actual_hash != expected_md5:
+    systemErrorExit(6, 'actual hash was %s. Exiting on corrupt file.' % actual_hash)
   return actual_hash == expected_md5
 
 def doDownloadCloudStorageBucket():
@@ -8541,11 +8578,8 @@ def doDownloadVaultExport():
       expected_hash = s_file['md5Hash']
       sys.stdout.write(' Verifying file hash is %s...' % expected_hash)
       sys.stdout.flush()
-      if md5MatchesFile(filename, expected_hash):
-        print('VERIFIED')
-      else:
-        print('ERROR: actual hash was %s. Exiting on corrupt file.' % actual_hash)
-        sys.exit(6)
+      md5MatchesFile(filename, expected_hash, True)
+      print('VERIFIED')
     if extractFiles and re.search(r'\.zip$', filename):
       extract_nested_zip(filename, targetFolder)
 
@@ -8869,21 +8903,11 @@ def doCreateUser():
 def GroupIsAbuseOrPostmaster(emailAddr):
   return emailAddr.startswith('abuse@') or emailAddr.startswith('postmaster@')
 
-def mapCollaborativeACL(myarg, value):
-  value = value.lower().replace('_', '')
-  if value in COLLABORATIVE_ACL_CHOICES:
-    return COLLABORATIVE_ACL_CHOICES[value]
-  systemErrorExit(3, 'allowed choices for %s are %s, got %s' % (myarg, ', '.join(sorted(COLLABORATIVE_ACL_CHOICES)), value))
+GROUP_SETTINGS_LIST_PATTERN = re.compile(r'([A-Z][A-Z_]+[A-Z]?)')
 
 def getGroupAttrValue(myarg, value, gs_object, gs_body, function):
   if myarg == 'collaborative':
-    value = mapCollaborativeACL(myarg, value)
-    for attrName, attrValue in list(COLLABORATIVE_INBOX_ATTRIBUTES.items()):
-      if attrValue == 'acl':
-        gs_body[attrName] = value
-      else:
-        gs_body[attrName] = attrValue
-    return
+    myarg = 'enablecollaborativeinbox'
   for (attrib, params) in list(gs_object['schemas']['Groups']['properties'].items()):
     if attrib in ['kind', 'etag', 'email']:
       continue
@@ -8905,19 +8929,19 @@ def getGroupAttrValue(myarg, value, gs_object, gs_body, function):
           value = value.replace('\\n', '\n')
         elif attrib == 'primaryLanguage':
           value = LANGUAGE_CODES_MAP.get(value.lower(), value)
-        elif COLLABORATIVE_INBOX_ATTRIBUTES.get(attrib) == 'acl':
-          value = mapCollaborativeACL(myarg, value)
-        elif params['description'].find(value.upper()) != -1: # ugly hack because API wants some values uppercased.
+        elif attrib in GROUP_SETTINGS_LIST_ATTRIBUTES:
           value = value.upper()
-        elif value.lower() in true_values:
-          value = 'true'
-        elif value.lower() in false_values:
-          value = 'false'
-      # Another ugly hack because Groups Settings API doesn't have proper enumerator values set in discovery file.
-      if 'description' in params and params['description'].find('Possible values are: ') != -1:
-        possible_values = params['description'][params['description'].find('Possible values are: ')+21:].split(' ')
-        if value not in possible_values:
-          systemErrorExit(2, 'value for %s must be one of %s. Got %s.' % (attrib, ', '.join(possible_values), value))
+          possible_values = GROUP_SETTINGS_LIST_PATTERN.findall(params['description'])
+          if value not in possible_values:
+            systemErrorExit(2, 'value for %s must be one of %s. Got %s.' % (attrib, ', '.join(possible_values), value))
+        elif attrib in GROUP_SETTINGS_BOOLEAN_ATTRIBUTES:
+          value = value.lower()
+          if value in true_values:
+            value = 'true'
+          elif value in false_values:
+            value = 'false'
+          else:
+            systemErrorExit(2, 'value for %s must be true|false. Got %s.' % (attrib, value))
       gs_body[attrib] = value
       return
   systemErrorExit(2, '%s is not a valid argument for "gam %s group"' % (myarg, function))
@@ -9518,7 +9542,7 @@ def doUpdateGroup():
         result = callGAPIpages(cd.members(), 'list', 'members',
                                page_message=page_message,
                                throw_reasons=GAPI_MEMBERS_THROW_REASONS,
-                               groupKey=group, roles=listRoles, fields=listFields, maxResults=GC_Values[GC_MEMBER_MAX_RESULTS])
+                               groupKey=group, roles=listRoles, fields=listFields)
         if not result:
           print('Group already has 0 members')
           return
@@ -9697,9 +9721,12 @@ def doUpdateMobile():
   doit = False
   if resourceIds[:6] == 'query:':
     query = resourceIds[6:]
-    fields='nextPageToken,mobiledevices(resourceId,email)'
+    fields = 'nextPageToken,mobiledevices(resourceId,email)'
     page_message = 'Got %%total_items%% mobile devices...\n'
-    devices = callGAPIpages(cd.mobiledevices(), 'list', page_message=page_message, customerId=GC_Values[GC_CUSTOMER_ID], items='mobiledevices', query=query, fields=fields)
+    devices = callGAPIpages(cd.mobiledevices(), 'list',
+                            page_message=page_message,
+                            customerId=GC_Values[GC_CUSTOMER_ID],
+                            items='mobiledevices', query=query, fields=fields)
   else:
     devices = [{'resourceId': resourceIds, 'email': ['not set']}]
     doit = True
@@ -10104,9 +10131,13 @@ def doGetUserInfo(user_email=None):
     else:
       print('Last login time: %s' % user['lastLoginTime'])
   if 'orgUnitPath' in user:
-    print('Google Org Unit Path: %s\n' % user['orgUnitPath'])
+    print('Google Org Unit Path: %s' % user['orgUnitPath'])
   if 'thumbnailPhotoUrl' in user:
     print('Photo URL: %s\n' % user['thumbnailPhotoUrl'])
+  if 'recoveryPhone' in user:
+    print('Recovery Phone: %s' % user['recoveryPhone'])
+  if 'recoveryEmail' in user:
+    print('Recovery Email: %s' % user['recoveryEmail'])
   if 'notes' in user:
     print('Notes:')
     notes = user['notes']
@@ -10344,7 +10375,7 @@ def doGetGroupInfo(group_name=None):
       for groupm in groups:
         print('  %s: %s' % (groupm['name'], groupm['email']))
   if getUsers:
-    members = callGAPIpages(cd.members(), 'list', 'members', groupKey=group_name, fields='nextPageToken,members(email,id,role,type)', maxResults=GC_Values[GC_MEMBER_MAX_RESULTS])
+    members = callGAPIpages(cd.members(), 'list', 'members', groupKey=group_name, fields='nextPageToken,members(email,id,role,type)')
     print('Members:')
     for member in members:
       print(' %s: %s (%s)' % (member.get('role', ROLE_MEMBER).lower(), member.get('email', member['id']), member['type'].lower()))
@@ -10824,7 +10855,7 @@ def doGetOrgInfo(name=None, return_attrib=None):
     page_message = 'Got %%total_items%% Users: %%first_item%% - %%last_item%%\n'
     users = callGAPIpages(cd.users(), 'list', 'users', page_message=page_message,
                           message_attribute='primaryEmail', customer=GC_Values[GC_CUSTOMER_ID], query=orgUnitPathQuery(name, checkSuspended),
-                          fields='users(primaryEmail,orgUnitPath),nextPageToken', maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                          fields='users(primaryEmail,orgUnitPath),nextPageToken')
     if checkSuspended is None:
       print('Users:')
     elif not checkSuspended:
@@ -11067,7 +11098,7 @@ def doUndeleteUser():
   else:
     print('Looking up UID for %s...' % user)
     deleted_users = callGAPIpages(cd.users(), 'list', 'users',
-                                  customer=GC_Values[GC_CUSTOMER_ID], showDeleted=True, maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                                  customer=GC_Values[GC_CUSTOMER_ID], showDeleted=True)
     matching_users = list()
     for deleted_user in deleted_users:
       if str(deleted_user['primaryEmail']).lower() == user:
@@ -11559,7 +11590,7 @@ def doPrintUsers():
     all_users = callGAPIpages(cd.users(), 'list', 'users', page_message=page_message,
                               message_attribute='primaryEmail', customer=customer, domain=domain, fields=fields,
                               showDeleted=deleted_only, orderBy=orderBy, sortOrder=sortOrder, viewType=viewType,
-                              query=query, projection=projection, customFieldMask=customFieldMask, maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                              query=query, projection=projection, customFieldMask=customFieldMask)
     for user in all_users:
       if email_parts and ('primaryEmail' in user):
         user_email = user['primaryEmail']
@@ -11639,11 +11670,14 @@ GROUP_ARGUMENT_TO_PROPERTY_TITLE_MAP = {
 
 GROUP_ATTRIBUTES_ARGUMENT_TO_PROPERTY_MAP = {
   'allowexternalmembers': 'allowExternalMembers',
+  'allowgooglecommunication': 'allowGoogleCommunication',
   'allowwebposting': 'allowWebPosting',
   'archiveonly': 'archiveOnly',
   'customfootertext': 'customFooterText',
   'customreplyto': 'customReplyTo',
   'defaultmessagedenynotificationtext': 'defaultMessageDenyNotificationText',
+  'enablecollaborativeinbox': 'enableCollaborativeInbox',
+  'favoriterepliesontop': 'favoriteRepliesOnTop',
   'gal': 'includeInGlobalAddressList',
   'includecustomfooter': 'includeCustomFooter',
   'includeinglobaladdresslist': 'includeInGlobalAddressList',
@@ -11656,16 +11690,33 @@ GROUP_ATTRIBUTES_ARGUMENT_TO_PROPERTY_MAP = {
   'showingroupdirectory': 'showInGroupDirectory',
   'spammoderationlevel': 'spamModerationLevel',
   'whocanadd': 'whoCanAdd',
+  'whocanapprovemembers': 'whoCanApproveMembers',
+  'whocanapprovemessages': 'whoCanApproveMessages',
   'whocanassigntopics': 'whoCanAssignTopics',
+  'whocanassistcontent': 'whoCanAssistContent',
+  'whocanbanusers': 'whoCanBanUsers',
   'whocancontactowner': 'whoCanContactOwner',
+  'whocandeleteanypost': 'whoCanDeleteAnyPost',
+  'whocandeletetopics': 'whoCanDeleteTopics',
+  'whocandiscovergroup': 'whoCanDiscoverGroup',
   'whocanenterfreeformtags': 'whoCanEnterFreeFormTags',
+  'whocanhideabuse': 'whoCanHideAbuse',
   'whocaninvite': 'whoCanInvite',
   'whocanjoin': 'whoCanJoin',
   'whocanleavegroup': 'whoCanLeaveGroup',
+  'whocanlocktopics': 'whoCanLockTopics',
+  'whocanmaketopicssticky': 'whoCanMakeTopicsSticky',
   'whocanmarkduplicate': 'whoCanMarkDuplicate',
   'whocanmarkfavoritereplyonanytopic': 'whoCanMarkFavoriteReplyOnAnyTopic',
+  'whocanmarkfavoritereplyonowntopic': 'whoCanMarkFavoriteReplyOnOwnTopic',
   'whocanmarknoresponseneeded': 'whoCanMarkNoResponseNeeded',
+  'whocanmoderatecontent': 'whoCanModerateContent',
+  'whocanmoderatemembers': 'whoCanModerateMembers',
+  'whocanmodifymembers': 'whoCanModifyMembers',
   'whocanmodifytagsandcategories': 'whoCanModifyTagsAndCategories',
+  'whocanmovetopicsin': 'whoCanMoveTopicsIn',
+  'whocanmovetopicsout': 'whoCanMoveTopicsOut',
+  'whocanpostannouncements': 'whoCanPostAnnouncements',
   'whocanpostmessage': 'whoCanPostMessage',
   'whocantaketopics': 'whoCanTakeTopics',
   'whocanunassigntopic': 'whoCanUnassignTopic',
@@ -11689,7 +11740,6 @@ def doPrintGroups():
   titles = []
   csvRows = []
   addFieldTitleToCSVfile('email', GROUP_ARGUMENT_TO_PROPERTY_TITLE_MAP, cdfieldsList, fieldsTitles, titles)
-  maxResults = None
   roles = []
   getSettings = sortHeaders = False
   while i < len(sys.argv):
@@ -11710,7 +11760,7 @@ def doPrintGroups():
       usemember = None
       i += 2
     elif myarg == 'maxresults':
-      maxResults = getInteger(sys.argv[i+1], myarg, minVal=0)
+      # deprecated argument
       i += 2
     elif myarg == 'delimiter':
       aliasDelimiter = memberDelimiter = sys.argv[i+1]
@@ -11792,8 +11842,7 @@ def doPrintGroups():
   entityList = callGAPIpages(cd.groups(), 'list', 'groups',
                              page_message=page_message, message_attribute='email',
                              customer=customer, domain=usedomain, userKey=usemember, query=usequery,
-                             fields='nextPageToken,groups({0})'.format(cdfields),
-                             maxResults=maxResults)
+                             fields='nextPageToken,groups({0})'.format(cdfields))
   i = 0
   count = len(entityList)
   for groupEntity in entityList:
@@ -11813,7 +11862,7 @@ def doPrintGroups():
       groupMembers = callGAPIpages(cd.members(), 'list', 'members',
                                    page_message=page_message, message_attribute='email',
                                    soft_errors=True,
-                                   groupKey=groupEmail, roles=listRoles, fields=listFields, maxResults=GC_Values[GC_MEMBER_MAX_RESULTS])
+                                   groupKey=groupEmail, roles=listRoles, fields=listFields)
       if members:
         membersList = []
         membersCount = 0
@@ -12000,7 +12049,7 @@ def doPrintAliases():
       page_message = 'Got %%num_items%% Users %%first_item%% - %%last_item%%\n'
       all_users = callGAPIpages(cd.users(), 'list', 'users', page_message=page_message,
                                 message_attribute='primaryEmail', customer=GC_Values[GC_CUSTOMER_ID], query=query,
-                                fields='nextPageToken,users({0})'.format(','.join(userFields)), maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                                fields='nextPageToken,users({0})'.format(','.join(userFields)))
       for user in all_users:
         for alias in user.get('aliases', []):
           csvRows.append({'Alias': alias, 'Target': user['primaryEmail'], 'TargetType': 'User'})
@@ -12089,7 +12138,7 @@ def doPrintGroupMembers():
     validRoles, listRoles, listFields = _getRoleVerification(','.join(roles), fields)
     group_members = callGAPIpages(cd.members(), 'list', 'members',
                                   soft_errors=True,
-                                  groupKey=group_email, roles=listRoles, fields=listFields, maxResults=GC_Values[GC_MEMBER_MAX_RESULTS])
+                                  groupKey=group_email, roles=listRoles, fields=listFields)
     for member in group_members:
       if not _checkMemberRoleIsSuspended(member, validRoles, checkSuspended):
         continue
@@ -12283,7 +12332,7 @@ def doPrintMobileDevices():
     page_message = 'Got %%num_items%% Mobile Devices...\n'
     all_mobile = callGAPIpages(cd.mobiledevices(), 'list', 'mobiledevices', page_message=page_message,
                                customerId=GC_Values[GC_CUSTOMER_ID], query=query, projection=projection, fields=fields,
-                               orderBy=orderBy, sortOrder=sortOrder, maxResults=GC_Values[GC_DEVICE_MAX_RESULTS])
+                               orderBy=orderBy, sortOrder=sortOrder)
     for mobile in all_mobile:
       row = {}
       for attrib in mobile:
@@ -12400,7 +12449,7 @@ def doPrintCrosActivity():
     page_message = 'Got %%total_items%% CrOS Devices...\n'
     all_cros = callGAPIpages(cd.chromeosdevices(), 'list', 'chromeosdevices', page_message=page_message,
                              query=query, customerId=GC_Values[GC_CUSTOMER_ID], projection='FULL',
-                             fields=fields, maxResults=GC_Values[GC_DEVICE_MAX_RESULTS], orgUnitPath=orgUnitPath)
+                             fields=fields, orgUnitPath=orgUnitPath)
     for cros in all_cros:
       row = {}
       for attrib in cros:
@@ -12581,7 +12630,7 @@ def doPrintCrosDevices():
     page_message = 'Got %%total_items%% CrOS Devices...\n'
     all_cros = callGAPIpages(cd.chromeosdevices(), 'list', 'chromeosdevices', page_message=page_message,
                              query=query, customerId=GC_Values[GC_CUSTOMER_ID], projection=projection, orgUnitPath=orgUnitPath,
-                             orderBy=orderBy, sortOrder=sortOrder, fields=fields, maxResults=GC_Values[GC_DEVICE_MAX_RESULTS])
+                             orderBy=orderBy, sortOrder=sortOrder, fields=fields)
     for cros in all_cros:
       _checkTPMVulnerability(cros)
       if guess_aue:
@@ -12985,7 +13034,7 @@ def getUsersToModify(entity_type=None, entity=None, silent=False, member_type=No
       page_message = 'Got %%%%total_items%%%% %s...' % member_type_message
     validRoles, listRoles, listFields = _getRoleVerification(member_type, 'nextPageToken,members(email,id,type,status)')
     members = callGAPIpages(cd.members(), 'list', 'members', page_message=page_message,
-                            groupKey=group, roles=listRoles, fields=listFields, maxResults=GC_Values[GC_MEMBER_MAX_RESULTS])
+                            groupKey=group, roles=listRoles, fields=listFields)
     users = []
     for member in members:
       if ((not groupUserMembersOnly) or (member['type'] == 'USER')) and _checkMemberRoleIsSuspended(member, validRoles, checkSuspended):
@@ -13008,7 +13057,7 @@ def getUsersToModify(entity_type=None, entity=None, silent=False, member_type=No
       page_message = 'Got %%total_items%% Users...'
     members = callGAPIpages(cd.users(), 'list', 'users', page_message=page_message,
                             customer=GC_Values[GC_CUSTOMER_ID], fields='nextPageToken,users(primaryEmail,orgUnitPath)',
-                            query=query, maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                            query=query)
     ou = ou.lower()
     for member in members:
       if ou == member.get('orgUnitPath', '').lower():
@@ -13030,7 +13079,7 @@ def getUsersToModify(entity_type=None, entity=None, silent=False, member_type=No
       page_message = 'Got %%total_items%% Users...'
     members = callGAPIpages(cd.users(), 'list', 'users', page_message=page_message,
                             customer=GC_Values[GC_CUSTOMER_ID], fields='nextPageToken,users(primaryEmail)',
-                            query=query, maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                            query=query)
     for member in members:
       users.append(member['primaryEmail'])
     if not silent:
@@ -13049,7 +13098,7 @@ def getUsersToModify(entity_type=None, entity=None, silent=False, member_type=No
       page_message = 'Got %%total_items%% Users...'
       members = callGAPIpages(cd.users(), 'list', 'users', page_message=page_message,
                               customer=GC_Values[GC_CUSTOMER_ID], fields='nextPageToken,users(primaryEmail,suspended)',
-                              query=query, maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                              query=query)
       for member in members:
         email = member['primaryEmail']
         if (checkSuspended is None or checkSuspended == member['suspended']) and email not in usersSet:
@@ -13115,7 +13164,7 @@ def getUsersToModify(entity_type=None, entity=None, silent=False, member_type=No
       page_message = 'Got %%total_items%% Users...'
       all_users = callGAPIpages(cd.users(), 'list', 'users', page_message=page_message,
                                 customer=GC_Values[GC_CUSTOMER_ID], query=query,
-                                fields='nextPageToken,users(primaryEmail)', maxResults=GC_Values[GC_USER_MAX_RESULTS])
+                                fields='nextPageToken,users(primaryEmail)')
       for member in all_users:
         users.append(member['primaryEmail'])
       if not silent:
@@ -13125,8 +13174,7 @@ def getUsersToModify(entity_type=None, entity=None, silent=False, member_type=No
         printGettingAllItems('CrOS Devices', None)
       page_message = 'Got %%total_items%% CrOS Devices...'
       all_cros = callGAPIpages(cd.chromeosdevices(), 'list', 'chromeosdevices', page_message=page_message,
-                               customerId=GC_Values[GC_CUSTOMER_ID], fields='nextPageToken,chromeosdevices(deviceId)',
-                               maxResults=GC_Values[GC_DEVICE_MAX_RESULTS])
+                               customerId=GC_Values[GC_CUSTOMER_ID], fields='nextPageToken,chromeosdevices(deviceId)')
       for member in all_cros:
         users.append(member['deviceId'])
       if not silent:
@@ -13151,7 +13199,7 @@ def getUsersToModify(entity_type=None, entity=None, silent=False, member_type=No
       page_message = 'Got %%total_items%% CrOS Devices...'
       members = callGAPIpages(cd.chromeosdevices(), 'list', 'chromeosdevices', page_message=page_message,
                               customerId=GC_Values[GC_CUSTOMER_ID], fields='nextPageToken,chromeosdevices(deviceId)',
-                              query=query, maxResults=GC_Values[GC_DEVICE_MAX_RESULTS])
+                              query=query)
       for member in members:
         deviceId = member['deviceId']
         if deviceId not in usersSet:

src/travis/windows-x86_64-before-install.sh

@@ -24,4 +24,21 @@ pip install --upgrade pip
 pip freeze > upgrades.txt
 pip install --upgrade -r upgrades.txt
 pip install --upgrade -r src/requirements.txt
-pip install --upgrade pyinstaller
+#pip install --upgrade pyinstaller
+# Install PyInstaller from source and build bootloader
+# to try and avoid getting flagged as malware since
+# lots of malware uses PyInstaller default bootloader
+# https://stackoverflow.com/questions/53584395/how-to-recompile-the-bootloader-of-pyinstaller
+echo "Downloading PyInstaller..."
+wget --quiet https://github.com/pyinstaller/pyinstaller/releases/download/v$PYINSTALLER_VERSION/PyInstaller-$PYINSTALLER_VERSION.tar.gz
+tar xf PyInstaller-$PYINSTALLER_VERSION.tar.gz
+cd PyInstaller-$PYINSTALLER_VERSION/bootloader
+echo "bootloader before:"
+md5sum ../PyInstaller/bootloader/Windows-64bit/*
+/c/python37/python ./waf all --target-arch=64bit
+echo "bootloader after:"
+md5sum ../PyInstaller/bootloader/Windows-64bit/*
+echo "PATH: $PATH"
+cd ..
+/c/python37/python setup.py install
+cd $mypath

src/var.py

@@ -6,15 +6,15 @@ import platform
 import re
 
 gam_author = 'Jay Lee <jay0lee@gmail.com>'
-gam_version = '4.90'
+gam_version = '4.93'
 gam_license = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
 
 GAM_URL = 'https://git.io/gam'
 GAM_INFO = 'GAM {0} - {1} / {2} / Python {3}.{4}.{5} {6} / {7} {8} /'.format(gam_version, GAM_URL,
-                                                                              gam_author,
-                                                                              sys.version_info[0], sys.version_info[1],
-                                                                              sys.version_info[2], sys.version_info[3],
-                                                                              platform.platform(), platform.machine())
+                                                                             gam_author,
+                                                                             sys.version_info[0], sys.version_info[1],
+                                                                             sys.version_info[2], sys.version_info[3],
+                                                                             platform.platform(), platform.machine())
 
 GAM_RELEASES = 'https://github.com/jay0lee/GAM/releases'
 GAM_WIKI = 'https://github.com/jay0lee/GAM/wiki'
@@ -157,13 +157,13 @@ API_VER_MAPPING = {
 API_SCOPE_MAPPING = {
   'alertcenter': ['https://www.googleapis.com/auth/apps.alerts',],
   'appsactivity': ['https://www.googleapis.com/auth/activity',
-                    'https://www.googleapis.com/auth/drive',],
+                   'https://www.googleapis.com/auth/drive',],
   'calendar': ['https://www.googleapis.com/auth/calendar',],
   'drive': ['https://www.googleapis.com/auth/drive',],
   'drive3': ['https://www.googleapis.com/auth/drive',],
   'gmail': ['https://mail.google.com/',
-             'https://www.googleapis.com/auth/gmail.settings.basic',
-             'https://www.googleapis.com/auth/gmail.settings.sharing',],
+            'https://www.googleapis.com/auth/gmail.settings.basic',
+            'https://www.googleapis.com/auth/gmail.settings.sharing',],
   'sheets': ['https://www.googleapis.com/auth/spreadsheets',],
 }
 
@@ -403,7 +403,7 @@ DOCUMENT_FORMATS_MAP = {
   'mht': [{'mime': 'message/rfc822', 'ext': 'mht'}],
   'odp': [{'mime': 'application/vnd.oasis.opendocument.presentation', 'ext': '.odp'}],
   'ods': [{'mime': 'application/x-vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'},
-           {'mime': 'application/vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'}],
+          {'mime': 'application/vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'}],
   'odt': [{'mime': 'application/vnd.oasis.opendocument.text', 'ext': '.odt'}],
   'pdf': [{'mime': 'application/pdf', 'ext': '.pdf'}],
   'png': [{'mime': 'image/png', 'ext': '.png'}],
@@ -414,7 +414,7 @@ DOCUMENT_FORMATS_MAP = {
   'rtf': [{'mime': 'application/rtf', 'ext': '.rtf'}],
   'svg': [{'mime': 'image/svg+xml', 'ext': '.svg'}],
   'tsv': [{'mime': 'text/tab-separated-values', 'ext': '.tsv'},
-           {'mime': 'text/tsv', 'ext': '.tsv'}],
+          {'mime': 'text/tsv', 'ext': '.tsv'}],
   'txt': [{'mime': 'text/plain', 'ext': '.txt'}],
   'xls': [{'mime': 'application/vnd.ms-excel', 'ext': '.xls'}],
   'xlt': [{'mime': 'application/vnd.ms-excel', 'ext': '.xlt'}],
@@ -425,9 +425,9 @@ DOCUMENT_FORMATS_MAP = {
   'microsoft': _MICROSOFT_FORMATS_LIST,
   'micro$oft': _MICROSOFT_FORMATS_LIST,
   'openoffice': [{'mime': 'application/vnd.oasis.opendocument.presentation', 'ext': '.odp'},
-                  {'mime': 'application/x-vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'},
-                  {'mime': 'application/vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'},
-                  {'mime': 'application/vnd.oasis.opendocument.text', 'ext': '.odt'}],
+                 {'mime': 'application/x-vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'},
+                 {'mime': 'application/vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'},
+                 {'mime': 'application/vnd.oasis.opendocument.text', 'ext': '.odt'}],
   }
 
 DNS_ERROR_CODES_MAP = {
@@ -612,28 +612,76 @@ CROS_END_ARGUMENTS = ['end', 'enddate']
 CROS_TPM_VULN_VERSIONS = ['41f', '420', '628', '8520',]
 CROS_TPM_FIXED_VERSIONS = ['422', '62b', '8521',]
 
-COLLABORATIVE_ACL_CHOICES = {
-  'members': 'ALL_MEMBERS',
-  'managersonly': 'MANAGERS_ONLY',
-  'managers': 'OWNERS_AND_MANAGERS',
-  'owners': 'OWNERS_ONLY',
-  'none': 'NONE',
-  }
+COLLABORATIVE_INBOX_ATTRIBUTES = [
+  'whoCanAddReferences',
+  'whoCanAssignTopics',
+  'whoCanEnterFreeFormTags',
+  'whoCanMarkDuplicate',
+  'whoCanMarkFavoriteReplyOnAnyTopic',
+  'whoCanMarkFavoriteReplyOnOwnTopic',
+  'whoCanMarkNoResponseNeeded',
+  'whoCanModifyTagsAndCategories',
+  'whoCanTakeTopics',
+  'whoCanUnassignTopic',
+  'whoCanUnmarkFavoriteReplyOnAnyTopic',
+  'favoriteRepliesOnTop',
+  ]
 
-COLLABORATIVE_INBOX_ATTRIBUTES = {
-  'whoCanAddReferences': 'acl',
-  'whoCanAssignTopics': 'acl',
-  'whoCanEnterFreeFormTags': 'acl',
-  'whoCanMarkDuplicate': 'acl',
-  'whoCanMarkFavoriteReplyOnAnyTopic': 'acl',
-  'whoCanMarkFavoriteReplyOnOwnTopic': 'acl',
-  'whoCanMarkNoResponseNeeded': 'acl',
-  'whoCanModifyTagsAndCategories': 'acl',
-  'whoCanTakeTopics': 'acl',
-  'whoCanUnassignTopic': 'acl',
-  'whoCanUnmarkFavoriteReplyOnAnyTopic': 'acl',
-  'favoriteRepliesOnTop': True,
-  }
+GROUP_SETTINGS_LIST_ATTRIBUTES = set([
+  # ACL choices
+  'whoCanAdd',
+  'whoCanApproveMembers',
+  'whoCanApproveMessages',
+  'whoCanAssignTopics',
+  'whoCanAssistContent',
+  'whoCanBanUsers',
+  'whoCanContactOwner',
+  'whoCanDeleteAnyPost',
+  'whoCanDeleteTopics',
+  'whoCanDiscoverGroup',
+  'whoCanEnterFreeFormTags',
+  'whoCanHideAbuse',
+  'whoCanInvite',
+  'whoCanJoin',
+  'whoCanLeaveGroup',
+  'whoCanLockTopics',
+  'whoCanMakeTopicsSticky',
+  'whoCanMarkDuplicate',
+  'whoCanMarkFavoriteReplyOnAnyTopic',
+  'whoCanMarkFavoriteReplyOnOwnTopic',
+  'whoCanMarkNoResponseNeeded',
+  'whoCanModerateContent',
+  'whoCanModerateMembers',
+  'whoCanModifyMembers',
+  'whoCanModifyTagsAndCategories',
+  'whoCanMoveTopicsIn',
+  'whoCanMoveTopicsOut',
+  'whoCanPostAnnouncements',
+  'whoCanPostMessage',
+  'whoCanTakeTopics',
+  'whoCanUnassignTopic',
+  'whoCanUnmarkFavoriteReplyOnAnyTopic',
+  'whoCanViewGroup',
+  'whoCanViewMembership',
+  # Miscellaneous hoices
+  'messageModerationLevel',
+  'replyTo',
+  'spamModerationLevel',
+  ])
+GROUP_SETTINGS_BOOLEAN_ATTRIBUTES = set([
+  'allowExternalMembers',
+  'allowGoogleCommunication',
+  'allowWebPosting',
+  'archiveOnly',
+  'enableCollaborativeInbox',
+  'favoriteRepliesOnTop',
+  'includeCustomFooter',
+  'includeInGlobalAddressList',
+  'isArchived',
+  'membersCanPostAsTheGroup',
+  'sendMessageDenyNotification',
+  'showInGroupDirectory',
+  ])
 
 #
 # Global variables
@@ -709,8 +757,6 @@ GM_Globals = {
 #
 # Global variables defined by environment variables/signal files
 #
-# When retrieving lists of Google Drive activities from API, how many should be retrieved in each chunk
-GC_ACTIVITY_MAX_RESULTS = 'activity_max_results'
 # Automatically generate gam batch command if number of users specified in gam users xxx command exceeds this number
 # Default: 0, don't automatically generate gam batch commands
 GC_AUTO_BATCH_MIN = 'auto_batch_min'
@@ -732,19 +778,15 @@ GC_CUSTOMER_ID = 'customer_id'
 GC_DEBUG_LEVEL = 'debug_level'
 # ID Token decoded from OAuth 2.0 refresh token response. Includes hd (domain) and email of authorized user
 GC_DECODED_ID_TOKEN = 'decoded_id_token'
-# When retrieving lists of ChromeOS/Mobile devices from API, how many should be retrieved in each chunk
-GC_DEVICE_MAX_RESULTS = 'device_max_results'
 # Domain obtained from gam.cfg or oauth2.txt
 GC_DOMAIN = 'domain'
 # Google Drive download directory
 GC_DRIVE_DIR = 'drive_dir'
-# When retrieving lists of Drive files/folders from API, how many should be retrieved in each chunk
-GC_DRIVE_MAX_RESULTS = 'drive_max_results'
-# When retrieving lists of Google Group members from API, how many should be retrieved in each chunk
-GC_MEMBER_MAX_RESULTS = 'member_max_results'
 # If no_browser is False, writeCSVfile won't open a browser when todrive is set
 # and doRequestOAuth prints a link and waits for the verification code when oauth2.txt is being created
 GC_NO_BROWSER = 'no_browser'
+# oauth_browser forces usage of web server OAuth flow that proved problematic.
+GC_OAUTH_BROWSER = 'oauth_browser'
 # Disable GAM API caching
 GC_NO_CACHE = 'no_cache'
 # Disable GAM update check
@@ -763,8 +805,6 @@ GC_SHOW_COUNTS_MIN = 'show_counts_min'
 GC_SHOW_GETTINGS = 'show_gettings'
 # GAM config directory containing json discovery files
 GC_SITE_DIR = 'site_dir'
-# When retrieving lists of Users from API, how many should be retrieved in each chunk
-GC_USER_MAX_RESULTS = 'user_max_results'
 # CSV Columns GAM should show on CSV output
 GC_CSV_HEADER_FILTER = 'csv_header_filter'
 # CSV Rows GAM should filter
@@ -778,7 +818,6 @@ GC_CA_FILE = 'ca_file'
 
 tls_min = "TLSv1_2" if hasattr(ssl.SSLContext(), "minimum_version") else None
 GC_Defaults = {
-  GC_ACTIVITY_MAX_RESULTS: 100,
   GC_AUTO_BATCH_MIN: 0,
   GC_BATCH_SIZE: 50,
   GC_CACHE_DIR: '',
@@ -789,22 +828,19 @@ GC_Defaults = {
   GC_CUSTOMER_ID: MY_CUSTOMER,
   GC_DEBUG_LEVEL: 0,
   GC_DECODED_ID_TOKEN: '',
-  GC_DEVICE_MAX_RESULTS: 500,
   GC_DOMAIN: '',
   GC_DRIVE_DIR: '',
-  GC_DRIVE_MAX_RESULTS: 1000,
-  GC_MEMBER_MAX_RESULTS: 200,
   GC_NO_BROWSER: False,
   GC_NO_CACHE: False,
   GC_NO_UPDATE_CHECK: False,
   GC_NUM_THREADS: 25,
+  GC_OAUTH_BROWSER: False,
   GC_OAUTH2_TXT: _FN_OAUTH2_TXT,
   GC_OAUTH2SERVICE_JSON: _FN_OAUTH2SERVICE_JSON,
   GC_SECTION: '',
   GC_SHOW_COUNTS_MIN: 0,
   GC_SHOW_GETTINGS: True,
   GC_SITE_DIR: '',
-  GC_USER_MAX_RESULTS: 500,
   GC_CSV_HEADER_FILTER: '',
   GC_CSV_ROW_FILTER: '',
   GC_TLS_MIN_VERSION: tls_min,
@@ -829,7 +865,6 @@ GC_VAR_TYPE = 'type'
 GC_VAR_LIMITS = 'lmit'
 
 GC_VAR_INFO = {
-  GC_ACTIVITY_MAX_RESULTS: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, 500)},
   GC_AUTO_BATCH_MIN: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (0, None)},
   GC_BATCH_SIZE: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, 1000)},
   GC_CACHE_DIR: {GC_VAR_TYPE: GC_TYPE_DIRECTORY},
@@ -840,22 +875,19 @@ GC_VAR_INFO = {
   GC_CUSTOMER_ID: {GC_VAR_TYPE: GC_TYPE_STRING},
   GC_DEBUG_LEVEL: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (0, None)},
   GC_DECODED_ID_TOKEN: {GC_VAR_TYPE: GC_TYPE_STRING},
-  GC_DEVICE_MAX_RESULTS: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, 1000)},
   GC_DOMAIN: {GC_VAR_TYPE: GC_TYPE_STRING},
   GC_DRIVE_DIR: {GC_VAR_TYPE: GC_TYPE_DIRECTORY},
-  GC_DRIVE_MAX_RESULTS: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, 1000)},
-  GC_MEMBER_MAX_RESULTS: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, 10000)},
   GC_NO_BROWSER: {GC_VAR_TYPE: GC_TYPE_BOOLEAN},
   GC_NO_CACHE: {GC_VAR_TYPE: GC_TYPE_BOOLEAN},
   GC_NO_UPDATE_CHECK: {GC_VAR_TYPE: GC_TYPE_BOOLEAN},
   GC_NUM_THREADS: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, None)},
+  GC_OAUTH_BROWSER: {GC_VAR_TYPE: GC_TYPE_BOOLEAN},
   GC_OAUTH2_TXT: {GC_VAR_TYPE: GC_TYPE_FILE},
   GC_OAUTH2SERVICE_JSON: {GC_VAR_TYPE: GC_TYPE_FILE},
   GC_SECTION: {GC_VAR_TYPE: GC_TYPE_STRING},
   GC_SHOW_COUNTS_MIN: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (0, None)},
   GC_SHOW_GETTINGS: {GC_VAR_TYPE: GC_TYPE_BOOLEAN},
   GC_SITE_DIR: {GC_VAR_TYPE: GC_TYPE_DIRECTORY},
-  GC_USER_MAX_RESULTS: {GC_VAR_TYPE: GC_TYPE_INTEGER, GC_VAR_LIMITS: (1, 500)},
   GC_CSV_HEADER_FILTER: {GC_VAR_TYPE: GC_TYPE_HEADERFILTER},
   GC_CSV_ROW_FILTER: {GC_VAR_TYPE: GC_TYPE_ROWFILTER},
   GC_TLS_MIN_VERSION: {GC_VAR_TYPE: GC_TYPE_STRING},
@@ -1151,3 +1183,19 @@ LANGUAGE_CODES_MAP = {
   'ur': 'ur', 'uz': 'uz', 'vi': 'vi', 'wo': 'wo', 'xh': 'xh', 'yi': 'yi', 'yo': 'yo', #Urdu, Uzbek, Vietnamese, Wolof, Xhosa, Yiddish, Yoruba
   'zh-cn': 'zh-CN', 'zh-hk': 'zh-HK', 'zh-tw': 'zh-TW', 'zu': 'zu', #Chinese (Simplified), Chinese (Hong Kong/Traditional), Chinese (Taiwan/Traditional), Zulu
   }
+
+# maxResults exception values for API list calls. Should only be listed if:
+#   - discovery doc does not specify maximum value (we use maximum value if it
+#     exists, not this)
+#   - actual max API returns with maxResults=<bigNum>  > default API returns
+#     when maxResults isn't specified (we should use default otherwise by not
+#     setting maxResults)
+
+MAX_RESULTS_API_EXCEPTIONS = {
+  'calendar.acl.list': 250,
+  'calendar.calendarList.list': 250,
+  'calendar.events.list': 2500,
+  'calendar.settings.list': 250,
+  'directory.chromeosdevices.list': 200,
+  'drive.files.list': 1000,
+  }