Updated show events to honor show_convert_cr_nl

Clean up for -d and -s

src/GamCommands.txt

@@ -102,7 +102,7 @@ If an item contains spaces, it should be surrounded by ".
         banana|basil|blueberry|flamingo|graphite|grape|
         lavender|peacock|sage|tangerine|tomato
 <FileFormat> ::=
-        csv|doc|dot|docx|dotx|epub|html|jpeg|jpg|mht|odp|ods|odt|
+        csv|doc|dot|docx|dotx|epub|html|jpeg|jpg|json|mht|odp|ods|odt|
         pdf|png|ppt|pot|potx|pptx|rtf|svg|tsv|txt|xls|xlt|xlsx|xltx|zip|
         ms|microsoft|openoffice|
 <LabelColorHex> ::=
@@ -266,6 +266,7 @@ If an item contains spaces, it should be surrounded by ".
         appsheetstandard | appsheetenterprisestandard | 1010380002 | AppSheet Enterprise Standard |
         appsheetplus | appsheetenterpriseplus | 1010380003 | AppSheet Enterprise Plus |
         assuredcontrols | 1010390001 | Assured Controls |
+        assuredcontrolsplus | 1010390002 | Assured Controls Plus | 
         bce | beyondcorp | beyondcorpenterprise | cep | chromeenterprisepremium | 1010400001 | Chrome Enterprise Premium |
         cdm | chrome | googlechromedevicemanagement | Google-Chrome-Device-Management |
         cloudidentity | identity | 1010010001 | Cloud Identity |
@@ -1275,8 +1276,8 @@ If the pattern {{Section}} appears in <FileName>, it will be replaced with the n
 For redirect csv, the optional arguments must appear in the order shown.
 <Redirect> ::=
         redirect csv <FileName> [multiprocess] [append] [noheader] [charset <Charset>]
-                     [columndelimiter <Character>] [noescapechar <Boolean>] [quotechar <Character>]
-                     [sortheaders <StringList>] [timestampcolumn <String>]
+                     [columndelimiter <Character>] [quotechar <Character>] [noescapechar [<Boolean>]]
+                     [sortheaders <StringList>] [timestampcolumn <String>] [transpose [<Bopolean>]]
                      [todrive <ToDriveAttribute>*] |
         redirect stdout <FileName> [multiprocess] [append] |
         redirect stdout null [multiprocess] |
@@ -3925,6 +3926,10 @@ gam print group-members [todrive <ToDriveAttribute>*]
 
 # Cloud Identity Groups
 
+<CBCMBrowser> ::= id:cbcm-browser.<DeviceId>
+<ChromeOSDevice> ::= id:chrome-os-device.<DeviceId>
+<BrowserDeviceList> ::= "(<CBCMBrowser>|<ChromeOSDevice>)(,(<CBCMBrowser>|<ChromeOSDevice>))*"
+
 <CIGroupFieldsName> ::=
         additionalgroupkeys|
         createtime|
@@ -3954,12 +3959,12 @@ gam update cigroups <GroupEntity> create|add [<GroupRole>]
         [usersonly|groupsonly]
         [notsuspended|suspended] [notarchived|archived]
         [expire|expires <Time>] [preview] [actioncsv]
-        <UserTypeEntity>
+        <UserTypeEntity>|<BrowserDeviceList>
 gam update cigroups <GroupEntity> delete|remove [<GroupRole>]
         [usersonly|groupsonly]
         [notsuspended|suspended] [notarchived|archived]
         [preview] [actioncsv]
-        <UserTypeEntity>
+        <UserTypeEntity>|<BrowserDeviceList>
 gam update cigroups <GroupEntity> sync [<GroupRole>|ignorerole]
         [usersonly|groupsonly] [addonly|removeonly]
         [notsuspended|suspended] [notarchived|archived]

src/GamUpdate.txt

@@ -1,3 +1,52 @@
+7.05.18
+
+Updated `gam calendars <CalendarEntity> show events` and `gam <UserTypeEntity> show events`
+to display the event description according to `show_convert_cr_nl` in `gam.cfg`;
+previously, GAM assumed `show_convert_cr_nl = true`.
+```
+show_convert_cr_nl = false
+description:
+  Line 1
+  Line 2
+  Line 3
+
+show_convert_cr_nl = true
+description: Line 1\nLine 2\nLine 3\n
+```
+
+7.05.17
+
+Updated commands that delete drive ACLs to handle the following error:
+```
+ERROR: 403: cannotDeletePermission - The authenticated user does not have the required access to delete the permission.
+```
+
+7.05.16
+
+Added option `transpose [<Boolean>]` to `redirect csv` that causes
+GAM to transpose CSV output rows and columns. This will most useful
+when a `countsonly` option is used in a `print` or `report` command.
+
+7.05.15
+
+Updated `gam <UserTypeEntity> get drivefile` and `gam <UserTypeEntity> create drivefile`
+to allow downloading and uploading of Google Apps Scripts.
+```
+$ gam user user1@domain.com get drivefile 1ZY-YkS3E0OKipALra_XzfIh9cvxoILSbb8TRdHBFCpyB_mXI_J8FmjHv format json
+User: user1@domain.com, Download 1 Drive File
+  User: user1@domain.com, Drive File: Test Project, Downloaded to: /Users/gamteam/GamWork/Test Project.json, Type: Google Doc
+$ gam user user2@domain.com create drivefile localfile "Test Project.json" mimetype application/vnd.google-apps.script+json drivefilename "Test Project"
+User: user2@domain.com, Drive File: Test Project(1Ok_svw55VTreZ5CzcViJDLfEzVRi-Un8D9eG6I5pIeVyRl2YsmNiy3C_), Created with content from: Test Project.json
+```
+
+7.05.14
+
+Added the following License SKU:
+```
+ProductId SKUId Display Name
+101039 1010390002 Assured Controls Plus
+```
+
 7.05.13
 
 Updated license product names to match Google.

src/gam-install.sh

@@ -21,7 +21,7 @@ EOF
 }
 
 target_dir="$HOME/bin"
-target_gam="gam7/gam"
+target_folder="$target_dir/gam7"
 gamarch=$(uname -m)
 gamos=$(uname -s)
 osversion=""
@@ -36,7 +36,7 @@ while getopts "hd:a:o:b:lp:u:r:v:s" OPTION
 do
      case $OPTION in
          h) usage; exit;;
-         d) target_dir="$OPTARG";;
+         d) target_dir="${OPTARG%/}"; target_folder="$target_dir/gam7";;
          a) gamarch="$OPTARG";;
          o) gamos="$OPTARG";;
          b) osversion="$OPTARG";;
@@ -45,13 +45,11 @@ do
          u) adminuser="$OPTARG";;
          r) regularuser="$OPTARG";;
          v) gamversion="$OPTARG";;
-         s) strip_gam="--strip-components 1"; target_gam="gam";;
+         s) strip_gam="--strip-components 1"; target_folder="$target_dir";;
          ?) usage; exit;;
      esac
 done
-
-# remove possible / from end of target_dir
-target_dir=${target_dir%/}
+target_gam="$target_folder/gam"
 
 update_profile() {
         [ "$2" -eq 1 ] || [ -f "$1" ] || return 1
@@ -328,9 +326,9 @@ echo_yellow "Downloading ${download_url} to $temp_archive_dir ($check_type)..."
 # Save archive to temp w/o losing our path
 (cd "$temp_archive_dir" && curl -O -L -s "${curl_opts[@]}" "$download_url")
 
-mkdir -p "$target_dir"
-echo_yellow "Deleting contents of $target_dir/gam7/lib"
-rm -frv "$target_dir/gam7/lib"
+mkdir -p "$target_folder"
+echo_yellow "Deleting contents of $target_folder/lib"
+rm -frv "$target_folder/lib"
 
 echo_yellow "Extracting archive to $target_dir"
 if [[ "$name" =~ tar.xz|tar.gz|tar ]]; then
@@ -351,7 +349,7 @@ fi
 
 # Update profile to add gam command
 if [ "$update_profile" = true ]; then
-  alias_line="alias gam=\"${target_dir// /\\ }/$target_gam\""
+  alias_line="alias gam=\"$target_gam\""
   if [ "$gamos" == "linux" ]; then
     update_profile "$HOME/.bash_aliases" 0 || update_profile "$HOME/.bash_profile" 0 || update_profile "$HOME/.bashrc" 0
     update_profile "$HOME/.zshrc" 0
@@ -365,7 +363,7 @@ fi
 
 if [ "$upgrade_only" = true ]; then
   echo_green "Here's information about your GAM upgrade:"
-  "$target_dir/$target_gam" version extended
+  "$target_gam" version extended
   rc=$?
   if (( $rc != 0 )); then
     echo_red "ERROR: Failed running GAM for the first time with return code $rc. Please report this error to GAM mailing list. Exiting."
@@ -387,7 +385,7 @@ while true; do
       ;;
     [Nn]*)
 #      config_cmd="config no_browser true"
-      touch "$target_dir/gam7/nobrowser.txt" > /dev/null 2>&1
+      touch "$target_folder/nobrowser.txt" > /dev/null 2>&1
       break
       ;;
     *)
@@ -405,8 +403,8 @@ while true; do
       if [ "$adminuser" == "" ]; then
         read -p "Please enter your Google Workspace admin email address: " adminuser
       fi
-#      "$target_dir/$target_gam" $config_cmd create project $adminuser
-      "$target_dir/$target_gam" create project $adminuser
+#      "$target_gam" $config_cmd create project $adminuser
+      "$target_gam" create project $adminuser
       rc=$?
       if (( $rc == 0 )); then
         echo_green "Project creation complete."
@@ -431,8 +429,8 @@ while $project_created; do
   read -p "Are you ready to authorize GAM to perform Google Workspace management operations as your admin account? (yes or no) " yn
   case $yn in
     [Yy]*)
-#      "$target_dir/$target_gam" $config_cmd oauth create $adminuser
-      "$target_dir/$target_gam" oauth create $adminuser
+#      "$target_gam" $config_cmd oauth create $adminuser
+      "$target_gam" oauth create $adminuser
       rc=$?
       if (( $rc == 0 )); then
         echo_green "Admin authorization complete."
@@ -461,8 +459,8 @@ while $admin_authorized; do
         read -p "Please enter the email address of a regular Google Workspace user: " regularuser
       fi
       echo_yellow "Great! Checking service account scopes.This will fail the first time. Follow the steps to authorize and retry. It can take a few minutes for scopes to PASS after they've been authorized in the admin console."
-#      "$target_dir/$target_gam" $config_cmd user $regularuser check serviceaccount
-      "$target_dir/$target_gam" user $regularuser check serviceaccount
+#      "$target_gam" $config_cmd user $regularuser check serviceaccount
+      "$target_gam" user $regularuser check serviceaccount
       rc=$?
       if (( $rc == 0 )); then
         echo_green "Service account authorization complete."
@@ -483,8 +481,8 @@ while $admin_authorized; do
 done
 
 echo_green "Here's information about your new GAM installation:"
-#"$target_dir/$target_gam" $config_cmd save version extended
-"$target_dir/$target_gam" version extended
+#"$target_gam" $config_cmd save version extended
+"$target_gam" version extended
 rc=$?
 if (( $rc != 0 )); then
   echo_red "ERROR: Failed running GAM for the first time with $rc. Please report this error to GAM mailing list. Exiting."

src/gam/__init__.py

@@ -25,7 +25,7 @@ https://github.com/GAM-team/GAM/wiki
 """
 
 __author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
-__version__ = '7.05.13'
+__version__ = '7.05.18'
 __license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
 
 #pylint: disable=wrong-import-position
@@ -262,6 +262,7 @@ MIMETYPE_GA_JAM = f'{APPLICATION_VND_GOOGLE_APPS}jam'
 MIMETYPE_GA_MAP = f'{APPLICATION_VND_GOOGLE_APPS}map'
 MIMETYPE_GA_PRESENTATION = f'{APPLICATION_VND_GOOGLE_APPS}presentation'
 MIMETYPE_GA_SCRIPT = f'{APPLICATION_VND_GOOGLE_APPS}script'
+MIMETYPE_GA_SCRIPT_JSON = f'{APPLICATION_VND_GOOGLE_APPS}script+json'
 MIMETYPE_GA_SHORTCUT = f'{APPLICATION_VND_GOOGLE_APPS}shortcut'
 MIMETYPE_GA_3P_SHORTCUT = f'{APPLICATION_VND_GOOGLE_APPS}drive-sdk'
 MIMETYPE_GA_SITE = f'{APPLICATION_VND_GOOGLE_APPS}site'
@@ -4087,13 +4088,8 @@ def SetGlobalVariables():
       GC.Values[GC.OUTPUT_DATEFORMAT] = GM.Globals[GM.OUTPUT_DATEFORMAT]
     if not GC.Values[GC.OUTPUT_TIMEFORMAT]:
       GC.Values[GC.OUTPUT_TIMEFORMAT] = GM.Globals[GM.OUTPUT_TIMEFORMAT]
-# Create/set mode for oauth2.txt.lock
-  if not GM.Globals[GM.OAUTH2_TXT_LOCK]:
-    fileName = f'{GC.Values[GC.OAUTH2_TXT]}.lock'
-    if not os.path.isfile(fileName):
-      closeFile(openFile(fileName, mode=DEFAULT_FILE_APPEND_MODE))
-      os.chmod(fileName, 0o666)
-    GM.Globals[GM.OAUTH2_TXT_LOCK] = fileName
+# Define lockfile: oauth2.txt.lock
+  GM.Globals[GM.OAUTH2_TXT_LOCK] = f'{GC.Values[GC.OAUTH2_TXT]}.lock'
 # Override httplib2 settings
   httplib2.debuglevel = GC.Values[GC.DEBUG_LEVEL]
 # Reset global variables if required
@@ -4112,8 +4108,8 @@ def SetGlobalVariables():
   if checkArgumentPresent(Cmd.MULTIPROCESSEXIT_CMD):
     _setMultiprocessExit()
 # redirect csv <FileName> [multiprocess] [append] [noheader] [charset <CharSet>]
-#	       [columndelimiter <Character>] [noescapechar <Boolean>] [quotechar <Character>]]
-#	       [sortheaders <StringList>] [timestampcolumn <String>]
+#	       [columndelimiter <Character>] [quotechar <Character>]] [noescapechar [<Boolean>]]
+#	       [sortheaders <StringList>] [timestampcolumn <String>] [transpose [<Boolean>]]
 #	       [todrive <ToDriveAttribute>*]
 # redirect stdout <FileName> [multiprocess] [append]
 # redirect stdout null
@@ -4138,6 +4134,8 @@ def SetGlobalVariables():
         GM.Globals[GM.CSV_OUTPUT_SORT_HEADERS] = GC.Values[GC.CSV_OUTPUT_SORT_HEADERS] = getString(Cmd.OB_STRING_LIST, minLen=0).replace(',', ' ').split()
       if checkArgumentPresent('timestampcolumn'):
         GM.Globals[GM.CSV_OUTPUT_TIMESTAMP_COLUMN] = GC.Values[GC.CSV_OUTPUT_TIMESTAMP_COLUMN] = getString(Cmd.OB_STRING, minLen=0)
+      if checkArgumentPresent('transpose'):
+        GM.Globals[GM.CSV_OUTPUT_TRANSPOSE] = getBoolean()
       _setCSVFile(filename, mode, encoding, writeHeader, multi)
       GM.Globals[GM.CSVFILE][GM.REDIRECT_QUEUE_CSVPF] = CSVPrintFile()
       if checkArgumentPresent('todrive'):
@@ -4446,7 +4444,7 @@ def handleOAuthTokenError(e, softErrors, displayError=False, i=0, count=0):
     if not GM.Globals[GM.CURRENT_SVCACCT_USER]:
       ClientAPIAccessDeniedExit()
     if softErrors:
-      entityDoesNotExistWarning(Ent.USER, GM.Globals[GM.CURRENT_SVCACCT_USER], i, count)
+      entityActionFailedWarning([Ent.USER, GM.Globals[GM.CURRENT_SVCACCT_USER], Ent.USER, None], errMsg, i, count)
       return None
     systemErrorExit(SERVICE_NOT_APPLICABLE_RC, Msg.SERVICE_NOT_APPLICABLE_THIS_ADDRESS.format(GM.Globals[GM.CURRENT_SVCACCT_USER]))
   if errMsg in API.OAUTH2_UNAUTHORIZED_ERRORS:
@@ -7793,6 +7791,7 @@ class CSVPrintFile():
   def __init__(self, titles=None, sortTitles=None, indexedTitles=None):
     self.rows = []
     self.rowCount = 0
+    self.outputTranspose = GM.Globals[GM.CSV_OUTPUT_TRANSPOSE]
     self.todrive = GM.Globals[GM.CSV_TODRIVE]
     self.titlesSet = set()
     self.titlesList = []
@@ -8992,6 +8991,22 @@ class CSVPrintFile():
         self.JSONtitlesList = self.orderHeaders(self.JSONtitlesList)
       titlesList = self.JSONtitlesList
     normalizeSortHeaders()
+    if self.outputTranspose:
+      newRows = []
+      pivotKey = titlesList[0]
+      newTitlesList = [pivotKey]
+      newTitlesSet = set(newTitlesList)
+      for title in titlesList[1:]:
+        newRow = {pivotKey: title}
+        for row in self.rows:
+          pivotValue = row[pivotKey]
+          if pivotValue not in newTitlesSet:
+            newTitlesSet.add(pivotValue)
+            newTitlesList.append(pivotValue)
+          newRow[pivotValue] = row.get(title)
+        newRows.append(newRow)
+      titlesList = newTitlesList
+      self.rows = newRows
     if (not self.todrive) or self.todrive['localcopy']:
       if GM.Globals[GM.CSVFILE][GM.REDIRECT_NAME] == '-':
         if GM.Globals[GM.STDOUT][GM.REDIRECT_MULTI_FD]:
@@ -39390,7 +39405,10 @@ def _showCalendarEvent(primaryEmail, calId, eventEntityType, event, k, kcount, F
   Ind.Increment()
   for field in EVENT_SHOW_ORDER:
     if field in event:
-      showJSON(field, event[field], skipObjects, EVENT_TIME_OBJECTS)
+      if field != 'description':
+        showJSON(field, event[field], skipObjects, EVENT_TIME_OBJECTS)
+      else:
+        printKeyValueWithCRsNLs(field, event[field])
       skipObjects.add(field)
   showJSON(None, event, skipObjects)
   Ind.Decrement()
@@ -57402,6 +57420,8 @@ def createDriveFile(users):
   if parameters[DFA_LOCALFILEPATH]:
     if parameters[DFA_LOCALFILEPATH] != '-' and parameters[DFA_PRESERVE_FILE_TIMES]:
       setPreservedFileTimes(body, parameters, False)
+    if body.get('mimeType') == MIMETYPE_GA_SCRIPT_JSON:
+      parameters[DFA_LOCALMIMETYPE] = body['mimeType']
     media_body = getMediaBody(parameters)
   elif parameters[DFA_URL]:
     media_body = getMediaBody(parameters)
@@ -58723,7 +58743,7 @@ def _copyPermissions(drive, user, i, count, j, jcount,
     except (GAPI.notFound, GAPI.permissionNotFound,
             GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
             GAPI.fileNeverWritable, GAPI.badRequest, GAPI.cannotRemoveOwner, GAPI.cannotModifyInheritedTeamDrivePermission,
-            GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded) as e:
+            GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded, GAPI.cannotDeletePermission) as e:
       entityActionFailedWarning(kvList, str(e), k, kcount)
     except (GAPI.serviceNotAvailable, GAPI.authError, GAPI.domainPolicy) as e:
       userDriveServiceNotEnabledWarning(user, str(e), i, count)
@@ -59754,7 +59774,7 @@ def _updateMoveFilePermissions(drive, user, i, count,
       except (GAPI.notFound, GAPI.permissionNotFound,
               GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
               GAPI.fileNeverWritable, GAPI.badRequest, GAPI.cannotRemoveOwner, GAPI.cannotModifyInheritedTeamDrivePermission,
-              GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded) as e:
+              GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded, GAPI.cannotDeletePermission) as e:
         entityActionFailedWarning(kvList, str(e), k, kcount)
       except (GAPI.serviceNotAvailable, GAPI.authError, GAPI.domainPolicy) as e:
         userDriveServiceNotEnabledWarning(user, str(e), i, count)
@@ -60439,6 +60459,7 @@ GOOGLEDOC_VALID_EXTENSIONS_MAP = {
   MIMETYPE_GA_DOCUMENT: ['.docx', '.epub', '.html', '.odt', '.pdf', '.rtf', '.txt', '.zip'],
   MIMETYPE_GA_JAM: ['.pdf'],
   MIMETYPE_GA_PRESENTATION: ['.pdf', '.pptx', '.odp', '.txt'],
+  MIMETYPE_GA_SCRIPT: ['.json'],
   MIMETYPE_GA_SPREADSHEET: ['.csv', '.ods', '.pdf', '.tsv', '.xlsx', '.zip'],
   }
 
@@ -60474,6 +60495,7 @@ DOCUMENT_FORMATS_MAP = {
   'html': [{'mime': 'text/html', 'ext': '.html'}],
   'jpeg': [{'mime': 'image/jpeg', 'ext': '.jpeg'}],
   'jpg': [{'mime': 'image/jpeg', 'ext': '.jpg'}],
+  'json': [{'mime': MIMETYPE_GA_SCRIPT_JSON, 'ext': '.json'}],
   'mht': [{'mime': 'message/rfc822', 'ext': 'mht'}],
   'odp': [{'mime': 'application/vnd.oasis.opendocument.presentation', 'ext': '.odp'}],
   'ods': [{'mime': 'application/x-vnd.oasis.opendocument.spreadsheet', 'ext': '.ods'},
@@ -61455,7 +61477,7 @@ def transferDrive(users):
         if showRetentionMessages:
           entityActionPerformed([Ent.USER, sourceUser, childFileType, childFileName, Ent.ROLE, ownerRetainRoleBody['role']], j, jcount)
       except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
-              GAPI.badRequest, GAPI.sharingRateLimitExceeded, GAPI.cannotRemoveOwner) as e:
+              GAPI.badRequest, GAPI.sharingRateLimitExceeded, GAPI.cannotRemoveOwner, GAPI.cannotDeletePermission) as e:
         entityActionFailedWarning([Ent.USER, sourceUser, childFileType, childFileName], str(e), j, jcount)
       except GAPI.permissionNotFound:
         entityDoesNotHaveItemWarning([Ent.USER, sourceUser, childFileType, childFileName, Ent.PERMISSION_ID, sourcePermissionId], j, jcount)
@@ -61508,7 +61530,7 @@ def transferDrive(users):
         if showRetentionMessages:
           entityActionPerformed([Ent.USER, sourceUser, childFileType, childFileName, Ent.ROLE, sourceUpdateRole['role']], j, jcount)
       except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
-              GAPI.badRequest, GAPI.sharingRateLimitExceeded, GAPI.cannotRemoveOwner) as e:
+              GAPI.badRequest, GAPI.sharingRateLimitExceeded, GAPI.cannotRemoveOwner, GAPI.cannotDeletePermission) as e:
         entityActionFailedWarning([Ent.USER, ownerUser, childFileType, childFileName], str(e), j, jcount)
       except GAPI.permissionNotFound:
         entityDoesNotHaveItemWarning([Ent.USER, ownerUser, childFileType, childFileName, Ent.PERMISSION_ID, sourcePermissionId], j, jcount)
@@ -61532,7 +61554,7 @@ def transferDrive(users):
           if showRetentionMessages:
             entityActionPerformed([Ent.USER, targetUser, childFileType, childFileName, Ent.ROLE, targetInsertBody['role']], j, jcount)
         except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
-                GAPI.badRequest, GAPI.sharingRateLimitExceeded) as e:
+                GAPI.badRequest, GAPI.sharingRateLimitExceeded, GAPI.cannotDeletePermission) as e:
           entityActionFailedWarning([Ent.USER, ownerUser, childFileType, childFileName], str(e), j, jcount)
         except GAPI.invalidSharingRequest as e:
           entityActionFailedWarning([Ent.USER, ownerUser, childFileType, childFileName], Ent.TypeNameMessage(Ent.PERMISSION_ID, targetPermissionId, str(e)), j, jcount)
@@ -62275,7 +62297,7 @@ def claimOwnership(users):
         entityActionPerformed([Ent.USER, oldOwner, entityType, fileDesc, Ent.ROLE, sourceRetainRoleBody['role']], l, lcount)
     except GAPI.permissionNotFound:
       entityDoesNotHaveItemWarning([Ent.USER, oldOwner, entityType, fileDesc, Ent.PERMISSION_ID, oldOwnerPermissionId], l, lcount)
-    except (GAPI.badRequest, GAPI.insufficientFilePermissions) as e:
+    except (GAPI.badRequest, GAPI.insufficientFilePermissions, GAPI.cannotDeletePermission) as e:
       entityActionFailedWarning([Ent.USER, oldOwner, entityType, fileDesc], str(e), l, lcount)
     except (GAPI.serviceNotAvailable, GAPI.authError, GAPI.domainPolicy) as e:
       userDriveServiceNotEnabledWarning(user, str(e), i, count)
@@ -63447,7 +63469,7 @@ def deleteDriveFileACLs(users, useDomainAdminAccess=False):
           _updateSheetProtectedRangesACLchange(sheet, user, i, count, j, jcount, fileId, fileName, False, permission)
       except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
               GAPI.fileNeverWritable, GAPI.badRequest, GAPI.cannotRemoveOwner, GAPI.cannotModifyInheritedTeamDrivePermission,
-              GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded) as e:
+              GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded, GAPI.cannotDeletePermission) as e:
         entityActionFailedWarning([Ent.USER, user, entityType, fileName], str(e), j, jcount)
       except GAPI.notFound as e:
         entityActionFailedWarning([Ent.USER, user, Ent.SHAREDDRIVE, fileName], str(e), j, jcount)
@@ -63503,7 +63525,7 @@ def deletePermissions(users, useDomainAdminAccess=False):
         entityActionPerformed([Ent.DRIVE_FILE_OR_FOLDER_ID, ri[RI_ENTITY], Ent.PERMISSION_ID, ri[RI_ITEM]], int(ri[RI_J]), int(ri[RI_JCOUNT]))
       except (GAPI.fileNotFound, GAPI.forbidden, GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.unknownError,
               GAPI.badRequest, GAPI.cannotRemoveOwner, GAPI.cannotModifyInheritedTeamDrivePermission,
-              GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded, GAPI.permissionNotFound,
+              GAPI.insufficientAdministratorPrivileges, GAPI.sharingRateLimitExceeded, GAPI.permissionNotFound, GAPI.cannotDeletePermission,
               GAPI.serviceNotAvailable, GAPI.authError, GAPI.domainPolicy) as e:
         entityActionFailedWarning([Ent.DRIVE_FILE_OR_FOLDER_ID, ri[RI_ENTITY], Ent.PERMISSION_ID, ri[RI_ITEM]], str(e), int(ri[RI_J]), int(ri[RI_JCOUNT]))
     if int(ri[RI_J]) == int(ri[RI_JCOUNT]):

src/gam/gamlib/glgapi.py

@@ -37,6 +37,7 @@ CANNOT_CHANGE_OWNER_ACL = 'cannotChangeOwnerAcl'
 CANNOT_CHANGE_OWN_PRIMARY_SUBSCRIPTION = 'cannotChangeOwnPrimarySubscription'
 CANNOT_COPY_FILE = 'cannotCopyFile'
 CANNOT_DELETE_ONLY_REVISION = 'cannotDeleteOnlyRevision'
+CANNOT_DELETE_PERMISSION = 'cannotDeletePermission'
 CANNOT_DELETE_PRIMARY_CALENDAR = 'cannotDeletePrimaryCalendar'
 CANNOT_DELETE_PRIMARY_SENDAS = 'cannotDeletePrimarySendAs'
 CANNOT_DELETE_RESOURCE_WITH_CHILDREN = 'cannotDeleteResourceWithChildren'
@@ -246,7 +247,7 @@ DRIVE3_UPDATE_ACL_THROW_REASONS = [BAD_REQUEST, INVALID_OWNERSHIP_TRANSFER, CANN
 DRIVE3_DELETE_ACL_THROW_REASONS = [BAD_REQUEST, CANNOT_REMOVE_OWNER,
                                    CANNOT_MODIFY_INHERITED_TEAMDRIVE_PERMISSION,
                                    INSUFFICIENT_ADMINISTRATOR_PRIVILEGES, SHARING_RATE_LIMIT_EXCEEDED,
-                                   NOT_FOUND, PERMISSION_NOT_FOUND]
+                                   NOT_FOUND, PERMISSION_NOT_FOUND, CANNOT_DELETE_PERMISSION]
 DRIVE3_MODIFY_LABEL_THROW_REASONS = DRIVE_USER_THROW_REASONS+[FILE_NOT_FOUND, NOT_FOUND, FORBIDDEN, INTERNAL_ERROR,
                                                               FILE_NEVER_WRITABLE, APPLY_LABEL_FORBIDDEN,
                                                               INSUFFICIENT_ADMINISTRATOR_PRIVILEGES, INSUFFICIENT_FILE_PERMISSIONS,
@@ -382,6 +383,8 @@ class cannotCopyFile(Exception):
   pass
 class cannotDeleteOnlyRevision(Exception):
   pass
+class cannotDeletePermission(Exception):
+  pass
 class cannotDeletePrimaryCalendar(Exception):
   pass
 class cannotDeletePrimarySendAs(Exception):
@@ -676,6 +679,7 @@ REASON_EXCEPTION_MAP = {
   CANNOT_CHANGE_OWN_PRIMARY_SUBSCRIPTION: cannotChangeOwnPrimarySubscription,
   CANNOT_COPY_FILE: cannotCopyFile,
   CANNOT_DELETE_ONLY_REVISION: cannotDeleteOnlyRevision,
+  CANNOT_DELETE_PERMISSION: cannotDeletePermission,
   CANNOT_DELETE_PRIMARY_CALENDAR: cannotDeletePrimaryCalendar,
   CANNOT_DELETE_PRIMARY_SENDAS: cannotDeletePrimarySendAs,
   CANNOT_DELETE_RESOURCE_WITH_CHILDREN: cannotDeleteResourceWithChildren,

src/gam/gamlib/glglobals.py

@@ -85,6 +85,8 @@ CSV_OUTPUT_ROW_FILTER_MODE = 'corm'
 CSV_OUTPUT_ROW_LIMIT = 'corl'
 # Add timestamp column to CSV output file
 CSV_OUTPUT_TIMESTAMP_COLUMN = 'cotc'
+# Transpose output rows/columns
+CSV_OUTPUT_TRANSPOSE = 'cotr'
 # Output sort headers
 CSV_OUTPUT_SORT_HEADERS = 'cosh'
 # CSV todrive options
@@ -250,6 +252,7 @@ Globals = {
   CSV_OUTPUT_ROW_LIMIT: 0,
   CSV_OUTPUT_SORT_HEADERS: [],
   CSV_OUTPUT_TIMESTAMP_COLUMN: None,
+  CSV_OUTPUT_TRANSPOSE: False,
   CSV_TODRIVE: {},
   CURRENT_API_SERVICES: {},
   CURRENT_CLIENT_API: None,

src/gam/gamlib/glskus.py

@@ -87,6 +87,8 @@ _SKUS = {
     'product': '101038', 'aliases': ['appsheetplus', 'appsheetenterpriseplus'], 'displayName': 'AppSheet Enterprise Plus'},
   '1010390001': {
     'product': '101039', 'aliases': ['assuredcontrols'], 'displayName': 'Assured Controls'},
+  '1010390002': {
+    'product': '101039', 'aliases': ['assuredcontrolsplus'], 'displayName': 'Assured Controls Plus'},
   '1010400001': {
     'product': '101040', 'aliases': ['beyondcorp', 'beyondcorpenterprise', 'bce', 'cep', 'chromeenterprisepremium'], 'displayName': 'Chrome Enterprise Premium'},
   '1010430001': {