Compare commits

...

15 Commits

Author SHA1 Message Date
Ross Scroggs
ef1018f286 Expand adminrole commands 2025-08-04 14:33:36 -07:00
Ross Scroggs
63c0c58bf6 Update Administrators.md 2025-08-04 14:28:16 -07:00
Ross Scroggs
aa443ae6cb Update Administrators.md 2025-08-04 14:27:05 -07:00
Ross Scroggs
dbec314359 Update Classroom-Membership.md 2025-08-04 14:25:24 -07:00
Ross Scroggs
8270f0a82a Update Chat Bot documentation
Some checks failed
Push wiki / pushwiki (push) Has been cancelled
Build and test GAM / build (build, 1, Build Intel Ubuntu Jammy, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (build, 10, Build Intel Windows, windows-2022) (push) Has been cancelled
Build and test GAM / build (build, 11, Build Arm Windows, windows-11-arm) (push) Has been cancelled
Build and test GAM / build (build, 2, Build Intel Ubuntu Noble, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (build, 3, Build Arm Ubuntu Noble, ubuntu-24.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 4, Build Arm Ubuntu Jammy, ubuntu-22.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 5, Build Intel StaticX Legacy, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (build, 6, Build Arm StaticX Legacy, ubuntu-22.04-arm, yes) (push) Has been cancelled
Build and test GAM / build (build, 7, Build Intel MacOS, macos-13) (push) Has been cancelled
Build and test GAM / build (build, 8, Build Arm MacOS 14, macos-14) (push) Has been cancelled
Build and test GAM / build (build, 9, Build Arm MacOS 15, macos-15) (push) Has been cancelled
Build and test GAM / build (test, 12, Test Python 3.10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (test, 13, Test Python 3.11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (test, 14, Test Python 3.12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (test, 15, Test Python 3.14-dev, ubuntu-24.04, 3.14-dev) (push) Has been cancelled
Build and test GAM / merge (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled
Check for Google Root CA Updates / check-apis (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
2025-08-01 09:05:53 -07:00
Ross Scroggs
2a4cd66227 Added commands to display Business Profile Accounts. #1807
Some checks failed
Push wiki / pushwiki (push) Has been cancelled
Build and test GAM / build (build, 1, Build Intel Ubuntu Jammy, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (build, 10, Build Intel Windows, windows-2022) (push) Has been cancelled
Build and test GAM / build (build, 11, Build Arm Windows, windows-11-arm) (push) Has been cancelled
Build and test GAM / build (build, 2, Build Intel Ubuntu Noble, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (build, 3, Build Arm Ubuntu Noble, ubuntu-24.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 4, Build Arm Ubuntu Jammy, ubuntu-22.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 5, Build Intel StaticX Legacy, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (build, 6, Build Arm StaticX Legacy, ubuntu-22.04-arm, yes) (push) Has been cancelled
Build and test GAM / build (build, 7, Build Intel MacOS, macos-13) (push) Has been cancelled
Build and test GAM / build (build, 8, Build Arm MacOS 14, macos-14) (push) Has been cancelled
Build and test GAM / build (build, 9, Build Arm MacOS 15, macos-15) (push) Has been cancelled
Build and test GAM / build (test, 12, Test Python 3.10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (test, 13, Test Python 3.11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (test, 14, Test Python 3.12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (test, 15, Test Python 3.14-dev, ubuntu-24.04, 3.14-dev) (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Check for Google Root CA Updates / check-apis (push) Has been cancelled
Build and test GAM / merge (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled
2025-07-31 18:11:49 -07:00
Ross Scroggs
a87ff9effc Added commands to display Business Profile Accounts. #1807 2025-07-31 18:11:20 -07:00
Ross Scroggs
df793c2bbb Update GamUpdates.md
Some checks failed
Build and test GAM / build (build, 1, Build Intel Ubuntu Jammy, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (build, 10, Build Intel Windows, windows-2022) (push) Has been cancelled
Build and test GAM / build (build, 11, Build Arm Windows, windows-11-arm) (push) Has been cancelled
Build and test GAM / build (build, 2, Build Intel Ubuntu Noble, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (build, 3, Build Arm Ubuntu Noble, ubuntu-24.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 4, Build Arm Ubuntu Jammy, ubuntu-22.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 5, Build Intel StaticX Legacy, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (build, 6, Build Arm StaticX Legacy, ubuntu-22.04-arm, yes) (push) Has been cancelled
Build and test GAM / build (build, 7, Build Intel MacOS, macos-13) (push) Has been cancelled
Build and test GAM / build (build, 8, Build Arm MacOS 14, macos-14) (push) Has been cancelled
Build and test GAM / build (build, 9, Build Arm MacOS 15, macos-15) (push) Has been cancelled
Build and test GAM / build (test, 12, Test Python 3.10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (test, 13, Test Python 3.11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (test, 14, Test Python 3.12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (test, 15, Test Python 3.14-dev, ubuntu-24.04, 3.14-dev) (push) Has been cancelled
Build and test GAM / merge (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Check for Google Root CA Updates / check-apis (push) Has been cancelled
Push wiki / pushwiki (push) Has been cancelled
2025-07-31 11:43:48 -07:00
Ross Scroggs
3bc32da275 Fixed bug in gam <UserItem> print|show chatspaces asadmin fields <ChatSpaceFieldNameList>` 2025-07-31 10:59:44 -07:00
Ross Scroggs
ce7e506c29 Fixed bug in gam <UserItem> print|show chatspaces asadmin fields <ChatSpaceFieldNameList>` 2025-07-31 10:59:26 -07:00
Ross Scroggs
a9d8ac27d3 Update GamUpdates.md
Some checks failed
Build and test GAM / build (build, 1, Build Intel Ubuntu Jammy, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (build, 10, Build Intel Windows, windows-2022) (push) Has been cancelled
Build and test GAM / build (build, 11, Build Arm Windows, windows-11-arm) (push) Has been cancelled
Build and test GAM / build (build, 2, Build Intel Ubuntu Noble, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (build, 3, Build Arm Ubuntu Noble, ubuntu-24.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 4, Build Arm Ubuntu Jammy, ubuntu-22.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 5, Build Intel StaticX Legacy, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (build, 6, Build Arm StaticX Legacy, ubuntu-22.04-arm, yes) (push) Has been cancelled
Build and test GAM / build (build, 7, Build Intel MacOS, macos-13) (push) Has been cancelled
Build and test GAM / build (build, 8, Build Arm MacOS 14, macos-14) (push) Has been cancelled
Build and test GAM / build (build, 9, Build Arm MacOS 15, macos-15) (push) Has been cancelled
Build and test GAM / build (test, 12, Test Python 3.10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (test, 13, Test Python 3.11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (test, 14, Test Python 3.12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (test, 15, Test Python 3.14-dev, ubuntu-24.04, 3.14-dev) (push) Has been cancelled
Build and test GAM / merge (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Check for Google Root CA Updates / check-apis (push) Has been cancelled
Push wiki / pushwiki (push) Has been cancelled
2025-07-30 21:01:25 -07:00
Ross Scroggs
58912ae7ac Update GamUpdates.md 2025-07-30 20:56:41 -07:00
Ross Scroggs
f882439cbd Updated gam <UserTypeEntity> print|show webmastersites to handle permissionDenied 2025-07-30 19:28:59 -07:00
Ross Scroggs
56bc52aa28 Updated gam <UserTypeEntity> print|show webmastersites to handle permissionDenied 2025-07-30 19:28:47 -07:00
Ross Scroggs
416125abac Fixed bug in gam <UserTypeEntity> show webmastersites that caused a trap.
Some checks failed
Build and test GAM / build (build, 1, Build Intel Ubuntu Jammy, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (build, 10, Build Intel Windows, windows-2022) (push) Has been cancelled
Build and test GAM / build (build, 11, Build Arm Windows, windows-11-arm) (push) Has been cancelled
Build and test GAM / build (build, 2, Build Intel Ubuntu Noble, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (build, 3, Build Arm Ubuntu Noble, ubuntu-24.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 4, Build Arm Ubuntu Jammy, ubuntu-22.04-arm) (push) Has been cancelled
Build and test GAM / build (build, 5, Build Intel StaticX Legacy, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (build, 6, Build Arm StaticX Legacy, ubuntu-22.04-arm, yes) (push) Has been cancelled
Build and test GAM / build (build, 7, Build Intel MacOS, macos-13) (push) Has been cancelled
Build and test GAM / build (build, 8, Build Arm MacOS 14, macos-14) (push) Has been cancelled
Build and test GAM / build (build, 9, Build Arm MacOS 15, macos-15) (push) Has been cancelled
Build and test GAM / build (test, 12, Test Python 3.10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (test, 13, Test Python 3.11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (test, 14, Test Python 3.12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (test, 15, Test Python 3.14-dev, ubuntu-24.04, 3.14-dev) (push) Has been cancelled
Build and test GAM / merge (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Check for Google Root CA Updates / check-apis (push) Has been cancelled
Push wiki / pushwiki (push) Has been cancelled
2025-07-29 17:55:06 -07:00
15 changed files with 369 additions and 51 deletions

View File

@@ -1511,15 +1511,22 @@ gam show privileges
<RoleItem> ::= id:<String>|uid:<string>|<String> <RoleItem> ::= id:<String>|uid:<string>|<String>
gam create adminrole <String> [description <String>] gam create adminrole <String> [description <String>]
privileges all|all_ou|<PrivilegesList>|(select <FileSelector>|<CSVFileSelector>) privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>)|<JSONData>
[csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]] (addcsvdata <FieldName> <String>)*]
gam update adminrole <RoleItem> [name <String>] [description <String>] gam update adminrole <RoleItem> [name <String>] [description <String>]
[privileges all|all_ou|<PrivilegesList>|(select <FileSelector>|<CSVFileSelector>)] [privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>)|<JSONData>]
[csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]] (addcsvdata <FieldName> <String>)*]
gam delete adminrole <RoleItem> gam delete adminrole <RoleItem>
gam info adminrole <RoleItem> [privileges] gam info adminrole <RoleItem> [privileges]
[formatjson]
gam print adminroles|roles [todrive <ToDriveAttribute>*] gam print adminroles|roles [todrive <ToDriveAttribute>*]
[role <RoleItem>] [privileges] [oneitemperrow] [role <RoleItem>] [privileges] [oneitemperrow]
[nosystemroles]
[formatjson [quotechar <Character>]]
gam show adminroles|roles gam show adminroles|roles
[role <RoleItem>] [privileges] [role <RoleItem>] [privileges]
[nosystemroles]
[formatjson]
gam create|add admin <EmailAddress>|<UniqueID> <RoleItem> customer|(org_unit <OrgUnitItem>) gam create|add admin <EmailAddress>|<UniqueID> <RoleItem> customer|(org_unit <OrgUnitItem>)
[condition securitygroup|nonsecuritygroup] [condition securitygroup|nonsecuritygroup]
@@ -3436,6 +3443,13 @@ gam print guardian|guardians [todrive <ToDriveAttribute>*] [accepted|invitations
[showstudentemails] [showstudentemails]
[formatjson [quotechar <Character>]] [formatjson [quotechar <Character>]]
# Business Profile Accounts
gam show businessprofileaccounts
[type locationgroup|organization|personal|usergroup]
gam print businessprofileaccounts [todrive <ToDriveAttribute>*]
[type locationgroup|organization|personal|usergroup]
# Classroom User Profiles # Classroom User Profiles
gam <UserTypeEntity> print classroomprofile [todrive <ToDriveAttribute>*] gam <UserTypeEntity> print classroomprofile [todrive <ToDriveAttribute>*]

View File

@@ -1,3 +1,42 @@
7.18.01
Added option `nosystemroles` to `gam print|show adminroles` that causes GAM
to only display non-system roles.
Added option `formatjson` to `gam info|print|show adminroles`; this will be most useful
when the `privileges` option is used.
Updated `gam create|update adminrole` to allow specification of privileges with
JSON data: `privileges <JSONData>`. These two updates make it easier to copy admin roles.
Updated `gam create|update adminrole` to allow output of the created/updated
role data in CSV format; by default, GAM displays `<RoleName>(<RoleID>) created|updated`.
```
csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]] (addcsvdata <FieldName> <String>)*
```
7.18.00
Added commands to display Business Profile Accounts.
These are special purpose commands and will not generally be used.
```
gam show businessprofileaccounts
gam print businessprofileaccounts [todrive <ToDriveAttribute>*]
```
7.17.03
Fixed bug in `gam <UserItem> print|show chatspaces asadmin fields <ChatSpaceFieldNameList>` that caused a trap
when `displayname` was not in `<ChatSpaceFieldNameList>`.
7.17.02
Updated `gam <UserTypeEntity> print|show webmastersites` to handle the following error
that occurs if you haven't updated your project to include the Google Search Console API.
```
ERROR: 403: permissionDenied - Google Search Console API has not been used in project 111055363999 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/searchconsole.googleapis.com/overview?project=111055363999 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
```
7.17.01 7.17.01
Fixed bug in `gam <UserTypeEntity> show webmastersites` that caused a trap. Fixed bug in `gam <UserTypeEntity> show webmastersites` that caused a trap.

View File

@@ -25,7 +25,7 @@ https://github.com/GAM-team/GAM/wiki
""" """
__author__ = 'GAM Team <google-apps-manager@googlegroups.com>' __author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
__version__ = '7.17.01' __version__ = '7.18.01'
__license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)' __license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
#pylint: disable=wrong-import-position #pylint: disable=wrong-import-position
@@ -5579,7 +5579,12 @@ def buildGAPIObject(api, credentials=None):
try: try:
API_Scopes = set(list(service._rootDesc['auth']['oauth2']['scopes'])) API_Scopes = set(list(service._rootDesc['auth']['oauth2']['scopes']))
except KeyError: except KeyError:
API_Scopes = set(API.VAULT_SCOPES) if api == API.VAULT else set() if api == API.VAULT:
API_Scopes = set(API.VAULT_SCOPES)
elif api == API.BUSINESSACCOUNTMANAGEMENT:
API_Scopes = {API.BUSINESSACCOUNTMANAGEMENT_SCOPE}
else:
API_Scopes = set()
GM.Globals[GM.CURRENT_CLIENT_API] = api GM.Globals[GM.CURRENT_CLIENT_API] = api
GM.Globals[GM.CURRENT_CLIENT_API_SCOPES] = API_Scopes.intersection(GM.Globals[GM.CREDENTIALS_SCOPES]) GM.Globals[GM.CURRENT_CLIENT_API_SCOPES] = API_Scopes.intersection(GM.Globals[GM.CREDENTIALS_SCOPES])
if api not in API.SCOPELESS_APIS and not GM.Globals[GM.CURRENT_CLIENT_API_SCOPES]: if api not in API.SCOPELESS_APIS and not GM.Globals[GM.CURRENT_CLIENT_API_SCOPES]:
@@ -5688,19 +5693,22 @@ def getUserEmailFromID(uid, cd):
try: try:
result = callGAPI(cd.users(), 'get', result = callGAPI(cd.users(), 'get',
throwReasons=GAPI.USER_GET_THROW_REASONS, throwReasons=GAPI.USER_GET_THROW_REASONS,
retryReasons=GAPI.SERVICE_NOT_AVAILABLE_RETRY_REASONS,
userKey=uid, fields='primaryEmail') userKey=uid, fields='primaryEmail')
return result.get('primaryEmail') return result.get('primaryEmail')
except (GAPI.userNotFound, GAPI.domainNotFound, GAPI.domainCannotUseApis, GAPI.forbidden, except (GAPI.userNotFound, GAPI.domainNotFound, GAPI.domainCannotUseApis, GAPI.forbidden,
GAPI.badRequest, GAPI.backendError, GAPI.systemError): GAPI.badRequest, GAPI.backendError, GAPI.systemError, GAPI.serviceNotAvailable):
return None return None
def getGroupEmailFromID(uid, cd): def getGroupEmailFromID(uid, cd):
try: try:
result = callGAPI(cd.groups(), 'get', result = callGAPI(cd.groups(), 'get',
throwReasons=GAPI.GROUP_GET_THROW_REASONS, throwReasons=GAPI.GROUP_GET_THROW_REASONS,
retryReasons=GAPI.SERVICE_NOT_AVAILABLE_RETRY_REASONS,
groupKey=uid, fields='email') groupKey=uid, fields='email')
return result.get('email') return result.get('email')
except (GAPI.groupNotFound, GAPI.domainNotFound, GAPI.domainCannotUseApis, GAPI.forbidden, GAPI.badRequest): except (GAPI.groupNotFound, GAPI.domainNotFound, GAPI.domainCannotUseApis, GAPI.forbidden,
GAPI.badRequest, GAPI.serviceNotAvailable):
return None return None
def getServiceAccountEmailFromID(account_id, sal=None): def getServiceAccountEmailFromID(account_id, sal=None):
@@ -16613,10 +16621,14 @@ def getRoleId():
invalidChoiceExit(role, GM.Globals[GM.MAP_ROLE_NAME_TO_ID], True) invalidChoiceExit(role, GM.Globals[GM.MAP_ROLE_NAME_TO_ID], True)
return (role, roleId) return (role, roleId)
PRINT_ADMIN_ROLES_FIELDS = ['roleId', 'roleName', 'roleDescription', 'isSuperAdminRole', 'isSystemRole']
# gam create adminrole <String> [description <String>] # gam create adminrole <String> [description <String>]
# privileges all|all_ou|<PrivilegesList>|(select <FileSelector>|<CSVFileSelector>) # privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>)|<JSONData>
# [csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]] (addcsvdata <FieldName> <String>)*]
# gam update adminrole <RoleItem> [name <String>] [description <String>] # gam update adminrole <RoleItem> [name <String>] [description <String>]
# [privileges all|all_ou|<PrivilegesList>|(select <FileSelector>|<CSVFileSelector>)] # [privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>)|<JSONData>]
# [csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]] (addcsvdata <FieldName> <String>)*]
def doCreateUpdateAdminRoles(): def doCreateUpdateAdminRoles():
def expandChildPrivileges(privilege): def expandChildPrivileges(privilege):
for childPrivilege in privilege.get('childPrivileges', []): for childPrivilege in privilege.get('childPrivileges', []):
@@ -16633,6 +16645,9 @@ def doCreateUpdateAdminRoles():
allPrivileges = {} allPrivileges = {}
ouPrivileges = {} ouPrivileges = {}
childPrivileges = {} childPrivileges = {}
csvPF = None
FJQC = FormatJSONQuoteChar(None)
addCSVData = {}
for privilege in _listPrivileges(cd): for privilege in _listPrivileges(cd):
allPrivileges[privilege['privilegeName']] = privilege['serviceId'] allPrivileges[privilege['privilegeName']] = privilege['serviceId']
if privilege['isOuScopable']: if privilege['isOuScopable']:
@@ -16646,6 +16661,8 @@ def doCreateUpdateAdminRoles():
body['rolePrivileges'] = [{'privilegeName': p, 'serviceId': v} for p, v in allPrivileges.items()] body['rolePrivileges'] = [{'privilegeName': p, 'serviceId': v} for p, v in allPrivileges.items()]
elif privs == 'ALL_OU': elif privs == 'ALL_OU':
body['rolePrivileges'] = [{'privilegeName': p, 'serviceId': v} for p, v in ouPrivileges.items()] body['rolePrivileges'] = [{'privilegeName': p, 'serviceId': v} for p, v in ouPrivileges.items()]
elif privs == 'JSON':
body['rolePrivileges'] = getJSON(['roleId', 'roleName', 'isAdminRole', 'isSystemRole']).get('rolePrivileges', [])
else: else:
if privs == 'SELECT': if privs == 'SELECT':
privsList = [p.upper() for p in getEntityList(Cmd.OB_PRIVILEGE_LIST)] privsList = [p.upper() for p in getEntityList(Cmd.OB_PRIVILEGE_LIST)]
@@ -16667,25 +16684,59 @@ def doCreateUpdateAdminRoles():
else: else:
invalidChoiceExit(p, list(allPrivileges.keys())+list(ouPrivileges.keys())+list(childPrivileges.keys()), True) invalidChoiceExit(p, list(allPrivileges.keys())+list(ouPrivileges.keys())+list(childPrivileges.keys()), True)
elif myarg == 'description': elif myarg == 'description':
body['roleDescription'] = getString(Cmd.OB_STRING) body['roleDescription'] = getString(Cmd.OB_STRING, minLen=0)
elif myarg == 'name': elif myarg == 'name':
body['roleName'] = getString(Cmd.OB_STRING) body['roleName'] = getString(Cmd.OB_STRING)
elif myarg == 'csv':
csvPF = CSVPrintFile(PRINT_ADMIN_ROLES_FIELDS)
FJQC.SetCsvPF(csvPF)
elif csvPF and myarg == 'todrive':
csvPF.GetTodriveParameters()
elif csvPF and myarg == 'addcsvdata':
k = getString(Cmd.OB_STRING)
addCSVData[k] = getString(Cmd.OB_STRING, minLen=0)
else: else:
unknownArgumentExit() FJQC.GetFormatJSONQuoteChar(myarg, True)
if not updateCmd and not body.get('rolePrivileges'): if not updateCmd and not body.get('rolePrivileges'):
missingArgumentExit('privileges') missingArgumentExit('privileges')
if csvPF:
if addCSVData:
csvPF.AddTitles(sorted(addCSVData.keys()))
if not FJQC.formatJSON:
csvPF.AddTitles('rolePrivileges')
else:
csvPF.AddJSONTitles(sorted(addCSVData.keys()))
csvPF.MoveJSONTitlesToEnd(['JSON'])
fieldsList = ','.join(PRINT_ADMIN_ROLES_FIELDS+['rolePrivileges'])
else:
fieldsList = 'roleId,roleName'
try: try:
if not updateCmd: if not updateCmd:
result = callGAPI(cd.roles(), 'insert', result = callGAPI(cd.roles(), 'insert',
throwReasons=[GAPI.BAD_REQUEST, GAPI.CUSTOMER_NOT_FOUND, throwReasons=[GAPI.BAD_REQUEST, GAPI.CUSTOMER_NOT_FOUND,
GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED]+[GAPI.DUPLICATE], GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED]+[GAPI.DUPLICATE],
customer=GC.Values[GC.CUSTOMER_ID], body=body, fields='roleId,roleName') customer=GC.Values[GC.CUSTOMER_ID], body=body, fields=fieldsList)
else: else:
result = callGAPI(cd.roles(), 'patch', result = callGAPI(cd.roles(), 'patch',
throwReasons=[GAPI.BAD_REQUEST, GAPI.CUSTOMER_NOT_FOUND, throwReasons=[GAPI.BAD_REQUEST, GAPI.CUSTOMER_NOT_FOUND,
GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED]+[GAPI.NOT_FOUND, GAPI.FAILED_PRECONDITION, GAPI.CONFLICT], GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED]+[GAPI.NOT_FOUND, GAPI.FAILED_PRECONDITION, GAPI.CONFLICT],
customer=GC.Values[GC.CUSTOMER_ID], roleId=roleId, body=body, fields='roleId,roleName') customer=GC.Values[GC.CUSTOMER_ID], roleId=roleId, body=body, fields=fieldsList)
if not csvPF:
entityActionPerformed([Ent.ADMIN_ROLE, f"{result['roleName']}({result['roleId']})"]) entityActionPerformed([Ent.ADMIN_ROLE, f"{result['roleName']}({result['roleId']})"])
else:
if not FJQC.formatJSON:
if addCSVData:
result.update(addCSVData)
csvPF.WriteRowNoFilter(result)
else:
row = {}
for field in PRINT_ADMIN_ROLES_FIELDS:
if field in result:
row[field] = result[field]
if addCSVData:
row.update(addCSVData)
row['JSON'] = json.dumps(cleanJSON(result), ensure_ascii=False, sort_keys=True)
csvPF.WriteRowNoFilter(row)
except GAPI.duplicate as e: except GAPI.duplicate as e:
entityActionFailedWarning([Ent.ADMIN_ROLE, f"{body['roleName']}"], str(e)) entityActionFailedWarning([Ent.ADMIN_ROLE, f"{body['roleName']}"], str(e))
except (GAPI.notFound, GAPI.failedPrecondition, GAPI.conflict) as e: except (GAPI.notFound, GAPI.failedPrecondition, GAPI.conflict) as e:
@@ -16694,6 +16745,8 @@ def doCreateUpdateAdminRoles():
accessErrorExit(cd) accessErrorExit(cd)
except (GAPI.forbidden, GAPI.permissionDenied) as e: except (GAPI.forbidden, GAPI.permissionDenied) as e:
ClientAPIAccessDeniedExit(str(e)) ClientAPIAccessDeniedExit(str(e))
if csvPF:
csvPF.writeCSVfile('Admin Roles')
# gam delete adminrole <RoleItem> # gam delete adminrole <RoleItem>
def doDeleteAdminRole(): def doDeleteAdminRole():
@@ -16713,9 +16766,10 @@ def doDeleteAdminRole():
except (GAPI.forbidden, GAPI.permissionDenied) as e: except (GAPI.forbidden, GAPI.permissionDenied) as e:
ClientAPIAccessDeniedExit(str(e)) ClientAPIAccessDeniedExit(str(e))
PRINT_ADMIN_ROLES_FIELDS = ['roleId', 'roleName', 'roleDescription', 'isSuperAdminRole', 'isSystemRole'] def _showAdminRole(role, FJQC, i=0, count=0):
if FJQC.formatJSON:
def _showAdminRole(role, i=0, count=0): printLine(json.dumps(cleanJSON(role), ensure_ascii=False, sort_keys=True))
return
printEntity([Ent.ADMIN_ROLE, role['roleName']], i, count) printEntity([Ent.ADMIN_ROLE, role['roleName']], i, count)
Ind.Increment() Ind.Increment()
for field in PRINT_ADMIN_ROLES_FIELDS: for field in PRINT_ADMIN_ROLES_FIELDS:
@@ -16736,15 +16790,21 @@ def _showAdminRole(role, i=0, count=0):
Ind.Decrement() Ind.Decrement()
# gam info adminrole <RoleItem> [privileges] # gam info adminrole <RoleItem> [privileges]
# [formatjson]
# gam print adminroles|roles [todrive <ToDriveAttribute>*] # gam print adminroles|roles [todrive <ToDriveAttribute>*]
# [role <RoleItem>] [privileges] [oneitemperrow] # [role <RoleItem>] [privileges] [oneitemperrow]
# [nosystemroles]
# [formatjson [quotechar <Character>]]
# gam show adminroles|roles # gam show adminroles|roles
# [role <RoleItem>] [privileges] # [role <RoleItem>] [privileges]
# [nosystemroles]
# [formatjson]
def doInfoPrintShowAdminRoles(): def doInfoPrintShowAdminRoles():
cd = buildGAPIObject(API.DIRECTORY) cd = buildGAPIObject(API.DIRECTORY)
fieldsList = PRINT_ADMIN_ROLES_FIELDS[:] fieldsList = PRINT_ADMIN_ROLES_FIELDS[:]
csvPF = CSVPrintFile(fieldsList, PRINT_ADMIN_ROLES_FIELDS) if Act.csvFormat() else None csvPF = CSVPrintFile(fieldsList, PRINT_ADMIN_ROLES_FIELDS) if Act.csvFormat() else None
oneItemPerRow = False FJQC = FormatJSONQuoteChar(csvPF)
noSystemRoles = oneItemPerRow = False
if Act.Get() != Act.INFO: if Act.Get() != Act.INFO:
roleId = None roleId = None
else: else:
@@ -16759,10 +16819,14 @@ def doInfoPrintShowAdminRoles():
fieldsList.append('rolePrivileges') fieldsList.append('rolePrivileges')
elif myarg == 'oneitemperrow': elif myarg == 'oneitemperrow':
oneItemPerRow = True oneItemPerRow = True
elif myarg == 'nosystemroles':
noSystemRoles = True
else: else:
unknownArgumentExit() FJQC.GetFormatJSONQuoteChar(myarg, True)
if csvPF and 'rolePrivileges' in fieldsList: if csvPF:
if 'rolePrivileges' in fieldsList:
if not oneItemPerRow: if not oneItemPerRow:
if not FJQC.formatJSON:
csvPF.AddTitles(['rolePrivileges']) csvPF.AddTitles(['rolePrivileges'])
else: else:
csvPF.AddTitles(['privilegeName', 'serviceId']) csvPF.AddTitles(['privilegeName', 'serviceId'])
@@ -16775,6 +16839,8 @@ def doInfoPrintShowAdminRoles():
throwReasons=[GAPI.BAD_REQUEST, GAPI.CUSTOMER_NOT_FOUND, throwReasons=[GAPI.BAD_REQUEST, GAPI.CUSTOMER_NOT_FOUND,
GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED], GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED],
customer=GC.Values[GC.CUSTOMER_ID], fields=fields) customer=GC.Values[GC.CUSTOMER_ID], fields=fields)
if noSystemRoles:
roles = [role for role in roles if not role.get('isSystemRole', False)]
else: else:
fields = getFieldsFromFieldsList(fieldsList) fields = getFieldsFromFieldsList(fieldsList)
roles = [callGAPI(cd.roles(), 'get', roles = [callGAPI(cd.roles(), 'get',
@@ -16793,23 +16859,38 @@ def doInfoPrintShowAdminRoles():
role.setdefault('isSystemRole', False) role.setdefault('isSystemRole', False)
if not csvPF: if not csvPF:
count = len(roles) count = len(roles)
if not FJQC.formatJSON:
performActionNumItems(count, Ent.ADMIN_ROLE) performActionNumItems(count, Ent.ADMIN_ROLE)
Ind.Increment() Ind.Increment()
i = 0 i = 0
for role in roles: for role in roles:
i += 1 i += 1
_showAdminRole(role, i, count) _showAdminRole(role, FJQC, i, count)
Ind.Decrement() Ind.Decrement()
else: else:
for role in roles: for role in roles:
if not oneItemPerRow or 'rolePrivileges' not in role: if not oneItemPerRow or 'rolePrivileges' not in role:
csvPF.WriteRowTitles(flattenJSON(role)) row = flattenJSON(role)
if not FJQC.formatJSON:
csvPF.WriteRowTitles(row)
elif csvPF.CheckRowTitles(row):
row = {}
for field in PRINT_ADMIN_ROLES_FIELDS:
if field in role:
row[field] = role[field]
row['JSON'] = json.dumps(cleanJSON(role), ensure_ascii=False, sort_keys=True)
csvPF.WriteRowNoFilter(row)
else: else:
privileges = role.pop('rolePrivileges') privileges = role.pop('rolePrivileges')
baserow = flattenJSON(role) baserow = flattenJSON(role)
for privilege in privileges: for privilege in privileges:
row = flattenJSON(privilege, flattened=baserow.copy()) row = flattenJSON(privilege, flattened=baserow.copy())
if not FJQC.formatJSON:
csvPF.WriteRowTitles(row) csvPF.WriteRowTitles(row)
elif csvPF.CheckRowTitles(row):
row = baserow.copy()
row['JSON'] = json.dumps(cleanJSON(privilege), ensure_ascii=False, sort_keys=True)
csvPF.WriteRowNoFilter(row)
if csvPF: if csvPF:
csvPF.writeCSVfile('Admin Roles') csvPF.writeCSVfile('Admin Roles')
@@ -26937,7 +27018,7 @@ def printShowChatSpaces(users):
substituteQueryTimes(queries, queryTimes) substituteQueryTimes(queries, queryTimes)
pfilter = kwargsCS['query'] = queries[0] pfilter = kwargsCS['query'] = queries[0]
kwargsCS['useAdminAccess'] = True kwargsCS['useAdminAccess'] = True
sortName = 'displayName' sortName = 'displayName' if 'displayName' in fieldsList else 'name'
else: else:
sortName = 'name' sortName = 'name'
for user in users: for user in users:
@@ -47066,6 +47147,51 @@ def doUpdateSiteVerification():
_showSiteVerificationInfo(verify_result) _showSiteVerificationInfo(verify_result)
printKeyValueList([Msg.YOU_CAN_ADD_DOMAIN_TO_ACCOUNT.format(a_domain, GC.Values[GC.DOMAIN])]) printKeyValueList([Msg.YOU_CAN_ADD_DOMAIN_TO_ACCOUNT.format(a_domain, GC.Values[GC.DOMAIN])])
PROFILE_ACCOUNT_TYPE_MAP = {
'locationgroup': 'LOCATION_GROUP',
'organization': 'ORGANIZATION',
'personal': 'PERSONAL',
'usergroup': 'USER_GROUP',
}
# gam show businessprofileaccounts
# [type locationgroup|organization|personal|usergroup]
# gam print businessprofileaccounts [todrive <ToDriveAttribute>*]
# [type locationgroup|organization|personal|usergroup]
def doPrintShowBusinessProfileAccounts():
bp = buildGAPIObject(API.BUSINESSACCOUNTMANAGEMENT)
csvPF = CSVPrintFile(['name', 'accountName']) if Act.csvFormat() else None
kwargs = {}
while Cmd.ArgumentsRemaining():
myarg = getArgument()
if csvPF and myarg == 'todrive':
csvPF.GetTodriveParameters()
elif myarg == 'type':
kwargs['filter'] = f'type={getChoice(PROFILE_ACCOUNT_TYPE_MAP, mapChoice=True)}'
else:
unknownArgumentExit()
try:
accounts = callGAPIpages(bp.accounts(), 'list', 'accounts',
throwReasons=[GAPI.PERMISSION_DENIED],
**kwargs)
except GAPI.permissionDenied as e:
accessErrorExitNonDirectory(API.BUSINESSACCOUNTMANAGEMENT, str(e))
if not csvPF:
count = len(accounts)
i = 0
for account in sorted(accounts, key=lambda k: k['name']):
i += 1
printKeyValueListWithCount(['Account', account['name']], i, count)
Ind.Increment()
showJSON(None, account)
Ind.Decrement()
else:
for account in accounts:
row = flattenJSON(account, flattened={'name': account['name'], 'accountName': account['accountName']})
csvPF.WriteRowTitles(row)
if csvPF:
csvPF.writeCSVfile('Business Profile Accounts')
# gam info verify|verification # gam info verify|verification
def doInfoSiteVerification(): def doInfoSiteVerification():
verif = buildGAPIObject(API.SITEVERIFICATION) verif = buildGAPIObject(API.SITEVERIFICATION)
@@ -47129,7 +47255,11 @@ def printShowWebMasterSites(users):
user, searchconsole = buildGAPIServiceObject(API.SEARCHCONSOLE, user, i, count) user, searchconsole = buildGAPIServiceObject(API.SEARCHCONSOLE, user, i, count)
if not searchconsole: if not searchconsole:
continue continue
sites = callGAPIitems(searchconsole.sites(), 'list', 'siteEntry') try:
sites = callGAPIitems(searchconsole.sites(), 'list', 'siteEntry',
throwReasons=[GAPI.PERMISSION_DENIED])
except GAPI.permissionDenied as e:
accessErrorExitNonDirectory(API.SEARCHCONSOLE, str(e))
jcount = len(sites) jcount = len(sites)
if not csvPF: if not csvPF:
entityPerformActionNumItems([Ent.USER, user], jcount, Ent.WEB_MASTERSITE, i, count) entityPerformActionNumItems([Ent.USER, user], jcount, Ent.WEB_MASTERSITE, i, count)
@@ -77230,6 +77360,7 @@ MAIN_COMMANDS_WITH_OBJECTS = {
Cmd.ARG_BROWSER: doPrintShowBrowsers, Cmd.ARG_BROWSER: doPrintShowBrowsers,
Cmd.ARG_BROWSERTOKEN: doPrintShowBrowserTokens, Cmd.ARG_BROWSERTOKEN: doPrintShowBrowserTokens,
Cmd.ARG_BUILDING: doPrintShowBuildings, Cmd.ARG_BUILDING: doPrintShowBuildings,
Cmd.ARG_BUSINESSPROFILEACCOUNT: doPrintShowBusinessProfileAccounts,
Cmd.ARG_CAALEVEL: doPrintShowCAALevels, Cmd.ARG_CAALEVEL: doPrintShowCAALevels,
Cmd.ARG_CHANNELCUSTOMER: doPrintShowChannelCustomers, Cmd.ARG_CHANNELCUSTOMER: doPrintShowChannelCustomers,
Cmd.ARG_CHANNELCUSTOMERENTITLEMENT: doPrintShowChannelCustomerEntitlements, Cmd.ARG_CHANNELCUSTOMERENTITLEMENT: doPrintShowChannelCustomerEntitlements,
@@ -77363,6 +77494,7 @@ MAIN_COMMANDS_WITH_OBJECTS = {
Cmd.ARG_BROWSER: doPrintShowBrowsers, Cmd.ARG_BROWSER: doPrintShowBrowsers,
Cmd.ARG_BROWSERTOKEN: doPrintShowBrowserTokens, Cmd.ARG_BROWSERTOKEN: doPrintShowBrowserTokens,
Cmd.ARG_BUILDING: doPrintShowBuildings, Cmd.ARG_BUILDING: doPrintShowBuildings,
Cmd.ARG_BUSINESSPROFILEACCOUNT: doPrintShowBusinessProfileAccounts,
Cmd.ARG_CAALEVEL: doPrintShowCAALevels, Cmd.ARG_CAALEVEL: doPrintShowCAALevels,
Cmd.ARG_CHANNELCUSTOMER: doPrintShowChannelCustomers, Cmd.ARG_CHANNELCUSTOMER: doPrintShowChannelCustomers,
Cmd.ARG_CHANNELCUSTOMERENTITLEMENT: doPrintShowChannelCustomerEntitlements, Cmd.ARG_CHANNELCUSTOMERENTITLEMENT: doPrintShowChannelCustomerEntitlements,
@@ -77549,6 +77681,7 @@ MAIN_COMMANDS_OBJ_ALIASES = {
Cmd.ARG_BUCKET: Cmd.ARG_STORAGEBUCKET, Cmd.ARG_BUCKET: Cmd.ARG_STORAGEBUCKET,
Cmd.ARG_BUCKETS: Cmd.ARG_STORAGEBUCKET, Cmd.ARG_BUCKETS: Cmd.ARG_STORAGEBUCKET,
Cmd.ARG_BUILDINGS: Cmd.ARG_BUILDING, Cmd.ARG_BUILDINGS: Cmd.ARG_BUILDING,
Cmd.ARG_BUSINESSPROFILEACCOUNTS: Cmd.ARG_BUSINESSPROFILEACCOUNT,
Cmd.ARG_CAALEVELS: Cmd.ARG_CAALEVEL, Cmd.ARG_CAALEVELS: Cmd.ARG_CAALEVEL,
Cmd.ARG_CHATMEMBERS: Cmd.ARG_CHATMEMBER, Cmd.ARG_CHATMEMBERS: Cmd.ARG_CHATMEMBER,
Cmd.ARG_CHANNELCUSTOMERS: Cmd.ARG_CHANNELCUSTOMER, Cmd.ARG_CHANNELCUSTOMERS: Cmd.ARG_CHANNELCUSTOMER,

View File

@@ -24,6 +24,7 @@ ACCESSCONTEXTMANAGER = 'accesscontextmanager'
ALERTCENTER = 'alertcenter' ALERTCENTER = 'alertcenter'
ANALYTICS_ADMIN = 'analyticsadmin' ANALYTICS_ADMIN = 'analyticsadmin'
CALENDAR = 'calendar' CALENDAR = 'calendar'
BUSINESSACCOUNTMANAGEMENT = 'mybusinessaccountmanagement'
CBCM = 'cbcm' CBCM = 'cbcm'
CHAT = 'chat' CHAT = 'chat'
CHAT_CUSTOM_EMOJIS = 'chatcustomemojis' CHAT_CUSTOM_EMOJIS = 'chatcustomemojis'
@@ -101,6 +102,7 @@ TASKS = 'tasks'
VAULT = 'vault' VAULT = 'vault'
YOUTUBE = 'youtube' YOUTUBE = 'youtube'
# #
BUSINESSACCOUNTMANAGEMENT_SCOPE = 'https://www.googleapis.com/auth/business.manage'
CHROMEVERSIONHISTORY_URL = 'https://versionhistory.googleapis.com/v1/chrome/platforms' CHROMEVERSIONHISTORY_URL = 'https://versionhistory.googleapis.com/v1/chrome/platforms'
DRIVE_SCOPE = 'https://www.googleapis.com/auth/drive' DRIVE_SCOPE = 'https://www.googleapis.com/auth/drive'
GMAIL_SEND_SCOPE = 'https://www.googleapis.com/auth/gmail.send' GMAIL_SEND_SCOPE = 'https://www.googleapis.com/auth/gmail.send'
@@ -174,6 +176,7 @@ PROJECT_APIS = [
'alertcenter.googleapis.com', 'alertcenter.googleapis.com',
'analyticsadmin.googleapis.com', 'analyticsadmin.googleapis.com',
# 'audit.googleapis.com', # 'audit.googleapis.com',
'mybusinessaccountmanagement.googleapis.com',
'calendar-json.googleapis.com', 'calendar-json.googleapis.com',
'chat.googleapis.com', 'chat.googleapis.com',
'chromemanagement.googleapis.com', 'chromemanagement.googleapis.com',
@@ -213,6 +216,7 @@ _INFO = {
ACCESSCONTEXTMANAGER: {'name': 'Access Context Manager API', 'version': 'v1', 'v2discovery': True}, ACCESSCONTEXTMANAGER: {'name': 'Access Context Manager API', 'version': 'v1', 'v2discovery': True},
ALERTCENTER: {'name': 'AlertCenter API', 'version': 'v1beta1', 'v2discovery': True}, ALERTCENTER: {'name': 'AlertCenter API', 'version': 'v1beta1', 'v2discovery': True},
ANALYTICS_ADMIN: {'name': 'Analytics Admin API', 'version': 'v1beta', 'v2discovery': True}, ANALYTICS_ADMIN: {'name': 'Analytics Admin API', 'version': 'v1beta', 'v2discovery': True},
BUSINESSACCOUNTMANAGEMENT: {'name': 'Business Account Management API', 'version': 'v1', 'v2discovery': True},
CALENDAR: {'name': 'Calendar API', 'version': 'v3', 'v2discovery': True, 'mappedAPI': 'calendar-json'}, CALENDAR: {'name': 'Calendar API', 'version': 'v3', 'v2discovery': True, 'mappedAPI': 'calendar-json'},
CBCM: {'name': 'Chrome Browser Cloud Management API', 'version': 'v1.1beta1', 'v2discovery': True, 'localjson': True}, CBCM: {'name': 'Chrome Browser Cloud Management API', 'version': 'v1.1beta1', 'v2discovery': True, 'localjson': True},
CHAT: {'name': 'Chat API', 'version': 'v1', 'v2discovery': True}, CHAT: {'name': 'Chat API', 'version': 'v1', 'v2discovery': True},
@@ -293,6 +297,11 @@ _INFO = {
READONLY = ['readonly',] READONLY = ['readonly',]
_CLIENT_SCOPES = [ _CLIENT_SCOPES = [
{'name': 'Business Account Management API',
'api': BUSINESSACCOUNTMANAGEMENT,
'subscopes': [],
'offByDefault': True,
'scope': BUSINESSACCOUNTMANAGEMENT_SCOPE},
{'name': 'Calendar API', {'name': 'Calendar API',
'api': CALENDAR, 'api': CALENDAR,
'subscopes': READONLY, 'subscopes': READONLY,

View File

@@ -441,6 +441,8 @@ class GamCLArgs():
ARG_BUCKETS = 'buckets' ARG_BUCKETS = 'buckets'
ARG_BUILDING = 'building' ARG_BUILDING = 'building'
ARG_BUILDINGS = 'buildings' ARG_BUILDINGS = 'buildings'
ARG_BUSINESSPROFILEACCOUNT = 'businessprofileaccount'
ARG_BUSINESSPROFILEACCOUNTS = 'businessprofileaccounts'
ARG_CAALEVEL = 'caalevel' ARG_CAALEVEL = 'caalevel'
ARG_CAALEVELS = 'caalevels' ARG_CAALEVELS = 'caalevels'
ARG_CALATTENDEES = 'calattendees' ARG_CALATTENDEES = 'calattendees'

View File

@@ -75,6 +75,7 @@ class GamEntity():
BACKUP_VERIFICATION_CODES = 'buvc' BACKUP_VERIFICATION_CODES = 'buvc'
BUILDING = 'bldg' BUILDING = 'bldg'
BUILDING_ID = 'bldi' BUILDING_ID = 'bldi'
BUSINESS_PROFILE_ACCOUNT = 'bpac'
CAA_LEVEL = 'calv' CAA_LEVEL = 'calv'
CALENDAR = 'cale' CALENDAR = 'cale'
CALENDAR_ACL = 'cacl' CALENDAR_ACL = 'cacl'
@@ -434,6 +435,7 @@ class GamEntity():
BACKUP_VERIFICATION_CODES: ['Backup Verification Codes', 'Backup Verification Codes'], BACKUP_VERIFICATION_CODES: ['Backup Verification Codes', 'Backup Verification Codes'],
BUILDING: ['Buildings', 'Building'], BUILDING: ['Buildings', 'Building'],
BUILDING_ID: ['Building IDs', 'Building ID'], BUILDING_ID: ['Building IDs', 'Building ID'],
BUSINESS_PROFILE_ACCOUNT: ['Business Profile Accounts', 'Business Profile Account'],
CAA_LEVEL: ['CAA Levels', 'CAA Level'], CAA_LEVEL: ['CAA Levels', 'CAA Level'],
CALENDAR: ['Calendars', 'Calendar'], CALENDAR: ['Calendars', 'Calendar'],
CALENDAR_ACL: ['Calendar ACLs', 'Calendar ACL'], CALENDAR_ACL: ['Calendar ACLs', 'Calendar ACL'],

View File

@@ -9,6 +9,7 @@
- [Display administrators](#display-administrators) - [Display administrators](#display-administrators)
- [Copy privileges from one role to a new role](#copy-privileges-from-one-role-to-a-new-role) - [Copy privileges from one role to a new role](#copy-privileges-from-one-role-to-a-new-role)
- [Copy roles from one administrator to another](#copy-roles-from-one-administrator-to-another) - [Copy roles from one administrator to another](#copy-roles-from-one-administrator-to-another)
- [Copy non-system admin roles from a source workspace to a target workspace](#copy-non-system-admin-roles-from-a-source-workspace-to-a-target-workspace)
## API documentation ## API documentation
* [About Administrator roles](https://support.google.com/a/answer/33325?ref_topic=4514341) * [About Administrator roles](https://support.google.com/a/answer/33325?ref_topic=4514341)
@@ -21,13 +22,16 @@
<DomainName> ::= <String>(.<String>)+ <DomainName> ::= <String>(.<String>)+
<EmailAddress> ::= <String>@<DomainName> <EmailAddress> ::= <String>@<DomainName>
<GroupItem> ::= <EmailAddress>|<UniqueID>|<String> <GroupItem> ::= <EmailAddress>|<UniqueID>|<String>
<JSONData> ::= (json [charset <Charset>] <String>) | (json file <FileName> [charset <Charset>]) |
<OrgUnitID> ::= id:<String> <OrgUnitID> ::= id:<String>
<OrgUnitPath> ::= /|(/<String)+ <OrgUnitPath> ::= /|(/<String)+
<OrgUnitItem> ::= <OrgUnitID>|<OrgUnitPath> <OrgUnitItem> ::= <OrgUnitID>|<OrgUnitPath>
<Privilege> ::= <String> <Privilege> ::= <String>
<PrivilegeList> ::= "<Privilege>(,<Privilege)*" <PrivilegeList> ::= "<Privilege>(,<Privilege)*"
<RoleAssignmentID> ::= <String> <RoleAssignmentID> ::= <String>
<RoleItem> ::= id:<String>|uid:<String>|<String> <RoleID> ::= <String>
<RoleName> ::= <String>
<RoleItem> ::= id:<RoleID>|<RoleName>
<UniqueID> ::= id:<String> <UniqueID> ::= id:<String>
<UserItem> ::= <EmailAddress>|<UniqueID>|<String> <UserItem> ::= <EmailAddress>|<UniqueID>|<String>
``` ```
@@ -1383,9 +1387,11 @@ Show 111 Privileges
## Manage administrative roles ## Manage administrative roles
``` ```
gam create adminrole <String> [description <String>] gam create adminrole <String> [description <String>]
privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>>) privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>>)|<JSONData>
[csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]] (addcsvdata <FieldName> <String>)*]
gam update adminrole <RoleItem> [name <String>] [description <String>] gam update adminrole <RoleItem> [name <String>] [description <String>]
[privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>>)] [privileges all|all_ou|<PrivilegeList>|(select <FileSelector>|<CSVFileSelector>>)|<JSONData>]
[csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]] (addcsvdata <FieldName> <String>)*]
gam delete adminrole <RoleItem> gam delete adminrole <RoleItem>
``` ```
* `privileges all` - All defined privileges * `privileges all` - All defined privileges
@@ -1393,24 +1399,61 @@ gam delete adminrole <RoleItem>
* `privileges <PrivilegeList>` - A specific list of privileges * `privileges <PrivilegeList>` - A specific list of privileges
* `privileges select <FileSelector>|<CSVFileSelector>>` - A collection of privileges from a flat or CSV file * `privileges select <FileSelector>|<CSVFileSelector>>` - A collection of privileges from a flat or CSV file
By default, when an admin role is created|update, GAM displays `<RoleName>(<RoleID>) created|updated`.
* `csv [todrive <ToDriveAttribute>*] [formatjson [quotechar <Character>]]` - Output the admin roledetails in CSV format.
When `csv` is uused, Add additional columns of data from the command line to the output.
* `addcsvdata <FieldName> <String>`
## Display administrative roles ## Display administrative roles
``` ```
gam info adminrole <RoleItem> [privileges] gam info adminrole <RoleItem> [privileges]
[formatjson]
``` ```
* `privileges` - Display privileges associated with role * `privileges` - Display privileges associated with role
By default, Gam displays the information as an indented list of keys and values.
* `formatjson` - Display the fields in JSON format.
```
gam show adminroles|roles
[role <RoleItem>] [privileges]
[nosystemroles]
[formatjson]
```
* `privileges` - Display privileges associated with each role
By default, all roles are displayed:
* `role <RoleItem>` - Display a specific role.
* `nosystemroles` - Display onnly non-system roles.
By default, Gam displays the information as an indented list of keys and values.
* `formatjson` - Display the fields in JSON format.
``` ```
gam print adminroles|roles [todrive <ToDriveAttribute>*] gam print adminroles|roles [todrive <ToDriveAttribute>*]
[role <RoleItem>] [privileges] [oneitemperrow] [role <RoleItem>] [privileges] [oneitemperrow]
gam show adminroles|roles [nosystemroles]
[role <RoleItem>] [privileges] [formatjson [quotechar <Character>]]
``` ```
By default, all roles are displayed, use `role <RoleItem>` to display a specific role.
* `privileges` - Display privileges associated with each role * `privileges` - Display privileges associated with each role
By default, with `print`, all privileges for a role are shown on one row as a repeating item. By default, all privileges for a role are shown on one row as a repeating item.
When `oneitemperrow` is specified, each privilege is output on a separate row/line with the other role fields. When `oneitemperrow` is specified, each privilege is output on a separate row/line with the other role fields.
By default, all roles are displayed:
* `role <RoleItem>` - Display a specific role.
* `nosystemroles` - Display onnly non-system roles.
By default, Gam displays the information as columns of fields; the following option causes the output to be in JSON format:
* `formatjson` - Display the fields in JSON format.
By default, when writing CSV files, Gam uses a quote character of double quote `"`. The quote character is used to enclose columns that contain
the quote character itself, the column delimiter (comma by default) and new-line characters. Any quote characters within the column are doubled.
When using the `formatjson` option, double quotes are used extensively in the data resulting in hard to read/process output.
The `quotechar <Character>` option allows you to choose an alternate quote character, single quote for instance, that makes for readable/processable output.
`quotechar` defaults to `gam.cfg/csv_output_quote_char`. When uploading CSV files to Google, double quote `"` should be used.
## Create an administrator ## Create an administrator
Add an administrator role to an administrator. Add an administrator role to an administrator.
``` ```
@@ -1469,3 +1512,15 @@ gam config csv_input_row_filter "scopeType:regex:CUSTOMER" redirect stdout ./Upd
gam config csv_input_row_filter "scopeType:regex:ORG_UNIT" redirect stdout ./UpdateNewAdminOrgUnitRoles.txt multiprocess redirect stderr stdout csv CurrentAdminRoles.csv gam create admin newadmin@domain.com "id:~~roleId~~" org_unit "id:~~orgUnitId~~" gam config csv_input_row_filter "scopeType:regex:ORG_UNIT" redirect stdout ./UpdateNewAdminOrgUnitRoles.txt multiprocess redirect stderr stdout csv CurrentAdminRoles.csv gam create admin newadmin@domain.com "id:~~roleId~~" org_unit "id:~~orgUnitId~~"
``` ```
## Copy non-system admin roles from a source workspace to a target workspace
This requires GAM version 7.18.01 or higher.
In the source workspace to the following:
```
gam redirect csv ./SourceNonSystemRoles.csv print adminroles privileges nosystemroles formatjson quotechar "'"
```
In the target workspacce do the following:
```
gam redirect csv ./TargetNonSystemRoles.csv multiprocess quotechar "'" redirect stderr - multiprocess csv SourceNonSystemRoles.csv quotechar "'" gam create adminrole "~roleName" description "~roleDescription" privileges json "~JSON" csv addcsvdata oldRoleId "~roleId" formatjson
```

View File

@@ -0,0 +1,36 @@
# Users - Business Account Management
- [API documentation](#api-documentation)
- [Introduction](#introduction)
- [Definitions](#definitions)
- [Display Business Profile Accounts](#display-business-profile-accounts)
## API documentation
* [Business Account Management](https://developers.google.com/my-business/reference/accountmanagement/rest)
## Introduction
These features were added in version 7.18.00.
To use these commands you add the 'Business Account Management API' to your project and update client authorization.
```
gam update project
gam oauth create
...
[*] 0) Business Account Management API
```
## Definitions
* [`<UserTypeEntity>`](Collections-of-Users)
## Display Business Profile Accounts
```
gam <UserItem> show businessprofileaccounts
[type locationgroup|organization|personal|usergroup]
```
Gam displays the information as an indented list of keys and values.
```
gam <UserItem> print businessprofileaccounts [todrive <ToDriveAttribute>*]
[type locationgroup|organization|personal|usergroup]
```
Gam displays the information as columns of fields.

View File

@@ -1,4 +1,4 @@
# Chat Bot # Chat Bot Setup and Use
- [Introduction](#introduction) - [Introduction](#introduction)
- [Set up a Chat Bot](#set-up-a-chat-bot) - [Set up a Chat Bot](#set-up-a-chat-bot)
- [API documentation](#api-documentation) - [API documentation](#api-documentation)

View File

@@ -12,6 +12,7 @@
* [Google Classroom API](https://developers.google.com/classroom/reference/rest) * [Google Classroom API](https://developers.google.com/classroom/reference/rest)
* [Google Classroom API - Courses Students](https://developers.google.com/classroom/reference/rest/v1/courses.students) * [Google Classroom API - Courses Students](https://developers.google.com/classroom/reference/rest/v1/courses.students)
* [Google Classroom API - Courses Teachers](https://developers.google.com/classroom/reference/rest/v1/courses.teachers) * [Google Classroom API - Courses Teachers](https://developers.google.com/classroom/reference/rest/v1/courses.teachers)
* [Classroom Membership Limits](https://support.google.com/edu/classroom/answer/7300976)
## Definitions ## Definitions
``` ```

View File

@@ -10,6 +10,32 @@ Add the `-s` option to the end of the above commands to suppress creating the `g
See [Downloads-Installs-GAM7](https://github.com/GAM-team/GAM/wiki/Downloads-Installs) for Windows or other options, including manual installation See [Downloads-Installs-GAM7](https://github.com/GAM-team/GAM/wiki/Downloads-Installs) for Windows or other options, including manual installation
### 7.18.00
Added commands to display Business Profile Accounts.
These are special purpose commands and will not generally be used.
```
gam show businessprofileaccounts
gam print businessprofileaccounts [todrive <ToDriveAttribute>*]
```
### 7.17.03
Fixed bug in `gam <UserItem> print|show chatspaces asadmin fields <ChatSpaceFieldNameList>` that caused a trap
when `displayname` was not in `<ChatSpaceFieldNameList>`.
### 7.17.02
Updated `gam <UserTypeEntity> print|show webmastersites` to handle the following error
that occurs if you haven't updated your project to include the Google Search Console API.
```
ERROR: 403: permissionDenied - Google Search Console API has not been used in project 111055363999 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/searchconsole.googleapis.com/overview?project=111055363999 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
```
### 7.17.01
Fixed bug in `gam <UserTypeEntity> show webmastersites` that caused a trap.
### 7.17.00 ### 7.17.00
Added commands to discover Sites and WebResources that managed users (previously unmanaged) may have access to for better governance and visibility. Added commands to discover Sites and WebResources that managed users (previously unmanaged) may have access to for better governance and visibility.

View File

@@ -252,7 +252,7 @@ writes the credentials into the file oauth2.txt.
admin@server:/Users/admin$ rm -f /Users/admin/GAMConfig/oauth2.txt admin@server:/Users/admin$ rm -f /Users/admin/GAMConfig/oauth2.txt
admin@server:/Users/admin$ gam version admin@server:/Users/admin$ gam version
WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found
GAM 7.17.00 - https://github.com/GAM-team/GAM - pyinstaller GAM 7.18.00 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com> GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.5 64-bit final Python 3.13.5 64-bit final
MacOS Sequoia 15.5 x86_64 MacOS Sequoia 15.5 x86_64
@@ -990,7 +990,7 @@ writes the credentials into the file oauth2.txt.
C:\>del C:\GAMConfig\oauth2.txt C:\>del C:\GAMConfig\oauth2.txt
C:\>gam version C:\>gam version
WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found
GAM 7.17.00 - https://github.com/GAM-team/GAM - pythonsource GAM 7.18.00 - https://github.com/GAM-team/GAM - pythonsource
GAM Team <google-apps-manager@googlegroups.com> GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.5 64-bit final Python 3.13.5 64-bit final
Windows-10-10.0.17134 AMD64 Windows-10-10.0.17134 AMD64

View File

@@ -3,7 +3,7 @@
- [Introduction](#introduction) - [Introduction](#introduction)
- [Definitions](#definitions) - [Definitions](#definitions)
- [Display Web Resources](#display-web-resources) - [Display Web Resources](#display-web-resources)
- [Display Web Sites](#display-web-sites) - [Display Web Master Sites](#display-web-master-sites)
## API documentation ## API documentation
* [Web Resources](https://developers.google.com/site-verification/v1/webResource/list) * [Web Resources](https://developers.google.com/site-verification/v1/webResource/list)
@@ -36,13 +36,13 @@ gam <UserItem> print webresources [todrive <ToDriveAttribute>*]
``` ```
Gam displays the information as columns of fields. Gam displays the information as columns of fields.
## Display Web Sites ## Display Web Master Sites
``` ```
gam <UserItem> show websites gam <UserItem> show webmastersites
``` ```
Gam displays the information as an indented list of keys and values. Gam displays the information as an indented list of keys and values.
``` ```
gam <UserItem> print websites [todrive <ToDriveAttribute>*] gam <UserItem> print webmastersites [todrive <ToDriveAttribute>*]
``` ```
Gam displays the information as columns of fields. Gam displays the information as columns of fields.

View File

@@ -3,7 +3,7 @@
Print the current version of Gam with details Print the current version of Gam with details
``` ```
gam version gam version
GAM 7.17.00 - https://github.com/GAM-team/GAM - pyinstaller GAM 7.18.00 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com> GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.5 64-bit final Python 3.13.5 64-bit final
MacOS Sequoia 15.5 x86_64 MacOS Sequoia 15.5 x86_64
@@ -15,7 +15,7 @@ Time: 2023-06-02T21:10:00-07:00
Print the current version of Gam with details and time offset information Print the current version of Gam with details and time offset information
``` ```
gam version timeoffset gam version timeoffset
GAM 7.17.00 - https://github.com/GAM-team/GAM - pyinstaller GAM 7.18.00 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com> GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.5 64-bit final Python 3.13.5 64-bit final
MacOS Sequoia 15.5 x86_64 MacOS Sequoia 15.5 x86_64
@@ -27,7 +27,7 @@ Your system time differs from www.googleapis.com by less than 1 second
Print the current version of Gam with extended details and SSL information Print the current version of Gam with extended details and SSL information
``` ```
gam version extended gam version extended
GAM 7.17.00 - https://github.com/GAM-team/GAM - pyinstaller GAM 7.18.00 - https://github.com/GAM-team/GAM - pyinstaller
GAM Team <google-apps-manager@googlegroups.com> GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.5 64-bit final Python 3.13.5 64-bit final
MacOS Sequoia 15.5 x86_64 MacOS Sequoia 15.5 x86_64
@@ -64,7 +64,7 @@ MacOS High Sierra 10.13.6 x86_64
Path: /Users/Admin/bin/gam7 Path: /Users/Admin/bin/gam7
Version Check: Version Check:
Current: 5.35.08 Current: 5.35.08
Latest: 7.17.00 Latest: 7.18.00
echo $? echo $?
1 1
``` ```
@@ -72,7 +72,7 @@ echo $?
Print the current version number without details Print the current version number without details
``` ```
gam version simple gam version simple
7.17.00 7.18.00
``` ```
In Linux/MacOS you can do: In Linux/MacOS you can do:
``` ```
@@ -82,7 +82,7 @@ echo $VER
Print the current version of Gam and address of this Wiki Print the current version of Gam and address of this Wiki
``` ```
gam help gam help
GAM 7.17.00 - https://github.com/GAM-team/GAM GAM 7.18.00 - https://github.com/GAM-team/GAM
GAM Team <google-apps-manager@googlegroups.com> GAM Team <google-apps-manager@googlegroups.com>
Python 3.13.5 64-bit final Python 3.13.5 64-bit final
MacOS Sequoia 15.5 x86_64 MacOS Sequoia 15.5 x86_64

View File

@@ -66,6 +66,7 @@ Client Access
* [Administrators](Administrators) * [Administrators](Administrators)
* [Alert Center](Alert-Center) * [Alert Center](Alert-Center)
* [Aliases](Aliases) * [Aliases](Aliases)
* [Business Account Management](Business-Account-Management)
* [Calendars](Calendars) * [Calendars](Calendars)
* [Calendars - Access](Calendars-Access) * [Calendars - Access](Calendars-Access)
* [Calendars - Events](Calendars-Events) * [Calendars - Events](Calendars-Events)
@@ -128,7 +129,7 @@ Client Access
* [Version and Help](Version-and-Help) * [Version and Help](Version-and-Help)
Special Service Account Access Special Service Account Access
* [Chat Bot](Chat-Bot) * [Chat Bot Setup and Use](Chat-Bot-Setup-Use)
Service Account Access Service Account Access
* [Users - Analytics Admin](Users-Analytics-Admin) * [Users - Analytics Admin](Users-Analytics-Admin)