Updated gam report gmail start/end time defaults

src/GamCommands.txt

@@ -4585,28 +4585,41 @@ gam report usage customer [todrive <ToDriveAttribute>*]
         [convertmbtogb]
 
 <ActivityApplicationName> ::=
+        accessevaluation|
         accesstransparency|access|
         admin|
+        admindataaction|
+        assignments|
         calendar|calendars|
         chat|
         chrome|
         classroom|
+        cloudsearch|
+        contacts|
         contextawareaccess|
+        datamigration|
         datastudio|
+        directorysync|
         drive|doc|docs|
         gcp|cloud|
         geminiinworkspaceapps|gemini|geminiforworkspace|
         gmail|
         gplus|currents|google+|
+        graduation|
         groups|group|
         groupsenterprise|enterprisegroups|
         jamboard|
         keep|
+        ldap|
         login|logins|
         meet|hangoutsmeet|
+        meethardware|
         mobile|devices|
+        profile|
         rules|
         saml|
+        takeout|
+        tasks|
         token|tokens|oauthtoken|
         useraccounts|
         vault
@@ -4617,7 +4630,7 @@ gam report <ActivityApplicationName> [todrive <ToDriveAttribute>*]
          yesterday|today|thismonth|(previousmonths <Integer>)]
         [filter <String> (filtertime<String> <Time>)*]
         [event|events <EventNameList>] [ip <String>]
-        [groupidfilter <String>]
+        [groupidfilter <String>] [resourcedetailsfilter <String>]
         [maxactivities <Number>] [maxevents <Number>] [maxresults <Number>]
         [countsonly [bydate|summary] [eventrowfilter]]
         (addcsvdata <FieldName> <String>)* [shownoactivities]
@@ -5425,7 +5438,7 @@ gam print vaultcounts [todrive <ToDriveAttributes>*]
         [wait <Integer>]
 gam print vaultcounts [todrive <ToDriveAttributes>*]
         matter <MatterItem>
-	corpus mail|groups
+        corpus mail|groups
         [scope [all_data|held_data|unprocessed_data]]
         [(accounts <EmailAddressEntity>) | (orgunit|org|ou <OrgUnitPath>) | everyone]
         [terms <String>] [start|starttime <Date>|<Time>] [end|endtime <Date>|<Time>] [timezone <TimeZone>]
@@ -5587,7 +5600,7 @@ gam create vaultquery <MatterItem> [name <String>]
         [locationquery <StringList>] [peoplequery <StringList>] [minuswords <StringList>]
         [responsestatuses <AttendeeStatus>(,<AttendeeStatus>)*] [calendarversiondate <Date>|<Time>]
         (covereddata calllogs|textmessages|voicemails)*
-	[<JSONData>]
+        [<JSONData>]
         [shownames]
         [showdetails|returnidonly|formatjson]
 
@@ -8286,7 +8299,7 @@ gam <UserItem> print meettranscripts <MeetConferenceName> [todrive <ToDriveAttri
 
 <BiographyContent> ::=
         <String>|
-	(file|textfile <FileName> [charset <Charset>])|
+        (file|textfile <FileName> [charset <Charset>])|
         (gdoc <UserGoogleDoc>)
 
 <PeopleContactAttribute> ::=

src/GamUpdate.txt

@@ -1,3 +1,23 @@
+7.30.04
+
+Updated `gam report gmail` to avoid the following error when incomplete start/end time information is provided.
+```
+ERROR: Invalid request: Start time and end time should both be provided, and the scan duration should not be greater than 30 days.
+```
+* No time information provided - GAM sets `range -30d today`
+* Only `start <Time>`  provided - GAM sets `end <Time>+30d`
+* Only `end <Time>` provided - GAM sets `start <Time>-30d`
+
+7.30.03
+
+Updated `gam report <ActivityApplicationName>` to reflect the changes described here:
+* See: https://workspaceupdates.googleblog.com/2025/12/google-workspace-audit-log-api.html
+
+Added option `resourcedetailsfilter <String>` to `gam report <ActivityApplicationName>` described here:
+* See: https://developers.google.com/workspace/admin/reports/reference/rest/v1/activities/list#query-parameters
+
+For `gam <UserTypeEntity> print <Objects>`, expanded the list of `<Objects>` covered by `gam.cfg csv_output_users_audit = True`.
+
 7.30.02
 
 Added option `conferencedata meet <MeetID>` to `<EventAttribute>` that allows specifying

src/gam/__init__.py

@@ -25,7 +25,7 @@ https://github.com/GAM-team/GAM/wiki
 """
 
 __author__ = 'GAM Team <google-apps-manager@googlegroups.com>'
-__version__ = '7.30.02'
+__version__ = '7.30.04'
 __license__ = 'Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)'
 
 #pylint: disable=wrong-import-position
@@ -12645,8 +12645,8 @@ def doPrintShowSvcAccts():
       svcAccts = callGAPIpages(iam.projects().serviceAccounts(), 'list', 'accounts',
                                throwReasons=[GAPI.NOT_FOUND, GAPI.PERMISSION_DENIED],
                                name=f'projects/{projectId}')
-      jcount = len(svcAccts)
       if not csvPF:
+        jcount = len(svcAccts)
         entityPerformActionNumItems([Ent.PROJECT, projectId], jcount, Ent.SVCACCT, i, count)
         Ind.Increment()
         j = 0
@@ -13247,6 +13247,7 @@ def doWhatIs():
     return
   if not invitableCheck:
     isInvitableUser = False
+    ci = None
   else:
     isInvitableUser, ci = _getIsInvitableUser(None, email)
   if isInvitableUser:
@@ -13685,28 +13686,42 @@ REPORT_ALIASES_CHOICE_MAP = {
   }
 
 REPORT_CHOICE_MAP = {
+  'accessevaluation': 'access_evaluation',
   'accesstransparency': 'access_transparency',
   'admin': 'admin',
+  'admindataaction': 'admin_data_action',
+  'assignments': 'assignments',
   'calendar': 'calendar',
   'chat': 'chat',
   'chrome': 'chrome',
+  'classroom': 'classroom',
+  'cloudsearch': 'cloud_search',
+  'contacts': 'contacts',
   'contextawareaccess': 'context_aware_access',
   'customer': 'customer',
+  'datamigration': 'data_migration',
   'datastudio': 'data_studio',
+  'directorysync': 'directory_sync',
   'drive': 'drive',
   'gcp': 'gcp',
   'geminiinworkspaceapps': 'gemini_in_workspace_apps',
   'gmail': 'gmail',
   'gplus': 'gplus',
+  'graduation':'graduation',
   'groups': 'groups',
   'groupsenterprise': 'groups_enterprise',
   'jamboard': 'jamboard',
   'keep': 'keep',
+  'ldap': 'ldap',
   'login': 'login',
   'meet': 'meet',
+  'meethardware': 'meet_hardware',
   'mobile': 'mobile',
+  'profile': 'profile',
   'rules': 'rules',
   'saml': 'saml',
+  'takeout': 'takeout',
+  'tasks': 'tasks',
   'token': 'token',
   'usage': 'usage',
   'usageparameters': 'usageparameters',
@@ -13719,11 +13734,17 @@ REPORT_ACTIVITIES_UPPERCASE_EVENTS = {
   'access_transparency',
   'admin',
   'chrome',
+  'cloud_search',
   'context_aware_access',
+  'data_migration',
   'data_studio',
+  'directory_sync',
   'gcp',
   'jamboard',
-  'mobile'
+  'meet_hardware',
+  'mobile',
+  'profile',
+  'takeout',
   }
 
 REPORT_ACTIVITIES_TIME_OBJECTS = {'time'}
@@ -14037,7 +14058,7 @@ def doReport():
   if customerId == GC.MY_CUSTOMER:
     customerId = None
   csvPF = CSVPrintFile()
-  filters = actorIpAddress = groupIdFilter = orgUnit = orgUnitId = None
+  filters = actorIpAddress = groupIdFilter = orgUnit = orgUnitId = resourceDetailsFilter = None
   showOrgUnit = False
   parameters = set()
   parameterServices = set()
@@ -14154,6 +14175,8 @@ def doReport():
       eventRowFilter = True
     elif activityReports and myarg == 'groupidfilter':
       groupIdFilter = getString(Cmd.OB_STRING)
+    elif activityReports and myarg == 'resourcedetailsfilter':
+      resourceDetailsFilter = getString(Cmd.OB_STRING)
     elif myarg == 'addcsvdata':
       k = getString(Cmd.OB_STRING)
       addCSVData[k] = getString(Cmd.OB_STRING, minLen=0)
@@ -14420,6 +14443,17 @@ def doReport():
     else:
       for eventName in eventNames:
         zeroEventCounts[eventName] = 0
+# gmail requires a start time and an end time no more than 30 days apart
+    if report == 'gmail':
+      if startEndTime.startTime is None:
+        if startEndTime.endTime is None:
+          startEndTime.endDateTime = todaysDate()
+          startEndTime.endTime = ISOformatTimeStamp(startEndTime.endDateTime)
+        startEndTime.startDateTime = startEndTime.endDateTime.shift(days=-30)
+        startEndTime.startTime = ISOformatTimeStamp(startEndTime.startDateTime)
+      elif startEndTime.endTime is None:
+        startEndTime.endDateTime = startEndTime.startDateTime.shift(days=30)
+        startEndTime.endTime = ISOformatTimeStamp(startEndTime.endDateTime)
     i = 0
     count = len(users)
     for user in users:
@@ -14438,7 +14472,7 @@ def doReport():
                                actorIpAddress=actorIpAddress, orgUnitID=orgUnitId,
                                startTime=startEndTime.startTime, endTime=startEndTime.endTime,
                                eventName=eventName, filters=filters, groupIdFilter=groupIdFilter,
-                               maxResults=maxResults)
+                               resourceDetailsFilter=resourceDetailsFilter, maxResults=maxResults)
         except GAPI.badRequest:
           if user != 'all':
             entityUnknownWarning(Ent.USER, user, i, count)
@@ -16074,8 +16108,8 @@ def printShowAnalyticItems(users, entityType):
     except GAPI.serviceNotAvailable:
       userAnalyticsServiceNotEnabledWarning(user, i, count)
       continue
-    jcount = len(results)
     if not csvPF:
+      jcount = len(results)
       if not FJQC.formatJSON:
         entityPerformActionNumItems([Ent.USER, user], jcount, entityType)
       Ind.Increment()
@@ -16091,7 +16125,7 @@ def printShowAnalyticItems(users, entityType):
           printLine(json.dumps(cleanJSON(item, timeObjects=analyticEntityMap['timeObjects']),
                                ensure_ascii=False, sort_keys=False))
       Ind.Decrement()
-    else:
+    elif results:
       for item in results:
         row = flattenJSON(item, flattened={'User': user}, timeObjects=analyticEntityMap['timeObjects'])
         if not FJQC.formatJSON:
@@ -16103,6 +16137,8 @@ def printShowAnalyticItems(users, entityType):
           row['JSON'] = json.dumps(cleanJSON(item, timeObjects=analyticEntityMap['timeObjects']),
                                    ensure_ascii=False, sort_keys=True)
           csvPF.WriteRowNoFilter(row)
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile(Ent.Plural(entityType))
 
@@ -22381,11 +22417,13 @@ def _printPersonEntityList(entityType, entityList, userEntityType, user, i, coun
       if not contactQuery or localPeopleContactSelects(contactQuery, person):
         _showPerson(userEntityType, user, entityType, person, j, jcount, FJQC, parameters)
     Ind.Decrement()
-  else:
+  elif entityList:
     entityTypeName = Ent.Singular(userEntityType)
     for person in entityList:
       if not contactQuery or localPeopleContactSelects(contactQuery, person):
         _printPerson(entityTypeName, user, person, csvPF, FJQC, parameters)
+  elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+    csvPF.WriteRowNoFilter({userEntityType: user})
 
 PEOPLE_FIELDS_CHOICE_MAP = {
   'additionalname': PEOPLE_NAMES,
@@ -23701,9 +23739,9 @@ def printShowContactDelegates(users):
     except (GAPI.serviceNotAvailable, GAPI.badRequest):
       userContactDelegateServiceNotEnabledWarning(user, i, count)
       continue
-    jcount = len(delegates)
     if not csvPF:
       if not csvStyle:
+        jcount = len(delegates)
         entityPerformActionNumItems([Ent.USER, user], jcount, Ent.CONTACT_DELEGATE, i, count)
         Ind.Increment()
         j = 0
@@ -23727,17 +23765,16 @@ def printShowContactDelegates(users):
             writeStdout(f'{user},{_getDelegateName(cd, delegateEmail, delegateNames)},{delegateEmail}\n')
           else:
             writeStdout(f'{user},{delegateEmail}\n')
-    else:
+    elif delegates:
-      if delegates:
+      if showNames:
-        if showNames:
+        for delegate in delegates:
-          for delegate in delegates:
+          csvPF.WriteRow({'User': user, 'delegateName': _getDelegateName(cd, delegate['email'], delegateNames),
-            csvPF.WriteRow({'User': user, 'delegateName': _getDelegateName(cd, delegate['email'], delegateNames),
+                          'delegateAddress': delegate['email']})
-                            'delegateAddress': delegate['email']})
+      else:
-        else:
+        for delegate in delegates:
-          for delegate in delegates:
+          csvPF.WriteRow({'User': user, 'delegateAddress': delegate['email']})
-            csvPF.WriteRow({'User': user, 'delegateAddress': delegate['email']})
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
-        csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('Contact Delegates')
 
@@ -26749,10 +26786,11 @@ def printShowChatEmojis(users):
     try:
       emojis = callGAPIpages(chat.customEmojis(), 'list', 'customEmojis',
                              pageMessage=_getChatPageMessage(Ent.CHAT_EMOJI, user, i, count, pfilter),
-                             throwReasons=[GAPI.NOT_FOUND, GAPI.INVALID_ARGUMENT, GAPI.PERMISSION_DENIED],
+                             throwReasons=[GAPI.NOT_FOUND, GAPI.INVALID_ARGUMENT,
+                                           GAPI.PERMISSION_DENIED, GAPI.FAILED_PRECONDITION],
                              retryReasons=GAPI.SERVICE_NOT_AVAILABLE_RETRY_REASONS,
                              pageSize=GC.Values[GC.CHAT_MAX_RESULTS], filter=pfilter)
-    except (GAPI.notFound, GAPI.invalidArgument, GAPI.permissionDenied) as e:
+    except (GAPI.notFound, GAPI.invalidArgument, GAPI.permissionDenied, GAPI.failedPrecondition) as e:
       exitIfChatNotConfigured(chat, kvList, str(e), i, count)
       continue
     except GAPI.failedPrecondition:
@@ -26768,9 +26806,11 @@ def printShowChatEmojis(users):
         j += 1
         _showChatItem(emoji, Ent.CHAT_EMOJI, FJQC, j, jcount)
       Ind.Decrement()
-    else:
+    elif emojis:
       for emoji in sorted(emojis, key=lambda k: k['emojiName']):
         _printChatItem(user, emoji, '', Ent.CHAT_EMOJI, csvPF, FJQC)
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('Chat Custom Emojis')
 
@@ -28369,9 +28409,11 @@ def printShowChatMessages(users):
             message['space']['displayName'] = parent['displayName']
           _showChatItem(message, Ent.CHAT_MESSAGE, FJQC, k, kcount)
         Ind.Decrement()
-      else:
+      elif messages:
         for message in messages:
           _printChatItem(user, message, parent, Ent.CHAT_MESSAGE, csvPF, FJQC)
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('Chat Messages')
 
@@ -28482,9 +28524,11 @@ def printShowChatEvents(users):
           event['space'] = {'name': parentName, 'displayName': parent['displayName']}
           _showChatItem(event, Ent.CHAT_EVENT, FJQC, k, kcount)
         Ind.Decrement()
-      else:
+      elif events:
         for event in events:
           _printChatItem(user, event, parent, Ent.CHAT_EVENT, csvPF, FJQC)
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('Chat Events')
 
@@ -31557,8 +31601,8 @@ def doPrintShowChromeApps():
       except (GAPI.invalid, GAPI.invalidArgument, GAPI.permissionDenied, GAPI.serviceNotAvailable) as e:
         entityActionFailedWarning([Ent.CHROME_APP, None], str(e))
         return
-      jcount = len(apps)
       if not csvPF:
+        jcount = len(apps)
         if not FJQC.formatJSON:
           entityPerformActionNumItems([Ent.ORGANIZATIONAL_UNIT, orgUnitPath], jcount, Ent.CHROME_APP)
         Ind.Increment()
@@ -31706,8 +31750,8 @@ def doPrintShowChromeAppDevices():
       except (GAPI.invalid, GAPI.invalidArgument, GAPI.permissionDenied, GAPI.serviceNotAvailable) as e:
         entityActionFailedWarning([Ent.CHROME_APP_DEVICE, None], str(e))
         return
-      jcount = len(devices)
       if not csvPF:
+        jcount = len(devices)
         if not FJQC.formatJSON:
           entityPerformActionNumItems([Ent.ORGANIZATIONAL_UNIT, orgUnitPath], jcount, Ent.CHROME_APP_DEVICE)
         Ind.Increment()
@@ -32135,8 +32179,8 @@ def doPrintShowChromeVersions():
       except (GAPI.invalid, GAPI.invalidArgument, GAPI.permissionDenied, GAPI.serviceNotAvailable) as e:
         entityActionFailedWarning([Ent.CHROME_VERSION, None], str(e))
         return
-      jcount = len(versions)
       if not csvPF:
+        jcount = len(versions)
         if not FJQC.formatJSON:
           entityPerformActionNumItems([Ent.ORGANIZATIONAL_UNIT, orgUnitPath], jcount, Ent.CHROME_VERSION)
         Ind.Increment()
@@ -42725,8 +42769,8 @@ def doPrintShowVaultExports():
     else:
       warnMatterNotOpen(None, matter, matterNameId, j, jcount)
       continue
-    kcount = len(exports)
     if not csvPF:
+      kcount = len(exports)
       if not FJQC.formatJSON:
         entityPerformActionNumItems([Ent.VAULT_MATTER, matterNameId], kcount, Ent.VAULT_EXPORT, j, jcount)
       Ind.Increment()
@@ -43420,8 +43464,8 @@ def doPrintShowVaultHolds():
     else:
       warnMatterNotOpen(None, matter, matterNameId, j, jcount)
       continue
-    kcount = len(holds)
     if not csvPF:
+      kcount = len(holds)
       if not FJQC.formatJSON:
         entityPerformActionNumItems([Ent.VAULT_MATTER, matterNameId], kcount, Ent.VAULT_HOLD, j, jcount)
       Ind.Increment()
@@ -43784,8 +43828,8 @@ def doPrintShowVaultQueries():
     else:
       warnMatterNotOpen(None, matter, matterNameId, j, jcount)
       continue
-    kcount = len(queries)
     if not csvPF:
+      kcount = len(queries)
       if not FJQC.formatJSON:
         entityPerformActionNumItems([Ent.VAULT_MATTER, matterNameId], kcount, Ent.VAULT_QUERY, j, jcount)
       Ind.Increment()
@@ -48197,8 +48241,8 @@ def printShowWebResources(users):
     if not verif:
       continue
     sites = callGAPIitems(verif.webResource(), 'list', 'items')
-    jcount = len(sites)
     if not csvPF:
+      jcount = len(sites)
       entityPerformActionNumItems([Ent.USER, user], jcount, Ent.WEB_RESOURCE, i, count)
       Ind.Increment()
       j = 0
@@ -48206,10 +48250,12 @@ def printShowWebResources(users):
         j += 1
         _showSiteVerificationInfo(site, j, jcount)
       Ind.Decrement()
-    else:
+    elif sites:
       for site in sites:
         row = flattenJSON(site, flattened={'User': user})
         csvPF.WriteRowTitles(row)
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('Web Resources')
 
@@ -48234,8 +48280,8 @@ def printShowWebMasterSites(users):
                             throwReasons=[GAPI.PERMISSION_DENIED])
     except GAPI.permissionDenied as e:
       accessErrorExitNonDirectory(API.SEARCHCONSOLE, str(e))
-    jcount = len(sites)
     if not csvPF:
+      jcount = len(sites)
       entityPerformActionNumItems([Ent.USER, user], jcount, Ent.WEB_MASTERSITE, i, count)
       Ind.Increment()
       j = 0
@@ -48246,10 +48292,12 @@ def printShowWebMasterSites(users):
         printKeyValueList(['permissionLevel', site['permissionLevel']])
         Ind.Decrement()
       Ind.Decrement()
-    else:
+    elif sites:
       for site in sites:
         row = flattenJSON(site, flattened={'User': user})
         csvPF.WriteRowTitles(row)
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('Web Master Sites')
 
@@ -51513,9 +51561,9 @@ def _printShowGuardians(entityList=None):
                                                   GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED, GAPI.SERVICE_NOT_AVAILABLE],
                                     retryReasons=GAPI.SERVICE_NOT_AVAILABLE_RETRY_REASONS,
                                     studentId=studentId, invitedEmailAddress=invitedEmailAddress, states=states)
-        jcount = len(invitations)
         if not csvPF:
           if not FJQC.formatJSON:
+            jcount = len(invitations)
             entityPerformActionNumItems([Ent.STUDENT, studentId if not allStudents else 'All'], jcount, Ent.GUARDIAN_INVITATION, i, count)
             Ind.Increment()
             j = 0
@@ -51530,7 +51578,7 @@ def _printShowGuardians(entityList=None):
             Ind.Decrement()
           else:
             printLine(json.dumps(cleanJSON(invitations, timeObjects=GUARDIAN_TIME_OBJECTS), ensure_ascii=False, sort_keys=True))
-        else:
+        elif invitations:
           if not FJQC.formatJSON:
             for invitation in invitations:
               if showStudentEmails:
@@ -51541,6 +51589,8 @@ def _printShowGuardians(entityList=None):
           else:
             csvPF.WriteRow({'studentId': studentId, 'studentEmail': _getClassroomEmail(croom, classroomEmails, studentId, studentId),
                             'JSON': json.dumps(cleanJSON(invitations, timeObjects=GUARDIAN_TIME_OBJECTS), ensure_ascii=False, sort_keys=True)})
+        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+          csvPF.WriteRowNoFilter({'studentEmail': studentId})
       if guardianClass != GUARDIAN_CLASS_INVITATIONS:
         if csvPF:
           if not allStudents:
@@ -51556,9 +51606,9 @@ def _printShowGuardians(entityList=None):
                                                 GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED, GAPI.SERVICE_NOT_AVAILABLE],
                                   retryReasons=GAPI.SERVICE_NOT_AVAILABLE_RETRY_REASONS,
                                   studentId=studentId, invitedEmailAddress=invitedEmailAddress)
-        jcount = len(guardians)
         if not csvPF:
           if not FJQC.formatJSON:
+            jcount = len(guardians)
             entityPerformActionNumItems([Ent.STUDENT, studentId if not allStudents else 'All'], jcount, Ent.GUARDIAN, i, count)
             Ind.Increment()
             j = 0
@@ -51573,7 +51623,7 @@ def _printShowGuardians(entityList=None):
             Ind.Decrement()
           else:
             printLine(json.dumps(cleanJSON(guardians), ensure_ascii=False, sort_keys=True))
-        else:
+        elif guardians:
           if not FJQC.formatJSON:
             for guardian in guardians:
               if showStudentEmails:
@@ -51584,6 +51634,8 @@ def _printShowGuardians(entityList=None):
           else:
             csvPF.WriteRowNoFilter({'studentId': studentId, 'studentEmail': _getClassroomEmail(croom, classroomEmails, studentId, studentId),
                                     'JSON': json.dumps(cleanJSON(guardians), ensure_ascii=False, sort_keys=True)})
+        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+          csvPF.WriteRowNoFilter({'studentEmail': studentId})
     except GAPI.notFound:
       entityUnknownWarning(Ent.STUDENT, studentId, i, count)
     except (GAPI.invalidArgument, GAPI.badRequest, GAPI.forbidden, GAPI.permissionDenied) as e:
@@ -51857,11 +51909,10 @@ def printShowClassroomInvitations(users):
       printGettingAllEntityItemsForWhom(entityType, userId, i, count)
     status, invitations = _getClassroomInvitations(croom, userId, None, role, i, count)
     if status > 0:
-      jcount = len(invitations)
-      if not FJQC.formatJSON:
-        entityPerformActionNumItems([Ent.USER, userId], jcount, entityType, i, count)
       if not csvPF:
         if not FJQC.formatJSON:
+          jcount = len(invitations)
+          entityPerformActionNumItems([Ent.USER, userId], jcount, entityType, i, count)
           Ind.Increment()
           j = 0
           for invitation in invitations:
@@ -51878,7 +51929,7 @@ def printShowClassroomInvitations(users):
           Ind.Decrement()
         else:
           printLine(json.dumps(cleanJSON(invitations), ensure_ascii=False, sort_keys=True))
-      else:
+      elif invitations:
         if not FJQC.formatJSON:
           for invitation in invitations:
             invitation['courseName'] = _getCourseName(croom, courseNames, invitation['courseId'])
@@ -51887,6 +51938,8 @@ def printShowClassroomInvitations(users):
         else:
           csvPF.WriteRowNoFilter({'userEmail': userEmail,
                                   'JSON': json.dumps(cleanJSON(invitations), ensure_ascii=False, sort_keys=True)})
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'userId' if not FJQC.formatJSON else 'userEmail':  userEmail})
   if csvPF:
     csvPF.writeCSVfile('ClassroomInvitations')
 
@@ -53334,8 +53387,8 @@ def printShowCalendars(users):
           if domain in excludeDomains:
             continue
         calendars.append(calendar)
-    jcount = len(calendars)
     if not csvPF:
+      jcount = len(calendars)
       if not FJQC.formatJSON:
         entityPerformActionNumItems([Ent.USER, user], jcount, Ent.CALENDAR, i, count)
       Ind.Increment()
@@ -53346,39 +53399,38 @@ def printShowCalendars(users):
           acls = _getCalendarPermissions(cal, calendar)
         _showCalendar(calendar, j, jcount, FJQC, acls)
       Ind.Decrement()
-    else:
+    elif calendars:
-      if calendars:
+      if not getCalPermissions or not oneItemPerRow:
-        if not getCalPermissions or not oneItemPerRow:
+        for calendar in calendars:
-          for calendar in calendars:
+          row = {'primaryEmail': user, 'calendarId': calendar['id']}
-            row = {'primaryEmail': user, 'calendarId': calendar['id']}
+          if getCalPermissions:
+            calPerms = _getCalendarPermissions(cal, calendar)
+            flattenJSON({'permissions': calPerms}, flattened=row)
+          flattenJSON(calendar, flattened=row, simpleLists=CALENDAR_SIMPLE_LISTS, delimiter=delimiter)
+          if not FJQC.formatJSON:
+            row.pop('id')
+            csvPF.WriteRowTitles(row)
+          elif csvPF.CheckRowTitles(row):
             if getCalPermissions:
-              calPerms = _getCalendarPermissions(cal, calendar)
+              calendar.update({'permissions': calPerms})
-              flattenJSON({'permissions': calPerms}, flattened=row)
+            csvPF.WriteRowNoFilter({'primaryEmail': user, 'calendarId': calendar['id'],
-            flattenJSON(calendar, flattened=row, simpleLists=CALENDAR_SIMPLE_LISTS, delimiter=delimiter)
+                                    'JSON': json.dumps(cleanJSON(calendar), ensure_ascii=False, sort_keys=True)})
+      else:
+        for calendar in calendars:
+          baserow = {'primaryEmail': user, 'calendarId': calendar['id']}
+          flattenJSON(calendar, flattened=baserow, simpleLists=CALENDAR_SIMPLE_LISTS, delimiter=delimiter)
+          for permission in _getCalendarPermissions(cal, calendar):
+            row = baserow.copy()
+            flattenJSON({'permission': permission}, flattened=row)
             if not FJQC.formatJSON:
               row.pop('id')
               csvPF.WriteRowTitles(row)
             elif csvPF.CheckRowTitles(row):
-              if getCalPermissions:
+              calendar.update({'permission': permission})
-                calendar.update({'permissions': calPerms})
               csvPF.WriteRowNoFilter({'primaryEmail': user, 'calendarId': calendar['id'],
                                       'JSON': json.dumps(cleanJSON(calendar), ensure_ascii=False, sort_keys=True)})
-        else:
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-          for calendar in calendars:
+      csvPF.WriteRowNoFilter({'primaryEmail': user})
-            baserow = {'primaryEmail': user, 'calendarId': calendar['id']}
-            flattenJSON(calendar, flattened=baserow, simpleLists=CALENDAR_SIMPLE_LISTS, delimiter=delimiter)
-            for permission in _getCalendarPermissions(cal, calendar):
-              row = baserow.copy()
-              flattenJSON({'permission': permission}, flattened=row)
-              if not FJQC.formatJSON:
-                row.pop('id')
-                csvPF.WriteRowTitles(row)
-              elif csvPF.CheckRowTitles(row):
-                calendar.update({'permission': permission})
-                csvPF.WriteRowNoFilter({'primaryEmail': user, 'calendarId': calendar['id'],
-                                        'JSON': json.dumps(cleanJSON(calendar), ensure_ascii=False, sort_keys=True)})
-      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-        csvPF.WriteRowNoFilter({'primaryEmail': user})
   if csvPF:
     csvPF.writeCSVfile('Calendars')
 
@@ -54610,11 +54662,13 @@ def printShowStatusEvent(users, eventType):
               _getEventDaysOfWeek(event)
             _showCalendarStatusEvent(user, calId, Ent.EVENT, event, k, kcount, FJQC)
           Ind.Decrement()
-        else:
+        elif events:
           for event in events:
             if showDayOfWeek:
               _getEventDaysOfWeek(event)
             _printCalendarEvent(user, calId, event, csvPF, FJQC, {})
+        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+          csvPF.WriteRowNoFilter({'primaryEmail': user})
         first = first.shift(**wlDate['udelta'])
         last = last.shift(**wlDate['udelta'])
   if csvPF:
@@ -54728,7 +54782,7 @@ def printShowYouTubeChannel(users):
         showJSON(None, channel, skipObjects={'id'}, timeObjects=YOUTUBE_CHANNEL_TIME_OBJECTS)
         Ind.Decrement()
       Ind.Decrement()
-    else:
+    elif channels:
       for channel in channels:
         row = {'User': user, 'id': channel['id']}
         flattenJSON(channel, flattened=row, timeObjects=YOUTUBE_CHANNEL_TIME_OBJECTS)
@@ -54739,6 +54793,8 @@ def printShowYouTubeChannel(users):
                  'JSON': json.dumps(cleanJSON(channel, timeObjects=YOUTUBE_CHANNEL_TIME_OBJECTS),
                                     ensure_ascii=False, sort_keys=True)}
           csvPF.WriteRowNoFilter(row)
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('YouTube Channels')
 
@@ -66775,6 +66831,7 @@ def infoDriveFileACLs(users, useDomainAdminAccess=False):
                               useDomainAdminAccess=useDomainAdminAccess,
                               fileId=fileId, permissionId=permissionId, fields='*', supportsAllDrives=True)
         if not FJQC.formatJSON:
+          jcount = len(permission)
           entityPerformActionNumItems([entityType, fileName], jcount, Ent.PERMITTEE)
           Ind.Increment()
           _showDriveFilePermission(permission, printKeys, timeObjects, j, jcount)
@@ -68347,7 +68404,7 @@ def printShowSharedDrives(users, useDomainAdminAccess=False):
         shareddrive = stripNonShowFields(shareddrive)
         _showSharedDrive(user, shareddrive, j, jcount, FJQC)
       Ind.Decrement()
-    else:
+    elif matchedFeed:
       for shareddrive in sorted(matchedFeed, key=lambda k: k['name']):
         shareddrive = stripNonShowFields(shareddrive)
         if FJQC.formatJSON:
@@ -68360,6 +68417,8 @@ def printShowSharedDrives(users, useDomainAdminAccess=False):
           csvPF.WriteRow(row)
         else:
           csvPF.WriteRowTitles(flattenJSON(shareddrive, flattened={'User': user}, timeObjects=SHAREDDRIVE_TIME_OBJECTS))
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('SharedDrives')
 
@@ -69135,12 +69194,14 @@ def printShowLookerStudioAssets(users):
         if asset:
           _showAsset(asset)
       Ind.Decrement()
-    else:
+    elif assets:
       for asset in assets:
         if assetIdEntity:
           asset = _getLookerStudioAssetByID(ds, user, i, count, asset['name'])
         if asset:
           _printAsset(asset, user)
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile('Looker Studio Assets')
 
@@ -69329,8 +69390,12 @@ def printShowLookerStudioPermissions(users):
       assets, jcount = _getLookerStudioAssets(ds, user, i, count, parameters, assetTypes, 'nextPageToken,assets(name,title)', None)
       if assets is None:
         continue
-    if not csvPF and not FJQC.formatJSON:
+    if not csvPF:
-      entityPerformActionNumItems([Ent.USER, user], jcount, Ent.LOOKERSTUDIO_ASSET, i, count)
+      if not FJQC.formatJSON:
+        entityPerformActionNumItems([Ent.USER, user], jcount, Ent.LOOKERSTUDIO_ASSET, i, count)
+    elif jcount == 0 and GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
+      continue
     j = 0
     for asset in assets:
       j += 1
@@ -69941,6 +70006,9 @@ def printShowUserGroups(users):
         entityPerformActionNumItems([Ent.USER, user], jcount, Ent.GROUP, i, count)
       else:
         entityPerformActionModifierNumItems([Ent.USER, user], Msg.MAXIMUM_OF, jcount, Ent.GROUP, i, count)
+    elif jcount == 0 and GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
+      continue
     if noDetails:
       Ind.Increment()
       j = 0
@@ -71281,7 +71349,6 @@ def printShowSheetRanges(users):
                           throwReasons=GAPI.SHEETS_ACCESS_THROW_REASONS,
                           spreadsheetId=spreadsheetId, ranges=spreadsheetRanges, fields='valueRanges', **kwargs)
         valueRanges = result.get('valueRanges', [])
-        kcount = len(valueRanges)
         if not csvPF:
           if FJQC.formatJSON:
             if not valueRangesOnly:
@@ -71289,6 +71356,7 @@ def printShowSheetRanges(users):
             else:
               printLine(json.dumps(result.get('valueRanges', []), ensure_ascii=False, sort_keys=False))
             continue
+          kcount = len(valueRanges)
           entityPerformActionNumItems([Ent.USER, user, Ent.SPREADSHEET, spreadsheetId], kcount, Ent.SPREADSHEET_RANGE, j, jcount)
           Ind.Increment()
           k = 0
@@ -71297,19 +71365,18 @@ def printShowSheetRanges(users):
             printKeyValueListWithCount(['range', valueRange['range']], k, kcount)
             _showValueRange(valueRange)
           Ind.Decrement()
-        else:
+        elif valueRanges:
-          if kcount:
+          row = flattenJSON(result, flattened={'User': user, 'spreadsheetId': spreadsheetId})
-            row = flattenJSON(result, flattened={'User': user, 'spreadsheetId': spreadsheetId})
+          if not FJQC.formatJSON:
-            if not FJQC.formatJSON:
+            csvPF.WriteRowTitles(row)
-              csvPF.WriteRowTitles(row)
+          elif csvPF.CheckRowTitles(row):
-            elif csvPF.CheckRowTitles(row):
+            if not valueRangesOnly:
-              if not valueRangesOnly:
+              csvPF.WriteRowNoFilter({'User': user, 'spreadsheetId': spreadsheetId,
-                csvPF.WriteRowNoFilter({'User': user, 'spreadsheetId': spreadsheetId,
+                                      'JSON': json.dumps(result, ensure_ascii=False, sort_keys=False)})
-                                        'JSON': json.dumps(result, ensure_ascii=False, sort_keys=False)})
+            else:
-              else:
+              csvPF.WriteRowNoFilter({'JSON': json.dumps(result.get('valueRanges', []), ensure_ascii=False, sort_keys=False)})
-                csvPF.WriteRowNoFilter({'JSON': json.dumps(result.get('valueRanges', []), ensure_ascii=False, sort_keys=False)})
+        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-          elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+          csvPF.WriteRowNoFilter({'User': user})
-            csvPF.WriteRowNoFilter({'User': user})
       except (GAPI.notFound, GAPI.forbidden, GAPI.permissionDenied,
               GAPI.internalError, GAPI.insufficientFilePermissions, GAPI.badRequest,
               GAPI.invalid, GAPI.invalidArgument, GAPI.failedPrecondition) as e:
@@ -71460,9 +71527,9 @@ def _printShowTokens(entityType, users):
                                               GAPI.DOMAIN_CANNOT_USE_APIS, GAPI.BAD_REQUEST,
                                               GAPI.FORBIDDEN, GAPI.PERMISSION_DENIED],
                                 userKey=user, fields=f'items({fields})')
-      jcount = len(results)
       if not aggregateUsersBy:
         if not csvPF:
+          jcount = len(results)
           entityPerformActionNumItems([Ent.USER, user], jcount, Ent.ACCESS_TOKEN, i, count)
           Ind.Increment()
           j = 0
@@ -71470,16 +71537,15 @@ def _printShowTokens(entityType, users):
             j += 1
             _showToken(token, tokenTitle, orderBy, j, jcount)
           Ind.Decrement()
-        else:
+        elif results:
-          if results:
+          for token in sorted(results, key=lambda k: k[orderBy]):
-            for token in sorted(results, key=lambda k: k[orderBy]):
+            row = {'user': user, 'scopes': delimiter.join(token.get('scopes', []))}
-              row = {'user': user, 'scopes': delimiter.join(token.get('scopes', []))}
+            for item in token:
-              for item in token:
+              if item != 'scopes':
-                if item != 'scopes':
+                row[item] = token.get(item, '')
-                  row[item] = token.get(item, '')
+            csvPF.WriteRow(row)
-              csvPF.WriteRow(row)
+        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-          elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+          csvPF.WriteRowNoFilter({'user': user})
-            csvPF.WriteRowNoFilter({'user': user})
       elif aggregateUsersBy != 'user':
         if results:
           for token in results:
@@ -74638,8 +74704,8 @@ def printShowDelegates(users):
                         throwReasons=GAPI.GMAIL_THROW_REASONS+[GAPI.PERMISSION_DENIED, GAPI.FAILED_PRECONDITION],
                         userId='me')
       delegates = result.get('delegates', []) if result is not None else []
-      jcount = len(delegates)
       if not csvPF:
+        jcount = len(delegates)
         if not csvStyle:
           entityPerformActionNumItems([Ent.USER, user], jcount, Ent.DELEGATE, i, count)
           Ind.Increment()
@@ -74670,18 +74736,17 @@ def printShowDelegates(users):
               writeStdout(f'{user},{_getDelegateName(cd, delegateEmail, delegateNames)},{status},{delegateEmail}\n')
             else:
               writeStdout(f'{user},{status},{delegateEmail}\n')
-      else:
+      elif delegates:
-        if delegates:
+        if showNames:
-          if showNames:
+          for delegate in delegates:
-            for delegate in delegates:
+            csvPF.WriteRow({'User': user, 'delegateName': _getDelegateName(cd, delegate['delegateEmail'], delegateNames),
-              csvPF.WriteRow({'User': user, 'delegateName': _getDelegateName(cd, delegate['delegateEmail'], delegateNames),
+                            'delegateAddress': delegate['delegateEmail'], 'delegationStatus': delegate['verificationStatus']})
-                              'delegateAddress': delegate['delegateEmail'], 'delegationStatus': delegate['verificationStatus']})
+        else:
-          else:
+          for delegate in delegates:
-            for delegate in delegates:
+            csvPF.WriteRow({'User': user, 'delegateAddress': delegate['delegateEmail'],
-              csvPF.WriteRow({'User': user, 'delegateAddress': delegate['delegateEmail'],
+                            'delegationStatus': delegate['verificationStatus']})
-                              'delegationStatus': delegate['verificationStatus']})
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
-          csvPF.WriteRowNoFilter({'User': user})
     except (GAPI.permissionDenied, GAPI.failedPrecondition) as e:
       entityActionFailedWarning([Ent.USER, user, Ent.DELEGATE, None], str(e), i, count)
     except GAPI.serviceNotAvailable:
@@ -75031,7 +75096,7 @@ def infoFilters(users):
 # gam <UserTypeEntity> show filters [labelidsonly] [formatjson]
 def printShowFilters(users):
   labelIdsOnly = False
-  csvPF = CSVPrintFile() if Act.csvFormat() else None
+  csvPF = CSVPrintFile(['User', 'id']) if Act.csvFormat() else None
   FJQC = FormatJSONQuoteChar(csvPF)
   while Cmd.ArgumentsRemaining():
     myarg = getArgument()
@@ -75061,8 +75126,8 @@ def printShowFilters(users):
       results = callGAPIitems(gmail.users().settings().filters(), 'list', 'filter',
                               throwReasons=GAPI.GMAIL_THROW_REASONS,
                               userId='me')
-      jcount = len(results)
       if not csvPF:
+        jcount = len(results)
         if not FJQC.formatJSON:
           entityPerformActionNumItems([Ent.USER, user], jcount, Ent.FILTER, i, count)
         Ind.Increment()
@@ -75071,17 +75136,16 @@ def printShowFilters(users):
           j += 1
           _showFilter(userFilter, j, jcount, labels, FJQC)
         Ind.Decrement()
-      else:
+      elif results:
-        if results:
+        for userFilter in results:
-          for userFilter in results:
+          row = _printFilter(user, userFilter, labels)
-            row = _printFilter(user, userFilter, labels)
+          if FJQC.formatJSON:
-            if FJQC.formatJSON:
+            if labels['labels']:
-              if labels['labels']:
+              _mapFilterLabelIdsToNames(userFilter, labels)
-                _mapFilterLabelIdsToNames(userFilter, labels)
+            row['JSON'] = json.dumps(userFilter, ensure_ascii=False, sort_keys=False)
-              row['JSON'] = json.dumps(userFilter, ensure_ascii=False, sort_keys=False)
+          csvPF.WriteRowTitles(row)
-            csvPF.WriteRowTitles(row)
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
-          csvPF.WriteRowNoFilter({'User': user})
     except GAPI.serviceNotAvailable:
       userGmailServiceNotEnabledWarning(user, i, count)
   if csvPF:
@@ -75690,8 +75754,8 @@ def printShowForwardingAddresses(users):
       results = callGAPIitems(gmail.users().settings().forwardingAddresses(), 'list', 'forwardingAddresses',
                               throwReasons=GAPI.GMAIL_THROW_REASONS+[GAPI.FAILED_PRECONDITION],
                               userId='me')
-      jcount = len(results)
       if not csvPF:
+        jcount = len(results)
         entityPerformActionNumItems([Ent.USER, user], jcount, Ent.FORWARDING_ADDRESS, i, count)
         Ind.Increment()
         j = 0
@@ -75699,12 +75763,11 @@ def printShowForwardingAddresses(users):
           j += 1
           _showForwardingAddress(j, jcount, forward)
         Ind.Decrement()
-      else:
+      elif results:
-        if results:
+        for forward in results:
-          for forward in results:
+          csvPF.WriteRow({'User': user, 'forwardingEmail': forward['forwardingEmail'], 'verificationStatus': forward['verificationStatus']})
-            csvPF.WriteRow({'User': user, 'forwardingEmail': forward['forwardingEmail'], 'verificationStatus': forward['verificationStatus']})
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
-        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
-          csvPF.WriteRowNoFilter({'User': user})
     except GAPI.failedPrecondition as e:
       entityActionFailedWarning([Ent.USER, user], str(e), i, count)
     except GAPI.serviceNotAvailable:
@@ -76134,8 +76197,8 @@ def printShowSendAs(users):
       results = callGAPIitems(gmail.users().settings().sendAs(), 'list', 'sendAs',
                               throwReasons=GAPI.GMAIL_THROW_REASONS,
                               userId='me')
-      jcount = len(results)
       if not csvPF:
+        jcount = len(results)
         entityPerformActionNumItems([Ent.USER, user], jcount if selection is None else 1, Ent.SENDAS_ADDRESS, i, count)
         Ind.Increment()
         j = 0
@@ -76144,29 +76207,28 @@ def printShowSendAs(users):
           if (selection is None) or (sendas.get(selection, False)):
             _showSendAs(sendas, j, jcount, sigReplyFormat, verifyOnly)
         Ind.Decrement()
-      else:
+      elif results:
-        if results:
+        for sendas in results:
-          for sendas in results:
+          if (selection is None) or (sendas.get(selection, False)):
-            if (selection is None) or (sendas.get(selection, False)):
+            row = {'User': user, 'isPrimary': False}
-              row = {'User': user, 'isPrimary': False}
+            for item in sendas:
-              for item in sendas:
+              if item != 'smtpMsa':
-                if item != 'smtpMsa':
+                if item == 'signature':
-                  if item == 'signature':
+                  if verifyOnly:
-                    if verifyOnly:
+                    row[item] = bool(sendas[item])
-                      row[item] = bool(sendas[item])
+                  elif sigReplyFormat != SIG_REPLY_COMPACT:
-                    elif sigReplyFormat != SIG_REPLY_COMPACT:
-                      row[item] = sendas[item]
-                    else:
-                      row[item] = sendas[item].replace('\r', '').replace('\n', '')
-                  else:
                     row[item] = sendas[item]
+                  else:
+                    row[item] = sendas[item].replace('\r', '').replace('\n', '')
                 else:
-                  for field in SMTPMSA_DISPLAY_FIELDS:
+                  row[item] = sendas[item]
-                    if field in sendas[item]:
+              else:
-                      row[f'smtpMsa{GC.Values[GC.CSV_OUTPUT_SUBFIELD_DELIMITER]}{field}'] = sendas[item][field]
+                for field in SMTPMSA_DISPLAY_FIELDS:
-              csvPF.WriteRowTitles(row)
+                  if field in sendas[item]:
-        elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+                    row[f'smtpMsa{GC.Values[GC.CSV_OUTPUT_SUBFIELD_DELIMITER]}{field}'] = sendas[item][field]
-          csvPF.WriteRowNoFilter({'User': user})
+            csvPF.WriteRowTitles(row)
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
     except GAPI.serviceNotAvailable:
       userGmailServiceNotEnabledWarning(user, i, count)
   if csvPF:
@@ -76554,8 +76616,8 @@ def _printShowCSEItems(users, entityType, keyField, timeObjects):
     except GAPI.serviceNotAvailable:
       userGmailServiceNotEnabledWarning(user, i, count)
       continue
-    jcount = len(results)
     if not csvPF:
+      jcount = len(results)
       if not  FJQC.formatJSON:
         entityPerformActionNumItems([Ent.USER, user], jcount, entityType, i, count)
       j = 0
@@ -77510,7 +77572,7 @@ def printShowNotes(users):
               note.pop('permissions', None)
             _showNote(note, j, jcount, FJQC, compact)
         Ind.Decrement()
-      else:
+      elif notes:
         for note in notes:
           if showPermissions:
             _assignNoteOwner(note, user)
@@ -77527,6 +77589,8 @@ def printShowNotes(users):
               row['JSON'] = json.dumps(cleanJSON(note, timeObjects=NOTES_TIME_OBJECTS),
                                        ensure_ascii=False, sort_keys=True)
               csvPF.WriteRowNoFilter(row)
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
     except (GAPI.badRequest, GAPI.invalidArgument, GAPI.notFound) as e:
       entityActionFailedWarning([Ent.USER, user, Ent.NOTE, None], str(e), i, count)
     except GAPI.authError:
@@ -78316,7 +78380,7 @@ def printShowTasklists(users):
         j += 1
         _showTasklist(tasklist, j, jcount, FJQC)
       Ind.Decrement()
-    else:
+    elif tasklists:
       for tasklist in tasklists:
         row = flattenJSON(tasklist, flattened={'User': user}, skipObjects=TASKLIST_SKIP_OBJECTS, timeObjects=TASKLIST_TIME_OBJECTS)
         if not FJQC.formatJSON:
@@ -78326,6 +78390,8 @@ def printShowTasklists(users):
           row['JSON'] = json.dumps(cleanJSON(tasklist, skipObjects=TASKLIST_SKIP_OBJECTS, timeObjects=TASKLIST_TIME_OBJECTS),
                                    ensure_ascii=False, sort_keys=True)
           csvPF.WriteRowNoFilter(row)
+    elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+      csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile(CSVTitle)
 
@@ -78451,8 +78517,8 @@ def printShowTagManagerObjects(users, entityType):
       except (GAPI.badRequest, GAPI.invalid, GAPI.notFound) as e:
         entityActionFailedWarning([Ent.USER, user, entityType, kwargs['parent']], str(e), j, jcount)
         continue
-      kcount = len(results)
       if not csvPF:
+        kcount = len(results)
         if not  FJQC.formatJSON:
           entityPerformActionNumItems([Ent.USER, user], kcount, entityType, j, jcount)
         Ind.Increment()
@@ -78470,7 +78536,7 @@ def printShowTagManagerObjects(users, entityType):
           else:
             printLine(json.dumps(cleanJSON(result), ensure_ascii=False, sort_keys=True))
         Ind.Decrement()
-      else:
+      elif results:
         for result in results:
           baseRow = {'User': user}
           for tmid in parameters['idList']:
@@ -78482,6 +78548,8 @@ def printShowTagManagerObjects(users, entityType):
             row = {'User': user, parameters['name']: result[parameters['name']], 'path': result['path']}
             row['JSON'] = json.dumps(cleanJSON(result), ensure_ascii=False, sort_keys=True)
             csvPF.WriteRowNoFilter(row)
+      elif GC.Values[GC.CSV_OUTPUT_USERS_AUDIT]:
+        csvPF.WriteRowNoFilter({'User': user})
   if csvPF:
     csvPF.writeCSVfile(Ent.Plural(entityType))
 

wiki/Basic-Items.md

@@ -409,6 +409,8 @@
 <MatterItem> ::= <UniqueID>|<String>
 <MatterState> ::= open|closed|deleted
 <MeetConferenceName> ::= conferenceRecords/<String>
+<MeetID> ::= <String>
+       Must match this Python Regular Expression: [a-z]{3}-[a-z]{4}-[a-z]{3}
 <MeetSpaceName> ::= spaces/<String> | <String>
 <MessageContent> ::=
         (message|textmessage|htmlmessage <String>)|

wiki/Calendars-Events.md

@@ -78,6 +78,8 @@ Client access works when accessing Resource calendars.
         <CSVkmdSelector> | <CSVDataSelector>
         See: https://github.com/GAM-team/GAM/wiki/Collections-of-Items
 <iCalUID> ::= <String>
+<MeetID> ::= <String>
+       Must match this Python Regular Expression: [a-z]{3}-[a-z]{4}-[a-z]{3}
 
 <EventAttachmentsSubfieldName> ::=
         attachments.fileid|
@@ -150,7 +152,8 @@ Client access works when accessing Resource calendars.
         endtimeunspecified|
         extendedproperties|
         eventtype|
-        <EventFocusTimePropertiesSubfieldName>
+        focustimeproperties|
+        <EventFocusTimePropertiesSubfieldName>|
         gadget|
         guestscaninviteothers|
         guestscanmodify|
@@ -164,7 +167,8 @@ Client access works when accessing Resource calendars.
         organizer|
         <EventOrganizerSubfieldName>|
         originalstart|originalstarttime|
-        <EventOutOfOfficePropertiesSubfieldName>
+        outofofficeproperties|
+        <EventOutOfOfficePropertiesSubfieldName>|
         privatecopy|
         recurrence|
         recurringeventid|
@@ -254,6 +258,7 @@ Client access works when accessing Resource calendars.
         (birthday <Date>)|
         (color <EventColorName>)|
         (colorindex|colorid <EventColorIndex>)|
+        (conferencedata meet <MeetID>)|
         (description <String>)|
         (end|endtime (allday <Date>)|<Time>)|
         (guestscaninviteothers <Boolean>)|

wiki/GamUpdates.md

@@ -10,6 +10,23 @@ Add the `-s` option to the end of the above commands to suppress creating the `g
 
 See [Downloads-Installs-GAM7](https://github.com/GAM-team/GAM/wiki/Downloads-Installs) for Windows or other options, including manual installation
 
+### 7.30.03
+
+Updated `gam report <ActivityApplicationName>` to reflect the changes described here:
+* See: https://workspaceupdates.googleblog.com/2025/12/google-workspace-audit-log-api.html
+
+Added option `resourcedetailsfilter <String>` to `gam report <ActivityApplicationName>` described here:
+* See: https://developers.google.com/workspace/admin/reports/reference/rest/v1/activities/list#query-parameters
+
+For `gam <UserTypeEntity> print <Objects>`, expanded the list of `<Objects>` covered by `gam.cfg csv_output_users_audit = True`.
+
+### 7.30.02
+
+Added option `conferencedata meet <MeetID>` to `<EventAttribute>` that allows specifying
+a reference to an existing Google Meet when creating/updating a calendar event.
+
+Upgraded to Python 3.14.2.
+
 ### 7.30.01
 
 Fixed bug introduced in 7.30.00 that caused errors when reading CSV files.

wiki/How-to-Upgrade-Legacy-GAM-to-GAM7.md

@@ -252,9 +252,9 @@ writes the credentials into the file oauth2.txt.
 admin@server:/Users/admin$ rm -f /Users/admin/GAMConfig/oauth2.txt
 admin@server:/Users/admin$ gam version
 WARNING: Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: /Users/admin/GAMConfig/oauth2.txt, Not Found
-GAM 7.30.01 - https://github.com/GAM-team/GAM - pyinstaller
+GAM 7.30.03 - https://github.com/GAM-team/GAM - pyinstaller
 GAM Team <google-apps-manager@googlegroups.com>
-Python 3.14.1 64-bit final
+Python 3.14.2 64-bit final
 macOS Tahoe 26.1 x86_64
 Path: /Users/admin/bin/gam7
 Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com
@@ -990,9 +990,9 @@ writes the credentials into the file oauth2.txt.
 C:\>del C:\GAMConfig\oauth2.txt
 C:\>gam version
 WARNING: Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\GAMConfig\oauth2.txt, Not Found
-GAM 7.30.01 - https://github.com/GAM-team/GAM - pythonsource
+GAM 7.30.03 - https://github.com/GAM-team/GAM - pythonsource
 GAM Team <google-apps-manager@googlegroups.com>
-Python 3.14.1 64-bit final
+Python 3.14.2 64-bit final
 Windows 11 10.0.26200 AMD64
 Path: C:\GAM7
 Config File: C:\GAMConfig\gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com

wiki/Reports.md

@@ -12,10 +12,14 @@
 - [User reports](#user-reports)
 
 ## API documentation
-Changes starting 2025-10-29.
+* [Activity Data Sources](https://support.google.com/a/answer/11482175)
 
+Changes starting 2025-10-29.
 * [Reports API - Admin log event changes](https://support.google.com/a/answer/16601511)
 
+Changes starting 2025-12-20
+* [Reports API - Admin log enhancements](https://workspaceupdates.googleblog.com/2025/12/google-workspace-audit-log-api.html)
+
 These pages show event/parameter names; scroll down in the left column to: Reports.
 
 * [Reports API - Activities](https://developers.google.com/admin-sdk/reports/v1/reference/activities)
@@ -45,28 +49,41 @@ config csv_output_row_filter "'\"accounts:used_quota_in_mb\":count>15000'"
 ## Activity reports
 ```
 <ActivityApplicationName> ::=
+        accessevaluation|
         accesstransparency|access|
         admin|
+        admindataaction|
+        assignments|
         calendar|calendars|
         chat|
         chrome|
         classroom|
+        cloudsearch|
+        contacts|
         contextawareaccess|
+        datamigration|
         datastudio|
+        directorysync|
         drive|doc|docs|
         gcp|cloud|
         geminiinworkspaceapps|gemini|geminiforworkspace|
         gmail|
         gplus|currents|google+|
+        graduation|
         groups|group|
         groupsenterprise|enterprisegroups|
         jamboard|
         keep|
+        ldap|
         login|logins|
         meet|hangoutsmeet|
+        meethardware|
         mobile|devices|
+        profile|
         rules|
         saml|
+        takeout|
+        tasks|
         token|tokens|oauthtoken|
         useraccounts|
         vault
@@ -77,7 +94,7 @@ gam report <ActivityApplicationName> [todrive <ToDriveAttribute>*]
          yesterday|today|thismonth|(previousmonths <Integer>)]
         [filter <String> (filtertime<String> <Time>)*]
         [event|events <EventNameList>] [ip <String>]
-        [groupidfilter <String>]
+        [groupidfilter <String>] [resourcedetailsfilter <String>]
         [maxactivities <Number>] [maxevents <Number>] [maxresults <Number>]
         [countsonly [bydate|summary] [eventrowfilter]]
         (addcsvdata <FieldName> <String>)* [shownoactivities]
@@ -111,6 +128,12 @@ The `filtertime<String> <Time>` value replaces the string `#filtertime<String>#`
 The characters following `filtertime` can be any combination of lowercase letters and numbers. This is most useful in scripts
 where you can specify a relative date without having to change the script.
 
+Limit to those users that are a member of at least one of a list of groups.
+* `groupidfilter <String>` - Format: "id:abc123,id:xyz456"
+
+Limit based on resource details.
+* `resourcedetailsfilter <String>` - See: https://developers.google.com/workspace/admin/reports/reference/rest/v1/activities/list#query-parameters
+
 You can use `config csv_output_row_filter` to filter the events if the API filter can't produce the results you want.
 
 Limit to a list of specific events.
@@ -119,9 +142,6 @@ Limit to a list of specific events.
 Limit to a specific IP address.
 * `ip <String>`
 
-Limit to those users that are a member of at least one of a list of groups.
-* `groupidfilter <String>` - Format: "id:abc123,id:xyz456"
-
 Limit the total number of activites.
 * `maxactivities <Number>`
 

wiki/Users-Calendars-Events.md

@@ -114,6 +114,8 @@
 <CourseState> ::= active|archived|provisioned|declined
 <CourseStateList> ::= all|"<CourseState>(,<CourseState>)*"
 <iCalUID> ::= <String>
+<MeetID> ::= <String>
+       Must match this Python Regular Expression: [a-z]{3}-[a-z]{4}-[a-z]{3}
 <ResourceID> ::= <String>
 <ResourceIDList> ::= "<ResourceID>(,<ResourceID>)*"
 <UniqueID> ::= id:<String>
@@ -215,7 +217,8 @@
         endtimeunspecified|
         extendedproperties|
         eventtype|
-        <EventFocusTimePropertiesSubfieldName>
+        focustimeproperties|
+        <EventFocusTimePropertiesSubfieldName>|
         gadget|
         guestscaninviteothers|
         guestscanmodify|
@@ -229,7 +232,8 @@
         organizer|
         <EventOrganizerSubfieldName>|
         originalstart|originalstarttime|
-        <EventOutOfOfficePropertiesSubfieldName>
+        outofofficeproperties|
+        <EventOutOfOfficePropertiesSubfieldName>|
         privatecopy|
         recurrence|
         recurringeventid|
@@ -320,6 +324,7 @@
         (birthday <Date>)|
         (color <EventColorName>)|
         (colorindex|colorid <EventColorIndex>)|
+        (conferencedata meet <MeetID>)|
         (description <String>)|
         (end|endtime (allday <Date>)|<Time>)|
         (guestscaninviteothers <Boolean>)|

wiki/Version-and-Help.md

@@ -3,9 +3,9 @@
 Print the current version of Gam with details
 ```
 gam version
-GAM 7.30.01 - https://github.com/GAM-team/GAM - pyinstaller
+GAM 7.30.03 - https://github.com/GAM-team/GAM - pyinstaller
 GAM Team <google-apps-manager@googlegroups.com>
-Python 3.14.1 64-bit final
+Python 3.14.2 64-bit final
 macOS Tahoe 26.1 x86_64
 Path: /Users/Admin/bin/gam7
 Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com
@@ -15,9 +15,9 @@ Time: 2023-06-02T21:10:00-07:00
 Print the current version of Gam with details and time offset information
 ```
 gam version timeoffset
-GAM 7.30.01 - https://github.com/GAM-team/GAM - pyinstaller
+GAM 7.30.03 - https://github.com/GAM-team/GAM - pyinstaller
 GAM Team <google-apps-manager@googlegroups.com>
-Python 3.14.1 64-bit final
+Python 3.14.2 64-bit final
 macOS Tahoe 26.1 x86_64
 Path: /Users/Admin/bin/gam7
 Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com
@@ -27,9 +27,9 @@ Your system time differs from www.googleapis.com by less than 1 second
 Print the current version of Gam with extended details and SSL information
 ```
 gam version extended
-GAM 7.30.01 - https://github.com/GAM-team/GAM - pyinstaller
+GAM 7.30.03 - https://github.com/GAM-team/GAM - pyinstaller
 GAM Team <google-apps-manager@googlegroups.com>
-Python 3.14.1 64-bit final
+Python 3.14.2 64-bit final
 macOS Tahoe 26.1 x86_64
 Path: /Users/Admin/bin/gam7
 Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com
@@ -68,7 +68,7 @@ MacOS High Sierra 10.13.6 x86_64
 Path: /Users/Admin/bin/gam7
 Version Check:
   Current: 5.35.08
-   Latest: 7.30.01
+   Latest: 7.30.03
 echo $?
 1
 ```
@@ -76,7 +76,7 @@ echo $?
 Print the current version number without details
 ```
 gam version simple
-7.30.01
+7.30.03
 ```
 In Linux/MacOS you can do:
 ```
@@ -86,9 +86,9 @@ echo $VER
 Print the current version of Gam and address of this Wiki
 ```
 gam help
-GAM 7.30.01 - https://github.com/GAM-team/GAM
+GAM 7.30.03 - https://github.com/GAM-team/GAM
 GAM Team <google-apps-manager@googlegroups.com>
-Python 3.14.1 64-bit final
+Python 3.14.2 64-bit final
 macOS Tahoe 26.1 x86_64
 Path: /Users/Admin/bin/gam7
 Config File: /Users/admin/GAMConfig/gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com

wiki/gam.cfg.md

@@ -290,8 +290,6 @@ csv_output_timestamp_column
 csv_output_users_audit
         Gam print commands that print objects belonging to users
         don't print rows for users that don't have any of the objects.
-        The objects are: calendars, calendar ACLs, calendar events, delegates, filters,
-        forwarding addresses, sendas addresses, S/MIME certificates and tokens.
         When csv_output_users_audit is true, a placeholder row will be output with the
         user's email address; these rows will useful for auditing purposes only,
         they can not be successfuly used in a gam csv command.