diff --git a/app/integrations/google_workspace/google_directory.py b/app/integrations/google_workspace/google_directory.py index dcfd3359..94945851 100644 --- a/app/integrations/google_workspace/google_directory.py +++ b/app/integrations/google_workspace/google_directory.py @@ -14,7 +14,7 @@ @handle_google_api_errors -def get_user(user_key, delegated_user_email=None): +def get_user(user_key, delegated_user_email=None, fields=None): """Get a user by user key in the Google Workspace domain. Args: @@ -38,6 +38,7 @@ def get_user(user_key, delegated_user_email=None): scopes, delegated_user_email, userKey=user_key, + fields=fields, ) @@ -107,9 +108,13 @@ def list_groups( @handle_google_api_errors -def list_group_members(group_key, delegated_user_email=None): +def list_group_members(group_key, delegated_user_email=None, fields=None): """List all group members in the Google Workspace domain. + Args: + group_key (str): The group's email address or unique group ID. + delegated_user_email (str): The email address of the user to impersonate. (default: must be defined in .env) + Returns: list: A list of group member objects. @@ -129,11 +134,12 @@ def list_group_members(group_key, delegated_user_email=None): paginate=True, groupKey=group_key, maxResults=200, + fields=fields, ) @handle_google_api_errors -def get_group(group_key): +def get_group(group_key, fields=None): scopes = ["https://www.googleapis.com/auth/admin.directory.group.readonly"] return execute_google_api_call( "admin", @@ -143,6 +149,7 @@ def get_group(group_key): scopes, DEFAULT_DELEGATED_ADMIN_EMAIL, groupKey=group_key, + fields=fields, ) @@ -180,7 +187,9 @@ def list_groups_with_members( Returns: list: A list of group objects with members. Any group without members will not be included. """ - groups = list_groups(query=query) + groups = list_groups( + query=query, fields="groups(email, name, directMembersCount, description)" + ) if not groups: return [] @@ -193,11 +202,17 @@ def list_groups_with_members( groups_with_members = [] for group in groups: - members = list_group_members(group["email"]) + logger.info(f"Getting members for group: {group['email']}") + members = list_group_members( + group["email"], fields="members(email, role, type, status)" + ) if members and members_details: detailed_members = [] for member in members: - detailed_members.append(get_user(member["email"])) + logger.info(f"Getting user details for member: {member['email']}") + detailed_members.append( + get_user(member["email"], fields="name, primaryEmail") + ) group["members"] = detailed_members groups_with_members.append(group) return groups_with_members diff --git a/app/integrations/google_workspace/google_service.py b/app/integrations/google_workspace/google_service.py index bcc4a22e..e4c0d8bb 100644 --- a/app/integrations/google_workspace/google_service.py +++ b/app/integrations/google_workspace/google_service.py @@ -152,7 +152,6 @@ def execute_google_api_call( k: v for k, v in formatted_kwargs.items() if k in supported_params } unsupported_params = set(formatted_kwargs.keys()) - set(filtered_params.keys()) - # filtered_params = kwargs if paginate: all_results = [] request = api_method(**filtered_params) diff --git a/app/modules/provisioning/groups.py b/app/modules/provisioning/groups.py index 6c6ec172..0f87b22d 100644 --- a/app/modules/provisioning/groups.py +++ b/app/modules/provisioning/groups.py @@ -44,7 +44,7 @@ def get_groups_from_integration( groups_filters=pre_processing_filters, query=query, ) - integration_name = "Google:" + integration_name = "Google" group_display_key = "name" members = "members" members_display_key = "primaryEmail" @@ -55,7 +55,7 @@ def get_groups_from_integration( members_details=members_details, groups_filters=pre_processing_filters, ) - integration_name = "AWS:" + integration_name = "AWS" group_display_key = "DisplayName" members = "GroupMemberships" members_display_key = "MemberId.UserName" @@ -82,7 +82,7 @@ def log_groups( members=None, members_details=True, members_display_key=None, - integration_name="", + integration_name="No Integration Name Provided", ): """Log the groups information. @@ -91,11 +91,11 @@ def log_groups( group_display_key (str, optional): The key to display in the logs. Defaults to None. """ if not group_display_key: - logger.warning(f"{integration_name}No group display key provided.") + logger.warning(f"{integration_name}:No group display key provided.") if not members: - logger.warning(f"{integration_name}No members key provided.") + logger.warning(f"{integration_name}:No members key provided.") if not members_display_key: - logger.warning(f"{integration_name}No members display key provided.") + logger.warning(f"{integration_name}:No members display key provided.") logger.info(f"{integration_name}Found {len(groups)} groups") for group in groups: diff --git a/app/tests/integrations/google_workspace/test_google_directory.py b/app/tests/integrations/google_workspace/test_google_directory.py index 0c5bfa41..43782cd9 100644 --- a/app/tests/integrations/google_workspace/test_google_directory.py +++ b/app/tests/integrations/google_workspace/test_google_directory.py @@ -30,6 +30,7 @@ def test_get_user_returns_user(execute_google_api_call_mock): ["https://www.googleapis.com/auth/admin.directory.user.readonly"], "default_delegated_admin_email", userKey="test_user_id", + fields=None, ) @@ -58,6 +59,7 @@ def test_get_user_uses_custom_delegated_user_email_if_provided( ["https://www.googleapis.com/auth/admin.directory.user.readonly"], "custom.email@domain.com", userKey="test_user_id", + fields=None, ) @@ -241,6 +243,7 @@ def test_list_group_members_calls_execute_google_api_call_with_correct_args( paginate=True, groupKey=group_key, maxResults=200, + fields=None, ) @@ -274,6 +277,7 @@ def test_list_group_members_uses_custom_delegated_user_email_if_provided( paginate=True, groupKey=group_key, maxResults=200, + fields=None, ) @@ -295,6 +299,7 @@ def test_get_group_calls_execute_google_api_call_with_correct_args( ["https://www.googleapis.com/auth/admin.directory.group.readonly"], "default_delegated_admin_email", groupKey=group_key, + fields=None, )