I would like to quickly list all Google Cloud projects in an organization, without AppScript folders.
gcloud projects list can be very slow. This documentation is about speeding it up, but does not show how to retrieve the Appscript folder which is used for filtering. Can that be done from the command line?
Also, gcloud projects list does not have a way to filter by organization. It seems that that is impossible as projects are not linked to their organization except through a tree of folders.
The documentation shows a way of walking the tree, apparently with Resource Manager API, which might do the job, but only pseudocode is shown. How can this be done with gcloud -- or else with Python or another language?
And if there is no way to accelerate this: How do I page through results using gcloud projects list? The documentation shows that page-size can be set, but does not show how to step through page by page (presumably by sending a page number with each command).
See also below for a reference to code I wrote that is the imperfect but best solution I could find.
Unfortunately there isn’t a native Apps Script resource available to work with Cloud Resource Manager API.
Although, it is possible to make a HTTP call directly to the Resource Manager API projects.list() endpoint with the help of UrlFetchApp service.
Alternatively, using Python as mentioned, the recommended Google APIs client library for python supports calls to Resource Manager API. You can find the specific projects.list() method documentation here.
On additional note, if you happen to use a Cloud project to generate credentials and authenticate the API call, you may want to enable Cloud Resource Manager API on your project by following this URL.
I’d also recommend submitting a new Feature Request using this template.
Here is some code that lists projects in an organization as quickly as possible. It is in Clojure, but it uses Java APIs and you can translate it easily.
Key steps
Query all accessible projects using CloudResourceManager projects(), using setQuery to accelerate the query by filtering out, for example, the hundreds of sys- projects often generated by AppScript. The query uses paging.
From the results
Accept those that are the child of the desired org
Reject those that are the child of another org.
For those that are the child of a folder, do this (concurrently, for speed): Use gcloud projects get-ancestors $PROJECT_ID to find the projects in your organization. (I don't see a way to do that in Java, and so I call the CLI.)
Related
Our server is customer deployed and uses a Google Drive API key to obtain a tutorial file
listing via
https://www.googleapis.com/drive/v3/files?q=%27FILE_ID%27+in+parents+and+trashed=false&maxResults=1000&key=API_KEY&fields=files(name,webViewLink,id,kind,mimeType)
and file contents via
https://www.googleapis.com/drive/v3/files/FILE_ID/export&key=API_KEY
It is unclear how we can set that API key to be read only though.
I do not see anything on these pages for example,
https://developers.google.com/drive/api/guides/about-auth
https://cloud.google.com/docs/authentication/api-keys
The restrictions you can set to an API key can be found here, so it is not possible to do it this way. Now, the way to achieve what you are trying to do would be by setting up the project with the correct OAuth scopes and using read only scopes, but that can limit your implementation as sometimes the API needs more scopes.
For example, if you were trying to list users using the Directory API, you can see the list of scopes needed here. If you check the list you will see that there is a read only scope listed there.
So, in your project you could just use this specific scope for your implementation, but again some actions require more than just this scope to work, so you could be limited by that as well depending on what your implementation is doing.
Same example for the Drive API in your case. The list of scopes for the Files: list method are here, and you also have read only scopes as you can see in the image below.
I was wondering if there is a way to automatically (or on a trigger) delete emails from a Google Group.
I use a Collaborative Inbox Group for archiving automated emails.
I looked at the Google Apps Script overview for Google Groups, but I don't see anything. It only seems like you can do this from GmailApp...
I also read this thread from 2012 but nothing helpful there
Answer:
Programmatically this isn't possible.
More Information:
The GroupsApp class of Apps Script only has read methods available for use - there is not a way of executing any write data using the class - for example deletion of emails.
Emails are sent to everyone in the group when a post is made (as per subscription settings). If you want the Email to be deleted then as you have already pointed out, you will need to use GmailApp to delete it from the recipients' inboxes.
In short: All mailbox manipulation must be done using the Gmail API (or GmailApp).
Feature Request:
You can however let Google know that this is a feature that is important for access to their APIs, and that you would like to request they implement it.
Google's Issue Tracker is a place for developers to report issues and make feature requests for their development services, I'd urge you to make a feature request there. The best component to file this under would be the Admin SDK component, with the Feature Request template.
Is it possible to export a member's join date to a google group? When you manually export a .csv from a group it gives information on the join date. However, in google app script, I don't see the option for this in the Groups Service. This is the information that is in the .csv:
Any help or resources would be appreciated!
Short answer:
No, you cannot do that programmatically.
Long answer:
Google Groups functionality is mainly handled by Directory API, in its Groups and Members resources. That's what the Apps Script Groups Service is using behind the scenes, and you could use its methods directly by enabling the Admin SDK Directory Service in your script (the APIs —and, as a result, the advanced services— usually have greater functionalities than the Apps Script built-in classes).
If you look at the properties of any of these resources (Groups and Members), you won't find anything close to a join date property, so it doesn't seem to be part of the open API, and can only be accessed through the UI.
The same can be said of Groups Settings API, which can be used to manage group settings: no join date can be found in its resources.
Because of this, you have no way to programmatically store and retrieve the group member's join dates.
Workaround (of a sort):
If you are adding members to a group programmatically, with the API method Members: insert, you could make your application store the date in which each member was added, and retrieve it later. This is not possible, though, if members are added through the UI.
Filing a Feature Request:
Since this resource does seem to exist already (it can be accessed through the UI), I'd suggest you to file a feature request in this Issue Tracker component to make this available to the API. If you do that, please make sure that you explain the usefulness of this functionality (explain how this could help you and, potentially, other users).
Reference:
Directory API: Groups
Directory API: Members
Directory API: Manage Groups
Questions regarding billing for Google API's or more specifically the places and maps Google API's.
We have an app which is part of a SAAS package. When clients use our Software we have maps and place's API built it, however we want to offset the cost of the bill using these API's to that particular client using the software.
Currently we have a single Google Project we created and enabled the API's on our own google account however this means we will foot the bill as its using our token.
Can clients somehow connect to our google project etc or do we simply need them to create their own google project and pass that token through? Is there a streamlined approach that covers this...
When we did for our multi tenant application we did create only one google project and billing was getting accumulated into a single account. We looked at what you're talked about but since google does not allow to bill separately without having separate google project. Google API billing works on google project id. We decided to bill our clients separately and handled all calls to Places API on a single google project.
Long story short - it was not easy to have our clients connect to our project without having them create their own google project we ended up with one google api project.
edit: also missed another important point - Google My Business API needed whitelisting for each project id so it was another reason to keep it as a single project
Passing the token to the application is a probably very bad idea and will result in a security risk for your client and their token if it is intercepted.
As a developer for the client they should create a token on their account and then they will be charged. They can then give it to you as the developer for use. This is however a gray area as technically you are not allowed to share your tokens with anyone TOC However i believe that client and developer relationship should be secure enough for sharing the token.
Ideally you should give the client the code they can then use their own token and run the application themselves.
I am evaluating box for enterprise accounts. Within version 1 docs there are Enterprise Commands such as
create_managed_user
edit_managed_user
etc
Is there V2 commands which are the same ?
Will the existing V1 Commands for these methods be deprecated ?
Updating this, since someone recently referred to it, even though this answer is pretty ancient.
Fully updated:
There is about 20% more surface area available for "Administrative use" in the V2 API, than there was in the V1 Box.com API.
Where? /users
POST to create a new one
GET /users to see all the users in the enterprise
PUT /users/ to update a specific user
GET /users/?fields=a,b,c to get specific fields you want to see, including some non default fields like their enterprise-id, their role, some permissions, etc. See the docs for users, and look for the green fields.
Where else? /groups
POST to create a new one
GET to get a list of all groups
GET /groups//memberships to get a list of all the users in a group
What else? as-user headers can let you build applications that automate processes for your users.
Of course to do all these things, you have to be an admin, granted the permissions to do these various different things.
The V2 API has some admin-level APIs, mostly under the /users endpoint (http://developers.box.com/docs/). However, many methods are still being added to the V2 API, and much of the administrative functionality is only available in the V1 API at the moment. The V2 API does not yet have equivalent method's for create_managed_user or edit_managed_user from V1.
We generally recommend that apps use the V2 API as much as possible, and include V1 calls when needed. As we add more methods to the V2 API, it's best to change your v1 calls as soon as you can.