lita-gsuite 0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/README.md +134 -0
- data/lib/lita-gsuite.rb +15 -0
- data/lib/lita/commands/deletion_candidates.rb +49 -0
- data/lib/lita/commands/empty_groups.rb +36 -0
- data/lib/lita/commands/list_activities.rb +27 -0
- data/lib/lita/commands/list_admins.rb +39 -0
- data/lib/lita/commands/no_org_unit.rb +38 -0
- data/lib/lita/commands/suspension_candidates.rb +49 -0
- data/lib/lita/commands/two_factor_off.rb +49 -0
- data/lib/lita/commands/two_factor_stats.rb +56 -0
- data/lib/lita/google_activity.rb +50 -0
- data/lib/lita/google_group.rb +29 -0
- data/lib/lita/google_organisation_unit.rb +16 -0
- data/lib/lita/google_user.rb +69 -0
- data/lib/lita/gsuite.rb +373 -0
- data/lib/lita/gsuite_gateway.rb +101 -0
- data/lib/lita/redis_token_store.rb +48 -0
- data/lib/lita/weekly_schedule.rb +54 -0
- data/lib/lita/window_schedule.rb +50 -0
- metadata +166 -0
@@ -0,0 +1,101 @@
|
|
1
|
+
require 'lita/google_activity'
|
2
|
+
require 'lita/google_group'
|
3
|
+
require 'lita/google_organisation_unit'
|
4
|
+
require 'lita/google_user'
|
5
|
+
require 'google/apis/admin_directory_v1'
|
6
|
+
require 'google/apis/admin_reports_v1'
|
7
|
+
|
8
|
+
module Lita
|
9
|
+
# Wrapper class for interacting with the gsuite directory API. Use
|
10
|
+
# this to list users, groups, group members.
|
11
|
+
#
|
12
|
+
# It only has read-only permissions, so cannot make any changes.
|
13
|
+
#
|
14
|
+
# Usage:
|
15
|
+
#
|
16
|
+
# gateway = GsuiteGateway.new(
|
17
|
+
# user_authorization: auth
|
18
|
+
# )
|
19
|
+
#
|
20
|
+
# The user_authorization argument should be an auth object generated
|
21
|
+
# the googleauth gem - check its documentation for more details on the
|
22
|
+
# ways to build one of these objects.
|
23
|
+
#
|
24
|
+
class GsuiteGateway
|
25
|
+
OAUTH_SCOPES = [
|
26
|
+
"https://www.googleapis.com/auth/admin.directory.user.readonly",
|
27
|
+
"https://www.googleapis.com/auth/admin.directory.orgunit.readonly",
|
28
|
+
"https://www.googleapis.com/auth/admin.reports.audit.readonly",
|
29
|
+
"https://www.googleapis.com/auth/admin.directory.group.readonly"
|
30
|
+
]
|
31
|
+
|
32
|
+
def initialize(user_authorization: nil)
|
33
|
+
@user_authorization = user_authorization
|
34
|
+
end
|
35
|
+
|
36
|
+
def admin_activities(start_time, end_time)
|
37
|
+
data = reports_service.list_activities("all", "admin", start_time: start_time.iso8601, end_time: end_time.iso8601)
|
38
|
+
activities = data.items || []
|
39
|
+
activities.map { |item|
|
40
|
+
GoogleActivity.from_api(item)
|
41
|
+
}.flatten
|
42
|
+
end
|
43
|
+
|
44
|
+
# return an Array of all groups
|
45
|
+
def groups
|
46
|
+
data = directory_service.list_groups(max_results: 500, customer: "my_customer")
|
47
|
+
data.groups.map { |group|
|
48
|
+
GoogleGroup.from_api(group)
|
49
|
+
}
|
50
|
+
end
|
51
|
+
|
52
|
+
def organisational_units
|
53
|
+
data = directory_service.list_org_units("my_customer", type: "children")
|
54
|
+
data.organization_units.map { |ou|
|
55
|
+
GoogleOrganisationUnit.from_api(ou)
|
56
|
+
}
|
57
|
+
end
|
58
|
+
|
59
|
+
# return a list of users that have Two Factor Auth enabled
|
60
|
+
def two_factor_users
|
61
|
+
list_users("isEnrolledIn2Sv=true")
|
62
|
+
end
|
63
|
+
|
64
|
+
# return all users
|
65
|
+
def users
|
66
|
+
list_users
|
67
|
+
end
|
68
|
+
|
69
|
+
# return super administrators
|
70
|
+
def super_admins
|
71
|
+
list_users("isAdmin=true")
|
72
|
+
end
|
73
|
+
|
74
|
+
# return administrators with delegated administration of some users or groups
|
75
|
+
def delegated_admins
|
76
|
+
list_users("isDelegatedAdmin=true")
|
77
|
+
end
|
78
|
+
|
79
|
+
private
|
80
|
+
|
81
|
+
def list_users(query = nil)
|
82
|
+
data = directory_service.list_users(max_results: 500, customer: "my_customer", query: query)
|
83
|
+
data.users.map { |user|
|
84
|
+
GoogleUser.from_api_user(user)
|
85
|
+
}
|
86
|
+
end
|
87
|
+
|
88
|
+
def directory_service
|
89
|
+
@directory_service ||= Google::Apis::AdminDirectoryV1::DirectoryService.new.tap { |service|
|
90
|
+
service.authorization = @user_authorization
|
91
|
+
}
|
92
|
+
end
|
93
|
+
|
94
|
+
def reports_service
|
95
|
+
@reports_service ||= Google::Apis::AdminReportsV1::ReportsService.new.tap { |service|
|
96
|
+
service.authorization = @user_authorization
|
97
|
+
}
|
98
|
+
end
|
99
|
+
|
100
|
+
end
|
101
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
module Lita
|
2
|
+
# This is a local, simplified copy of Google::Auth::Stores::RedisTokenStore.
|
3
|
+
#
|
4
|
+
# After a user authenticates via Google OAuth we need to store a copy of their
|
5
|
+
# tokens in redis so we can call the Google APIs on their behalf. The googleauth
|
6
|
+
# library can store the tokens using any class that conforms to the
|
7
|
+
# Google::Auth::TokenStore contract.
|
8
|
+
#
|
9
|
+
# The RedisTokenStore provided by the googleauth gem works well enough, but it
|
10
|
+
# assumes that the provided redis object is a plain Redis instance. Lita wraps
|
11
|
+
# the Redis instance in a Redis::Namespace, so we need this custom store implementation.
|
12
|
+
#
|
13
|
+
# A nice side-effect is that we can rely on the Redis::Namespace instance to prefix keys
|
14
|
+
# for us which removes some complexity from the class.
|
15
|
+
#
|
16
|
+
class RedisTokenStore
|
17
|
+
KEY_PREFIX = 'g-user-token:'
|
18
|
+
|
19
|
+
# Create a new store with the supplied redis client.
|
20
|
+
#
|
21
|
+
def initialize(redis)
|
22
|
+
@redis = redis
|
23
|
+
end
|
24
|
+
|
25
|
+
def load(id)
|
26
|
+
key = key_for(id)
|
27
|
+
@redis.get(key)
|
28
|
+
end
|
29
|
+
|
30
|
+
def store(id, token)
|
31
|
+
key = key_for(id)
|
32
|
+
@redis.set(key, token)
|
33
|
+
end
|
34
|
+
|
35
|
+
def delete(id)
|
36
|
+
key = key_for(id)
|
37
|
+
@redis.del(key)
|
38
|
+
end
|
39
|
+
|
40
|
+
private
|
41
|
+
|
42
|
+
# Generate a redis key from a token ID
|
43
|
+
#
|
44
|
+
def key_for(id)
|
45
|
+
KEY_PREFIX + id
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
module Lita
|
2
|
+
class WeeklySchedule
|
3
|
+
attr_reader :id, :room_id, :user_id, :day, :time, :cmd
|
4
|
+
|
5
|
+
def initialize(id:, room_id:, user_id:, day:, time:, cmd:)
|
6
|
+
@id = id
|
7
|
+
@room_id, @user_id = room_id, user_id
|
8
|
+
@day, @time = day.to_s.to_sym, time.to_s
|
9
|
+
@cmd = cmd.new if cmd
|
10
|
+
end
|
11
|
+
|
12
|
+
def name
|
13
|
+
@cmd.name
|
14
|
+
end
|
15
|
+
|
16
|
+
def run(*args)
|
17
|
+
@cmd.run(*args)
|
18
|
+
end
|
19
|
+
|
20
|
+
def valid?
|
21
|
+
room_id && user_id && valid_day? && valid_time? && valid_cmd?
|
22
|
+
end
|
23
|
+
|
24
|
+
def to_json
|
25
|
+
{
|
26
|
+
id: @id,
|
27
|
+
day: @day,
|
28
|
+
time: @time,
|
29
|
+
cmd: @cmd.name,
|
30
|
+
user_id: @user_id,
|
31
|
+
room_id: @room_id,
|
32
|
+
}.to_json
|
33
|
+
end
|
34
|
+
|
35
|
+
def human
|
36
|
+
"Weekly (id: #{@id}): #{@day} #{@time} - #{@cmd.name}"
|
37
|
+
end
|
38
|
+
|
39
|
+
private
|
40
|
+
|
41
|
+
def valid_day?
|
42
|
+
[:monday, :tuesday, :wednesday, :thursday, :friday, :saturday, :sunday].include?(day)
|
43
|
+
end
|
44
|
+
|
45
|
+
def valid_time?
|
46
|
+
time.match(/\A\d\d:\d\d\Z/)
|
47
|
+
end
|
48
|
+
|
49
|
+
def valid_cmd?
|
50
|
+
cmd.respond_to?(:run)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
module Lita
|
2
|
+
class WindowSchedule
|
3
|
+
attr_reader :id, :room_id, :user_id, :cmd
|
4
|
+
|
5
|
+
def initialize(id:, room_id:, user_id:, cmd:)
|
6
|
+
@id = id
|
7
|
+
@room_id, @user_id = room_id, user_id
|
8
|
+
@cmd = cmd.new if cmd
|
9
|
+
end
|
10
|
+
|
11
|
+
def duration_minutes
|
12
|
+
@cmd.duration_minutes
|
13
|
+
end
|
14
|
+
|
15
|
+
def buffer_minutes
|
16
|
+
@cmd.buffer_minutes
|
17
|
+
end
|
18
|
+
|
19
|
+
def name
|
20
|
+
@cmd.name
|
21
|
+
end
|
22
|
+
|
23
|
+
def run(*args)
|
24
|
+
@cmd.run(*args)
|
25
|
+
end
|
26
|
+
|
27
|
+
def human
|
28
|
+
"Sliding Window (id: #{@id}): #{@cmd.name}"
|
29
|
+
end
|
30
|
+
|
31
|
+
def valid?
|
32
|
+
room_id && user_id && valid_cmd?
|
33
|
+
end
|
34
|
+
|
35
|
+
def to_json
|
36
|
+
{
|
37
|
+
id: @id,
|
38
|
+
cmd: @cmd.name,
|
39
|
+
user_id: @user_id,
|
40
|
+
room_id: @room_id,
|
41
|
+
}.to_json
|
42
|
+
end
|
43
|
+
|
44
|
+
private
|
45
|
+
|
46
|
+
def valid_cmd?
|
47
|
+
cmd.respond_to?(:run)
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
metadata
ADDED
@@ -0,0 +1,166 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: lita-gsuite
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: '0.5'
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- James Healy
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2017-06-04 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: rake
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rspec
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '3.4'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '3.4'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: pry
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rdoc
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: lita-timing
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0.3'
|
76
|
+
type: :runtime
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0.3'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: lita
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :runtime
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: google-api-client
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0.9'
|
104
|
+
type: :runtime
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - "~>"
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0.9'
|
111
|
+
description: Adds commands to lita for monitoring gsuite account activity and flagging
|
112
|
+
potential issues
|
113
|
+
email:
|
114
|
+
- james.healy@theconversation.edu.au
|
115
|
+
executables: []
|
116
|
+
extensions: []
|
117
|
+
extra_rdoc_files:
|
118
|
+
- README.md
|
119
|
+
- MIT-LICENSE
|
120
|
+
files:
|
121
|
+
- MIT-LICENSE
|
122
|
+
- README.md
|
123
|
+
- lib/lita-gsuite.rb
|
124
|
+
- lib/lita/commands/deletion_candidates.rb
|
125
|
+
- lib/lita/commands/empty_groups.rb
|
126
|
+
- lib/lita/commands/list_activities.rb
|
127
|
+
- lib/lita/commands/list_admins.rb
|
128
|
+
- lib/lita/commands/no_org_unit.rb
|
129
|
+
- lib/lita/commands/suspension_candidates.rb
|
130
|
+
- lib/lita/commands/two_factor_off.rb
|
131
|
+
- lib/lita/commands/two_factor_stats.rb
|
132
|
+
- lib/lita/google_activity.rb
|
133
|
+
- lib/lita/google_group.rb
|
134
|
+
- lib/lita/google_organisation_unit.rb
|
135
|
+
- lib/lita/google_user.rb
|
136
|
+
- lib/lita/gsuite.rb
|
137
|
+
- lib/lita/gsuite_gateway.rb
|
138
|
+
- lib/lita/redis_token_store.rb
|
139
|
+
- lib/lita/weekly_schedule.rb
|
140
|
+
- lib/lita/window_schedule.rb
|
141
|
+
homepage: http://github.com/yob/lita-gsuite
|
142
|
+
licenses:
|
143
|
+
- MIT
|
144
|
+
metadata:
|
145
|
+
lita_plugin_type: handler
|
146
|
+
post_install_message:
|
147
|
+
rdoc_options: []
|
148
|
+
require_paths:
|
149
|
+
- lib
|
150
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
151
|
+
requirements:
|
152
|
+
- - ">="
|
153
|
+
- !ruby/object:Gem::Version
|
154
|
+
version: 1.9.3
|
155
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
156
|
+
requirements:
|
157
|
+
- - ">="
|
158
|
+
- !ruby/object:Gem::Version
|
159
|
+
version: '0'
|
160
|
+
requirements: []
|
161
|
+
rubyforge_project:
|
162
|
+
rubygems_version: 2.6.11
|
163
|
+
signing_key:
|
164
|
+
specification_version: 4
|
165
|
+
summary: Monitor activity and data in a gsuite account
|
166
|
+
test_files: []
|