Implements Google Admin SDK Directory API support for Workspace user and group management with domain-wide delegation. New commands: - gog admin users list --domain example.com - gog admin users get user@example.com - gog admin users create user@example.com --given John --family Doe - gog admin users suspend user@example.com - gog admin groups list --domain example.com - gog admin groups members list group@example.com - gog admin groups members add group@example.com user@example.com --role MEMBER - gog admin groups members remove group@example.com user@example.com Closes #340 Note: This is a focused implementation of core user/group management. For full GAM feature parity (PR #179), additional work would be needed for: alerts, licenses, org units, printers, reports, vault, SSO, etc.
23 lines
736 B
Go
23 lines
736 B
Go
package googleapi
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
admin "google.golang.org/api/admin/directory/v1"
|
|
|
|
"github.com/steipete/gogcli/internal/googleauth"
|
|
)
|
|
|
|
// NewAdminDirectory creates an Admin SDK Directory service for user and group management.
|
|
// This API requires domain-wide delegation with a service account to manage Workspace users.
|
|
func NewAdminDirectory(ctx context.Context, email string) (*admin.Service, error) {
|
|
if opts, err := optionsForAccount(ctx, googleauth.ServiceAdmin, email); err != nil {
|
|
return nil, fmt.Errorf("admin directory options: %w", err)
|
|
} else if svc, err := admin.NewService(ctx, opts...); err != nil {
|
|
return nil, fmt.Errorf("create admin directory service: %w", err)
|
|
} else {
|
|
return svc, nil
|
|
}
|
|
}
|