0

我们注意到,如果群组成员不是 Google 帐户,则无法使用新的 Directory API 移除群组成员。我们已经使用 Dito GAM(注意我是 GAM 的作者)和 Google API Explorer 对此进行了测试。

如果要删除的成员是 Google 帐户,则操作正常:

C:\gam-64>gam update group group99@jay.powerposters.org remove google-user@jay.powerposters.org
 removing google-user@jay.powerposters.org
connect: (www.googleapis.com, 443)
send: 'DELETE /admin/directory/v1/groups/group99@jay.powerposters.org/members/google-user@jay.powerposters.org?quotaUser=1ee51612c9a0220af0cf5516a990b206e2a619e8&prettyPrint=true
HTTP/1.1
Host: www.googleapis.com
content-length: 0
authorization: Bearer <valid access token>
accept-encoding: gzip, deflate
accept: */*
user-agent: Dito GAM 3.01 / jay@ditoweb.com (Jay Lee) / Python 2.7.5 final / Windows-7-6.1.7601-SP1 AMD64 / google-api-python-client/1.2 (gzip)

reply: 'HTTP/1.1 204 No Content
header: Cache-Control: no-cache, no-store, max-age=0, must-revalidate
header: Pragma: no-cache
header: Expires: Fri, 01 Jan 1990 00:00:00 GMT
header: Date: Wed, 28 Aug 2013 12:57:06 GMT
header: ETag: "cZnI-gy4eI-n1-_cqk7okAteLZk/vyGp6PvFo4RvsFtPoIWeCReyIC8"
header: Server: GSE

这是预期的行为。但是,如果要删除的帐户不是 Google 帐户(Google Apps 或消费者),则会返回错误:

C:\gam-64>gam update group group99@jay.powerposters.org remove not-a-google-account@not-a-google-domain.com
 removing not-a-google-account@not-a-google-domain.com
connect: (www.googleapis.com, 443)
send: 'DELETE /admin/directory/v1/groups/group99@jay.powerposters.org/members/not-a-google-account@not-a-google-domain.com?quotaUser=1ee51612c9a0220af0cf5516a990b206e2a619e8&prettyPrint=true
HTTP/1.1
Host: www.googleapis.com\r\ncontent-length: 0
authorization: Bearer <valid oauth 2.0 token>
accept-encoding: gzip, deflate
accept: */*
user-agent: Dito GAM 3.01 / jay@ditoweb.com (Jay Lee) / Python 2.7.5 final / Windows-7-6.1.7601-SP1 AMD64 / google-api-python-client/1.2 (gzip)
reply: 'HTTP/1.1 400 Bad Request
header: Content-Type: application/json; charset=UTF-8
header: Content-Encoding: gzip
header: Date: Wed, 28 Aug 2013 13:00:02 GMT
header: Expires: Wed, 28 Aug 2013 13:00:02 GMT
header: Cache-Control: private, max-age=0
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Content-Length: 122
header: Server: GSE

body: {
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "badRequest",
    "message": "Bad Request"
   }
  ],
  "code": 400,
  "message": "Bad Request"
 }
}

Error 400: Bad Request - badRequest

请注意,Google API Explorer 中也会显示相同的行为:

http://screencast.com/t/fQZCnMYYs

https://developers.google.com/apis-explorer/#s/admin/directory_v1/directory.members.delete?groupKey=group99%2540jay.powerposters.org&memberKey=not-a-google-account%2540not-a-google -domain.com&_h=1&

应该可以通过 Directory API 从 Google Group 中删除任何地址

4

3 回答 3

1

谷歌已经解决了这个问题。从 Google 群组中删除非 Google 电子邮件地址现在可以正常工作。

于 2013-12-16T21:26:18.837 回答
1

我就此与 Google Enterprise 支持人员进行了交谈,他们承认这是一个错误(正如 Silvano 在这里所说的那样)。在与开发团队交谈后,他们告诉我解决此问题的方法是使用用户 ID 而不是电子邮件地址进行删除。

一个快速示例,说明如何使用成员 ID 删除所有成员。

Directory directory = 
    new Directory.Builder(httpTransport, jsonFactory, credentials)
                 .setApplicationName(APPLICATION_NAME)
                 .build(); 
Members members = directory.members().list(groupKey).execute();
for(Member member : members.getMembers()) {
    String memberId = member.getId();
    Delete delete = directory.members().delete(groupKey, memberId);
    delete.execute();
}

希望这会有所帮助,直到他们可以发布修复程序。

于 2013-09-26T17:11:49.067 回答
0

这是一个在 PHP 中使用添加和删除的工作示例。

function gmail_provision($email, $email_list, $requested_operation) {
  // requested_operation should be either add or delete

  require_once "google-api-php-client/src/Google_Client.php";
  require_once "google-api-php-client/src/contrib/Google_DirectoryService.php";
  require_once "google-api-php-client/src/contrib/Google_Oauth2Service.php";
  session_start();

  $group_scope = 'https://www.googleapis.com/auth/admin.directory.group';
  $service_account_email = '.....@developer.gserviceaccount.com';
  $service_account_pkcs12_file_path = '/path/to/...-privatekey.p12';
  $client_id = '......apps.googleusercontent.com';
  $adminEmail = 'admin-account@email.com;

  $key = file_get_contents($service_account_pkcs12_file_path);
  $auth = new Google_AssertionCredentials($service_account_email, array($group_scope),     $key, 'notasecret',  'http://oauth.net/grant_type/jwt/1.0/bearer', $adminEmail);
  $client = new Google_Client();
  $client->setClientId($client_id); // from API console
  $client->setApplicationName("API Project Name");
  $client->setUseObjects(true);
  $client->setAssertionCredentials($auth);

  try {
    // Adding or removing from specified list
    $sync_status = '';
    $service = new Google_DirectoryService($client);
    switch ($requested_operation) {
      case "add": // Add
        $member = new Google_Member(array('email' => $email,
                                          'kind' => 'admin#directory#member',
                                          'role' => 'MEMBER',
                                          'type' => 'USER'));
        $service->members->insert($email_list, $member);
        break;
      case "remove": // Remove
        // Users must be removed by ID not by email address
        // This is slow and should be changed when
        // Google fixes the bug and allows delete by email.

        // Get a list of email addresses in the list
        $results = $service->members->listMembers($email_list);
        // Push results into an array
        $arrResults = get_object_vars($results);

        // Recursive iterator
        $arrIt = new RecursiveIteratorIterator(new RecursiveArrayIterator($arrResults));

        // Cycle through the array searching for the email address
        foreach ($arrIt as $sub) {
          $subArray = $arrIt->getSubIterator();
          if ($subArray['email'] === $email) {
            // Store an array of the details associated
            // with the email address
            $outputArray[] = iterator_to_array($subArray);
          }
        }
        // Delete by id
        $service->members->delete($email_list, $outputArray[0]['id']);
        break;
    }
  }
  catch (Google_ServiceException $e) {
    // $e->getCode() 
    // $e->getMessage()
  }
  catch (Google_Exception $e) {
    // $e->getCode() 
    // $e->getMessage()
  }
  catch (Zend_Gdata_Gapps_ServiceException $e) {
    // $e->getCode() 
    // $e->getMessage()
  }
}
于 2013-10-14T18:46:29.493 回答