Layanan Lanjutan Cloud Identity Groups (CIG) menyediakan paritas fitur untuk Groups Service API dan dapat digunakan sebagai gantinya.
Lihat metode helper yang disediakan untuk mempelajari cara mendapatkan kemampuan yang setara melalui CIG Advanced Service.
Penyiapan
Untuk menggunakan Layanan Lanjutan CIG, aktifkan terlebih dahulu dalam project skrip Anda.
Untuk mempersingkat beberapa tanda tangan metode dalam panduan ini, kami menentukan variabel berikut:
const groups = CloudIdentityGroups.Groups;
Metode GroupsApp
Metode bantuan berikut sesuai dengan metode Groups Service GroupsApp.
Dalam panduan ini, istilah grup merujuk pada Group Resource, bukan objek Group Class. Group Resources adalah objek JavaScript yang tidak memiliki metode, tetapi dapat digunakan di CIG Advanced Service untuk mengambil informasi serupa dengan yang ada di objek Group Class.
getGroupByEmail
/**
* Given a group's email, returns that group's resource
*
* @param {String} email: The email address to lookup a group by
* @return {Group} group: The group resource associated with the email
*/
function groupsAppGetGroupByEmail(email) {
// Retrieve the name ID of the group
const groupName = groups.lookup({
'groupKey.id': email,
'groupKey.namespace': '' // Optional for google groups, dynamic groups, and security groups
// Necessary for identity-mapped groups (see https://developers.google.com/cloud-search/docs/guides/identity-mapping)
}).name;
// Retrieve the group resource
return groups.get(groupName);
}
getGroups
Metode bantuan berikut menampilkan daftar Sumber Daya Keanggotaan.
Akses kolom group elemen untuk menemukan ID namanya. Hal ini berguna untuk
banyak metode CIG Advanced Service. Demikian pula, akses groupKey.id elemen untuk menemukan emailnya.
/**
* Retrieves all the membership relation resources to groups which you are a
* direct member (or a pending member).
*
* @return {Array<MembershipRelation>} groups : List of direct memberships where
* you are the member.
*/
function groupsAppGetGroups() {
const myEmail = Session.getActiveUser().getEmail();
let pageToken = '';
let membershipList = [];
do {
const queryParams = {
query:`member_key_id=='${myEmail}'`,
pageToken:pageToken
};
const searchResult = groups.Memberships.searchDirectGroups('groups/-', queryParams);
membershipList = membershipList.concat(searchResult.memberships);
pageToken = searchResult.nextPageToken;
} while (pageToken);
return membershipList;
}
Metode Grup
Metode bantuan berikut sesuai dengan metode Groups Service Groups Class.
getEmail
/**
* Gets a group's email address
*
* @param {Object} group: A group resource
* @return {String} email: The email associated with the group resource.
*/
function getEmail(group) {
return group.groupKey.id;
}
getGroups
Metode berikut menggunakan Memberships.list,
yang akan mengambil setiap keanggotaan ke grup tertentu. Hal ini dapat mencakup keanggotaan pengguna serta grup.
Untuk memperkirakan metode getGroups
Layanan Grup dengan lebih baik, kita dapat memfilter keanggotaan berdasarkan Type-nya.
Kita mendapatkan akses ke kolom ini dengan memberikan FULL View
sebagai parameter kueri ke Memberships.list
atau dengan melakukan Memberships.lookup
satu per satu untuk setiap keanggotaan yang diberikan.
/**
* Fetch a list of memberships with provided group as its parent
*
* @param {Group} group: A group resource
* @return {Array<Membership>} membershipList: The memberships where the parent
* is the provided group and member is a also a group.
*/
function getGroups(group) {
let membershipList = [];
let pageToken = '';
do {
// Fetch a page of memberships
const queryParams = {
view: 'FULL',
pageToken: pageToken
}
const response = groups.Memberships.list(group.name, queryParams);
// Filter non-group memberships
const onlyGroupMemberships = response.memberships.filter(
membership => membership.type == 'GROUP'
);
membershipList = membershipList.concat(onlyGroupMemberships);
// Set up next page
pageToken = response.nextPageToken;
} while(pageToken);
return membershipList;
}
getRole dan getRoles
Meskipun Layanan Grup mungkin hanya menampilkan peran dengan prioritas tertinggi di
getRole(), kolom roles dalam resource keanggotaan berisi elemen
terpisah untuk setiap peran yang memenuhi syarat bagi anggota (contoh: ANGGOTA, PEMILIK, ADMIN).
/**
* Retrieve the membership roles of a member to a group.
*
* @param {Group} containingGroup: The group whom the member belongs to
* @param {String} email: The email address associated with a member that
* belongs to the containingGroup
* @return {Array<Role>} roles: List of roles the member holds with respect to
* the containingGroup.
*/
function getRoleWithEmail(containingGroup, email) {
// First fetch the membership
const membershipName = groups.Memberships.lookup(containingGroup.name, { 'memberKey.id': email }).name;
const membership = groups.Memberships.get(membershipName);
// Then retrieve the role
return membership.roles;
}
/**
* Retrieve the membership roles of a member to a group.
*
* @param {Group} containingGroup: The group resource whom the member belongs to
* @param {User} user: The user associated with a member that belongs to the
* containingGroup
* @return {Array<Role>} roles: List of roles the member holds with respect to
* the containingGroup
*/
function getRoleWithUser(containingGroup, user) {
return getRoleWithEmail(containingGroup, user.getEmail());
}
/**
* Retrieve the membership roles of a group of members to a group
*
* @param {Group} containingGroup: The group resource to which roles are
* relevant
* @param {Array<User>} users: List of users to fetch roles from
* @return {Array<Array<Role>>} roles: A list where every element is a list of
* roles of member to the containingGroup
*/
function getRoles(containingGroup, users) {
let roles = [];
for (const user of users) {
roles.push(getRoleWithUser(containingGroup, user));
}
return roles;
}
getUsers
Mirip dengan pendekatan kami di getGroups, kami dapat mengambil keanggotaan grup dengan Memberships.list
dan memfilter hasil untuk hanya menyimpan Type target kami.
/**
* Given a group, retrieve its direct members and banned members of the group
* that have a known corresponding Google Account.
*
* @param {Group} group: The group Resource whom the users being queried belong
* to
* @return {Array<String>} users: A list of emails associated with members of
* the given group
*/
function getUsers(group) {
let userList = [];
let pageToken = '';
do {
// Fetch a page of memberships from the group
const queryParams = {
view: 'FULL',
pageToken: pageToken
}
const listResponse = groups.Memberships.list(group.name, queryParams);
// Filter non-users and keep member emails
const users = listResponse.memberships
.filter(membership => membership.type == 'USER')
.map(membership => membership.preferredMemberKey.id);
userList = userList.concat(users);
// Prepare next page
pageToken = listResponse.nextPageToken;
} while (pageToken);
return userList;
}
hasGroup dan hasUser
Baik Groups Service hasGroup
maupun hasUser
mengonfirmasi apakah suatu entitas adalah anggota grup tertentu. Mengingat bahwa Grup dan Pengguna dapat diwakili oleh alamat email, metode berikut dapat digunakan untuk mengonfirmasi apakah salah satunya termasuk dalam grup tertentu.
/**
* Tests if the given email has an associated direct member to the given group.
*
* @param {Group} group: Group resource to which the entity is being checked as
* a member
* @param {String} email: Email that can represent a Group or User entity
* @return {Boolean} isMember: Whether the entity is a direct member to the
* group or not
*/
function checkDirectGroupMembership(group, email) {
try {
groups.Memberships.lookup(group.name, {'memberKey.id': email});
} catch(e) {
// Log failure if exception is not related to membership existence
if (!e.message.includes('Membership does not exist.')) {
console.error(e);
}
return false;
}
return true;
}