I'm writing a command line script to subscribe every account on our Google domain (Apps for Education and Business) to a single academic schedule calendar. There doesn't seem to be an easy way to force this, so I'm using Calendar API V2 and the python API client to grab all the accounts and individually subscribe them to the calendar. The API responds differently depending on whether the user was already subscribed to the calendar, however the documentation doesn't seem to indicate any way to check whether someone is already subscribed to a calendar without changing the state of the subscription.
https://developers.google.com/google-apps/calendar/v2/developers_guide_python#ManagingSubscriptions
I need a non-destructive way to find out who is already subscribed to the calendar so we can make a list and roll-back should we decide to cancel this whole calendar endeavour.
Right now the best way I can think of doing this is to do perform the change and record which ones were already subscribed, but I'd really rather see if theres a side-effect free way of doing this before I unleash it on the production domain.
Any ideas?
You can retrieve a list of all the calendars in a user's list. Note that this includes hidden calendars that the user will not see in their UI:
https://developers.google.com/google-apps/calendar/v2/developers_guide_python#RetrievingCalendars
feed = calendar_client.GetAllCalendarsFeed()
print feed.title.text
for i, a_calendar in enumerate(feed.entry):
print '\t%s. %s' % (i, a_calendar.title.text,)
Related
I was wondering if it's possible to utilize the Instagram API with Python in order to gather info on follower account status to seek trends/activity/etc. for my platform. Basically I want to see what brands, etc. users engage with by using the API to see where the accounts who are part of my network go, what they click like on, where they leave a comment/what type of feedback they give/interact across brands. The accounts will consent to this of course, but is this even possible with the API anyways? I have seen services offer this for a fee, so I assumed it's possible somehow.
I assume that when a user leaves a comment it is stored in some database that you can then use the API to see if it matches with some ID or such -- if not then maybe there is a way to do this indirectly, i.e., some kind of background service that can see if a comment/ID matches a username without having to use the API itself. Basically I'm interested if this is feasible/simple -- I'm not too savvy!
This is meant for business and non-business/personal accounts -- also just for the fun of it too.
I have peeked at the API but it does not mention this, and no amount of searching narrows it down.
I know Facebook made some changes with their graph API which basically makes this a dead end on their platform without some possible hackaround if that is even theoretically possible.
I have an issue with getting a live list of users with two-step verification enabled from Google Admin using Admin-SDK.
The reporting API can be used to gather reports on who is currently enrolled, but these are not live, they are three days old. The directory API (users & groups) does not have this information.
What I am playing with now is scraping the google admin user page for enrollment status. My question is what is the source of the ID on the google admin page? It is not returned from the Directory API. Is it an encoded version of the userID?
This is the ID I refer to
I have found that you can get an up to date list of users with 2FA enabled. By downloading a list of users from the Google Admin "Users" page.
Click the three dot symbol on the top right of the page and then select download users. Select the scope of the download and then you will have up-to-date documents on who is enrolled.
The reports feature of Google Admin is three days behind, which includes the reporting API. The users API has no way to pull 2FA enrollment, but the download users button lets you know any stragglers.
The reason I asked the question in the first place is because when you force two-step verification via the policy in the Security section, users who do not already have it enabled are locked out, as they are prompted for a two-step verification code which they are unable to acquire. You can create a 2FA exception group which allows them to log in and set it up, but then you must remove the users from the group who have it enabled; just for housekeeping purposes.
I cannot see a way to do this pragmatically using the admin-SDK without using the reporting API, which is three days behind and hence outdated. automated fashion. I'd love to see someone who has made it happen, so feel free to chime in!
Assembla provides a simple way to fetch all commits of an organisation using api.assembla.com/v1/activity.json and it takes to and from parameters allowing to get commits of selected date(from all the spaces(repos) the user is participating.
Is there any similar way in Github ?
I found these for Github:
/repos/:owner/:repo/commits
Accepts since and until parameters for getting commits of selected date. But, since I want commits from all repos, I have to loop over all those repos and fetch commits for each repo.
/users/:user/events
This shows the commits of a user. I dont have any problem looping over all the users in the org, but how can I get for a particular date ?
/orgs/:org/events
This shows commits of all users of all repos but dont know how to fetch for a particular date ?
The problem with using the /users/:user/events endpoint is that you just don't get the PushEvents and you would have to skip over non-commit events and perform more calls to the API. Assuming you're authenticated, you should be safe so long as your users aren't hyper active.
For /orgs/:org/events I don't think they accept parameters for anything, but I can check with the API designers.
And just in case you aren't familiar, these are all paginated results. So you can go back until the beginning with the Link headers. My library (github3.py) provides iterators to do this for you automatically. You can also tell it how many events you'd like. (Same with commits, etc). But yeah, I'll come back an edit after talking to the API guys at GitHub.
Edit: Conversation
You might want to check out the GitHub Archive project -- http://www.githubarchive.org/, and the ability to query the archive using Google's BigQuery. Sounds like it would be a perfect tool for the job -- I'm pretty sure you could get exactly what you want with a single query.
The other option is to call the GitHub API -- iterate over all events for the organization and filter out the ones that don't satisfy your date rage criteria and event type criteria (commits). But since you can't specify date ranges in the API call, you will probably do a lot of calls to get the the events that interest you. Notice that you don't have to iterate over every page starting from 0 to find the page that contains the first result in the date range -- just do a (variation of) binary search over page numbers to find any page that contains a commit in the date range, a then iterate in both directions until you break out of the date range. That should reduce the number of API calls you make.
I'm doing a small app juggling with calendars and I'd love to send invitations to my user's contacts.
I'm wondering, is there a way (even complicated, I don't mind) which would allow me to know whether a particular contact uses Google Calendar or not, so I could send them plain e-mail invitation or full-featured Google Calendar invitation (which they are familiar with and can respond to them with one click from Gmail)?
Input: Contact's e-mail address. (e.g. steve.jobs#apple.com, my.mom#gmail.com, ...)
Output: Boolean information "does this contact use Google Calendar?"
subtask: Boolean information "does this contact even use Google apps?"
It's more or less possible to solve the subtask. Google uses two domains that directly yell at programmer "we are from Google!!!", that's gmail.com and googlemail.com (second one used in UK and Germany due to some legal restrictions). In Python, it's this simple:
def uses_google(email):
return email.endswith(('gmail.com', 'googlemail.com'))
Well, then there are Google Apps. Anyone can run them on his own domain. This should (as far as OpenID is properly installed) solve answer to this question: How to detect if an email is a Google Account?
But what about the usage of Google Calendar?
And is it even necessary to solve such problem? What happens if I send invitations to e-mails without any connection to Google Calendar? Something tells me it wouldn't be nice (maybe only notice "Honza sent you invitation, start using Google Calendar if you'd like to respond"). As a user of the Calendar I know when someone sends invitation to me on wrong e-mail, I can't even respond to it.
A lot of questions here, but I'll take a crack at this.
First off, using Google's mail service doesn't guarantee that the owner use other Google services. Yes, you can assume they have access and they'll be able to accept an invitation, but it doesn't mean they use it as their calendar.
As for somehow gleaning information about Google services used based on a non-Google email address, this does not seem possible. This information is private between the customer and Google, and also borders on proprietary to Google I imagine.
I'm working on an application that lets registered users create or upload content, and allows anonymous users to view that content and browse registered users' pages to find that content - this is very similar to how a site like Flickr, for example, allows people to browse its users' pages.
To do this, I need a way to identify the user in the anonymous HTTP GET request. A user should be able to type http://myapplication.com/browse/<userid>/<contentid> and get to the right page - should be unique, but mustn't be something like the user's email address, for privacy reasons.
Through Google App Engine, I can get the email address associated with the user, but like I said, I don't want to use that. I can have users of my application pick a unique user name when they register, but I would like to make that optional if at all possible, so that the registration process is as short as possible.
Another option is to generate some random cookie (a GUID?) during the registration process, and use that, I don't see an obvious way of guaranteeing uniqueness of such a cookie without a trip to the database.
Is there a way, given an App Engine user object, of getting a unique identifier for that object that can be used in this way?
I'm looking for a Python solution - I forgot that GAE also supports Java now. Still, I expect the techniques to be similar, regardless of the language.
Your timing is impeccable: Just yesterday, a new release of the SDK came out, with support for unique, permanent user IDs. They meet all the criteria you specified.
I think you should distinguish between two types of users:
1) users that have logged in via Google Accounts or that have already registered on your site with a non-google e-mail address
2) users that opened your site for the first time and are not logged in in any way
For the second case, I can see no other way than to generate some random string (e.g. via uuid.uuid4() or from this user's session cookie key), as an anonymous user does not carry any unique information with himself.
For users that are logged in, however, you already have a unique identifier -- their e-mail address. I agree with your privacy concerns -- you shouldn't use it as an identifier. Instead, how about generating a string that seems random, but is in fact generated from the e-mail address? Hashing functions are perfect for this purpose. Example:
>>> import hashlib
>>> email = 'user#host.com'
>>> salt = 'SomeLongStringThatWillBeAppendedToEachEmail'
>>> key = hashlib.sha1('%s$%s' % (email, salt)).hexdigest()
>>> print key
f6cd3459f9a39c97635c652884b3e328f05be0f7
As hashlib.sha1 is not a random function, but for given data returns always the same result, but it is proven to be practically irreversible, you can safely present the hashed key on the website without compromising user's e-mail address. Also, you can safely assume that no two hashes of distinct e-mails will be the same (they can be, but probability of it happening is very, very small). For more information on hashing functions, consult the Wikipedia entry.
Do you mean session cookies?
Try http://code.google.com/p/gaeutilities/
What DzinX said. The only way to create an opaque key that can be authenticated without a database roundtrip is using encryption or a cryptographic hash.
Give the user a random number and hash it or encrypt it with a private key. You still run the (tiny) risk of collisions, but you can avoid this by touching the database on key creation, changing the random number in case of a collision. Make sure the random number is cryptographic, and add a long server-side random number to prevent chosen plaintext attacks.
You'll end up with a token like the Google Docs key, basically a signature proving the user is authenticated, which can be verified without touching the database.
However, given the pricing of GAE and the speed of bigtable, you're probably better off using a session ID if you really can't use Google's own authentication.