Graham,
I used the python quickstart examples to get started, but they only work
for the logged in user. The trick is the set up a separate service
account and use create_delegated method like so:
# Get Credentials as the user
def get_creds(user_id):
# Start with creds for admin and then
creds =
ServiceAccountCredentials.from_json_keyfile_name(CLIENT_SECRET_FILE, SCOPES)
# Delegate to the user
return creds.create_delegated(user_id)
For each user whose email you need to modify. Then you use the special
user 'me' when you access the google services. For example, to delete a
message I would do:
def DeleteMessage(service, user_id, msg_id):
"""Delete a Message.
Args:
service: Authorized Gmail API service instance.
user_id: User's email address. The special value "me"
can be used to indicate the authenticated user.
msg_id: ID of Message to delete.
"""
try:
service.users().messages().delete(userId=user_id, id=msg_id).execute()
print ('Message with id: %s deleted successfully.' % msg_id)
except errors.HttpError, error:
print ('An error occurred: %s' % error)
and call this with:
DeleteMessage(service, 'me', mid)
This works because the credentials are for the specific user. If you
try to use admin creds and then pass in the user name to the google
services it does not work.
cheers,
ski
On 05/29/2016 11:04 AM, Graham Dunn wrote:
Just for the archives, were there any tricky steps, or did the Google dev docs
cover it?
On May 29, 2016, at 9:59 AM, Ski Kacoroski <[email protected]> wrote:
Just got this working after 10 straight hours. It is slow, but hopefully I can
get them all deleted before school starts on Tuesday.
ski
On 05/29/2016 06:32 AM, Graham Dunn wrote:
I have something similar I use for user admin on GA, the get_credentials()
function is identical (save that I use an admin_directory.json instead of
gmail), the userid/access tokens will get stored in
~/.credentials/gmail-api.json for you, what happens if you delete that file and
re-run?
I've had good luck walking through this
https://developers.google.com/admin-sdk/directory/v1/guides/delegation#create_the_service_account_and_its_credentials
but it sounds like you may already be there.
On May 29, 2016, at 8:59 AM, Ski Kacoroski <[email protected]> wrote:
Hi,
One of the apps my teachers use to manage google, created groups for all
classes and schools that were open to public postings. Well a few kids found
this out and now I have really nasty stuff in almost every kids email box which
I really need to remove. I was able to get a python script cribbed together
that worked on one account to remove the emails, but now I get
<HttpError 403 when requesting
https://www.googleapis.com/gmail/v1/users/711201%40apps.nsd.org/messages?q=in%3AINBOX+after%3A2016%2F05%2F28&alt=json
returned "Delegation denied for [email protected]">
on any other account. I have tried redoing my oauth account several times and
even created a new project - no luck. I am logged into the
console.developers.google.com and can see the account. I created the account
with delegation enabled and set the scope to https://mail.google.com. Problems
are how to debug:
* I can find no way to verify that delegation is on or off
* I can verify that gmail and google+ domains apis are enabled.
I think I need to modify the following to include the userid somehow, but am
not sure:
def get_credentials():
"""Gets valid user credentials from storage.
If nothing has been stored, or if the stored credentials are invalid,
the OAuth2 flow is completed to obtain the new credentials.
Returns:
Credentials, the obtained credential.
"""
home_dir = os.path.expanduser('~')
credential_dir = os.path.join(home_dir, '.credentials')
if not os.path.exists(credential_dir):
os.makedirs(credential_dir)
credential_path = os.path.join(credential_dir, 'gmail-api.json')
store = oauth2client.file.Storage(credential_path)
credentials = store.get()
if not credentials or credentials.invalid:
flow = client.flow_from_clientsecrets(CLIENT_SECRET_FILE, SCOPES)
flow.user_agent = APPLICATION_NAME
if flags:
credentials = tools.run_flow(flow, store, flags)
else: # Needed only for compatibility with Python 2.6
credentials = tools.run(flow, store)
print('Storing credentials to ' + credential_path)
return credentials
cheers,
ski
--
"When we try to pick out anything by itself, we find it
connected to the entire universe" John Muir
Chris "Ski" Kacoroski, [email protected], 206-501-9803
or ski98033 on most IM services
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
--
"When we try to pick out anything by itself, we find it
connected to the entire universe" John Muir
Chris "Ski" Kacoroski, [email protected], 206-501-9803
or ski98033 on most IM services
--
"When we try to pick out anything by itself, we find it
connected to the entire universe" John Muir
Chris "Ski" Kacoroski, [email protected], 206-501-9803
or ski98033 on most IM services
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
