Exclude users from belonging to a particular group in G Suite
Question
I am trying to write a script in Google apps script that will suspend the account of users whose account has been inactive for than 120 days. But I don't want the script to delete the accounts of users who are in a particular group. The following is the script that I came up with:
/**
* Lists all the users in a domain sorted by first name.
*/
function listAllUsers() {
var contents = [];
var pageToken;
var page;
do {
page = AdminDirectory.Users.list({
customer: 'xyz12345',
orderBy: 'givenName',
maxResults: 100,
pageToken: pageToken
});
var users = page.users;
if (users) {
for (var i = 0; i < users.length; i++) {
var user = users[i];
if(user.suspended==false){
contents.push([user.name.fullName, user.primaryEmail, user.creationTime, user.lastLoginTime]);
}
}
} else {
Logger.log('No users found.');
}
pageToken = page.nextPageToken;
} while (pageToken);
checkUserLoginTime(contents);
}
/**
* Check the user Log in Time of the users.
* @param contents (The array containing the users list)
*/
function checkUserLoginTime(contents) {
//Logger.log(contents);
var usersToSuspend = [];
var timeNow = new Date();
var checkTime = new Date();
checkTime.setDate(checkTime.getDate()-120);
checkTime = new Date(checkTime);
Logger.log('TimeNow:'+ timeNow);
Logger.log('checktime:'+ checkTime);
for (var i=0; i<contents.length; i++){
var fullName = contents[i][0];
var email = contents[i][1];
var formattedCreationTime = new Date(contents[i][2]);
var formattedLastLoginTime = new Date(contents[i][3]);
Logger.log(fullName);
Logger.log(email);
Logger.log(formattedCreationTime);
Logger.log(formattedLastLoginTime);
if(formattedCreationTime <= checkTime && formattedLastLoginTime <= checkTime){
usersToSuspend.push([fullName, email]);
Logger.log('The user account is Inactive')
//suspendUsers(email);
} else{
Logger.log('The user account is Active')
}
}
}
This script will push all the user accounts the array usersToSuspend , whose last login time was greater than 120 days. Is there a way to filter out this array or stop pushing the emails to this array which belong to a particular group say for eg: xyz@gmail.com ?
2 answers
solution1
0 2019-04-18 17:42:39
Here is a function I use to test group membership from a user's email.
function testGroupMembership(groupEmail, testUser) {
var group = GroupsApp.getGroupByEmail(groupEmail);
var users = group.getUsers();
for (var u = 0; u < users.length; u++){
if ( users[u].getEmail() === testUser){
return true;
}
return false;
}
Pass the User's email address and the Group's email address. If the user is a member, it returns true. So you would have to "not" or inverse that to suspend the account.
solution2
0 2019-04-19 16:45:29
The script that finally worked for me without creating a separate function or complex for loops is as follows:
/**
* Lists all the users in a domain sorted by first name.
*/
function listAllUsers() {
var contents = [];
var pageToken;
var page;
do {
page = AdminDirectory.Users.list({
customer: 'xyz12345',
orderBy: 'givenName',
maxResults: 100,
pageToken: pageToken
});
var users = page.users;
if (users) {
for (var i = 0; i < users.length; i++) {
var user = users[i];
if(user.suspended==false){
contents.push([user.name.fullName, user.primaryEmail, user.creationTime, user.lastLoginTime]);
}
}
} else {
Logger.log('No users found.');
}
pageToken = page.nextPageToken;
} while (pageToken);
checkUserLoginTime(contents);
}
/**
* Check the user Log in Time of the users.
* @param contents (The array containing the users list)
*/
function checkUserLoginTime(contents) {
//Logger.log(contents);
var usersToSuspend = [];
var timeNow = new Date();
var checkTime = new Date();
var group = GroupsApp.getGroupByEmail("xyz@gmail.com"); // gets the group
var users = group.getUsers(); // gets the users in the group
checkTime.setDate(checkTime.getDate()-120);
checkTime = new Date(checkTime);
Logger.log('TimeNow:'+ timeNow);
Logger.log('checktime:'+ checkTime);
for (var i=0; i<contents.length; i++){
var fullName = contents[i][0];
var email = contents[i][1];
var formattedCreationTime = new Date(contents[i][2]);
var formattedLastLoginTime = new Date(contents[i][3]);
Logger.log(fullName);
Logger.log(email);
Logger.log(formattedCreationTime);
Logger.log(formattedLastLoginTime);
if(formattedCreationTime <= checkTime && formattedLastLoginTime <= checkTime){
if (group.hasUser(email)) { //checks if the user is part of the group
Logger.log(email + ' belongs to xyz@gmail.com group');
} else{
usersToSuspend.push([fullName, email]);
Logger.log('The user account is Inactive')
//suspendUsers(email);
}
} else{
Logger.log('The user account is Active')
}
}
}
The group.hasUser(email) eliminates the need to run a for and if loop.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.