Google グループ: メンバー, 追加

// GraalJS Script (engine type: 2)
/*
NOTES
- Google Group for Google Workspace can be used as a team mailing list.
- This addon will automatically add one email to groups via Google APIs. (Admin SDK Directory API)
    - The Google Group itself can have an unlimited number of members.
    - https://support.google.com/a/answer/6099642?hl=en#zippy=%2Cmembership
    - https://support.google.com/a/answer/167085?hl=en What is the maximum number ...
- You can add group addresses as well as user addresses.
    - However, if group1 is a member of group2, group2 cannot be a member of group1.
- If the email already exists, the Warning log (409) will be output.
- If the log output of the target email address is not appropriate, set "false".
    - Personal information protection, various laws and regulations, security policies, etc.

NOTES-ja
- ビジネス向けGoogleグループは、メーリングリストとして利用ができます。(Google Workspace)
- このアドオンは、１つのメールアドレスを Google API 経由で自動追加します。(Admin SDK Directory API)
    - Google Group 自体には、メンバー数の上限はありません。
    - https://support.google.com/a/answer/6099642?hl=ja 参加できるグループ数
    - https://support.google.com/a/answer/167085?hl=ja グループのメンバー数に上限は…
- ユーザアドレスだけでなく、グループアドレスも追加できます。
    - ただし、group1がgroup2のメンバーである場合、group2をgroup1のメンバーにすることはできません。
- 当該メールアドレスが、既に登録済みである場合は、Warning ログ（409）が出力されます。
- 対象メールアドレスのログが適切でない場合、ログ出力に "false" を設定して下さい。
    - 個人情報保護の観点や各種法令セキュリティポリシーなど
*/


/*
APPENDIX
- OAuth Setting sample [HTTP Authorization Setting]
    - "Authorization Endpoint URL"
        - https://accounts.google.com/o/oauth2/auth?access_type=offline&approval_prompt=force
    - "Token Endpoint URL"
        - https://accounts.google.com/o/oauth2/token
    - to get your "ClientId" and "Secret"
        - Access to https://console.developers.google.com/apis/credentials
- Authorization Scopes (one of the following)
    - https://apps-apis.google.com/a/feeds/groups/
    - https://www.googleapis.com/auth/admin.directory.group
    - https://www.googleapis.com/auth/admin.directory.group.member

APPENDIX-ja
- OAuth 設定例（［HTTP認証設定］の例）
    - "Authorization Endpoint URL"
        - https://accounts.google.com/o/oauth2/auth?access_type=offline&approval_prompt=force
    - "Token Endpoint URL"
        - https://accounts.google.com/o/oauth2/token
    - なお "ClientId" と "Secret" は開発者コンソールにアクセスして取得します。
        - Access to https://console.developers.google.com/apis/credentials
- 認可スコープ（以下のいずれか）
    - https://apps-apis.google.com/a/feeds/groups/
    - https://www.googleapis.com/auth/admin.directory.group
    - https://www.googleapis.com/auth/admin.directory.group.member
*/


//////// START "main()" /////////////////////////////////////////////////////////////////
main();
function main(){ 

//// == Config Retrieving / 工程コンフィグの参照 ==
const strAuthzSetting   = configs.get( "AuthzConfA" ); // required (Authz by Basic_AuthN)
  engine.log( " AutomatedTask Config: Authz Setting: " + strAuthzSetting );
const strLog            = configs.get( "StrConfB2" ) + "";
  let boolLog           = true;
  if( strLog          === "false" ){
      boolLog           = false;
  }
const strTargetEmail    = configs.get( "StrConfB" ) + "";
  if( boolLog ){
    engine.log( " AutomatedTask Config: Target Email: " + strTargetEmail );
  }
const strGroupEmails    = configs.get( "StrConfC" ) + ""; // "groupKey"
  if( strGroupEmails   === "" ){
    throw new Error( "\n AutomatedTask ConfigError:" +
                     " Config {C Group Address} not specified \n" );
  }
  const arrGroupEmails  = strGroupEmails.split("\n");
  engine.log( " AutomatedTask Config: Group Emails: " + arrGroupEmails.length );
  engine.log( strGroupEmails );


//// == Data Retrieving / ワークフローデータの参照 ==
// (nothing)


//// == Calculating / 演算 ==

/// Adds a user to the specified group.
/// (Google Workspace Developer > Admin SDK > Directory API)
/// https://developers.google.com/admin-sdk/directory/reference/rest/v1/members/insert

for( let i = 0; i < arrGroupEmails.length; i++ ){
  // request1, prepare
  let request1Obj = {};
      request1Obj.email = strTargetEmail;
  let postUri1  = "https://admin.googleapis.com/admin/directory/v1/groups/" +
                 arrGroupEmails[i] + "/members";
  let request1 = httpClient.begin(); // HttpRequestWrapper
      request1 = request1.authSetting( strAuthzSetting ); // with "Authorization: Bearer XX"
      request1 = request1.body( JSON.stringify( request1Obj ), "application/json" );
  // request1, try
  const response1     = request1.post( postUri1 ); // HttpResponseWrapper
  engine.log( " AutomatedTask ApiRequest1 Start: " + postUri1 );
  const response1Code = response1.getStatusCode() + ""; // (primitive string)
  const response1Body = response1.getResponseAsString() + "";
  engine.log( " AutomatedTask ApiResponse Status: " + response1Code );
  if( response1Code === "409"){
    engine.log( " AutomatedTask ConflictWarning:" +
                      response1Code + "\n" + response1Body );
  }else if( response1Code !== "200"){
    throw new Error( "\n AutomatedTask UnexpectedResponseError: " +
                      response1Code + "\n" + response1Body + "\n" );
  }
  // response1, parse
  /* engine.log( response1Body ); // debug
  response sample
  {
    "kind": "admin#directory#member",
    "etag": "\"SufirXXXXXXcAYyYYYYYNcnrWZZZZZeibFuWWWWW5qw/dXXXXX5cY0EYYYYYWHB2aZZZZZ4\"",
    "id": "104380000010329111112",
    "email": "example@example.net",
    "role": "MEMBER",
    "type": "USER",
    "status": "ACTIVE"
  }
  */
}


//// == Data Updating / ワークフローデータへの代入 ==
// (No Output except Console Log)


} //////// END "main()" /////////////////////////////////////////////////////////////////