Google Syncinator creates and syncs accounts from trogdir-api into a Google Apps domain. It handles the deprovisioning of Google accounts when people lose affiliations or become inactive. It also has an API for clients to manage email account data.
- Redis server (for Sidekiq)
- MongoDB server
- trogdir-api installation
- Admin access to a Google Apps account
- Biola WS email table (just temporarily for legacy support)
git clone firstname.lastname@example.org:biola/google-syncinator.git cd google-syncinator bundle install cp config/settings.local.yml.example config/settings.local.yml cp config/blazing.rb.example config/blazing.rb
In order to access the Google API, a client cert needs to be created and configured.
- Visit https://console.developers.google.com/project and create a project
- Enable the
APIs & auth>
Create new Client IDand choose
APIs & auth>
Generate new P12 keyunder
APIs & auth>
- Set the private key's password in
- Set the Service Account
config/settings.local.ymlto the path of the
.p12file you just downloaded.
google.api_client.personto the email address of the account you'd like to perform the actions as. This account will need to be a Super Admin and must have logged in to accept Google's terms of service.
- Login to
admin.google.com. Go to
Manage API client access
- Add a new Authorized API client using the
Client IDfrom the Developer Console as the
Client Nameand set the
API Scopesfield to the follow comma separated list of scopes:
irb -r ./config/environment.rb c = Client.create! name: 'YOUR_CLIENT_NAME_HERE' c.access_id # to see the access_id c.secret_key # to see the secret_key
sidekiq -r ./config/environment.rb
Before running the specs you'll need to create a
ws_test MySQL database.
bundle exec rspec
blazing setup [target name in blazing.rb] git push [target name in blazing.rb]
Workers::HandleChangesprocesses changes from trogdir-api
Workers::CheckNeverActivechecks for accounts that don't need to have an email account and have never logged in
Workers::CheckInactivechecks for accounts that don't need to have an email account and haven't logged in in a long time.
rake import:legacy_email_tableimports all of the records from the legacy email table to the new MongoDB university_emails collection. Logs are stored as
rake import:department_emailsimports all of the records from Google Apps that aren't already in the
DepartmentEmails. Logs are stored as
import:legacy_email_table should be run before
import:department_emails, otherwise everything from Google Apps will be imported as a
- There are 4 sources where data is managed and synced:
- legacy email table
- Google APIs.
ServiceObjects::HandleChangebasically serves as the router for Trogdir changes. It's a good place to start if you're debugging.
- The email models have a fairly complex inheritance structure but it works well. Here it is:
DeprovisionSchedulemodels also store activate actions, which technically is for reprovisioning. But
DeprovisionOrReprovisionScheduledoesn't really roll off the tongue now, does it.
Exclusionmodels prevent deprovisioning or reprovisioning from happening to an email account for a certain amount of time.
AliasEmailmodels are always tied to an
AccountEmailwhich mirrors the relationship aliases have to accounts in Google.
- Email addresses for employees and similar affiliations do not typically include a middle initial. Such as
email@example.com. Students and similar affiliations do include a middle initial. Such as
- Many operations are run through workers to ensure there are no issues with network failures or API downtimes.
- three-keepers has a GUI designed to manage email data through the API.
- google-syncinator-api-client is a gem to assist in consuming the API.