Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PS-1213] GSuite: Preflat groups using includeDerivedMembership flag. #280

Closed
wants to merge 1 commit into from
Closed

[PS-1213] GSuite: Preflat groups using includeDerivedMembership flag. #280

wants to merge 1 commit into from

Conversation

tm-drtina
Copy link
Contributor

Type of change

  • Bug fix
  • New feature development
  • Tech debt (refactoring, code cleanup, dependency upgrades, etc)
  • Build/deploy pipeline (DevOps)
  • Other

Objective

Since Bitwarden doesn't have nested groups the function flattenUsersToGroups is used to flatten nested groups into one list of users. GSuite SDK supports includeDerivedMembership which already pre-flattens the user list while fetching if from the GSuite API. (It also returns all intermediate groups, but at that point we can safely ignore them.)

The motivation is that if we ignore some intermediate groups (because we don't want them in BW) the flattening function cannot fetch members of that group. So either we have to include all intermediate groups or we won't get all nested users.

Example:

GSuite group "BW Admins" has one member group "GS Admins".
GSuite group "GS Admins" has one member account "admin@company.org".

I want to import group "BW Admins" with one member "admin@company.org".
Currently I need to import also the group "GS Admins", otherwise this tool doesn't resolve members of the intermediate group (because it is excluded).

Potential breaking change?

This might be breaking, because someone might be relying on the exclusion of the intermediate groups, but I think this is more a bug than a feature.
If it is breaking I can also introduce new sync config option to have it as opt-in.

Code changes

I've added includeDerivedMembership: true parameter to member.list GSuite SDK call, which does flattening of nested groups in GSuite rather than in the code.
Also we can safely ignore all groups return by this call, since it is only used for nested group flattening.
https://developers.google.com/admin-sdk/directory/reference/rest/v1/members/list#query-parameters

Testing requirements

Before you submit

  • I have checked for linting errors (npm run lint) (required)
  • I have added unit tests where it makes sense to do so (encouraged but not required)
  • This change requires a documentation update (notify the documentation team)
  • This change has particular deployment requirements (notify the DevOps team)

@bitwarden-bot
Copy link

Thank you for your contribution! We've added this to our internal Community PR board for review.
ID: PS-1213

@bitwarden-bot bitwarden-bot changed the title GSuite: Preflat groups using includeDerivedMembership flag. [PS-1213] GSuite: Preflat groups using includeDerivedMembership flag. Jul 28, 2022
@tm-drtina tm-drtina closed this by deleting the head repository Jun 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
community-pr
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tm-drtina @bitwarden-bot