0

I wrote a simple apps script that reads users from a sheet and then adds them to one or more default groups in my organization
I'd like to set their Post properties to Not allowed - those groups must be read only for end users

can't find on G Suite Reference the right way - if existing...

this is the snippet of code I'm using to add users to groups:

function addGroupMember(user, group) {
  var member = {
    email: user,
    role: 'MEMBER'
  };
  member = AdminDirectory.Members.insert(member, group);
}

thank you in advance

Daniele Debiagi
  • 37
  • 5

1 Answers1

0

You can not assign individual permissions to members of a group.

You need to use "roles".

In the group settings in admin.google.com you will find:

Group Permission Settings

Which represents all the permissions. At first, it is quite open. In your case the key is to differentiate the permissions of Group Managers and Group Members. Then all you need to do is to change which permission each member has.

Apps Script and References

As you have seen, to use the Admin API from Apps Script you can install the Admin SDK Directory service from Apps Script.

Admin SDK Directory service uses the same objects, methods, and parameters as the public API.

This excerpt is from Admin Advanced Service main page. This means that all you need to do is to find a request that works in the Admin API, and then translate it over to Apps Script.

These resources would be helpful for finding a request that works for updating group permissions and also changing the permissions of members within that group to be Managers or just Members with read-only access:

iansedano
  • 6,169
  • 2
  • 12
  • 24
  • thank you, I already knew this from admin console. I was looking to get the thing done via app script. most of users I add must be read only, sometimes they have to be able to post. if I can programmatically set this via script, I can use values from the sheet to choose which ones will be read-only, and which ones can post – Daniele Debiagi Oct 12 '20 at 22:40
  • Ah ok, I didn't understand that. You can not assign _individual_ permissions to members of a group, you have to use "roles", and if that group has "members" as read-only and managers as "able to post", then you can just assign them as "members" or "managers". Or do you need a way to assign **individual** permissions to each member of the group? Or maybe you want to modify the group permissions via apps script - which would be different process than members. Or maybe you just want a script to add users to groups within a role in apps script? Please confirm which. – iansedano Oct 14 '20 at 09:42
  • _You can not assign individual permissions to members of a group, you have to use "roles"_: that's the point. I was looking for this, but if it's not possible, that means I have a wrong approach. I think I should rethink my approach toward this direction: _if that group has "members" as read-only and managers as "able to post", then you can just assign them as "members" or "managers"_ – Daniele Debiagi Oct 15 '20 at 21:02
  • I never used the manager role, considering it quite useless: now it becomes useful. thank you for the hint – Daniele Debiagi Oct 15 '20 at 21:09