google2asana is an app made to sync permissions from Google groups over to Asana teams and projects.
For groups that have their organizational structure tied to google groups (and use email aliases for various teams), this is a way to make it easy to give permissions for an Asana team to the people on a google alias.
A google group alias of "admins" can be supplied for which each user on that alias will be added to every team within the Asana org.
An email-prefix filter can be specified which will exclude any/all email addresses with that prefix from being added to teams (ie, if google groups point to other groups in a tree-like fashion, if those other groups all have a character like '_' at the beginning, you can specify that those sub-groups should be ignored when doing the sync
In order that google2asana does not remove permissions for members that were added by hand (ie by a user and not the script), a database of who was added to which team by the script is maintained. So only users that were added by the script will be removed by the script.
google2asana will keep its log of users added in a MySQL database. The DML to create the table is:
create table asanaSyncLog(user_id BIGINT, user_name VARCHAR(255), team_id BIGINT, team_name VARCHAR(255), PRIMARY KEY (user_id, team_id))
create table asanaProjectSyncLog (user_id BIGINT, user_name VARCHAR(255), project_id BIGINT, project_name VARCHAR(255), PRIMARY KEY (user_id, project_id))
The Asana Personal Access Token can be generated by following directions here.
The account to which the Asana Personal Access Token is linked to must be on every team. In other words, that person must be a member of each team in order for permissions to be given to add/remove members via AsanaSync.
Config parameters can be passed in either via a yaml file (see config.yaml for template) or via environment variables. Environment variables should look like:
ASANASYNC_EMAIL_PREFIX_FILTER=_
[email protected]
ASANASYNC_GOOGLE_PEM_EMAIL=googlegroup@googlegroup.iam.gserviceaccount.com
[email protected]
ASANASYNC_MYSQL_CONFIG=dbuser:password@/db_name
ASANASYNC_ASANA_PERSONAL_ACCESS_TOKEN=0/9acc...
ASANASYNC_GOOGLE_PEM_VALUE=Bag Attributes friendlyName: privatekey...
Optionally, an ASANASYNC_GOOGLE_PEM_PATH environment variable can be defined with the path to a local PEM on the filesystem.
For MYSQL_CONFIG, see the go-sql-driver documentation to understand how to specify your MySQL database.
make the team permission setting be multithreaded. Use lambda handler functions. introduce a cache for google alias lookup
We use govendor to vendor all our dependancies.
Copyright (c) 2018 Gracepoint Ministries
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.