✨ add google workspace calendar and acl resources (#4282)

Signed-off-by: Ivan Milchev <ivan@mondoo.com>
mondoohq · Jun 24, 2024 · f4f5bac · f4f5bac
1 parent 398cd85
commit f4f5bac
Show file tree

Hide file tree

Showing 5 changed files with 411 additions and 0 deletions.
diff --git a/providers/google-workspace/resources/calendars.go b/providers/google-workspace/resources/calendars.go
@@ -0,0 +1,71 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package resources
+
+import (
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers/google-workspace/connection"
+	"google.golang.org/api/calendar/v3"
+)
+
+func (g *mqlGoogleworkspace) calendars() ([]interface{}, error) {
+	conn := g.MqlRuntime.Connection.(*connection.GoogleWorkspaceConnection)
+	calendarService, err := calendarService(conn, calendar.CalendarReadonlyScope, calendar.CalendarSettingsReadonlyScope)
+	if err != nil {
+		return nil, err
+	}
+	calendars, err := calendarService.CalendarList.List().Do()
+	if err != nil {
+		return nil, err
+	}
+	res := make([]interface{}, 0, len(calendars.Items))
+	for _, c := range calendars.Items {
+		r, err := CreateResource(g.MqlRuntime, "googleworkspace.calendar", map[string]*llx.RawData{
+			"__id":            llx.StringData(c.Id),
+			"summary":         llx.StringData(c.Summary),
+			"summaryOverride": llx.StringData(c.SummaryOverride),
+			"primary":         llx.BoolData(c.Primary),
+		})
+		if err != nil {
+			return nil, err
+		}
+		res = append(res, r)
+	}
+	return res, nil
+}
+
+func (g *mqlGoogleworkspaceCalendar) acl() ([]interface{}, error) {
+	conn := g.MqlRuntime.Connection.(*connection.GoogleWorkspaceConnection)
+	calendarService, err := calendarService(conn, calendar.CalendarScope)
+	if err != nil {
+		return nil, err
+	}
+	acls, err := calendarService.Acl.List(g.__id).Do()
+	if err != nil {
+		return nil, err
+	}
+
+	res := make([]interface{}, 0, len(acls.Items))
+	for _, a := range acls.Items {
+		scope, err := CreateResource(g.MqlRuntime, "googleworkspace.calendar.aclRule.scope", map[string]*llx.RawData{
+			"__id":  llx.StringData(a.Id + a.Scope.Type + a.Scope.Value),
+			"type":  llx.StringData(a.Scope.Type),
+			"value": llx.StringData(a.Scope.Value),
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		r, err := CreateResource(g.MqlRuntime, "googleworkspace.calendar.aclRule", map[string]*llx.RawData{
+			"__id":  llx.StringData(a.Id),
+			"role":  llx.StringData(a.Role),
+			"scope": llx.ResourceData(scope, "googleworkspace.calendar.aclRule.scope"),
+		})
+		if err != nil {
+			return nil, err
+		}
+		res = append(res, r)
+	}
+	return res, nil
+}
diff --git a/providers/google-workspace/resources/google-workspace.go b/providers/google-workspace/resources/google-workspace.go
@@ -9,6 +9,7 @@ import (
 	"go.mondoo.com/cnquery/v11/providers/google-workspace/connection"
 	directory "google.golang.org/api/admin/directory/v1"
 	reports "google.golang.org/api/admin/reports/v1"
+	"google.golang.org/api/calendar/v3"
 	cloudidentity "google.golang.org/api/cloudidentity/v1"
 	"google.golang.org/api/groupssettings/v1"
 	"google.golang.org/api/option"
@@ -38,6 +39,16 @@ func directoryService(conn *connection.GoogleWorkspaceConnection, scopes ...stri
 	return directoryService, err
 }
 
+func calendarService(conn *connection.GoogleWorkspaceConnection, scopes ...string) (*calendar.Service, error) {
+	client, err := conn.Client(scopes...)
+	if err != nil {
+		return nil, err
+	}
+
+	calendarsService, err := calendar.NewService(context.Background(), option.WithHTTPClient(client))
+	return calendarsService, err
+}
+
 func cloudIdentityService(conn *connection.GoogleWorkspaceConnection, scopes ...string) (*cloudidentity.Service, error) {
 	client, err := conn.Client(scopes...)
 	if err != nil {

diff --git a/providers/google-workspace/resources/google-workspace.lr b/providers/google-workspace/resources/google-workspace.lr
@@ -18,6 +18,36 @@ googleworkspace {
   roles() []googleworkspace.role
   // Retrieves a list of all apps for the Google Workspace account
   connectedApps() []googleworkspace.connectedApp
+  // Retrieves a list of all calendars for the Google Workspace account
+  calendars() []googleworkspace.calendar
+}
+
+// Google Workspace calendar
+private googleworkspace.calendar @defaults("summary") {
+  // Title of the calendar
+  summary string
+  // The summary that the authenticated user has set for this calendar
+  summaryOverride string
+  // Whether the calendar is the primary calendar for the authenticated user
+  primary bool
+  // ACL rules for the calendar
+  acl() []googleworkspace.calendar.aclRule
+}
+
+// Google Workspace calendar ACL rule
+private googleworkspace.calendar.aclRule @defaults("role") {
+  // The role assigned to the scope. Possible values are none, freeBusyReader, reader, writer, owner
+  role string
+  // The extent to which calendar access is granted by this ACL rule
+  scope googleworkspace.calendar.aclRule.scope
+}
+
+// Google Workspace calendar ACL rule scope
+private googleworkspace.calendar.aclRule.scope @defaults("type") {
+  // The type of the scope. Possible values are default, user, group, domain
+  type string
+  // The email address of the user or group, or the name of a domain depending on the scope type
+  value string
 }
 
 // Google Workspace organizational unit