Group owners are treated as members

Reinstating original behavior from pre v2.2.x
awslabs · Apr 2, 2024 · 900200f · 900200f
1 parent 087491f
commit 900200f
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -34,7 +34,8 @@ SSO Sync will run on any platform that Go can build for. It is available in the
 > As of `v2.2.0` multiple query patterns are supported for both Group and User matching, simply separate each query with a `,`. For full sync of groups and/or users specify '*' in the relevant match field. 
 > User match and group match can now be used in combination with the sync method of groups.
 > Nested groups will now be flattened into the top level groups.
-> group owners and external users are ignored.
+> External users are ignored.
+> Group owners are treated as regular group members.
 > User details are now cached to reduce the number of api calls and improve execution times on large directories.
 
 ## Why?

diff --git a/internal/sync.go b/internal/sync.go
@@ -1049,10 +1049,10 @@ func (s *syncGSuite) getGoogleUsersInGroup(group *admin.Group, userCache map[str
 	// process the members of the group
         for _, m := range groupMembers {
         	log.WithField("email", m.Email).Debug("processing member")
-                // Ignore Owners they aren't relevant in Identity Store
+                // Ignore Owners aren't relevant in Identity Store
+		// so are treated as group members.
                 if m.Role == "OWNER" {
-                	log.WithField("id", m.Email).Debug("ignoring owner roles")
-                        continue
+                	log.WithField("id", m.Email).Debug("owner role")
                 }
 
                 // Ignore any external members, since they don't have users