mrkwatz/executeOnDeath.gs

## executeOnDeath.gs
/**
 * Sends an email to someone if a google account hasn't been logged in to within a month
 *
 * This is a google apps script https://developers.google.com/apps-script/overview
 *
 * Enable api access https://support.google.com/a/answer/60757
 * Enable the admin sdk for this project in the api gateway
 * Enable admin directory api in apps script > resources > advanced google services
 *
 * Add a time trigger to run `generateLoginActivityReport()` every day
 */
function generateLoginActivityReport() {
  // The user to check last login time of.
  // Upcoming execution warnings will be sent to this email.
  const myEmail = 'me@example.com';

  // The user to share with on execute.
  // No share/emails will be sent until the time of execution.
  const recipientEmail = 'them@example.com';
  const recipientName = 'Jane Doe';

  // Google drive folder ID to share with recipient.
  const folderToShare = DriveApp.getFolderById('XXXXXXXXXXXXXXXXXXXXX');

  // How many days since last login to wait before executing share.
  const executeDays = 28;

  // Secret to share with recipient
  // eg part of a password to an account database (keepass etc)
  // assuming other parts are delivered before hand by other means.
  const secret = '???????????????????';

  try {
    console.info('User email: ' + myEmail);
    const user = AdminDirectory.Users.get(myEmail);
    const lastLoginTime = new Date(user.lastLoginTime);
    console.info('User name: ' + user.name.fullName);
    console.info('Last login: ' + lastLoginTime);

    const lastLoginDays = Math.ceil((new Date() - lastLoginTime) / 8.64e7);
    console.info('Days since last login: ' + lastLoginDays);

    console.info('Recipient: ' + recipientName + ' ' + recipientEmail);

    if (folderToShare.getEditors().map(function (editor) {
        return editor.getEmail()
      }).filter(function (email) {
        return email === recipientEmail
      }).length > 0) {
      console.info(recipientEmail + ' already has access');
    } else {
      console.info(recipientEmail + ' needs access');
      if (lastLoginDays > executeDays) {
        folderToShare.addEditor(recipientEmail);
        console.info(recipientEmail + ' granted access');
        MailApp.sendEmail(myEmail,
          'No Account Activity for ' + user.name.fullName + ' - EXECUTED',
          'No account activity has been detected for ' + myEmail + ' in the last month. Secret has been sent and shared.\nLast login: ' + lastLoginTime
        );
        MailApp.sendEmail(recipientEmail,
          'No Account Activity for ' + user.name.fullName,
          'THIS EMAIL IS ONLY FOR ' + recipientName + ' AND MAY NOT BE READ BY ANY OTHER PARTY.\n\nNo account activity has been detected for ' + myEmail + ' in the last month. You will receive Google Drive share access to the KeePass directory.\nLast login: ' + lastLoginTime + '\n\nKeePass partial code: ' + secret + '\n\n\n~ ' + user.name.fullName + '\nSent: ' + new Date(), {
            name: user.name.fullName,
            cc: myEmail
          }
        );
        console.info(recipientEmail + ' sent secret');
      } else if (lastLoginDays > executeDays - 1) {
        console.info('Sending one day warning to ' + myEmail);
        MailApp.sendEmail(myEmail,
          'No Account Activity for ' + user.name.fullName + ' - ONE DAY',
          'No account activity has been detected for ' + myEmail + ' in the last month. Secret will be sent in one day.\nLast login: ' + lastLoginTime
        );
      } else if (lastLoginDays > executeDays - 3) {
        console.info('Sending three day warning to ' + myEmail);
        MailApp.sendEmail(myEmail,
          'No Account Activity for ' + user.name.fullName + ' - THREE DAYS',
          'No account activity has been detected for ' + myEmail + ' in the last month. Secret will be sent in three days.\nLast login: ' + lastLoginTime
        );
      } else if (lastLoginDays > executeDays - 7) {
        console.info('Sending one week warning to ' + myEmail);
        MailApp.sendEmail(myEmail,
          'No Account Activity for ' + user.name.fullName,
          'No account activity has been detected for ' + myEmail + ' in the last three weeks. Secret will be sent in one week.\nLast login: ' + lastLoginTime
        );
      } else {
        console.info('No action taken.');
      }
    }
  } catch (error) {
    MailApp.sendEmail(myEmail,
      'Activity script failure',
      'Error while executing\n' + (error.message || error)
    );
    console.error('Caught error: ' + (error.message || error));
  }
}
	/**
	* Sends an email to someone if a google account hasn't been logged in to within a month
	*
	* This is a google apps script https://developers.google.com/apps-script/overview
	*
	* Enable api access https://support.google.com/a/answer/60757
	* Enable the admin sdk for this project in the api gateway
	* Enable admin directory api in apps script > resources > advanced google services
	*
	* Add a time trigger to run `generateLoginActivityReport()` every day
	*/
	function generateLoginActivityReport() {
	// The user to check last login time of.
	// Upcoming execution warnings will be sent to this email.
	const myEmail = 'me@example.com';

	// The user to share with on execute.
	// No share/emails will be sent until the time of execution.
	const recipientEmail = 'them@example.com';
	const recipientName = 'Jane Doe';

	// Google drive folder ID to share with recipient.
	const folderToShare = DriveApp.getFolderById('XXXXXXXXXXXXXXXXXXXXX');

	// How many days since last login to wait before executing share.
	const executeDays = 28;

	// Secret to share with recipient
	// eg part of a password to an account database (keepass etc)
	// assuming other parts are delivered before hand by other means.
	const secret = '???????????????????';

	try {
	console.info('User email: ' + myEmail);
	const user = AdminDirectory.Users.get(myEmail);
	const lastLoginTime = new Date(user.lastLoginTime);
	console.info('User name: ' + user.name.fullName);
	console.info('Last login: ' + lastLoginTime);

	const lastLoginDays = Math.ceil((new Date() - lastLoginTime) / 8.64e7);
	console.info('Days since last login: ' + lastLoginDays);

	console.info('Recipient: ' + recipientName + ' ' + recipientEmail);

	if (folderToShare.getEditors().map(function (editor) {
	return editor.getEmail()
	}).filter(function (email) {
	return email === recipientEmail
	}).length > 0) {
	console.info(recipientEmail + ' already has access');
	} else {
	console.info(recipientEmail + ' needs access');
	if (lastLoginDays > executeDays) {
	folderToShare.addEditor(recipientEmail);
	console.info(recipientEmail + ' granted access');
	MailApp.sendEmail(myEmail,
	'No Account Activity for ' + user.name.fullName + ' - EXECUTED',
	'No account activity has been detected for ' + myEmail + ' in the last month. Secret has been sent and shared.\nLast login: ' + lastLoginTime
	);
	MailApp.sendEmail(recipientEmail,
	'No Account Activity for ' + user.name.fullName,
	'THIS EMAIL IS ONLY FOR ' + recipientName + ' AND MAY NOT BE READ BY ANY OTHER PARTY.\n\nNo account activity has been detected for ' + myEmail + ' in the last month. You will receive Google Drive share access to the KeePass directory.\nLast login: ' + lastLoginTime + '\n\nKeePass partial code: ' + secret + '\n\n\n~ ' + user.name.fullName + '\nSent: ' + new Date(), {
	name: user.name.fullName,
	cc: myEmail
	}
	);
	console.info(recipientEmail + ' sent secret');
	} else if (lastLoginDays > executeDays - 1) {
	console.info('Sending one day warning to ' + myEmail);
	MailApp.sendEmail(myEmail,
	'No Account Activity for ' + user.name.fullName + ' - ONE DAY',
	'No account activity has been detected for ' + myEmail + ' in the last month. Secret will be sent in one day.\nLast login: ' + lastLoginTime
	);
	} else if (lastLoginDays > executeDays - 3) {
	console.info('Sending three day warning to ' + myEmail);
	MailApp.sendEmail(myEmail,
	'No Account Activity for ' + user.name.fullName + ' - THREE DAYS',
	'No account activity has been detected for ' + myEmail + ' in the last month. Secret will be sent in three days.\nLast login: ' + lastLoginTime
	);
	} else if (lastLoginDays > executeDays - 7) {
	console.info('Sending one week warning to ' + myEmail);
	MailApp.sendEmail(myEmail,
	'No Account Activity for ' + user.name.fullName,
	'No account activity has been detected for ' + myEmail + ' in the last three weeks. Secret will be sent in one week.\nLast login: ' + lastLoginTime
	);
	} else {
	console.info('No action taken.');
	}
	}
	} catch (error) {
	MailApp.sendEmail(myEmail,
	'Activity script failure',
	'Error while executing\n' + (error.message \|\| error)
	);
	console.error('Caught error: ' + (error.message \|\| error));
	}
	}