I am building an app using Google Drive API and store data in the user's appdata space in the user's Google Drive. This way we can store data to avoid user accidentally delete since it's hidden from the user's view https://developers.google.com/drive/api/guides/appdata
Question: can other apps (maybe even hacker) using the same API and pretend to be our app to fetch the our app data?
If you check the documentation found on Store application-specific data . You will find it states.
This folder is only accessible by your application and its contents are hidden from the user and from other Drive apps.
Only your app or rather your client id can access the files that it created.
Related
I am building an app that functions as a markdown editor, and have Google authentication / login functioning. I have users asking if they can choose to have their documents save to their google drive rather than to my servers, which seems to work fine via the Google Drive v3 API, saved to the app data folder.
However, users are also able to generate a collaborator link for others to visit and which allows them to edit the files as co-owners. I would like to maintain this sharing capability with the Google Drive files, but this (very old) answer suggests that sharing in this way may not possible with files in appdata, because:
Appdata content is supposed to be exclusive to the application.
Does this mean that, as long as my users all access these files exclusively via the app, sharing appdata between users is possible? Or is the appdata folder exclusive to the application and the user? If so, is it at least possible to share editor access to google drive files created by my app but outside the appdata folder?
I'm imagining this process:
User1 creates a file in my app and then my app saves it to his Google Drive (preferably in appdata)
User1 generates a collaborator link via my app, gives it to User2
User2 visits the link which opens User1's file within my app, edits it
User2's edits are saved, and my app updates the original User1's file via the API
Question:
"Or is the appdata folder exclusive to the application and the user?"
Answer:
Yes, it is exclusive for your app on their Drive.
Notes:
Use the AppData folder for Application Data, not User Data.
If the file is created by your app, and you want to store it in the user's Drive, you can use the https://www.googleapis.com/auth/drive.file scope. You app will always have access to that file because it was created by it.
Keep in mind that if your app requires restricted scopes you will have to go through verification.
I am using Google Drive API in order to access the documents of a user from their drive. Following the instructions here https://developers.google.com/drive/v2/reference/files/list
Using the scope https://www.googleapis.com/auth/drive at the time of authentication.
Users are authorizing Google app of our system to access their documents but the problem is that they not getting all documents from their drive when they are trying to access the documents from their drive in our system. (Though they are getting a few documents from their drive). Any help ?
We need to see the specific call to /files/list.
Some things to check ...
Are the missing files owned by the user?
Is there a nextPage in the response that you are not following?
Is there a query in your /files/list?
There's a nice feature on google drive that allows an application to store data not visible for users.
https://developers.google.com/drive/appdata
Is it possible to share this application data between users, just like other google drive files?
Larsi
You can't share appdata files within the Drive's existing permissions model. Appdata content is supposed to be exclusive to the application. If you try to change permissions for an appdata file, you'll receive a 403 with the following error message:
Method not supported for appdata contents
I want to use the Google drive sdk to save data from my app in the user's own Google drive account. This will mean that the developers of the app (i.e. me) won't have access to sensitive data that the user is storing.
I have found some docs about how to do this (the app will be a Google app engine app) but I was wondering if I can lock this data or hide it completely so that a user can't go in and edit the data and possibly cause problems.
I know that Android apps that use Google drive do not leave any visible files that I can see when I go to my drive account.
Thanks
When creating the file, set the hidden label to True. This will hide the file from most user views. Note that it doesn't completely prevent the user from finding and modifying the file if they own it.
If you need the file to be uneditable by the owner, your app will need to own it and only grant the user view access.
In Google Play Services 4.3, they added an "Application Folder." This is designed to allow applications to store data in a user's drive without allowing them to modify this data. It's available for android and web, don't see it listed for iOS.
I would like to build an external asp.net mvc application that has the following features:
The application is accessible via its own domain such as www.itsowndomain.com
The application has access to one Google account (such as itsownaccount#gmail.com) where all the files are stored in the Drive folder. So the users of the application should not have to log into their own Google accounts in order to access the files from this application. The application needs to have automatic access to this (itsownaccount#gmail.com)'s google Drive, that process should be transparent to the user, they should never have to authenticate themselves, its should all happen in the code in the background when the application loads.
The application will use Google Picker to list the files that are in (itsownaccount#gmail.com)'s google Drive folder.
My questions are as follows:
Is what I am trying to do possible, basically using Google Drive as a storage of files and downloading them, uploading new ones and possible editing some from an external application?
Can I use one account because all the files should be publicly available so I do not want users to have to be thinking about authentication in a site just so they can view publicly accessible files?
How do I go about implementing this, is there a tutorial because the ones I have looked at all differ as they mostly try authenticate each user with their own Google account?
you can use Google Drive as the storage solution for your application, check the Google Drive SDK: https://developers.google.com/drive/
Google Drive application usually rely on the users' accounts to store their files, but nothing prevents you from using your account to store all files and make them publicly accessible
there's an ASP.NET MVC tutorial and sample app at https://developers.google.com/drive/examples/dotnet, however, it authenticates each user with his own account. You can start from it and replace the standard OAuth flow with one that always uses your credentials, for instance, by always using a Refresh token that you generated in advance and provided to the app.