I'm trying to implement a shared filespace on an existing server that has its own login/authentication system. I'd prefer if I could use Google Drive or One Drive as the actual backing file store since then the files could (ideally) be edited in browser and automatically update for everyone else that has access to the shared area.
Diagrammatically (red link = existing authorization, red dashed line = desired auth in a session):
The need for this weird scheme stems from usage by a group where almost the entire set of members gets replaced each year (university committee). It was decided we don't just want to use a Google Drive folder since these end up in people's personal Google Drive folders, files get lost of cleared out etc. Additionally we already pass through this website quite regularly so it makes sense as an official repository of committee documents.
However this leaves me stuck with the issue in the diagram. I don't think that the server can create new, temporary tokens for a logged in user for them to pass to the Google Drive API to edit files. The question is really, can I get the Google API to do this for me somehow by only talking to the server? If not, what's the best way to implement this?
Thanks!
Related
I have been running GDrive API v3 using our Node.js API for awhile now (1+ year), and everything has been functional for creating (drive.files.create) & reading (drive.files.get) DOCX files through the Google Drive API logic using a service account. Everything has been working perfectly fine.
Today I am trying to extend our infrastructure to handle some generic Google Docs files (rather than the existing DOCX stored within GDrive) using the same service account, but the GDrive API is now returning a 403 "Forbidden" error for these files specifically. I can't seem to figure out why there would be a difference in permissions for two file formats that are within the same service account (is the owner of both) and are using the same OAuth token system that I set up originally. The service account itself created the file, so I am a little shocked that it can't then access the same file using the GDrive API.
My question is, is it not possible to use GDrive API to access Google Doc files, even when the files are within a GDrive folder? I can't seem to find any definitive information online on whether we specifically have to use the Google Docs API to access Docs files (seems silly if true). If it is possible, is there an alternative SCOPE that I need to assign to this service account to access Google Docs items specifically? Right now the only SCOPE assigned is https://www.googleapis.com/auth/drive, which according to documentation should be enough to access all of our GDrive files.
I can share some code, but there is not exactly a lot more than what I explained above. I would like to not have to entirely re-do my GDrive OAuth permissions if possible, as that took me a long time in the first place, but if that is the only way, I would love to hear suggestions.
Thanks!
I want to download a Google Sheet (and/or Doc, or Colab Notebook) from an "Anyone can View" sharing URL, if the file is newer than my local copy. To do that, I need to find out when the remote file was last modified. Which I thought shouldn't be hard.
There are threads explaining how to do this for regular files on websites that make use of the HTML Last-Modified property, but Google doesn't provide this field in its headers. It provides a Date: but that's just the download date/time that updates every moment.
I see threads about doing this from within the Doc or Sheet itself. My question is not about that. I'm talking about getting the info remotely by running a python script on my local machine.
I see a thread about using the Google Drive API v3, but....is it really necessary to go through all that (e.g. install oauth, register an API key, etc. effectively create an entire Google app *) just to find out when a publicly-available file was last modified? Is there an easier way?
Thanks!
EDIT: * I started down the road of Google Drive API but I find it confusing and overwhelming. It's like they think I'm trying to create an app for general users for the Android Store, instead of just myself. (??)
We are having issues where sometimes a file that a user can access is not returned when the user issues a files.list. This can happen in many ways. For example, new members of a Google group will not see previously shared files, as described in this question. Moreover, acording to Google documentation there are other limits on sharing which can prevent shared files from appearing in the "Shared with me" view. Finally, a user can issue a files.delete on a file she doesn't own, and the file will disappear from files.list but will still exist.
What can a user do via the SDK alone to cause a file which she can access via files.get to appear in the list of files retrieved via files.list? We are using a service account which impersonates users; the user never authenticates to Google via a browser. A link in an email that the user needs to click won't work for us, unfortunately. Accessing the file via the Google Drive UI has the desired effect, but the analogous files.get call does not.
The Google Calendar API explicitly exposes a CalendarList interface where a user can issue an insert to add an existing calendar to her list. The Google Drive SDK seems like a hybrid Files/FilesList interface with some of the functionality missing (nothing like FilesList.insert) and some of the functionality mixed together (issuing a delete as a non-owner acts like FilesList.delete but issuing it as the owner acts like Files.delete).
If we can't manage the user's files list programmatically then it is not useful for our service. We could ignore the files.list call entirely and just start recursively performing children.list queries on all shared folders, but this is incredibly expensive (unless someone knows how to issue a single query which returns all the Files resources in a folder and not just the IDs of those resources).
Any help would be appreciated. We've been trying this many different ways and have been frustrated at every turn. Thanks!
We're working on an app to sell our music and was wondering if Google Drive can be used as an online storage solution.
The user would complete the transaction on our site, and then authorize us to save the file (or multiple files) to their Google Drive.
The appeal to us is to solve downloading problems via the browser. I believe the Google Drive api returns a successful response when the delivery is complete. If incomplete, we would then either resend or update.
One other requirement is whether we can set permissions to not allow sharing after save (and for that setting to be permanent).
You can do everything you want. The last part about not allowing users to reshare, you can do this if you still own the file, but cannot do it if you have made the user own the file. I am not sure you could ever achieve that - a user can always download a file and share it themselves, whether you are using Drive or your own custom system.
i have been going around in circles here and have totally confused myself. I need some help.
I am (trying to) writing an application for a client that in concept is simple. he want a google write document with a button. the google drive account has several folders, each shared with several people. when he drops a new file in one of the folders, he wants to be able to open this write file, this file is the template for his email. he clicks the button, the system calls the changes service in the Google Drive SDK https://developers.google.com/drive/manage-changes, gets the list of files that have been added since the last time it was checked, then pull the list of people that the file has been shared with, and use the write file as a template to send that list of people an email saying their file is ready.
SO, easy enough, right?
I started by looking at the built in functions in the Google App Script API. I found this method, https://developers.google.com/apps-script/class_docslist#find in the DocsList class. problem is the description for the query simply says "the query string". So at first i tried the Drive SDK query parameters, which are
var files = DocsList.find("modifiedDate > 2012-12-20T12:00:00-08:00.");
it didn't work. that leads me to believe it is a simple full text search on the content. Thats not good enough.
That lead me into trying to call a Drive SDK method from within an App Script application. Great, we need an OLap 2 authentication. easy enough. found the objects in the script reference and hit my wall.
Client ID and Client Secret.
you see, when i create what this really is, a service account, the olap control in apps script doesn't know how to handle the encrypted json and pass it back and forth. Then when i tried to create and use an installed applications key, i get authentication errors because the controls again, don't know what to do with the workflow. and finally, when i try to create a web app key, i can't because i don't have the site host name or redirect URI. And i can't use the application key ability because since im working with files OLap 2 is required.
i used the anonymous olap for a while, but hit the limit of anonymous calls per day in the effort of trying to figure out the code a bit, thats not going to work because the guy is going to be pushing this button constantly thru the day.
i have been pounding my head on the desk over this for 5 hours now. i need some help here, can anyone give me a direction to go?
PS, yes, i know i can use the database controls and load the entire list of files into memory and compare it to the list of files in the database. problem being, we are talking tens of thousands of files. bad idea.
I wouldn't use DocsList anymore - DriveApp is supposed to be a more reliable replacement. Some of the commands have changed, so instead of find, use searchFiles. This should work more effectively (they even use a query like yours as an example).