Sharing of data on Google servers maintaining Access Control List - google-drive-api

Can i share the files which are uploaded in the Application Folder with other Google account users ?
https://developers.google.com/drive/android/appfolder
I want the user uploading the file to maintain an Access Control List.
If Appdata does not support it, is there any other alternative provided by google for it?

Related

How to access all files in app data folder

I'm googling and debugging for days now, and did not find a solution, how to access all files on google drive in the folder created by my application.
I'm using v3 API with non sensitive permission drive.file. This means I can create folders, and create and list files in it. But I only see (list) files which were created by the application. If the user copies some other file into the folder created by the application, it is invisible for the application, and I did not manage to set permission either on the web client, nor in the application.
I don't want to set all files permission to my app, since I don't want to access anything in the user's drive, just in my folder, but there I would like to see also files, the user copied there.
The files are settings/schema export of my application, which the user might move between users with different google account.
Is it possible? How could I list all files in the app data folder? Is there a way to share a file with an application on google drive? Can the user do it manually (like copy the file there, and then set some kind of permission to the application, so it can list/download that file)
Thanks!

Using Google Drive API to edit other user's files

I am building an app that functions as a markdown editor, and have Google authentication / login functioning. I have users asking if they can choose to have their documents save to their google drive rather than to my servers, which seems to work fine via the Google Drive v3 API, saved to the app data folder.
However, users are also able to generate a collaborator link for others to visit and which allows them to edit the files as co-owners. I would like to maintain this sharing capability with the Google Drive files, but this (very old) answer suggests that sharing in this way may not possible with files in appdata, because:
Appdata content is supposed to be exclusive to the application.
Does this mean that, as long as my users all access these files exclusively via the app, sharing appdata between users is possible? Or is the appdata folder exclusive to the application and the user? If so, is it at least possible to share editor access to google drive files created by my app but outside the appdata folder?
I'm imagining this process:
User1 creates a file in my app and then my app saves it to his Google Drive (preferably in appdata)
User1 generates a collaborator link via my app, gives it to User2
User2 visits the link which opens User1's file within my app, edits it
User2's edits are saved, and my app updates the original User1's file via the API
Question:
"Or is the appdata folder exclusive to the application and the user?"
Answer:
Yes, it is exclusive for your app on their Drive.
Notes:
Use the AppData folder for Application Data, not User Data.
If the file is created by your app, and you want to store it in the user's Drive, you can use the https://www.googleapis.com/auth/drive.file scope. You app will always have access to that file because it was created by it.
Keep in mind that if your app requires restricted scopes you will have to go through verification.

Directory sandboxed access for Google Drive / Dropbox API / RemoteStorage apps?

Is there a way to get sandboxed, user-selected directory access on any major file service without first getting read level access to their entire filesystem?
There's a lot of talk about "unhosted" static webapps that allow users to access their data from a 3rd party file service (Google Drive, Dropbox, their own server, etc.). The most notable effort I've found so far is remoteStorage.io, but there doesn't seem to be a way with any major provider to let the user select a directory and then use that as a sandbox without breaking their trust (i.e. getting read access to all their files first).
From the user's perspective, the webapp shouldn't have access to anything else on the remote file storage except the one folder the user grants it access to (for example, I might grant a text editor access to my FunnyJokes folder).
The current work around seems to be having the webapp force a specific folder name ahead of time ("this app wants access to /appname_notes"), but that rules out letting the user point it to where they may already have their notes.
Does anyone know of a nice way to do this with Google Drive, Dropbox, or the like?
The user experience that makes the most sense to me is something like...
User opens an unhosted webapp (for example, a basic text editor TextyApp). They click a button to connect with their data.
3rd party auth page appears (for example, Google Drive) and it says "The app TextyApp has requested read/write access to your files. Please select a directory to use."
Confirmation screen: "Grant read/write access to folder FunnyJokes for TextyApp?"
The page redirects back to the webapp with sandboxed accessed to the user-specified folder and the files within it.
This seems like how remote file storage should work, but I haven't found a way to do it yet. Any thoughts/suggestions would be great!
Cheers,
Adam
Edit: To clarify, I'm not talking about storing hidden "application data", but instead letting the user specify a particular directory to sandbox for use with a webapp that they may not want to give broader access to.
The Dropbox Apps API provides the ability to restrict any app using your API key to a single directory of your Dropbox account. So users could create an API key with access to a specific directory and then plug that into your app. However, that's not a user-friendly workflow.
I think the Dropbox Drop-Ins Chooser/Saver API might be close to what you want. The user is presented with a Dropbox file selection popup, and your app only gets access to the specific file(s) that the user selects.
With remoteStorage, sandboxed directory access is currently the default way for apps to request (and users to grant) access to the storage. However, users cannot manually select or enter custom directories during the connect phase.

Google Drive Permissions

I work for an un-launched startup that handles a large amount of user media. We are looking to integrate Google Drive as a way for a user to store that media.
Is it possible to have read/write access to a user's Google Drive, after obtaining their permission via OAUTH2? More specifically the ability to create folders on their drive and access them for read/write scenarios.
We would also need to be able to generate direct links to their photos, videos, etc.
We've successfully integrated with Dropbox in this manner and would like to offer Google Drive as an alternative. Are these scenarios possible with Google Drive?
Yes, this is absolutely possible.
You will want to read about our Auth Scopes and determine what the minimal set of scopes are that you need to operate. As an example, drive.file scope will enable you to create files & folders, read them, as well as read/write any existing files that a user explicitly opens with your application.
The 'explicitly open' part can be handled in 2 ways. You can register an 'Open' action for your app in the Drive UI for certain file types and you can use our 'File Picker' widget in your app to enable the user to select which files to open/grant access. You can read about opening files in our docs

Is it possible to share the application data on google drive

There's a nice feature on google drive that allows an application to store data not visible for users.
https://developers.google.com/drive/appdata
Is it possible to share this application data between users, just like other google drive files?
Larsi
You can't share appdata files within the Drive's existing permissions model. Appdata content is supposed to be exclusive to the application. If you try to change permissions for an appdata file, you'll receive a 403 with the following error message:
Method not supported for appdata contents