I want to make sure that I understand Application-Owned Accounts correctly, because it sounds to good to be true.
I have a shop, and I want to place all my products on my application drive account.
I want to be able to dynamically perform those actions:
Add new products
Delete products
Update products
Enjoy the drive file revisions
Do I get all those for free for all my 1,000,000 users?
What is the catch?
The main drawback I think is that you cannot purchase additional space for service/application accounts. You can have the basic 15GB (at time of writing) but that this cannot be increased.
This is mentioned in the third paragraph on this page
I am using Google drive with my own user account (with expanded storage) via the API to store call recordings: I make the files available via my own website and I control the access so I could have a million users of my app, but use one Drive at the back end.
Related
According to the following link, shared Google Drives have a membership limit of 600 combined users and groups.
https://support.google.com/a/answer/7338880?hl=en
At my organization, we have a shared drive. We are unfortunately forced to share with users individually rather than create groups due to a conflict between organizational security requirements and our particular use case.
We are automating sharing using the Google Drive API, and we have a growing number of drive members which will eventually approach the 600 number. Is there a way we can find out how many drive members we have so we know if we're in danger of hitting the limit of 600? A user would be considered a member of the drive if at least one folder or piece of content anywhere on the drive had been shared with them. There doesn't seem to be a straightforward way in the Google Drive API to query the number of users that are members of the drive.
Thanks!
I haven't found a way to directly get a drive's number of members but you might be able to make use of drives.list's query and search drives with memberCount having more than 550.
If this gets your target drive, then you should be able to estimate for how long will it get full.
You can also do a repeated query to actually get the exact number of members.
For example:
name contains 'name of your shared drive' and memberCount > 200
if this returns your target drive, then we know it is greater than 200. Proceed with bigger memberCount comparison to get the actual member count
if this doesn't return your target drive, lessen your memberCount and see if it catches your target drive.
repeat until you get a more specific number of memberCount
With these in mind, you can create an algorithm that will loop the call until it matches the actual memberCount. But if it is a hassle for you to do this, then simply querying if your target drive is having greater than 550 members will suffice and should warn you that it is already near reaching the limit.
Note:
You need to use true for useDomainAdminAccess and have administrator privileges for it to work.
Reference:
Search for shared drives
Drives: list
We are writing a Gmail add-on for synching the user's work schedule into his/her Google calendar. This requires logging into the the employer's workforce management application and fetching data from it. Every different employer is a different customer with a different URL. So, for every customer who wants its employees to be able to use this, we have to add another URL to urlFetchWhitelist and openLinkUrlPrefixes in appsscript.json. We could potentially have hundreds of customers using it. Is there a limit to how many URLs we can put into urlFetchWhitelist and openLinkUrlPrefixes? Or is there another way to solve this?
I'm a hobbyist student developer playing around with the Actions on Google to create a simple "text adventure" game on Google Home. Since Google Home will be speaking to the player rather than the player reading the text, I'm hoping this will create an experience similar to the "Dungeons and Dragons" roleplaying game, with the computer working as the "Dungeon Master." With the natural language assistance offered by API.AI and Actions on Google, it seemed like a good fit, since the player can respond "naturally." Here's an example of an Amazon Alexa skill that does essentially what I'm going for.
However, every time I boot up the game, it's always a new game. I'd like to store a savegame with the user's previous state in a JSON file hosted on the user's Google Drive -- Since I'm just a student doing this for fun, I don't actually have an official website or anything beyond a free Heroku server I'm running the app from, making storing saves on my end pretty much out of the question.
I've walked through the Google Drive REST quickstart for Node.js, and I've gotten that working in the console just fine. The only problem is in that quickstart, the user has to click a link to authorize the application to read the stuff in their Google Drive account, and I'm not sure how I'd be able to "click a link" and give back an access token via voice on Google Home.
Is there a way to do this via Google Drive? Or is there a better way to provide persistent data between sessions? I don't normally work in web development, so any help would be appreciated.
The bad news is you won't be able to get away from the need for a user to use his web browser to authorise your app to access his Drive.
The good news is that you only need to do this once. When your app requests authoirsation, it should specify "offline", which will result in you being given a refresh token. You should save this somewhere in your database of users. Whenever you need to access the user's Drive, you can use the saved refresh token to request an access token and you're good to go.
You have a few problems that you need to solve here, and while they seem related, they're not as related as you might hope:
You need to get authorization to access a user's Drive space
You need to authenticate the user's Home (so you know this person has come back)
You have to connect the two relationships - so you know what Drive space to use for the Home device that is talking to you
You've found the answers to (1) already, and as noted, you'll need to use a browser for them to authorize you to access their Drive. You'll then store the refresh token and will be able to access it in the future.
But that is only part of the problem. Home does not provide you access to the user's Google account directly, so you'll have to manage your own account mechanism and tie it to Home. There are a few solutions here:
Home provides anonymous user identity in the JSON sent to your webhook. You can access this using getUser().user_id if you're using the Actions API library, or access this in the data.user.user_id field in the JSON. While this is similar to a browser cookie, it only stores the user ID and can't store additional data. There is also no concept of "local storage". On the plus side, this ID is consistent across devices.
You can request user information such as their name and address. But it doesn't have anything unique or account information, so this probably isn't useful to you.
You can implement an OAuth2 server and do account linking. Note that this is the other side from what you need to do with Google Drive - you'll be providing the access and refresh tokens to authenticate and authorize access to your account and the Google Home device will send these tokens back to you so you can determine who the user is. You don't actually need to store account information - you can provide token information using JSON Web Tokens (JWT) or other methods and have them store account information in a secure way. Users will use the Google Home app to actually sign-in to your service as a one-time event.
In order to handle (3), you may be thinking that (1) lets you get tokens and the OAuth solution for (2) requires you to hand out tokens. Can the two be combined? Well... probably, but it isn't as straightforward. You can't just give the Google OAuth2 endpoints to Home - they explicitly block that and you need to control your OAuth2 endpoints. You may, however, be able to build proxy endpoints - but I haven't explored the security implications of doing so.
I think you're on the right track - using Drive is a good place to store users' information. Using Home's account linking gives you a place where they have to come to your web site to authenticate and authorize their Home, and you can use this to do the same for their Drive.
We have a google corporate account and need to transfer ALL of a user's google drive files to another account in certain instances. We want to do what is described at the following link for "all files" but programatically via the latest Drive API http://support.google.com/a/bin/answer.py?hl=en&answer=1247799
We are currently using the following API version(s) below, coupled with domain wide authority delegation as described at https://developers.google.com/drive/delegation and are able to see a user's files, iterate over them etc.
google-api-services-drive 1.14.2-beta
google-api-client 1.14.1-beta
My question is this: it appears that the only way to change permissions is by fileId by fileId etc. Instead of having to traverse and iterate over an entire set of user's files, if we just want to transfer ALL of a user's files to another particular user: is there a way in the API to do this (ownership transfer for ALL files) rather than individual requests file/by file?
Also when transferring ownershisp, must the transferee be in the same #domain or can it be another #domain we manage? I read somewhere that you can only transfer to owners in the same domain. Does this still hold true? For instance we manage #myCompany.com and have our corporate account registered under that, however that shell account has several sub-domains within it. We would like to transfer files from users in the sub-domains to a central user in the #myCompany domain.
You need to change permissions file by file, there is no updateAll type of functionality at the moment.
You cant transfer the ownership to another domain's user. Ownership can only be transferred to another user in the same domain as the current owner.
This answer doesn't directly answer your question, but it could be helpful for both you and future visitors.
As of now, you can mass transfer files to new users with Google's new Admin console. It doesn't let you filter for specific folders, but it does allow you to transfer all of one user's Drive files to a second user.
I know you were trying to create something which uses the API to iterate through folders and files, and you probably have a very specific use-case in mind. However, in the case where you have employees leaving, or you need to transfer everything, using the following method is fast and simple.
Open the Google Admin console
Go to Google Apps > Drive
Click on "Transfer ownership"
Fill out both user fields and submit
This process will even email both users once the process is completed.
You can do this with a single call to the Data Transfer API
Exactly what is needed but only with API!
Open the Google Admin console
Go to Google Apps > Drive
Click on "Transfer ownership"
Fill out both user fields and submit
This process will even email both users once the process is completed.
If this is not possible via API calls, then there is no point deleting a user using API.
I am no longer working with the person who originally created my Chrome extension, and I need to manage and push updates to the extension for our current users.
Is there any way of transferring ownership? He is happy to do it, but has not been able to find a way.
You have to fill in some forms with Google.
You can find the Chrome Web Store account transfer request form here: http://support.google.com/chrome_webstore/bin/request.py?contact_type=dev_account_transfer
You may create a Google Group and use it as your publisher.
Remember that:
You can only set up group publishing once and create one group publisher account.
If you want to transfer extension to group, then:
Select "All Publishers" in the dashboard.
Under target group click "Transfer your existing item(s) to this publisher".
In practice I was able to share publishing access among group owners, not group participants, but you may experiment yourself.
Assuming that we're talking about an extension hosted on Google's extension gallery, there's no mechanism for transferring ownership available in the developer dashboard. Transfers of ownership have to be done manually by someone internally. The extension's owner will need to send an email to the "chromium-extensions" group explaining the situation, and someone from the extensions team will get back with you relatively soon to get the details.
Until there's a better mechanism for this (multiple owners, for instance), I'd suggest that you create a new Google account to share between the extension's owners, and ask for that address to be assigned ownership.