I have a website that uses the Google Drive SDK to create and save files. I have the permissions set to only have access to files created by my website.
Today all of the users Google Drive files are now visible from within my website even those not created by my app. I had a few other users report this to me.
Anyone else seeing this behavior on their website? Is this a bug or did Google change the behavior of these permissions?
We've isolated a Google Drive server issue and have implemented a temporary fix. You should no longer be able to see the issue.
Thanks for the report!
Related
I have spent a lot of times creating a project in https://console.cloud.google.com, enabling the Drive API, creating server account credentials, and finally writing a small NodeJS integration allowing me to read and write files to Google Drive.
My intent is to be able to store files (organized in folders) on Google Drive from my server, and see them in the classic Google Drive desktop app with my Google account to check everything is fine.
My project seems correctly setup and I was able to create files from my NodeJS program (the files exist, I can list them with the same program), but I can't see the files anywhere in Google Drive with my Google account, with which I created the project.
I was expecting this to be extremely simple. That I would have a out of the box Drive UI allowing me to review the changes.
In the documentation they say I can configure a UI integration but I don't know if this is what I am looking for or not. It seems complicated, talking about my "app" etc, while I just want a simple Google Drive UI for it !
Could anyone help me understand all this ?
Thanks
I have published a Google Apps Script as a web app. Because the URL is not so nice, I have included the script in an iframe on a site with a nicer URL. I have included the corresponding option so that it works at all. Now this web app should only be accessible within the Google Workspace (formerly known as GSuite) I am working in. This setting can be done when publishing the Web App. The problem is, however, that some users (by far not all users!) in our Google Workspace cannot access the Google Apps Script that way. There is a error message saying that Google prohibits the connection.
It seems like the authenticiation does not work "through the iframe". Interestingly, the problem only arises when
the script is embedded in an iframe (the direct script URL by Google works for the users)
the script is restricted to the Google workspace.
Chrome is used (the issue does not happen with Firefox)
It is remarkable that for most users in our Google Workspace the issue does not appear. We had similar problems when including the script on a Google site (which, in the end, is also just an iframe), but with less users experiencing the issue. I have already made sure that the users are only logged in with their Google Workspace account (no other account which has no permission). In Inkognito mode the same happens.
Can someone explain this behaviour? And how to fix that (without changing the framework)?
I have been in contact with the Google support. If I remember correctly, this kind of authentication will be deprecated and should now be done with other tools, for example Google's Firebase Auth.
Maybe this is a silly question, but I've been trying to look information about it on internet without luck.
I have an app that uses Google Drive SDK. I was wondering if there is an option to actually access my files stored for my app like I can access my personal files in Google Drive
I have a small mess with some folders and it will be easier if I can actually manage them with a visual interface.
Thanks!
I'm guessing that your app uses a Service Account? If so, then there is no UI. See this question I can't see the files and folders created via code in my Google Drive
Aha. You cant with a service account. However you could share the files and folders with a "real" account and see them. Easier to do if you already have everything inside a root folder so you only share that folder.
I've developed a Google Drive app called VideoNot.es (http://videonot.es).
When users try to open files directly from Drive, without installing the Chrome app, it shows up an overlay saying "No preview". In consequence, they don't really understand how to open it with my app and I have to explain that they need to go to Manage Apps and make VideoNot.es the default app for this kind of files.
How can I improve this flow?
Thanks for your help!
Provide a file thumbnail, it should appear on the file preview if Google Drive can't render a thumbnail itself. Details are on https://developers.google.com/drive/file at the "Uploading thumbnails" section.
I want to use the Google drive sdk to save data from my app in the user's own Google drive account. This will mean that the developers of the app (i.e. me) won't have access to sensitive data that the user is storing.
I have found some docs about how to do this (the app will be a Google app engine app) but I was wondering if I can lock this data or hide it completely so that a user can't go in and edit the data and possibly cause problems.
I know that Android apps that use Google drive do not leave any visible files that I can see when I go to my drive account.
Thanks
When creating the file, set the hidden label to True. This will hide the file from most user views. Note that it doesn't completely prevent the user from finding and modifying the file if they own it.
If you need the file to be uneditable by the owner, your app will need to own it and only grant the user view access.
In Google Play Services 4.3, they added an "Application Folder." This is designed to allow applications to store data in a user's drive without allowing them to modify this data. It's available for android and web, don't see it listed for iOS.