I have to develop a web site where only registered and accepted members will have access to my GDrive space in specific personal folders I created, one folder for each member. I want all members to access their Gdrive folder from a login page in the web site.
I have a database where I store Username and Password from the registration process, and want to give permission to the folder associated to every members based on that username and password. The Gdrive Share process, as it is, is not working for my purpose.
You will need to use the Google Drive API.
Related
How to test safely an app that reads and writes to Google Drive using the API?
I created an app that runs on a server, that basically copies a template google doc to another directory, and then edits this new file.
In order to do that I:
created a service account,
delegated domain-wide authority to this service account
(https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority),
Then the app impersonates a user of the domain (always the same user) to access the API resources.
This app works, but it has 2 problems:
the service account has access to too many things. Ideally, I'd like it to have RW access to one folder only,
I'd like to create test credentials that would have access to another specific folder only, or even better, another drive.
Thanks!
Drive does not have permissions based on folders. The closest you can get is by creating an additional Service Account and then share the folder(s) to that SA.
You can also change the sharing setting for just one organisational unit,doing that all the folders whose owners are part of that OU will be able to share it outside or your domain making that the SA have only access to those folders.
My organization has a project that is using Google Drive to store files. What we want to do is to show the contents of the Drive on a website.
I'm not really sure how to go about this. Most of the examples are showing authenticating the user accessing the site.
Right now, what I am thinking of doing is to use a service account. I have a Node app running a service account, which I just followed from the samples in the Node.js samples. I realized that the contents shown from running the app are the contents of the Drive of the service account.
What I wanted to happen was show the contents of the Drive that owns the project.
I'm not sure if you can get around authentication when it comes to standard User Accounts.
But you don't really need to impersonate a User Account. There is a alternative solution. From your User account, create a folder and move all the files needed by the app into it. Then share the folder with the service account and grant it edit access. To share the folder you'll need to know the email address of the service account which you can find in your Google Developer's Console. To get to the service account's page, click the menu icon (the triple bar) at the top left and select IAM Admin. On that page there should be a menu option for service accounts, when selected it will provide you with a list of all your service accounts and their corresponding email addresses.
I have a user which has co-admin privileages. i HAVE ACCESS AND AUTH TOKEN CORRESPONDING TO CO-ADMIN. In my code I first fetch all the users present under given enterprise account and then for some specific users i want to download all the folders and files. Is there any way to do so?. I know that box api does have GetFolder(). but this api does not take any arguments such as username . It requires a folder id and It will always return all the folders and files under that id.
It sounds like you want to use the On-Behalf-Of header. Once you've authenticated an admin account, you can use this header to make any API call on behalf any of the users in the admin's enterprise.
I have successfully been able to auto create documents via a service account. The service account is the owner of the created documents atm and I have shared the documents with several users.
My question is how can i view and delete these created documents in one place? I have tried adding a user permission with type 'owner' but that does not work and the user does not have access to the document.
Can I login as the service account and view and manage the documents from the google drive UI?
Thanks
I have a web app in php mysql, I want to use one google drive account for my app.
Can I use my app's accounts instead of google users for privilages.
I read in SDK I can use service account to login without promting user, but I don't know how to share or give permissions files for custom users.
In api reference I found this:
"The user is not necessarily yet a Google user (e.g. if a file or folder is shared with an email address that does not yet have an associated Google account). Example: 1111459233037698895607".
How a custom user in my app should get a token for own privilages.
I am not exactly sure what you want to achieve here, but if you want to use your own permission system, you can't. You can, however, apply read/write/owner permissions to files to mirror your own permissions.
If I have totally got the wrong idea, please explain.