The sample app in the docs loads a file into a document and then very nicely keeps the document synchronized across all instances of the app. Awesome!
I don't understand when a user is allowed access to the realtime document. The load / save to the drive file is clearly regulated by permissions, but it seems that if I have the key to a realtime document I can make whatever changes I like to that document. Another user, who is allowed to save to the drive file, can get evil updates to the realtime doc and might naively save them to the backing file.
I've tested this briefly by removing access to a file and verifying that the blocked user can indeed still change the realtime document even after access to the drive file is blocked.
Does anyone know a way to block updates to the realtime document from someone that doesn't have access to the relatively-offline file?
Additionally, I'd like to give each collaborator private space in the document that other collaborators cannot affect. Does anyone know of plans for per-key permissions like Firebase supports?
Access to a Realtime file is restricted with sharing and permissions rights exactly the same way as regular Drive files. No user can modify it if they do not have access.
You can achieve the private collaborators part by having a separate private file. If this is not what you require, please give additional details.
Related
The product I'm working on currently uses the scope "https://www.googleapis.com/auth/drive" (which is now "restricted" by Google), which gives full read and write access to a user's Drive account, including app metadata. But we only need read access to list all files and folders inside a specific folder, and we need to be able to download those files, that's all.
Google Drive API will soon apply the new "restricted" scope policy (https://support.google.com/cloud/answer/9110914#restricted-scopes), which will require us to go through a very expensive audit (tens of thousands of dollars...). Is there a possible workaround to get 'read-only' access on a specific folder, and avoid the audit (note that https://www.googleapis.com/auth/drive.readonly is also a restricted mode)?
I'm aware of the "https://www.googleapis.com/auth/drive.file" scope (which is "recommended" by Google, so no audit required), which almost solves this problem. But we have thousands of users bringing in data from multiple Drive Folders, and pushing new files daily. This scope would introduce a manual step for a client each morning to have to "approve" every new file, and this would be a big scalability/usability problem.
Ideally, I would like Google to add a new scope, like a read-only access to anything inside a folder, before they go forward with their audit... but i doubt that this will happen soon.
Does anyone know of a better option?
[EDIT] For reference, here is the list of scopes and we can see which ones are "restricted", "sensitive" and "recommended" : https://developers.google.com/drive/api/v2/about-auth
Solution
Hi! So after taking a better look at this it seems that restricted scopes do NOT require any paid audit. The main difference is that they will have a wider access to user's data and thus it requires you to go through a restricted scope verification process.
You can use these restrictive scopes (the one that best fits your application) without the need of paying any audit. See more information about how to implement restrictive scopes here.
Is it possible to download a private access file from Google drive via api?
The reason I want this is to prevent people from sharing the download link because I want to provide files for paid customer only.
If its not what are my option to provide file download only for paid customers and preventing them from sharing those download links with others?
You may want to set scopes for your users to restrict the level of access. See Download Files.
Downloading the file requires the user to have at least read access. Additionally, your app must be authorized with a scope that allows reading of file content. For example, an app using the drive.readonly.metadata scope would not be authorized to download the file contents. Users with edit permission may restrict downloading by read-only users by setting the viewersCanCopyContent field to true.
You may also want to look at Files especially the viewersCanCopyContent.
viewersCanCopyContent
boolean
Whether users with only reader or commenter permission can copy the file's content. This affects copy, download, and print operations.
Is there a way to get sandboxed, user-selected directory access on any major file service without first getting read level access to their entire filesystem?
There's a lot of talk about "unhosted" static webapps that allow users to access their data from a 3rd party file service (Google Drive, Dropbox, their own server, etc.). The most notable effort I've found so far is remoteStorage.io, but there doesn't seem to be a way with any major provider to let the user select a directory and then use that as a sandbox without breaking their trust (i.e. getting read access to all their files first).
From the user's perspective, the webapp shouldn't have access to anything else on the remote file storage except the one folder the user grants it access to (for example, I might grant a text editor access to my FunnyJokes folder).
The current work around seems to be having the webapp force a specific folder name ahead of time ("this app wants access to /appname_notes"), but that rules out letting the user point it to where they may already have their notes.
Does anyone know of a nice way to do this with Google Drive, Dropbox, or the like?
The user experience that makes the most sense to me is something like...
User opens an unhosted webapp (for example, a basic text editor TextyApp). They click a button to connect with their data.
3rd party auth page appears (for example, Google Drive) and it says "The app TextyApp has requested read/write access to your files. Please select a directory to use."
Confirmation screen: "Grant read/write access to folder FunnyJokes for TextyApp?"
The page redirects back to the webapp with sandboxed accessed to the user-specified folder and the files within it.
This seems like how remote file storage should work, but I haven't found a way to do it yet. Any thoughts/suggestions would be great!
Cheers,
Adam
Edit: To clarify, I'm not talking about storing hidden "application data", but instead letting the user specify a particular directory to sandbox for use with a webapp that they may not want to give broader access to.
The Dropbox Apps API provides the ability to restrict any app using your API key to a single directory of your Dropbox account. So users could create an API key with access to a specific directory and then plug that into your app. However, that's not a user-friendly workflow.
I think the Dropbox Drop-Ins Chooser/Saver API might be close to what you want. The user is presented with a Dropbox file selection popup, and your app only gets access to the specific file(s) that the user selects.
With remoteStorage, sandboxed directory access is currently the default way for apps to request (and users to grant) access to the storage. However, users cannot manually select or enter custom directories during the connect phase.
I'm trying to integrate Dropbox into my web application in the following way:
Users can enter a Dropbox Share Link, i.e. a Dropbox folder that can be accessed by anyone, even without a dropbox account.
My application then grabs the images from the folder and displays them to all users of my application.
Now as far as I can tell, the Dropbox API doesn't allow this without sending the user through a full-blown OAuth process. But since the shared link is public anyway, I don't need (and don't want) access to the users Dropbox account.
Is there a way to access a shared link in a programmatic way (without parsing the DOM or similar hacks)? Maybe there is a query parameter on the shared link to retrieve the contents as JSON? If it exists, I didn't find any docs about it.
Surely I'm not the first one to try this, so please share your solutions!
No, there's no programmatic way to list folder contents from a share link. If you have a share link for a specific file, then you can convert the domain from www.dropbox.com to dl.dropboxusercontent.com, but this trick doesn't work on folders.
I'm aware of shortcut links. Looking for behavior similar to that of a native Google doc. File exists, possibly takes up storage, can be renamed/moved/deleted, but the data inside shouldn't be modified except by the app. Possibly, defining export formats/links.
I believe the answer is a simple "no" - Google Drive is for storing user files, not protected application data or configuration data. So you could put a file to a users drive, but only the owner of the drive can control whether the file is shared or changed. So they can edit it, you can't stop them, and there's no reason to think that'll ever be a feature in the future.
To have such control you will need to store such data on your own server, or some other such storage medium.
The only other thing that you would do with only Google Drive is encrypt the configuration file you store, for instance, so it couldn't be easily edited - but that's probably just a bad idea. If you must save a configuration file to a persons drive, bury it inside an application folder and sanity check it to ensure it isn't corrupt - but don't count on a person or application never opening and editing it. If it's something a person shouldn't be able to read or change, don't save it to their drive.
As of April 2012, application data is supported: What is the Application Data folder?.
"Export format links" could be done with Custom file properties, though, I'm unsure of what kind datatypes are supported for the value beyond the example string.