I want to use the Google drive sdk to save data from my app in the user's own Google drive account. This will mean that the developers of the app (i.e. me) won't have access to sensitive data that the user is storing.
I have found some docs about how to do this (the app will be a Google app engine app) but I was wondering if I can lock this data or hide it completely so that a user can't go in and edit the data and possibly cause problems.
I know that Android apps that use Google drive do not leave any visible files that I can see when I go to my drive account.
Thanks
When creating the file, set the hidden label to True. This will hide the file from most user views. Note that it doesn't completely prevent the user from finding and modifying the file if they own it.
If you need the file to be uneditable by the owner, your app will need to own it and only grant the user view access.
In Google Play Services 4.3, they added an "Application Folder." This is designed to allow applications to store data in a user's drive without allowing them to modify this data. It's available for android and web, don't see it listed for iOS.
Related
I want to add Google Drive integration to a browser add-on I developed. Basically I want to share user settings between devices, and the settings files are too big to fit inside the 100KB limit for the storage.sync API.
But when I go to my API console and try and activate permissions for the Drive API, I get this:
Browser apps (and Android apps) aren't allowed to access app data. That's not just a warning, you actually can't continue the process until you choose a different platform. Weirdly, I can go ahead if I select "User data" (so user data is less sensitive than app data??)
What I like about app data over user data is that, if I understand correctly, app data goes in a hidden folder uniquely tied to your app, whereas user data goes in the actual user's drive. I don't want my app to have access to the broader drive, I don't want to risk messing their data up and I don't want them to see my app's config files every time they access their drive.
How can I get this "hidden folder" behavior from a browser addon?
Try the solution from this related SO post.
To be able to use your Application Data folder, request access to the following scope:
https://www.googleapis.com/auth/drive.appdata
I have implemented the Picker API for my Web App and there is only one inconvenient.
The App permit a user to open a project and share all kind of documents. One of the methods available to share documents with others is throughout Google Drive, so the User select the documents within its account and the App show the links to download the content shared.
All works fine but the issue is related with permissions. If other users click on any link, it indicates that he needs permission from the owner, so he must wait until access is granted.
Is there any way to avoid this? I mean, the owner share the files knowing it can be downloaded by any other user from the website.
Thanks in advance.
I work for an un-launched startup that handles a large amount of user media. We are looking to integrate Google Drive as a way for a user to store that media.
Is it possible to have read/write access to a user's Google Drive, after obtaining their permission via OAUTH2? More specifically the ability to create folders on their drive and access them for read/write scenarios.
We would also need to be able to generate direct links to their photos, videos, etc.
We've successfully integrated with Dropbox in this manner and would like to offer Google Drive as an alternative. Are these scenarios possible with Google Drive?
Yes, this is absolutely possible.
You will want to read about our Auth Scopes and determine what the minimal set of scopes are that you need to operate. As an example, drive.file scope will enable you to create files & folders, read them, as well as read/write any existing files that a user explicitly opens with your application.
The 'explicitly open' part can be handled in 2 ways. You can register an 'Open' action for your app in the Drive UI for certain file types and you can use our 'File Picker' widget in your app to enable the user to select which files to open/grant access. You can read about opening files in our docs
I have multiple Google Drive Apps published that have different client ids. When one Drive App creates a file, I would like to set the permissions on that file to allow the second Drive App access to that file. My use case is that from the first applications ui, I would like to allow the end user to launch the second application. Currently, the user needs to leave the first application and go to the drive ui and use the context menu to select open with.
In Google Drive UI, there is a context menu that says "View authorized apps...". I am basically looking for an API to add an entry to that list.
Thanks.
Jeremy
That is not possible. For security reasons, an app can only be granted authorization to see a file via direct user action: specifically opening the file with that app via open-with or the web or Android file pickers.
This is a follow up to Google Realtime API - what is the role of a shortcut file in google drive?
What is the effect of share settings on a shortcut file? Does a user need to share this shortcut file with other collaborators?
In my case, my web application already contains share settings between users. These are my own share setting that I store in my database. They are currently sharing between each other but have to edit a file one person at a time. Ideally I would like to just use the settings from my application to seamlessly make it so that they can collaborate at the same time, without having them to once again give edit permissions.
The share settings control who has access to read or write to a realtime document, just like for any other Drive file.
They can be set programmatically via the Drive API, or you can allow users to update settings via a common sharing dialog. See https://developers.google.com/drive/manage-sharing
If you have an existing setup, you could programmatically transfer the share settings to the realtime shortcut files as one-off transition step. We don't generally recommend trying to keep them in sync, as it can be a bit tricky, but its possible.