Reputation: 215
Google Drive API service account - file sharing within domain
I am trying to manage file sharing permission within certain domain using a service account.
Here is the process:
Authorize thru a service account
Create a folder using service account
Upload all the files under the folder
Insert the permission on the folder with
user_permission = {
'value': issuer_email, (ex. [email protected])
'type': 'user',
'role': 'writer'
}
drive_service.permissions().insert(fileId=f_id, body=user_permission, fields="id").execute()
domain_permission = {
'type': 'domain',
'role': 'writer',
'domain': 'company.com'
}
drive_service.permissions().insert(fileId=f_id, body=domain_permission, fields="id").execute()
For the first 3 steps it goes well. But I am not getting the error for the step (4):
<HttpError 400 when requesting https://www.googleapis.com/drive/v2/files/1RqQUiSKP05ELbPX18YpcoqTGTG_RD2j4/permissions?fields=id&alt=json returned "Permission value field required">
I tried resolving this error by adding different fields but no luck. Also its generating the file and folder I wanted, but the folders and files can be share outside the company domain. (with the share button enable there and I can access it from other domain.)
So how can I limit the file sharing within the domain? Like in the Google Drive UI prompt for sharing, if I choose any email address which is not qualified, it should not be able to share.
Thanks!!! If I am not even on the right track, please kindly give me some pointer for how to do this.
UPDATES
To be more specific, I would want to achieve this:
With the second input field, though I can share files with ppl outside the domain, but ppl would need to ask for permission to access it. For not its not asking for permission.
Upvotes: 0
Views: 1440
Answers (2)
Reputation: 1
If you use a service account to upload and share files, you should make sure that "sendNotificationEmails" is set to False to avoid "You cannot share this item because it has been flagged as inappropriate." The reason is that the api is trying to avid spamming with emails users that potentially has nothing to do with your shared-file.
Upvotes: 0
Reputation: 116868
Looks like you have some extra code with your value that is probably causing your issue. Try checking the documented example
file_id = '1sTWaJ_j7PkjzaBWtNc3IzovK5hQf21FbOw9yLeeLPNQ'
def callback(request_id, response, exception):
if exception:
# Handle error
print exception
else:
print "Permission Id: %s" % response.get('id')
batch = drive_service.new_batch_http_request(callback=callback)
user_permission = {
'type': 'user',
'role': 'writer',
'value': '[email protected]'
}
batch.add(drive_service.permissions().insert(
fileId=file_id,
body=user_permission,
fields='id',
))
domain_permission = {
'type': 'domain',
'role': 'reader',
'value': 'example.com'
}
batch.add(drive_service.permissions().insert(
fileId=file_id,
body=domain_permission,
fields='id',
))
batch.execute()
Code ripped from the documentation for Drive v2 manage sharing
Upvotes: 1
Related Questions
- Google Drive API Python Service Account Example
- Google Drive Authenticate and Download Files with Service Account
- Google Drive API - How to work with the domain-wide service account
- Google API Service Account. Can only see service accounts drive even with Domain Wide Delegation Access
- How to get access to shared files in a domain with a service account using the Google Drive API?
- Google Drive API - Granting Access to Files in a Folder to Service Account
- How to upload file to google drive with service account credential
- Google Drive: Application-Owned Accounts
- Sharing file in Google Drive with public
- Google API Service Accounts with Drive SDK