Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Google Drive API - limit API access to single folder?

My app uses Google Drive API to read files that a user has uploaded to their Drive storage area, and to write files and folders into this same directory. The user logs in with their own account/credentials.

My current understanding is that the only scope (access level) available for me to use in this case is "full drive access".

Is this a correct statement?

Dropbox supports an "Apps" folder where I can use their API to read/write, while being restricted to my own area. I'm surprised that Google doesn't offer something similar, as my users may not want to grant read/write access to their entire Drive storage, when all I need access to is a single directory (and all sub directories within, whether I create or user creates).

To provide a little more info, my app is a flashcard app. I want users, at a minimum, to be able to upload spreadsheets with data to be read in by the app. But users would like it if I didn't need full access to all their data.

like image 777
Ernie Thomason Avatar asked Apr 16 '19 06:04

Ernie Thomason


People also ask

Can I restrict access to a folder in Google Drive?

Find the file or folder in Google Drive, Google Docs, Google Sheets, or Google Slides. Open or select the file or folder. Get link. Select Restricted.

Can I remove one user from all Google Drive folders and sub folders at once?

Remove Access from Multiple FilesSelect all the files by highlighting the first file, hold down your keyboard's Shift key, then move the arrow key down until all documents are highlighted. At the top, click the share icon . Click the X next to each person you want to remove. Click Save changes.

Do Google Drive folder permissions inherit?

Permission lists for a folder propagate downward, and all child files and folders inherit permissions from the parent.


1 Answers

I think the simple answer is... Google Drive doesn't have an "Apps" directory like Dropbox or OneDrive, and if an app want access to files the user uploaded to Drive, the basic way is for the user to grant access to ALL files in Drive.

The "drive.file" scope might work for some since it appears to give access to individual files that the user OK'd. How does the user OK a file? According to the post below, they would send a file from the Drive app to my app.

Google Drive api scope and file access (drive vs drive.files)

I think these are the only two permission options to read user's files using the Drive API (without using a service account).

like image 52
Ernie Thomason Avatar answered Oct 20 '22 17:10

Ernie Thomason