Accessing Files and Folders in Team Drive

2019-03-04 09:22发布

问题:

I'm using Google Apps Script and V2 of the Drive API (I don't think V3 is available in scripts yet) to automate file creation inside of a Team Drive. I'd like to add editors with the script with no success.

I can access the Team Drive and child folders using the FolderIterator in the standard DriveApp methods.

Attempt 1

function addUserToTeam(email, folders) {

  // Open the team drive and get all the folders
  var teamFolders = DriveApp.getFolderById('TEAMDRIVEIDSTRING').getFolders();

  var folders = ["folderIdToMatch"]  // This may hold multiple folders

  try {
  // Loop an array of folder IDs
    for(var i=0; i<folders.length; i++) {

      // Check the team drive folders for a matching name
      while(teamFolders.hasNext()) {
        var teamFolder = teamFolders.next();
        if(folders[i] == teamFolder.getId()) {
          teamFolder.addEditor(email);
        }
      }
    }
  } catch(e) {
    Logger.log(e);
  }
}

This failed with Exception: Cannot use this operation on a Team Drive item.

Attempt 2

I tried the Drive API by substituting teamFolder.addEditor(email) a Permissions resource:

if(folders[i] == teamFolder.getId()) {
  var resource = {
    "type":"user",
    "role":"writer",
    "value": email
  }
  Drive.Permissions.insert(resource, teamFolder.getId());
}

This fails with a File not found error.

I can find the folder (or file) with DriveApp methods. Any attempt at the same with the Drive API fails.

I cannot find any documentation saying Team Drive files are inaccessible with the API. Is there something wrong with my approach?

回答1:

After more research and digging, here's the solution for people with similar use cases.

  1. You can access files to an entire Team Drive or to files inside the Drive, but not folders. This is done on purpose to prevent accidentally giving access to directories of sensitive information to people who shouldn't have access.

  2. To give access, supportsTeamDrives is an optional argument in the request body that takes a boolean value. Set this to true and pass in the API call. A successful function is below.

  3. The only way to achieve the outcome I described is to use multiple Team Drives and give access to users based on some event. Another option would be to promote a user to Full permissions (from edit or view) for the duration of the project and then revoke when completed.

Add a user to a Team Drive (This also works for single files in a Drive)

// Using Google Apps Script with v2 of the Drive API enabled
function addToTeamDrive() {

  var resource = {
      'value': emailString,
      'type': 'user',
      'role': 'writer'
    }

    // If you have several Team Drives, loop through and give access
    try {
      var TeamDrive = Drive.Teamdrives.list();

      for(var i=0; i<TeamDrive.items.length; i++) {

        if(TeamDrive.items[i].name === "Team Drive String") {

          // This ID may also be a single file inside a Team Drive
          var id = TeamDrive.items[i].id;
        }
      }

      // Add user permissions to the matched Drive
      Drive.Permissions.insert(resource, id, {"supportsTeamDrives": true});
    } catch(e) {

      Logger.log(e);
    }
}


回答2:

You can access but there's alot you can't do like removeFile() or getUrl() even when you have full access. You will still get the

{error: "Exception: Cannot use this operation on a Team Drive item."}

Workaround is to use setTrashed() instead of removeFile() on files/folders.