如何使用Google Drive .NET API v3的服务帐户访问团队云端硬盘 [英] How to access Team Drive using service account with Google Drive .NET API v3
问题描述
有人知道应该采用哪些配置来授予Google服务帐户访问已创建的团队云端硬盘的权限吗?
这个想法是使用服务帐户在.NET后端应用程序中,用于从/从Team Drive上载/下载文件,该文件由公司员工共享。例如,公司拥有 company.com 域,并在Google上提供 name.surname@company.com 用户帐户。还有一个员工团队驱动。其中一个帐户(不是admin)用于创建服务帐户,并且这些步骤已完成:
我无法在有关如何授予服务帐户访问团队云端硬盘的文档中找到任何提及,以便所有上传的文件/文件夹有权访问团队云端硬盘。现在,当我创建一个文件夹或使用服务帐户上传文件时,它将它们放入一个文件夹中私人驱动器,它只属于服务帐户。
可能有一种解决方法:将文件上传到服务帐户的私人驱动器并与用户共享(这是不是所需要的),但是,如果有人告诉我如何做到这一点,我会很高兴。
下面是授予访问的步骤基于从所述这些步骤需要一个帐户服务和应用管理员角色。
- 登录Google管理员并转至 Apps - > G Suite - >云端硬盘和文档 - >共享设置子菜单,然后从共享选项中选择开启 点击管理团队云端硬盘子菜单,然后点击要授予访问权限的团队云端硬盘 在成员访问权限添加成员 >弹出
- 输入服务帐户帐户ID(电子邮件),选择访问级别(我选择完整),检查跳过发送通知,然后单击 SEND
假设认证部分设置正确,这是一个简单的代码,可以获取服务帐户的团队云端硬盘:
var teamDriveList = service.Teamdrives.List();
teamDriveList.Fields =teamDrives(kind,id,name);
var teamDrives = teamDriveList.Execute()。TeamDrives;
if(teamDrives!= null& teamDrives.Count> 0)
{
foreach(teamDrives中的var驱动器)
{
Console.WriteLine({0}({1}),drive.Name,drive.Id);
更多关于 Fields 参数的语法这里
Does anyone know which configurations should be done to grant Google service account an access to a Team Drive which is already created?
The idea is to use a service account in a .NET backend application for uploading/downloading files to/from Team Drive which is shared among company employees. For example, company has its company.com domain and provides name.surname@company.com user accounts at Google. Also there is a Team Drive for the employees. One of those accounts (not admin) was used to create the service account and these steps were done so far:
- Created a project for an organization in Google Cloud Platform
- Enabled Google Drive API
- Created a service account
- Created a key for that service account
- Assigned Editor/Owner role in IAM tab
- Enabled G Suite Domain-wide Delegation for the service account using the Client ID as described here using G Suite admin account.
I couldn't find any mention in the documentation about how to grant the service account an access to Team Drive so that all uploaded files/folders could be visible to all users who have access to the Team Drive. Any useful link on how to do that is appreciated a lot.
For now, when I create a folder or upload a file using the service account, it puts them in a private Drive which belongs to the service account only.
There could be a possible workaround: to upload the files to service account's private drive and share them with the users (this is not preferred by the requirements), but still, if someone tells how exactly to do this, I'll be happy.
Here are the steps to grant access based on the documentation from the comment in addition to the steps in the question.
These steps require an account with Services and Apps admin role.
- Sign-in to Google Admin and go to Apps -> G Suite -> Drive and Docs -> Sharing Settings sub-menu and select ON from the Sharing options
- Click on the Manage Team Drives sub-menu and click on the Team Drive you want to grant access to
- Click on ADD MEMBERS in the Member access pop-up
- Enter the service account Account ID (email), choose access level (I chose Full), check the Skip sending notification and click on SEND
Assuming the authentication part is set up properly, here is a simple code which gets service account's Team Drives:
var teamDriveList = service.Teamdrives.List();
teamDriveList.Fields = "teamDrives(kind, id, name)";
var teamDrives = teamDriveList.Execute().TeamDrives;
if (teamDrives != null && teamDrives.Count > 0)
{
foreach (var drive in teamDrives)
{
Console.WriteLine("{0} ({1})", drive.Name, drive.Id);
}
}
More on the Fields parameter syntax here
这篇关于如何使用Google Drive .NET API v3的服务帐户访问团队云端硬盘的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
