无法访问我的谷歌驱动器带有服务帐户的文件 [英] Not able to access my google drive Files with service account
问题描述
我想创建一个应用程序,它可以将文件添加到谷歌驱动器并将该文件共享给其他用户,比如abc@gmail.com。这个用户abc@gmail.com应该登录到应用程序,然后他可以看到并下载他的驱动器中可用的所有文件。目前我已经使用谷歌驱动器的服务帐户。我可以上传文件到谷歌驱动器,我可以分享给用户abc@gmail.com。但我面临以下问题。
-
使用电子邮件xyz@gmail.com我注册驱动器并创建了一个项目,但是当我创建一个文件并使用驱动器API将其共享给用户abc@gmail.com该文件未在驱动器xyz@gmail.com上列出,但是当我尝试通过API访问该文件时,我可以看到这些文件。
-
对于用户abc@gmail.com,他的驱动器中提供了共享文件,我可以看到当我通过网络访问他的驱动器时,但当我试图通过API访问它时,显示我没有文件。
请告诉我我要去哪里错。我可以做到这一点吗?
对于用户**xyz@gmail.com
$ CLIENT_ID = 'xxxxxxxxx.apps.googleusercontent.com';
$ SERVICE_ACCOUNT_EMAIL ='xxxxxxxxxxxx@developer.gserviceaccount.com';
$ SERVICE_ACCOUNT_PKCS12_FILE_PATH ='xxxxxxxxxx-privatekey.p12'; **
对于用户**abc@gmail.com
$ CLIENT_ID ='yyyyyyyyyyy.apps.googleusercontent.com' ;
$ SERVICE_ACCOUNT_EMAIL ='yyyyyyyyyyyy@developer.gserviceaccount.com';
$ SERVICE_ACCOUNT_PKCS12_FILE_PATH ='yyyyyyyyyyyy-privatekey.p12'; **
使用用户xyz @ gmail ID我创建了一个项目并使用他的上面的clientID,账户电子邮件,密钥文件创建了这个文件:
function insertFile($ service ,$ title,$ description,$ parentId,$ mimeType,$ filename){
$ file = new Google_DriveFile();
$ file-> setTitle($ title);
$ file-> setDescription($ description);
$ file-> setMimeType($ mimeType);
//设置父文件夹。
if($ parentId!= null){
$ parent = new ParentReference();
$ parent-> setId($ parentId);
$ file-> setParents(array($ parent));
}
尝试{
$ data = file_get_contents($ filename);
$ createdFile = $ service-> files-> insert($ file,array(
'data'=> $ data,
'mimeType'=> $ mimeType,
'convert'=> TRUE,
)
);
$ fileID = $ createdFile-> getId();
返回$ fileID;
} catch(Exception $ e){
print发生错误:。 $ E->的getMessage();
exit();
}
}
将此文件与用户abc@gmail.com共享以下代码:
函数insertPermission($ service,$ fileId,$ value ='abc@gmail.com',$ type = 'user',$ role ='writer'){
$ newPermission = new Google_Permission();
$ newPermission-> setValue($ value);
$ newPermission-> setType($ type);
$ newPermission-> setRole($ role);
try {
return $ service-> permissions-> insert($ fileId,$ newPermission);
} catch(Exception $ e){
print发生错误:。 $ E->的getMessage();
}
返回NULL;
}
然后检查abc@gmail.com的文件,我使用他登录clientID,accountEmail和私钥文件,并用于检索下面使用的代码
函数retrieveAllFiles($ service){
$ result = array();
$ pageToken = NULL;
do {
try {
$ parameters = array();
if($ pageToken){
$ parameters ['pageToken'] = $ pageToken;
}
$ files = $ service-> files-> listFiles($ parameters);
$ result = array_merge($ result,$ files-> getItems());
$ pageToken = $ files-> getNextPageToken();
} catch(Exception $ e){
print发生错误:。 $ E->的getMessage();
$ pageToken = NULL;
}
} while($ pageToken);
返回$ result;
}
我认为我使用不同的clientID,accountEmail和私钥,因为这个文件没有列出到abc@gmail.com,但如果我使用相同的clientID,帐户电子邮件和xyz@gmail.com的私钥然后我会得到所有的文件。我想要的只是一些文件将被共享到abc@gmail.com,他应该只获得这些文件。
b $ b 这是因为xyz@gmail.com不拥有或无权访问该文件。服务帐户创建该文件,因此是所有者。您与abc@gmail.com共享该文件,以便他们可以看到该文件,但您从未授予xyz@gmail.com访问该文件的权限。 (xyz@gmail.com创建服务帐户并不重要,该文件明确由服务帐户拥有,而不是xyz@gmail.com)。 如果abc@gmail.com可以访问UI中的文件,那么当通过API进行身份验证时,它们应该具有访问权限。你可以在这里显示你的代码吗?
I want to create an application which can add files to google drive and share that files to other user's say abc@gmail.com. this user abc@gmail.com should login to application and then he can see and download all the files available in his drive. currently I have used the google drive's service account for this. I am able to upload the file to google drive and I can share it to user abc@gmail.com. but I am facing following issues.
using email xyz@gmail.com i registered to drive and created a project but when i creates a file and shares it to user abc@gmail.com using drive API the file is not listing on drive of xyz@gmail.com but when I tries to access that through API I can see the files.
for user abc@gmail.com that shared files is available in his drive and I can see that when I access his drive through web but when I tried to access that through API it shows me no file.
Please suggest me that where I am going wrong. Is it possible for me to do this or not?
for user **xyz@gmail.com
$CLIENT_ID='xxxxxxxxx.apps.googleusercontent.com';
$SERVICE_ACCOUNT_EMAIL = 'xxxxxxxxxxxx@developer.gserviceaccount.com';
$SERVICE_ACCOUNT_PKCS12_FILE_PATH = 'xxxxxxxxxx-privatekey.p12';**
For user **abc@gmail.com
$CLIENT_ID='yyyyyyyyyyy.apps.googleusercontent.com';
$SERVICE_ACCOUNT_EMAIL = 'yyyyyyyyyyyy@developer.gserviceaccount.com';
$SERVICE_ACCOUNT_PKCS12_FILE_PATH = 'yyyyyyyyyyyy-privatekey.p12';**
Using user xyz@gmail ID I created a project and using his above clientID,account email, Key file created the file:
function insertFile($service, $title, $description, $parentId, $mimeType, $filename) {
$file = new Google_DriveFile();
$file->setTitle($title);
$file->setDescription($description);
$file->setMimeType($mimeType);
// Set the parent folder.
if ($parentId != null) {
$parent = new ParentReference();
$parent->setId($parentId);
$file->setParents(array($parent));
}
try {
$data = file_get_contents($filename);
$createdFile = $service->files->insert($file, array(
'data' => $data,
'mimeType' => $mimeType,
'convert' =>TRUE,
)
);
$fileID = $createdFile->getId();
return $fileID;
} catch (Exception $e) {
print "An error occurred: " . $e->getMessage();
exit();
}
}
Shared This file to user abc@gmail.com with Following code:
function insertPermission($service, $fileId, $value='abc@gmail.com', $type = 'user', $role = 'writer') {
$newPermission = new Google_Permission();
$newPermission->setValue($value);
$newPermission->setType($type);
$newPermission->setRole($role);
try {
return $service->permissions->insert($fileId, $newPermission);
} catch (Exception $e) {
print "An error occurred: " . $e->getMessage();
}
return NULL;
}
Then to check the files for abc@gmail.com I logged in using his clientID,accountEmail and private key file and for retriving the files I used below code
function retrieveAllFiles($service) {
$result = array();
$pageToken = NULL;
do {
try {
$parameters = array();
if ($pageToken) {
$parameters['pageToken'] = $pageToken;
}
$files = $service->files->listFiles($parameters);
$result = array_merge($result, $files->getItems());
$pageToken = $files->getNextPageToken();
} catch (Exception $e) {
print "An error occurred: " . $e->getMessage();
$pageToken = NULL;
}
} while ($pageToken);
return $result;
}
What I think that I am using different clientID, accountEmail and private key because of this the files are not listing to abc@gmail.com but if I use the same clientID,account email and private key of xyz@gmail.com then I will get all the file. What I want is only some files will be shared to abc@gmail.com and he should get only those files.
That's because xyz@gmail.com doesn't own or have any access to the file. The service account created the file and is thus the owner. You shared the file with abc@gmail.com so they can see the file but you never gave xyz@gmail.com access to the file. (The fact that xyz@gmail.com created the Service account does not matter here, the file is explicitly owned by the service account, not xyz@gmail.com).
If abc@gmail.com has access to the file in the UI, they should have access when authenticated via the API. Can you show your code here?
这篇关于无法访问我的谷歌驱动器带有服务帐户的文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!