This guide contains tasks related to managing shared drives, such as creating shared drives and managing members and permissions.
Create shared drives
To create a new shared drive, use drives.create.
Java
drive/snippets/drive_v3/src/main/java/CreateDrive.java
import com.google.api.client.googleapis.json.GoogleJsonResponseException;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.gson.GsonFactory;
import com.google.api.services.drive.DriveScopes;
import com.google.api.services.drive.model.Drive;
import com.google.auth.http.HttpCredentialsAdapter;
import com.google.auth.oauth2.GoogleCredentials;
import java.io.IOException;
import java.util.Arrays;
import java.util.UUID;
/* class to demonstrate use-case of Drive's create drive. */
public class CreateDrive {
/**
* Create a drive.
*
* @return Newly created drive id.
* @throws IOException if service account credentials file not found.
*/
public static String createDrive() throws IOException {
/*Load pre-authorized user credentials from the environment.
TODO(developer) - See https://developers.google.com/identity for
guides on implementing OAuth2 for your application.*/
GoogleCredentials credentials =
GoogleCredentials.getApplicationDefault().createScoped(Arrays.asList(DriveScopes.DRIVE));
HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter(
credentials);
// Build a new authorized API client service.
com.google.api.services.drive.Drive service =
new com.google.api.services.drive.Drive.Builder(new NetHttpTransport(),
GsonFactory.getDefaultInstance(),
requestInitializer)
.setApplicationName("Drive samples")
.build();
Drive driveMetadata = new Drive();
driveMetadata.setName("Project Resources");
String requestId = UUID.randomUUID().toString();
try {
Drive drive = service.drives().create(requestId,
driveMetadata)
.execute();
System.out.println("Drive ID: " + drive.getId());
return drive.getId();
} catch (GoogleJsonResponseException e) {
// TODO(developer) - handle error appropriately
System.err.println("Unable to create drive: " + e.getDetails());
throw e;
}
}
}
Python
drive/snippets/drive-v3/drive_snippet/create_drive.py
from __future__ import print_function
import uuid
import google.auth
from googleapiclient.discovery import build
from googleapiclient.errors import HttpError
def create_drive():
"""Create a drive.
Returns:
Id of the created drive
Load pre-authorized user credentials from the environment.
TODO(developer) - See https://developers.google.com/identity
for guides on implementing OAuth2 for the application.
"""
creds, _ = google.auth.default()
try:
# create drive api client
service = build('drive', 'v3', credentials=creds)
drive_metadata = {'name': 'Project Resources'}
request_id = str(uuid.uuid4())
# pylint: disable=maybe-no-member
drive = service.drives().create(body=drive_metadata,
requestId=request_id,
fields='id').execute()
print(F'Drive ID: {drive.get("id")}')
except HttpError as error:
print(F'An error occurred: {error}')
drive = None
return drive.get('id')
if __name__ == '__main__':
create_drive()
Node.js
drive/snippets/drive_v3/drive_snippets/create_drive.js
/**
* Create a drive.
* */
async function createDrive() {
// Get credentials and build service
// TODO (developer) - Use appropriate auth mechanism for your app
const {GoogleAuth} = require('google-auth-library');
const {google} = require('googleapis');
const uuid = require('uuid');
const auth = new GoogleAuth({
scopes: 'https://www.googleapis.com/auth/drive',
});
const service = google.drive({version: 'v3', auth});
const driveMetadata = {
name: 'Project resources',
};
const requestId = uuid.v4();
try {
const Drive = await service.drives.create({
resource: driveMetadata,
requestId: requestId,
fields: 'id',
});
console.log('Drive Id:', Drive.data.id);
return Drive.data.id;
} catch (err) {
// TODO(developer) - Handle error
throw err;
}
}
PHP
drive/snippets/drive_v3/src/DriveCreateDrive.php
use Google\Client;
use Google\Service\Drive;
use Ramsey\Uuid\Uuid;
function createDrive()
{
try {
$client = new Client();
$client->useApplicationDefaultCredentials();
$client->addScope(Drive::DRIVE);
$driveService = new Drive($client);
$driveMetadata = new Drive\Drive(array(
'name' => 'Project Resources'));
$requestId = Uuid::uuid4()->toString();
$drive = $driveService->drives->create($requestId, $driveMetadata, array(
'fields' => 'id'));
printf("Drive ID: %s\n", $drive->id);
return $drive->id;
} catch(Exception $e) {
echo "Error Message: ".$e;
}
}
.NET
drive/snippets/drive_v3/DriveV3Snippets/CreateDrive.cs
using Google.Apis.Auth.OAuth2;
using Google.Apis.Drive.v3;
using Google.Apis.Drive.v3.Data;
using Google.Apis.Services;
namespace DriveV3Snippets
{
// Class to demonstrate use of Drive's create drive.
public class CreateDrive
{
/// <summary>
/// Create a drive.
/// </summary>
/// <returns>newly created drive Id.</returns>
public static string DriveCreateDrive()
{
try
{
/* Load pre-authorized user credentials from the environment.
TODO(developer) - See https://developers.google.com/identity for
guides on implementing OAuth2 for your application. */
GoogleCredential credential = GoogleCredential.GetApplicationDefault()
.CreateScoped(DriveService.Scope.Drive);
// Create Drive API service.
var service = new DriveService(new BaseClientService.Initializer
{
HttpClientInitializer = credential,
ApplicationName = "Drive API Snippets"
});
var driveMetadata = new Drive()
{
Name = "Project Resources"
};
var requestId = Guid.NewGuid().ToString();
var request = service.Drives.Create(driveMetadata, requestId);
request.Fields = "id";
var drive = request.Execute();
Console.WriteLine("Drive ID: " + drive.Id);
return drive.Id;
}
catch (Exception e)
{
// TODO(developer) - handle error appropriately
if (e is AggregateException)
{
Console.WriteLine("Credential Not found");
}
else
{
throw;
}
}
return null;
}
}
}
Calls to drives.create are idempotent.
The requestId parameter identifies the logical attempt to create the shared
drive. If the request times out or returns an indeterminate backend error, the
same request may be repeated. The requestId and body of the request must
remain the same.
If the shared drive was successfully created on a previous request or as a
result of a retry, the normal response is returned. In some cases, such as
after a prolonged period of time or if the body of the request has changed,
a 409 error may be returned indicating the requestId must be discarded.
Add or remove shared drive members
Add or remove shared drive members using the
permissions API.
To add a member, create the permission on the shared drive itself. Permission methods can also be used on individual files within a shared drive to grant members additional privileges or allow non-members to collaborate on specific items.
See Share files and folders for additional details and sample code.
Delete a shared drive
Use the drives.delete method
to delete a shared drive. All content in the shared drive must be trashed or
deleted prior to deleting the shared drive.
Manage shared drives for domain administrators
Use the useDomainAdminAccess parameter with the
drives and
permissions resources
to manage shared drives across an organization.
Users calling these methods with useDomainAdminAccess=true must have the
Drive and Docs administrator privilege.
Administrators can
search for shared drives or
update permissions for shared drives owned by their organization, regardless of
the admin's membership in any given shared drive.
Recover a shared drive that doesn't have an organizer
The following example demonstrates how to use these resources to recover shared drives that no longer have an organizer.
Java
drive/snippets/drive_v3/src/main/java/RecoverDrive.java
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.gson.GsonFactory;
import com.google.api.services.drive.DriveScopes;
import com.google.api.services.drive.model.Drive;
import com.google.api.services.drive.model.DriveList;
import com.google.api.services.drive.model.Permission;
import com.google.auth.http.HttpCredentialsAdapter;
import com.google.auth.oauth2.GoogleCredentials;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
/* class to demonstrate use-case of Drive's shared drive without an organizer. */
public class RecoverDrive {
/**
* Find all shared drives without an organizer and add one.
*
* @param realUser User's email id.
* @return All shared drives without an organizer.
* @throws IOException if shared drive not found.
*/
public static List<Drive> recoverDrives(String realUser)
throws IOException {
/*Load pre-authorized user credentials from the environment.
TODO(developer) - See https://developers.google.com/identity for
guides on implementing OAuth2 for your application.*/
GoogleCredentials credentials =
GoogleCredentials.getApplicationDefault().createScoped(Arrays.asList(DriveScopes.DRIVE));
HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter(
credentials);
// Build a new authorized API client service.
com.google.api.services.drive.Drive service =
new com.google.api.services.drive.Drive.Builder(new NetHttpTransport(),
GsonFactory.getDefaultInstance(),
requestInitializer)
.setApplicationName("Drive samples")
.build();
List<Drive> drives = new ArrayList<Drive>();
// Find all shared drives without an organizer and add one.
// Note: This example does not capture all cases. Shared drives
// that have an empty group as the sole organizer, or an
// organizer outside the organization are not captured. A
// more exhaustive approach would evaluate each shared drive
// and the associated permissions and groups to ensure an active
// organizer is assigned.
String pageToken = null;
Permission newOrganizerPermission = new Permission()
.setType("user")
.setRole("organizer");
newOrganizerPermission.setEmailAddress(realUser);
do {
DriveList result = service.drives().list()
.setQ("organizerCount = 0")
.setFields("nextPageToken, drives(id, name)")
.setUseDomainAdminAccess(true)
.setPageToken(pageToken)
.execute();
for (Drive drive : result.getDrives()) {
System.out.printf("Found drive without organizer: %s (%s)\n",
drive.getName(), drive.getId());
// Note: For improved efficiency, consider batching
// permission insert requests
Permission permissionResult = service.permissions()
.create(drive.getId(), newOrganizerPermission)
.setUseDomainAdminAccess(true)
.setSupportsAllDrives(true)
.setFields("id")
.execute();
System.out.printf("Added organizer permission: %s\n",
permissionResult.getId());
}
drives.addAll(result.getDrives());
pageToken = result.getNextPageToken();
} while (pageToken != null);
return drives;
}
}
Python
drive/snippets/drive-v3/drive_snippet/recover_drives.py
from __future__ import print_function
import google.auth
from googleapiclient.discovery import build
from googleapiclient.errors import HttpError
def recover_drives(real_user):
"""Find all shared drives without an organizer and add one.
Args:
real_user:User ID for the new organizer.
Returns:
drives object
Load pre-authorized user credentials from the environment.
TODO(developer) - See https://developers.google.com/identity
for guides on implementing OAuth2 for the application.
"""
creds, _ = google.auth.default()
try:
# create drive api client
service = build('drive', 'v3', credentials=creds)
drives = []
# pylint: disable=maybe-no-member
page_token = None
new_organizer_permission = {
'type': 'user',
'role': 'organizer',
'emailAddress': 'user@example.com'
}
new_organizer_permission['emailAddress'] = real_user
while True:
response = service.drives().list(
q='organizerCount = 0',
fields='nextPageToken, drives(id, name)',
useDomainAdminAccess=True, pageToken=page_token).execute()
for drive in response.get('drives', []):
print(F'Found shared drive without organizer: '
F'{drive.get("title")}, {drive.get("id")}')
permission = service.permissions().create(
fileId=drive.get('id'),
body=new_organizer_permission,
useDomainAdminAccess=True,
supportsAllDrives=True,
fields='id').execute()
print(F'Added organizer permission: {permission.get("id")}')
drives.extend(response.get('drives', []))
page_token = response.get('nextPageToken', None)
if page_token is None:
break
except HttpError as error:
print(F'An error occurred: {error}')
return drives
if __name__ == '__main__':
recover_drives(real_user='gduser1@workspacesamples.dev')
Node.js
drive/snippets/drive_v3/drive_snippets/recover_drives.js
/**
* Find all shared drives without an organizer and add one.
* @param{string} userEmail user ID to assign ownership to
* */
async function recoverDrives(userEmail) {
// Get credentials and build service
// TODO (developer) - Use appropriate auth mechanism for your app
const {GoogleAuth} = require('google-auth-library');
const {google} = require('googleapis');
const auth = new GoogleAuth({
scopes: 'https://www.googleapis.com/auth/drive',
});
const service = google.drive({version: 'v3', auth});
const drives = [];
const newOrganizerPermission = {
type: 'user',
role: 'organizer',
emailAddress: userEmail, // Example: 'user@example.com'
};
let pageToken = null;
try {
const res = await service.drives.list({
q: 'organizerCount = 0',
fields: 'nextPageToken, drives(id, name)',
useDomainAdminAccess: true,
pageToken: pageToken,
});
Array.prototype.push.apply(drives, res.data.items);
for (const drive of res.data.drives) {
console.log(
'Found shared drive without organizer:',
drive.name,
drive.id,
);
await service.permissions.create({
resource: newOrganizerPermission,
fileId: drive.id,
useDomainAdminAccess: true,
supportsAllDrives: true,
fields: 'id',
});
}
pageToken = res.nextPageToken;
} catch (err) {
// TODO(developer) - Handle error
throw err;
}
return drives;
}
PHP
drive/snippets/drive_v3/src/DriveRecoverDrives.php
use Google\Client;
use Google\Service\Drive;
use Ramsey\Uuid\Uuid;
function recoverDrives()
{
try {
$client = new Client();
$client->useApplicationDefaultCredentials();
$client->addScope(Drive::DRIVE);
$driveService = new Drive($client);
$realUser = readline("Enter user email address: ");
$drives = array();
// Find all shared drives without an organizer and add one.
// Note: This example does not capture all cases. Shared drives
// that have an empty group as the sole organizer, or an
// organizer outside the organization are not captured. A
// more exhaustive approach would evaluate each shared drive
// and the associated permissions and groups to ensure an active
// organizer is assigned.
$pageToken = null;
$newOrganizerPermission = new Drive\Permission(array(
'type' => 'user',
'role' => 'organizer',
'emailAddress' => 'user@example.com'
));
$newOrganizerPermission['emailAddress'] = $realUser;
do {
$response = $driveService->drives->listDrives(array(
'q' => 'organizerCount = 0',
'fields' => 'nextPageToken, drives(id, name)',
'useDomainAdminAccess' => true,
'pageToken' => $pageToken
));
foreach ($response->drives as $drive) {
printf("Found shared drive without organizer: %s (%s)\n",
$drive->name, $drive->id);
$permission = $driveService->permissions->create($drive->id,
$newOrganizerPermission,
array(
'fields' => 'id',
'useDomainAdminAccess' => true,
'supportsAllDrives' => true
));
printf("Added organizer permission: %s\n", $permission->id);
}
array_push($drives, $response->drives);
$pageToken = $response->pageToken;
} while ($pageToken != null);
return $drives;
} catch(Exception $e) {
echo "Error Message: ".$e;
}
}
.NET
drive/snippets/drive_v3/DriveV3Snippets/RecoverDrives.cs
using Google.Apis.Auth.OAuth2;
using Google.Apis.Drive.v3;
using Google.Apis.Drive.v3.Data;
using Google.Apis.Services;
namespace DriveV3Snippets
{
// Class to demonstrate use-case of Drive's shared drive without an organizer.
public class RecoverDrives
{
/// <summary>
/// Find all shared drives without an organizer and add one.
/// </summary>
/// <param name="realUser">User ID for the new organizer.</param>
/// <returns>all shared drives without an organizer.</returns>
public static IList<Drive> DriveRecoverDrives(string realUser)
{
try
{
/* Load pre-authorized user credentials from the environment.
TODO(developer) - See https://developers.google.com/identity for
guides on implementing OAuth2 for your application. */
GoogleCredential credential = GoogleCredential.GetApplicationDefault()
.CreateScoped(DriveService.Scope.Drive);
// Create Drive API service.
var service = new DriveService(new BaseClientService.Initializer
{
HttpClientInitializer = credential,
ApplicationName = "Drive API Snippets"
});
var drives = new List<Drive>();
// Find all shared drives without an organizer and add one.
// Note: This example does not capture all cases. Shared drives
// that have an empty group as the sole organizer, or an
// organizer outside the organization are not captured. A
// more exhaustive approach would evaluate each shared drive
// and the associated permissions and groups to ensure an active
// organizer is assigned.
string pageToken = null;
var newOrganizerPermission = new Permission()
{
Type = "user",
Role = "organizer",
EmailAddress = realUser
};
do
{
var request = service.Drives.List();
request.UseDomainAdminAccess = true;
request.Q = "organizerCount = 0";
request.Fields = "nextPageToken, drives(id, name)";
request.PageToken = pageToken;
var result = request.Execute();
foreach (var drive in result.Drives)
{
Console.WriteLine(("Found abandoned shared drive: {0} ({1})",
drive.Name, drive.Id));
// Note: For improved efficiency, consider batching
// permission insert requests
var permissionRequest = service.Permissions.Create(
newOrganizerPermission,
drive.Id
);
permissionRequest.UseDomainAdminAccess = true;
permissionRequest.SupportsAllDrives = true;
permissionRequest.Fields = "id";
var permissionResult = permissionRequest.Execute();
Console.WriteLine("Added organizer permission: {0}", permissionResult.Id);
}
pageToken = result.NextPageToken;
} while (pageToken != null);
return drives;
}
catch (Exception e)
{
// TODO(developer) - handle error appropriately
if (e is AggregateException)
{
Console.WriteLine("Credential Not found");
}
else
{
throw;
}
}
return null;
}
}
}