This guide contains tasks related to managing shared drives, such as creating shared drives and managing members and permissions.
Create shared drives
To create a new shared drive, use drives.create
.
Java
import com.google.api.client.googleapis.json.GoogleJsonResponseException; import com.google.api.client.http.HttpRequestInitializer; import com.google.api.client.http.javanet.NetHttpTransport; import com.google.api.client.json.gson.GsonFactory; import com.google.api.services.drive.DriveScopes; import com.google.api.services.drive.model.Drive; import com.google.auth.http.HttpCredentialsAdapter; import com.google.auth.oauth2.GoogleCredentials; import java.io.IOException; import java.util.Arrays; import java.util.UUID; /* class to demonstrate use-case of Drive's create drive. */ public class CreateDrive { /** * Create a drive. * @return Newly created drive id. * @throws IOException if service account credentials file not found. */ public static String createDrive() throws IOException { /*Load pre-authorized user credentials from the environment. TODO(developer) - See https://developers.google.com/identity for guides on implementing OAuth2 for your application.*/ GoogleCredentials credentials = GoogleCredentials.getApplicationDefault().createScoped(Arrays.asList(DriveScopes.DRIVE)); HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter( credentials); // Build a new authorized API client service. com.google.api.services.drive.Drive service = new com.google.api.services.drive.Drive.Builder(new NetHttpTransport(), GsonFactory.getDefaultInstance(), requestInitializer) .setApplicationName("Drive samples") .build(); Drive driveMetadata = new Drive(); driveMetadata.setName("Project Resources"); String requestId = UUID.randomUUID().toString(); try { Drive drive = service.drives().create(requestId, driveMetadata) .execute(); System.out.println("Drive ID: " + drive.getId()); return drive.getId(); } catch (GoogleJsonResponseException e) { // TODO(developer) - handle error appropriately System.err.println("Unable to create drive: " + e.getDetails()); throw e; } } }
Python
from __future__ import print_function import uuid import google.auth from googleapiclient.discovery import build from googleapiclient.errors import HttpError def create_drive(): """Create a drive. Returns: Id of the created drive Load pre-authorized user credentials from the environment. TODO(developer) - See https://developers.google.com/identity for guides on implementing OAuth2 for the application. """ creds, _ = google.auth.default() try: # create gmail api client service = build('drive', 'v3', credentials=creds) drive_metadata = {'name': 'Project Resources'} request_id = str(uuid.uuid4()) # pylint: disable=maybe-no-member drive = service.drives().create(body=drive_metadata, requestId=request_id, fields='id').execute() print(F'Drive ID: {drive.get("id")}') except HttpError as error: print(F'An error occurred: {error}') drive = None return drive.get('id') if __name__ == '__main__': create_drive()
Node.js
/** * Create a drive. * */ async function createDrive() { // Get credentials and build service // TODO (developer) - Use appropriate auth mechanism for your app const {GoogleAuth} = require('google-auth-library'); const {google} = require('googleapis'); const uuid = require('uuid'); const auth = new GoogleAuth({scopes: 'https://www.googleapis.com/auth/drive'}); const service = google.drive({version: 'v3', auth}); const driveMetadata = { 'name': 'Project resources', }; const requestId = uuid.v4(); try { const Drive= await service.drives.create({ resource: driveMetadata, requestId: requestId, fields: 'id', }); console.log('Drive Id:', Drive.data.id); return Drive.data.id; } catch (err) { // TODO(developer) - Handle error throw err; } }
.NET
using Google.Apis.Auth.OAuth2; using Google.Apis.Drive.v3; using Google.Apis.Drive.v3.Data; using Google.Apis.Services; namespace DriveV3Snippets { // Class to demonstrate use of Drive's create drive. public class CreateDrive { /// <summary> /// Create a drive. /// </summary> /// <returns>newly created drive Id.</returns> public static string DriveCreateDrive() { try { /* Load pre-authorized user credentials from the environment. TODO(developer) - See https://developers.google.com/identity for guides on implementing OAuth2 for your application. */ GoogleCredential credential = GoogleCredential.GetApplicationDefault() .CreateScoped(DriveService.Scope.Drive); // Create Drive API service. var service = new DriveService(new BaseClientService.Initializer { HttpClientInitializer = credential, ApplicationName = "Drive API Snippets" }); var driveMetadata = new Drive() { Name = "Project Resources" }; var requestId = Guid.NewGuid().ToString(); var request = service.Drives.Create(driveMetadata, requestId); request.Fields = "id"; var drive = request.Execute(); Console.WriteLine("Drive ID: " + drive.Id); return drive.Id; } catch (Exception e) { // TODO(developer) - handle error appropriately if (e is AggregateException) { Console.WriteLine("Credential Not found"); } else { throw; } } return null; } } }
Calls to drives.create
are idempotent.
The requestId
parameter identifies the logical attempt to create the shared
drive. If the request times out or returns an indeterminate backend error, the
same request may be repeated. The requestId
and body of the request must
remain the same.
If the shared drive was successfully created on a previous request or as a
result of a retry, the normal response is returned. In some cases, such as
after a prolonged period of time or if the body of the request has changed,
a 409
error may be returned indicating the requestId
must be discarded.
Add or remove shared drive members
Add or remove shared drive members using the
permissions
API.
To add a member, create the permission on the shared drive itself. Permission methods can also be used on individual files within a shared drive to grant members additional privileges or allow non-members to collaborate on specific items.
See Share files and folders for additional details and sample code.
Delete a shared drive
Use the drives.delete
method
to delete a shared drive. All content in the shared drive must be trashed or
deleted prior to deleting the shared drive.
Manage shared drives for domain administrators
Use the useDomainAdminAccess
parameter with the
drives
and
permissions
resources
to manage shared drives across an organization.
Users calling these methods with useDomainAdminAccess=true
must have the
Drive and Docs
administrator privilege.
Administrators can
search for shared drives or
update permissions for shared drives owned by their organization, regardless of
the admin's membership in any given shared drive.
Recover a shared drive that doesn't have an organizer
The following example demonstrates how to use these resources to recover shared drives that no longer have an organizer.
Java
import com.google.api.client.http.HttpRequestInitializer; import com.google.api.client.http.javanet.NetHttpTransport; import com.google.api.client.json.gson.GsonFactory; import com.google.api.services.drive.DriveScopes; import com.google.api.services.drive.model.Drive; import com.google.api.services.drive.model.DriveList; import com.google.api.services.drive.model.Permission; import com.google.auth.http.HttpCredentialsAdapter; import com.google.auth.oauth2.GoogleCredentials; import java.io.IOException; import java.util.ArrayList; import java.util.Arrays; import java.util.List; /* class to demonstrate use-case of Drive's shared drive without an organizer. */ public class RecoverDrive { /** * Find all shared drives without an organizer and add one. * @param realUser User's email id. * @return All shared drives without an organizer. * @throws IOException if shared drive not found. */ public static List<Drive> recoverDrives(String realUser) throws IOException { /*Load pre-authorized user credentials from the environment. TODO(developer) - See https://developers.google.com/identity for guides on implementing OAuth2 for your application.*/ GoogleCredentials credentials = GoogleCredentials.getApplicationDefault().createScoped(Arrays.asList(DriveScopes.DRIVE)); HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter( credentials); // Build a new authorized API client service. com.google.api.services.drive.Drive service = new com.google.api.services.drive.Drive.Builder(new NetHttpTransport(), GsonFactory.getDefaultInstance(), requestInitializer) .setApplicationName("Drive samples") .build(); List<Drive> drives = new ArrayList<Drive>(); // Find all shared drives without an organizer and add one. // Note: This example does not capture all cases. Shared drives // that have an empty group as the sole organizer, or an // organizer outside the organization are not captured. A // more exhaustive approach would evaluate each shared drive // and the associated permissions and groups to ensure an active // organizer is assigned. String pageToken = null; Permission newOrganizerPermission = new Permission() .setType("user") .setRole("organizer"); newOrganizerPermission.setEmailAddress(realUser); do { DriveList result = service.drives().list() .setQ("organizerCount = 0") .setFields("nextPageToken, drives(id, name)") .setUseDomainAdminAccess(true) .setPageToken(pageToken) .execute(); for (Drive drive : result.getDrives()) { System.out.printf("Found drive without organizer: %s (%s)\n", drive.getName(), drive.getId()); // Note: For improved efficiency, consider batching // permission insert requests Permission permissionResult = service.permissions() .create(drive.getId(), newOrganizerPermission) .setUseDomainAdminAccess(true) .setSupportsAllDrives(true) .setFields("id") .execute(); System.out.printf("Added organizer permission: %s\n", permissionResult.getId()); } drives.addAll(result.getDrives()); pageToken = result.getNextPageToken(); } while (pageToken != null); return drives; } }
Python
from __future__ import print_function import google.auth from googleapiclient.discovery import build from googleapiclient.errors import HttpError def recover_drives(real_user): """Find all shared drives without an organizer and add one. Args: real_user:User ID for the new organizer. Returns: drives object Load pre-authorized user credentials from the environment. TODO(developer) - See https://developers.google.com/identity for guides on implementing OAuth2 for the application. """ creds, _ = google.auth.default() try: # create gmail api client service = build('drive', 'v3', credentials=creds) drives = [] # pylint: disable=maybe-no-member page_token = None new_organizer_permission = { 'type': 'user', 'role': 'organizer', 'emailAddress': 'user@example.com' } new_organizer_permission['emailAddress'] = real_user while True: response = service.drives().list( q='organizerCount = 0', fields='nextPageToken, drives(id, name)', useDomainAdminAccess=True, pageToken=page_token).execute() for drive in response.get('drives', []): print(F'Found shared drive without organizer: ' F'{drive.get("title")}, {drive.get("id")}') permission = service.permissions().create( fileId=drive.get('id'), body=new_organizer_permission, useDomainAdminAccess=True, supportsAllDrives=True, fields='id').execute() print(F'Added organizer permission: {permission.get("id")}') drives.extend(response.get('drives', [])) page_token = response.get('nextPageToken', None) if page_token is None: break except HttpError as error: print(F'An error occurred: {error}') return drives if __name__ == '__main__': recover_drives(real_user='gduser1@workspacesamples.dev')
Node.js
/** * Find all shared drives without an organizer and add one. * @param{string} realUser user ID * */ async function recoverDrives(realUser) { // Get credentials and build service // TODO (developer) - Use appropriate auth mechanism for your app const {GoogleAuth} = require('google-auth-library'); const {google} = require('googleapis'); const auth = new GoogleAuth({scopes: 'https://www.googleapis.com/auth/drive'}); const service = google.drive({version: 'v3', auth}); const drives = []; const newOrganizerPermission = { type: 'user', role: 'organizer', value: 'user@example.com', }; newOrganizerPermission.value = realUser; let pageToken = null; try { const res = await service.drives.list({ q: 'organizerCount = 0', fields: 'nextPageToken, items(id, name)', useDomainAdminAccess: true, pageToken: pageToken, }); Array.prototype.push.apply(drives, res.data.items); res.data.items.forEach(function(drive) { console.log('Found shared drive without organizer:', drive.name, drive.id); drive.permissions.create({ resource: newOrganizerPermission, fileId: drive.id, useDomainAdminAccess: true, supportsAllDrives: true, fields: 'id', }); }); pageToken = res.nextPageToken; return !!pageToken; } catch (err) { // TODO(developer) - Handle error throw err; } }
.NET
using Google.Apis.Auth.OAuth2; using Google.Apis.Drive.v3; using Google.Apis.Drive.v3.Data; using Google.Apis.Services; namespace DriveV3Snippets { // Class to demonstrate use-case of Drive's shared drive without an organizer. public class RecoverDrives { /// <summary> /// Find all shared drives without an organizer and add one. /// </summary> /// <param name="realUser">User ID for the new organizer.</param> /// <returns>all shared drives without an organizer.</returns> public static IList<Drive> DriveRecoverDrives(string realUser) { try { /* Load pre-authorized user credentials from the environment. TODO(developer) - See https://developers.google.com/identity for guides on implementing OAuth2 for your application. */ GoogleCredential credential = GoogleCredential.GetApplicationDefault() .CreateScoped(DriveService.Scope.Drive); // Create Drive API service. var service = new DriveService(new BaseClientService.Initializer { HttpClientInitializer = credential, ApplicationName = "Drive API Snippets" }); var drives = new List<Drive>(); // Find all shared drives without an organizer and add one. // Note: This example does not capture all cases. Shared drives // that have an empty group as the sole organizer, or an // organizer outside the organization are not captured. A // more exhaustive approach would evaluate each shared drive // and the associated permissions and groups to ensure an active // organizer is assigned. string pageToken = null; var newOrganizerPermission = new Permission() { Type = "user", Role = "organizer", EmailAddress = realUser }; do { var request = service.Drives.List(); request.UseDomainAdminAccess = true; request.Q = "organizerCount = 0"; request.Fields = "nextPageToken, drives(id, name)"; request.PageToken = pageToken; var result = request.Execute(); foreach (var drive in result.Drives) { Console.WriteLine(("Found abandoned shared drive: {0} ({1})", drive.Name, drive.Id)); // Note: For improved efficiency, consider batching // permission insert requests var permissionRequest = service.Permissions.Create( newOrganizerPermission, drive.Id ); permissionRequest.UseDomainAdminAccess = true; permissionRequest.SupportsAllDrives = true; permissionRequest.Fields = "id"; var permissionResult = permissionRequest.Execute(); Console.WriteLine("Added organizer permission: {0}", permissionResult.Id); } pageToken = result.NextPageToken; } while (pageToken != null); return drives; } catch (Exception e) { // TODO(developer) - handle error appropriately if (e is AggregateException) { Console.WriteLine("Credential Not found"); } else { throw; } } return null; } } }