I have added permission to a folder in Google Drive through API method. I see the email (foobar#example.com) invitation in the Drive UI as well.
My problem is that when I try to remove the permission using:
$permissionId = $service->permissions->getIdForEmail($email)
$service->permissions->delete($fileId, $permissionId);
I get an error:
"code": 404,
"message": "Permission not found: xxxxxxxxxx"
How can you remove a permission from the invite using Google Drive API?
Related
I used an service account to upload files to a shared folder in google drive.
After some time I discovered that files owned by service account consumed the service's account drive storage (my bad) and now I have run out drive space for the service account .
I already delegated domain-wide authority to the service account so new files will be owned by me and use my personal storage quota.
Did this: Delegating domain-wide authority to the service account
and this How to use the API Key for Google Drive API from PHP via the google/apiclient
To avoid errors and confusion in the future I'd like to change the owner of older files. I keep getting this error:
{ "error": {
"code": 400,
"message": "Bad Request. User message: \"You can't change the owner of this item.\"",
"errors": [ {
"message": "Bad Request. User message: \"You can't change the owner of this item.\"",
"domain": "global",
"reason": "invalidSharingRequest"
} ]
}
}
Here's my code using PHP Client
$client = new Google_Client();
$client->setApplicationName('My Name');
$client->setScopes(Google_Service_Drive::DRIVE);
$client->setAuthConfig($my_credentials);
$client->setAccessType('offline');
//$client->setSubject('my_personal_account');
$service = new Google_Service_Drive($client);
$newPermission = new Google_Service_Drive_Permission();
$newPermission->setEmailAddress('my_personal_account');
$newPermission->setType('user');
$newPermission->setRole('owner');
$service->permissions->create(
$fileId,
$newPermission,
array("fields" => "id", "transferOwnership" => true)
);
I've got the same error with or without setSubject in the client. I've tried using
$newPermission->setRole('writer');
$newPermission->setPendingOwner(true);
but it didn't work.
Transfering the file ownership can only be done between accounts from the same domain. The error occurs because the service account and your account don't belong to the same domain.
If you have access to a Shared Drive and are able to add users with add files privileges, add the service account and make it move the files to the Shared Drive.
Related
transfer file ownership in Google Drive API
Unable to transfer ownership of file from service account to google drive user
Other related
Google Drive API ownership of files uploaded from service account
Google Drive API - Transfer ownership from Service Account
I am following this example to get server-to-server access working between my PHP application and Google Cloud API's,
https://developers.google.com/api-client-library/php/auth/service-accounts. In particular, I need to access the Drive API.
When I run the application though I get the following error:
Google_Service_Exception : {
"error": "unauthorized_client",
"error_description": "Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested."
}
Here's what I have done:
Created a GCP project
Added a service account to the project, with domain wide delegation, and a set of keys
Enabled the Google Drive API in the project
In my G Suite account, under 'Manage API client access', I have added the Client ID of my service account, with the permission of https://www.googleapis.com/auth/drive
Have I missed a step?
Here's my code:
putenv('GOOGLE_APPLICATION_CREDENTIALS=my_storage/secure/my-app-service-account.json');
$client = new \Google_Client();
$client->setScopes(\Google_Service_Drive::DRIVE_METADATA_READONLY);
$client->useApplicationDefaultCredentials();
$client->setSubject('my_email#my_domain.com');
$drive = new \Google_Service_Drive($client);
echo $drive->about->get();
The example does not include the setScopes() call, however I was getting a scope-related error without it. (The example is not based on the Drive API, so perhaps it's not required in that case?)
UPDATE: In the IAM settings for the GCP, I added the email address of the service account as a Project Owner, but that made no difference.
I found the problem.
In the setScopes() call above, the value passed needs to be the same as the value given when setting up the client in G Suite, in this case https://www.googleapis.com/auth/drive
I know this question has been asked for several times here but none of the solution worked for me.
Following are the steps I followed to create a service account:
Logged in to Google Play Console account.
Then navigated to Settings > API Access from the left panel.
Scrolled down to Service Accounts section and clicked on Create Service Account.
Followed the instruction mentioned on dialog opened.
While creating service account on Google API Console selected Service account Permissions as Project > Owner
Created key and downloaded in json format.
Now came back to Google Play Console and clicked on Grant Access to grant permission as Administrator.
Now I am using this service account to validate In App Purchases on server but I am getting this error:
{
"errors": [
{
"domain": "androidpublisher",
"reason": "permissionDenied",
"message": "The current user has insufficient permissions to perform the requested operation."
}
],
"code": 401,
"message": "The current user has insufficient permissions to perform the requested operation."
}
}
I am using this php lib and service account method to verify purchases.
To show google analytics reports->overview in my admin panel, I use
[Best API to display Google Analytics data in my Admin panel with Codeigniter PHP?
and download from [https://github.com/erebusnz/gapi-google-analytics-php-interface][2]
I follow all the steps
Create a Google Developers project
Create service account for this project, see instructions
Download the .p12 file for this service account, upload to the same folder as gapi.class.php
Enable 'analytics API' on the Google Developers console
In Google Analytics Administration > User Management, give the service account 'Read and Analyse' permissions on the analytics accounts you want to access
and make one file named index.php which code as follow
<?php
require 'example.account.php';
foreach($ga->getResults() as $result)
{
echo $result->getUniquePageviews();
echo $result->getPagePath();
}?>
I made change in gapi.class.php
const account_data_url =
'https://analytics.google.com/analytics/web/#embed/report-
home/a110062270w164329621p165035928/';
const report_data_url =
'https://analytics.google.com/analytics/web/#realtime/rt-
overview/a110062270w164329621p165035928/';
and in example.account.php
$ga = new gapi("eva-277#eva-ceramic.iam.gserviceaccount.com", "key.p12");
but after then it shows error
Fatal error: Uncaught exception 'Exception' with the message 'GAPI:
Failed to authenticate user. Error: "{ "error": "invalid_grant",
"error_description": "Invalid JWT: Token must be a short-lived token
(60 minutes) and in a reasonable timeframe. Check your iat and exp
values and use a clock with the skew to account for clock differences
between systems." } "' in file path....
I try above matter in localhost but in google analytics account show information correctly.
I am getting the following error when I try to setup notification using gsutil command:
gsutil notification watchbucket https://APPLICATION-ID.appspot.com/cron gs://bucket
Watching bucket gs://APPLICATION-ID.appspot.com/ with application URL https://APPLICATION-ID.appspot.com/cron ...
Watch bucket attempt failed:
AccessDeniedException: 403 Forbidden
You attempted to watch a bucket with an application URL of:
https://APPLICATION-ID.appspot.com/cron
which is not authorized for your project. Please ensure that you are using
Service Account authentication and that the Service Account's project is
authorized for the application URL. Notification endpoint URLs must also be
whitelisted in your Cloud Console project. To do that, the domain must also be
verified using Google Webmaster Tools. For instructions, please see:
https://cloud.google.com/storage/docs/object-change-notification#_Authorization
AccessDeniedException: 403 Forbidden
I have followed all the steps from the url below for Notification Authorization:
https://cloud.google.com/storage/docs/object-change-notification
But I am still getting the above error. What step am I missing ?
Thanks
I have fixed the issue myself. I had missed "https://" while adding the domain name.
Thanks