How to list files inside all Shared Drives in a domain with Google Drive API?

Question

I'm trying to list all files inside all Shared Drives that were created within my organisation. Although, when I try to get the files of a specific drive, I get:

Error 403: The attempted action requires shared drive membership., teamDriveMembershipRequired

Which makes sense, because my user does not belong to that Shared Drive. I could impersonate a user that is an owner, and I assume that would work, although the Drives List (API I'm using to get the Shared Drives list) does not provide details about the owners of the shared drive.

If I impersonate an admin user or use a service account to get the DriveId I get the same 403 error.

package main

imports ... 

func main() {
    d := drive.New(drive.Service{
        Ctx:     ctx,
        User:    nil,
        Query:   "",
        Limiter: &driveQuota,
    })

    driveList := d.GetDrivesList()
    for _, sharedDrive := range driveList.Drives {
        files := d.GetSharedDriveFiles(sharedDrive.Id)
        for _, f := range files {
            j, _ := f.MarshalJSON()
            logrus.Println(string(j))
        }
    }
}

package drive

imports ...

func New(options Service) Service {
    var c *http.Client
    if options.User != nil {
        c = client.New(options.Ctx, options.User.PrimaryEmail, drive.DriveScope)
    } else {
        apiUser := os.Getenv("API_USER")
        c = client.New(options.Ctx, apiUser, drive.DriveScope)
    }

    srv, err := drive.NewService(options.Ctx, option.WithHTTPClient(c))
    errorchecker.Check(err, "Unable to create Drive service")

    return Service{srv, options.Ctx, options.User, options.Query, options.Limiter}
}

func (d *Service) GetDrivesList() *drive.DriveList {
    srv := d.service

    driveList, err := srv.Drives.List().UseDomainAdminAccess(true).Do()
    errorchecker.Check(err, "Unable to get Drives list")

    return driveList
}

func (d *Service) GetSharedDriveFiles(id string) []*drive.File  {
    srv := d.service

    var sharedDriveFiles []*drive.File
    listFiles := func(r *drive.FileList) error {
        sharedDriveFiles = append(sharedDriveFiles, r.Files...)
        return nil
    }

    err := srv.Files.List().Corpora("drive").DriveId(id).SupportsAllDrives(true).IncludeItemsFromAllDrives(true).Fields("files(id,ownedByMe,permissions,shared,sharingUser,trashed,properties,appProperties,name)").PageSize(1000).Pages(d.Ctx, listFiles)
    errorchecker.Check(err, "Unable to get Shared Drive files")

    return sharedDriveFiles
}

package client

imports ...

func New(ctx context.Context, subject interface{}, scope ...string) *http.Client {
    cert := os.Getenv("CERT")
    b, err := ioutil.ReadFile(cert)
    errorchecker.Check(err, "Unable to read secret file")

    config, err := google.JWTConfigFromJSON(b, scope...)
    errorchecker.Check(err, "Unable to parse utils secret file to config")

    if subject != nil {
        config.Subject = subject.(string)
    }

    return config.Client(ctx)
}

**If I impersonate an admin user or use a service account to get the DriveId I get the same 403 error.** please include your authorization code — Linda Lawton - DaImTo, Apr 21 '21 at 08:39
I have omitted some parts of the code which were not relevant. Let me know if this is enough. — KadoBOT, Apr 21 '21 at 08:53
Can the user you are impersonating open the drive in the browser? — Martí, Apr 21 '21 at 11:46

KadoBOT · Answer 1 · 2021-04-22T08:33:13.820

0

It seems that my issue is related to this answer and not to how I authenticate. Even as an admin, I won't have access to the files in the shared drive if I don't belong to it.

edited Apr 22 '21 at 08:33

answered Apr 22 '21 at 07:52

KadoBOT

2,944
4
16
34

How to list files inside all Shared Drives in a domain with Google Drive API?

1 Answers1