Google Drive API - 从服务帐户转移所有权

Google Drive API - Transfer ownership from Service Account(Google Drive API - 从服务帐户转移所有权)
本文介绍了Google Drive API - 从服务帐户转移所有权的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我正在尝试使用以下代码将所有权从服务帐户创建的文档转移给位于同一 Google Apps 帐户中的另一个用户,但出现以下错误

I am attempting to transfer ownership from a Service Account created document to another user who resides within the same Google Apps account using the code below but am getting the following error

资源主体包含不可直接写入的字段.[403]错误 [消息[资源正文包含不可直接写入的字段.] Location[ - ] Reason[fieldNotWritable] Domain[global]]

        var service = GetService();

        try
        {
            var permission = GetPermission(fileId, email);
            permission.Role = "owner";

            var updatePermission = service.Permissions.Update(permission, fileId, permission.Id);
            updatePermission.TransferOwnership = true;
            return updatePermission.Execute();
        }
        catch (Exception e)
        {
            Console.WriteLine("An error occurred: " + e.Message);
        }
        return null;

注释掉//permission.Role = "owner";返回下面的错误

Commenting out // permission.Role = "owner"; returns the error below

当权限角色为所有者"时,必须启用 transferOwnership 参数.[403] 错误 [消息[当权限角色为所有者"时,必须启用 transferOwnership 参数.] Location[transferOwnership - parameter] Reason[forbidden] Domain[global]]

分配任何其他权限都可以正常工作.因此,这是服务帐户无法将所有权转移到不使用@gserviceaccount.com 电子邮件地址的任何其他帐户的限制(即our-project@appspot.gserviceaccount.com > email@domain.com)?

Assigning any other permissions works fine. Therefore, is this a limitation of the Service Account not being able to transfer ownership to any other account that doesn't use the @gserviceaccount.com email address (i.e. our-project@appspot.gserviceaccount.com > email@domain.com)?

email@domain.com 电子邮件地址已创建并在 Google Apps 中进行管理.

The email@domain.com email address has been created and is managed within Google Apps.

在这种情况下,这是无法实现的,关于下一步该去哪里的任何指示?我们需要多个用户能够通过 API 即时创建文档并分配权限和转移所有权.

In the case, it is not achievable, any pointers on where to look next? We need multiple users to have the ability to create documents ad hoc and assign permissions and transfer ownership on the fly via the API.

谢谢

推荐答案

我找到了答案,并为遇到此问题的其他人发帖.

I have found the answer and am posting for anyone else who comes across this question.

  1. 您不能使用 Google 推荐的服务帐户密钥 JSON 文件".
  2. 您需要使用 p.12 证书文件进行身份验证.
  3. 创建模拟账户驱动服务的代码如下.

  1. You can not use the 'Service Account Key JSON file' as recommended by Google.
  2. You need to use the p.12 certificate file for authentication.
  3. The code to create a drive service for mimicking accounts is as follows.

public DriveService GetService(string certificatePath, string certificatePassword, string googleAppsEmailAccount, string emailAccountToMimic, bool allowWrite = true)
{
    var certificate = new X509Certificate2(certificatePath, certificatePassword, X509KeyStorageFlags.Exportable);

    var credential = new ServiceAccountCredential(
       new ServiceAccountCredential.Initializer(googleAppsEmailAccount)
       {
           Scopes = new[] { allowWrite ? DriveService.Scope.Drive : DriveService.Scope.DriveReadonly },
           User = emailAccountToMimic
       }.FromCertificate(certificate));

    // Create the service.
    return new DriveService(new BaseClientService.Initializer
    {
        HttpClientInitializer = credential,
        ApplicationName = ApplicationName
    });
}

  • 您需要按照此处列出的步骤在域范围内委派服务帐户的权限.

  • You need to follow the steps listed here to delegate domain-wide authority to the service account.

    这篇关于Google Drive API - 从服务帐户转移所有权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

    本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!
  • 相关文档推荐

    Custom Error Queue Name when using EasyNetQ for RabbitMQ?(使用 EasyNetQ for RabbitMQ 时自定义错误队列名称?)
    How to generate password_hash for RabbitMQ Management HTTP API(如何为 RabbitMQ 管理 HTTP API 生成密码哈希)
    Rabbitmq Ack or Nack, leaving messages on the queue(Rabbitmq Ack 或 Nack,将消息留在队列中)
    Setup RabbitMQ consumer in ASP.NET Core application(在 ASP.NET Core 应用程序中设置 RabbitMQ 消费者)
    Specify Publish timeouts in mass transit(指定公共交通中的发布超时)
    RabbitMQ asynchronous support(RabbitMQ 异步支持)