List Permissions
Definition
The "List Permissions" action in Google Drive retrieves a list of permissions assigned to a specific file or shared drive. It allows you to view the access levels of various users, groups, or domains with respect to a file or shared drive. This action helps you manage and audit who has access to your Google Drive files or shared drives, providing details about the grantee type, role, and any expiration or deletion information associated with their permissions.
Key capabilities:
- Retrieve permissions for a specific file or shared drive.
- Filter and review the roles and types of access granted (e.g., user, group, domain, anyone).
- Manage permissions like viewer, commenter, writer, or manager for better file-sharing control.
Example Use Cases
1. Audit Access to Sensitive Files
Use the "List Permissions" action to retrieve a list of all users, groups, or domains who have access to sensitive files or folders, ensuring proper access control and identifying any unauthorized access.
2. Managing Group Permissions
This action helps to list permissions associated with Google Group access, allowing administrators to review and update who can access shared files or drives based on group membership.
3. Expiration Management
If a permission has an expiration time set, this action can be used to monitor when users or groups will lose access, allowing you to proactively update or revoke permissions before expiration.
4. Tracking Permissions for Shared Drives
For shared drives, this action retrieves a comprehensive list of permissions granted to individual members or groups, making it easier to maintain access control and ensure that only authorized users have access to sensitive content.
5. Cleaning Up Deleted User Permissions
Use the "List Permissions" action to identify permissions associated with deleted user accounts, helping to clean up outdated permissions and improve security.
Inputs Section Explanation
1. Connection
This field allows you to specify the connection to your Google Drive account. It ensures that the action uses the correct authentication credentials and access rights to interact with Google Drive.
2. File Folder Id
The ID of the file or folder in Google Drive whose permissions you want to list. This ID is used to locate the file or folder in the Google Drive system.
3. Max Results
Specifies the maximum number of permission entries to return. The number must be between 1 and 20,000. This helps control how many permissions you want to list at once, especially if you have a large number of permissions for a specific file or folder.
4. Page Token
The token used to retrieve the next page of results when listing permissions. If not provided, the action will return the first page of results. When the result exceeds the maximum limit (as defined by Max Results), this token is used to paginate through the data.
Step-by-Step Guide
Step 1: Establish Connection
Ensure you have a valid connection to your Google Drive account.
How to do it: Provide the necessary authentication credentials for Google Drive. This could involve logging into your Google account and authorizing the connection, either via OAuth or API tokens.
Step 2: Select the File or Folder
Provide the File Folder ID of the specific file or folder in Google Drive whose permissions you want to retrieve.
How to do it:
- Navigate to the file/folder in Google Drive.
- Right-click on the file/folder and select "Get link" or "Share."
- Extract the File Folder ID from the URL. For example, in the link
https://drive.google.com/file/d/1234567890abcdef/view, the File ID is1234567890abcdef.
Step 3: Set Max Results
Specify how many permissions you want to retrieve.
How to do it: Enter a value for Max Results. Choose a number between 1 and 20,000 depending on how many permissions you want to fetch at once. For instance, you might choose "100" if you have up to 100 permissions on the file/folder.
Step 4: Handle Pagination (if necessary)
If there are more permissions than can be retrieved in one request (based on Max Results), provide a Page Token.
How to do it:
- If you received a Next Page Token from the initial request, input it into the Page Token field to retrieve the next set of permissions.
- If there is no token (first request), leave this field empty, and the action will return the first page of results.
Step 5: Review Results
The flow will return the list of permissions for the selected file/folder.
How to do it: Check the Permissions Collection in the output. This will contain details such as the grantee's name, type, email, and the role they hold for the file/folder.
You can review the permissions to see who has access to the file or folder, and what roles they have (e.g., Reader, Writer, Owner, etc.).
Step 6: Handle Further Pagination (if necessary)
If there are more pages of permissions, use the Next Page Token.
How to do it: If the result count exceeds the Max Results you specified, use the Next Page Token from the response and run the flow again to retrieve the remaining permissions.
Outputs
1. Result Count
This field provides the number of permissions returned by the action.
Purpose: It helps to understand how many permissions were retrieved in the result. If the value is less than the Max Results you set, then the list is complete. However, if it's equal to Max Results, it might indicate that there are more permissions to retrieve, in which case you will need to use the Next Page Token to fetch additional data.
Example:
Result Count: 25means 25 permissions have been retrieved for the specified file or folder.
2. Permissions Collection
This is an array that contains detailed information about each permission associated with the file/folder.
Purpose: It provides all the details about the permissions for the specified file or folder. Each permission object in the collection includes key data such as:
- Id: A unique identifier for the permission.
- Display Name: The name of the grantee (e.g., full name for users, group name for groups, or domain name for domains).
- Type: The type of grantee (user, group, domain, or anyone).
- Email Address: The email address of the grantee (if applicable).
- Role: The role of the grantee (e.g., owner, writer, commenter).
- Photo Link: The URL to the grantee’s profile photo (if available).
- Domain: The domain of the grantee, if applicable.
- Allow File Discovery: A flag indicating if the file can be discovered via search (only applicable for domain or anyone types).
- Expiration Time: The expiration date of the permission (if applicable).
- Deleted: Whether the associated account has been deleted.
- Pending Owner: Whether the grantee is a pending owner (only for user-type permissions on non-shared drive files).
- Permission Details: Details of whether the permission is inherited or directly applied on the file/folder.
- Example:
Permissions Collection: [ { "Id": "12345abcde", "Display Name": "John Doe", "Type": "user", "Email Address": "johndoe@example.com", "Role": "reader", "Photo Link": "http://example.com/photo.jpg", "Domain": "example.com", "Allow File Discovery": true, "Expiration Time": "2025-12-31T00:00:00Z", "Deleted": false, "Pending Owner": false, "Permission Details": { "Permission Type": "file", "Inherited From": null } }, ... ]
This collection allows you to see exactly who has what type of access to the file/folder, and if there are any special considerations like expiration times, pending ownership, or deletion status.
3. Next Page Token
This field contains the token to fetch the next set of permissions if there are more than can be returned in the current request.
Purpose: If the total number of permissions exceeds the Max Results value you’ve set, the response will contain a Next Page Token. You can use this token to retrieve the next page of permissions in a subsequent request.
Example:
Next Page Token: abcdef12345indicates that there are more permissions to retrieve. You would use this token in the Page Token field of the next request to continue fetching additional permissions.
Summary:
Result Count helps you understand how many permissions were returned.
Permissions Collection gives you all the details about each permission, including who has access, their role, and additional information like expiration time and whether the account is deleted.
Next Page Token is used to fetch more results if there are additional permissions beyond the set limit of Max Results.
Example of Using the "List Permissions" Action
Situation:You are a team manager at a company and have a shared folder on Google Drive that contains important project documents. You want to review who has access to these files and their specific roles, as the project is about to move into a new phase and you need to ensure the right team members have the appropriate permissions.
How the Action is Used:
- Input the File ID: You provide the File Folder ID for the project folder that contains the documents you want to review.
- Set Max Results: You set Max Results to 50 to retrieve the first 50 permissions associated with the folder.
- Run the Action: The action runs and fetches the permissions, returning details such as who has access to the folder, their roles (e.g., viewer, commenter, or editor), and any expiration dates for the permissions.
- Review Results: The results include a Permissions Collection that lists each person, group, or domain that has access, along with their roles and any relevant expiration times. For example, you can see if any permissions are about to expire or if the wrong person has a higher role than needed.
- Use the Next Page Token: If there are more than 50 permissions associated with the folder, you can use the Next Page Token to retrieve the next set of permissions until you've reviewed all of them.
This action helps you efficiently manage and audit the access to your files and ensure that everyone has the correct permissions for the upcoming phase of the project.
Updated 5 days ago