REST Resource: permissions

Resource: Permission

A permission for a file. A permission grants a user, group, domain, or the world access to a file or a folder hierarchy.

Some resource methods (such as permissions.update) require a permissionId. Use the permissions.list method to retrieve the ID for a file, folder, or shared drive.

JSON representation
{
  "id": string,
  "name": string,
  "type": string,
  "role": string,
  "additionalRoles": [
    string
  ],
  "authKey": string,
  "value": string,
  "kind": string,
  "withLink": boolean,
  "photoLink": string,
  "selfLink": string,
  "emailAddress": string,
  "domain": string,
  "etag": string,
  "permissionDetails": [
    {
      "permissionType": string,
      "role": string,
      "additionalRoles": [
        string
      ],
      "inheritedFrom": string,
      "inherited": boolean
    }
  ],
  "expirationDate": string,
  "teamDrivePermissionDetails": [
    {
      "teamDrivePermissionType": string,
      "role": string,
      "additionalRoles": [
        string
      ],
      "inheritedFrom": string,
      "inherited": boolean
    }
  ],
  "deleted": boolean,
  "view": string,
  "pendingOwner": boolean
}
Fields
id

string

The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.

name

string

Output only. The name for this permission.

type

string

The account type. Allowed values are:

  • user
  • group
  • domain
  • anyone
role

string

The primary role for this user. While new values may be supported in the future, the following are currently allowed:

  • owner
  • organizer
  • fileOrganizer
  • writer
  • reader
additionalRoles[]

string

Additional roles for this user. Only commenter is currently allowed, though more may be supported in the future.

authKey
(deprecated)

string

Output only. Deprecated.

value

string

The email address or domain name for the entity. This is used during inserts and is not populated in responses. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.

kind

string

Output only. This is always drive#permission.

emailAddress

string

Output only. The email address of the user or group this permission refers to. This is an output-only field which is present when the permission type is user or group.

domain

string

Output only. The domain name of the entity this permission refers to. This is an output-only field which is present when the permission type is user, group or domain.

etag

string

Output only. The ETag of the permission.

permissionDetails[]

object

Output only. Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.

permissionDetails[].permissionType

string

Output only. The permission type for this user. While new values may be added in future, the following are currently possible:

  • file
  • member
permissionDetails[].role

string

Output only. The primary role for this user. While new values may be added in the future, the following are currently possible:

  • organizer
  • fileOrganizer
  • writer
  • reader
permissionDetails[].additionalRoles[]

string

Output only. Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.

permissionDetails[].inheritedFrom

string

Output only. The ID of the item from which this permission is inherited. This is an output-only field.

permissionDetails[].inherited

boolean

Output only. Whether this permission is inherited. This field is always populated. This is an output-only field.

expirationDate

string

The time at which this permission will expire (RFC 3339 date-time). Expiration dates have the following restrictions:

  • They can only be set on user and group permissions
  • The date must be in the future
  • The date cannot be more than a year in the future
teamDrivePermissionDetails[]
(deprecated)

object

Output only. Deprecated: Use permissionDetails instead.

teamDrivePermissionDetails[]
(deprecated).teamDrivePermissionType
(deprecated)

string

Output only. Deprecated: Use permissionDetails/permissionType instead.

teamDrivePermissionDetails[]
(deprecated).role
(deprecated)

string

Output only. Deprecated: Use permissionDetails/role instead.

teamDrivePermissionDetails[]
(deprecated).additionalRoles[]
(deprecated)

string

Output only. Deprecated: Use permissionDetails/additionalRoles instead.

teamDrivePermissionDetails[]
(deprecated).inheritedFrom
(deprecated)

string

Output only. Deprecated: Use permissionDetails/inheritedFrom instead.

teamDrivePermissionDetails[]
(deprecated).inherited
(deprecated)

boolean

Output only. Deprecated: Use permissionDetails/inherited instead.

deleted

boolean

Output only. Whether the account associated with this permission has been deleted. This field only pertains to user and group permissions.

view

string

Indicates the view for this permission. Only populated for permissions that belong to a view. published is the only supported value.

pendingOwner

boolean

Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.

Methods

delete

Deletes a permission from a file or shared drive.

get

Gets a permission by ID.

getIdForEmail

Returns the permission ID for an email address.

insert

Inserts a permission for a file or shared drive.

list

Lists a file's or shared drive's permissions.

patch

Updates a permission using patch semantics.

update

Updates a permission.