Deleting all ACL's for a users Google Drive

87 views
Skip to first unread message

Sam Woodhouse

unread,
Feb 27, 2019, 9:49:55 AM2/27/19
to GAM for G Suite
Hi Ross,

I've been revisiting our accounts deletions process over the last week, trying to automate it as much as possible. I've got a long way through it and I'm now at the part that we have always done, which involves grabbing all the drive files of the user we plan to delete and deleting all the permissions within the file, where it's shared (shared through any factor, either by specific email or shared via a link).

We have had issues in the past with a python script you wrote, but we've always tinkered with it and got it working. However I thought I would revisit your GitHub and grab an up to date version of the script, in case you've fixed some of the issues that we were facing but now I find that I can't see the scripts that we have been running.

We used to run a script with file name GetUserDriveACLs.py and then a script with file name LinkShareValuesScript.py But I can't find either of those in your repository. My assumption is that you've modified and improved and potentially had a name change. 

I have found ShowUserNonOwnerDriveACLs.py and although the comments at the start seem to match up with the comments at the start of GetUserDriveACLs.py it seems the functionality is not quite the same. I haven't looked for a new version of LinkShreValuesScript.py as I thought it was more likely that if I just asked you then you would know exactly what I'm looking for.

Kind Regards,
Sam

Ross Scroggs

unread,
Feb 27, 2019, 9:58:59 AM2/27/19
to google-ap...@googlegroups.com
Sam,

I don't recall every having a script LinkShareValueScript.py.
GetUserDriveACls.py almost certainly changed to ShowUserNonOwnerDriveACLs.py. What functionality changes do you perceive?

Privately send me GetUserDriveACLs.py and I'll look at it.

Ross
--
You received this message because you are subscribed to the Google Groups "GAM for G Suite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To post to this group, send email to google-ap...@googlegroups.com.
Visit this group at https://groups.google.com/group/google-apps-manager.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/613889d9-7e06-49e5-b8c0-fd112186835c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Sam Woodhouse

unread,
Feb 27, 2019, 10:09:01 AM2/27/19
to GAM for G Suite
Hi Ross,

I'm only basing that off the information that's been passed to me, I'll forward you the script shortly.

As for ShowUserNonOwnerDriveACLs.py it doesn't output a column for the permission ID. So you can't run gam user ~Owner delete drivefileacl ~driveFileId ~permissionId over the csv it creates.

To give it a test, I have added the following to the script:

Updated line 35 (added 'permissionID' to csv header) to outputCSV = csv.DictWriter(outputFile, ['Owner', 'driveFileId', 'driveFileTitle', 'emailAddress', 'permissionID'], lineterminator=LINE_TERMINATOR, quotechar=QUOTE_CHAR)
Added line 49 (grab permissionID) permissionID = row.get('permissions.{0}.id'.format(permissions_N), u'')
Added line 55 (add permissionID into the csv output) 'permissionID': permissionID})

This seems to give me the output that I want, though don't know that it is the right way to do it as I don't profess to be much of a programmer. 

The script as a whole seems to be tailored to just getting a list of files that a user has shared, whereas the old file was specific to getting that information in order to break all the shares.

Hope that makes sense.

Regards,
Sam


On Wednesday, 27 February 2019 14:58:59 UTC, Ross Scroggs wrote:
Sam,

I don't recall every having a script LinkShareValueScript.py.
GetUserDriveACls.py almost certainly changed to ShowUserNonOwnerDriveACLs.py. What functionality changes do you perceive?

Privately send me GetUserDriveACLs.py and I'll look at it.

Ross
On Feb 27, 2019, at 6:49 AM, Sam Woodhouse <sam.wo...@coopdigital.co.uk> wrote:

Hi Ross,

I've been revisiting our accounts deletions process over the last week, trying to automate it as much as possible. I've got a long way through it and I'm now at the part that we have always done, which involves grabbing all the drive files of the user we plan to delete and deleting all the permissions within the file, where it's shared (shared through any factor, either by specific email or shared via a link).

We have had issues in the past with a python script you wrote, but we've always tinkered with it and got it working. However I thought I would revisit your GitHub and grab an up to date version of the script, in case you've fixed some of the issues that we were facing but now I find that I can't see the scripts that we have been running.

We used to run a script with file name GetUserDriveACLs.py and then a script with file name LinkShareValuesScript.py But I can't find either of those in your repository. My assumption is that you've modified and improved and potentially had a name change. 

I have found ShowUserNonOwnerDriveACLs.py and although the comments at the start seem to match up with the comments at the start of GetUserDriveACLs.py it seems the functionality is not quite the same. I haven't looked for a new version of LinkShreValuesScript.py as I thought it was more likely that if I just asked you then you would know exactly what I'm looking for.

Kind Regards,
Sam

--
You received this message because you are subscribed to the Google Groups "GAM for G Suite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-manager+unsub...@googlegroups.com.

Ross Scroggs

unread,
Feb 27, 2019, 10:22:59 AM2/27/19
to google-ap...@googlegroups.com
Sam,

See: GetUserNonOwnerDomainDriveACLs.py instead of ShowUserNonOwnerDriveACLs.py

To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.

To post to this group, send email to google-ap...@googlegroups.com.
Visit this group at https://groups.google.com/group/google-apps-manager.

Sam Woodhouse

unread,
Mar 1, 2019, 11:23:48 AM3/1/19
to GAM for G Suite
Hi Ross, 

That's spot on thanks.

I think the reasoning behind the LinkShareValueScript that you requested I email, is that documents that are shared via a link were not filtered by the GetUserDriveACL's script.

Do you have a script to find docs that are shared with a link? Or is that included in GetUserNonOwnerDomainDriveACLs.py?

Kind Regards,
Sam

Reply all
Reply to author
Forward
0 new messages