"Updating" ownership on files with GAM gives 403 Insufficient permissions, but "adding" works

[Joel Asaro]

I am using GAM 3.43 for Windows and testing out the use of GAM to change ownership on files in Google Drive.  Specifically, my goal is to be able to do this as the domain super admin and not have to run in user's accounts and ultimately to do this in in mass.  I am actually having some initial success finally, but wanted to report what I think is an issue and get input from anyone else who has done this already.  

Specifically, the issue that I ran into is that I get the following error when running the command update drivefileacl:

gam user owner_acct@domain.com update drivefileacl <fileid> new_owner@domain.com role owner

 

Error 403: Insufficient permissions for this file - forbidden

At first I thought maybe I setup GAM incorrectly or was doing something wrong.  That might still be the case, but I am successful in using the above command when updating to any other role than owner. And then I discovered that I can successfully complete the change of ownership if I use the add drivefileacl command instead:

gam user owner_acct@domain.com add drivefileacl <fileid> user new_owner@domain.com role owner

The second command works even if the user already has access to the file.  

Anyway, I am off to try and figure out bulk operations next, but wanted to report this in case anyone else comes across it and to get input from anyone else who has already gone down this path.  Thanks.

P Please consider the environment before printing this email 

CONFIDENTIALITY NOTE: This transmission and the information contained in this transmission is private and confidential and is only intended to be sent to and received and used by the individuals or entities designated above. If the reader of this transmission is not the intended recipient, you are hereby notified that this transmission and its contents are proprietary to and the exclusive property of the sender's company, and that any use, dissemination, distribution, or copy of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify the sender by e-mail, and return the original transmission to the sender at the address above or destroy or delete said transmission. 

[Joel Asaro]

In testing further, I would really like to see if I can get any help getting the "update" command working rather than the "add" command.  This is because adding a user as owner appears to place the file in the root of the user's My Drive (as well as the original location of the file).  I am hoping this will not be the case if I can get the "update" command to work.

More over in playing with the APIs on developers.google.com I think I may have found the issue I am running into.  It appears that there is an optional query parameter for the Drive API Permissions: update request called "transferOwnership" which only applies to ownership changes and defaults to false.  In testing on the following page I get the same error I am getting with GAM except when I set this parameter to TRUE.  

https://developers.google.com/drive/v2/reference/permissions/update

Unfortunately, I don't see a way to set this parameter with GAM however. 

[Joel Asaro]

Ah ha!

I didn't see the option to set the "transferownership" parameter on the Wiki, but I poked around in the source code for a minute and found that it occurred there and so with a little trial and error was able to determine this is possible with GAM and I am now successful with the following command:

gam user owner_acct@domain.com update drivefileacl <fileid> new_owner@domain.com transferownership true role owner

So far this looks like it also solves my issue with the file being added to the new owner's My Drive.