Google Drive scope drive.file not sufficient for copying app owned files to app user's Google Drive -

Google Drive scope drive.file not sufficient for copying app owned files to app user's Google Drive -

participating components:

(all in same project)

android app

web app

service account

the users have authorized app on android devices cross client identity: oauth2:server:client_id:[web_app_id].apps.googleusercontent.com scopes ...

flow: several users request creation of same file through android app ( file every user not desired, see "known workaround" ) a service business relationship creates file ( service business relationship owner ) service business relationship shares file (by link , explicit users) user authorized drive service / or service business relationship impersonates user tries re-create file user's google drive ( user has owner of re-create in end) error:

this fails scope drive.file ( , drive.readonly ): error message: authenticated user has not granted app [project_id] write access file [file_id]

(btw: why write access needed copy()? giving users write access file not alter error)

known workaround:

it works total drive scope ( but: app not need see files has not created - want avoid it)

same result can achieved re-inserting file instead of copying (this overhead of import app though, cause same file might requested multiple users)

an explicit interaction file ui picker or propably not work file have created after requesting it. can't think of way how without decreasing usability of android app.

expected result:

www.googleapis.com/auth/drive.file: per-file access files created or opened app

it seems me should enough. file created/owned/shared app's service account. , copied app on behalf of user.

www.googleapis.com/auth/drive.readonly allows read-only access file metadata , file content

at to the lowest degree 1 should work should give read access files should plenty re-create "shared user" file created "authorized user" app.

question:

the web application , service business relationship in same project. can web application deed service business relationship on behalf of user? if - don't know how. create difference anyway?

this seems bug me in special utilize case, same result can achieved workaround. @ to the lowest degree scope drive.readonly should allow app re-create app owned files user's drive. making re-create through plain service business relationship , changing owner of re-create user workaround, fails too.

i must missing simple.

please guide me.

thank you.

i had same problem , resolved using drive.metadata in combination drive.file scopes. related question

google-drive-sdk