This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

understanding new file permissions

Posted on 06-03-2024 07:40 AM
htpetrie
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Hello all, I'm the admin on a nonprofit Workspace account, I'm far from a seasoned IT veteran but I have some understanding of some things. My first question is in regard to new files on Drive and their permissions. Is there a default somewhere for who can view or edit new files, for instance, if I drag a new file from the hard drive of my desktop computer (Mac) onto My Drive, are there default permissions? Appreciate the input. Howard

Solved Solved
1 6 1,108
Topic Labels
Jump to Solution
3 ACCEPTED SOLUTIONS

Posted on --/--/---- --:-- AM
icrew
Gold 4
Gold 4
Reply posted on --/--/---- --:-- AM

There are three possibilities here:

1) If you put/create a file or folder directly in the root level of MyDrive, it's not shared with anyone until you explicitly share it (and it's not possible to change that default).

2) If you put a file or folder into a folder in MyDrive, and that folder is shared with other people, they will be able to see the new item, but your account retains ownership of that file/folder (meaning, for example, that if you leave the org and your account is deleted, those files/folders will go away, even if other folks are still using them).

And yes, that's an incredibly stupid way to handle file/folder ownership. And yes, I and just about everyone else has been complaining to Google about it since Drive was launched about 12 years ago. And no, Google has never shown any sign of being willing to fix it. But there is some light--see below:

3) If you put something into a Shared Drive instead of My Drive, the ownership transfers to be owned by the shared drive instead of any one individual account, and will stick around until that Shared Drive is deleted, regardless of whether or not your personal account gets deleted. Shared Drives use what's commonly referred to as "waterfall" permissions, which Google's competitor Box does a good job of explaining over at https://support.box.com/hc/en-us/articles/360043697254-Understanding-Folder-Permissions (the details are of course different, but the concepts are the same). Any new files/folders added to a Shared Drive will follow those permissions.

Hope that helps,

Ian

View solution in original post

Jump to Solution

Posted on --/--/---- --:-- AM
icrew
Gold 4
Gold 4
In response to htpetrie
Reply posted on --/--/---- --:-- AM

No, my thought with the shared drive was "move the files to a shared drive, set up the cascading permissions there, then just use them from there ongoing". If you want to have them in My Drive, then I do think GAM is your best bet, even if it's only for reporting purposes (as in creating a CSV of what all the permissions for all the stuff currently are, so you can at least develop a plan and checklist for what needs to be fixed.)

Cheers,

Ian

View solution in original post

Jump to Solution

Posted on --/--/---- --:-- AM
htpetrie
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

I see. OK, let me play with that for a while. Thank you!

View solution in original post

Jump to Solution
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
icrew
Gold 4
Gold 4
Reply posted on --/--/---- --:-- AM

There are three possibilities here:

1) If you put/create a file or folder directly in the root level of MyDrive, it's not shared with anyone until you explicitly share it (and it's not possible to change that default).

2) If you put a file or folder into a folder in MyDrive, and that folder is shared with other people, they will be able to see the new item, but your account retains ownership of that file/folder (meaning, for example, that if you leave the org and your account is deleted, those files/folders will go away, even if other folks are still using them).

And yes, that's an incredibly stupid way to handle file/folder ownership. And yes, I and just about everyone else has been complaining to Google about it since Drive was launched about 12 years ago. And no, Google has never shown any sign of being willing to fix it. But there is some light--see below:

3) If you put something into a Shared Drive instead of My Drive, the ownership transfers to be owned by the shared drive instead of any one individual account, and will stick around until that Shared Drive is deleted, regardless of whether or not your personal account gets deleted. Shared Drives use what's commonly referred to as "waterfall" permissions, which Google's competitor Box does a good job of explaining over at https://support.box.com/hc/en-us/articles/360043697254-Understanding-Folder-Permissions (the details are of course different, but the concepts are the same). Any new files/folders added to a Shared Drive will follow those permissions.

Hope that helps,

Ian

Jump to Solution

Posted on --/--/---- --:-- AM
htpetrie
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Thank you Ian, that is extremely helpful and very much appreciated. I have one additional small question, I've inherited a Drive that was massively disordered, I've managed to reorganize it but permissions on existing files are a mess. I'm wondering, if I move the entire contents of My Drive to a different drive (HD for instance) and then move them back, will permissions be reset to default? Thank you again for helping me straighten out this mess!

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
icrew
Gold 4
Gold 4
In response to htpetrie
Reply posted on --/--/---- --:-- AM

1) It might be easier to just move everything to a Shared Drive and sort out the permissions thereโ€”the Waterfall permissions can help a lot in that case. (Though it does involve some work moving and letting everyone know whatโ€™s changing). 

2) If you do want to sort out things in place, you can do that with the free, open source, command-line, indispensable GAM tool. Check out:

for more details. Specifically, see https://github.com/taers232c/GAMADV-XTD3/wiki/Users-Drive-Permissions for how (and ask on the mailing list for helpโ€”theyโ€™re really, really helpful).

Hope that helps,

Ian

Jump to Solution

Posted on --/--/---- --:-- AM
htpetrie
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Thank you Ian, GAM looks like it could get me in a lot of trouble... Just to make sure I have this correctly, the idea would be to create a shared folder, move the folders and files there, set permissions at the top level of the shared drive to have them cascade down, and then move them back to the root level of My Drive where those new permissions would remain active. Is this correct?  thank you again!

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
icrew
Gold 4
Gold 4
In response to htpetrie
Reply posted on --/--/---- --:-- AM

No, my thought with the shared drive was "move the files to a shared drive, set up the cascading permissions there, then just use them from there ongoing". If you want to have them in My Drive, then I do think GAM is your best bet, even if it's only for reporting purposes (as in creating a CSV of what all the permissions for all the stuff currently are, so you can at least develop a plan and checklist for what needs to be fixed.)

Cheers,

Ian

Jump to Solution

Posted on --/--/---- --:-- AM
htpetrie
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

I see. OK, let me play with that for a while. Thank you!

Jump to Solution
0 Likes
Top Labels in this Space
Top Solution Authors
View all