I’m building a backup application that needs to store files on Google Drive. For security reasons, I want to ensure that the app can only create and upload new files, without the ability to delete or modify existing files in any way.
Is there a method to set up Google Drive API permissions such that my application has only upload capabilities? I’m concerned about providing it with unnecessary access to user data.
Here’s what I’m attempting to do:
def backup_files_to_drive(file_path):
credentials = get_drive_credentials()
service = build('drive', 'v3', credentials=credentials)
# The app should only be allowed to upload
media = MediaFileUpload(file_path)
file_metadata = {'name': os.path.basename(file_path)}
result = service.files().create(
body=file_metadata,
media_body=media
).execute()
return result
What OAuth scopes should I request to properly limit the permissions?
I’ve dealt with similar security issues before. Try using an append-only pattern in your app instead of just relying on OAuth scopes. The drive.file scope is still your best bet for limiting access, but you can add extra protection by never calling delete or update methods in your code. I’ve seen devs create a simple wrapper around the Drive API that only exposes the create method - makes it impossible to accidentally delete files. Also, use versioning in your file names instead of overwriting. Even if someone gets your credentials, they can’t destroy old backups. This combo of restrictive scopes and defensive coding has worked great for the backup apps I’ve built.
Google Drive API doesn’t have a pure upload-only scope that blocks deletion or modification. Your best bet is https://www.googleapis.com/auth/drive.file, which limits your app to only files it creates. Your app can’t touch files from other apps or ones users uploaded manually through the web interface. I’ve built similar backup solutions and this scope works pretty well - it creates an isolated workspace for your app. Users’ existing files stay completely off-limits. Sure, your app can still delete files it creates, but you can add safeguards in your code to prevent accidents. This setup has worked great for backup scenarios where you need some file management but want to minimize access to user data.
here’s another approach - use the https://www.googleapis.com/auth/drive.appdata scope if u don’t want users seeing the backup files. this creates a hidden folder that’s completely separate from their regular drive stuff. downside is they can’t access these files directly, but it’s perfect for backups since it’s even more restrictive than drive.file scope.