In Google Cloud Platform, I created a project. Then I enabled Google Drive API for that project. Then I created a service account.
I was able to upload file to Google Drive with that service account successfully.
But when I tried to create a folder using that service account:
authorizer = Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: File.open(SERVICE_ACCOUNT_PKCS12_FILE_PATH),
scope: 'https://www.googleapis.com/auth/drive.metadata')
drive_service = Google::Apis::DriveV3::DriveService.new
drive_service.client_options.application_name = APPLICATION_NAME
drive_service.authorization = authorizer
metadata = Google::Apis::DriveV3::File.new(name: folder_name)
folder = drive_service.create_file(metadata,
fields: 'id',
content_type: 'application/vnd.google-apps.folder',
)
I got insufficientPermissions error
/opt/gitlab/embedded/lib/ruby/gems/2.7.0/gems/google-api-client-0.50.0/lib/google/apis/core/http_command.rb:228:in `check_status': insufficientPermissions: Insufficient Permission: Request had insufficient authentication scopes. (Google::Apis::ClientError)
I looked around but couldn't not figure out how to grant necessary permission to the service account to create a folder.
Appreciate any help.
The Google drive file.create method requires consent to be granted to the application with one of the following scopes
You appear to be using, which is not high enough permissions to create a file or in this case a directory.
Tip: if you are using a service account there is really no reason not to just always use the full drive scope. You control the service account anyway.