2

我使用 getEditors 获取电子表格的编辑者列表,返回的列表包括共享驱动器用户。但是,对共享驱动器具有“内容管理员”访问权限的用户不包含在列表中。为什么会这样?

我还发现 getAccess 可用于获取特定用户对驱动器文件夹的访问类型。使用这种方法,我的目标是识别所有具有 FILE_ORGANIZER 或 ORGANIZER 权限的用户。请参阅有关权限的官方文档。是否可以使用 if 语句或循环来获取此信息?

或者,是否有一种解决方法来获取我可能没有考虑过的可以访问共享驱动器的所有用户的列表?

PS:高级驱动服务未启用。

// This code aims to protect a sheet in a spreadsheet 
// by granting specific users access (super users) 
// and revoking the access of any other user that can edit the spreadsheet. 

/*
Attempted approach:

user1 and user2 have manager permission to the shared drive as a whole
user3 has content manager permission to the shared drive as a whole
user4 only has access to this spreadsheet in the shared drive

My objective is to ensure that only users 1 and 2 can edit the protected sheet.

Result:
Log shows that users 1 and 2 have access and user 4 does not.
However, user3 can still edit the sheet because they were no included in the getEditors() result hence their access could not be revoked. 
*/

function protectASheet() {
  var superusers = ['user1', 'user2'];
  var ss = SpreadsheetApp.getActive();
  var editors = ss.getEditors(); //get file editors
  var sheet = SpreadsheetApp.getActive().getSheetByName('TestSheet');

  //Set protection  
  var protection = sheet.protect().setDescription('This sheet is protected.');

  protection.addEditors(superusers); //Grant superusers edit permission
  protection.removeEditors(editors); //Revoke other file editors' permission

  Logger.log("Only the following can edit " + sheet.getSheetName() + ": " + protection.getEditors());


}

4

1 回答 1

2

得到了同事的帮助。这种方法依赖于在脚本编辑器中激活的高级驱动服务。要打开,请转到资源 -> 高级 Google 服务。

它毫无例外地获取对文件或文件夹具有任何形式访问权限的每个用户的权限和其他详细信息。

下面的代码:

function getPermissionsList() {
  const fileId = "<FILE, FOLDER OR SHARED DRIVE ID HERE>"; // ID of your shared drive

  // THIS IS IMPORTANT! The default value is false, so the call won't 
  // work with shared drives unless you change this via optional arguments
  const args = {
    supportsAllDrives: true
  };

  // Use advanced service to get the permissions list for the shared drive
  let pList = Drive.Permissions.list(fileId, args);

  //Put email and role in an array
  let editors = pList.items;
  var arr = [];

  for (var i = 0; i < editors.length; i++) {
    let email = editors[i].emailAddress;
    let role = editors[i].role;

    arr.push([email, role]);

  }

  Logger.log(arr);

}

于 2020-10-06T12:14:33.780 回答