cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Discuss Dropbox Developer & API

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: File permissions in the shared folder

File permissions in the shared folder

lades
Explorer | Level 4
Go to solution

Hi, I have this case: 

User A shares a folder to User B with edit rights and B didn't accept the shared folder yet. 

In my application A opens the file from the shared folder, and provides the fileId to User B, assuming the B should have the access rights for that file. 

`sharing/get_file_metadata` performed by User B returns 

"access_type": {
".tag": "editor"
},
 
so User B is assuming he has edit rights for the file as well. However, User B is not allowed to even download the file (download file rq return 404 not found). 
 
Is there any way how to detect User B haven't accepted the shared folder, so he doesn't have the access rights for the file yet? Or, could it a bug, as the get_file_metadata seems to return misleading information? 
1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
Go to solution

Apologies for the confusion! This is the expected behavior. Before user B "accepts" or "mounts" the shared folder, they will have the right to access to (hence the returned "access_type"), but won't actually be able to do so, since the content hasn't yet been added to their account.

You can detect this from the /2/sharing/get_file_metadata call for user B. In the response, if 'path_display' and 'path_lower' aren't set, that means that the file is not mounted in the user's account yet, so they can't interact with it. (They can mount it using the Dropbox web site, or via the API using /2/sharing/mount_folder.)

View solution in original post

4 Replies 4

Greg-DB
Dropbox Staff
Go to solution

Apologies for the confusion! This is the expected behavior. Before user B "accepts" or "mounts" the shared folder, they will have the right to access to (hence the returned "access_type"), but won't actually be able to do so, since the content hasn't yet been added to their account.

You can detect this from the /2/sharing/get_file_metadata call for user B. In the response, if 'path_display' and 'path_lower' aren't set, that means that the file is not mounted in the user's account yet, so they can't interact with it. (They can mount it using the Dropbox web site, or via the API using /2/sharing/mount_folder.)

lades
Explorer | Level 4
Go to solution

@Greg-DB I'm facing another issue with the access rights: 

I have a business account, get_file_metadata for a file from a team folder returns the tag `editor`, I assume the user has permissions to write (even both path_lower, patrh_display is set). However, upload rq is failing with the 409:

"error_summary": "path/no_write_permission/."

Please check the attached files for complete responses. 

upload is performed with this header

 

Dropbox-API-Arg: {"path":"id:f1MRSe_xAMAAAAAAAAAAOQ","mode":{".tag":"overwrite"}}

 

 

Greg-DB
Dropbox Staff
Go to solution

@lades I'll be happy to take a look, but I'll need some more information. Can you share the requests/responses for this? Please be sure to redact your access token though.

You mentioned "attached files" but I don't see anything attached.

Feel free to open an API ticket if you'd prefer to share privately. Thanks!

lades
Explorer | Level 4
Go to solution

@Greg-DB I found out what the problem was. When the header `Dropbox-API-Path-Root` is not specified, `get_file_metadata` is not returning the `path_lower` and `path_display` properties.

Dropbox-API-Path-Root: {".tag":"root","root":"63xxxxxx0"}

It all works fine (even the upload) if the `Dropbox-API-Path-Root` is defined. 

Need more support?