Team Folder Libraries - Allow removal of user permissions
Please see Support Call #11625 for the details leading to this feature request.
In a Team Folder, when a user creates a file, they seem to be given explicit permissions to that file, even if they are already a member of a usergroup that already has those permissions.
This explicit permission becomes a problem when the user moves to a different department and needs to have their access to the files in the first department removed. The user can be removed from the usergroup but they still have access to some files because of the explicit permissions given to them when they previously created files.
This makes it almost impossible to control access to files in a Team Folder, since there is no easy way of removing a user's access to any files they have created there.
REQUEST:
1) Could you develop a function that will remove the explicit access that Google adds to a file at the time it is created?
2) Alternatively, could you develop a function that will search through a Team Folder and remove a named user's access to any files they have access to?
Thank you.
Comments
Agree completely with the need for features like this!
Currently - the ONLY alternative is to use the AODocs library function under Library Security > Root Folder Permissions, to "Apply same permissions to children"
The problem with this approach is that it CHANGES the modified date on every single file in your Library - removing that field as being in any way useful for users searching for "recently" changed files!
Furthermore, if you have a deliberately multilayer approach to folder permissions eg there are different permissions at subfolder level TWO (rather than at the root level), then you cannot use this approach at all.
Look forward to a more viable approach to the need for being able to remove a User from a team Folder - without them retaining individual access to files they created/uploaded.
Cheers
This is what I have done in this situation:
In this example Jo.Bloggs@MyCompany.com has left the team.
In Google Drive, go to the root or the AODocs library.
In the Search box, type in: “to:Jo.Bloggs@MyCompany.com”
Then press the AODocs search button.
This will list all the files in the library that Jo.Bloggs@MyCompany.com has access to.
Select all the files (or the first 20).
Right-Click and select Share. Then Advanced.
You will see a list of all users/groups that have access to the files.
Click the cross against Jo.Bloggs@MyCompany.com.
This will remove the access.
Repeat until you have done all the files.
Does this make sense?
@John Mills
Yes, John , this does seem to provide a useful workaround for the problem.
I found you need to give yourself permissions to the whole team folder in order for the search to pick up everything but you can obviously reverse these permissions after you carry out the corrections.
On testing with a live situation, this does seem to work, so thank you for that helpful information.
Please sign in to leave a comment.