Viewing 13 replies - 1 through 13 (of 13 total)
  • Plugin Contributor bcrodua

    (@bcrodua)

    Hi,

    UpdraftPlus only requires access to the folder that you connect to.

    You can find the privacy policy here – https://updraftplus.com/faqs/privacy-policy-use-google-drive-app/

    Thanks,
    Bryle

    Thread Starter Tuhin Ahmed

    (@2h1n846)

    Hi @bcrodua
    Exactly! Then why it’s “See and download all your Google Drive files” please?
    I hope you have reviewed the screenshot I shared above.

    Thanks

    Plugin Support vupdraft

    (@vupdraft)

    The plugin requests the following scopes, as described by Google’s documentation:?https://developers.google.com/drive/api/v2/about-auth

    drive.file – “Per-file access to files created or opened by the app.”

    drive.readonly?– “Allows read-only access to file metadata and file content.”

    If you download the UpdraftPlus plugins and go into methods >> googledrive.php and goto line 429, you should be able to see that the drive-wide access (not full access – nothing can be edited, over-written or deleted) for the feature to re-scan storage for backups uploaded by other installs can be removed “if you are happy to lose that capability, you can use the filter below to remove the drive.readonly scope.”

    Thread Starter Tuhin Ahmed

    (@2h1n846)

    Hello,

    I would like to address my concern regarding the Google App that is owned by “[email protected]” and is redirected to “https://auth.updraftplus.com” for authorization. I am authorizing a third-party app, not my own app with my own website auth redirect URL.

    The issue at hand is that this app is granted permission as “drive.readonly,” which allows it to “View and download all your Drive files. (It’s not “Allows read-only access to file metadata and file content.” as stated in the reference link.)

    My question is, why am I being asked to authorize a third-party Google app, owned by “[email protected],” to have access to all of my drive files?

    Users can set up their own Google App and connect it with the plugin to send backups to their Drive.

    I hope you understand what I mean.

    Thanks

    Plugin Support vupdraft

    (@vupdraft)

    It’s a third party app because UpdraftPlus owns the app (rather you or Google). Third party apps are any apps that are created by companies other than Google.

    Please see here for more information;

    https://support.google.com/accounts/answer/3466521?hl=en

    https://support.google.com/accounts/answer/10130420?sjid=14776875900879547881-EU#apps-with-access

    You can only view and download backups made with UpdraftPlus which in the free version are always in the UpdraftPlus folder

    “Users can set up their own Google App and connect it with the plugin to send backups to their Drive. – Although individuals can create apps, unless they are verified by Google, they are hugely restricted in terms of what they can do. So, if you for example made a version of UpdraftPlus all your app would be able to link to would be your gmail as it would be unregistered. Please see here for a guide: https://support.google.com/a/answer/9352843?hl=en

    Thread Starter Tuhin Ahmed

    (@2h1n846)

    So, you guys don’t see any problem in “UpdraftPlus” owning the app and getting full permission to your Google drive (not only website backup created by updraftplus plugin)?

    Plugin Support vupdraft

    (@vupdraft)

    As I said earlier, the following these permissions are granted;

    drive.file?– “Per-file access to files created or opened by the app.”

    This means that the app has access to files created by UpdraftPlus

    drive.readonly?– “Allows read-only access to file metadata and file content.”

    This allows backups from other site to show if you press the “rescan remote storage link” – This is necessary for migrations.

    The read-only drive-wide access (not full access – nothing can be edited, over-written or deleted). This is for the feature to re-scan storage for backups uploaded by other installs to work for migrations. As it says in the googledrive.php script (updraftplus >>?methods >> googledrive.php, line 429, “if you are happy to lose that capability, you can use the filter below to remove the drive.readonly scope.”

    You can remove the drive wide (read only access) if you wish.

    Please see here for more information on the scopes: https://developers.google.com/drive/api/guides/api-specific-auth

    UpdraftPlus has to own the app, UpdraftPlus created the app and went through the verification process. If the users owned the app, every single user would have to go through this process: https://developers.googleblog.com/2019/09/get-smart-about-preparing-your-app-for-OAuth-verfication.html. I have never encountered an app that was owned by the company that created it

    If the scopes are an issue to you then you can use a bucket based system such as s3 where you have greater control over the permissions or have your backups so they complete on your server and then download them and upload them to your Google Drive.

    Thread Starter Tuhin Ahmed

    (@2h1n846)

    Hi
    I think either I am misunderstanding things or you are trying to ignore my concern by misinterpreting.
    Please correct me if I am wrong.

    What is the reference for this?

    drive.readonly – “Allows read-only access to file metadata and file content.”

    In your shared link https://developers.google.com/drive/api/guides/api-specific-auth
    I see this as
    https://www.googleapis.com/auth/drive.readonly
    Description: View and download all your Drive files.

    I think you understand what it means. As you said, "The read-only drive-wide access (not full access – nothing can be edited, over-written or deleted)."

    You are right. You must also know that "Thedrive.readonly access allows to view and download all your drive files"
    But I think you intentionally skipped this part which is my main concern. I never said that the API allowed to edit or delete my drive files. I said the API got permission to view and download my whole drive files.

    About GCloud API and verification:
    A lot of people use Gmail API with SMTP plugin and it requires them to create project +API.
    I don’t see any problem with that.

    I simply understand that “It will be hard for users” – doesn’t allow you to get “view and download” access to users whole drive”

    • This reply was modified 1 year, 4 months ago by Tuhin Ahmed.

    I get your point that it is asking for more permission than strictly required.

    Maybe creating another google account just for UpdraftsPlus would be a stop-gap measure? (if the free version isn’t enough space for your backup this might not be a good option though).

    Thread Starter Tuhin Ahmed

    (@2h1n846)

    @troy144
    That’s not all my friend.
    I wouldn’t like to authorize a third party to view and download my website backup either. Here updraftplus (I mean team@updraftplus, not the plugin) is the API owner.

    Hello,

    I too am a bit surprised about the permissions. Why are you asking for more permissions than needed? Couldn’t the drive.readonly permission be made optional so that only those who need backups uploaded by other installs be shown this additional permission?

    Cheers!

    In case that’s helpful, if you want to disable read-access to your whole Google Drive, add this to your functions.php before doing the sign into Google step:

    // this is to disable full read access on google drive to updraftplus
    add_filter('updraft_googledrive_scope', function ($scopes) {
        $scopes_array = explode(' ', $scopes);
        $new_scopes = array_diff($scopes_array, ['https://www.googleapis.com/auth/drive.readonly']);
        return implode(' ', $new_scopes);
    });

    When you go back to your updraftplus plugin config page and finish the setup by signing into Google, it will only ask access to UpdraftPlus files on Drive.

    I just did this, thank you all for this thread.

    • This reply was modified 1 year, 1 month ago by robindesbles.
    Plugin Author David Anderson

    (@davidanderson)

    The “read all files” permission is needed to read backups that a user manually uploads to his Google Drive. If you manually upload a backup (e.g. you created it on a local site, then uploaded it to Google Drive so that your site can see the backup and restore from it).

    If you know you’ll never want that, then the code snippet Robin gives removes it.

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘UpdrfatPlus App permission for GDrive’ is closed to new replies.