How to delete a google docs without ownership using an API/Services account

Question

I have failed in all my attempts to delete a document without the ownership.

What I have tried so far

• Attempted to delete document using a services account (Tried, Failed)
• Attempted to delete document as drive admin (Tried, Failed)

In my final attempt; I am trying to follow the solution suggested in this thread

Delete a file from different owner with Google Drive API

1. Logged in as a services account (service account has been authorized with domain-wide delegation https://developers.google.com/drive/web/delegation) (Success)

2. Impersonate as the owner of the document. (Success)

3. Attempted to change owner to drive admin account. (Failed with Insufficient permissions for this file)

4. Attempted to delete the document (Failed with Insufficient permissions for this file)

Sample Code"

String serviceAccountEmail = "xxxxxx-bpoaj0ekfgcort8tcqpqh661ceet9pqs@developer.gserviceaccount.com";
var certificate = new X509Certificate2(@"key.p12", "notasecret", X509KeyStorageFlags.Exportable);            
ServiceAccountCredential credential = new ServiceAccountCredential(new ServiceAccountCredential.Initializer(serviceAccountEmail) 
{
    Scopes = Scopes,
    User = "user" //<<-- I populate this with the user to impersonate
}.FromCertificate(certificate));

// Create the service.
var service = new DriveService(new BaseClientService.Initializer()
{
    HttpClientInitializer = credential,
    ApplicationName = "Drive API Sample",
    });

UpdatePermission(service, d.DocId__c , permission_id, "owner"); //<-- updating the permissions of the admin account to owner

FilesResource.DeleteRequest request = service.Files.Delete(d.DocId__c);
String response = request.Execute(); //<-- deleting the doc here, do i need to login again using admin account?

Answer 1

Issue was resolved by changing UpdatePermission method to use TransferOwnership = true; Full code snippet included

    private async System.Threading.Tasks.Task Run()
    {
        String ownerPermissionId = "";
        String ownerEmail = "";
        String adminEmail = "[email protected]";
        String adminPermissionId = "";


        String serviceAccountEmail = "895523393387-bpoaj0ekfgcort8tcqpqh661ceet9pqs@developer.gserviceaccount.com";
        var certificate = new X509Certificate2(@"key.p12", "notasecret", X509KeyStorageFlags.Exportable);

        // Create the service.
        var service = new DriveService(new BaseClientService.Initializer()
        {
            HttpClientInitializer = new ServiceAccountCredential(
           new ServiceAccountCredential.Initializer(serviceAccountEmail)
           {
               Scopes = Scopes
           }.FromCertificate(certificate)),
            ApplicationName = "Drive API Sample",
        });

        // Create admin impersonated service
        var adminService = new DriveService(new BaseClientService.Initializer()
        {
            HttpClientInitializer = new ServiceAccountCredential(
           new ServiceAccountCredential.Initializer(serviceAccountEmail)
           {
               Scopes = Scopes,
               User = adminEmail
           }.FromCertificate(certificate)),
            ApplicationName = "Drive API Sample",
        });

        // this is the web reference object generated by Visual Studio
        SforceService sfservice = SForceLogin.Login();
        sfservice.Timeout = 60000;

         QueryResult result = sfservice.query("select Id, Name, DocId__c from G_Doc__c where PleaseDelete__c = true limit 200");

        List<String> toDelete = new List<String>();

        if (result.size > 0) 
        {
            sObject[] docs = result.records;

            foreach (sObject so in docs){
                G_Doc__c d = (G_Doc__c)so;

                try
                {
                    IList<Permission> lstPermissions = RetrievePermissions(adminService, d.DocId__c);

                    if (lstPermissions == null)
                    {
                        toDelete.Add(d.Id);
                        continue;
                    }

                    foreach (Permission p in lstPermissions)
                    {
                        if (p.Role == "owner")
                        {
                           ownerEmail = p.EmailAddress;
                           ownerPermissionId = p.Id;
                        }
                        else if (p.EmailAddress == adminEmail)
                        {
                            adminPermissionId = p.Id;
                        }
                    }

                    // Create owner impersonated service.
                    var impersonatedService = new DriveService(new BaseClientService.Initializer()
                    {
                        HttpClientInitializer = new ServiceAccountCredential(new ServiceAccountCredential.Initializer(serviceAccountEmail)
                    {
                        Scopes = Scopes,
                        User = ownerEmail
                    }.FromCertificate(certificate)),
                        ApplicationName = "Drive API Sample",
                    });


                    UpdatePermission(adminService, impersonatedService , d.DocId__c, adminPermissionId, "owner");

                    FilesResource.DeleteRequest request = adminService.Files.Delete(d.DocId__c);
                    String response = request.Execute();
                    if (String.IsNullOrEmpty(response))
                    {
                        Console.Out.WriteLine("Deleted " + d.Name);
                        toDelete.Add(d.Id);
                    }
                    else
                    {
                        Console.Out.WriteLine("Error Deleting " + d.Name + " : " + response);
                    }
                }
                catch (Exception ex) {
                    if (ex.Message.Contains("File not found"))
                    {
                        toDelete.Add(d.Id);
                        Console.Out.WriteLine("Error Deleting " + d.Name);
                    }
                    else
                    {
                        Console.Out.WriteLine("Error Deleting " + d.Name + " : " + ex.Message);
                    }
                }
            }

            DeleteResult[] dr = sfservice.delete(toDelete.ToArray());
        }
    }

    // ...

    /// <summary>
    /// Retrieve a list of permissions.
    /// </summary>
    /// <param name="service">Drive API service instance.</param>
    /// <param name="fileId">ID of the file to retrieve permissions for.</param>
    /// <returns>List of permissions.</returns>
    public static IList<Permission> RetrievePermissions(DriveService service, String fileId)
    {
        try
        {
            PermissionList permissions = service.Permissions.List(fileId).Execute();
            return permissions.Items;
        }
        catch (Exception e)
        {
            Console.WriteLine("An error occurred: " + e.Message);
        }
        return null;
    }

    /// <summary>
    /// Update a permission's role.
    /// </summary>
    /// <param name="service">Drive API service instance.</param>
    /// <param name="fileId">ID of the file to update permission for.</param>
    /// <param name="permissionId">ID of the permission to update.</param>
    /// <param name="newRole">The value "owner", "writer" or "reader".</param>
    /// <returns>The updated permission, null is returned if an API error occurred</returns>
    public static Permission UpdatePermission(DriveService service, DriveService impersonatedService, String fileId,
        String permissionId, String newRole)
    {
        try
        {
            // First retrieve the permission from the API.
            Permission permission = service.Permissions.Get(fileId, permissionId).Execute();
            permission.Role = newRole;

            PermissionsResource.UpdateRequest request = impersonatedService.Permissions.Update(permission, fileId, permissionId);
            request.TransferOwnership = true;
            return request.Execute();
        }
        catch (Exception e)
        {
            Console.WriteLine("An error occurred: " + e.Message);
        }
        return null;
    }