reapply_user_group_permissions
Recreates user and group ACLs on Shared Drive files based on permissions from an audit sheet. Requires confirmation to execute.
Instructions
Step 12 — Reapply user and group permissions from the audit sheet.
DESTRUCTIVE — requires confirmed=True to execute.
Reads the all_permissions sheet and re-creates every user/group ACL
on the corresponding file in the Shared Drive. Processes only
rows where permission.type is "user" or "group".
INFO: Ownership cannot be transferred via ACL on a Shared Drive.
In Shared Drives the drive itself is the owner — owner-role rows
from the audit sheet will be silently ignored.
Args:
user_email: The admin email executing the command.
sheet_id: The ID of the Google Sheet containing the audit.
sheet_name: The tab containing ACL data (default: "all_permissions").
confirmed: Must be True to execute. False returns a preview.
GAM command:
gam config csv_input_row_filter "permission.type:regex:user|group"
redirect stdout ./reapply_user_group_perms.txt multiprocess
redirect stderr stdout
csv gsheet <user_email> <sheet_id> <sheet_name>
gam user <user_email> create drivefileacl "~id"
"~permission.type" "~permission.emailAddress"
role "~permission.role" nodetails
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| sheet_id | Yes | ||
| confirmed | No | ||
| sheet_name | No | all_permissions | |
| user_email | Yes |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |