Why and how to check permissions before moving a folder to a Shared Drive

Permission model in My Drive and Shared Drives are different

In My Drive, permissions can be restrictive. This is not the case with Shared Drives, where permissions are strictly expansive.

In My Drive you can completely revoke someone’s access to a specific folder and all of its descendants, like depicted in the picture opposite:

In Shared Drive, if someone is a member of the Shared Drive, he will have access to its entire content. Same if someone has access only to a folder, he will necessarily have access to all of its content below. 

The same applies to access levels.

The picture opposite is an example in My Drive. The user has access to the root folder as a Commenter. His access level has been increased to Editor on two subfolders, unchanged on one, and decreased to Viewer on another one. This last configuration cannot be reproduced in a Shared Drive.

To sum up: 

In Shared Drive you can only increase the level of permission on a specific file or folder.

Managers can also allow people that are not Shared Drive members (Guests) to access specific files or folders.

Attention point: by doing so, Guests will be able to grant permissions to the files shared with them if you grant them Content Manager or Contributor access and if the Shared Drive settings allow it. 

Folgo is perfect to scan any folder and report all permissions changes between a given folder and its content.

Use Folgo’s “Inspection” feature to check how permissions are inherited in your folder

When you run an inspection on a folder, you can select the option “List files permissions”

With this option activated, Folgo will allow you to identify files and folders that have different permissions from their parent.

You will get a full report in Google Sheet (sent by email at the end of the inspection), with the list of all files and folders inventoried and a specific column named “Permission changes from parent” where you will see when a specific file has different permissions from its direct parent folder 

This column has 4 possible values : 


Below is an example of the different situations you might find yourself in: 

I am the owner of a folder named “Accounting documents”, located in My Drive. I want to transfer it to a new Shared Drive dedicated to accounting. I choose to run an Inspection before, so I can analyze all the permissions given to the items it contains.

The root folder “Accounting documents” is shared with all the employees and has 4 subfolders: 

Below is the report sent by Folgo after the inspection:

All of its content below is flagged as “NO_CHANGE” because no permissions modification has been made on them. 

As you can see on the picture below, Folgo warns you directly in the report mail when you have reduced permissions in your folder.

Now you know how to use Folgo at its full potential by combining the “Move to Shared Drive” feature to the “Inspection” !