Google Drive Doesn't Unlock After Re-opening App

Greetings,

I hope you are safe and well. I have two Google Drive accounts “A” & “B”. “A” contains my Cryptomater vault. “B” has been added as a viewer to the vault folder by “A”.

“A” successfully manages to unlock the vault after it is first added onto the app. However, after locking and reopening the app there is no password prompt and instead displays “An Error Occured”. Using “B” instead to access the vault results in the same behavior (unable to unlock after reopening).

The problem can be temporarily resolved on “A” by removing the vault and re-adding it which prompts for the password and unlocks successfully, however it breaks after reopening. Similar behavior cannot be reproduced on “B” which despite re-adding stays broken (“An Error Occured”).

I have also sent the logs on the Cryptomater HelpDesk (Ticket#82294). I would be very grateful for your help.

Thanks.

Additional Misc Details:

  • Vault was created using Cryptomater v1.6.17 on Windows
  • Vault size is around ~70 Gbs
  • I’m using Cryptomater v1.7.5 on Android. However, the same issue is also present on v1.8.0b1 too.

Hi and welcome to the Cryptomator Community :slightly_smiling_face:,

Thanks for reporting this bug, I’m currently trying to reproduce it.

Hi, I believe I may have narrowed down the issue for you. After poring through the logs, they seemed to show that Cryptomater breaks on the following API call:

GET https://www.googleapis.com/drive/v3/files/1t4b2SkzT_DW18q6_lcVQeeuF5r1Cm_GF/revisions

{

“code”: 403,

“errors”: [

{

  “domain”: “global”,

  “location”: “Authorization”,

  “locationType”: “header”,

  “message”: “The user does not have sufficient permissions for file 1t4b2SkzT_DW18q6_lcVQeeuF5r1Cm_GF.”,

  “reason”: “insufficientFilePermissions”

}

],

“message”: “The user does not have sufficient permissions for file 1t4b2SkzT_DW18q6_lcVQeeuF5r1Cm_GF.”

}

I believe Cryptomater is trying to use actions that would only be available to people added as editors (i.e. requesting for file revisions). As Account “B” was added as a viewer, these permissions were not available, hence leading to “reason”: “insufficientFilePermissions”.

When I altered “B” to an editor and after waiting for around an hour for the changes to reflect on all the sub-folders. After removing and re-adding the vault, the error seemed to disappear.

I hope this helped! If I am correct, is there a possibility for supporting read-only access on shared Google Drive vaults. That is not requesting for permissions only available to Editors by default, unless a specific actions demands it. And showing a suitable error message about lack of permissions if permissions are not available.

I believe sharing vaults without giving the end-user write access is a important use-case Cryptomater should support!

A post was split to a new topic: Unlock fails with “failed with error: invalidPassphrase” when unlocking a vault with an apostrophe in the parent folder name

Yes, that sounds in any case very comprehensible and logical. Thank you for staying tuned and finding the cause.

It does indeed help very much. In the short term as you mentioned, we should show an specific error message and in the long term we should support ready-only access, yes.

Thank you @SailReal , can I expect a fix anytime soon? Since my use case involves sharing with various non-technical people, now all having write access. Any accidental changes they make end up breaking it for everyone.

Additionally, I have also created a GitHub issue Google Drive Doesn’t Unlock After Re-opening App #476

Can’t promise anything but read-only mode will come with the “freemium model”-feature, maybe we can look into this while implementing.

Thanks for creating the issue on GitHub.

Sure @SailReal ! Could a short-term fix at least be implemented that would display a logical error message when the vault is shared to a viewer and the vault unlocks instead of locking the user out and displaying “An Error Occurred”.

A temporary fix for all others facing this problem is to ask your “View-only” users to turn off the “Cache” in the Cryptomater Android app settings. This stops Cryptomater from requesting for file revisions from the Google Drive API and the vault from breaking.