How To Use Box CLI API Command to Search for folder by exact name
I am trying to search for a specific user folder, by name, where the folder is owned by that user, using the Box CLI. In this case I will not yet know the ID of the folder, and need to locate the folder by name.
I am running the command as a co-Admin service account by specifying the "--as-user." I always get an empty result, like the search query is unable to find the folder, yet I know the folder Name is correct, and the Owner ID is accurate. I can easily locate the same folder within the Box Web Portal using the search function there, but cannot use the Box CLI command. I appreciate any help.
This picture describes what I am trying to do.
Here is the code:
box search "Joe Smith - Workspace" --scope enterprise_content --type folder --owner-user-ids "12374374123" --as-user "36467319632" --json
I'm wondering if you really have the enterprise content flag turned on.
Anyway if you know who owns the content then the as-user flag should work for you.
Consider the following JWT app user associated with the CLI:
❯ box users:get --fields id,name --csv
And the as-suer I'm looking for is:
❯ box users --fields type,id,name --csv
And I'll be searching for these folders:
❯ box folders:items 191494027812 --csv --fields type,id,name,parent --as-user=18622116055
So a simple search will work like this:
❯ box search "Media Samples" --type folder --fields type,id,name --csv --as-user 18622116055
And for an exact match we do:
❯ box search "\"Media Samples\"" --type folder --fields type,id,name --csv --as-user 18622116055
Now if I run this using the owner:
❯ box search "Media Samples" --type folder --fields type,id,name --csv --as-user 18622116055 --owner-user-ids 18622116055
It still works, because it is still consistent with the as-user. However if if I remove the as-user the results come back empty:
❯ box search "Media Samples" --type folder --fields type,id,name --csv --owner-user-ids 18622116055
The service user associated with the JWT authentication for this CLI has these configurations:
- Enterprise access
- All content actions (read/write all files)
- All administrative actions
- Make API calls using the as-user header
- Generate user access token
However the content permissions, in a "normal" situation, still apply, meaning if the owner user did not explicitly give permissions to the CLI user, the CLI user is not going to find the content. This CLI service user does have the capability of impersonating another user that it can see on the box users command.
Think of the as-user flag as which user is the CLI impersonating, and the owner-user-ids as and additional filter for what the security context already has access to, meaning the owner-users-ids will not give the CLI user greater access.
By "normal" I mean without the enterprise_content flag turned on. This is unusual and requires a support ticket to be turned on, hence my starting question.
If you did request the enterprise content to be turned on, please do open a support ticket for further investigation.
Please sign in to leave a comment.