Three sharing models. Three completely different permission evaluation paths. Jay had drawn them on a whiteboard that he'd bought from a surplus store and leaned against the wall of his office, because the Docs twin was for collaboration and whiteboards were for thinking.
Model one: "Anyone with the link." The file was accessible to anyone who had the URL. No authentication required. No identity check. The Drive twin generated a sharing URL with a random token, and any request bearing that token received the configured access level—viewer, commenter, or editor. The twin tracked how many times the link was accessed and by which IP addresses, because real Drive tracked that too.
"The subtle behavior," Jay said, pointing at the first column on his whiteboard, "is that 'anyone with the link' still respects the role. You can have a link that grants viewer access. If someone with that link tries to edit, they get a 403. The link grants presence, not omnipotence."
Model two: "Specific people." Each person was granted access explicitly, by email address. The Drive twin maintained a permissions table: file ID, user email, role, and expiration date. Every API call was checked against this table. If the authenticated user's email wasn't in the table, 404. Not 403. Drive returned 404 for files the user couldn't access, making it impossible to distinguish between "this file exists but you can't see it" and "this file doesn't exist."
"Security through ambiguity," Navan noted.
"It's a deliberate design choice. Real Drive does it. The twin does it. If an agent receives a 404, it can't assume the file is missing. It might just be invisible."
Model three: "Organization." The file was accessible to anyone in the Google Workspace domain. The Drive twin checked the authenticated user's domain against the file owner's domain. Same domain: access granted at the configured level. Different domain: 404, same as model two.
"But organization sharing interacts with the other two models," Jay continued. "A file can be shared with the organization AND with specific external users AND via a link. All three models can be active simultaneously on the same file. The effective permission is the union of all applicable models."
"Union, not intersection?"
"Union. If you're granted viewer access through the org model and editor access through a specific-people permission, your effective access is editor. The most permissive applicable model wins."
Navan frowned. "That's dangerous."
"It's how Drive works. The twin's job isn't to be safe. It's to be accurate." Jay erased a section of the whiteboard and redrew it. "The edge case that caught us was shared drives. Shared drives have their own sharing settings that can restrict the models available to files within them. A shared drive can disable link sharing entirely. A file inside that shared drive can't be shared via link even if someone tries to create a link. The API call succeeds but returns a link that doesn't work."
"The API call succeeds?"
"Returns 200. Creates the sharing link. The link just doesn't grant access. Silent failure." Jay capped his marker. "The twin replicates that too. A sharing link that exists but doesn't work. Because that's reality, and the twin is real."
A sharing link that returns 200 but doesn't actually work. That's not a bug, that's Drive's personality. Love that the twin captures this kind of behavioral dark matter.