When selecting a file module from a course that is an access controlled link from the Google Repository as anyone with "edit" permissions in a course, a 403 error is shown preventing the file from being displayed due to an API error assigning write privileges to the item. 

When the request is processed by the send_file function in the repository/googledocs/lib.php file, it's hitting the second if block where the file is writable by the instructor and eventually getting the the method call "add_temp_writer_to_file" which is trying to create a permission request to the Google API.

Part of the permission request is sending an expiration date for 7 days past the time of the request but Google doesn't actually allow expirationTime to be set for a "writer" role. 

If the function is modified to create the write permission and then update the permission with a expirationTime, a 400 error is returned stating that writer permissions can not have expiration times. These are only supported on "Commenter" and "Viewer" roles. 

Modifying the function to add an expiry as a 'reader' role allows the document to be opened and request access to the owner of the document to allow write permissions. 

This appears to be the only use case where the add_temp_writer_to_file appears to be called in the plugin. If files are added to a course via repository and trusted users have write permissions to the objects in the course, do we want to assume they would have write access to the objects added and just use the add_writer_to_file function to allocate permission? Or, would it be better to write a new function that adds a reader role with a timeout and allows the user accessing the file to request permission from the document owner?