I added a Doc that has a bunch of custom onOpen() scripts to the template library, when I select the document template and create a new document the scripts no longer work. It seems to be some kind of permissions issue because when I go to edit the script within the new document I'm asked to Allow permission, I select allow, and then the script starts working. I need the permission to be granted by default!
I need the permission to be granted by default!
This is unfortunately not possible :( Please refer Container-bound Scripts > Access to bound scripts.
As it indicates -
Only users who have permission to edit a container can run its bound
script. Collaborators who have only view access cannot open the
script editor, although if they make a copy of the parent file, they
become the owner of the copy and will be able to see and run a copy
of the script.
As a solution perhaps, "...you can force the authorization dialog..." as indicated at Manual authorization scopes for Sheets, Docs, Slides, and Forms.
Hope this helps!
Related
I have added an image on my grid, and assign script to it. But script executes only when I click on image, and when another user(with reader permission) clicks on image nothing happens. The same situation is with onOpen() trigger - nothing happens when user whith reader permission opens the grid. I understand that editor permission will fix it, but I don't need the user to be able to edit the table, I only need that user be able click buttons(image)/get alive triggers/menus that i create, but not edit anything manually. How can i do this(may be i should give some extended reader permission, or to turn on something in GAS project)?
When users execute a script for the first time, they will get an allow permissions prompt, so they can authorize the script to make changes on their behalf.
However, if the user has viewing permissions over the sheet or file, they cannot authorize the script to run or make changes on their behalf since they cannot make changes to the file. (I found a similar question, with the difference that the sheet was embedded in a website that has some information about why it does work here).
And it's documented in the Apps Script documentation here:
An installable open trigger runs when a user opens a spreadsheet, document, or form that they have permission to edit.
You can also request a feature request to Google asking for an option to allow users with "viewing permissions" to run scripts here.
In this case I think you may give editor's permissions but protect the sheet/range so only you can edit them with this option -->
https://support.google.com/docs/answer/1218656?hl=en&co=GENIE.Platform%3DDesktop#zippy=%2Cprotect-a-range-or-sheet
Let me know if this worked!
Option 2:
Adding to those protected ranges you can too create a Library with your functions in another spreadsheet (or in Google App Script independently) -> read about it here
You can now set buttons/menus associated with those original functions, but I think that this can give you an altenative
For example:
function function1_toOrigin() {
LibraryName.function1()
}
function function2_toOrigin() {
LibraryName.function2()
}
Yes, they'll be able to access to these linking functions but nothing more, I think they won't be that unreliable??
IMPORTANT: If there are modifications to the script you should deploy them again as a new version of the library and update the version in your spreadsheet by double-clicking in your library
Why am I not able to give permission/authorization to a Google Apps Script that I also made using the same Google account?
It seems like Google doesnt trust myself to use my own Google Apps Script with my own Spreadsheet.
Here is the line of code that breaks everything. If this line doesnt exist, I'm not asked for permission.
var sheet = SpreadsheetApp.getActiveSheet();
So it's trying to access the spreadsheet that created this Google Apps Script, also made using my account but I cant grant permission.
When I run the line of code above, I am told I need to give permissions, so I do by selecting the account name I am already logged into. I am greeted by this error,
This app isn't verified
which unfortunately does not provide competent documentation to troubleshoot.
Any feedback or help would be much appreciated! Thanks!
Click on the "Advanced" link and you'll be able to authorize your script.
To reduce the scope of permissions you request, you also have the option of declaring your script project to be only able to interact with the bound document:
/* #OnlyCurrentDoc */
function myFunction() {
...
This declaration is incompatible with some methods (such as SpreadsheetApp.openById()), and using an incompatible method results in an error in the application execution.
Successfully adding it to your project is generally sufficient to remove the "This application is unsafe" layer of the authentication flow, meaning the authorization and permission list is not hidden behind the "Advanced" tab.
In addition to declaring as current document only, manually editing the requested scopes of your project in its project manifest can help reduce the perceived threat from an unverified application (for example, retaining only the "read_only" version of certain scopes, where applicable). Apps Script documentation offers more details on project manifests.
I've a public Google Sheet (everyone can access it and edit it). In it, I use a script, a function, that download a csv with the UrlFetchApp.fetch(url);.
When an anonymous user access it (without the google login), the user can view, and edit the sheet, but, the user cannot run the script. The user must be logged with a google account to the script do the working.
The stranger thing is that this sheet with this script was working for anonymous users early. This problem didn't occur before a couple weeks ago.
Do you know if the google change something about security or is it an error that I am doing?
In order to run apps script on a particular user's behalf, Google Workspace requires that user's permission, via an OAuth flow.
If a user is anonymous therefore, you can see why this permission cannot be granted, which is why the script won't work for those users.
I guess it is an intended behavior as long as the anonymous user access the sheet via shareable link. As stated in this support page, you might see a name you don’t recognize or "anonymous animals" viewing your document, spreadsheet, or presentation. This can happen when a document is shared publicly or with anyone who has the link.
Limit how people can view your file
If you want to stop sharing a file you can edit, you can learn how to:
Turn off link sharing for a file.
Prevent others from sharing files you own.
Hope this helps.
How can I allow users with permissions of "View Only" the ability to execute an apps script in a spreadsheet?
I've created a custom menu choice triggered by onOpen() that launches the script fine for anyone with edit permissions. However, onOpen() does not run for anyone with only view/comment permissions (consistent with the documentation) and thus the menu is not created and there is no way to launch the script.
Ideally, I would like view only users to view and execute the script, but not modify it.
If executing the script results in modifying any content of the sheet then I think it's reasonable to expect only those users with edit rights will be able to run the script. In view of this I am not sure I understand the question at all.
Ideally, I would like view only users to view and execute the script, but not modify it.
Simple triggers and installable triggers that are able to use SpreadsheetApp.getUi like onOpen and onEdit are executed only for users with edit permissions.
Instead of using a custom menu you could add a link to script published as web app allowed to be accessed by anyone and run. The link could be added to a cell or to an image.
Related
Threads with answers with score > 0
Google App Script - allowing access for anonymous users
Threads with one answer with 0 score
Extend Google Spreadsheets UI with a Google Web App
Google Spreadsheet - Custom menu won't load because onOpen won't fire
I just spend a few days on this and don't believe you can! In order to let an anonymous user execute a web app google app script, you have to set it to "Anyone on the internet with this link can edit" in the app script sharing options. Plus you have to make the sheets the script touches editable by anyone. Plus you have to deploy it as executed by you and everyone has access.
No sir, I don't like it. The app script should be executable without being editable. Google's choice makes no sense, especially considering how difficult they've made it to share content with anonymous users. You'd think they would allow an execute privilege without a modify privilege. (Are opinions allowed in answers?)
So my question i have a google docs template which has a script with certain autofill criteria. After you click on use this template fine you get a file and when you run the script everytime is asks for permission to access the certain things google needs to identify you, it basically acts like its a new app everytime you create a new file from the template.
Is their a way of setting it won't ask for permission everytime?
If you have a document bound script in your document, and if you will make a copy of that document and run the script, google app script will ask permission every time. Copying the document with script acts as if you have created a new script file and now script will ask permission on its first run.
Possible solution
You can publish your script as google document add-on. If you don't want to expose it publicly, you can also publish the add-on privately which only you or someone you will share with, can use.
check out the documentations
https://developers.google.com/apps-script/add-ons/publish#development_checklist
https://developers.google.com/apps-script/add-ons/domain-wide#publishing_for_domain-wide_installation
Publishing the add-on will bind your add-on to every document for google apps.