I am using Google Sheets as an online database for six users. It has buttons that run scripts mainly to hide/unhide sheets. People I share it with, tell me they require permission or authorization when they activate the button to run the script. I don't know how to grant permission. Can anyone help, please?
the script is attached to your spreadsheet and at some point, you authorized the script for your spreadsheet. now if you share that spreadsheet then all your people will need to do the same - authorize the script for a given spreadsheet for themselves (in other words, they need to allow running those scripts because all non-authorized scripts are by default disabled).
prompt them to enter script editor and press run button (triangle-shaped). a window will pop up with the question if they want to authorize those scripts. when they do they can use those scripts too.
if you are advanced script user you can set up an installable trigger for your spreadsheet to ease this process
Related
I have a google sheet and created an app script by clicking on the extensions -> "Apps Script".
I imported the App Script in the Google sheets using Macro -> "Import Macro" and thus triggered it with the click of a button.
Everything works ok but when I share this sheet with editor access to a Microsoft account, the Microsoft account indeed can edit the content of the sheet but is not able to run the app script by clicking on the button.
First of all, sheet requests the permission to run the app script].
After clicking "Continue" it results in the error "Something went wrong".
Does Google not allow the running of scripts by a non-Google account user?
Is there any way to allow non-Google / workspace users to run the script?
Does Google not allow the running of scripts by a non-Google account user? Is there any way to allow non-Google / workspace users to run the script?
Short answer is no.
Longer answer is that in order to run a script the script needs to be authorised to run as somebody. If the person doesn't have a Google account then there is no account to authorise the script and so it can't be run.
I've built a spreadsheet as a form by google script with one button which updates a database(a different sheet) according to the form - btn_pressed().
I want to authorize any google account I give access to - to use the form (activate the google script code), and update the database and send mail (part of the btn_pressed() process).
should I publish the script as a web app? or there's another way to do what I'm looking for
I understand that you want to automatically authorise the script for other users when they come to run the script?
I recently learnt you can only do this with certain triggers such as onOpen() out onEdit(), there is a way round this though. Please see the following link as i asked the question on here myself!
Remove authorisation required for script on Google sheets
I trust that helps
I am using Google Apps Script to enable a custom drop-down menu in Google Slides. When I am asked to authorize the script, it asks for permission to View my Google Spreadsheets, but I don't use the Spreadsheet service in my code (I tried searching for "Spreadsheet" in my code).
Spreadsheets is listed in the project scopes, but I can't seem to remove it directly from there. The manifest does not show anything Sheets related. Any help would be greatly appreciated!
I'm new to the world of Google Apps Script, and I found myself faced with a problem. I've created a script that runs as an onOpen() trigger, but if the spreadsheet file is read-only, this script does not run. I read that, being read-only, it is not able to run it. Is there a way to remedy this problem?
I gave the permissions in edit, blocking all the cells from scripts. I wish people can not see the script, as this allows them to re-run the script and take "power" on the sheet. If I create an API can I keep the sheet read-only?
Any suggestions?
All scripts must run under someone's authority. Under whose authority, a script is run determines whose data is accessible to the script and whether such authority can run the script.
Authorization Concepts:
Scripts which are run from the script editor run under the authorization of user at the keyboard¹. Custom functions runs anonymously. Installable triggers runs under the user created the trigger. WebApps run as per the options selected during deployment.
Simple triggers fire automatically and anonymously under these restrictions²:
The script must be bound to a Google Sheets, Slides, Docs, or Forms file, or else be an add-on that extends one of those applications.They do not run if a file is opened in read-only (view or comment) mode.They cannot access services that require authorization.
Installable triggers must be set up and run under the user who set up the trigger³.
They do not run if a file is opened in read-only (view or comment) mode.Installable triggers always run under the account of the person who created them.A given account cannot see triggers installed from a second account, even though the first account can still activate those triggers.
You can restrict access to spreadsheet, sheets or ranges⁴,⁵.
Deductions:
Mr.A(Owner) has a spreadsheet. The spreadsheet has two sheets 1.Main Sheet and 2. Secret Sheet(Sheet is protected and hidden to be edited only by Mr.A). It also has the following scripts: 1. A simple trigger script(onEdit) to set timestamp as a note in every cell that is edited. 2. A installed trigger (AonEdit()) to send email from MrA's email on every edit. 3. A function(summary()) to create a summary of Main Sheet and send email from user's account to himself(to run manually from script editor). 4. A function to protect the secret sheet(protect()) 5. A simple onOpen() trigger logging Someone opened your sheet. And He gives edit access to Mr.B(a editor). What can Mr.B do?
Mr.B edits cell A1 in Main Sheet:
Simple trigger onEdit is fired anonymously and a timestamp is set on A1 as a note.
Installable trigger AonEdit is fired under Mr.A's authority and a email is sent from Mr.A's gmail.This is not known to Mr.B,though he can see the script itself.
Mr.B,being a cunning person as he is, unhides the secret sheet successfully and attempts to modify it:
Mr.B could not modify the secret sheet,even though he can fully unhide/view it
Mr.B finds the script editor and tries to run the function summary(). This function needs gmail permission. Mr.B is greeted with authorization[¹] for Mr.B's gmail account,so that the function may run. Mr.B grants authorization and the summary is sent from Mr.B's gmail account.
Mr.B cunningly modifies the protect() function to grant himself edit access to the secret sheet. The user at the keyboard is Mr.B. Mr.B's authority is not enough. He's greeted with the following error:
You are trying to edit/remove a protected cell or object. Please contact the spreadsheet owner to remove protection if you need to edit.
Mr.A (Owner) knows about this unauthorized access attempt by Mr.B, He restricts edit access to All sheets. Now, Mr.B even though has permission to edit the spreadsheet, He cannot edit any sheet in the spreadsheet. Whenever he opens the sheet, the simple onOpen() is triggered logging Someone opened your sheet. Mr.B however can run the function summary() even now(If he has the script editor link) to get the summary of the sheet.
Solutions:
as this allows them to re-run the script and take "power" on the sheet.
A user with write permission can enter the script and modify the permissions.
As explained above, That wont be possible. The sheet/range edit permission is maintained even at the script level. However, A potential loop-hole is the AonEdit() function. If Mr.B were to know that Mr.A had set up a installable trigger for AonEdit() function, He can modify the AonEdit() function to say protection.remove(),which will run under Mr.A's authority(Installable triggers run under the person who created it) and thus the protection is removed.
I wish people can not see the script.
You can use a standalone script⁶. You can also use installable triggers[³] with standalone scripts subject to the restrictions of those triggers(such as It'll only run under your authority). Since the script is not bound to the spreadsheet, Editors on the spreadsheet do not have edit/view permission on the script. Alternatively, You can publish a addon⁷/webapp⁸.
How can I allow users with permissions of "View Only" the ability to execute an apps script in a spreadsheet?
I've created a custom menu choice triggered by onOpen() that launches the script fine for anyone with edit permissions. However, onOpen() does not run for anyone with only view/comment permissions (consistent with the documentation) and thus the menu is not created and there is no way to launch the script.
Ideally, I would like view only users to view and execute the script, but not modify it.
If executing the script results in modifying any content of the sheet then I think it's reasonable to expect only those users with edit rights will be able to run the script. In view of this I am not sure I understand the question at all.
Ideally, I would like view only users to view and execute the script, but not modify it.
Simple triggers and installable triggers that are able to use SpreadsheetApp.getUi like onOpen and onEdit are executed only for users with edit permissions.
Instead of using a custom menu you could add a link to script published as web app allowed to be accessed by anyone and run. The link could be added to a cell or to an image.
Related
Threads with answers with score > 0
Google App Script - allowing access for anonymous users
Threads with one answer with 0 score
Extend Google Spreadsheets UI with a Google Web App
Google Spreadsheet - Custom menu won't load because onOpen won't fire
I just spend a few days on this and don't believe you can! In order to let an anonymous user execute a web app google app script, you have to set it to "Anyone on the internet with this link can edit" in the app script sharing options. Plus you have to make the sheets the script touches editable by anyone. Plus you have to deploy it as executed by you and everyone has access.
No sir, I don't like it. The app script should be executable without being editable. Google's choice makes no sense, especially considering how difficult they've made it to share content with anonymous users. You'd think they would allow an execute privilege without a modify privilege. (Are opinions allowed in answers?)