We are interested in getting the enterprise events from Box API which are documented here. I see that there are enterprise events for items being shared and unshared. These are SHARE and UNSHARE. However there are no events when permission(access level) are changed for shared links. So e.g if someone changes the access level from OPEN to YOUR_COMPANY or vice-versa, the Box API does not send any event..Our use-case is such that we would like to known when the access level changed. How can this be achieved?
Do we need to submit a feature request to Box? If so, what is the process? Also, what can be the timelines for any new revisions in which this feature can be added?
Good catch. Consider you feature request submitted.
Related
I currently have a onEventOpenTrigger that returns a card with informations from the server as well as information from the event itself.
The problem I am facing is that I can edit the server info as well as info from the event. So I want to render the Card with the updated info every time I reopen the event.
Now I am able to rerender the card by using a different trigger eventUpdateTrigger that helps me re render the card in case theres a change in members or a change in conference solutions. But I can't seem to retrigger it when I change the time.
Does anyone has any better idea than a refresh button to achieve this. Thanks in advance.
Times of the event (start and end) are not supported by Calendar event triggers.
According to the documentation, eventUpdateTrigger will only be triggered if:
- Adds one or more attendees.
- Removes one or more attendees.
- Adds or switches to a different conferencing solution.
There is a feature request on Google's Issue Tracker asking for the date/time fields to be supported. You can click on +1 to give more priority to it and to receive updates.
In the current situation, the refresh button seems to be the best option for your case.
When I log in with an account which does not belong to the expected domain, this message is shown (which is correct).
I think this message is kind of ugly and not understandable for a non-developer person. Is there a way to modify this message in the Google Cloud Console or inside the OAuth code? I would like to display for example:
The email you used does not belong to the happy.com domain.
I fount this Feature Request In the Public Issue Tracker, and there they suggest to follow the steps of Customize the rejected-app message. Basically it mentions:
Your current account, user#domain.com, doesn't have permission to do these steps. To continue, switch to an administrator account. This will open the Google Admin console.
Switch to administrator account now or Learn more
From the Admin console Home page, go to "" and then Security and then API controls.
Under App access control, go to the Settings section.
Type your custom text in the box under the following message: Show this message if a user tries to use an app that can’t access restricted Google services.
Click SAVE.
If this doesn't make it, I would recommend you to comment on that FR in which they mentioned:
I have filed this feature request internally.
You might also want to ‘star’ the FR to ensure that you receive updates about it. You can also adjust notification settings by clicking the gear icon in the top right corner and selecting settings.
I'm trying to use webhooks to get notifications for changes in a user's Box account. One thing I don't see is an option to get a webhook notification when an item is renamed. Is it possible to get a notification for rename? I see that RENAME is available via the event API, is it preferable to use the event API? I saw another stackoverflow question asking about webhook vs event (Box webhooks deprecated in favor of long polling?) and the answer said webhooks are still valid, but didn't really comment on webhook vs event.
I'd prefer webhooks since they are a close fit to how I get changes for Dropbox accounts but it appears from the docs that event has more information/options. Also, it seems it's possible to miss a Box webhook notification which could create an inconsistent state between Box the model in my application.
Which to choose?
Many thanks!
I don't believe it's possible to get a WebHook notification when an item is renamed.
The choice between WebHooks and events really depends on what you're building. WebHooks are generally easier to use, but the events stream can give you more power. In your case, you'll probably need to use events so you can be notified of a renames.
It's also worth noting that if your application really depends on staying in sync with the state of Box, you're better off using the events stream. It lets you specify a last known position in the stream so that you can catch up on any missed events if your application goes offline.
I want to create a script that runs on a Google site. The script would perform a specialized calculation for a given user and then display the answer for the user. The script would depend upon user input, but the code itself should not be viewable by the user. I want the code to exist in a "black box" so that the calculation formula can be kept secret. Is this possible?
I searched the documentation, but only found this, which does not address this question:
https://developers.google.com/apps-script/guides/services/authorization#permissions_and_types_of_scripts
Whether your App script is embedded in a site or written as a standalone script does not change a lot of things... the only difference will be the way you include it on a page as a gadget.
If it is embedded it will be available from a list of scripts in the page editing, if not you'll have to use the .exec url of the deployed webapp.
Anyway, that does not change the way people will have access to the app.
You can define these parameter when you deploy the app (which is mandatory in both cases), allowing for anonymous access or requiring to be logged in.
If I understood you correctly, you would like to restrict the access to some people but not share the code.
Depending on how you defined the access mode above and wether you are using a Google Apps inside a domain or not, you will be able to do it using 2 ways :
in a domain you can get the logged user identity and use that to accept/deny showing the app.
in a "normal" gmail account you will have to implement some sort of logging feature to request a user name and password to give access to the active part of the app.
In both case you never need to share the script itself, this sharing parameter is independent from the webapp access.
I hope I understood your question correctly... if not, feel free to comment.
You might check out the Private Functions section of the following page.....the example is similar to what you're referring to, I think.
https://developers.google.com/apps-script/guides/html/communication?hl=ru
I don't fully understand how they work and haven't used them myself, but I bookmarked it to figure out later. Maybe another user who understands Private Functions better can explain...
I have developed a web application using Google scripts UIApp class which will collect the data of work done by each associate and writes data to my spreadsheet.
Problem I'm facing is I have to share my spreadsheet to all the associates with write permission where it enables them to see others data. I want to hide this sheet from all but they should also be able write data using the web application I shared.
Please let me know for more details or any code snippets
Note: I have Not used Google Form because I need change the list values dynamically based on the selection and the type of user.
You can deploy the app you have built with UiApp to be executed as "you" and allow access to anyone. The spreadsheet won't need to be shared anymore but as it is anyone (even anonymous if you are not in a domain) will be able to use it...
You'll have to implement an access control yourself, again this will be different in a domain or in a "normal" gmail account (in a domain you can get the user email, in a gmail account you can't)
(since apparently I can't comment.. but to follow up on this question.)
Is there a best practice for running as something other than really-yourself?
Say a team is managing it, or your a contractor who won't stay with the company, and so you're account and access is likely to go away.
I assume it results in creating a shared account, or perhaps a groups or something? You start getting into all sorts of ACL issues. And a simple ``run as yourself'' doesn't seem like a good long term solution.