I have created an app script as an web app with doGet function. Its working fine with no issues. But when I am sending that link to my friends its opening the Google docs login page instead of UI.
The link I am giving to my friends is the one which is shown after clicking 'deploy as web app', is labeled as 'Current web app URL'. And at the pop up screen which pops when we click 'Deploy as web app' button, i set that anyone have access to the app and I am accessing the app as 'User accessing the app'.
Setting the access permission to Anyone means 'Anyone with a gmail or Google Apps account' and it is therefore they are required to sign in. HOwever, if you set it to Anyone including anonymous, your friends need not sign in.
Related
I have a very simple GAS project.
function doGet(e) {
//User Database
var username = Session.getActiveUser().getEmail(); //Authenticate using current User Email
var page = HtmlService.createTemplateFromFile("menu");
page.userName = username;
return page.evaluate().setSandboxMode(HtmlService.SandboxMode.IFRAME).setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);;
}
This script is owned by x#y.com (GSuite Account on Business domain)
It is published on a New Google Sites page, by embedding the published web app link. (/exec)
The Google Sites site is shared to n#z.com (different user on different GSuite Business domain)
When you open the Google Sites page, in an incognito window in chrome, logged in as x#y.com, the script displays fine.
If you open the Google Sites page, in a new incognito window in chrome, logged in as n#z.com, you can see the page as served by google sites, but the app itself is replaced by the "You Need Access" splash page from google.
If you open the published web app link while logged in as n#z.com, you get the "Review Permissions" splash page, and then the app works fine.
Opening Google sites at this point, the app is still displaying "You Need Access"
What am I doing wrong here to enable authorised access to the app on the google site?
I believe there is a bug in the implementation of permissions in the STABLE version of the runtime. With the pictured permissions in the question, the app acts as though you need to share the script itself to the user in the other domain.
This still does not enable access.
The solution is to enable V8 Runtime, republish the app and immediately the app works as expected.
I'm trying to create a google apps script project where is required to access by anyone (people with google account) and executed by the same user (user accessing the web app). I've published the app as "web app" and it work with the given url.
Since i need to this web app as a web service using ajax, the browser console return an error of unauthorised access (No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'x' is therefore not allowed access.) this doesn't happen if the web app is published as "Executed by my" and "access by anyone, even anonymous"
anyway, i'm following the instructions in Google Sign-In for Websites and it said i need to access in google developer console to get credential for the project but my google apps script are not displayed in the project list.
Open up the script, go to Resources > Developer Console Project > click on the link attached to the script.
I am trying to put an interactive map from GeoCharts on my website using Google Apps Script. The maps show up when I am signed into my Google account but they do not show up when I am signed off. How can I fix this?
Here is the doGet I use and prate is an HTML file in the project. I then deploy the project as a web app and choose
Execute the app as: 'Me'
Who has access to the app: "Anyone'
function doGet() {
return HtmlService.createHtmlOutputFromFile('prate').setSandboxMode(HtmlService.SandboxMode.IFRAME);
}
I don't get an error on the page when I am logged out, it just does not show up. Here is the link to the page: https://sites.google.com/site/christinegbraun/data
Make sure you did add in your website the /exec not the /dev
Also make sure everyone can access the app by choosing in settings
Who has access to the app: anyone, even anonymous
Our organisation is using Google Apps for Edu and am scripting some things we usually do only from the administration app / console so I guess the script / app am developing will require privileged "permissions".
I have tried using all the combinations in the "Deploy as web app" screen (Publish => Deploy as web app), yet the app URL displays our Google Apps for Edu login screen, and I think it's because am doing admin stuff like UserManager.createUser().
I am wondering how the judges will now be able to access my app, or maybe am missing out something
What are the 'some things' ? The security model is really simple.When you publish your web app, you have 2 choices - one, the script runs as 'you' and the other the script runs as the user running the script. Depending on how you set it up, the judges will either see an authorization message (script run as user) or see the script in action (when run as you). See https://developers.google.com/apps-script/execution_web_apps#permissions
I am trying to integrate a Google Picker for selecting files from Google Drive following this example.
When opening the picker I get an error in the javascript console and the dialog prompts for a login.
Unable to post message to https://docs.google.com. Recipient has origin https://my-app.herokuapp.com.
When clicking the login button a popup opens and immediately closes again, but nothing happens.
When closing the dialog there is another error in the javascript console
Unknown RPC service: picker
I am not quite sure what causes these errors or even what to make of it.
Can somebody put me in the right direction?
EDIT
User is logged in to the app. Also, when using "Open with" menu on a file in the Google Drive interface and choose my application, I can access that file.
You have to add https://my-app.herokuapp.com to the list of authorized Javascript Origins in the APIs Console:
go to the APIs Console: https://code.google.com/apis/console/
select your project from the dropdown menu
open the tab API Access
click on Edit Settings for the Client ID for Web Applications section corresponding to your client
add the URI to the list of Authorized JavaScript Origins