I have made a script that is running as a 'Apps Script Gadget' in Google Sites. The script has access to my email and calender etc. because I need notifications if someone has used my script.
When I go to the site as "noname" user I get the message "This application was created by another user, not by Google. This application has access to the following personal information: email address." How do I get rid of this, the user is not interested if the script sends me a email or not.
Thank you for any advises.
Same thing happened to me; I commented out all references to the Session object but I still got the popup message.
When I removed the commented code entirely and re-published, everything worked fine. The message about access to the email info was gone.
I guess the google code holds onto an internal library reference even if there is commented code. Does not make much sense to me. But hope this helps.
If your script is not reliant on any of the users' information, I would suggest when deploying the web app to "Execute the app as" me. In the Publish > Deploy As Web App... pop-up, there's a dropdown for this.
Related
I tried to find the answer to this question. I've combed forums and stackoverflow and I'm still at a loss for how to get a web app to work outside of my own domain.
Change Admin Share Settings
I've read here and in other places go to Admin Console > Apps > Drive and Docs > Sharing Options
All the ones mentioned are checked:
"Invitations to people outside of domain who are not using a google account"
"Allow users in domain to publish files visible to the world as public or unlisted"
Publishing App
Made sure to avoid these pitfalls:
"Anyone, even anonymous"
Execute the app as "Me"
Made sure to create a new web app to avoid the caching issues
Yet I still cannot see it if not logged in as a user attached to the domain. It's just a simple "hello world" test to simplify the code, but I still get blocked. Seeing..
Any help would be greatly appreciated. Thank you to the community for all the other answers that at least put me to knowing most of the potential issue.
It turns out that I'm at fault. It's never user error, right?! You can't just copy the web URL at this stage:
You have to go to it then copy the redirected URL for anonymous access.
My redirect URL looked more like https://script.google.com/a/macros/...
I am new to apps-scripts and want anonymous users to access my web app script that is container bound to a spreadsheet.
The web app displays a form that collects information that the script stores in the containing spreadsheet, it works perfectly when I am logged into my google account, but when logged out the web app url displays a google login screen instead of my form.
I am struggling for the way to troubleshoot this. I have checked:
the script is deployed to execute as 'me' and with access by anyone + anonymous
I am using the 'exec' url
I have put the oauth scopes into the manifest and reduced scope as I can
I have approved the unverified app.
Here are some extra elements that I don't know whether they are causing issues or not:
I add a single query parameter to the web app exec url before sending it to the user for them to use anonymously.
I have a number of other functions in the script apart from the doget(), these process data from the web app form, write data to the containing spreadsheet and return some of it to the user. In the same script I also add a menu to the containing spreadsheet.
There seem very few ways to get logging or troubleshooting information for this problem - especially with container bound scripts. Can anyone with more experience please explain why this problem might occur and suggest how I can troubleshoot and resolve it? As I say the web app url works perfectly when I'm logged in, but when I'm logged out or in incognito mode I get a Google account sign in form. Thank you.
I solved this whilst creating a minimal reproducible example as requested.
The problem lay in my confusion over deployments, /exec, /dev and V8 versus rhino.
This answer about /dev /exec is very helpful.
What I discovered is:
/dev always asks you to login to your google account if you're not logged in in your browser e.g. incognito mode.
As commented there has been some confusion under what circumstances V8 getUrl() returns /dev or /exec.
My suggestions for troubleshooting this for an anonymous web app:
Be very careful when testing anonymous web app using /dev - it will always lead to login request
Check very carefully what getURL() is returning - in combination with whether you are using rhino or V8.
I solved my particular problem by 'downgrading' to rhino by putting into the manifest: "runtimeVersion": "DEPRECATED_ES5"
I have to write a small reservation web app to be used inside the company where I work. I decided to try out Google Apps Script (GAS). In short, the user must be able to select any equipment in a list and submit it along with a date he's planning to use it and his identification (this small system must implement the complete CRUD).
The environment:
Google Spreadsheet as a database
Interface made with GAS published as a Web App
The app will be accessible just to members of the company's domain, but I'm developing it in my personal account for now.
In the development environment, everything works fine. Then I deploy it as web app the project (Execute app as: Me; Who has access to the app: anyone). When anyone acess the link, I can't retrieve the user information (Session.getActiveUser().getEmail()). It always retrive the developer information (my information). If I switch the "Execute app as" to "User accessing the app", then the app can't access the spreadsheet that is making the role of the database. In the development environment this works fine.
The rest of the web app is working fine. I just wanted to get and record the identity (email) of who made de reservation in an automatic way (not by asking the user to type this information).
Do I have to setup something else before people can access it?
Thanks in advance.
[EDIT 1]: The situation changed a little bit. I made a few more tests and it seems that the deployed web app get updated just when I save it as a new version in the project. Anyway, I still can't retrieve the active user email. The Session.getActiveUser().getEmail() now returns a blank string.
[EDIT 2]: Following Sujay Phadke's answer bellow, I tried migrating the web app to the company's environment. It worked like a charm.
Juliano
It's well documented here: getActiveUser
When the webapp permissions are set as "execute as me", it seems that the returned userid string will be empty. It also depends on your specific domain permissions as mentioned there.
I have created my script and it works great. I have changed the sharing so anybody can view it, but it still asks users to login to their Google account to run the script.
Here is the link: My script
Currently you're web app is set to execute as User accessing the web app. This means they need to sign into a Google account to execute any of the code in your app.
You need to change this setting to: Execute the app as: Me
As well as change Who has access to the app from Anyone to Anyone even anonymous
Example:
The setting can be found by clicking on the cloud icon in the Apps Script IDE's toolbar.
Edit: Added new image to reflect proper settings.
It might be that they've updated the settings to where the least restrictive option is "Anyone" which would still require a log in. This is happening with my Google Workspace for Education account.
This is based on the "Time Booking Application" tutorial.
I have created the site and the spreadsheet and the script in the site.
The site page I created fails to open the spreedsheet.
From the script editor in the site I can run the test methods testGetSheet(), testUpdateSheet() and testInsertTimeSheet(). I believe this indicates the SPREADSHEET_ID is correct. However the site page I created for this errors with "Sorry, the page (or document) you have requested does not exist."
I have tried to share the spreadsheet to be available to anyone with the link and edit ability.
I have tried to share the spreadsheet to public and edit ability.
I have tried this from a seperate unauthenticated browser and from an authenticated browser.
I still get the error.
I have run out of ideas, has anyone else an idea ?
I can provide the url to the page on site, but I doubt its of any use.
Yes answering my own question.
After much research and experiments.
The problem is with access to the script the tutorial does not say anything about permissions or anything.
Anyway solution is. Publish script as Web App use the URL to web app in the App Script Gadget. I have posted this feedback on the tutorial documenation allready.