You Do Not Have Permission to Call UrlFetchApp

[Russell Savage]

This is probably an edge case, but I noticed this issue when I try to load a script from an external file in Google Scripts.  When you run a script that loads an external javascript file containing calls to UrlFetchApp (or really anything that isn't on the basic authorization list), the script fails with no way to provide authorization. For example:

Script 1:

function main() {
  eval(DriveApp.getFilesByName('script_2.js').next().getBlob().getDataAsString());

  new script2().run();

}

Script 2 (script_2.js):

function script2() {
   UrlFetchApp.fetch('http://www.google.com');
}

When you authorize script 1 to run in your account, it doesn't give you the option to also authorize UrlFetchApp, which means the script will fail.

The only way to get around this is to add something like this to script 1:

if(false) { UrlFetchApp.fetch(''); }

The code in the if statement will never run but now I get the ability to authorize UrlFetchApp.  The other option is to add the code, preview it, give permission, then delete the code.

Thanks,

Russ

[Alexander Wang]

Hi Russell,

Your understanding is correct. There really isn't a way around this at the moment. The system analyzes the code on start up to determine what may need to be authorized. If you are fetching and executing scripts stored in Drive, the system can't know what permissions are required before execution.

The workaround is what you mentioned. You technically don't need to have it in the code though. You can have comments that list the apps required. Something like:

// Following comment ensures UrlFetchApp authorization will be prompted:

// UrlFetchApp.fetch()

I know it's not perfect, but perhaps that's a bit preferable to having dead code saved just to force authorization.

Cheers,

Alex

[Russell Savage]

Thanks Alex!  I will use the comment method going forward.