sheet and script security

51 views
Skip to first unread message

Bruce Axtens

unread,
Feb 2, 2023, 4:29:16 AM2/2/23
to Google Apps Script Community
So let's say we have a few users sharing the same domain: t...@gmail.com, di...@gmail.com and ha...@gmail.com

Tom has shared a Google Sheet with Dick and Harry. Dick is geographically within the same building. Harry is about 30km away to the East. Tom is the "Owner" of the script, Dick and Harry have "Editor" access.

Dick is able not only to edit the spreadsheet but also to select items from the user-defined menu and run user-defined code. Dick has been doing so for some weeks.

Harry was given access today. He was only able to access the menu after the programmer had explicitly created an onOpen Trigger to execute the Google Sheet's onOpen function. Harry still can't run the user-defined code from the user-defined menu.

Why is Harry struggling?

-- Bruce

Phil Bainbridge

unread,
Feb 2, 2023, 5:51:52 AM2/2/23
to Google Apps Script Community
Hi Bruce

So what user-defined menu was Dick using if there was no onOpen Trigger previously before Harry was given access?

When I see this problem it's usually because a person it logged into more than one Google Account within the same Browser window/session (Incognito typically confirms this).

What error does Harry get? I assume user-defined code is Apps Script and it's bound to the Google Sheet - rather than a separate file that he would also need giving access to?

Kind regards
Phil

Keith Andersen

unread,
Feb 2, 2023, 3:59:13 PM2/2/23
to google-apps-sc...@googlegroups.com
User defined... Sounds like the script is not gathering Harry's user info (email address) and because of that Harry is not allowed to run any user-defined functions.

I would suggest testing to see if the script is pulling each user's email into the script.

This assumes that user defined is just that - gathering each user's email when they open the document in order to formulate user-defined functions.



--
You received this message because you are subscribed to the Google Groups "Google Apps Script Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-script-c...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-script-community/77e8ac54-013a-4a1e-b9f3-7baa2843f793n%40googlegroups.com.

Bruce Axtens

unread,
Feb 2, 2023, 11:24:32 PM2/2/23
to Google Apps Script Community
Screenshot 2023-02-03 122202.pngLE Screenshot 2023-02-03 122259.png

This is all I get by way of error reporting. Something's wrong but what that something is ...

Bruce Axtens

unread,
Feb 2, 2023, 11:27:22 PM2/2/23
to Google Apps Script Community
Backgrounder:
The sheet lists products in a WooCommerce site. REST API code first of all reaches out to one of our servers for WooCommerce authentication data. Then WooCommerce is queried for products according to selection data specified in and captured from the sheet. 

Andrew Roberts

unread,
Feb 3, 2023, 3:00:56 AM2/3/23
to google-apps-sc...@googlegroups.com
Could the script be accessing another GSheet or GDoc that Harry does not have access to?

To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-script-community/b53aca6e-804c-470b-8f15-ebf42ba1ed31n%40googlegroups.com.

Bruce Axtens

unread,
Feb 5, 2023, 8:46:28 AM2/5/23
to Google Apps Script Community
Solved. The script was using a library that Harry did not have authorisation to use. Now he has authorisation.
Reply all
Reply to author
Forward
0 new messages