New Drive restricted scopes don't restrict access to documents (Sheets, Forms, Docs)

[Alan Wells]

For my add-ons, the new restricted Drive scopes, may not have any affect on me.  For one reason, the scopes for Sheets, Docs and Forms don't have any restrictions, and the script project can still have full access to all the documents (Sheets, Docs and Forms) in the user's Drive using SpreadsheetApp, DocumentApp and FormApp. 

Consider if you use the following spreadsheet scope:

"https://www.googleapis.com/auth/spreadsheets"

Using the above scope, the script project will have full access to all spreadsheets in the users Drive.  And that would be the same for Docs and Forms, using DocumentApp and FormApp.  So, for example, the new restrictions for Drive scopes, isn't going to stop your code from getting Sheets files using the SpreadsheetApp class, even if your add-on didn't create the Sheet file.  Of course, I'm assuming that there will be more restrictions to come in the future.  But, as long as the user can designate what files the add-on can access with the file picker, then that should be enough access for the add-on to work without any reduction in functionality.

[Romain Vialard]

The goal is mostly to avoid wide access on all user data. 

The full spreadsheet scope allows you to open any spreadsheet the user has access to... as long as you know its ID. If you want to get a list of all spreadsheets, you will need to use the Drive read scope, which is restricted. So more restrictions doesn't really seem necessary (but it makes sense to put the same restrictions for files and emails - ie for Drive and Gmail).

[Steve Webster]

For public (listed on the G Suite Marketplace) and looking at this from 30,000 feet, we could take this approach.

Avoid restricted scopes and leverage workflow assets like the file picker. In addition, provide information to the public user that another version of this add-on exists for organizations with domains that replaces the numerous usages of the file picker. Go on to say, it requires purchasing the source code and installing it within their domain with some legal stuff that they cannot share the source code with other organizations or people.

In other words, we are shifting the audit step from Google security assessment to each organization's internal informal auditing -- vetting the developer and understanding what the code does, which hopefully is no cost to the developer. This is true because restricted scopes can be used within the boundaries of the domain without going through the costly security assessment.

The above approach gets into servicing and implementation which could be a full-time effort depending on how successful your add-on becomes for domain organizations. My SW gApps LLC company has a servicing department which could handle this work and implementation on your behalf. Most likely we would invoice the domain organization directly for the implementation time/effort without charging the developer. If anyone is interested contact us through our website, www.swgapps.com

Kind Regards,

Steve Webster

SW gApps LLC, President 

Google Product Expert in: Google Apps Script, Drive, and Docs 

Google Vendor (2012-2013) || Google Apps Developer Blog Guest Blogger 

Add-ons: Text gBlaster and Remove Blank Rows

On Tue, Jun 11, 2019 at 5:25 AM Romain Vialard <romain....@gmail.com> wrote:

The goal is mostly to avoid wide access on all user data. 

The full spreadsheet scope allows you to open any spreadsheet the user has access to... as long as you know its ID. If you want to get a list of all spreadsheets, you will need to use the Drive read scope, which is restricted. So more restrictions doesn't really seem necessary (but it makes sense to put the same restrictions for files and emails - ie for Drive and Gmail).

--
You received this message because you are subscribed to the Google Groups "Google Apps Script Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-script-c...@googlegroups.com.
Visit this group at https://groups.google.com/group/google-apps-script-community.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-script-community/51a0ec1d-360e-4a64-903d-ea2da793d3ef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.