In my Chrome extension's manifest.json, I have this entry:
"oauth2": {
"client_id": "someLongIdHere.apps.googleusercontent.com",
"scopes": ["https://www.googleapis.com/auth/spreadsheets"]
}
And I'm using this in background.js
chrome.identity.getAuthToken({ interactive: true }, getToken);
Everything is working, but I need to make the extension to ask for fewer permissions. These permissions might scare away potential users:
In particular, I just want it to ask for these permissions:
See and edit your spreadsheets
Create new spreadsheets
My google-fu is failing, can't find how to restrict Google API to fewer permissions
These are the scopes available for the Google sheets api
If you want to See, edit, create, Sheets then you need either of these
https://www.googleapis.com/auth/drive
https://www.googleapis.com/auth/spreadsheets
your google-fu is not failing you there is just no other option. Unless you are only after files created by your app in which case you should check the drive.file one.
Related
Is it possible / recommended to add a GDPR notice in a shared google sheets, which is published to web for those who hold the link?
The data contained are a live timetable of arrivals/departures of vessels, shared among stakeholders in the port, not requiring sign up unlike other services which will also charge subscribers. I don't see any protected data inside the sheet and is not sharing any of them.
I was thinking of adding a link in the first row with a proper policy related, but in fact I don't now what to guarantee since this service is one way only.
It's not really one-way. It might be read-only, but everyone who visits any google doc is identifiably & persistently tracked by google, and that data is used to target ads, so yes, any use of google docs should carry such a warning, though it should really be google itself issuing that warning rather than you.
I am trying to implement a feature in our app to allow users to search for files in their Sharepoint & OneDrive accounts, as they see in Office365.
I am having trouble understanding why I am not seeing expected results from search API requests.
When I make a search request like this, I get 1 result as expected:
https://graph.microsoft.com/v1.0/sites/{my-site -id}/drive/root/search(q='brisbane')
However, when I search like this, there are no results:
https://graph.microsoft.com/v1.0/me/drive/search(q='brisbane')
If I modify the query for /me/drive/search, I do see results from OneDrive, but not from SharePoint.
According to the Microsoft Graph docs, /me/drive/search should search for 'Items a user can access'.
Is this the expected result? Is there any way to search all the current users' Sharepoint sites? Or do I have to ask the user to configure the sites they would like to search, then search each of them separately?
This is by design. You need to read below the "Searching for items a user can access" heading to understand what this means:
In addition to searching for items within a drive, your app can search more broadly to include items shared with the current user. To broaden the search scope, use the search method on the Drive resource.
When you're searching /me/drive/ you are searching that user's OneDrive for files they have uploaded themselves or have been explicitly shared with them. Files that live within a SharePoint library that a user happens to have access to are quite different than files "shared" with that user.
I am currently making a Google Site where I would like to embed my contacts. The contacts I am referring to can be found if I log into my gmail account and click on ->Mail->Contacts on the upper left hand corner. Then, on the next page, I click the "Other Contacts" link.
I have tried using a google spreadsheet to read in this data and then displaying that in the Google Site. However, I ran into a few issues. I tried the IMPORTHTML("https://mail.google.com/mail/u/0/#contacts/group/26ae/Other+Contacts","table",1). This didn't return anything. I tried to change the second parameter to 'list' and for the third parameter, I went up to 30 so I doubt that is the issue.
I also tried this approach but no luck. https://www.import.io/post/how-to-get-live-web-data-into-a-spreadsheet-without-ever-leaving-excel/
What would be the best way to resolve this issue of getting those contacts to show up in my site?
I see three options:
Export your contacts to a CSV and import that into a sheet. The downside is that this is not syncing, it is a static update, so maintaining contacts can be problematic.
Use this addon. I have never used it and can offer no advice either way. I believe your domain Admin will need to set it up and I do not think it populates a spreadsheet, so you won't be able to embed your contacts.
Write a custom Google Apps Script. The benefit here is you could use a script to also display the contacts in a clean fashion, with the name as a link, or otherwise. The downside here is you need to write a script. It is javascript based so if you have someone who can do that, it may be your best option. I have done this for a staff directory, which lists all of our domain accounts:
I'm working on some .Net code to collect some data on a server and put it in a Google Spreadsheet. The job needs to run once a day, clear out the sheet and repopulate it. I have all that working, but I can't get the authorization right. I can do it with my personal Google credentials, and I can get it to work with OAUTH by allowing the app to manipulate all my spreadsheets using the https://spreadsheets.google.com/feeds scope. But, what I really want to do is allow my script to read and write just one sheet. Is that possible, and how would I do that?
You are using very old scopes. Look at the drive.file scope
https://developers.google.com/drive/web/scopes
Its not possible using the spreadsheets API. That api is very old and doesnt have a scope for indivdual files.
it might be possible by creating a spreadsheet using the drive API by uploading a CSV with conversion, but you will need permission to create new drive files and that also means permission to the entire drive.
Workaround: Create a new google account and share the spreadsheet with it. Do the OAuth using the new account.
#Zig Mandel is right - the API (Gdata style) wants access to all spreadsheets. But you can workaround the problem using a new account.
So, a quick background. I make productivity apps (specifically CRM and Project Management). And I love the docs, spreadsheet and presentation products made by Google. Not surprisingly, my products have done a lot of "things" with Google Docs for a long time:
Create "native" (ie. Docs/Spreadsheets/Presentations) documents
Use native documents as templates
Link and modify permissions of any file in Docs/Drive
Upload any arbitrary file
etc.
What I'm confused about is what does Google want me to do on the labels on the buttons in my app. Right now, they all say "Google Docs". You're linking any arbitrary file to a presentation, you're linking it from "Google Docs". You're exporting a spreadsheet of time sheet entries, you're exporting it to "Google Docs". You upload a PDF, you uploaded it to Google Docs. Etc.
What I'm confused about is that, and correct me if I'm wrong, but I don't think it is a complete switch over to "Drive." I still see labels on the Google site for Google Docs. So, this is what I think the breakdown is:
If it is a Google "native" file, then it is Docs, else it is Drive. Thus, if your uploading any arbitrary file, that button should refer to drive. But if you are exporting a spreadsheet of data to the Google Spreadsheets format, then that is Docs.
Is this right at all? Does Google have some information somewhere?
Disclaimer: personal opinion
I would use Drive everywhere, except when specifically talking about the collaborative word processor provided in Google Drive, that is the Google Doc.
I would also make sure that all my integrations use the new Google Drive API.
There is reasonably good guidance here: https://developers.google.com/drive/branding
Google Docs and Google Drive are two seperate products from Google. They can work together, but they are still their own individual products and should be called their respective names when being used