I am trying to do a simple proof of concept using Google Sheets.
Let's say I have "foo" written in cell A1.
The aim is to POST this value to a RESTful API, then GET this same value, and put it in A2. Some sort of fancy copy-paste.
The go-to solution is URL Fetch, however, the API is on the company's intranet, and therefore can be queries by the client, using jQuery's $.post / $.get, but not via URLFetch, since Google servers can't access the API.
Is there any way to replicate this behavior?
Thanks,
Related
I have been working with the sheets API for some time. I am aware of libraries such as the this one: https://www.npmjs.com/package/google-spreadsheet
This is written in Javascript, but obviously meant to be used server side. However, my question is this: Is there a secure way to connect to a sheet I own via the front-end? I am aware of services like Sheetsu, but don't really understand how they can guarantee the security of the service account credentials.
The idea is simple. I have a websocket server which sends me comma separated value. I would want to use Google Sheets to render the data and at the same time, use the power of sheets.
Is such a integration possible?
Note- I know that integrating with a REST API is possible,but I am more interested on live update of data and that too without long polling and other mechanism. I already have a websocket API ready which sends data,just want to know if I can use Google sheets as the client.
If it is possible then how?
I'm not sure if you can keep an open websocket in apps scripts.
Maybe you can use a Apps Scripts trigger to run a routine (like cron).
https://developers.google.com/apps-script/guides/triggers/installable
In this routine you can access a web api.
It might help you.
Use sheets API with node JS and socket IO.
I am trying to develop an application, where I where fetching data from multiple clients related to some transactions. Now I want to make some analysis using the Google Spreadsheet. Is there any way by which I can achieve this using the ASP.Net MVC(using C#). Google provides OAuth and When I implement the code and when I am trying to send the data to Google spreadsheet which I receive form the clients. However, when I am doing that, for every new client, Google asks for login credential. Client enter their own credentials, and the Google sheet instead a common sheet, client own sheet is used. Thus, my purpose is not solved. Is there any way possible to do this. I does not seem to find proper documentation on Google as well. Please provide some suggestions to implement this. Thanks in advance.
This can be done very easily if you just want a read only database.
You must publish your Google Sheet to the web and, from its url, copy its id.
For example my sheet has this url: https://docs.google.com/spreadsheets/d/1IHF0mSHs1HdYpIlIzYKG3O8SnAhKU_a6nEJSz04Togk/edit
The long alphanumeric string in the middle is my sheet id. Copy it and place it instead of XXXX in the following url, as follows:
https://spreadsheets.google.com/feeds/list/XXXX/1/public/basic?alt=json"
So the final url would look like this:
https://spreadsheets.google.com/feeds/list/1IHF0mSHs1HdYpIlIzYKG3O8SnAhKU_a6nEJSz04Togk/1/public/basic?alt=json
Then you can simply access this url and get all your data as json.
Using jQuery:
var $url = 'https://spreadsheets.google.com/feeds/list/1IHF0mSHs1HdYpIlIzYKG3O8SnAhKU_a6nEJSz04Togk/1/public/basic?alt=json';
$.getJSON($url,function(data){
alert(JSON.stringify(data.feed.entry));
});
You will get a long json structure. The relevant data is in data.feed.entry. There you'll have many entries. On each one you'll have a "content" property and within it, a "$t" one. These will give you all the cells.
So for getting the first row, you will have to get data.feed.entry[0].content.$t.
Hope it helps.
This can be accomplished using Google Apps Script. In particular, you can achieve this with a "bound" script in Google Sheets (i.e. a script that was created in the context of the sheet that you wish to create as the "backend") that you then publish as a "web app" script. When you publish it, you can make it execute with the authority of the owner of the spread sheet (rather than the authority of the user who invokes the url), which will not require the end user to explicitly authorize themselves (since it is the script publisher's credentials, not the user's credentials, that are being used).
It should be noted that, while this (and generally building on top of Google Apps Script) is a reasonable approach for small-to-medium apps, you'll probably find using Google Cloud Platform (and, in this particular case, the Cloud Datastore) as the better, more scalable solution for small-to-large apps. That is, if you are prototyping or creating an internal tool that is unlikely to catch fire overnight, I'd go with whichever approach you find more convenient / simpler; if you are creating an app that could potentially experience a "success disaster", I'd go with Cloud Platform, instead.
If your sheet is public, you can do it withouth authentication. You can use google API Visualization with the query language or use the Google Sheets API.
But if your sheet is private, it is mandatory the use of OAuth2 authentication through service account credentials.
In order to do that, you have to create a service account (with owner of the project role for example). Then you have to download the client_secret.json file which will be the one you use in your code.
Finally you have to share your spreadsheet with the email you get in this file. Look in the file and you will see it.
I have made a tutorial. You can visit at http://edba.xyz/google-sheets-as-database. It is mainly based in PHP but it is easily trasportable to
other languages.
I have recently been developing a website using google sheet as backend. It is great. The speed is also appreciable.
I have integrated the custom backend which I wrote on google apps script with my Django app. So now my website stores the user information on google sheets. The google sheet code and Django app interact via Rest API which can be easily developed using doGet() and doPost() in apps script and python request on the Django side. Once the necessary structure is built( it does take some time tweaking if you are new) but then it works as a great database for your website.
Google spreadsheet is a great solution for quick prototyping database and even in some cases for production use.
People have already realized the potential and there are many tools today for turning your Google spreadsheet into a backend api
There are couple of libraries such as node-sheets for obtaining a json feed from a Google spreadsheet (read-only)
Also, if you need a complete standalone service you have some paid options like
https://sheetsu.com
And also open source options such as
https://github.com/scheduleonce/express-sheets
This can be installed on any cloud provider via Docker and you can point it to your spreadsheet and it will dynamically turn it into an api.
So if, for example, your spreadsheet has the following sheets:
| articles | products | users |
It will automatically create the 3 endpoints
GET /articles
GET /products
GET /users
It is suitable for read-only apis (you update the spreadsheet directly, not through code) that don't need to be changed too often (although you can control the update interval)
You can use Kodem.io.
Google Sheets As Backend allows you to do CRUD requets using Google Sheets.
Disclaimer: I work at Kodem
Can I use the REST API to filter out users who have not signed in during the last three months?
(I have admin access if that is needed).
Someone correct me if I'm wrong, but from what I know it's not available out of the box. You would probably need to implement a REST plugin module which would get this data from database (or find an existing plugin that does this - I haven't).
There's a page on Atlassian's Confluence that gives you SQLs to get the last login timestamp for a user (and it seems quite up-to-date): https://confluence.atlassian.com/display/JIRAKB/Retrieve+last+login+dates+for+users+from+the+database
Please note that you would have to think about security when developing such a plugin. I have not really considered this, but there might be reasons to include permission restrictions for such a REST resource.
EDIT: I might have found an API (not REST) that exposes login information without the need to query the database (untested): https://developer.atlassian.com/static/javadoc/jira/reference/com/atlassian/jira/bc/security/login/LoginInfo.html
Unfortunately, the JIRA REST API doesn't provide this resource. The latest supported methods can be found on the JIRA REST API Reference Page.
These methods can be tested on your current installation using the JIRA REST API Browser.
The links above contain all of the info you need on the REST API. If you're still interested in using REST, you can always create your own method for retrieving the user list.
Of course, you could use other methods, like SQL, for example. There are a number of plugins available here.
I want to let users create "apps" (like Facebook apps) for my website, and I'm trying to figure out the best way to make it secure.
I have a REST api
i want to run the user apps in an iframe on my own site (not a safe markup language like FBML)
I was first looking at oAuth but this seems overkill for my solution. The "apps" don't need to be run on external sites or in desktop apps or anything. The user would stay on my site at all times but see the user submitted "app" through the iframe.
So when I call the app the first time through the iframe, I can pass it some variables so it knows which logged in user is using it on my site. It can then use this user session in it's own API calls to customize the display.
If the call is passed in the clear, I don't want someone to be able to intercept the session and impersonate the user.
Does anyone know a good way to do this or good write up on it? Thanks!
For modern browsers, use the cross-window messaging interface provided by HTML 5
https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
For older browsers, emulate the above messaging interface by creating a third IFrame on the same domain as your application, below the second external IFrame. You can then have bidirectional messaging from the 2nd to the 3rd and from the 1st to the 2nd by modifying the fragment part of the URL. The 3rd and 1st IFrames can communicate bidirectionally in javascript, because you're hosting them on the same domain.
You should be able to wrap both of the above methods into a single script, and maybe source one of these messaging layers to save you some time:
http ://json-rpc.org/wiki/implementations
If you have a REST API, you have no need for an iframe, in fact, iframes are considered very poor practice in modern web applications. An iframe would be useful if you have content on an external site that is not easily manipulated with javascript on the client side, or with your application on the server side. This content is usually in the format of an HTML document.
You've already stated that you have a REST API, so you can likely manipulate the data returned by a resource in any way you see fit. For instance, if the resource responds to JSON or XML requests, you could format and organize that data via Javascript from the client (web browser) or you could use your web framework to gather the data from the REST API and manipulate/organize it, making the result available to your application.
In order to secure the data as it is transferred back and forth between the client and the server, you could provide an API Token (lots of sites do this, e.g. Github, Lighthouse, etc.) for each user from the service provider and require users in your application to provide their API Token. The token could be passed in the HTTP headers to the REST service provider separating the token from the request and response data. HTTPS (SSL) is a must for this type of traffic to prevent eavesdropping.
Let me know if this is too general, I could give you a few specific examples.