How to give permission to Authorized users to use the apps script web app without them giving access the google sheets? I am so confused right now. Please help me…
So I also create AuthorizedUsers sheet where there is the list of the emails of the authorized people I want to give access. So when they click the link of the web app the authorized users should be redirected to the index page while the non authorized users should get the message “You are not authorized to access this application.” but the issue here is that, when the other users tried to access the web app even if their email is in the AuthorizedUsers sheet they are still getting a message like this “Exception: You do not have permission to access the requested document. (line 39, file “Code”)”
This is the code I tried.
In the manage deployments I’ve set the following:
Execute as:
*User accessing the web app *
Who has access:
Anyone with Google account
Code.gs
function doGet(e) {
// Check if the event object e is defined and has parameter
var page = (e && e.parameter) ? e.parameter.page || 'index' : 'index'; // Default to 'index' if no page is specified or e is undefined
var userEmail = Session.getActiveUser().getEmail();
Logger.log("User Email from Session: " + userEmail); // Debugging line
if (isAuthorized(userEmail)) {
logUserEmail(userEmail);
return HtmlService.createTemplateFromFile(page).evaluate();
} else {
// Redirect to an unauthorized access page or show an error message
return HtmlService.createHtmlOutput("You are not authorized to access this application.");
}
}
function loadIndex(e) {
// Check if the event object e is defined and has parameter
var page = (e && e.parameter) ? e.parameter.page || 'index' : 'index'; // Default to 'index' if no page is specified or e is undefined
var userEmail = Session.getActiveUser().getEmail();
Logger.log("User Email from Session: " + userEmail); // Debugging line
if (isAuthorized(userEmail)) {
logUserEmail(userEmail);
return HtmlService.createTemplateFromFile(page).evaluate();
} else {
// Redirect to an unauthorized access page or show an error message
return HtmlService.createHtmlOutput("You are not authorized to access this application.");
}
}
function logUserEmail(email) {
var email = Session.getActiveUser().getEmail();
Logger.log("User Email: " + email);
}
function isAuthorized(email) {
var sheet = SpreadsheetApp.openById('13dStidKhr3EcvDUZTZWxFVc5N2rQkfbGySclp0JqNTI').getSheetByName('AuthorizedUsers');
var data = sheet.getRange('A:A').getValues(); // Get all email addresses in column A
var emails = data.flat().filter(String); // Flatten and remove empty values
Logger.log("Authorized Emails: " + JSON.stringify(emails)); // Debugging line
return emails.includes(email);
}
function include(filename) {
return HtmlService.createHtmlOutputFromFile(filename).getContent();
}
I also tried changing the manage deployments I’ve changed it into:
Execute as:
Me
Who has access:
Anyone with Google account
and changed the Session.getActiveUser into Session.getEffectiveUser but when the other users tried to access the web app even if they do not belong to AuthorizedUsers they can still access the web app.