部署为USER_DEPLOYING的Google应用程序脚本网络应用程序getActiveUser.getEmail()不起作用 [英] Google app script web app getActiveUser.getEmail() not working when deployed as USER_DEPLOYING
问题描述
我正在尝试创建一个将使用Google表格作为后端的网络应用.我想使用户能够仅通过Web应用程序访问Web应用程序并执行读/写操作.我不想让这些用户访问Google工作表,因为我想限制他们可以通过网络应用读取的数据.我尝试使用 USER_DEPLOYING 作为执行方式,但是这样做无法获取正在使用Web应用程序的人员的电子邮件.有什么方法可以实现我的目标?
I am trying to create a web app which will be using google sheets as backend. I want to enable users to access the web app and perform read/write operations through web app only. I do not want those users to have an access to the google sheet as I want to limit the data they can read through the web app. I tried using USER_DEPLOYING as the execute as, but doing so I am not able to get the person's email who is using the web app. Is there any way to achieve what I am trying to do?
推荐答案
问题:
出于安全原因,如果将Web应用程序部署到 USER_DEPLOYING (即,以以下方式执行该应用程序:Me ),并且访问该Web应用程序的用户(即,活动用户)不属于与运行脚本的用户相同的G Suite域(即
Issue:
For security reasons, if a web app is deployed to USER_DEPLOYING (that is, Execute the app as: Me) and the user accessing the web app (that is, the active user) doesn't belong to the same G Suite domain as the user under whose authority the script runs (that is, the effective user), the script does not have access to the active user's email.
在脚本未经用户授权运行的任何情况下(简单的触发器等),都会发生同样的情况.
The same will happen in any context in which the script runs without user's authorization (simple triggers, etc.).
摘录自
获取有关当前用户的信息.如果安全策略不允许访问用户的身份,请 User.getEmail()返回空字符串.可用的电子邮件地址的情况各不相同:例如,在任何允许未经用户授权运行脚本的上下文中,用户的电子邮件地址都不可用,例如简单的onOpen(e)或onEdit(e)触发器,Google表格中的自定义功能,或部署为以我的身份执行"的网络应用(即由开发人员而非用户授权).但是,如果开发人员自己运行脚本或与用户属于同一G Suite域,这些限制通常不适用.
Gets information about the current user. If security policies do not allow access to the user's identity, User.getEmail() returns a blank string. The circumstances in which the email address is available vary: for example, the user's email address is not available in any context that allows a script to run without that user's authorization, like a simple onOpen(e) or onEdit(e) trigger, a custom function in Google Sheets, or a web app deployed to "execute as me" (that is, authorized by the developer instead of the user). However, these restrictions generally do not apply if the developer runs the script themselves or belongs to the same G Suite domain as the user.
这篇关于部署为USER_DEPLOYING的Google应用程序脚本网络应用程序getActiveUser.getEmail()不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
