问题
I am trying to create a web app which will be using google sheets as backend. I want to enable users to access the web app and perform read/write operations through web app only. I do not want those users to have an access to the google sheet as I want to limit the data they can read through the web app. I tried using USER_DEPLOYING
as the execute as, but doing so I am not able to get the person's email who is using the web app. Is there any way to achieve what I am trying to do?
回答1:
Issue:
For security reasons, if a web app is deployed to USER_DEPLOYING
(that is, Execute the app as: Me
) and the user accessing the web app (that is, the active user) doesn't belong to the same G Suite domain as the user under whose authority the script runs (that is, the effective user), the script does not have access to the active user's email.
The same will happen in any context in which the script runs without user's authorization (simple triggers, etc.).
Explanation:
From the documentation on getActiveUser():
Gets information about the current user. If security policies do not allow access to the user's identity, User.getEmail() returns a blank string. The circumstances in which the email address is available vary: for example, the user's email address is not available in any context that allows a script to run without that user's authorization, like a simple onOpen(e) or onEdit(e) trigger, a custom function in Google Sheets, or a web app deployed to "execute as me" (that is, authorized by the developer instead of the user). However, these restrictions generally do not apply if the developer runs the script themselves or belongs to the same G Suite domain as the user.
来源:https://stackoverflow.com/questions/62318666/google-app-script-web-app-getactiveuser-getemail-not-working-when-deployed-as