Posted by Kalyan Reddy, Developer Programs Engineer
Apps Script includes many built-in Google services for major products like Gmail and Drive, and lately, we've been working to add other APIs that developers have been clamoring for as advanced Google services. Today, we are launching seven more advanced services, including:
Like all other advanced services in Apps Script, they must first be enabled before use. Once enabled, they are just as easy to use as built-in Apps Script services -- the editor provides autocomplete, and the authentication flow is handled automatically.
Here is a sample using the Apps Activity advanced service that shows how to get a list of users that have performed an action on a particular Google Drive file.
function getUsersActivity() { var fileId = 'YOUR_FILE_ID_HERE'; var pageToken; var users = {}; do { var result = AppsActivity.Activities.list({ 'drive.fileId': fileId, 'source': 'drive.google.com', 'pageToken': pageToken }); var activities = result.activities; for (var i = 0; i < activities.length; i++) { var events = activities[i].singleEvents; for (var j = 0; j < events.length; j++) { var event = events[j]; users[event.user.name] = true; } } pageToken = result.nextPageToken; } while (pageToken); Logger.log(Object.keys(users)); }
This function uses the AppsActivity.Activities.list() method, passing in the required parameters drive.fileId and source, and uses page tokens to get the full list of activities. The full list of parameters this method accepts can be found in the Apps Activity API's reference documentation.
AppsActivity.Activities.list()
drive.fileId
source
Update (2015-06-15): The sunset date listed below has been changed from June 26th to July 6th, 2015.
Posted by Eric Koleda, Developer Platform Engineer
OAuth is the de facto standard for authorization today and is used by most modern APIs. Apps Script handles the OAuth flow automatically for dozens of built-in and advanced services, but until recently only had limited support for connecting to other OAuth-protected APIs such as Twitter, etc. The URL Fetch service’s OAuthConfig class only works with the older OAuth 1.0 standard and only allows the developer of the script (not its users) to grant access to their data. To address this, we’ve create two new open source libraries:
OAuthConfig
With only a few clicks, you can add these libraries to your scripts. The full source code is available on GitHub if you need to tinker with how they work. These libraries allow for greater control over the OAuth flow, including the ability for users to grant access separately, a long standing feature request from the community.
We believe that these open libraries are a better alternative to our previous solution, and therefore we are deprecating the OAuthConfig class. The class will continue to function until July 6, 2015, after which it will be removed completely and any scripts that use it will stop working We’ve prepared a migration guide that walks you through the process of upgrading your existing scripts to use these new libraries.
Separate from these changes in Apps Script and as announced in 2012, all Google APIs will stop supporting OAuth 1.0 for inbound requests on April 20, 2015. If you use OAuthConfig to connect to Google APIs, you will need to migrate before that date. Update your code to use the OAuth2 library or the API’s equivalent Advanced Service if one exists.
We see Apps Script and Sheets as the perfect hub for connecting together data inside and outside of Google, and hope this additional OAuth functionality makes it an even more compelling platform.
Protection
PageProtection
// Protect range A1:B10, then remove all other users from the list of editors. var ss = SpreadsheetApp.getActive(); var range = ss.getRange('A1:B10'); var protection = range.protect().setDescription('Sample protected range'); // Ensure the current user is an editor before removing others. Otherwise, if the user's edit // permission comes from a group, the script will throw an exception upon removing the group. var me = Session.getEffectiveUser(); protection.addEditor(me); protection.removeEditors(protection.getEditors()); if (protection.canDomainEdit()) { protection.setDomainEdit(false); }
// Remove all range protections in the spreadsheet that the user has permission to edit. var ss = SpreadsheetApp.getActive(); var protections = ss.getProtections(SpreadsheetApp.ProtectionType.RANGE); for (var i = 0; i < protections.length; i++) { var protection = protections[i]; if (protection.canEdit()) { protection.remove(); } }
// Protect the active sheet except B2:C5, then remove all other users from the list of editors. var sheet = SpreadsheetApp.getActiveSheet(); var protection = sheet.protect().setDescription('Sample protected sheet'); var unprotected = sheet.getRange('B2:C5'); protection.setUnprotectedRanges([unprotected]); // Ensure the current user is an editor before removing others. Otherwise, if the user's edit // permission comes from a group, the script will throw an exception upon removing the group. var me = Session.getEffectiveUser(); protection.addEditor(me); protection.removeEditors(protection.getEditors()); if (protection.canDomainEdit()) { protection.setDomainEdit(false); }
Posted by Wesley Chun, Developer Advocate, Google Apps
Last summer, we launched the new Gmail API, giving developers more flexible, powerful, and higher-level access to programmatic email management, not to mention improved performance. Since then, it has been expanded to replace the Google Apps Admin SDK's Email Migration API (EMAPI v2). Going forward, we recommend developers integrate with the Gmail API.
EMAPI v2 will be turned down on November 1, 2015, so you should switch to the Gmail API soon. To aid you with this effort, we've put together a developer’s guide to help you migrate from EMAPI v2 to the Gmail API. Before you do that, here’s your final reminder to not forget about these deprecations including EMAPI v1, which are coming even sooner (April 20, 2015).
IFRAME
var html = HtmlService.createHtmlOutputFromFile('foo'); html.setSandboxMode(HtmlService.SandboxMode.IFRAME);
We couldn’t resist using the new HTML service ourselves, so we’ve published an alternate version of the Google Translate add-on on GitHub that uses the iframe sandbox mode as well as Polymer and material design concepts.
With the launch of the IFRAME sandbox, it is now time to bid goodbye to UiApp. The UI service was a very useful way to serve user interfaces in Docs and Sheets at a time when sandboxing technologies were still evolving. Effective today, UI service is deprecated. It will be removed from documentation and autocomplete in the script editor on June 30, 2015. If you have built any UIs using UiApp, they will continue to work.
UiApp
<script type="application/ld+json"> { "@context": "http://schema.org", "@type": "FoodEstablishmentReservation", "reservationNumber": "WTA1EK", "reservationStatus": "http://schema.org/Confirmed", . . . information about dining customer . . . "reservationFor": { "@type": "FoodEstablishment", "name": "Charlie’s Cafe", "address": { "@type": "PostalAddress", "streetAddress": "1600 Amphitheatre Parkway", "addressLocality": "Mountain View", "addressRegion": "CA", "postalCode": "94043", "addressCountry": "United States" }, "telephone": "+1 650 253 0000" }, "startTime": "2015-01-01T19:30:00-07:00", "partySize": "2" } </script>
DocsListDialog is a widget used by only a small fraction of Apps Script projects to provide a Google Drive "file open" dialog in a UI service user interface. In almost all cases, using Google Picker in HTML service is preferable and more secure.
DocsListDialog
Before September 30, 2014, we require scripts using DocsListDialog to make a small update to improve security.
Specifically, if you use DocsListDialog, you'll need to start calling a new method, setOAuthToken(oAuthToken) before you call showDocsPicker(). The new method sets an OAuth 2.0 token to use when fetching data for the dialog, on behalf of the user whose content should be shown.
setOAuthToken(oAuthToken)
showDocsPicker()
So long as the app isn't a web app set to execute as "me" (the developer), you can get the necessary OAuth 2.0 token by calling ScriptApp.getOAuthToken(). The example below shows how to convert an old DocsListDialog implementation to the new model.
ScriptApp.getOAuthToken()
function showDialog() { var app = UiApp.createApplication(); app.createDocsListDialog() .addCloseHandler(serverHandler) .addSelectionHandler(serverHandler) .showDocsPicker(); SpreadsheetApp.getUi() .showModalDialog(app,' '); }
function showDialog() { var app = UiApp.createApplication(); app.createDocsListDialog() .addCloseHandler(serverHandler) .addSelectionHandler(serverHandler) .setOAuthToken(ScriptApp.getOAuthToken()) .showDocsPicker(); SpreadsheetApp.getUi() .showModalDialog(app,' '); }
To ensure your script continues to work properly, be sure to make this change before September 30.
Posted by Dan Lazin, Googler
