-
-
Notifications
You must be signed in to change notification settings - Fork 191
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scope requests might be to permissive #123
Comments
Hi,
This will be changed in the next version by switching from GMailApp to MailApp.
I see that some features are not used by some users, the best solution would be to dynamically request permissions based on the settings activated by the user but this is as far as i know currently not possible.
As "Apps Script automatically detects what scopes are needed" the script will always request all permissions that might be used by the script. An explaining wiki post about Permissions and how to adjust them is a good idea.
The script will never edit/delete events that were not originally created by it! |
That assessment sounds fine to me. I didn't realize that by using |
@chregon2001 Thanks for this info, I was also concerned about the excessive permissions required to run the app. Glad to know I can control it through oauthScopes. |
@chregon agreed, nice find with the oauth scopes. It would be great if this info was in the installation instructions. |
Please check out #191. I simply removed the last The following are still requested:
|
|
Another option is to have a throwaway google account and install the script to the throwaway account. Then the calendar can be shared to your primary google account. |
@jonas0b1011001 This was literally a copy from this GitHub I made. |
The filename suggests you made a copy of a testversion from my google drive. You might have found it somewhere in the comments but that does not mean it's an official realease. |
I just created a wiki article about this topic. Further steps i'd like to take to address the concerns:
|
I hope this is the right place for this, if not please inform me.
I think many users find the requested scope is a bit too much (e.g. read, edit, and delete all emails).
In my case, I have the script running with only:
in the appscript.json. So no emails, and no task integration, but I bet many users don't find these necessary.
I think having the scope set manually, and maybe even informing the user of how to remove unneeded scope can help reach more people on the fence of using this. Also, might prevent some issues like this issue from becoming catastrophic down the line.
See, Authorization Scopes documentation for more.
The text was updated successfully, but these errors were encountered: