I have published a deployment that runs with the developer account. In the deployment settings I have a role called "Supervisors". I have assigned a google group to that role, directorssupervisors#domain.com.
When the deployment runs with the developer account, everythings works fine. But when the deployment is ran by any other user, I get the following error:
appmaker.application.permission.GroupsPermission: Error reading group directorssupervisors#domain.com. Note: The deployer developeraccount#domain.com must have access to this group.
Exception:
Exception: You do not have permission to view the member list for the group: directorssupervisors#domain.com
The group settings are configured so that everyone in the domain can view the membership; moreover, the developer account is a member of the group.
I have checked the information provided in this post and also in this post but none of them seem to help. The developer account was added to the group more than 72 hours ago and the deployment was published more than 48 hours ago.
So far, everything is leading me to believe this is a bug. Before I open a support ticket with the G Suite AppMaker team, I would like to know if anyone has had the same issue and if there was a solution to it.
Thanks in advance for your help!
UPDATE:
Now it is also showing the error when the app is ran by the developer account!
It so happens that the AppMaker team corrected a buggy behavior that allowed the reading of email addresses from groups without having the permission properly set up in the group settings. To make the app work again I had to make sure the group permission had the proper access for viewing email addresses; Group Settings -> Permissions -> Access permissions -> View Email Addresses.
Once I changed the permission to All members of the group, I proceeded to republish the app and then it worked again.
Update 12/31/2019
On top of the already mentioned above, you also need to make sure that the group is visible to all members in the organization:
Group Settings -> Permissions -> Basic permissions -> Group Visibility.
Related
When you add a custom domain in Firebae Hosting, at the end of the process you see two DNS A records that you should add to your DNS configuration.
https://firebase.google.com/docs/hosting/custom-domain#go-live
QUESTION
But after you're done with the process of adding the new custom domain, where in the Firebase Console can you find the information about those DNS A records again?
I didn't find it in the Firebase Hosting section nor in my Project Settings.
I haven't seen anything within the Firebase console that shows the record information, but the A records are outlined in their per-provider docs lower in the documentation you provided:
https://firebase.google.com/docs/hosting/custom-domain#dns-records-cloudfare
I just found out that if the DNS A records have already been detected by Firebase, they will no longer be accessible from the Firebase Console.
But if the records haven't been detected by Firebase yet, you be able to see them by clicking on your custom domain on your console's Firebase Hosting section. It will be marked with "View Setup" or something like that (don't remember the exact phrase).
If it's marked as "pending", it's because the records have already been detected and it's waiting for propagation across the DNS network.
It it's marked as "conected", it's because it's already up an running.
I have an issue with connecting GA to Data Studio. Everything seems to work fine but there's some kind of problem that I just don't know how to solve. Maybe somebody have already had something similar before.
Although my account is authorized and I can choose everything - Connectors, Account, Property and View and even see the fields - when I add it to report, I get Error 400.
400. That’s an error.
Error: admin_policy_enforced
Access to your account data is restricted by policies within your organization. Please contact administrator for more information.
Request Details
client_id=myid-myanotherid.apps.googleusercontent.com
scope=https://www.googleapis.com/auth/drive
access_type=offline
response_type=code token
immediate=false
pageId=none
user_id=myid#myemail.com
include_granted_scopes=true
proxy=oauth2relay2050978162
redirect_uri=postmessage
origin=https://datastudio.google.com
gsiwebsdk=1
state=781464001|0.792356641
jsh=m;/_/scs/apps-static/_/js/k=oz.gapi.en.6hIrKdeK3RQ.O/m=__features__/am=AQ/rt=j/d=1/rs=AGLTcCNV6CBDIuxs3srAO9rORg8A8mF6Kg
hd=sotrender.com
That’s all we know.
It seems to bit a problem with Google Drive. But when I create a new report in Data Studio, it creates a file in my Drive so I don't really know why is that happening. GA works fell because I can see all the accounts, views, fields, etc. when creating a report. After I click 'Create a new data source', choose the data source and click 'Add to report' - the message above appears and I can't really do anything else.
Cheers.
Does your organization use G Suite? If so there's an administrator inside your company responsible for G Suite settings. He has restricted you or your whole organization of either using Analytics, using Data Studio or linking both together. You need to get in contact with your company admin to help you get the correct access to perform this change.
We running a wordpress website use google oauth for third-party social login. (via WP Social Login plugin.) Former engineer is leave, and we cannot have past google account credential.
We face a problem shows:
Error 401
Error: deleted_client
The OAuth client was deleted.
but we can only see old client id and secret from website admin panel.
I wanna to know,
if we set up a new google oauth application id/secret, will it make user crash from login website?
Or, is it possible for us to restore/retrieve former application ownership and make it live again?
This happened to me when I was working on an Add-On (maybe not completely related to this question but similar). I mistakenly deleted a Client ID that I thought we weren't using.
How I solved it:
Created a new project in Google Cloud
Associated the Apps Script project (Add-on) to this new Google Cloud project
Then I re-associated the App Script project with my previous Google Cloud project
The previous step will re-compile, create and associate the Client ID to the App Script project. It will contain all settings from the Client ID manually created and associated with your project in the code.
Maybe this will give some light to anyone having a similar problem.
Here use this link:
https://support.google.com/cloud/answer/6251787?hl=en
You have to reach google and they will help you out, this is the only solution you can do.
In my case, the simplest/only path (though certainly not ideal) ended up being to create a new Firebase project and start using that.
This of course can be problematic if you have a lot of data to move and/or a nontrivial data schema - say, with nested collections. For me, it was worth the effort to get unblocked from Sign-In suddenly failing to work.
... ah, OAuth fun
=======
If you are trying to make the new Client ID work .. though it's not a total solution, but after searching for a while, found this config option in Firebase console - where you enable Google Sign In.
So if you generate a new OAuth Client ID, update the ID & secret there.
After I did this, it went from a 401 error to a 400 mis_direct , which I think was step in the right direction.
I am adding members in my Firebase project through console with the role of "Project Editor" which have all view permissions acc to docs. But by login as a member I am not able to see the Analytics. I tried changing role to "Project Owner" but still Analytics are not visible.
I am working with Firebase for the first time and new with the roles concept. Please help if anyone have solution to this.
Thanks in advance.
What do you mean by the term "not visible", are you seeing a plain blank screen or the dashboards are there but no data yet?
I'd suggest you to try the following workarounds:
If you have multiple Google accounts logged in at the same time, please logged them out and use only the account for Firebase. Also, use Google Chrome incognito mode.
Turn off Ad blockers or check if the Analytics domain is disabled by your Network administrator.
Open the Google Chrome developer mode, then check if there's any error logs or stack trace on the console. Reach out to the Firebase Support team by creating a ticket here.
Hope this helps.
Got the solution
I tried other gmail id that is with "gmail.com" domain rather than my "company_name.com" domain and the analytics is now visible that is previously only blank white screen.
It is because in company domain there are some restriction on user access.
On the latest version of Firebase (Announced during Google I/O 2016), how do I add other people to my project or app whom I want to collaborate with? I came across IAM roles through Settings > Permissions. Is this the right way? If I add person there and assign a role, say Editor, will he/she be notified about it through email? Will a request be sent or will they be added directly to that role?
To give people access to your Firebase project, take these steps:
Select your project in the new Firebase Console
In the top left, next to the project name, click the settings/cog wheel icon
Click Users and Permissions
Click Add member
Enter the email address of the user to add and select the appropriate role as per your requirement
Click the second Add member button
The newly added users will get an email with the subject [Firebase] Invitation to join project and an option to Accept Invite in the body. Be certain to let them know that you added them so that they can accept the invite.
UPDATE 6/18/2018 - changes to Cloud Console and Google's functionality, the original solution may no longer work as shared in comments. For a recent project, I was able to add other users and permissions via Firebase console as indicated below.
Old Solution
Originally you had to choose Editor but you do not have to any more. There are new roles added to Google Cloud IAM in the other section, namely the Firebase Rules System role.
If you add a user to a Google Cloud project using IAM and assign them this role, they can access Firebase project by visiting:
https://console.firebase.google.com
The authorized project(s) should appear and they can access, without access to the rest of the Google Cloud project.
In latest version of the console adding is in a bit different.
Go To Your Project -> Project Overview -> Users and Permissions . This will open up new Pop Up.
Now click on the +Add to add the Members.
Now Add Email Id of the member. Now below that choose from the dropdown Project -> Collaborator as shown below and Save. Thats all! You are done.
If you're adding a Project owner, an invite will be sent to the new user. However, no email invites are sent for the Project Editor/Viewer roles.
From Users and Permissions tab, now, at I/O 2019, it was announced a new option to give permissions.
You can now assign to a specific collaborator, access to Analytics, Develop, Quality and Grow, each one with Admin privileges or View privileges.