[9.2.1 - version 50] GESI - Google Sheets ESI Add-On - Now an EVE Online Partner!

EVE Technology and Research Center Third Party Developers
,
80

5.0.0 March 6, 2018

This major version release focuses on refactoring where SSO auth data (char name/id, corp/alliance id, refresh_token) are stored as well as some QoL improvements for people using the script for corp management.

Previously I was relying upon documentProperties service of Google scripts. However, #21 as well as messages from others brought to my attention that it for one reason or another it loses the data every so often. This

This new method creates a new sheet Auth Data within your spreadsheet to store the data, much like a database, one row per character. This allows users to easily export that data and copy paste it back in if something breaks. Or if you want to remove auth of a particular character, just delete their row. This change makes GESI much more reliable and easier to maintain for corp directors and CEOs (or people with a lot of characters).

Changelog & Notes

Breaking Changes

  • Reauth of all characters will be required.

Security

By default the Auth Data sheet is hidden and protected so that it is only unhideable/viewable by the sheet owner. i.e. only the sheet owner can see the refresh tokens of people auth’d on that spreadsheet. If you wish to give other people access you will have to manually add them using (Data -> protected sheets and ranges -> show all -> Auth Data -> change permissions and change Only Me to Custom). However auth data can still be retrieved by anyone with edit access by writing a custom function to iterate over the Auth Data sheet and log data.

From my testing, only people with edit access can auth. In terms of corp management, this either means giving each member edit access, have them auth, then revoke edit access to view only or none at all, or only use the sheet for CEO/Director level usage.

If you require absolute security I would suggest the following (i didn’t test this so any issues message me):

  1. Setup two spreadsheets with GESI. One for CEOs/Directors/Leadership members and another for general members using same client id and secret for each.
  2. Replace the authCallback function in the general membership spreadsheet with:
function authCallback(request) {
    return HtmlService.createHtmlOutput('Your refresh token is:  ' + getAccessToken_(request.parameter.code)['refresh_token']);
}
  1. Direct corp members to the general membership sheet and have them auth.
  2. Have them copy the refresh_token string from the success message and give it to one of their directors/CEO to manually create a row in the leadership/CEO/Director spreadsheet.

This way general members only ever get to see their own refresh_token and the master spreadsheet can be kept secure with only Leadership/CEO/Directors having edit access.

Other

  • There is now a function to check for updates, an explanation of each type of update is in the Readme.
  • I also added a Troubleshooting section to the readme for common issues i come across and will update as needed.

As usual any issues/etc feel free to get in touch.

Smoke

4 Likes