Skip to content

fix(google-scopes): removed unnecessary google scopes#849

Merged
waleedlatif1 merged 2 commits intostagingfrom
fix/google-scopes
Aug 2, 2025
Merged

fix(google-scopes): removed unnecessary google scopes#849
waleedlatif1 merged 2 commits intostagingfrom
fix/google-scopes

Conversation

@aadamgough
Copy link
Contributor

@aadamgough aadamgough commented Aug 2, 2025

Summary

Removes unnecessary scopes

Fixes #(issue)

Type of Change

  • Bug fix

Testing

Logged in and logged out multiple times for both gmail and google sheets. Confirmed that all operations were working for each tool.

Checklist

  • Code follows project style guidelines
  • Self-reviewed my changes
  • Tests added/updated and passing
  • No new warnings introduced
  • I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

@vercel
Copy link

vercel bot commented Aug 2, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
sim ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 2, 2025 9:16pm
1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
docs ⬜️ Skipped (Inspect) Aug 2, 2025 9:16pm

@aadamgough aadamgough marked this pull request as ready for review August 2, 2025 21:10
greptile-apps[bot]
greptile-apps bot reviewed Aug 2, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Summary

This PR removes OAuth scopes from Google Sheets and Gmail integrations across multiple files. The changes eliminate the https://www.googleapis.com/auth/spreadsheets scope from Google Sheets tools (read, write, update, append) and the https://www.googleapis.com/auth/gmail.compose scope from Gmail draft functionality. The modifications span tool configurations, block definitions, OAuth provider settings, and UI components.

The changes centralize scope management by relying on base provider scopes defined in oauth.ts and auth.ts rather than having individual tools specify additional scopes. For Google Sheets, the integration now depends solely on the https://www.googleapis.com/auth/drive.file scope, while Gmail operations rely on existing base scopes like gmail.send and gmail.modify. The PR also removes corresponding scope descriptions from the OAuth required modal to maintain UI consistency.

This refactoring follows the principle of least privilege by requesting fewer permissions during OAuth flows, potentially improving user trust and reducing the need for extensive Google API verification processes.

Confidence score: 2/5

  • This PR introduces significant risk of breaking Google Sheets functionality for existing user workflows
  • Score reflects a fundamental misunderstanding of Google OAuth scope limitations and potential production impact
  • Critical attention needed on OAuth configuration files and all Google Sheets integration points

9 files reviewed, 1 comment

Edit Code Review Bot Settings | Greptile

apps/sim/lib/oauth/oauth.ts Outdated
Comment on lines 134 to 136
scopes: [
'https://www.googleapis.com/auth/spreadsheets',
'https://www.googleapis.com/auth/drive.file',
],
Copy link
Contributor

@greptile-apps greptile-apps bot Aug 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

logic: Using only drive.file scope limits access to spreadsheets created by the app or explicitly selected by users via Google Picker. For existing spreadsheets, users would need to explicitly grant access through file sharing or selection UI.

@vercel vercel bot temporarily deployed to Preview – docs August 2, 2025 21:12 Inactive
@waleedlatif1 waleedlatif1 merged commit 9c3bcba into staging Aug 2, 2025
5 checks passed
@waleedlatif1 waleedlatif1 deleted the fix/google-scopes branch August 2, 2025 22:17
waleedlatif1 pushed a commit that referenced this pull request Aug 5, 2025
@aadamgough @waleedlatif1
fix(google-scopes): removed unnecessary google scopes (#849)
9eb28a1 
* removed unnecessary google scopes

* bun run lint #849

---------

Co-authored-by: Adam Gough <adamgough@Mac.attlocal.net>
@waleedlatif1 waleedlatif1 mentioned this pull request Aug 5, 2025
Merged
waleedlatif1 pushed a commit that referenced this pull request Aug 6, 2025
@aadamgough @waleedlatif1
fix(google-scopes): removed unnecessary google scopes (#849)
fd48bf1 
* removed unnecessary google scopes

* bun run lint #849

---------

Co-authored-by: Adam Gough <adamgough@Mac.attlocal.net>
arenadeveloper02 pushed a commit to arenadeveloper02/p2-sim that referenced this pull request Sep 19, 2025
@aadamgough
fix(google-scopes): removed unnecessary google scopes (simstudioai#849)
2fb5551 
* removed unnecessary google scopes

* bun run lint simstudioai#849

---------

Co-authored-by: Adam Gough <adamgough@Mac.attlocal.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aadamgough @waleedlatif1