In our organisation we have a standard user who created all the Bigquery projects, tables, and some Google Sheets that they point to.
We created another user in the organisation, granted them Bigquery Data Viewer and Bigquery Data User permissions, and allowed them access to the Google Sheet. They are able to access the standard tables, but the not the ones backed by Google Sheets; they get the error Encountered an error while globbing file pattern.
Granting that new user Bigquery Editor permission, they can create their own tables backed by sheets, but they get this dialog box:
After granting permissions, we can remove the Bigquery Editor permission and the user continues to have access to the all the existing Bigquery tables including those backed by sheets.
Looking in the new user's Google Account https://security.google.com/settings/security/permissions, we see they've added the Bigquery Client Tools:
Question 1: What is the correct way to grant this permission for new users? We've found two work-arounds:
- Grab the URL from the pop-up and edit it for new users, without the need to grant them Editor permission.
- Get the users to save a query out to Google Sheets, which triggers the pop-up.
But we've found no programatic way to grant the users this permission.
Further...
However, the API still seems to have problems. We ran:
gcloud auth login --enable-gdrive-access
# approve permissions in the web browser for the new user
bq query --apilog=apil.log "SELECT * FROM [warehouse:catalog.table]"
and our log shows either "An internal error occurred and the request could not be completed." or "Encountered an error while globbing file pattern."; for example:
INFO:root:{
[...]
"jobReference": {
"projectId": [...]
"jobId": "bqjob_r2410ded84270edc0_00000158fdea47bb_1"
},
"status": {
"state": "DONE",
"errorResult": {
"reason": "internalError",
"message": "An internal error occurred and the request could not be completed."
},
"errors": [
{
"reason": "internalError",
"message": "An internal error occurred and the request could not be completed."
}
]
},
[...]
}
Question 2: What further do we need to do to grant data access through the API/cli?
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/R1gTE.png', '推荐 放荡不羁爱自由 的文章《Correct way to grant Bigquery Client Tools access 》','https://www.manongdao.com/article-759196.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}