I am new to SharePoint. I have written a simple python script that basically connects to SharePoint and uploads files (aspx and other frontend files) from a folder on my local machine to a specific folder on SharePoint site.
To facilitate the script to communicate with the SharePoint, I have a created an App principal under SharePoint using the SharePoint App-Only model. I have done this by calling the appregnew.aspx, example: https://spo.test.com/sites/MYSITE/\_layouts/15/appregnew.aspx , below is the sample page when 'appregnew.aspx' is called
Then, I have provided the below permissions to the App principal through 'appinv.aspx', example - https://spo.test.com/sites/MYSITE/\_layouts/15/appinv.aspx
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl"/>
</AppPermissionRequests>
Next, I use the Client ID and Client Secret under the Python script to establish communication with SharePoint and to upload files to a specific folder (folder already exists and is not created by the program) on SharePoint, example path to which files are uploaded: https://spo.test.com/sites/MYSITE/Shared%20Documents/TeamDocs2
Note: This script uses Python library 'Office365-REST-Python-Client' to communicate with SharePoint
The script can successfully authenticate itself and also upload the files to the folder on SharePoint. But then when I manually go to the SharePoint folder and click on the aspx file, example : index.aspx; the file gets downloaded instead of getting rendered.
There is no issue with the file i.e. it is not corrupted because when I manually upload the same file onto the same folder, then there is no issue, the file gets rendered.
In regards to the permissions for the App principal, I've already given 'FullControl' at the scope 'sitecolletion/web' level. I also tried changing the scope from 'http://sharepoint/content/sitecollection/web' to 'http://sharepoint/content/sitecollection', this didn't work as well
Please can somebody help me with this. Thanks in advance
The reason the .aspx page is being downloaded is related to security risk mitigation in SharePoint. If you consider that Javascript (.js) files and .aspx files are executable files in the browser, then it should also be self evident that allowing users to upload such files to SharePoint could pose risk. Because of this, Microsoft has disabled custom script on all modern sites by default. You can choose to overrule this setting, but it should be done with extreme caution.
Related
If I have access to a folder with some files in google drive, it's possible to download this folder without showing any changes in history? The owner of the folder should not see that the file was downloaded. If it's possible in python please tell me how to do it.
I used to think about some script (with using Google API) or some service/site to resolve this problem.
Can i use the url to a google drive folder as a download_path in selenium
for instance like this .Heroku error says file not found
mudopy.download_path(r"https://drive.google.com/drive/folders/1IPNuefeIXXCKm8Xxm3u1ekltxTF3dCT0")
According to the code of mudopy module, it saves the downloaded file into a local directory. So you can later upload that file to a google drive. Not sure if heroku allows to store something locally.
Moreover, the function mudopy.download_path does not download anything yet, but only creates a local file that stores the path to the folder where you want to save the downloaded files. And looks like Heroku does't even permit creating this file.
I have a working code that sends a GET request to a server and downloads files to my local folder. Now I need to have these files available on a SharePoint. I can upload the files to SharePoint after they are downloaded to my local folder. But is there a way that I can run my GET request and directly download the file to SharePoint? I am okay with python or node.
I have a flask app in which it has a button to download an HTML report. The download button when hit creates an xlsx file. It worked fine until that app was running on my local server because the python code found my Downloads directory no matter what os it is using python's os module.
Now the app is deployed on a remote server, in this case, how do you let the system know the client's download directory path where this xlsx file can then be created? Or any other pointers for a better solution if I'm missing something?
To serve a user a file to download, the webserver needs to deliver it in a special way. You can't use the os module to write to the user's computer. It worked locally, because your server was the same computer as your user environment in the browser.
The correct way to serve a user a file for downloading is to use flask's send_file method.
To show you the process, I've created an example below. In this example, I'm assuming that you have a function called build_report(...) which accepts a report_id and returns an io.BytesIO object containing the content of the xlsx file.
from flask import send_file
#app.route("/download-report/<report_id>")
def download_report(report_id):
file_obj = build_report(report_id)
return send_file(
file_obj,
mimetype="application/vnd.ms-excel",
attachment_filename=f"report-{report_id}.xlsx",
)
If i understand correctly - you want to specify a directory to which the file should be downloaded on users computer when he/she hits download button.
This is not possible, and is handled fully by the browser.
Browser processes the request/stream of special type and then creates the output file in the location specified by the user in browser settings. The os library which you mentioned relates to your server machine not client, so any os opertaions that you provide in your code will be executed on your server (like creating a file). So that's why it worked on your local machine - which was server and client at once.
Why it's dissalowed?
Imagine a "virus file" being uploaded to your C:\Windows\System32. Web applications could be granted control over your machine with a simple button download. The huge security issue doesnt allow for client's machine access from web application
How can i automate a spreadsheet which is stored in google drive without downloading it.
https://automatetheboringstuff.com/chapter12/
If you have Read permission on a folder (called View permission on Google Drive), you can open and run code from a workbook stored there, however technically the file is still being downloaded to your local machine, likely in a temporary folder.
If you have Write permission on a folder (called Edit permission on Google Drive), you can replace/overwrite a file that's stored there.
View: People can view, but can’t change or share the file with others.
Comment: People can make comments and suggestions, but can’t change or share the file with others.
Edit: People can make changes, accept or reject suggestions, and share the file with others.
More Information :
Google Support : Share files from Google Drive
Microsoft.com : Windows Temporary Files