I have been working quite a lot with Google Apps Script lately, but there is one thing that still is very unclear to me and the docs do not hint about it at all:
When publishing a script as a WebApp (access: Anyone, as: User accessing the WebApp) and asking for permissions (e.g. GMailApp access, UserProperties and Trigger) and then afterwards changing that script (but not asking for any additional permissions, just changing code) and publishing it again, it seems as if triggers being run by Scripts priorly authorized by users lose their authorization (e.g. the user gets an email with a failure message: Authorization is required to perform that action. from that script).
I read about libraries being independent based on their version, but accessing GMailApp from within a library or a Trigger within a library is not possible as it needs the active user? Is there any way around this? What is the suggested upgrade path, e.g. how can I make (code) changes to the script without making it fail for existing users?
Some services – gmailApp and mailApp for sure- are considered as sensitive matters by Google and therefor any modification in the code, even a very minor change, implies a renewal of the authorization. I can’t remember exactly right now where I read that info but I’m pretty sure I read it (!) and I saw it also as a Googler answer somewhere in this forum. Forgive me for not being accurate concerning references.
Anyway … that explains why you have these authorization issues with your script and AFAIK there is no way to avoid this process.
That said, your users should get an authorization screen, not an error message for services that they use in your app.
If you use triggers in your app (that you set yourself of course) then you should run these functions yourself manually to pass the authorization since the triggers are executed under the authority of the one that creates them, no matter how your webapp is published.
I hope I’m clear enough, if not refer to the doc about installable triggers and this doc also.