Search code examples
google-apigoogle-classroom

Google Classroom push notification registration Permission Denied for Students Only

I'm trying to create a registration for push-notifications with Python googleapiclient for Google Classroom. My code is working for classes where the user is a teacher but is not working for when the user is a student in a given class. I've tried on gsuite and non gsuite accounts.

The error is googleapiclient.errors.HttpError: <HttpError 403 when requesting https://classroom.googleapis.com/v1/registrations?alt=json returned "The caller does not have permission">

The relevant code is


def register(self, courseId):
    body = constants.registration_body(courseId)
    o = self.service.registrations().create(body=body).execute()
    return o["registrationId"], o["expiryTime"]

where self.service is build("classroom", "v1", credentials=get_creds(uid, db)).

and constants.registration_body returns

 {      
        "feed": {
            "feedType": "COURSE_WORK_CHANGES",  
            "courseWorkChangesInfo": {  
                "courseId": courseId, 
            },
        },
        "cloudPubsubTopic": {
            "topicName": secret.pubSubTopicName,  
        },
    }

I have also enabled all relevant API Scopes to remove that from troubleshooting:

scopes = [
    "https://www.googleapis.com/auth/classroom.push-notifications",
    "https://www.googleapis.com/auth/classroom.coursework.students.readonly", 
    "https://www.googleapis.com/auth/classroom.coursework.me.readonly", 
    "https://www.googleapis.com/auth/classroom.announcements.readonly",
    "https://www.googleapis.com/auth/classroom.courses.readonly",
    "https://www.googleapis.com/auth/classroom.courseworkmaterials.readonly",
    "https://www.googleapis.com/auth/classroom.topics.readonly",
    "openid",
]

I'm not sure if it is a code error since it works when users are teachers. Is this a limitation of the Google Classroom API?

Full code: https://github.com/karmanyaahm/google_classroom_discord_feed

Solution

  • This is intended behaviour:

    Your code is fine, and this is working as intended. Push notifications are a tool to manage courses, not to be used by students, so it makes sense that only teachers and administrators can create registrations.

    While not very explicit, the fact that a user needs to be a teacher in order to manage notifications is implied by the following statement, to be found in the official docs:

    Your Cloud Pub/Sub topic only receives notifications about resources that you can view with the credentials you supply when creating a registration. For example, if the user revokes permission from your application or is removed as a teacher, notifications are longer delivered.

    Reference: