NOTE: ScriptDB is now deprecated. Please take a look at Database abstraction with google apps script for alternatives.
One of the great strengths of scriptDB is also one of its weaknesses. It is easy to share amongst projects, but it's hard to detect who is using it since Session.getActiveUser() only works within domains, and not at all on consumer accounts. This means that you cant easily automatically restrict who gets to do what, and if your project key becomes known for a library that needs to be public for reference purposes, then it means that someone could both write and read to it. This can be mediated a bit by delegating scriptdb access to a proxy script, but you still need to identify who can do what.
Here's how I restrict access. For illustration I've cut these down to a bare minimum. You would use these as the basis for a fancier App.
This library is accessed by the other two scripts to get access to its shared scriptDB. It will only give it if
The type of access can be further refined by using keywords to define the type of access required. Note that in both case no keys or email addresses are actually stored in scriptDB - just a hash of them. This ensures a further level of security and privacy. In this way, even if someone has access to the privateFace project key, firstly it's protected by Google Apps sharing security, and secondly its scriptDb will only be returned to authorized users.
This is a web app that accesses the privateFace library and returns some data from its scriptdb it if either
These are some utilities you'll need to set up something like this. Let's take a look at some key points
The objective here is for our web app - publicFace - to allow access (or not) to allowed accounts or secret key. The URL is here https://script.google.com/macros/s/AKfycbzgGEhDSl3Z5TLVM2H2lsujIFG8qXT6R_E1YufiJvy2oRrFpvg/exec
Here are some scenarios and test results
Services > Desktop Liberation - the definitive resource for Google Apps Script and Microsoft Office automation > Things that have been deprecated > Google Apps ScriptDB >