An owner selects a range to share. Within that shared range, the owner can explicitly choose which cells are editable and which are read-only, and can also set the input type of the editable cells for validation.
The assignee does not access the raw spreadsheet directly. Instead, they interact through a controlled web UI. Every write is validated server-side against the defined editable cell set, and only permitted cells are updated via the Google Sheets API.
All writes execute under the owner’s authorization context using the official Google's OAuth integration and Google Sheets API.
No spreadsheet content is stored, analyzed, or interpreted.
The spreadsheet remains the single source of truth. Grantvera acts as a constrained access layer on top of it.
Interested in feedback.