Questions to explore:
can a user logged in to multiple accounts work seamlessly?which auth library do we use from now on?Seems to be a new API for authdoesn't have immediate/non immediate -- how do we deal with that?
gapi.auth.signin claims to support multiple accounts and a selector
switch between accountsalmost: multiple users have to be logged in!show currently selected account
can we detect when the wrong user is logged in if a file is created/opened via drive?state seems to contain the user id
can we handle API load errors gracefully?eg timeout and show a sensible message
- can we enable people to self-service major support topics?
can we log in the correct user when file is opened from drive?can we detect third-party extensions blocking access to drive and offer some more meaningful error messages?disconnectseems to block google scripts, caught correctly by 'Sadly, Google Script loading failed'
ABP- didn't block anything
- can we show a total capacity warning when close to 10 MB?
- model.bytesUsed shows how much it's taking
- can we compress somehow?
- can we show a warning on network latency
- document.saveDelay is the timer to watch?
- can we show a warning when read-only?
- https://developers.google.com/google-apps/realtime/collaborators - read-only mode
can we store images on drive to avoid message size problems and remove capacity problems?maybe use thumbmnails from the hangouts spike?how does this work with exporters? can we grab them locally via CORS?ajax CORS seems to work for picasa thumbs, so we can pull them locally if we need to export
can we forward people to a 'request access' page when they don't have access?
- can we seamlessly migrate from physical map files to shortcuts for auto-saving?
- what happens with drive-stored resources?
- images
attachments
- make sure exporting to local disk works by downloading images; make sure pdf/image exporters get resources
- what happens when importing existing files? how do we upload to drive/picasa - seems CORS broken for background uploads?
- option 1: upload from the server, picasa API will work (may require additional scopes)
- option 2: test if initial model setup allows > 500KB, perhaps just keep the resources there if < 10MB
- what happens with drive-stored resources?
- can we replicate typical Docs API workflow?
loading/creating files from the Drive UI - to avoid access privilege issuescreate in the right folder
- enable moving to a folder from within the app
keep the folder/s when savinginherit sharing properties when created in a folder- sharing from within the app
- can we detect remote file renames?
- watching/push is only server side
- we can poll eg 10 sec for meta-data changes and detect file renames
- we could also use a realtime field to detect meta-updates
can we use a single page instead of redirects from /gd, and use pushState to replace history when a file is created etc?rename file from the app (don't force the name to be the same as central node)ensure name is preserved when saving
- can we work in a meaningful way with completely public/read maps
- ideally not ask clients to even log in
- can we offer more meaningful drive integration
attachments are files on drive?images are photos from google drive photos?keep required auth to a minimum- transparently validate gold accounts from logged in e-mail and hd (especially hd)
upload thumbnail periodically/allow it to generate a preview
- can we offer admins more control over what is used if app is installed in a domain
- disable/enable gold services globally
- log on to gold for the entire domain
- make it easier to integrate
- make it easier for users to discover: universal navigation extension
- make it easier to subscribe: use integrated billing
- what is the absolute minimum scope for drive api authorisation that we need to use for GAM?
- can we progressively build up with messages for individual usage patterns if not GAM?
- eg not ask for photo access unless users try to embed photos
- can we progressively build up with messages for individual usage patterns if not GAM?
- can we automate some kind of integration tests to protect against API changes?
- there is a new drive-share API. What does it do?
- client.js superseeded by platform.js - seems to do the same things, re loading APIs. What is the key difference?
- almost 80K more, compared to bare client
apparently auth was superseeded by auth2- not good enough for our use, intended for apps that have a mandatory button to sign people in. it does not support immediate/non-immediate access and does not allow us to set a login_hint. completely broken on safari if we try to do it without clicking on a button. However, it seems that the underlying implementation is done using auth, so auth now has some interesting arguments we can use
- login_hint: ID of the user we prefer to authorise, in case of multiple logged in. will force people to spin in the dialog until the right one is chosen
- authuser: -1 forces the user choice (switch user effectively) in case of multiple users logged in
- if several accounts are logged in at the moment, this shows a dialog to select. If a single is logged on, no dialog is shown even after log-out
- a comment on SO suggests logout does not work from localhost
- when drive.file access is requested by the app, then the OAUTH2 dialog still shows a permissions page asking for offline access??? if the drive.file is not asked by the app, then a much more sensible error message shows - can we work on this only?
- how to we refresh tokens using auth2?
- Mime type should be application/vnd.google-apps.drive-sdk, no content uploaded
- User ID and folder ID given by Drive. But what should we do if the user does not match the selected one? Can we offer people a sensible error message
- Drive.realtime setServerAddress suggests it's possible to switch between production, sandbox etc environments. See lines 214-228 of realtime-utils on github
- keep a minimal skeleton troubleshooter for API access testing?
- window.gapi.drive.realtime.debug() launches a drive realtime debugger
- Drive realtime release notes page has details on API updates
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent