<simonv3>
follow up to my own thing: huh, I can select the “editor” role from the dropdown, but it looks like it doesn’t grant that permission on share.
<dwrensha>
simonv3: that's a bug in the UI
<simonv3>
dwrensha: cool, thanks for the confirmation on that
* dwrensha
tries to find an issue on github for it
<simonv3>
There was also a minor visual error for if the user you want to share with (Dev user Bob in my case) doesn’t have a verified e-mail, the share link that pops up doesn’t break onto a newline (ie. it overflows). It’s still selectable.
<asheesh>
I think you've probably discovered a bug.
<asheesh>
Probably a regression in Sandstorm's SMTP API.
<asheesh>
Let me file a bug and see if Kenton agrees.
<simonv3>
Aw yeah, I’m on a roll
<simonv3>
Though I guess the other two may not have been “discoveries"
<asheesh>
simonv3: BTW app review feedback: Clicking "Share Survey Using Sandstorm" doesn't seem to do anything for me at the moment.
<Aurelius_Home>
asheesh : I'll be around to discuss if there's anything I can do for y'all later, but as a quick note wekan has sizing issues where the left size is partially overlapped by the sandstorm sidebar
frigginglorious has quit [Quit: frigginglorious]
dwrensha has joined #sandstorm
tannercollin has joined #sandstorm
<simonv3>
asheesh: oh so the submitting actually works?
<simonv3>
Wasn't clear from the return.
<simonv3>
(I'm assuming you saw the app through the submit process)
<asheesh>
Yup, submit works; notifying me doesn't
<asheesh>
notifying me + others
<simonv3>
what’s the url for seeing pending apps again?
<asheesh>
Easiest to use this in an incognito browser tab; then you can try a "demo" of experimental apps using Oasis.
<simonv3>
Cool, thanks. I think that link doesn’t work because it is a copy-paste booboo
<asheesh>
BTW +1 to you stealing features from SandForms.
<simonv3>
Oh, I am?
<asheesh>
(Context: we made that postMessage API for startSharing() when Jack Singleton asked for it at Sandstorm Meetup in SF for SandForms)
<simonv3>
Not conscientiously!
<simonv3>
Oh
<asheesh>
It was pretty fun. I think Jack was idly asking for something and then zarvox sat down next to Jack and spec'd out the API.
<simonv3>
Yeah that’s awesome. That postMessage thing is great. It’d be great if we could also send some more details to it - I saw that that was in the works as well
<asheesh>
Now you're making me think about how Sandstorm Development Group Decision-Making Hours are a scarce resource and we should allocate them in ways that app authors find most useful.
<asheesh>
I vaguely like what the Rust team does, which is have 1 hour public meetings weekly, iirc.
<asheesh>
dwrensha: Do you think that works well?
<eternaleye>
asheesh: Note that there are changes in the pipeline around how the Rust decision process works, towards further openness, which the community is very positive about - lemme dig up links
<asheesh>
i,i well we could use even the degree of openness that Rust used to have
<asheesh>
I say that 50% seriously, 50% just to say it.
<DanC>
"vSecure by default, with AppArmor, user namespaces, SECCOMP" <- that looks like an hour or two to decode. I know AppArmor is just another layer on the kludge-tower; no help w.r.t. capability-based security
asmyers has quit [Ping timeout: 265 seconds]
amyers has joined #sandstorm
amyers has quit [Remote host closed the connection]
amyers has joined #sandstorm
<eternaleye>
Hey, is there any way for a grain to spawn a new grain of a specific app?
<eternaleye>
As an example, imagine I had a wiki, and wanted the "edit" button on each page to spawn an EtherPad for that page's markup
<DanC>
yes, I'm sure there's a way, eternaleye. I'm struggling to work out the details in my head just now...
<DanC>
are you building a wiki? or adapting one?
<eternaleye>
That was just an example, actually - the real project isn't a wiki, though the use case _is_ spawning an editor (for a custom file format)
<eternaleye>
And probably closer to "building" than "adapting", as the actual program is not designed as a web app (yet)
<Lord>
eternaleye: i've dreamt of the wikipad several times
<eternaleye>
Currently, I'm looking into doing a strawman test phase of running it under Xvfb, shared using FreeRDP, and viewed using FreeRDP-WebConnect
<eternaleye>
And then gradually porting it to be natively web-based
funwhilelost has quit [Read error: Connection reset by peer]
<eternaleye>
Sure, but from what I saw, that connects to existing grains, rather than creating new ones
<DanC>
I was expecting examples aligned with earlier blog articles and such; e.g. an image picker
<DanC>
"example app in Python which (among other things) knows how to request an IpNetwork." would seem to be creating new ones
<eternaleye>
Well, IpNetwork would (I think) be requesting access to a privileged driver
<eternaleye>
And the sole example of the powerbox I've seen (collections) lists existing grains
<DanC>
I'm missing your point
<eternaleye>
The example app (in Python) doesn't spawn a grain when you interact with it; it requests access to a privileged capability (IpNetwork)
<eternaleye>
What I want is to have two apps, A1 and A2. I have grain G1, instantiated from A1. In the course of interacting with G1, I want it to be able to trigger instantiation of A2 as G2.
<eternaleye>
All flows I've seen so far amount to the user creating both G1 and G2 from the sandstorm interface by hand, and then allowing them to communicate.
<eternaleye>
(Or granting G1 access to a privileged capability, like IpNetwork)
<DanC>
the result of requesting access would seem to be a new capability. perhaps it's not a new grain; I wonder if that matters...
<DanC>
I'm struggling to grok the python source
<eternaleye>
Well, it can be both: A capability to a newly-spawned grain. That's what I actually want.
<eternaleye>
I just don't know of any way to express that, as opposed to requesting a capability to a pre-existing grain.
<eternaleye>
Rather than a grain that implements an editor responding
<eternaleye>
Because that would violate one-document-per-grain
<eternaleye>
It seems very pull-based, and grain-centered
<DanC>
"A collection makes a powerbox request for a UiView capability. (code link)" could be analagous to "A wiki makes a powerbox request for an editorFor page1"
<eternaleye>
Whereas what I need is push-like, and app-centered
<DanC>
in what way would an editor violoate one-document-per-grain?
<eternaleye>
Yeah, my question is that I need to know whether that "could be" actually works.
Telesight has joined #sandstorm
<DanC>
you really just want 1 bit of info? suppose I give it to you: yes.
<eternaleye>
DanC: An editor grain is one document. If an existing grain answers a query for "an editor" and then gets handed data to edit, it either has two documents or wipes out its existing contents
<eternaleye>
Either way, the user also has to manually spawn such an editor grain
<eternaleye>
Which is exactly the cumbersome workflow I want to avoid.
<DanC>
it's not at all clear to me why the user has to manually spawn an editor grain; the collection example suggests othewise
funwhilelost has quit [Quit: Sleepy...]
<eternaleye>
Collection only selects among existing grains
<eternaleye>
I create a new collection (manually), click add, and it offers me a list of existing grains - no option for "spawn new Paperwork" or whatever.
<eternaleye>
If I want to add a Paperwork to a collection, I must first cause it to exist
<DanC>
have a little imagination? of course you can't use the exact code from the collections app
<eternaleye>
I think you're missing my point
funwhilelost has joined #sandstorm
<eternaleye>
If powerbox queries are responded to by grains (rather than apps, which are basically GrainFactory), then there is no way to express the behavior I want
<eternaleye>
And I don't know whether that is the case
<DanC>
ok. i see.
<DanC>
hard to tell where powerbox requests go; I suppose they go to the powerbox...
<DanC>
UiView ... is that in a list somewhere?
<DanC>
newOfferSession looks possibly relevant... perhaps that's a way for a grain to register a factory
<DanC>
"example a
<DanC>
# document editor app accepting a document offer may want to then open the editor for long-term
<DanC>
# use."
<DanC>
there. it looks like your use case was explicitly considered. I still don't see all the pieces...
<DanC>
emphasis: "choose from among all their **apps**"
amyers has quit [Ping timeout: 244 seconds]
funwhilelost has quit [Quit: Sleepy...]
amyers has joined #sandstorm
larjona has quit [Remote host closed the connection]
funwhilelost has joined #sandstorm
tantalum1 has joined #sandstorm
funwhilelost has quit [Read error: Connection reset by peer]
larjona has joined #sandstorm
amyers has quit [Ping timeout: 250 seconds]
<zarvox>
eternaleye: DanC: you are correct that we currently do not provide a way to create new grains in response to powerbox requests or offers, but that we hope to some day provide such a capability
<DanC>
Oh. I presumed you did provide it.
<DanC>
well hurry up already!
<DanC>
;-)
<zarvox>
So, one piece of the challenge is that we still don't have fully generic interface-matching implemented, nor the UI bits for making a grain able to respond intelligently to newRequestSession()
funwhilelost has joined #sandstorm
<zarvox>
You might want to pick a thing that quacks like a file to attach to an email from a file sync grain, so the email app would request a FileObject (some new interface). To enable a useful UI, grains would need to be able to mark themselves as capable of "responding to" that interface. So then you get a list of grains which are candidates for responding to this request, but you still need to somehow tell
<zarvox>
the responding grain which object it should be offering to complete the request.
<zarvox>
So that's where newRequestSession comes in - you need some way for the app to display appropriate UI for you to pick a thing to offer().
funwhilelost has quit [Quit: Later dudes]
Telesight has quit [Quit: Leaving.]
isd has joined #sandstorm
<isd>
Hey all. Trying to get an ipNetwork capability, and I've got it popping up the powerbox request dialog that says "please input an api token:", but clicking the import token button gives me a 500, with this exception in sandstorm's system log: http://pastie.org/10937573
<isd>
I'm also getting a warning at the top of the admin panel about being unable to create websockets, which doesn't seem to have caused a problem *so far*
<isd>
This is just using vagrant-spk, with a pretty much stock setup.
<isd>
I'm not really sure how to start debugging this.
<zarvox>
isd: the websocket thing should be safely ignorable, though it is certainly surprising
<zarvox>
I'm getting a cloudflare 522 for you pastie.org link
<isd>
zarvox: yeah, that was my impression; it'll be an issue sooner or later, since I'm planning on using that, but not yet.
<isd>
zarvox: yeah, I got that once or twice. Try refreshing a few times? I think their server is being flaky. if not I can paste it elsewhere.
<zarvox>
As for asking for IpNetwork capabilities: you're doing the window.parent.postMessage() approach?
<isd>
Ah, yeah, I bet it's freaking out about that being missing.
<isd>
thanks, I'll try that.
<isd>
Yeah, that seems to have done the trick. Thanks again.
<zarvox>
Excellent!
frigginglorious has quit [Quit: frigginglorious]
wolcen has quit [Ping timeout: 265 seconds]
<isd>
The websocket thing might just be because I'm using the sandstorm api directly, and my openWebsocket method just noops. but I get this on the admin panel, so that would suggest it's not the app.
<isd>
So, does anyone know I'm doing an XMLHttpRequest, and it's handing back a status code of 0 (readyState says the request is done). Has anyone seen that kind of thing before? I'm not terribly fluent in javascript/clientside web stuff
<isd>
So, figured out it at least partially had to do with how I was doing stuff on the server side; I've implemented the get and post methods for websession, but not put. so that request wasn't getting through to my server at all.
<isd>
But sandstorm shouldn't be handing back an HTTP statusof zero; that doesn't make any sense
<zarvox>
Hmmm yeah, probably not.
<isd>
Any way that could be happening, short of a bug in sandstorm?
<zarvox>
Probably a bug in Sandstorm.
<isd>
back in a few.
<zarvox>
The raw api is probably not super well-exercised in terms of "what happens if I don't give Sandstorm a well-formed reply", because sandstorm-http-bridge always does
<zarvox>
So I wouldn't be hugely surprised if there's some oddities there where if you return from the RPC and haven't initialized statusCode it winds up being 0
<zarvox>
or something like that
<isd>
yeah, not super surprised.
<isd>
that's probably exactly what's happening
<isd>
it's just not initializing anything except for get and post.
<isd>
I may file a bug just so this is written down somewhere.
<zarvox>
That would be great, thanks!
<isd>
zarvox: #2416
<isd>
You're welcome
wolcen has joined #sandstorm
<isd>
So, once I've handed the powerbox token off to the server-side of the grain, how do I actually turn it into a capability? Do I just pass it to SandstormApi.restore? Do I have to decode it first (looks like it might be base64 or something)?