summaryrefslogtreecommitdiff
path: root/doc/design/assistant/webapp.mdwn
blob: eabf8e7f3f05002bbcbd521f3e716a73bd4b0967 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
The webapp is a web server that displays a shiny interface.

## bugs

* At least in chromium, clicking on the transfer pause or cancel button
  sometimes fails. Seen in javascript console:
  500 error code from web server.
  This is quite likely because of how the div containing transfers is refereshed.
  If instead javascript was used to update the progress bar etc for transfers
  with json data, the buttons would work better.

## interface

* list of files uploading and downloading **done**
* button to open file browser on repo (`xdg-open $DIR`) **done**
* progress bars for each file (see [[progressbars]]) **done**
* drag and drop to reorder
* cancel, pause, and resume **done**
* keep it usable w/o javascript **done**
* keep it accessible to blind, etc

## other features

* there could be a UI to export a file, which would make it be served up
  over http by the web app
* Display any relevant warning messages. One is the `inotify max_user_watches`
  exceeded message.
* possibly add a desktop file to the top of the repository that can be used
  to open the webapp (rather than using the menus). Would be complicated
  some by the path to git-annex sometimes needing to be hardcoded and varying
  across systems, so it would need to be a symlink to `.git/annex/desktop`
  which would be per-system.
* add menu item on OSX?

## first start **done**

* make git repo **done**
* generate a nice description like "joey@hostname Desktop/annex" **done**
* record repository that was made, and use it next time run **done**
* write a pid file, to prevent more than one first-start process running
  at once **done**

## security **acceptable/done**

* Listen only to localhost. **done**
* Instruct the user's web browser to open an url that contains a secret
  token. This guards against other users on the same system. **done**
  (I would like to avoid passwords or other authentication methods,
  it's your local system.)
* Don't pass the url with secret token directly to the web browser,
  as that exposes it to `ps`. Instead, write a html file only the user can read,
  that redirects to the webapp. **done**
* Alternative for Linux at least would be to write a small program using
  GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding
  needing authentication.