Does this make sense?

[Jay Gischer]

So, I've been thinking about, using cloud storage and linking it to a CDN.  I would like to allow a couple other people to have access to this.

According to my recollection, access to these things is kinda clunky, and involves having "secrets", which by their nature are not super portable.

So i was thinking that this might be an excellent application of Sandstorm.  

* Make an app that doesn't have credentials built in, but is configured on startup by the grain owner who loads in the credentials.  These credentials are kept ever after on the server side.

* Make a ui that shows the assets in the bucket, and allows for read/write/delete

* Create Sandstorm permissions that correspond to read/write/delete 

* Invite other users with the set of permissions you want to give them.

.So, I'm worried that there's something about this scheme that could go terribly wrong.  Or, that there's a much easier way to do all this?

Thoughts?

-j

[Jacob Weisz]

I'm trying to understand what you are trying to do here. Are you trying to make some cloud assets available to your Sandstorm apps, or trying to use a Sandstorm app as your CDN provider?

--

  Jacob Weisz

  goo...@jacobweisz.com

--

You received this message because you are subscribed to the Google Groups "Sandstorm Development" group.

To unsubscribe from this group and stop receiving emails from it, send an email to sandstorm-de...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/sandstorm-dev/CAHCFCnNn98yEhsA9MZovX%2BhpCExO8VBJXgedV1ib8W424gd3eg%40mail.gmail.com.

[Jacob Weisz]

If you are trying to load in CDN assets from outside your app, have you looked at implementing https://github.com/zenhack/powerbox-http-proxy

Dan's Desert Atlas uses it to avoid having to ship the entirety of the globe in an app install, which might be the behavior you are looking for.

--

  Jacob Weisz

  goo...@jacobweisz.com

To view this discussion on the web visit https://groups.google.com/d/msgid/sandstorm-dev/c066e7d5-bd59-46c0-a396-4731c219a189%40app.fastmail.com.

[Jay Gischer]

Well, this particular proposal was aimed at the general problem of simplifying access to a bucket, allowing users with permission to access a specific grain - which is designed for this express purpose - to add assets to the bucket, and to review their names and urls.  I'm specifically thinking of image assets so it would be nice if the grain showed them a name and a thumbnail on request.

I'm about to read the link on the powerbox http proxy.  Maybe that's what I want?

-j

To view this discussion on the web visit https://groups.google.com/d/msgid/sandstorm-dev/c128d546-3e0c-4816-ad9f-e24a5e92c7b3%40app.fastmail.com.

[Jay Gischer]

Let me try to clarify what I want even more.  I am working with a couple of other people, who aren't really programmers.  I want them to be able to add image assets to the bucket without my intervention.  I would like them to be able to review assets in the bucket without my intervention.  I do not especially want to burden them with getting a Google account and learning all the hoops it seems one must jump through to be able to do this.   I am just now looking at signed URLs which maybe sorta kinda let me do that, but I'm not sure yet.

[Jacob Weisz]

Yeah, powerbox-http-proxy would make this relatively easy. After the initial process of granting the grain access to talk to a given domain, the app would be able to pretty arbitrarily make requests to it, and I believe that would be available to anyone else who the grain is shared with.

--

  Jacob Weisz

  goo...@jacobweisz.com

To view this discussion on the web visit https://groups.google.com/d/msgid/sandstorm-dev/CAHCFCnNZv_DifTPyNa%3DmN5LA17ttP5GHgPtEQ5xodSOaDgccbw%40mail.gmail.com.