Embedding a Sandstorm magic sharing action in a Rocket.Chat, followed by linking to the grain, results in confused users

[paulproteus]

Steps to reproduce:

• Use the Rocket.Chat powerbox + picker to embed a grain into a chat window.
• Say something about the grain.
• Give a link to the grain.

Expected behavior:

• All the people in the chat can, when they click the normal-style link, view the grain it refers to.

Actual behavior:

• People click on the link then ask me why they can't access it.

Other notes:

• IMHO we should use the information we have about who the Rocket.Chat grain is shared with, and flow that into the grain embed. This means actively updating "ACLs", which may be anathema to the ocap perspective, but I think would be a huge improvement.

Curious for other people's opinions.

[kentonv]

We would need the app to tell Sandstorm who is expected to get access to the embedded grain. We can't just assume the app is going to reshare the grain with everyone. For example, if I share a grain with you in a private message, it should only go to you.

Rather than introduce a new API for this, maybe what would make more sense would be for rocket.chat to detect a pasted grain link that refers to a capability that was shared previously, and automatically treat it as sharing that capability again.

Or better yet (but will take longer to implement), maybe this is all solved by the inline powerbox.

[paulproteus]

Is there a way to know that a grain link refers to a capability that was shared previously? How would we handle the fact that different capabilities can express different levels of access?

Just trying to understand what this option would mean, from a technical perspective:

Rather than introduce a new API for this, maybe what would make more sense would be for rocket.chat to detect a pasted grain link that refers to a capability that was shared previously, and automatically treat it as sharing that capability again.

[kentonv]

Is there a way to know that a grain link refers to a capability that was shared previously?

Not really, at present. Maybe in theory we could add a way to query the grain ID, or something.

How would we handle the fact that different capabilities can express different levels of access?

Probably Rocket.Chat would choose arbitrarily among previous capability-based shares of the grain.

(Honestly I don't really think this is a great idea but it's the best I could think of that seemed less hard than implementing the full inline powerbox.)

[paulproteus]

Sounds like there are three ideas on the table.

• Idea 1. Rocket.Chat gets a way to tell Sandstorm to redeem a capability for a user. (I think this is my proposal, which amounts to "update the ACLs on receipt.")
• Idea 2. Rocket.Chat does some smarts to "arbitrarily among previous capability-based shares of the grain" which requires API changes to query the grain ID from a capability. (Your proposal, I believe.)
• Idea 3. Inline powerbox means that all text input goes through Sandstorm. Time estimate, currently unknown.

I think that you stated some downsides of Idea 2. Are there downsides to Idea 1, other than the fact that it requires a new API, which ideas 2 and 3 do as well?

[ocdtrekkie]

Is Idea 1 to automatically add everyone in a Rocket.Chat room to a grain's ACLs if the grain is linked in that room? That could work okay for rooms of four or five people like your internal team comms, but could be a terrifying mess when posted in a public room.

[paulproteus]

Yes-ish, @ocdtrekkie - to clarify, it's that when the special https://sandstorm.io/news/2016-10-13-sharing-documents-rocketchat + button is used, everyone in the chat room gets their ACLs updated to include the grain.

[ocdtrekkie]

Would that then also put it on their all grains list? I could see issues with people doing that in a public room, it would be annoying.

Even if not, sharing a grain in a room of 100 people when talking to maybe three or four people in that room would be kinda messy on the permissions side of things if you ever needed to clean it up later. Consider how many times grains are shared on Sandstorm's open IRC that are only viewed by one or two people.

I feel like the proper solution would be to handle this differently when sharing to rooms of <10 people than rooms of >10 or something, though invisible magic rule changes confuse people, and we are trying to reduce confused users in this issue. ;)

[kentonv]

Idea 1. Rocket.Chat gets a way to tell Sandstorm to redeem a capability for a user. (I think this is my proposal, which amounts to "update the ACLs on receipt.")

I guess you mean that when you click the + button and perform the sharing action, you want Rocket.Chat to tell Sandstorm to immediately add the grain to the global grain list for every user in the room. Hence, plain-text links to that grain will thereafter work in any context.

I'm not fundamentally against that though I wonder if it's a weird experience for big, public chats. It's weird for things to drop into my grain list because they were mentioned in some chat room that I visited months ago and am technically still a member of. This is also potentially inefficient for big rooms in that Rocket.Chat will need to make a lot of API calls every time something is shared.

I also think that this will be a fair amount of work to implement and the cost/benefit ratio is much higher than many other things we could be working on right now.