I had a requirement of editing my AWS-S3 uploaded MS Office documents from the browser. So, we created our own WebDAV server on Apache using the httpd extension. Workflow is explained in the below diagram and description.
Now editing is working just fine. My UI Client hits Spring boot API on WebDAV Server. It will copy the abcd.docx -> S3 object to the WebDAV folder let's say var/www/html/webdav. Now the path to a file becomes var/www/html/webdav/abcd.docx. I send file path to UI clients like https://www.mywebdavserverxyz.com/webdav/abcd.txt. I open this document in the local Microsoft office application like :
<a href='ms-word:ofe|u|https://www.mywebdavserverxyz.com/webdav/abcd.txt'>Edit</a>
Now my question is if I want to enable collaborative editing then which options do I have and which one is best? currently, a single user is able to edit the file at a time, for others file is opening in read-only mode.
Co-authoring using WebDAV is not possible.
However, if you modify your WebDAV server to implement shared locks, when the second user goes to edit the document they will receive a message that the document is currently being edited and they can decide to continue editing, once the initial user UNLOCKs the document their changes will be merged into the second users changes (if any).
Related
here's my situation:
I have a paint like tool
I want users of the tool to be able to download their creation
I don't want the user to be able to read or open the file
The user needs to upload the same image file to another tool
My problem is i can't make the first tool and third one work in unisson so users definitely need to first click download to then click upload on the other third party tool.
Does this seem possible to any of you? To have a way to protect the downloadable file so that the only option is to upload it to the 2nd tool ?
I hope this was clear enough
Thanks for your help in these dark times, cheers :)
There is no "secure" way. Because we're talking about protection, we will not discuss semi-secure ways.
I see only these options:
Encrypt the file. The other service need the encryption key. It needs to be known before or service a tells it service b in the background (without the client)
Send the file directly from service a to service b.
Service b is pulling the data from service a. You transfer-url could be transmitted via the client, if service a is checking the source IP (so only service b is able to download the file from service a).
I am developing a cross platform desktop application that works with local files. I am now integrating with onedrive/sharepoint through the Microsoft Graph REST API to open files, modify and upload back. My application required single writer, so in order to protect against concurrent editors, we are utilizing the check out/check in functionality of Microsoft Graph REST API.
For users that have onedrive desktop sync. If they open a document through a local path i would like to identify this file as being onedrive sync'd so i can issue checkout/checkin through the Microsoft Graph REST API. You can see a similar behavior from the office application when opening sync'd file. Although they do not checkout/checkin they do auto save back and retrieve metadata from onedrive based on the HTTP traffic.
So my question is how do i get more details about the file so i can properly make the REST calls? The id/path and the drive id of the item are critical
For Windows, I see there have been new file attributes added in Windows 10 through the GetFileAttributes win32 method. Such as, FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS. I can't seem to find anything to retrieve drive item id or drive id
For Mac, what are my options on mac?
Background:
ETL on source data from Excel, Access, Sql Server '8, .txt files.
Data Cloud is created
Dashboard is in progress
I have searched online because I remember seeing a marketting demo video by QlikView that it's possible to share the dashboard among other users. Not just a snapshot image or pdf. The real dashboard as a working file.
If client pcs receive a link to connect to the same data cloud via web - that's easy.
But what I want to know, is it possible to package and "port" the entire working file with underlying data to another person? (I am not asking for zipping!)
Depending on if you've purchased a license for Qlikview, there are several ways to approach this... Best case scenario for you is if you and the client you want to send the .qvw to both have Named licenses, you can just send them the file and they'll be able to open it in their licensed Personal Edition. I'm imagining this is not the case since you mentioned they are clients and not colleagues within your organization.
You need to know that if the client or you do not own licenses, you will not be able to share a working version of your dashboard with them.
The common implementation would be purchasing Qlikview Server Software and then deploying a Qlikview server in the cloud that would handle incoming web requests and provide clients with an access point from which to access your dashboards (and underlying data). This solution requires you (or your company) to have purchased a set of licenses from Qlik as well as Server software.
You can review Qlik's license structure here. You may also want to review their End User License Agreement to make sure their model works for what you are trying to do.
Im looking for an out of the box solution to be able to add an upload form so that my users can upload large files from my website onto my own FTP server.
Has anyone found a good service to accomplish this? Again I want to be able to use my own server in my office and i also need a form attached to the uploaded file.
I run a graphics printing company and need to be able to receive large files that my designers send to me.
I want my user experience to be painless and not complicated as possible so i would prefer if they did not have to download any FTP clients like filezilla or transmit.
I just want them to fill out the form
upload their files
click send
then i receive it on my server
If there is any off the shelves solution for this that would be amazing.
Thank you!
I guess this is an "out of the box" web app. It allows you to brand the app to look like your own web site by modifying a couple of files. All the functionality is built in. It is called Simple2FTP and can be found at www.Simple2ftp.com
Maintaining a ftp server is not trivial. There are various dropbox-type services on the
web that are very easy to use.
I want to be able to synchronize several text files on a user's PC in real time from my web application. Basically I want a few data files on the local PC to mirror the state of a user's data in my web application so if the web application or the user's internet connection is lost he can use those data files to get some critical info (possibly using html/javascript code stored in with those files that would run in offline mode on those data files.)
I know that google gears has a lot of interesting tools for working with offline state, but I'd prefer an even simpler application in html/javascript that wouldn't be as reliant on google gears. I'd rather use google gears to just create those files and slowly keep them in synch with the web application's version of data throughout the day.
Update on answers:
PersistJS is a good suggestion I will look into, but I was hoping people would direct me towards really good Google Gears tutorials resources.
You can save data on the browser using PersistJS, which uses the best client-side persistent storage mechanism it can find, supporting:
Flash
Google Gears
HTML 5 storage specs
browser-specific extensions
cookies
When your app reconnects, you can resync. Creating and reading text files is something the browser will generally block your web site from doing.
Risking of stating the obvious; if you want to store user state locally, isn't cookies the standard way?
maybe more then one cookie will be needed, but that sounds like the simplest of ways.
You're going to need to make an ActiveX control and a FireFox plugin to get these permissions. Short of that I agree with orip try using PersistJS
You can ask the user to download a subversion client that is predefined to interface with your subversion server only. Then write your web application to interface with the subversion service from your side only.
There is a good deal of security harm associated with granting access to a user's file system so you will want to lock down all possible points of exploitation. You will want to ensure that the user cannot access the subversion server except through the client that you ask them to install. You will want to ensure the connection between the application server and the subversion server is extremely secure so that the transmission path cannot be compromised and that malicious logic that may be loaded onto the application server cannot access the subversion server. I would say to encrypt the transmission path between those two servers and put the subversion server behind the firewall separating your network DMZ. I would also suggest use a challenge/response mechanism between the application server and the subversion server to prevent malicious code from appearing to be legitimate decisions made on the application server. Also, ensure that data only flows form the application server to the subversion server in a unidirectional fashion only, because if there is malicious logic planted on your application server then any data that comes from the subversion server is compromised without even accessing that server.
you could use the File System Object FSO through javascript, however it is dependant on Microsoft as it is an ActiveX control, it would also require permissions in the browser, or perhaps a HTA (HTML Application).
http://www.webreference.com/js/column71/
Its a real security issue so most avenues are closed down inhrentley.
Inherently the web model was designed not to authorize upstream from server to client. Now things are changing slowly maybe could you do this with Websocket ?