Construct File Permissions To Cloud Storage

Post reply
0 favourites
  • 2 posts
From the Asset Store
Target 2.0 Slot HTML5 Construct 2 and Construct 3
$15 USD
Casino? money? who knows? but the target is the same!
bellborn's avatar
bellborn

  • construct.net/en/forum/construct-3/general-discussion-7/scirra-access-cloud-storage-129905

    hi.

    i found above thread because after sign up i tried to use my onedrive or google drive to help working on the same project using desktop and mobile. well, forum system didn’t allow me to reply there, but creating a new one, so here i go.

    when i tried to use onedrive, microsoft shown the app request asking to my confirmation, then i refused and started to search what community think about.

    opening onedrive api documentation, i realized there are many access options:

    docs.microsoft.com/en-us/onedrive/developer/rest-api/concepts/permissions_reference

    i would like to highlight some of them:

    - Files.ReadWrite: Have full access to user files

    - Files.ReadWrite.All: Have full access to all files user can access

    - Files.ReadWrite.AppFolder: Have full access to the application's folder (preview)

    - Files.Read.Selected: Read files that the user selects

    it seems, accordingly to onedrive and google drive screen construct is asking the top option: read and write, full access.

    well, i wonder why not setting api permission request to “application’s folder” or “user selected” files, other than all drive…

    what guarantees construct web app (including server side) doesn’t allow background access to my files to anyone other than me and my local project?

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads

  • The reason we request the broader permission is it better interoperates with the cloud storage for browsing and sharing files. The research we originally did was a couple of years ago now and I'm not sure if things have changed, but the app-folder restricted permission meant it only accessed an invisible folder unique to the app - so you couldn't even find your files by browsing the files on the web (e.g. on the Google Drive website). I think it would also make it more difficult or perhaps impossible to support other sharing features, such as the ability to browse folders shared with you, and load project files from those (which is particularly important for some customers like in education).

    I can assure you Construct only accesses the files you specifically choose, and solely for the purposes of opening and saving the projects you tell it to. We've also been through the security reviews that Google and Microsoft require for using these permissions.

    The one exception to this is Dropbox, which does support an app folder that you can also access on the web. So for Dropbox we do only request permission to access a special app-specific folder, and it can't see any files outside of that. So if you want to choose a cloud service that requires least permission, you could go with that.

Post reply
  • 2 posts
Return to board index
Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)