Cosmo 0.6 Casual Collaborator Feature

Functional requirements

See WorkflowsZeroDotSix and CosmoMagicURLStoryboardsTake2.

Non-functional requirements

Bookmarkable URL

CC begins interacting with the app by clicking the collection's web URL in his email client which opens the app in CC's browser. The URL looks like this:

http://<host:port>/cosmo/pim/collection/<collection-UID>?ticket=<ticket-ID>

For 0.6, this URL implies the calendar view. When we add general item support, we can add a selector like /calendar or /dashboard after the collection UID to explicitly specify a view, if desired.

Note: I dislike "pim" as the path selector for the item UI and would like us to choose something else.

Ticket vs login

Currently when a user is logged in to the app, all RPC calls are executed in the login authentication context; that is, the server consults the logged-in user's privileges in order to determine access to server data. In 0.5, that means anything in the user's home collection is fully readable and writable, but nothing in any other user's home collection.

In the casual collaboration scenario, the RPC calls that read and write data from that collection (including subscribtion to the collection) must include a ticket to assert that the logged in user has the appropriate privileges. When executing these RPC calls, the server must execute operations as if CC has the ticket's access privileges for the target collection rather rather than CC's.

If CC is not logged in to the app, RPC calls are executed in an anonymous auth context. The ticket must be provided to the appropriate RPC calls in exactly the same manner as above.

Free-busy display

When CC provides a free-busy ticket for a collection, the app must show an error message stating that free-busy information is not yet viewable in Cosmo.

"Add to your account"

When CC indicates that he wants to "add a calendar", the app must make an RPC call that stores a subscription for CC and the target collection. CC must be logged in before this can take place. The stored subscription details include a name for the calendar that is displayed in the calendar selector (defaults to the display name of the target collection but can be modified by CC). The RPC call must also include the ticket used to access the collection (see "Ticket vs login" above), and the server must store the ticket so that CC can in the future use the calendar selector to view the subscribed calendar without having to re-enter the ticket.

Collection details

From this dialog CC can update the subscription name for the collection and find URLs for accessing the collection with Chandler, iCal and Atom and DAV clients.

When CC updates the subscription name, the app must make an RPC call that modifies the stored subscription. The ticket used to access the collection cannot change when this call is executed.

The URLs displayed for the collection look like:

• Chandler: http:///cosmo/pim/collection/<collection-UID>?ticket=<ticket-ID>
• iCal: webcal:///cosmo/webcal/collection/<collection-UID>?ticket=<ticket-ID>
• Atom: http:///cosmo/atom/collection/<collection-UID>?ticket=<ticket-ID>
• DAV: http:///cosmo/dav/collection/<collection-UID>?ticket=<ticket-ID>

References

• Storyboards: CosmoMagicURLStoryboards
• Design review notes: NotesDSUnifiedURL