Plans for portals that integrate widgets inside the app window?

Sébastien Wilmet swilmet at gnome.org
Wed Jun 22 14:54:24 UTC 2016


On Wed, Jun 22, 2016 at 03:14:37PM +0200, Alexander Larsson wrote:
> On ons, 2016-06-22 at 12:36 +0200, Sébastien Wilmet wrote:
> > Hi again,
> > 
> > From what I know, the first portals that will be implemented (e.g.
> > the
> > file chooser portal) will open another window, that runs in another
> > process outside the sandbox.
> > 
> > But are there plans to have portals that integrate widgets *inside*
> > the
> > app window?
> > 
> > The example that I have in mind is an integrated file browser in a
> > side
> > panel of a text editor or IDE. Are there plans to implement such
> > feature
> > securily? so that the app can access the filename and content of only
> > the files that the user has chosen to open.
> > 
> > It would probably need a compositor to integrate the drawing of the
> > app
> > and the drawing of the integrated widget(s). With a D-Bus API like
> > for
> > the "external" file chooser portal.
> > 
> > I know an implementation for that is not going to happen anytime
> > soon,
> > one thing at a time, but I'm curious to know the overall plans.
> 
> At some point i spent time making recursive wayland compositors for
> embedding widgets working:
> 
>   https://github.com/alexlarsson/wakefield
> 
> That said, i'm not sure this is useful in the larger scope of portals.
> There is just so much complexity in a generalized plugin scheme like
> that. Themes? Keyboard shortcuts? Size negotiation? Toolkit behaviour?

An integrated file browser is however very useful. An IDE has other
features that require access to the filesystem, at least the directory
of a project. So we'll not be able to secure those apps completely.

Maybe the portals will fit only some of the most common apps. When an
application wants to do something a bit differently, have a different
UX, to go off the beaten track, this won't be possible.

The --filesystem parameter of flatpak-build-finish already supports
middle grounds between total access to the user's home (including
private keys), and having the file chooser portal for sole access point.
So for an IDE, the access could be restricted to a certain directory
containing the programming projects. But it's less convenient for the
user: the user is restricted with how to organize directories, or needs
to go through a desktop UI to configure a list of directories. So,
security can get in the way for the user, and also for the developer.

--
Sébastien



More information about the xdg-app mailing list