Chris OBrien - Weaving Enterprise Solutions into Office Products
Download as PPTX, PDF•2 likes•21,673 views
The document discusses permissions models for accessing documents in Office Add-ins including Read, Write, and ReadWrite permissions. It also discusses using client-side code and cross-domain libraries to authenticate to SharePoint when server-side authentication is difficult from an add-in. Several examples are provided of add-ins with different surfaces like a Word task pane and SharePoint app.
Chris OBrien - Weaving Enterprise Solutions into Office Products
- 8. Permissions model Restricted -> Read -> Write -> ReadWrite
- 10. Access the full document (in slices up to 4MB) Collection of locations in document (e.g. user or app defined) Navigate to a place in the document (binding) Persist some state (get/set)
- 11. May need CORS, JSONP or server-side proxy
- 14. related MSDN - How to: Create an app for SharePoint that contains a document template and task pane app
- 15. Document is then used as template in SharePoint
- 16. Server-side authentication back to SharePoint is difficult (no SharePoint context passed) Workaround – use client-side code (cross domain library) One instance of app files each
- 17. (task pane app + SharePoint app)
- 18. Demo shows app with 2 surfaces – Word task pane + SharePoint • Task pane app finds documents with similar content to current doc (public web service + SP search) • SP provider-hosted app used to configure user’s OneDrive site (adds list/ctype etc. using OfficeDev PnP “core” libraries) • Allows user to “save reference” from task pane to their OneDrive • SP search enhancements implemented for this content (result source, display templates etc.)
- 19. Showing different tabs within the task pane app: • Keywords/phrases found in the current document – top 3 are used to power the search for similar documents • “Sentiment” of current document
- 20. Showing references saved from task pane app into the user’s OneDrive site
- 21. Showing saved references shown in search results (given special rendering with gray background)
- 22. Search Display templates User profiles OneDrive for Business sites Lists SharePoint
- 23. External not (and more to come!)
- 28. ReadWriteMailbox • R/W access to item • Limited EWS access ReadWriteItem • R/W access to item ReadItem • Read access to item Restricted • Limited access to item props
- 29. * Due to limitations of iOS, AAD auth won’t work, so Exchange Identity Token is necessary. Android works.
- 30. APP Outlook App backend validates token App Backend Exchange 3 1 2 EIT1 AAD refresh token 1 EIT2 AAD refresh token 2 EIT3 AAD refresh token 3 … … 4 App requests token Token passed back for validation Looks up identity mapping Identity Mapping
- 31. App + Service host Bug Database App + Service host • Uses Windows Integrated auth • Uses service account to call into bug database
- 35. Task pane app x x x Content app x x x Mail app x x App for SharePoint x x
- 36. Azure Websites
- 37. (using Azure for app hosting)
- 38.
- 40. • Document is not running in app web • • • •
- 43. BUT, no app parts! Consider JS injection instead..
- 45. • • -> Consider Office 365/Azure AD external app if target is Office 365
- 46. PowerPoint • Corporate presentation builder Excel • Import data from LOB system for analysis Word • Proposal/contract builder • Yammer integration Mail • Bug tracker • Frequent snippets • Meeting location details
- 47. Developer Patterns & Practices aka.ms/OfficeDevPnP