Generate a short URL with entity key usig Google App Engine - google-app-engine

I am using Google App Engine with Google's JDO implementation to save an entity for which I wish to provide an URL that a user can navigate to to view information about that entity. The problem I have is that the key generating strategy IdGeneratorStrategy.IDENTITY produces very long keys while the INCREMENT and SEQUENCE strategies are not implemented. I was planning to use the key as part of the URL to link to the entity, however since the only option I have to create a system generated key would result in an unwieldy URL I'm looking for suggestions how how to create a manageable URL to link directly to an entity in my datastore.
Is there any other option other than to create and maintain my own id generator?

Don't use the whole key - just the ID field. You can construct a key from the model name and the ID.

Related

Should I only send keys as websafe strings over HTTP in Google Cloud Datastore?

What is the best way to handle Datastore keys? Should they only be transferred in websafe format or can I use their Key Name? Websafe format is 2-3 times more the amount of characters i.e increasing the ingress/egress costs of Google App Engine. Is it the best and safest approach?
To identify an entity (assuming no ancestors) you just need the entity kind and the entity id/name. Often the context of your app makes it clear what the entity kind is so all you need to know to get the entity is the id/name.
So yes, you can pass only an id/name between backend and frontend, and I do it all the time.
If the name used to create the Key object is by itself websafe (for example if the key is created using a long or a UUID) then there is no need to use the websafe version. If however it is created using an unsafe name string e.g Key.create(Custom.class, "John Doe") then using key.getName() over http will cause problems and .toWebsafeString() is here for that exact purpose.

Is it safe to publish keys from App Engine's NDB?

I have a RESTfull service to store and retrieve JSON. Payloads are stored in NDB, so in order to access an entity the user has to provide the key. Is it safe and secure to return ndb.Model.key().urlsafe() upon entity creation or should I develop my own unique ID?
As usual, this depends. If you're returning this key to the user, they can find the entity name and identifier of that object. If you're also accepting these keys from the user in a future request, they could construct one to point to any object in your datastore, so you must do any required permission/type checking before loading an object for a key they pass to you.
There's also the issue that if you later decide you want to change, say, how you store those models, you are a bit stuck by the fact that you've exposed an implementation detail by sending down the NDB key to the user. Generating your own unique ID might be better if you're worried about your users holding on to those identifiers for a long time.

Google AppEngine Datastore Dashboard: Create Entity with "legacy"-style ID?

I understand that the Google AppEngine Data Store changed their default policy on how ID's are auto-generated.
We have application code that expects all ID's to be less than the maximum value for an Integer. In trying to create sample data using the dashboard ("Datastore Viewer"), there is a way to create Entities manually. However when I do this, there appears to be no place to manually set the ID, and the auto-generated ID is larger than the maximum Integer value.
Setting <auto-id-policy>legacy</auto-id-policy> in appengine-web.xml and re-deploying did not seem to help.
I understand when you create Entities programmatically, you can specify your own ID number. Is there any way to do this from the Dashboard, or at least use "legacy" auto-id generation?
No, the Datastore Viewer only allows auto-generated IDs. :(

Should I encrypt my App Engine entity keys when I export data?

I am currently exporting data from App Engine (to csv files) so that a few graduate students can analyze and build models based on the data. The data that I am exporting consists of non-confidential properties and the entity keys for a few models that DO contain confidential data (email addresses, names, etc.). My goal is to produce a dataset that can be shared and analyzed publicly without exposing any private data in the other entities that I’m sharing the keys for.
I started off planning to encrpyt all the entity keys to annonymize the data, but then I realized that the unencrypted keys might not be of any value to anyone as long as my app never exposes any data based on entity keys. My app only exposes personally indentifyable data based on the id for each entity.
Is there any reason to be concerned about sharing App Engine keys for entities? Is there anything that anonymous users can do with entity keys if there aren’t any urls that return any information based on the keys?
The entitiy keys contain the name of your app, the name of the entity (and any parents) and the numeric id of your entity.
If your app does not expose the data of the referenced entity you are okay.
Here`s the link in the google docs:
http://code.google.com/intl/de-DE/appengine/docs/python/datastore/entities.html
And more concrete docs on db.Key(): http://code.google.com/intl/de-DE/appengine/docs/python/datastore/keyclass.html
"Note: A string-encoded key can be converted back to the raw key data. This makes it easy to guess other keys when one is known. While string-encoded key values are safe to include in URLs, an application should only do so if key guessability is not an issue."

Which one is better to use when fetching from the datastore: key or id?

My mind is still impregnated with SQL thoughts... i'm used to retrieve from the database using the id as the main key, but in App Engine i'm unsure whether i should favor one over the other.
What is recommended?
If you are talking about the App Engine generated id, it is effectively the same as using the key. A key is just an encoded version of the kind, namespace, and id or name.
Model.get_by_id simply converts the id to a key before fetching the entity.

Resources