Google Drive + Sheets
Paste the deployed Google Apps Script Web App URL here. It is stored in this browser and used by the board page for Save to Google, Load from Google, Cloud Sync, templates, and turn-ins.
Teacher and Integration Management
Use this page for Google setup, classroom room links, and deployment notes. Students should work from the board page and should not need to see provider URLs or setup instructions.
MySQL Backend
Use this option for a self-hosted SQL-backed deployment. The browser stores only the public API endpoint. Database host, username, and password stay on the backend server in an environment file.
Google Apps Script and MySQL are separate provider choices. You do not have to remove Google to prepare a MySQL backend.
Storage Mode
Choose how this browser-backed deployment should preserve work. Google is best for cross-device classroom rooms. Browser-only timed sessions are useful for simple shared devices or temporary workshops.
MySQL and standalone folder options are forward-compatible settings for future backend endpoints. They are not used by static hosting until that API exists.
Classroom Links
Create room-specific links after the teacher has configured the backend. Student links open in student mode and hide teacher/admin controls.
Room passwords are still entered on the board page. Do not place shared passwords in links.
Setup Checklist
- Create a Google Sheet named DrawSplatTM Saves.
- Open Extensions -> Apps Script.
- Paste the code from apps-script/Code.gs.
- Run setup() once and approve permissions.
- Deploy as a Web App, running as the teacher/admin account.
- Paste the Web App URL in this admin page.
Standalone Direction
The static admin page is an interim separation. The standalone target is a real admin dashboard with SSO, server-side permissions, realtime rooms, and provider integrations hidden from students.
Compliance Console
Phased rollout of safety, parent-access, age-lock, and district-readiness features. Each subsection is filled in as the corresponding day in COMPLIANCE-ROADMAP.md is completed.
Safety Review (text filter, link control, board freeze)
Text keyword filter and link allowlist are enforced server-side on every Save to Google and Cloud Sync. Hits are recorded as TEXT_FILTER_HIT in Activity Records. Freeze a board to block all future writes until you unfreeze it.
Filter configuration
Board / room freeze
Family Access Tools (request center, verification, deletion)
Parents submit requests at /parents/. Verified requests appear here. Click Issue Parent Code on a student in Age Lock below to give a parent a one-time verification code (valid 14 days).
Parent controls configuration
Request queue
Student Age Band Lock
Each student record carries one of: under_13, 13_to_17, 18_plus, unknown_minor. The band is server-locked; only the admin can override, with reason + audit trail. Rows auto-populate when students submit turn-ins; you can also add students manually below.
Roster CSV columns (header row required): studentName (required), className, email, ageBand (under_13 / 13_to_17 / 18_plus / unknown_minor), ageSource, notes. Existing students (same name + class) are updated; new ones are created. Idempotent.
Use Limits (time-of-day, daily, session)
Enforcement code (browser timer + Apps Script save/load gate) ships in Days 2.8 – 2.9. The configuration switches below are read by both the client and the server, so you can pre-stage values now.
Privacy Settings (storage, AI, third-party services)
Read-only declarations the District Privacy Packet reports to district reviewers. Edit values in compliance.config.json at the repo root or in the JSON Editor below; they are stored in COMPLIANCE_CONFIG on the Apps Script side.
Retention Policy & Cleanup
Boards older than the archive threshold are moved to an Archive folder. Boards older than the delete threshold are trashed and the row removed. Activity Records older than the keep window are pruned. A daily Apps Script trigger runs the cleanup at 02:00 server time; you can also run it on demand.
Activity Records (audit log)
Filter by action, actor, and date range. Download as CSV or JSON for reviewer evidence.
Connect a Web App URL above to load Activity Records.
District Privacy Packet
One-click ZIP with Terms & Privacy, District Addendum, the current compliance config, the last 90 days of Activity Records, and the Compliance Roadmap.