☒ It should work with cloud storage because we're never working with the file directly on the local storage path, but always going through Active Storage.
It's kind of a double-edge sword where we gain security and a "better user experience". The better user experience being a reduced amount of bots and spam within the site. I do explicitly mention that using a honey pot would be my first preferred method. That in combination with confirmation emails, you can get fairly far with security. However, there are bots smart enough to not fill out hidden elements as well as verify confirmation emails. There are alternatives if you don't want to give Google your data, there is hcaptcha as an alternative.
☒ have you seen their docs on this? https://fullcalendar.io/docs/google-calendar It looks to be fairly applicable to what you're asking and also has fairly minor changes from what this episode covers.
I would probably start with their event docs. I would probably also use a stimulus controller to wrap select2 and do the logic within there. Sounds like a good follow up episode. https://select2.org/programmatic-control/events
