Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce Secure Backup completion when requested by HS #5130

Merged
merged 10 commits into from Aug 24, 2020
Merged

Enforce Secure Backup completion when requested by HS #5130

merged 10 commits into from Aug 24, 2020

Conversation

jryans
Copy link
Collaborator

@jryans jryans commented Aug 19, 2020

This adds various measures to ensure users complete Secure Backup flows if required via .well-known by the HS. In particular, buttons to cancel are removed, and both the flow during registration as well as the logged in version (for anyone who may have missed it at registration) appear as blocking modals you must finish before proceeding.

(For clarify, there is no intention of this becoming the default, but it could be useful for certain use cases.)

Reviewer: Commit-by-commit is likely best.

During registration:

image

Inside the app if not completed at registration:

image

Fixes element-hq/element-web#14954
Depends on matrix-org/matrix-js-sdk#1444
Depends on element-hq/element-web#15003

@jryans
Check for .well-known E2EE settings under new key
b293ef0 
This adds an extra check for `.well-known` E2EE settings under the key
`im.vector.e2ee`. The older key `im.vector.riot.e2ee` is kept for historical
compatibility.

Part of element-hq/element-web#14954
@jryans
Move E2EE well-known access to utils
2b0865e
@jryans
Fix casing of Secure Backup to match designs
941cbc4
@jryans
Enforce Secure Backup completion when requested by HS
1932505 
This removes all buttons to escape the Secure Backup setup flow when the
matching `.well-known` setting is set by homeserver.

Part of element-hq/element-web#14954
@jryans
Hide Delete Backup button when Secure Backup required
fed7ebb 
If Secure Backup is required by the HS admin, then this hides the Delete Backup
button in Settings to ensure everyone keeps their backup per policy.

Part of element-hq/element-web#14954
@jryans
Avoid adding setup toast in the middle of setup
e8e691b 
This improves the experience of going through secret storage setup / reset flows
by avoiding intermittent toasts that appear and disappear in the middle of the
operation.
@jryans
Invoke Secure Backup flow inside the app when requested by HS
e56a61e 
If the Secure Backup required mode is set the client `.well-known` file, then
this will ensure that everyone already inside the app is required to complete
setup matching that policy.

Fixes element-hq/element-web#14954
This was referenced Aug 19, 2020
Merged
Merged
@jryans jryans requested review from a team August 19, 2020 15:40
nadonomy
nadonomy approved these changes Aug 19, 2020
View reviewed changes
Copy link
Member

@nadonomy nadonomy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@notramo
Copy link
Contributor

notramo commented Aug 21, 2020

@jryans Does it indicate somehow that it is forced by the server? (So users would know if they don't want to use it they don't have to ditch Matrix completely, just use another HS.)

@jryans
Copy link
Collaborator Author

jryans commented Aug 21, 2020

@jryans Does it indicate somehow that it is forced by the server? (So users would know if they don't want to use it they don't have to ditch Matrix completely, just use another HS.)

At the moment, it does not. My assumption is that this mode is most likely to be enable only in closed environments that do not federate.

@nadonomy Should we add some disclaimer that you are forced to setup Secure Backup by your administration in this mode? I assume it's unnecessary info for most users that they can't do anything about, esp. if I am right in thinking this is mostly for non-federating servers?

dbkr
dbkr approved these changes Aug 24, 2020
View reviewed changes
src/components/structures/MatrixChat.tsx Outdated Show resolved Hide resolved
@jryans jryans merged commit 8e0742b into develop Aug 24, 2020
@jonathanmmm jonathanmmm mentioned this pull request May 20, 2022
Open
@yasinishyn yasinishyn mentioned this pull request Nov 21, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dbkr dbkr dbkr approved these changes

@nadonomy nadonomy nadonomy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add HS admin-configured option to require secure backup
4 participants
@jryans @notramo @dbkr @nadonomy