New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enforce Secure Backup completion when requested by HS #5130
Conversation
This adds an extra check for `.well-known` E2EE settings under the key `im.vector.e2ee`. The older key `im.vector.riot.e2ee` is kept for historical compatibility. Part of element-hq/element-web#14954
This removes all buttons to escape the Secure Backup setup flow when the matching `.well-known` setting is set by homeserver. Part of element-hq/element-web#14954
If Secure Backup is required by the HS admin, then this hides the Delete Backup button in Settings to ensure everyone keeps their backup per policy. Part of element-hq/element-web#14954
This improves the experience of going through secret storage setup / reset flows by avoiding intermittent toasts that appear and disappear in the middle of the operation.
If the Secure Backup required mode is set the client `.well-known` file, then this will ensure that everyone already inside the app is required to complete setup matching that policy. Fixes element-hq/element-web#14954
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
@jryans Does it indicate somehow that it is forced by the server? (So users would know if they don't want to use it they don't have to ditch Matrix completely, just use another HS.) |
At the moment, it does not. My assumption is that this mode is most likely to be enable only in closed environments that do not federate. @nadonomy Should we add some disclaimer that you are forced to setup Secure Backup by your administration in this mode? I assume it's unnecessary info for most users that they can't do anything about, esp. if I am right in thinking this is mostly for non-federating servers? |
This adds various measures to ensure users complete Secure Backup flows if required via
.well-known
by the HS. In particular, buttons to cancel are removed, and both the flow during registration as well as the logged in version (for anyone who may have missed it at registration) appear as blocking modals you must finish before proceeding.(For clarify, there is no intention of this becoming the default, but it could be useful for certain use cases.)
Reviewer: Commit-by-commit is likely best.
During registration:
Inside the app if not completed at registration:
Fixes element-hq/element-web#14954
Depends on matrix-org/matrix-js-sdk#1444
Depends on element-hq/element-web#15003