Handle encryption state in web interface #6670
Conversation
|
@nextcloud/javascript could need some help from our Java Script experts to hide the complete "..." menu for end-to-end encrypted folders. |
Codecov Report
@@ Coverage Diff @@
## master #6670 +/- ##
============================================
+ Coverage 50.84% 50.85% +<.01%
Complexity 24547 24547
============================================
Files 1585 1585
Lines 93801 93812 +11
Branches 1354 1357 +3
============================================
+ Hits 47697 47709 +12
+ Misses 46104 46103 -1
|
schiessle
added
3. to review
schiessle
force-pushed
the
handle-encryption-state-in-web-interface
branch
from
3f5e1aa
to
81b9363
Compare
There was a problem hiding this comment.
If you could add unit tests for not rendering the actions menu trigger on encrypted folders, rendering encrypted folder icon for encrypted folders and ensuring that the is-encrypted property is parsed as expected in a FileInfo that would be great :-)
Besides my usual nitpicking the code looks good ;-)
apps/files/js/fileactions.js
Outdated
| @@ -370,6 +370,9 @@ | |||
| _renderMenuTrigger: function($tr, context) { | |||
| // remove previous | |||
| $tr.find('.action-menu').remove(); | |||
| var isE2EEncrypted = $tr.data('e2eencrypted'); | |||
|
|
|||
| if (isE2EEncrypted) return; | |||
There was a problem hiding this comment.
I think that the most common style in our JavaScript code is
if (isE2EEncrypted) {
return;
}
| @@ -304,6 +309,13 @@ | |||
| data.hasPreview = true; | |||
| } | |||
|
|
|||
| var isEncryptedProp = props['{' + Client.NS_NEXTCLOUD + '}is-encrypted']; | |||
| if (!_.isUndefined(isEncryptedProp)) { | |||
| data.isEncrypted = isEncryptedProp === '1'; | |||
There was a problem hiding this comment.
Just to be sure, the server is guaranteed to always return '1', never 1, true or 'true', right?
There was a problem hiding this comment.
yes, that's what's stored in the file cache table
core/js/mimetypelist.js
Outdated
| @@ -108,6 +108,7 @@ OC.MimeTypeList={ | |||
| "folder-public", | |||
| "folder-shared", | |||
| "folder-starred", | |||
| "folder-encrypted", | |||
There was a problem hiding this comment.
Please amend to keep the alphabetical order :-)
schiessle
force-pushed
the
handle-encryption-state-in-web-interface
branch
from
81b9363
to
f7fa1cd
Compare
|
@danxuliu thanks for the review... I fixed the small stuff. May I ask you to have a look at the test? This would be awesome because I'm really bad with JS tests... Thanks a lot! |
Code looks good otherwise |
No problem :-) I will need some clarification on the expected behaviour, though. What actions should be available on encrypted folders? And why are those actions available and not others? I have also realized that just not rendering the three dots button is not a proper solution. Right now an encrypted folder can be favourited by clicking on the star icon on the left. However, once the checkbox is placed where the favourite icon is now, the favourite action would be shown inside the three-dots menu, so the three-dots icon should be shown even for encrypted folders, although only with a single action. So, in the same way that file actions are currently filtered based on permissions and mime types, an option could be to filter all actions on encrypted folders except those marked as allowed-on-encrypted (or something like that). I could implement that if needed... although probably not in the next days, sorry :-S
If you should not enter an encrypted folder I would expect the server to prevent that. Otherwise, even if fixed in the web UI, you could simply replicate the current web UI behaviour "manually" and get access to the folder. Maybe the server does not prevent it because there is no proper encryption in place and it would not allow that on a real case (assuming that you just used the trick of setting In any case, what should be the expected behaviour? Not allowing to click on the folder? Showing a warning/error saying that it is encrypted and that it can not be accessed? Showing a dialog that ask for a decryption key to be able to enter?
If the filtering I described above is implemented I think that the alignment should be fixed in a different pull request, as it could be seen as a general case of "When there are no actions to be shown in the file actions menu the file actions trigger should not be shown, and the in-line actions should be kept aligned" (although that would not happen anyway once the pull request to change the placement of the checkbox is merged, so... I would say that this has low priority). |
danxuliu
added
2. developing
|
@icewind1991 did you enabled the end2end encryption app on the server? If it is enabled access to the folder should be blocked The share icon shouldn't be there at all, at least it isn't for me, again the e2e app needs to be enabled |
|
@danxuliu thanks a lot for the js tests! All operations on the encrypted folders should be removed. At the moment just the option to "star" the folder is still there which is fine. As said to @icewind1991, in order to block access to the folder you need to have the "end to end encryption" app enabled. This contain a sabre dav plugin which blocks all the operations. |
schiessle
force-pushed
the
handle-encryption-state-in-web-interface
branch
from
d55a7a7
to
efa876b
Compare
|
I have realized that there is no need to add another field to file actions to specify whether they are allowed on encrypted folders or not to filter the file actions by that field as I initially thought. When installed in the server, the E2E encryption app blocks all the permissions in responses to PROPFIND requests, and file actions are currently filtered based on the permissions they need and the permissions that the user has on the file. For example, the download action needs read permissions, while the move action needs update permissions. Therefore, as encrypted files have no permissions (in the web UI) everything should simply work. But it does not :-P The reason is that the JavaScript files client sets the read permission on all files, no matter the permissions returned by the server. Thus all the actions that need read permissions are enabled for encrypted files even it they should not. Besides that, currently every action require a permission, even if they should not. For example the favorite action requires the read permission, but there is no need to be able to read the file to mark or unmark it as a favourite. That is probably due to the read permission being always on and the fact that some code that works with file permissions currently does not work as expected if the actions requires no permissions (as it would filter out the action even if it should not). Finally, when selecting several files on the file list the delete action is hidden if any of the files can not be deleted. However, the Move or copy and the Download actions are always shown even if some of the selected files do not support that action. With all of the above my proposed solution would be to fix the handling of permissions in the file list and then handle encrypted files just like any other file, as the available actions will be automatically adjusted based on the permissions of encrypted files. Does this sound sane? |
|
@danxuliu yes, the webdav plugin sets already the permission to '0' if you can make the javascript to keep this, this would probably work. |
danxuliu
force-pushed
the
handle-encryption-state-in-web-interface
branch
from
efa876b
to
57c85eb
Compare
|
I have rewritten the commit history to squash the unit tests to their related commits, extract the fixing of whitespace errors to its own commit, remove the commit that hid the three dots menu (as the Favorite and Details action could be performed on encrypted folders), and add some missing details (setting the folder icon too on This pull request now requires #7046 and #7047 to be merged first; this pull request should be rebased on master once that happens, as there are some minor conflicts. Also note that there is still a bug in this code: when the Share tab is shown the file row loses part of its metadata, and if the Share tab is loaded again (if it is simply opened there is no problem) then the encrypted folder will appear as a regular folder. For reference, the problem happens when updating the file info model due to the |
|
@danxuliu all dependencies are now merged, can you rebase this PR and take care of the merge conflicts? Thanks! |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
danxuliu
force-pushed
the
handle-encryption-state-in-web-interface
branch
from
57c85eb
to
7bc28f1
Compare
danxuliu
added
3. to review
Done ;-) I have also fixed the bug mentioned in my last comment; it was caused by When rebasing onto current master I dropped the commit that fixed the whitespace errors (they are now fixed in master) and split the commit to show the E2E folder icon in two, one to add the This pull request is now ready to be reviewed! :-) |
|
@danxuliu great. I will try it out! 😃 |
|
tested it and it works really great! Thanks @danxuliu @nickvergessen @icewind1991 @rullzer can you please review it? Thanks! |
The easiest way to review is by setting "encrypted" in the filecache table to "1" for a folder and check if all the file actions are gone.