How to install and use the module
Module has now a project page on Drupal.org and for another week I will host the code on Gitlab.com before moving it to Drupal.org. I have also created an issue ticket which will be the final submission link.
1. Get the module by running following commands while in the root of your Drupal installation:
git clone -b master email@example.com:marnczarnecki/encrypt_content_client.git
2. Install required libraries:
- Follow these instructions for building the library - remember about using the --with-ecc option and save the output file as /sites/all/libraries/sjcl.js
- Download library file from here and save it as /sites/all/libraries/FileSaver.js
3. Grant the following permissions:
- encrypt content client - allows users to generate ECC keys, encrypt and decrypt content
- encrypt content client settings - allows admins to change module’s setting including encryption policies
4. Grant the following REST resource permissions using REST UI (not enabling them should gracefully limit functionality of the module for selected users):
- Access DELETE on Client encrypted containers resource
- Access DELETE on Client encrypted fields resource
- Access DELETE on ECC keys resource
- Access GET on Client encrypted containers resource
- Access GET on Client encrypted fields resource
- Access GET on ECC keys resource
- Access POST on Client encrypted containers resource
- Access POST on Client encrypted fields resource
- Access POST on ECC keys resource
Post-install steps and settings
- Navigate to /client_encryption/policies and set which nodes and fields to encrypt.
- Generate keys as the admin user, open /user/ecc.
- Add a custom block - so the users can update their private keys which are stored locally.
Redesigned keys management page
When working on use cases and first use manual I came across few idea on how to rework the keys generation page as this is a rather important part of my module.
Some changes worth mentioning
Better routing: /user/ecc, added a link at the tools list block.
Users can not update their public keys in the database and private keys in localStorage using one form.
More basic error checking and feedback, now it’s easier to use for less tech-savvy users.
Users can now manually test if the keys they provided are valid (simple encryption-decryption check).
Other various fixes
During my tests I have also found several usability and functional issues with my module. Here is a list what was fixed in this week:
More checks for the right permissions - based on experiences from writing tests.
Delete encryption container and encrypted fields when a node is deleted.
Following up my issue from last week: I found a way how to make POST and DELETE request so now I can test my rest resources fully.
Moved ECC keys generation button from a separate page to the user profile.
User manual and documentation
Regarding the comment that Slurpee made, I have created an user manual which describes use cases along with easy to follow screenshots. This manual can be seen on the module’s project page. That would be the README and the module’s main page instructions on how to install and use my module.
I have also reworked the technical documentation of my module which is accessible here. This document should be used by people who want to contribute to the module. After I am done with the draft, I will export it as PDF and include in my module in the docs folder.
Plans for week 12
Provide more functional tests.
Share code with community and apply any feedback received.