GSoC Week 11: encrypt_content_client - UX improvements and code quality

How to install and use the module

Module has now a project page on and for another week I will host the code on before moving it to I have also created an issue ticket which will be the final submission link.

1. Get the module by running following commands while in the root of your Drupal installation:

cd modules

git clone -b master

2. Install required libraries:

  • Follow these instructions for building the library - remember about using the --with-ecc option and save the output file as /sites/all/libraries/sjcl.js
  • Download library file from here and save it as /sites/all/libraries/FileSaver.js

3. Grant the following permissions:

  • encrypt content client - allows users to generate ECC keys, encrypt and decrypt content
  • encrypt content client settings - allows admins to change module’s setting including encryption policies

4. Grant the following REST resource permissions using REST UI (not enabling them should gracefully limit functionality of the module for selected users):

  • Access DELETE on Client encrypted containers resource
  • Access DELETE on Client encrypted fields resource
  • Access DELETE on ECC keys resource
  • Access GET on Client encrypted containers resource
  • Access GET on Client encrypted fields resource
  • Access GET on ECC keys resource
  • Access POST on Client encrypted containers resource
  • Access POST on Client encrypted fields resource
  • Access POST on ECC keys resource

Post-install steps and settings

  • Navigate to /client_encryption/policies and set which nodes and fields to encrypt.
  • Generate keys as the admin user, open /user/ecc.
  • Add a custom block - so the users can update their private keys which are stored locally.

Redesigned keys management page

When working on use cases and first use manual I came across few idea on how to rework the keys generation page as this is a rather important part of my module.

Improved keys generation page


Successfully generated keys screen


Some changes worth mentioning

  • Better routing: /user/ecc, added a link at the tools list block.   

  • Users can not update their public keys in the database and private keys in localStorage using one form.

  • More basic error checking and feedback, now it’s easier to use for less tech-savvy users.

  • Users can now manually test if the keys they provided are valid (simple encryption-decryption check).

Keys generation page errors

Other various fixes

During my tests I have also found several usability and functional issues with my module. Here is a list what was fixed in this week:

  • More checks for the right permissions - based on experiences from writing tests.

  • Delete encryption container and encrypted fields when a node is deleted.

  • Give feedback when executing JavaScript code (status messages).

  • More robust way of creating nodes through REST - I am passing all of node’s fields from PHP to JavaScript and then applying a filter that leaves fields that are visible on the page.

  • Following up my issue from last week: I found a way how to make POST and DELETE request so now I can test my rest resources fully.

  • After node creation, JavaScript redirects user to the right location.

  • A lot of JavaScript code cleanup and error checking.

  • Moved ECC keys generation button from a separate page to the user profile.

User manual and documentation

Regarding the comment that Slurpee made, I have created an user manual which describes use cases along with easy to follow screenshots. This manual can be seen on the module’s project page. That would be the README and the module’s main page instructions on how to install and use my module.

I have also reworked the technical documentation of my module which is accessible here. This document should be used by people who want to contribute to the module. After I am done with the draft, I will export it as PDF and include in my module in the docs folder.

Plans for week 12

  • Provide more functional tests.

  • Share code with community and apply any feedback received.