View users with their key fingerprint who should be granted permissions

cryptomator / hub

Cryptomator Hub helps you manage vaults in large teams

GNU Affero General Public License v3.0

41 stars 9 forks source link

View users with their key fingerprint who should be granted permissions #235

Closed SailReal closed 10 months ago

SailReal commented 11 months ago

overheadhunter commented 11 months ago

I'm totally fine with this PR. But we should add some way for vault owners to verify these fingerprints with the users if they choose to.

See #190 and #191

As discussed, a user should be able to check their fingerprint. I believe the user profile would make most sense?

I guess this can be part of this PR.

SailReal commented 11 months ago

User Profile

The first block matches the value displayed in the Grant Permission dialogue

~It would be nice to be able to see the full fingerprint in the Grant Permission dialogue when hovering over it, but this does not look like it would be easy to implement.~

SailReal commented 11 months ago

With the power of @JaniruTEC we now show the full fingerprint on hover:

JaniruTEC commented 10 months ago

Since I am now officially part of this PR (😁), I have some minor ideas/suggestions:

Add a small fingerprint icon (maybe from Font Awesome?) next to the fingerprints in the "Grant Permission" dialog
Divide the full fingerprint shown on hover into groups similar to how it's done on the user profile page
Find some place to spell out the words "User Fingerprint"

SailReal commented 10 months ago

This is just a very basic way to verify user fingerprint and will completely replaced by https://github.com/cryptomator/hub/issues/191 in the next minor version so I would invest the time to enhance it into the replacing implementation.

Add a small fingerprint icon (maybe from Font Awesome?) next to the fingerprints in the "Grant Permission" dialog

I decided against it because there is not much place in this dialog especially because usernames often contains more characters like test1 if we have e.g. julian.raufelder@foo.bar.baz there isn't that much space left in this dialog.

Divide the full fingerprint shown on hover into groups similar to how it's done on the user profile page

This would require another variable that I wanted to avoid :sweat_smile:

Find some place to spell out the words "User Fingerprint"

Where would you expect those words in this dialog?

JaniruTEC commented 10 months ago

Where would you expect those words in this dialog?

I'd expect them probably on hover, either over the aforementioned icon or over the short fingerprint. Something like:

4242424242 with the hover:

baz' user fingerprint: 42424242424242424242424242424242424242

IMO many users will have no idea what those cryptic numbers mean -- unless they make the connection to their own user fingerprint, which is something I wouldn't count on.

infeo commented 10 months ago

Because of #190 and #191 we will rework this anyway. For now it is important, that the user is able to view and check the fingerprints in a way.

IMO many users will have no idea what those cryptic numbers mean -- unless they make the connection to their own user fingerprint, which is something I wouldn't count on.

We should mention it in the docs at least.