Task #350
closedConfidential storage agenda
100%
Description
Implement confidential storage agenda, functionality
- create new dto IdmConfidentialStorageValueDto - ownerId, ownerType, key, value (see IdmFormValueDto for inspirtion)
- create new service for providing confidential values or enrich ConfidentialStorage - implement ReadDtoService methods above IdmConfidentialValue dto. Confidential storage will not be persisted in our database in production usage, make sure you not use IdmConfidentialStorageValue entity above service.
- rest api for search / read values from confidetial storage (key / value) - guarded values will be readable in FE
- create new group permission for reading confidential storage value (the same as other - CONFIDENTIALSTORAGEVALUE)
- [optional] implement export / import functionality - "naive" implementation by sending plain/text with properties (see IdmConfigurationController.saveProperties).
Updated by Vít Švanda about 7 years ago
- Target version deleted (
Diamond (7.4.0))
Updated by Ondřej Kopr about 7 years ago
- Assignee changed from Ondřej Kopr to Patrik Stloukal
Updated by Patrik Stloukal about 7 years ago
- Status changed from New to In Progress
created dto, service and filter of Confidential storage agenda (backend)
Updated by Patrik Stloukal about 7 years ago
frontend: content/confidentiaStorageValue + manager + service
Updated by Patrik Stloukal about 7 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Patrik Stloukal to Ondřej Kopr
- % Done changed from 0 to 90
please look on funkcionality of confidential storage agenda, if its ok or if needs some changes..
Updated by Ondřej Kopr about 7 years ago
Please you maybe you forgot add your branch and commit links :( please push your branch to GitHub
dont forget add next time this informations
Updated by Ondřej Kopr about 7 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Ondřej Kopr to Patrik Stloukal
- % Done changed from 90 to 70
I did feedback:
- in IdmConfidentialStorageValueDto missing READ_ONLY on key and serializableValue,
- in IdmConfidentialStorageValueDto second constructor with id parameter is unless, or do you use this constructor somewhere? If not remove it,
- format your classes for example IdmConfidentialStorageValueService,
- never used imports in ConfidentialStorageValueDetail and ConfidentialStorageValueTable remove it,
- this isn't really necessary but it is will be nice if you add java doc for private methods in test,
- author missing on new frontend components,
- from ConfidentialStorageValue agenda you never save or create values - check new in query is unless, remove this behavior,
- in ConfidentialStorageValueTable in method showDetail you check if ID is undefined, but you never create entities by this agenda, remove this behavior,
- you copy some code from script, but your code including also comments with some script refenrece (example: "script is generate"), update or remove this comments,
- rowClass disabled is unless for ConfidentialStorageValue hasn't attribute called disabled,
- confidential storage permission isn't translated in permissions,
- add your new permission for read confidential storage also for navigation.menu.system,
- change your filter on confidential storage agenda like Notifications history agenda (3 columns),
- it will be nice if you add some extra information to detail, for example when was this value created, who created this value,
- icon on detail is different than in menu icon,
- on detail you also use entity.name confidential storage value has not any attribute called name, there is possible use only edit.header without <small>,
- czech and english localization for header and title isn't nice 'Detail obsahu' and 'Detail of storage' try something better,
- on detail you use showLoading but you only set this value to false and then you never use it, remove this attribute,
- it will be nice if you move content of cell on ConfidentialStorageValueTable for column ownerId to separate method, after you done this is possible remove eslint disable,
- remove submit input on detail + above comment about split button.
your commit: https://github.com/bcvsolutions/CzechIdMng/commit/5e89d8d7ec18072634ce8562ee357eff771a9809
I already merged develop into your branch, after you will be done with feedback give this task back to me, thanks.
Updated by Patrik Stloukal about 7 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Patrik Stloukal to Ondřej Kopr
- % Done changed from 70 to 90
i apply changes from feedback, please look on it if it needs some changes
commit: https://github.com/bcvsolutions/CzechIdMng/commit/7eca628303284fc8fc77e65beb740ca7b5e288a2
Updated by Ondřej Kopr about 7 years ago
- Assignee changed from Ondřej Kopr to Radek Tomiška
- Target version set to Forsterite (7.6.0)
I did feedback, i found unresolved problems (i already fix all these issues):
- in IdmConfidentialStorageValueDto key isn't still readOnly,
- missing autor a javadoc in IdmConfidentialStorageValueService,
- ConfidentialStorageValueContent has still method called _getIsNew()!,
- some format corrections,
- why you remove ConfidentialStorageValueManager: PropTypes.object.isRequired from ConfidentialStorageValueTable? I made this change back,
- in ConfidentialStorageValueContent you have still left {entity.name} :(,
- thanks for add some new attribute into detail, but originalCreator isn't really good a made some changes.
i merged this branch into develop.
my commit: https://github.com/bcvsolutions/CzechIdMng/commit/d05a5a76f494b5588cef2a74f42fa576b72d585a
Please Radek could you make a last review? Thank you.
Updated by Radek Tomiška about 7 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Radek Tomiška to Patrik Stloukal
Its nice and it works, i made only few impovements:
- filter by key oand owner type search as equals operator - when like is needed, then text can be used
- layout refactoring (showLoading etc.)
- removed authorizaton policies support - confidential values can be stored in external application (predicates wil be unavailable)
Add pls documentation, then this ticket can be closed, thx for this new ageda.
Updated by Patrik Stloukal about 7 years ago
Updated by Patrik Stloukal about 7 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Patrik Stloukal to Radek Tomiška
documentation moved to :
https://wiki.czechidm.com/devel/documentation/confidential_storage
I tried to admins explain what is Confidential storage and how to use Confidential storage agenda... it is read only, so there aren't options, so i do not know what else to write...
please check how it is
Updated by Ondřej Kopr about 7 years ago
- Assignee changed from Radek Tomiška to Patrik Stloukal
- % Done changed from 90 to 70
I have some news about confidential storage for you Patrik :) (next info tomorrow)
Updated by Patrik Stloukal about 7 years ago
- Assignee changed from Patrik Stloukal to Ondřej Kopr
- % Done changed from 70 to 90
I updated confidential storage documentation, so please look and give me feedback
https://wiki.czechidm.com/devel/documentation/confidential_storage
Updated by Ondřej Kopr about 7 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Ondřej Kopr to Patrik Stloukal
Thanks for add info for each attribute in agenda. I don't understand few your sentences like: "It shows true value, but identity still has to have permission. | Value is owned by entity (SysSystem), but someone had to create that entity and type in password."
Information "saving the identity password" isn't correct, identity password is saved in IdmPassword entity, you probably mean values from EAV forms.
Next misleading information 'By default only admin has Confidential storage permission' it is not entirely true, i must have only one permission CONFIDENTIAL_STROAGE_READ for read confidential values, not app admin.
Please fix these disinformation
Updated by Patrik Stloukal about 7 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Patrik Stloukal to Ondřej Kopr
ok.. with that two sentences, which you did not understand, i just wanted to more explain things, so ok just simple
and rest i edited
please look again
Updated by Ondřej Kopr about 7 years ago
- Status changed from Needs feedback to Resolved
- Assignee changed from Ondřej Kopr to Patrik Stloukal
- % Done changed from 90 to 100
Thanks for changes, it's clearer than before, thank you.
Updated by Patrik Stloukal about 7 years ago
- Status changed from Resolved to Closed