-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add a new API to allow user to upload an existing certificate #669
Conversation
/** | ||
* Set public key | ||
* | ||
* @NoAdminRequired |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The requirements are really that a user should be able to set its own public key? And not that an admin should be able to set a user's public key?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that should be done by users as there may be situations where the user's certificate is issued by a different component from the Nextcloud server app and the user should be able to upload their certificate to enable end-to-end encrypted share feature
I would guess that we want logged-in users to be able to do it as if they were uploading just a certificate signing request (this workflow works without administrator doing something)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would guess that we want logged-in users to be able to do it as if they were uploading just a certificate signing request (this workflow works without administrator doing something)
Please make sure of it. If this is true, then it looks ok :).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry if that is unclear
yes, normal users need to be able to upload their certificate to enable sharing
now that you ask for, I think we should ensure the user certificate is valid before storing it
bc27db8
to
3305eca
Compare
3305eca
to
b9a70c8
Compare
is needed to be able to setup sharing when an user has an existing certificate that may have been created outside of Nextcloud end-to-end encryption app that would for example apply when an external certificate authority is in use to deliver user certificates for end-to-end encryption Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
b9a70c8
to
27cfa29
Compare
is needed to be able to setup sharing when an user has an existing certificate that may have been created outside of Nextcloud end-to-end encryption app
that would for example apply when an external certificate authority is in use to deliver user certificates for end-to-end encryption