reva icon indicating copy to clipboard operation
reva copied to clipboard
verified publisher icon cs3org

RFE: enable OCM shares with unknown users on top of trusted ScienceMesh users

Open gmgigi96 opened this issue 2 years ago • 2 comments

In the context of sciencemesh, ocm should discard the shares received from unknown users (i.e. the ones that didn't accept the invitation workflow)

Original: https://github.com/pondersource/sciencemesh-php/issues/158

gmgigi96 avatar Feb 06 '23 10:02 gmgigi96

@gmgigi96 this is true only for the invitation workflow, it should be enforced by configuration. Traditional OCM allows accepting shares from unknown sources.

labkode avatar Feb 06 '23 13:02 labkode

Rescoping this: the idea is we want to support "random users" at the OCM level, possibly with a warning in the UI. Ideally, the configuration should allow the following modes:

  • Only ScienceMesh, i.e. reject unknown incoming users and only allow shares towards invited (trusted) users
  • ScienceMesh + unknown, with warning when accepting incoming shares from unknown users (are you sure you want to accept a share from [email protected] ?).

In the second mode, creating a new OCM share would work as follows:

  • if the recipient is in the list of accepted invitees -> send an OCM share
  • otherwise, if the domain is one of the trusted ScienceMesh sites -> send an invitation, and also send the OCM share
  • otherwise, ask the user for the target EFSS endpoint and send an OCM share to that endpoint (The latter case might be blended in the public link workflow, if the EFSS endpoint is not provided)

glpatcern avatar Dec 06 '23 08:12 glpatcern