You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is not totally obvious to a new user of the GUI that even if they have selected a secret, clicking "Policies" will edit the policy of the whole group. Of course, users should know that policies are per group and not per secret, and yes, the policy window that opens mentions the name of the group and not that of an individual secret.
It would be made more explicit by adding a vertical separating line between the sections "Secrets Groups", "Secrets", "Versions", and "Entry". Each of those sections has its title, its buttons, and its table of data -- and the buttons run together.
It might even be a good idea to disable buttons in the sections that do not contain the currently selected element, but that is a bigger change.
STEPS TO REPRODUCE
create a new secret in an existing group (through the CLI)
launch the GUI to check
click on the just-created secret
note in the documentation https://schibsted.github.io/strongbox/#install (in the "groups" section, of course) "To help avoid misconfiguration Strongbox generates a suitable read-only policy for you.", wonder what that policy is, mistakenly conclude that it means that "suitable" read-only roles are auto-added
click on "Policies", see that what seems to be all the account's roles are listed there -- even though the secret was just created!
delete the unwanted roles... for that secret
notice that the change also affected the other secrets in the group
go dig out from backups the list of roles that should access the group...
The text was updated successfully, but these errors were encountered:
ISSUE TYPE
COMPONENT NAME
CONFIGURATION
OS / ENVIRONMENT
Java GUI on MacOS
SUMMARY
It is not totally obvious to a new user of the GUI that even if they have selected a secret, clicking "Policies" will edit the policy of the whole group. Of course, users should know that policies are per group and not per secret, and yes, the policy window that opens mentions the name of the group and not that of an individual secret.
It would be made more explicit by adding a vertical separating line between the sections "Secrets Groups", "Secrets", "Versions", and "Entry". Each of those sections has its title, its buttons, and its table of data -- and the buttons run together.
It might even be a good idea to disable buttons in the sections that do not contain the currently selected element, but that is a bigger change.
STEPS TO REPRODUCE
The text was updated successfully, but these errors were encountered: