Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User does not know that Tags are globally visible #9416

Closed
tbsbdr opened this issue Jul 17, 2023 · 4 comments
Closed

User does not know that Tags are globally visible #9416

tbsbdr opened this issue Jul 17, 2023 · 4 comments
Assignees
@grimmoc
Labels
Priority:p3-medium Normal priority Topic:good-first-issue beginner friendly task

Comments

@tbsbdr
Copy link
Contributor

tbsbdr commented Jul 17, 2023
edited
Loading

Steps to reproduce

  1. Create a tag
  2. User does not know that Tags are globally visible (if
    screenshot_001413

Expected behaviour

User should know who can see Tags:

  • Add Contextual Helper next to "Add or edit Tags"
    • Title: "Who can view Tags?"
    • Body: "Everyone who can view the file can view it's Tags. Everyone who can edit the file can edit it's Tags."

screenshot_001413

Actual behaviour

User does not know that Tags are globally visible
@tbsbdr tbsbdr added Priority:p3-medium Normal priority Topic:good-first-issue beginner friendly task labels Jul 17, 2023
@tbsbdr
Copy link
Contributor Author

tbsbdr commented Jul 17, 2023

@JammingBen please remove "good first issue" if this is not the case =D

@phil-davis
Copy link
Contributor

phil-davis commented Jul 17, 2023
edited
Loading

And even if a user does not have access to any resource that has that tag, I think that the tag "string/name" can be seen by the user. For example:

  • Alice tags a file in space "Special-Projects" with "Project-Three-Letter-Agency"
  • and "Three-Letter-Agency" is not supposed to be known about in the wider organisation
  • Brian has access to space "Special-Projects" and can see the tag - no problem
  • Carol does not have access to space "Special-Projects"
  • Carol starts to tag a file in one of her spaces. She types "Project-T" and "Project-Three-Letter-Agency" is displayed as a suggestion. (Carol was going to add a tag "Project-Training", and accidentally sees the other tag name)
  • the information in the tag name has been "leaked" more widely

So users need to be aware that they should not embed "private"/"confidential" information in a tag name.

@tbsbdr
Copy link
Contributor Author

tbsbdr commented Jul 17, 2023
edited
Loading

Carol types "Project-T" and "Project-Three-Letter-Agency" is displayed as a suggestion.

Thats not the case with Web + OCIS
visibility of the tag is bound to the visibility of the resource🪢
but still thats not clear and should be told.

@grimmoc grimmoc mentioned this issue Aug 2, 2023
Merged
10 tasks
@JammingBen
Copy link
Contributor

Has been fixed via #9525.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@grimmoc grimmoc

Labels
Priority:p3-medium Normal priority Topic:good-first-issue beginner friendly task
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@phil-davis @AlexAndBear @tbsbdr @JammingBen @grimmoc