[MDL-76722] Add encrypted mobile notifications - Moodle Tracker

XML

Word

Printable

Details

Type: Improvement
Status: Waiting for integration review
Priority: Minor
Resolution: Unresolved
Affects Version/s: 4.1
Fix Version/s: None
Component/s: Messages
Labels:
- CatalystIT
- ci
- hqteam_hedgehog
- mobile
- partner
- triaged

Affected Branches:
MOODLE_401_STABLE
Pull from Repository:
https://github.com/alexmorrisnz/moodle.git
Pull Master Branch:
MDL-76722-master_encrypted_notifications
Pull Master Diff URL:
https://github.com/moodle/moodle/compare/master...alexmorrisnz:moodle:MDL-76722-master_encrypted_notifications
Testing Instructions:
Hide

Complete testing can't be performed without first setting up a copy of the modified app from MOBILE-4214

Test existing notifications and those which can't be encrypted (no key) are unaffected:

Login to the site as an administrator

Verify the setting `message_airnotifier | encryptnotifications` is off

Login to the site on the app using a student account

On the site as the admin, send a message to the student account

Verify the expected notification message arrives as normal

Verify the setting `message_airnotifier | encryptnotifications` is on

On the site as the admin, send a message to the student account

Verify the expected notification message arrives as normal
Show
Complete testing can't be performed without first setting up a copy of the modified app from MOBILE-4214 Test existing notifications and those which can't be encrypted (no key) are unaffected: Login to the site as an administrator Verify the setting `message_airnotifier | encryptnotifications` is off Login to the site on the app using a student account On the site as the admin, send a message to the student account Verify the expected notification message arrives as normal Verify the setting `message_airnotifier | encryptnotifications` is on On the site as the admin, send a message to the student account Verify the expected notification message arrives as normal

Description

Encrypt mobile notifications should be encrypted so the AirNotifier server and platform notification service (Firebase/APN) cannot read user data.

Fields to encrypt:

userfromfullname

smallmessage,

fullmessage

fullmessagehtml

subject

customdata

A key pair should be generated on the device to be stored in the device keychain (Hardware module if possible).
The public key will be registered against the device in Moodle (user_devices table).
If the setting `tool_mobile/encryptnotifications` is on the relevant notification fields will be encrypted.
When the device receives an encrypted notification it will be decrypted using the private key.

Attachments

Issue Links

blocks

MOBILE-4214 Add encrypted mobile notifications

Integration review in progress

Activity

People

Assignee:: Alexander Morris

Reporter:: Alexander Morris

Peer reviewer:: Juan Leyva

Participants:: Alexander Morris, Andrew Lyons, CiBoT, Dan Marsden, Jake Dallimore, Juan Leyva, Matt Porritt, Michael Nixon, Ralf Krause, ya-d

Component watchers:: David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo

Votes:: 2 Vote for this issue

Watchers:: 14 Start watching this issue

Dates

Created:: 19/Dec/22 12:37 PM

Updated:: 2 hours ago

Time Tracking

Estimated:

Remaining:

Logged:

2h 30m