Hey Alpharis,
Unfortunately nothing is totally private anymore. Your emails are not private, your chat communication is written somewhere etc...
The real question is - how easy it is to access that information. I could remove the screen that shows the notes, but what is preventing you from going into the db and looking at the notes there? Maybe what we need to add there is ACL - so only an admin will have access to that screen and not all backend users.

I like the other suggestions about the stats. I'll try to add them in one of the next versions.

Daniel

Hey Alpharis,
Unfortunately nothing is totally private anymore. Your emails are not private, your chat communication is written somewhere etc...

Unfortunately, I know this is the case.
But managing small spaces of privacy is always nice for users.

The real question is - how easy it is to access that information. I could remove the screen that shows the notes, but what is preventing you from going into the db and looking at the notes there? Maybe what we need to add there is ACL - so only an admin will have access to that screen and not all backend users.

I agree with you, looking directly at the DB is always possible.
I like your idea of only having the admin able to take a look at the notes.
But maybe a stronger solution would be to encrypt the notes when they are displayed
in the backend. And of course in the DB.
I think that this question of privacy is very important.
Of course having notes encrypted in the backend and readable in he frontend is not trivial :huh:

I like the other suggestions about the stats. I'll try to add them in one of the next versions.

My 2 cents on this point.
You've got a terrific idea with this module/component.
If you can guarantee a reasonable privacy with some statistics, you would be able to sell this application and let the free versions as it is.

The idea of taking note directly on a Joomla site is very interesting.
There is a lot to develop.

Thank you in advance for any idea or feature you are going to implement in Cnotes.

Kind Regards

The CNotes component is a very good idea and work.

But for my point of view, I think that the notes taken by the registered users are totally private.
They must not be seen by the Admin.
These notes and comments are made for the sole benefit of the user.
He takes notes of personal ideas about an article of the website.
These ideas are confidential.

If he wants to share publicly some info he can always use a Comment module or component.
So the idea would be to crypt the data entered by the users.

Having info for the Admin of the website about the total number of Cnotes in the site, the numbers for each user, the number for each page where the module is present on the form of Statistic is fair. But this is the limit to not cross.

Like this the possibility to edit a Cnotes would be not possible for the admin.
The users have to know what all they can write belongs to them and is not viewable by others.

Anyway, congratulations for your work.

I don't get the point of you saying this. You are saying an admin shouldn't be able to view the user's notes, right? You can prevent this from not logging into the cNotes component in admin panel. I mean, the data is already in phpMyAdmin database, so what's the difference between NOT logging in the database table and NOT logging in the component backend? They both contain the same data.

So there really is no way around the "Not having admin users having the ability to see user notes".

Although the only way to truly make it not accessible by an admin, as you also mentioned, is by encrypting the data to the database so it comes out to be an md5 hash rather than a text note or something along these lines.

Just some thoughts for fun!


Tessa Mero

Hi Tessa,

Let me explain you why I posted this suggestion.

I don't get the point of you saying this. You are saying an admin shouldn't be able to view the user's notes, right?

Yes. It's correct. For privacy reasons or security.

You can prevent this from not logging into the cNotes component in admin panel. I mean, the data is already in phpMyAdmin database, so what's the difference between NOT logging in the database table and NOT logging in the component backend? They both contain the same data.

So there really is no way around the "Not having admin users having the ability to see user notes".

A) Yes, I agree with you Tessa. When the Webmaster with Admin credit and Admin of the web site is the same person, it has no sense

B) Same point if you are an admin of an internal server.

C) But in Joomla you can give admin access to several people with different user names and passwords. This means that among them, some users can not have the keys (name and password) to take a look at the phpMyAdmin console.
In the hosting environment I use, either Cpanel or Plesk, it's online, not local.
The access to these super admin are protected by user name and password which are different of the Joomla admin user and password.
Some hosting companies are asking you a different username and password for having access to phpMyAdmin even if you are already connected to the Plesk Console!

This is why, to better explain my point of view, I think it's rather correct to make a difference between Joomla Admin and Super Admin of the server or online hosting. You were right to ask for this clarification.

Although the only way to truly make it not accessible by an admin, as you also mentioned, is by encrypting the data to the database so it comes out to be an md5 hash rather than a text note or something along these lines.

Yes, it's correct again.
I did not enough developed this point.

Of course, it is md5 hashed, it will also be displayed hashed in the Frontend for the author of the note. Which is relatively embarrassing :huh:

The idea is to get a small button inside the Module which will call and additional module like, let's say a kind of PGP addon, which would decipher the cryptic code and display the correct and 'normal' text of the person with the use of a secret key.

OK, this possibility is far to be trivial. And needs a lot of development.

I just point this possibility or at least feature because I do believe that Privacy matters on the Internet.
And also that there is a huge market for this kind of feature for accounting companies, audit, or any organization interested by getting a knowledge management tool for its employees but which want to restrict access to tech people.

My two cents

Have a look at the new version. You can now configure who is able to access the component
https://compojoom.com/downloads/official-releases-stable/cnotes-make-a-note/cnotes-1-1
docs:
https://compojoom.com/support/documentation/cnotes/ch03#idp58432

maybe this will answer some of your privacy concerns.
Daniel

Hi Daniel,

Thank you for your info.
And once again congratulations for your work.

I have installed the new version in a site under development.
It's running ok.
I just had a problem when testing it as a registered user.
I edited the note on a page and when it disappeared on this page
just after I saved the edit.
I had to disconnect and connect again to see the note and the modification done.
It was on Chrome.

Also, I have seen and tested the permission settings.
Yes, restricting the access to the component is a good point.
Now Super admin can set a fine settings for registered and admin users.

Just a point. For me, the super admin should not be able to edit the notes.
If the CEO of a company left a note on a page, I don't think that the Admin of the
Joomla site should be allowed to erase it.
And to me, he should even not be allowed to read it.

But you are working in the good direction.
I still see a huge potential for this module.
I am going to leave a comment on extensions.joomla.org.

Good continuation.

Best regards

I just tested it on chrome and I couldn't confirm the disappearing problem. The super admin on a joomla website is able to do whatever he sees fit. It doesn't matter if you change the create permission to forbidden - it will still be allowed (correct me if I'm wrong)
With that said - you should have only 1 super admin on a site -> 1 person should have full access to everything. Everyone else should be an administrator or a user group that is similar to administrator. What is the point of having the CEO of the fictional company MilkCorp be a super admin on the site? Obviously he only knows about milk and nothing about websites. What he needs to have when he logs in are stats about sales, a window to type an article and that is all... (look at adminpraise - we've done some kinda cool stuff with Kyle there)

Cheers,
Daniel

I just tested it on chrome and I couldn't confirm the disappearing problem.

I am glad. I just mentioned this to let you know that I had this problem.
I had the same problem in the previous version.
It's maybe due to my specific version of Chrome running on Ubuntu.

The super admin on a joomla website is able to do whatever he sees fit. It doesn't matter if you change the create permission to forbidden - it will still be allowed (correct me if I'm wrong)

You are totally right. This is why I explained my point of view in previous posts on a (very :huh: ) complex way to crypt data for a total confidentiality.

With that said - you should have only 1 super admin on a site -> 1 person should have full access to everything. Everyone else should be an administrator or a user group that is similar to administrator.

I agree again. That's good practice.
Just be sure to let somewhere, in safe place, the password and login in case the Super Admin had a health problem or worst ... This happens.

What is the point of having the CEO of the fictional company MilkCorp be a super admin on the site? Obviously he only knows about milk and nothing about websites. What he needs to have when he logs in are stats about sales, a window to type an article and that is all...

You are correct again.
I think I was not enough clear.
The point is not to get the CEO able to log as a Super Admin in a site.
Indeed it has no interest and it is not his job.

Which bugs me (a little) is that the Super Admin can see the notes of the CEO.
Let's say that the CEO writes somewhere, caricaturing a little :
'Merge with MilkEnglishCream Corp and Fire all the guys of my IT department".
That could be embarrassing ops:

Or he just can info about possible IPO on another company.
That's sensitive information.

But as the component is free, thanks again, it's a minor point.
Even if I still believe that a paid version with such feature would
be searched and appreciated by a lot of IT people.

(look at adminpraise - we've done some kinda cool stuff with Kyle there)

I have taken a look.
It is very interesting and clean.
It will sure be very helpful for people who are not tech oriented.
Just a point, on http://demo.adminpraise.com/, with the frame embedded
when I select the AdimPad Premium, I've got this error message.
500 - An error has occurred.
And with AdminPraise2 Premium, I've got
Database Error: Unable to connect to the database:Could not connect to database.

But it works well with AdminPraise3 Premium.

I let a comment on extension.joomla.org about the Cnote component.

Thank you for your work.

Cheers,
Alpharis