Addendum to TiddlerEncryptionPlugin update
4 views
Skip to first unread message
Lyall
Oct 8, 2008, 7:28:34 PM10/8/08
to TiddlyWiki
My latest version of TiddlerEncryptionPlugin, released a couple of
days ago, includes the ability to put a 'decrypt' button next to the
edit button, when displaying encrypted tiddlers.
This will automatically appear if you do not have a custom
ViewTemplate - ie, you use the default shadow ViewTemplate.
If, however, you have a custom ViewTemplate tiddler, you will need to
manually edit the ViewTemplate to include this feature.
Look for '+editTiddler' and add 'decryptThis' before it.
You can put the decryptThis anywhere you like in the line but I put it
before the 'edit' button so that the decrypt button is in the normal
edit position, if the tiddler is encrypted.
The decrypt button will not appear if the tiddler is not encrypted.
The current thinking is that if someone has a custom ViewTemplate
tiddler, that a plugin should not automatically fiddle with it - which
is what the TiddlerEncryptionPlugin is currently doing.
...Lyall
days ago, includes the ability to put a 'decrypt' button next to the
edit button, when displaying encrypted tiddlers.
This will automatically appear if you do not have a custom
ViewTemplate - ie, you use the default shadow ViewTemplate.
If, however, you have a custom ViewTemplate tiddler, you will need to
manually edit the ViewTemplate to include this feature.
Look for '+editTiddler' and add 'decryptThis' before it.
You can put the decryptThis anywhere you like in the line but I put it
before the 'edit' button so that the decrypt button is in the normal
edit position, if the tiddler is encrypted.
The decrypt button will not appear if the tiddler is not encrypted.
The current thinking is that if someone has a custom ViewTemplate
tiddler, that a plugin should not automatically fiddle with it - which
is what the TiddlerEncryptionPlugin is currently doing.
...Lyall
Eric Shulman
Oct 8, 2008, 8:49:27 PM10/8/08
to TiddlyWiki
> If, however, you have a custom ViewTemplate tiddler, you will need to
> manually edit the ViewTemplate to include this feature.
>
> Look for '+editTiddler' and add 'decryptThis' before it.
as of TW2.4.0, the toolbar command definitions have been *moved* to a
> manually edit the ViewTemplate to include this feature.
>
> Look for '+editTiddler' and add 'decryptThis' before it.
separate shadow tiddler called [[ToolbarCommands]]. This tiddler
contains *slice* definitions for the ViewToolbar and EditToolbar,
which are referenced by the standard ViewTemplate and EditTemplate,
which contain this syntax:
<span class='toolbar' macro='toolbar
[[ToolbarCommands::ViewToolbar]]'></span>
and
<span class='toolbar' macro='toolbar
[[ToolbarCommands::EditToolbar]]'></span>
respectively. The slice values in ToolbarCommands contain the same
macro parameters (i.e., toolbar command keywords) that used to be
embedded directly in the templates. Thus, instead of directly
modifying the complex syntax on the ViewTemplate/EditTemplate, you now
edit the [[ToolbarCommands]] and add a keyword to a much simpler space-
separated list of keywords in a table.
enjoy,
-e
Eric Shulman
TiddlyTools / ELS Design Studios
Lyall
Oct 8, 2008, 10:59:13 PM10/8/08
to TiddlyWiki
Wow.
I did not notice that because I had a custom ViewTemplate, which
simply carried over during my upgrade.
By the way, my upgrade process was to have an empty tiddlywiki and
simply import all the tiddlers from my old tiddlywiki. I gather that
is the accepted upgrade method nowadays?
Only after I edited and re-named my ViewTemplate did I notice the
changes in the Shadow version and apply them to mine.
Maybe we should have an 'upgrade' plugin that is installed with each
new release that checks for things that may be affected by an upgrade
and then deletes itself once it's job is done? I guess this would only
be necessary for major upgrades, as opposed to point releases. After
all, I guess I am pretty typical, I just upgrade - I didn't pay a lot
of attention to what changed. I pretty much assume newer is better.
So, to all those Encrypted Tiddlererers - edit the ToolbarCommands
tiddler instead, unless you have an old ViewTemplate tiddler lying
around which doesn't include the 2.4 changes, in which case, rename
your ViewTemplate, discover the changes and apply them to your
ViewTemplate and rename it back, then edit ToolbarCommands.
Phew!
:-)
...Lyall
I did not notice that because I had a custom ViewTemplate, which
simply carried over during my upgrade.
By the way, my upgrade process was to have an empty tiddlywiki and
simply import all the tiddlers from my old tiddlywiki. I gather that
is the accepted upgrade method nowadays?
Only after I edited and re-named my ViewTemplate did I notice the
changes in the Shadow version and apply them to mine.
Maybe we should have an 'upgrade' plugin that is installed with each
new release that checks for things that may be affected by an upgrade
and then deletes itself once it's job is done? I guess this would only
be necessary for major upgrades, as opposed to point releases. After
all, I guess I am pretty typical, I just upgrade - I didn't pay a lot
of attention to what changed. I pretty much assume newer is better.
So, to all those Encrypted Tiddlererers - edit the ToolbarCommands
tiddler instead, unless you have an old ViewTemplate tiddler lying
around which doesn't include the 2.4 changes, in which case, rename
your ViewTemplate, discover the changes and apply them to your
ViewTemplate and rename it back, then edit ToolbarCommands.
Phew!
:-)
...Lyall
PJO
Oct 9, 2008, 10:18:59 AM10/9/08
to TiddlyWiki
I've tried to follow this and have made the ToolbarCommands edit and
replaced TiddlerEncryptionPlugin 3.1.1 with 3.2.
First: when I went to make the ToolbarCommands change to TiddlyFolio I
found that I had no such tiddler, even though I started with a blank
TW 2.41 when I last made an update. Not sure how this happened.
I edited the ToolbarCommands as follows
|~ViewToolbar|closeTiddler closeOthers decryptThis +editTiddler >
fields syncing permalink references jump|
|~EditToolbar|+saveTiddler -cancelTiddler deleteTiddler|
expecting to see "decryptThis" on the toolbar for encrypted tiddlers.
I don't see this. It appears that nothing has changed. What have I
missed?
Lyall, can I suggest that you post a copy of TW 2.41 with the changes
ready to go or very clear step by step instructions. I'm not sure what
I'm doing wrong.
On your last point: I think you've put your finger on a truly
fundamental problem with TW: dependencies. There has to be a better
way of managing this.
replaced TiddlerEncryptionPlugin 3.1.1 with 3.2.
First: when I went to make the ToolbarCommands change to TiddlyFolio I
found that I had no such tiddler, even though I started with a blank
TW 2.41 when I last made an update. Not sure how this happened.
I edited the ToolbarCommands as follows
|~ViewToolbar|closeTiddler closeOthers decryptThis +editTiddler >
fields syncing permalink references jump|
|~EditToolbar|+saveTiddler -cancelTiddler deleteTiddler|
expecting to see "decryptThis" on the toolbar for encrypted tiddlers.
I don't see this. It appears that nothing has changed. What have I
missed?
Lyall, can I suggest that you post a copy of TW 2.41 with the changes
ready to go or very clear step by step instructions. I'm not sure what
I'm doing wrong.
On your last point: I think you've put your finger on a truly
fundamental problem with TW: dependencies. There has to be a better
way of managing this.
wolfgang
Oct 9, 2008, 10:24:35 AM10/9/08
to TiddlyWiki
Just in case, did you already have this line in your ViewTemplate:
<div class='toolbar' macro='toolbar
[[ToolbarCommands::ViewToolbar]]'></div>
W.
<div class='toolbar' macro='toolbar
[[ToolbarCommands::ViewToolbar]]'></div>
W.
PJO
Oct 9, 2008, 10:37:39 AM10/9/08
to TiddlyWiki
This is my ViewTemplate
<!--{{{-->
<div class='toolbar' macro='toolbar closeTiddler closeOthers
+editTiddler > fields syncing permalink references jump'></div>
<div class='title' macro='view title'></div>
<div class='subtitle'><span macro='view modifier link'></span>, <span
macro='view modified date'></span> (<span macro='message
views.wikified.createdPrompt'></span> <span macro='view created
date'></span>)</div>
<div class='tagging' macro='tagging'></div>
<div class='tagged' macro='tags'></div>
<div class='viewer' macro='view text wikified'></div>
<div class='tagClear'></div>
<!--}}}-->
<!--{{{-->
<div class='toolbar' macro='toolbar closeTiddler closeOthers
+editTiddler > fields syncing permalink references jump'></div>
<div class='title' macro='view title'></div>
<div class='subtitle'><span macro='view modifier link'></span>, <span
macro='view modified date'></span> (<span macro='message
views.wikified.createdPrompt'></span> <span macro='view created
date'></span>)</div>
<div class='tagging' macro='tagging'></div>
<div class='tagged' macro='tags'></div>
<div class='viewer' macro='view text wikified'></div>
<div class='tagClear'></div>
<!--}}}-->
PJO
Oct 9, 2008, 10:39:29 AM10/9/08
to TiddlyWiki
I also use a DataView template
<!--{{{-->
<div class='toolbar' macro='toolbar closeTiddler closeOthers
+editTiddler > fields syncing permalink references jump'></div>
<div class='title' macro='view title'></div>
<div class='subtitle'><span macro='view modifier link'></span>, <span
macro='view modified date'></span> (<span macro='message
views.wikified.createdPrompt'></span> <span macro='view created
date'></span>)</div>
<span macro='tiddler CheckboxToggleTag with: Encrypt(TiddlyFolio)
Unencrypted'></span><span><html><b>Encrypt</b></html></span>
<span macro="tiddler BackgroundColors title"></span>
<!--{{{-->
<div class='toolbar' macro='toolbar closeTiddler closeOthers
+editTiddler > fields syncing permalink references jump'></div>
<div class='title' macro='view title'></div>
<div class='subtitle'><span macro='view modifier link'></span>, <span
macro='view modified date'></span> (<span macro='message
views.wikified.createdPrompt'></span> <span macro='view created
date'></span>)</div>
Unencrypted'></span><span><html><b>Encrypt</b></html></span>
<span macro="tiddler BackgroundColors title"></span>
wolfgang
Oct 9, 2008, 10:50:40 AM10/9/08
to TiddlyWiki
You have to replace the following:
closeTiddler closeOthers +editTiddler > fields syncing permalink
references jump
with
[[ToolbarCommands::ViewToolbar]]
which is the transclusion macro in stylesheets and templates, just as
the <<tiddler TiddlerTitle##TiddlerSection>> is in ordinary tiddlers.
[[TiddlerTiddler::TiddlerSlice]] transcludes that particular slice of
the table in the tiddler indicated.
Regards,
W.
closeTiddler closeOthers +editTiddler > fields syncing permalink
references jump
[[ToolbarCommands::ViewToolbar]]
which is the transclusion macro in stylesheets and templates, just as
the <<tiddler TiddlerTitle##TiddlerSection>> is in ordinary tiddlers.
[[TiddlerTiddler::TiddlerSlice]] transcludes that particular slice of
the table in the tiddler indicated.
Regards,
W.
FND
Oct 9, 2008, 4:43:44 PM10/9/08
to Tiddl...@googlegroups.com
> I did not notice that [ToolbarCommands]
Sorry, I probably should have been more explicit in my post on [twdev].
Either way, here's a minor suggestion:
ToolbarCommands.replace(/\+editTiddler/,'decryptThis +editTiddler');
ToolbarCommands.replace(/([^\w]+editTiddler)/,'decryptThis$1');
The second line is more flexible in that it supports all special
symbols*, including none at all. (Look, we need the RegEx there after
all... )
There's one caveat: This particular RegEx doesn't quite work if
"editTiddler" is the first toolbar button - but that should be easy to
fix (I just don't have time to get into that right now - let me know if
you need some assistance).
-- F.
* http://www.tiddlywiki.org/wiki/Tiddler_Toolbar#Special_Symbols
PJO
Oct 10, 2008, 8:07:32 AM10/10/08
to TiddlyWiki
Thanks Wolfgang, that works ok.
I'm assuming FND's post refers to some internals I don't need to worry
about. Yes?
Lyall:
One remaining thing I found
TiddlyFolio's MainMenu included
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable"
"Encrypt(TiddlyFolio)">>
(I assumed one password for all tiddlers)
This used to work in making tiddlers searchable (the password was
required to display any). This no longer works. It says it decrypts
but searches don't yield results. Dropping the prompt string
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable">>
causes the password to be prompted for and search works again. It may
be that the password is expected if the prompt is included, though I
read
["prompt string" ["accessKey"]]
to mean that the password was optional (would be prompted for).
Not allowing encrypted tiddlers to be searched is arguably more
secure. A small revision to prompt for the accessKey if it's not
included is all that's needed I think.
Since TiddlyFolio uses CheckboxToggleTag and a nice inviting checkbox
labeled Encrypt (using the DataView template referred to earlier) I
wonder what the chances are now of someone encrypting something
already encrypted? Would that be desirable functionality or something
to guard against?
In any case, I like the new decrypt option from the toolbar.
I'm assuming FND's post refers to some internals I don't need to worry
about. Yes?
Lyall:
One remaining thing I found
TiddlyFolio's MainMenu included
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable"
"Encrypt(TiddlyFolio)">>
(I assumed one password for all tiddlers)
This used to work in making tiddlers searchable (the password was
required to display any). This no longer works. It says it decrypts
but searches don't yield results. Dropping the prompt string
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable">>
causes the password to be prompted for and search works again. It may
be that the password is expected if the prompt is included, though I
read
["prompt string" ["accessKey"]]
to mean that the password was optional (would be prompted for).
Not allowing encrypted tiddlers to be searched is arguably more
secure. A small revision to prompt for the accessKey if it's not
included is all that's needed I think.
Since TiddlyFolio uses CheckboxToggleTag and a nice inviting checkbox
labeled Encrypt (using the DataView template referred to earlier) I
wonder what the chances are now of someone encrypting something
already encrypted? Would that be desirable functionality or something
to guard against?
In any case, I like the new decrypt option from the toolbar.
Lyall
Oct 12, 2008, 5:56:26 AM10/12/08
to TiddlyWiki
The TiddlerEncryptionPlugin has an option which automatically includes
an 'excludeSearch' tag on encrypted tiddlers.
If this option is disabled, after having been turned on when the
tiddler was encrypted, then, the excludeSearch is left on the tiddlers
after decryption, effectively leaving the tiddlers unsearchable.
What you do is enable this option, then use a DecryptAll, which would
remove the excludeSearch tag **IF it's the last tag**. If you want
some encrypted tiddlers to remain unsearchable, simply move the
excludeSearch tag to somewhere else in the tag list, probably the
beginning.
With regard to Encrypt(tiddlyFolio), yes, all tiddlers would be
encrypted with the prompt 'Encrypt(TiddlyFolio)' - not 'TiddlyFolio'
as I think someone may have been thinking.
Also, passwords are different from prompt strings. Prompt strings are
just some text to help you remember what the password is. You always
have to key in the password.
You cannot encode the password into the macro - it would make the
whole thing rather insecure if that was the case - view the tiddly
contents and you would see the password! What you can do is encode the
prompt string, otherwise, the plugin will ask for a password for each
distinct prompt string it finds. When given a prompt string, the
plugin will only decrypt tiddlers that have been tagged with that
Decrypt(promptString) tag.
Hopefully that doesn't confuse everyone too much.
...Lyall
an 'excludeSearch' tag on encrypted tiddlers.
If this option is disabled, after having been turned on when the
tiddler was encrypted, then, the excludeSearch is left on the tiddlers
after decryption, effectively leaving the tiddlers unsearchable.
What you do is enable this option, then use a DecryptAll, which would
remove the excludeSearch tag **IF it's the last tag**. If you want
some encrypted tiddlers to remain unsearchable, simply move the
excludeSearch tag to somewhere else in the tag list, probably the
beginning.
With regard to Encrypt(tiddlyFolio), yes, all tiddlers would be
encrypted with the prompt 'Encrypt(TiddlyFolio)' - not 'TiddlyFolio'
as I think someone may have been thinking.
Also, passwords are different from prompt strings. Prompt strings are
just some text to help you remember what the password is. You always
have to key in the password.
You cannot encode the password into the macro - it would make the
whole thing rather insecure if that was the case - view the tiddly
contents and you would see the password! What you can do is encode the
prompt string, otherwise, the plugin will ask for a password for each
distinct prompt string it finds. When given a prompt string, the
plugin will only decrypt tiddlers that have been tagged with that
Decrypt(promptString) tag.
Hopefully that doesn't confuse everyone too much.
...Lyall
PJO
Oct 12, 2008, 12:40:38 PM10/12/08
to TiddlyWiki
Lyall,
Thanks for the explanation. Sorry if I am easily confused, however, I
don't get how it relates to the apparently changed behaviour in
respect of the prompt string and access key. With v1.7 the access key
was prompted for and now it is not. That was my point. I understood
that "Encrypt(promptstring)" is used to encrypt and that the password
is not stored. I hadn't really registered excludeSearch, however I
never changed any options to elicit the change.
It's not really a problem, except in so far as
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable"
"Encrypt(promptstring)">>
by default neither prompts for an access key nor permits any
searching.
PJO
Thanks for the explanation. Sorry if I am easily confused, however, I
don't get how it relates to the apparently changed behaviour in
respect of the prompt string and access key. With v1.7 the access key
was prompted for and now it is not. That was my point. I understood
that "Encrypt(promptstring)" is used to encrypt and that the password
is not stored. I hadn't really registered excludeSearch, however I
never changed any options to elicit the change.
It's not really a problem, except in so far as
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable"
by default neither prompts for an access key nor permits any
searching.
PJO
Lyall
Oct 12, 2008, 5:34:33 PM10/12/08
to TiddlyWiki
The access key is the 'keyboard shortcut' for the button itself.
You appear to confusing the access key with the prompt string or the
password itself.
If the DecryptAll macro is given a prompt string, it will only decrypt
tiddlers for that prompt string.
If the DecryptAll macro is *not* given a prompt string, it will ask
you for the password for *each* prompt string that it finds.
So,
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable" "Your
mothers maiden name">>
Will decrypt all tiddlers tagged with 'Decrypt(Your mothers maiden
name)'.
There is no way, now, for you to actually enter the 'prompt string'.
I forget when the behavior changed to not actually prompt for the
prompt string - it just seemed simpler to not have the human type in
something that the computer can look up. After all, 1.7 was a long
time ago.
With regard to searchable.
If the last 2 tags on a tiddler are 'excludeSearch excludeLists', in
that precise order, or either of the two, then the plugin will
automatically remove them from the tags list once the tiddler is
decrypted. This is controlled by chkExcludeEncryptedFromSearch and
chkExcludeEncryptedFromLists, which can be found in advanced options
or in the plugin comments.
...Lyall
You appear to confusing the access key with the prompt string or the
password itself.
If the DecryptAll macro is given a prompt string, it will only decrypt
tiddlers for that prompt string.
If the DecryptAll macro is *not* given a prompt string, it will ask
you for the password for *each* prompt string that it finds.
So,
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable">>
Will ask you for the password for each 'prompt string' it finds.
<<EncryptionDecryptAll "Decrypt All" "Make all items searchable" "Your
mothers maiden name">>
Will decrypt all tiddlers tagged with 'Decrypt(Your mothers maiden
name)'.
There is no way, now, for you to actually enter the 'prompt string'.
I forget when the behavior changed to not actually prompt for the
prompt string - it just seemed simpler to not have the human type in
something that the computer can look up. After all, 1.7 was a long
time ago.
With regard to searchable.
If the last 2 tags on a tiddler are 'excludeSearch excludeLists', in
that precise order, or either of the two, then the plugin will
automatically remove them from the tags list once the tiddler is
decrypted. This is controlled by chkExcludeEncryptedFromSearch and
chkExcludeEncryptedFromLists, which can be found in advanced options
or in the plugin comments.
...Lyall
PJO
Oct 13, 2008, 6:07:46 AM10/13/08
to TiddlyWiki
You're right. I assumed that accesskey effectively meant password. I
know that putting a password in a tiddler might not make a lot of
sense but for it to be a possible option wasn't entirely unthinkable.
The correct meaning of "Accesskey" didn't jump out at me any more than
the consequences of editing an encrypted tiddler with 3.1.1.
I haven't followed all of the changes since so I wasn't sure at what
point things appeared to change. I didn't think there had been many
versions in fact between 1.7 (which worked entirely as expected) and
3.2.
If you make any updates I hope my erroneous or even stupid assumptions
will help in clarifiying the docs and thanks for the clarifications.
know that putting a password in a tiddler might not make a lot of
sense but for it to be a possible option wasn't entirely unthinkable.
The correct meaning of "Accesskey" didn't jump out at me any more than
the consequences of editing an encrypted tiddler with 3.1.1.
I haven't followed all of the changes since so I wasn't sure at what
point things appeared to change. I didn't think there had been many
versions in fact between 1.7 (which worked entirely as expected) and
3.2.
If you make any updates I hope my erroneous or even stupid assumptions
will help in clarifiying the docs and thanks for the clarifications.
Reply all
Reply to author
Forward
0 new messages