Not even two weeks have passed and we already have a new version ready for you. This time there are no new block types or meta data but instead we deliver encryption of documents, the ability to share documents with other users, and integration with Sphinx for building PDF versions of the ReST files.
Encryption
First of all we have implemented encryption of documents. Encryption is done on the client, meaning that the password is not stored on the server. This decreases the attack surface in case an attacker gets access to the Doksi server.
We also encrypt each block independently, giving it a unique IV. This will allow us to support partial encryption in the future, where you could decrypt only specific blocks, or encrypt them with individual keys and share only specific blocks with other users, while keeping the other blocks encrypted and hidden.
Sharing is caring
Of course, we need to share documents with other users. Until now all documents were readable and editable by all users but in this release we have implemented a policy framework which is used to determine if a user can read, edit and destroy a document. In a first iteration we create controls for giving permissions to other users, where the permission is either “read”, “write” or “admin”.
In the next iteration we will extend this to teams so you can share a document with a whole team. Later on we will also create roles which will automatically grant permissions for users with that role. This will lead us to a fully capable RBAC subsystem for Doksi.
Export to PDF
Another quite big step for Doksi is the ability to export document. While it may not seem big in the surface, this means that documents are now full ReST folders and we actually run Sphinx inside a container to build the document to PDF.
This is important because it will allow us to export to other formats that Sphinx support, but also integrate Doksi with Git, where the .rst-files of the document are stored inside a Git repository, giving us the ability to do revision history and an approval process via branches and forks.