Syndis Share
Total Page:16
File Type:pdf, Size:1020Kb
Syndis Share Reykjavík University School of Computer Science Daði Steinn Brynjarsson Tyler Elías Jones Final Report May 15th 2020 Syndis Share Daði Steinn Brynjarsson ([email protected]) Tyler Elías Jones ([email protected]) Final Report May 15th 2020 Supervisor: Karl Andrés Gíslason Examiner: Torfi H. Leifsson Advisors: Níels Ingi Jónasson Hjalti Magnússon Contents 1 Project Overview 1 1.1 Project Summary . 1 1.1.1 Our Purpose, Scope, and Objectives . 1 1.1.2 Assumptions and Constraints . 1 1.1.3 Project Deliverables . 1 1.1.4 Schedule and Budget Summary . 1 1.2 Evolution of the Plan . 1 1.3 Preliminary Research . 2 2 Project Context 2 2.1 Methods, Tools and Techniques . 2 3 Project Planning 3 3.1 Project Work Plans . 3 3.1.1 Work Activities . 3 3.1.2 User Stories . 3 3.1.3 Schedule Allocation . 4 3.1.4 Budget Allocation . 5 3.2 Estimation Plan . 5 3.2.1 Sprint Estimations . 5 4 Project Assessment and Control 6 4.1 Requirements Management Plan . 6 4.2 Scope Change Control Plan . 6 4.3 Schedule Control Plan . 6 4.4 Quality Assurance Plan . 6 4.5 Data Privacy . 6 4.5.1 General Data Protection Regulation Compliance . 6 5 Product Delivery 7 6 Supporting Process Plans 7 6.1 Project Supervision and Work Environment . 7 6.2 Risk Management . 7 6.2.1 Documentation . 9 6.2.2 Communication and Publicity . 9 6.3 Quality Assurance . 9 6.4 Measurement . 9 6.5 Reviews and Audits . 9 7 Progress Report 9 7.1 Feature List . 9 7.2 Total Work Hours . 10 7.3 Burndown Chart . 10 7.4 Sprint 0, 20 Jan - 16 Feb . 11 7.4.1 Summary . 11 7.4.2 Sprint Backlog . 11 7.4.3 Sprint Work Hours . 12 7.5 Sprint 1, 17 Feb - 1 Mar . 12 7.5.1 Summary . 12 7.5.2 Sprint Backlog . 12 7.5.3 Sprint Work Hours . 13 7.6 Sprint 2, 2 Mar - 15 Mar . 13 7.6.1 Summary . 13 7.6.2 Sprint Backlog . 14 7.6.3 Sprint Work Hours . 15 7.7 Sprint 3, 16 Mar - 29 Mar . 15 7.7.1 Summary . 15 7.7.2 Sprint Backlog . 15 7.7.3 Sprint Work Hours . 16 7.8 Sprint 4, 30 Mar - 12 Apr . 16 7.8.1 Summary . 16 7.8.2 Sprint Backlog . 16 7.8.3 Sprint Work Hours . 17 7.9 Sprint 5, 13 Apr - 26 Apr . 17 7.9.1 Summary . 17 7.9.2 Sprint Backlog . 17 7.9.3 Sprint Work Hours . 18 7.10 Sprint 6, 27 Apr - 15 May . 19 7.10.1 Summary . 19 7.10.2 Sprint Backlog . 19 7.10.3 Sprint Work Hours . 20 8 Design Report 20 8.1 The Front End . 20 8.1.1 Home View . 21 8.1.2 The Controller . 21 8.1.3 The Download View . 22 8.2 Back End . 22 8.2.1 Routes . 22 8.2.2 Middleware . 22 8.2.3 Syndis Data . 22 8.2.4 Redis . 23 8.2.5 Island.is Authentication . 23 8.2.6 External API’s . 23 8.2.7 Tests . 23 9 Charts 24 1 Project Overview 1.1 Project Summary Syndis Share is a file sharing application based on Firefox Send[17] which is developed and maintained by the Mozilla Foundation. Firefox Send offers a secure way of sharing files over the internet. Before a file is uploaded, a private key is generated and used to encrypt the file before it is uploaded to the server. The uploader is then given a uniform resource locator (URL) which grants access to the file and includes the private key in the URL itself. The recipient can then use the URL to access the file, which is downloaded and decrypted client-side. Optionally, the uploader can specify a password which the recipient must use to gain access to the file. The uploader can also set expiration options, time and/or download limits. When either one is surpassed, the server destroys the file. The server does not at any point know the private key for any given file it is storing. So even if the server is compromised, the private key for every file that is stored is required to decrypt them. The project will build on top of Firefox Send and add functionality to improve security and access control, while still being able to apply updates made by Firefox Send in an automated fashion. 1.1.1 Our Purpose, Scope, and Objectives The purpose of the project is to make a new and improved version of Syndis Share, which is already a live project. Both versions of Syndis Share are forks of Firefox Send and the new version will not build on the old. It will focus on the Icelandic market and will utilize the national electronic certificate to improve access control. Other features will improve security and information flow for Syndis employees. The objective is to make a secure file sharing software which can be used to share confidential information safely over the internet. 1.1.2 Assumptions and Constraints The code from Firefox Send will be assumed to be in a deliverable state. This will be a big factor in the project since automatic patching (updates to Firefox Send should be automatically applied to Syndis Share) is a requirement. To allow for automatic patching, the project code must build on top of Send while conflicting with the existing code as little as possible. 1.1.3 Project Deliverables The project will produce a web application and a report. The web application is intended for secure file sharing which Syndis can use with their clients. Syndis will receive documentation that will explain the technicalities for the project. 1.1.4 Schedule and Budget Summary The team will meet at Syndis at least three times a week. In addition to this, there will be weekly stand-up meetings with Hjalti and Níels, the Syndis advisors. The team will meet with Karl, the Reykjavík University supervisor, when appropriate. Sprint meetings will be held on a two week interval. There is no set budget for the project, however, subscription based services will be required for some of the features. 1.2 Evolution of the Plan The requirement list has changed since the proposal of the project. There have been minor adjustments to two features. The email notification system will send more detailed reports to the 1 uploader about the activity of his uploaded file, and the feature to only allow certain credentials from island.is to access an uploaded file was added. In total there were four additional features implemented. 1.3 Preliminary Research Firefox Send is made using Choo[1], Tailwindcss[19] and Node.js[5]. Choo is a minimalist front end Javascript[3] framework and Tailwindcss is a highly customizable CSS framework. The team was not familiar with Choo and Tailwindcss and had to research them to be able to understand the code. 2 Project Context 2.1 Methods, Tools and Techniques The team will use a mix of Kanban and Scrum scheduling systems to manage the workflow in an efficient way. Kanban consists of a board that has been divided into a few areas, each area representing a stage in development. Within these areas are cards which represent a task, these cards contain the name of a task and a short description. The cards might also contain steps to follow to progress the task. The team used Trello[21] to keep track of the Kanban board. Trello is an online organizational tool to make Kanban-style lists. The board has six categories, "Backlog" (the product backlog), "To-Do", "Doing", "Code Review", "Testing" and "Done". Each card will travel between the categories during different stages of its development until it is fully done. The team will be using sprint and retrospective meetings from the Scrum framework. Each sprint will be two weeks long. Some artifacts will also be borrowed from the Scrum framework, those include: A sprint backlog, burndown chart, and user stories. Other tools used by the team: • JavaScript - the main programming language used in the project. • Choo - minimalist front end Javascript framework. • Tailwindcss - highly customizable, low-level CSS framework. • Node.js - open-source JavaScript runtime environment. • VS Code and IntelliJ - the two IDE’s used to write the code [7] [2]. • Github - service for distributed version control [9]. • LaTeX - typesetting system [4]. • Overleaf - online Latex editor and will be used by the team to write all reports [6]. • Trello - project management system and is used for the Kanban board. • Toggl - used for time management [20]. • Slack - used for communications between the team and the Syndis advisors [18]. • Twilio - cloud communications platform used for the short.