Fix a couple of bugs in settings
1. SettingsFragment wasn't receiving events because it extended BaseFragment rather than BaseEventFragment
2. Removed broken logic for deciding whether to broadcast a SettingsUpdatedEvent
3. Added the namespace to SettingsUpdatedEvent so listeners can decide whether to react
See merge request !97
Transport properties client. #229
This branch moves support for exchanging transport properties from the sync layer to the client layer.
Local properties are stored in an unshared group. When a contact is added, the latest local properties are copied into a group shared with the contact. Whenever the local properties are updated, they're copied into the groups shared with all contacts.
The transport update messages include a unique device ID that prevents collisions between local and remote messages, and will be used in future for multi-device support.
See merge request !80
Identicons
Closes#120. Part of #82.
I pulled in the identicon code because there is no published library, and also because when I used it for Bote I ended up modifying the code somewhat for my purposes; I expect the same to happen here.
I am not sure what information should be used to seed the identicon. I originally thought of using the public key, but that seemed to change the identicon every single page load (obviously the representation wasn't consistent). Then I tried using the `ContactId`, which was fine until I got to adding an identicon to `AuthorView`: activities that use it are only passed (via Intent) a name, not anything else. Hence `AuthorView` identicons are currently inconsistent with the contact list and conversations.
See merge request !51
This commit renames identicons to avatars in field names, and uses an ImageView
derivative to show the identicons, which should make implementing #214 easier.
Navigation drawer (squashed and rebased).
This is @ernir's work on #30 and #181, rebased onto master with recent changes to ConversationActivity and ForumListActivity ported to the respective fragments.
See merge request !75
The method `runOnDbThread()` depends on an executor
that's created by roboguice at startup.
It requires to be signed in, so use a different thread instead.
PanicKit does distinguish between two kinds of panic responses:
* default responses such as logging out which are non-destructive and
do not require user interaction, so that the basics work without
configuration
* destructive responses such as deleting user data. These require
some sort of authentication to make sure they are not triggered
by malicious apps
The second type of responses is implemented with this commit.
Authentication is done by comparing the package name
which is very weak. It requires the user to opt-in to
destructive responses and to configure from which app
to receive those (since there might be many different panic
trigger apps).
While possible to uninstall an app and install one with the same
package name afterwards, this always triggers notifications to
the user (if the attacker does not have root access).
Still that is no sufficient security for Briar's requirements,
so that TrustedIntents are used as well to make sure that the
app sending the destructive trigger is signed by a signing key
that we specified before. Currently, that is the one from the
GuardianProject and from IilabEngineering who does the Amnesty
International Panic App.
The responsibility of checking that the panic TRIGGER is
legitimate lies with the app responding to the trigger, so Briar
in this case. This commit checks whether the TRIGGER comes from
a trusted app before performing destructive actions,
but does perform the default action even when triggered from
untrusted apps.
Closes#210
Transport properties manager facade, key manager refactoring. #112
Refactoring for #112: decouple the invitation and plugin code from the database with a TransportPropertiesManager facade (which will become a BSP client), and move some key management logic from the invitation code to the KeyManager. Update the integration tests to use the new FooManager facades.
See merge request !49
