Repositories should better be associated to a profile #1198
Comments
|
I find it hard to imagine how you managed to pull this off because changing a repository unnoticed seems fairly difficult to me. But we'll keep this issue in mind in case the GUI is changed at some point.
What do you mean by that? |
@real-yfprojects AFAIK backuping content in another repository is as easy as changing "Repository" value using the selectbox, see: This is super easy and there is no second validation/warning of any sort. Considering that pulling down this select box seems to be the only way to list the repositories configured in Vorta, this can really happen inadvertently. With such an easy move, you can leak inadvertanly the full backup of a machine to a 100% external entity.... and you won't remark it quickly probably.
At borgbase, here is how a repository looks like for example |
I think that a click on a wrong entry doesn't go unnoticed. But if you have repo names as the ones from borgbase, I can imagine that one easily selects the wrong one. I would therefore suggest splitting this issue up into two issues regarding
and
|
|
Would be simplest to just add a name field to each repo? Separate from the repo url. I agree that they are not very memorable and cant be changed for technical reasons. There is another issue to associate multiple repos with one profile. So doing a backup to multiple target repos. This would be with checkboxes. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
real-yfprojects
added
type:enhancement
m3nu
added
the
status:planning
|
As a new user I completely misunderstood the profile repository association. I expected the repositories to be linked to a profile. Meaning the backups will be made to all repositories available in the profile, according to the schedule and sources. Apparently only one repository can be linked to a profile. And there is no association between available repositories and the profile. This can be better explained, and reflected in the UI. |
|
What change are you suggesting to better explain this? |
|
What would have helped me: on the repository tab, change of "Repository: " to "Select a repository:". |
I suggest the wording |
|
I think the name "profile" could also be optimized: I think a naming these as “Backup Job” or something like that would be better. From UI perspective:A list on the left side with the "Backup Jobs" (profiles) would help to declutter the UI and enables that the list could show jobs are currently running. For example with an progress bar below the name and a stop button on the right. A play button could also be shown, to instantly start a backup job. If there's a planned backup, the time for the next job could be shown below. |
I had this idea too. It is currently in the planning phase. |
Something really bad (from a security poin of view) happened to me.
I manage backups of multiple organisations via multiple profiles in Vorta.
Unfortunately, it came to the situation where backups from one organisation went to an other.
I believe this happened because the listbox of repositories includes all the repositories (independently of the current profile).
I probably have changed inadvertantly the repository wrongly (there is no userfriendly label and no "save" button either) in a profile and then the schedule made the rest.
To my opinion, we have here a usability weakness which can lead to a really concerning security issue.
The text was updated successfully, but these errors were encountered: