Hi,
I saw there is two functions cp_encrypt and cp_decrypt that can be used to encrypt/decrypt.
Then whe a user create notes, contact or task (and later mindmap) this creator can decide which field must be encrypted. In this case this kind of data will always protected even if somebody have a look to the database. And when a user (lower/upper level) don't have accreditation he can't not see this content.
Then a user receive a level in the hierarchy and receive an accreditation to see some kinds of data. In fact a member of my office is not able to see some data content. By example the phone number of a specific company. Simply due to the fact he is a secretary and I am a ressource manager (by example).
Don't forget that the only encryptable data are :
- notes,
- contact (the creator decide which field must be encrypted),
- tasks (the creator decide which field must be encrypted),
- mindmap (the creator decide which field must be encrypted) when available.
Except the administrator, nobody else the creator can decide if a field must or not be encrypted.
With pleasure to see the next opengoo version with those new specifications.
If you need more explanation concerning my idea I shared to you I am there to tell you more.
Have a nice day,
Miguipda ;-)