the default ruleset for Cloud Storage Encryption (which works fantastically well, btw) sets a user defined encryption password to a fixed string. Is it possible to either randomize this or assign a different password for each user?
yes, you can assign a different password for each user - you only need to be sure that the same password will be used for both encryption & decryption. Potentially you can use a list of MapType to store mapping between user names & associated passwords. In this case, rules to set password could look following way:
Excellent, thanks Alex. How do I make sure the same password is being used for decryption? And do I need to use both conditions in the "set password" rule?
The best way to ensure that the same password is used is to store it in the user-defined property, as it's done already, and it's better if this property should be set in the same ruleset as Encryption & Decryption operations...
In my example I've used 2 rules just to be sure, that some default password will be set if user has no entry in the mapping list - in this case, you could be sure that even if you forget to add user to mapping, he will get some password for encryption.
Ok, I see. That also means I will have to manually add users to the mapping list? Could this list be filled autmatically? Basically I want to "set it and forget it", just making sure that every user gets his own password.
potentially, yes - this could be done automatically, for example, if you'll put this mapping into external list, or something like... You can look to ExtLists.Map property and how to use it is described in documentation.
Ok, but there is no way I could extract the username from the current session and feed it into a list?
I know, I am asking a lot... just curious.
if you're using authentication, then you can use the Authentication.UserName property to get user's name... Or you're referring to name of user on given service?
Yes, we're using authentication. When using Authentication.UserName, how would I fold that into a rule that would accomplish what I need? Sorry, I am very new to the whole MWG thing...
You need to do following:
Condition: Map.HasKey(passwords, Authentication.UserName) equals 'false'
Event: Set user-defined property: Encryption-Password to "some default password if user isn't found"
Condition: Map.HasKey(passwords, Authentication.UserName) equals 'true'
Event: Set user-defined property: Encryption-Password to property Map.GetStringValue(passwords, Authentication.UserName)