Your Ideas on improving CartonCloud

Remove non-super user access to driver databases

Currently the mobile apps allow the user to save their database for debugging purposes. There are two options, one is to save the database on the CC server (and make it accessible for download in the web app), the other one is to export the database. The second options extracts the database from the app and attaches it to an email (iOS) that can be sent off to anyone or exports it to the user's device (Android) to be shared with anyone.

There is an inherent risk with exposing our database structure and the driver's details within, so we want to remove the "export database" option and only allow the upload to the CartonCloud web app. This is required as the driver's databases are heavily used for debugging purposes when any issues occur on the mobile apps.

While developers can use the "Request Database" button on the driver's app history page in the web app, this only triggers an upload when the driver refreshes their consignment page, not instantly.

Additionally, the "Save Database" option should to be moved into the Settings view on the mobile apps, rather than the main menu item list, as it is not a core feature of the app and only used when support request the user to upload the database (at which stage support will walk the user through how to do this).

On the web app, the "App History" tab within the Driver's page should to be hidden from non-super users, preventing tenants' admin users from downloading any drivers' databases. The data in the tab is no value to non-super users and removing the tab will add to the security around who can access a driver's database.

  • Guest
  • Nov 14 2019
  • Shipped
  • Attach files
      Drop here to upload