Content
Updated by Oliver Günther 12 months ago
# User Problem
## User
_What persona, persona segment, or customer type experiences the problem most acutely?_
* Customer
* Project administrators
* Project managers
* Compliance operators
## Problem
_What problem or job does the user have?_
* All files uploaded into OpenProject are required to be scanned for viruses for compliance reasons
## Pain
_What is the primary workaround that users perform that we could remove or replace? Why is it painful?_
* Manual integration of a webhook and calls to the API to remove attachments after they were uploaded
* This is not 100% secure as the webhook and handling is asynchronous. This means the file is already present and visible on the system
# Business Case
##
## Solution
* Initial iteration: Integration of clamav/clamd running as a daemon on a local or remote server
* Scanning of uploaded files after they are uploaded, before they are accessible to other users (e.g., introduction of a state/enum to mark attachments as ready/blocked/etc.)
* Block downloading of attachments that are not yet scanned, but allow access to original author for seamless editing
* Notifications to uploaders if their files have been removed
* Notifications for administrators when files were scanned and removed or quarantined
* Admin UI for notifications of which attachments were being scanned and blocked
## Out of Scope for the MVC
_What should NOT be in the minimal viable change, and can be considered for future iterations? Why? Please order them by importance._
* Integration with an ICAP service
## Differentiation
_What do you believe will differentiate us from the current experience or competitive experiences?_
* It does not differentiate us. It is a legal / compliance requirement for larger institutions
## Next iteration
_What is the next solution that would allow us to release meaningful customer value quickly?_
* Integration to an ICAP service, a standard protocol for content scanning and filtering
# Launch and Growth
## Measures
_How will you know you solved the problem? Please list measurable, quantitative indicators (preferred) or qualitative ways you plan on assessing the solution?_
* We fulfill all MUST and SHOULD requirements of the [BSI OPS1.1.4 measures for virus protection.](https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/IT-GS-Kompendium_Einzel_PDFs_2023/04_OPS_Betrieb/OPS_1_1_4_Schutz_vor_Schadprogrammen_Edition_2023.pdf?__blob=publicationFile&v=3#download=1)
## Messaging
_If you were to write a press release, how would you describe the value to customers?_
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><tbody><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Headline</p></th><td class="op-uc-table--cell"><p class="op-uc-p">OpenProject integrates virus scanning for all uploaded files</p></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">First Paragraph</p></th><td class="op-uc-table--cell"><p class="op-uc-p"></p></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Customer Quote</p></th><td class="op-uc-table--cell"><p class="op-uc-p"></p></td></tr></tbody></table></figure>
## Go to market
_How are you planning on getting this into users' hands?_
# Acceptance criteria
## Administration
* A new attachment menu item is created
* The previous system settings > Attachments item is being moved to that new item
* A subitem "Quarantined attachments" is being added below this new menu node
* Attachments setting are extended with Antivirus settings
* A mode to operate the virus scanning
* Disabled
* ClamAV (local socket)
* ClamAV (remote host)
* When any option other than Disabled is shown, these additional fields are shown
* Host name or Socket for the ClamAV connection
* Action to perform for attachments on which viruses have been found
* **Log:** Only log the information, but do not block the file
* **Quarantine:** Show the file once uploaded, but disallow access to it.
* **Delete:** Delete the file as soon as the virus was found
* Quarantined attachments shows a flat table of all currently quarantined files, restricted to administrators
* Newly quarantined files are showing up there
* Administrators can delete the file or override the virus scanning decision by the system, unless they are the author of the files themselves
## Scanning of attachments
* After uploading of an attachment, or after a direct upload (e.g. S3) is finished, a scanning background job is triggered
* If the background job finds a virus, it will perform these actions depending on the selected action setting
* **Log:** Only log the information, but do not block the file
* **Quarantine:** Keep the file, but prevent users from downloading it. Show the quarantined file under the attachment administration. A journal entry will be added informing users about the quarantining.
* **Delete:** Delete the file as soon as the virus was found. A journal entry will be added informing users about the removal
* The uploaded file is only accessible to the original author until the scan has completed, allowing them to seamlessly use it in e.g., WYSIWYG
* The uploaded files are shown, but are not yet accessible to other users. An error/warning message is returned when the file is not yet downloadable.
## Open questions
* How are setting changes handled. e.g., enabling the antivirus feature? Will existing files be scanned, causing potential delays in accessing these files?
## User
_What persona, persona segment, or customer type experiences the problem most acutely?_
* Customer
* Project administrators
* Project managers
* Compliance operators
## Problem
_What problem or job does the user have?_
* All files uploaded into OpenProject are required to be scanned for viruses for compliance reasons
## Pain
_What is the primary workaround that users perform that we could remove or replace? Why is it painful?_
* Manual integration of a webhook and calls to the API to remove attachments after they were uploaded
* This is not 100% secure as the webhook and handling is asynchronous. This means the file is already present and visible on the system
# Business Case
##
## Solution
* Initial iteration: Integration of clamav/clamd running as a daemon on a local or remote server
* Scanning of uploaded files after they are uploaded, before they are accessible to other users (e.g., introduction of a state/enum to mark attachments as ready/blocked/etc.)
* Block downloading of attachments that are not yet scanned, but allow access to original author for seamless editing
* Notifications to uploaders if their files have been removed
* Notifications for administrators when files were scanned and removed or quarantined
* Admin UI for notifications of which attachments were being scanned and blocked
## Out of Scope for the MVC
_What should NOT be in the minimal viable change, and can be considered for future iterations? Why? Please order them by importance._
* Integration with an ICAP service
## Differentiation
_What do you believe will differentiate us from the current experience or competitive experiences?_
* It does not differentiate us. It is a legal / compliance requirement for larger institutions
## Next iteration
_What is the next solution that would allow us to release meaningful customer value quickly?_
* Integration to an ICAP service, a standard protocol for content scanning and filtering
# Launch and Growth
## Measures
_How will you know you solved the problem? Please list measurable, quantitative indicators (preferred) or qualitative ways you plan on assessing the solution?_
* We fulfill all MUST and SHOULD requirements of the [BSI OPS1.1.4 measures for virus protection.](https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/IT-GS-Kompendium_Einzel_PDFs_2023/04_OPS_Betrieb/OPS_1_1_4_Schutz_vor_Schadprogrammen_Edition_2023.pdf?__blob=publicationFile&v=3#download=1)
## Messaging
_If you were to write a press release, how would you describe the value to customers?_
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><tbody><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Headline</p></th><td class="op-uc-table--cell"><p class="op-uc-p">OpenProject integrates virus scanning for all uploaded files</p></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">First Paragraph</p></th><td class="op-uc-table--cell"><p class="op-uc-p"></p></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Customer Quote</p></th><td class="op-uc-table--cell"><p class="op-uc-p"></p></td></tr></tbody></table></figure>
## Go to market
_How are you planning on getting this into users' hands?_
# Acceptance criteria
## Administration
* A new attachment menu item is created
* The previous system settings > Attachments item is being moved to that new item
* A subitem "Quarantined attachments" is being added below this new menu node
* Attachments setting are extended with Antivirus settings
* A mode to operate the virus scanning
* Disabled
* ClamAV (local socket)
* ClamAV (remote host)
* When any option other than Disabled is shown, these additional fields are shown
* Host name or Socket for the ClamAV connection
* Action to perform for attachments on which viruses have been found
* **Log:** Only log the information, but do not block the file
* **Quarantine:** Show the file once uploaded, but disallow access to it.
* **Delete:** Delete the file as soon as the virus was found
* Quarantined attachments shows a flat table of all currently quarantined files, restricted to administrators
* Newly quarantined files are showing up there
* Administrators can delete the file or override the virus scanning decision by the system, unless they are the author of the files themselves
## Scanning of attachments
* After uploading of an attachment, or after a direct upload (e.g. S3) is finished, a scanning background job is triggered
* If the background job finds a virus, it will perform these actions depending on the selected action setting
* **Log:** Only log the information, but do not block the file
* **Quarantine:** Keep the file, but prevent users from downloading it. Show the quarantined file under the attachment administration. A journal entry will be added informing users about the quarantining.
* **Delete:** Delete the file as soon as the virus was found. A journal entry will be added informing users about the removal
* The uploaded file is only accessible to the original author until the scan has completed, allowing them to seamlessly use it in e.g., WYSIWYG
* The uploaded files are shown, but are not yet accessible to other users. An error/warning message is returned when the file is not yet downloadable.
## Open questions
* How are setting changes handled. e.g., enabling the antivirus feature? Will existing files be scanned, causing potential delays in accessing these files?