Add option for password protected CSV files with Offline Cloud Licensing
Release notes
Customers that utilise offline cloud licensing that must submit license usage data periodically now have the ability to password protect the generated CSV file. When received at the renewals service email address, the encrypted CSV will be decrypted using a password set in the customers portal.
Problem to solve
A Mid-Market Self-Managed Customer has requested in this ticket for the ability to password protect a CSV file when sending it for license usage data calculations. The customer works within a financial institution and is subject to policy requirements that all applicable data be protected by a basic password at minimum.
Proposal
The proposal here is to add an option under the customers portal to view and manage certain features when an offline cloud license has been enabled for a billing account. This includes a new setting option titled Offline license settings:
On this page, an option will be presented to set a password if one does not already exist:
And indicate if a password is set already:
In the backend, we can update app/services/process_license_usage_data_service.rb to:
- Consider if the file received is encrypted. If Yes:
- Call a decryption service. Reference the applicable account's
decryption_passwordvalue, which will be set by the user. - If the decryption is successful, continue with existing logic.
- If the decryption failed, return a custom error indicating the decryption failed and the password may need to be updated.
- Call a decryption service. Reference the applicable account's