I think, a lot of people will celebrate this plugin
While not being able to test it, does the plugin also offer to ask for the password when Joplin starts?
Just for information, the data itself will still sit in plaintext on the disk, so even if Joplin cannot access it, it's still possible to view it by opening the database with an SQLite browser.
I still think this kind of plugin is useful in some situations (such as preventing access to a non-technical user) but maybe this should still be mentioned in the readme so that users know what to expect.
I do agree that it needs to be made clear that the app is not actually locked, there is just a panel obstructing the view.
From my brief test I saw that the main menu bar is still active so whilst the lock panel is there you can still export all the notes and resources. Also you can File > Quit Joplin and when the app is restarted the lock panel is gone and only reappears again after the inactivity period. Also, you can also access all of Joplin's settings. This even allowed me to remove the "lock" password so that after a restart the "lock" never activated again, or completely disable the plugin itself.
Thanks for your advice. I had updated the readme of this plugin to explain that this plugin can only lock Joplin screen, can't encrypt and protect user's note data.
I had updated the readme of this plugin to explain that this plugin can only lock Joplin screen, can't encrypt and protect user's note data. This plugin's purpose is preventing others view your note or your screen directly.
But it cannot disable the main toolbar. Calling this plugin a "lock" implies some kind of security and this plugin actually provides little. All I am suggesting is that you call the app what it is so people know what they are downloading.
I see a use for a version of this plugin as, say, a "Privacy Screen".
Scenario: You have a large monitor or multi-monitor setup. You have Joplin open on one screen and you are not currently using it as you are working on something else. Someone stands behind you and chats about what you are working on, all the time being able to read the note Joplin is displaying along with the note and notebook titles.
Usage: This plugin could be used to obscure that information, like it does now, after a set period of inactivity. It does not even need a password, just a button to remove it when you want to use Joplin again.
As a protection for your notes when away from your system this plugin currently lacks capability. As a counter-measure to "shoulder-surfing" when you are still using your machine but not using Joplin, it has a useful purpose.
What you have created has value to Joplin users. It is fantastic and appreciated when someone, like yourself, with the skills and the time to create something for Joplin, does so and offers it to other users. It just has to try to deliver what it promises and with data security that is a VERY high bar to reach. Advertised as a simple password-less inactivity privacy screen, I would use it. As an app lock, no, because it isn't.
Didn't know that was a "Joplin" plugin. On all my applications the button sits in the upper right corner of my application's window. It's the one that looks like a dash. Beside it are two more, one looks like a square and the other is the "super-lock" that looks like an "X". The "Super-lock" button on mine turns red when the mouse hovers over it and makes it impossible for anybody to see what is there once it is clicked.