I think I found a security issue with the database and the user control.
In the settings the option 'Enable database encryption' is greyed out and disabled (See image).
This results in the sqlite database to be freely readable with any db viewer. I would like to encrypt the content of the database so that it's content is safely secured and not freely editable.
The second thing is, that my user role is set to 'publisher', therefore I'm not allowed to see or edit the personal information of the Brothers and Sisters which is a good thing because my role does not allow it. But when I open the underlying database I'm still able to see all the personal information and I can easily edit those. With this I can bypass the set permissions.
If someone unwanted were to get access to the local .sqlite database on my PC or Mobile and it would not be encrypted there would be a dataleak of personal information.
So, that brings me to my questions: How can enable the database encryption for me personally? How can I do this for other users as well? And would it be possible to sync only the required data based on the set user permissions and not everything?
Thanks for your efforts! I'm looking forward to your reply.