mirror of
https://github.com/bitwarden/browser
synced 2025-12-16 08:13:42 +00:00
[PM-12049] Remove usage of ActiveUserState from folder service (#11880)
* Migrated folder service from using active user state to single user state Added extra test cases for encrypted folder and decrypted folders Updated derived state to use decrypt with key * Update callers in the web * Update callers in the browser * Update callers in libs * Update callers in cli * Fixed test * Fixed folder state test * Fixed test * removed duplicate activeUserId * Added takewhile operator to only make calls when userId is present * Simplified to accept a single user id instead of an observable * Required userid to be passed from notification service * [PM-15635] Folders not working on desktop (#12333) * Added folders memory state definition * added decrypted folders state * Refactored service to remove derived state * removed combinedstate and added clear decrypted folders to methods * Fixed test * Fixed issue with editing folder on the desktop app * Fixed test * Changed state name * fixed ts strict issue * fixed ts strict issue * fixed ts strict issue * removed unnecessasry null encrypteed folder check * Handle null folderdata * [PM-16197] "Items with No Folder" shows as a folder to edit name and delete (#12470) * Force redcryption anytime encryption state changes * Fixed text file * revert changes * create new object with nofolder instead of modifying exisiting object * Fixed failing test * switched to use memory-large-object * Fixed ts sctrict issue --------- Co-authored-by: Matt Bishop <mbishop@bitwarden.com> Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
This commit is contained in:
SmithThe4th
GitHub
@@ -150,6 +150,9 @@ export const COLLECTION_DATA = new StateDefinition("collection", "disk", {
|
||||
web: "memory",
|
||||
});
|
||||
export const FOLDER_DISK = new StateDefinition("folder", "disk", { web: "memory" });
|
||||
export const FOLDER_MEMORY = new StateDefinition("decryptedFolders", "memory", {
|
||||
browser: "memory-large-object",
|
||||
});
|
||||
export const VAULT_FILTER_DISK = new StateDefinition("vaultFilter", "disk", {
|
||||
web: "disk-local",
|
||||
});
|
||||
|
||||
@@ -85,18 +85,25 @@ export abstract class CoreSyncService implements SyncService {
|
||||
await this.stateProvider.getUser(userId, LAST_SYNC_DATE).update(() => date);
|
||||
}
|
||||
|
||||
async syncUpsertFolder(notification: SyncFolderNotification, isEdit: boolean): Promise<boolean> {
|
||||
async syncUpsertFolder(
|
||||
notification: SyncFolderNotification,
|
||||
isEdit: boolean,
|
||||
userId: UserId,
|
||||
): Promise<boolean> {
|
||||
this.syncStarted();
|
||||
if (await this.stateService.getIsAuthenticated()) {
|
||||
|
||||
const authStatus = await firstValueFrom(this.authService.authStatusFor$(userId));
|
||||
|
||||
if (authStatus >= AuthenticationStatus.Locked) {
|
||||
try {
|
||||
const localFolder = await this.folderService.get(notification.id);
|
||||
const localFolder = await this.folderService.get(notification.id, userId);
|
||||
if (
|
||||
(!isEdit && localFolder == null) ||
|
||||
(isEdit && localFolder != null && localFolder.revisionDate < notification.revisionDate)
|
||||
) {
|
||||
const remoteFolder = await this.folderApiService.get(notification.id);
|
||||
if (remoteFolder != null) {
|
||||
await this.folderService.upsert(new FolderData(remoteFolder));
|
||||
await this.folderService.upsert(new FolderData(remoteFolder), userId);
|
||||
this.messageSender.send("syncedUpsertedFolder", { folderId: notification.id });
|
||||
return this.syncCompleted(true);
|
||||
}
|
||||
@@ -108,10 +115,13 @@ export abstract class CoreSyncService implements SyncService {
|
||||
return this.syncCompleted(false);
|
||||
}
|
||||
|
||||
async syncDeleteFolder(notification: SyncFolderNotification): Promise<boolean> {
|
||||
async syncDeleteFolder(notification: SyncFolderNotification, userId: UserId): Promise<boolean> {
|
||||
this.syncStarted();
|
||||
if (await this.stateService.getIsAuthenticated()) {
|
||||
await this.folderService.delete(notification.id);
|
||||
|
||||
const authStatus = await firstValueFrom(this.authService.authStatusFor$(userId));
|
||||
|
||||
if (authStatus >= AuthenticationStatus.Locked) {
|
||||
await this.folderService.delete(notification.id, userId);
|
||||
this.messageSender.send("syncedDeletedFolder", { folderId: notification.id });
|
||||
this.syncCompleted(true);
|
||||
return true;
|
||||
|
||||
@@ -56,8 +56,9 @@ export abstract class SyncService {
|
||||
abstract syncUpsertFolder(
|
||||
notification: SyncFolderNotification,
|
||||
isEdit: boolean,
|
||||
userId: UserId,
|
||||
): Promise<boolean>;
|
||||
abstract syncDeleteFolder(notification: SyncFolderNotification): Promise<boolean>;
|
||||
abstract syncDeleteFolder(notification: SyncFolderNotification, userId: UserId): Promise<boolean>;
|
||||
abstract syncUpsertCipher(
|
||||
notification: SyncCipherNotification,
|
||||
isEdit: boolean,
|
||||
|
||||
@@ -168,10 +168,14 @@ export class NotificationsService implements NotificationsServiceAbstraction {
|
||||
await this.syncService.syncUpsertFolder(
|
||||
notification.payload as SyncFolderNotification,
|
||||
notification.type === NotificationType.SyncFolderUpdate,
|
||||
payloadUserId,
|
||||
);
|
||||
break;
|
||||
case NotificationType.SyncFolderDelete:
|
||||
await this.syncService.syncDeleteFolder(notification.payload as SyncFolderNotification);
|
||||
await this.syncService.syncDeleteFolder(
|
||||
notification.payload as SyncFolderNotification,
|
||||
payloadUserId,
|
||||
);
|
||||
break;
|
||||
case NotificationType.SyncVault:
|
||||
case NotificationType.SyncCiphers:
|
||||
|
||||
@@ -334,7 +334,7 @@ describe("VaultTimeoutService", () => {
|
||||
|
||||
// Active users should have additional steps ran
|
||||
expect(searchService.clearIndex).toHaveBeenCalled();
|
||||
expect(folderService.clearCache).toHaveBeenCalled();
|
||||
expect(folderService.clearDecryptedFolderState).toHaveBeenCalled();
|
||||
|
||||
expectUserToHaveLoggedOut("3"); // They have chosen logout as their action and it's available, log them out
|
||||
expectUserToHaveLoggedOut("4"); // They may have had lock as their chosen action but it's not available to them so logout
|
||||
|
||||
@@ -135,10 +135,10 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
|
||||
|
||||
if (userId == null || userId === currentUserId) {
|
||||
await this.searchService.clearIndex();
|
||||
await this.folderService.clearCache();
|
||||
await this.collectionService.clearActiveUserCache();
|
||||
}
|
||||
|
||||
await this.folderService.clearDecryptedFolderState(userId);
|
||||
await this.masterPasswordService.clearMasterKey(lockingUserId);
|
||||
|
||||
await this.stateService.setUserKeyAutoUnlock(null, { userId: lockingUserId });
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
// FIXME: Update this file to be type safe and remove this and next line
|
||||
// @ts-strict-ignore
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
|
||||
import { Folder } from "../../models/domain/folder";
|
||||
import { FolderResponse } from "../../models/response/folder.response";
|
||||
|
||||
export class FolderApiServiceAbstraction {
|
||||
save: (folder: Folder) => Promise<any>;
|
||||
delete: (id: string) => Promise<any>;
|
||||
save: (folder: Folder, userId: UserId) => Promise<any>;
|
||||
delete: (id: string, userId: UserId) => Promise<any>;
|
||||
get: (id: string) => Promise<FolderResponse>;
|
||||
deleteAll: () => Promise<void>;
|
||||
deleteAll: (userId: UserId) => Promise<void>;
|
||||
}
|
||||
|
||||
@@ -13,23 +13,27 @@ import { FolderWithIdRequest } from "../../models/request/folder-with-id.request
|
||||
import { FolderView } from "../../models/view/folder.view";
|
||||
|
||||
export abstract class FolderService implements UserKeyRotationDataProvider<FolderWithIdRequest> {
|
||||
folders$: Observable<Folder[]>;
|
||||
folderViews$: Observable<FolderView[]>;
|
||||
folders$: (userId: UserId) => Observable<Folder[]>;
|
||||
folderViews$: (userId: UserId) => Observable<FolderView[]>;
|
||||
|
||||
clearCache: () => Promise<void>;
|
||||
clearDecryptedFolderState: (userId: UserId) => Promise<void>;
|
||||
encrypt: (model: FolderView, key: SymmetricCryptoKey) => Promise<Folder>;
|
||||
get: (id: string) => Promise<Folder>;
|
||||
getDecrypted$: (id: string) => Observable<FolderView | undefined>;
|
||||
getAllFromState: () => Promise<Folder[]>;
|
||||
get: (id: string, userId: UserId) => Promise<Folder>;
|
||||
getDecrypted$: (id: string, userId: UserId) => Observable<FolderView | undefined>;
|
||||
/**
|
||||
* @deprecated Use firstValueFrom(folders$) directly instead
|
||||
* @param userId The user id
|
||||
* @returns Promise of folders array
|
||||
*/
|
||||
getAllFromState: (userId: UserId) => Promise<Folder[]>;
|
||||
/**
|
||||
* @deprecated Only use in CLI!
|
||||
*/
|
||||
getFromState: (id: string) => Promise<Folder>;
|
||||
getFromState: (id: string, userId: UserId) => Promise<Folder>;
|
||||
/**
|
||||
* @deprecated Only use in CLI!
|
||||
*/
|
||||
getAllDecryptedFromState: () => Promise<FolderView[]>;
|
||||
decryptFolders: (folders: Folder[]) => Promise<FolderView[]>;
|
||||
getAllDecryptedFromState: (userId: UserId) => Promise<FolderView[]>;
|
||||
/**
|
||||
* Returns user folders re-encrypted with the new user key.
|
||||
* @param originalUserKey the original user key
|
||||
@@ -46,8 +50,8 @@ export abstract class FolderService implements UserKeyRotationDataProvider<Folde
|
||||
}
|
||||
|
||||
export abstract class InternalFolderService extends FolderService {
|
||||
upsert: (folder: FolderData | FolderData[]) => Promise<void>;
|
||||
upsert: (folder: FolderData | FolderData[], userId: UserId) => Promise<void>;
|
||||
replace: (folders: { [id: string]: FolderData }, userId: UserId) => Promise<void>;
|
||||
clear: (userId?: string) => Promise<void>;
|
||||
delete: (id: string | string[]) => Promise<any>;
|
||||
clear: (userId: UserId) => Promise<void>;
|
||||
delete: (id: string | string[], userId: UserId) => Promise<any>;
|
||||
}
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
|
||||
import { ApiService } from "../../../abstractions/api.service";
|
||||
import { FolderApiServiceAbstraction } from "../../../vault/abstractions/folder/folder-api.service.abstraction";
|
||||
import { InternalFolderService } from "../../../vault/abstractions/folder/folder.service.abstraction";
|
||||
@@ -12,7 +14,7 @@ export class FolderApiService implements FolderApiServiceAbstraction {
|
||||
private apiService: ApiService,
|
||||
) {}
|
||||
|
||||
async save(folder: Folder): Promise<any> {
|
||||
async save(folder: Folder, userId: UserId): Promise<any> {
|
||||
const request = new FolderRequest(folder);
|
||||
|
||||
let response: FolderResponse;
|
||||
@@ -24,17 +26,17 @@ export class FolderApiService implements FolderApiServiceAbstraction {
|
||||
}
|
||||
|
||||
const data = new FolderData(response);
|
||||
await this.folderService.upsert(data);
|
||||
await this.folderService.upsert(data, userId);
|
||||
}
|
||||
|
||||
async delete(id: string): Promise<any> {
|
||||
async delete(id: string, userId: UserId): Promise<any> {
|
||||
await this.deleteFolder(id);
|
||||
await this.folderService.delete(id);
|
||||
await this.folderService.delete(id, userId);
|
||||
}
|
||||
|
||||
async deleteAll(): Promise<void> {
|
||||
async deleteAll(userId: UserId): Promise<void> {
|
||||
await this.apiService.send("DELETE", "/folders/all", null, true, false);
|
||||
await this.folderService.clear();
|
||||
await this.folderService.clear(userId);
|
||||
}
|
||||
|
||||
async get(id: string): Promise<FolderResponse> {
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
import { mock, MockProxy } from "jest-mock-extended";
|
||||
import { firstValueFrom } from "rxjs";
|
||||
import { BehaviorSubject, firstValueFrom } from "rxjs";
|
||||
|
||||
import { KeyService } from "../../../../../key-management/src/abstractions/key.service";
|
||||
import { makeStaticByteArray } from "../../../../spec";
|
||||
import { makeEncString } from "../../../../spec";
|
||||
import { FakeAccountService, mockAccountServiceWith } from "../../../../spec/fake-account-service";
|
||||
import { FakeActiveUserState } from "../../../../spec/fake-state";
|
||||
import { FakeSingleUserState } from "../../../../spec/fake-state";
|
||||
import { FakeStateProvider } from "../../../../spec/fake-state-provider";
|
||||
import { EncryptService } from "../../../platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "../../../platform/abstractions/i18n.service";
|
||||
@@ -17,7 +17,7 @@ import { CipherService } from "../../abstractions/cipher.service";
|
||||
import { FolderData } from "../../models/data/folder.data";
|
||||
import { FolderView } from "../../models/view/folder.view";
|
||||
import { FolderService } from "../../services/folder/folder.service";
|
||||
import { FOLDER_ENCRYPTED_FOLDERS } from "../key-state/folder.state";
|
||||
import { FOLDER_DECRYPTED_FOLDERS, FOLDER_ENCRYPTED_FOLDERS } from "../key-state/folder.state";
|
||||
|
||||
describe("Folder Service", () => {
|
||||
let folderService: FolderService;
|
||||
@@ -30,7 +30,7 @@ describe("Folder Service", () => {
|
||||
|
||||
const mockUserId = Utils.newGuid() as UserId;
|
||||
let accountService: FakeAccountService;
|
||||
let folderState: FakeActiveUserState<Record<string, FolderData>>;
|
||||
let folderState: FakeSingleUserState<Record<string, FolderData>>;
|
||||
|
||||
beforeEach(() => {
|
||||
keyService = mock<KeyService>();
|
||||
@@ -42,11 +42,9 @@ describe("Folder Service", () => {
|
||||
stateProvider = new FakeStateProvider(accountService);
|
||||
|
||||
i18nService.collator = new Intl.Collator("en");
|
||||
i18nService.t.mockReturnValue("No Folder");
|
||||
|
||||
keyService.hasUserKey.mockResolvedValue(true);
|
||||
keyService.getUserKeyWithLegacySupport.mockResolvedValue(
|
||||
new SymmetricCryptoKey(makeStaticByteArray(32)) as UserKey,
|
||||
);
|
||||
keyService.userKey$.mockReturnValue(new BehaviorSubject("mockOriginalUserKey" as any));
|
||||
encryptService.decryptToUtf8.mockResolvedValue("DEC");
|
||||
|
||||
folderService = new FolderService(
|
||||
@@ -57,10 +55,53 @@ describe("Folder Service", () => {
|
||||
stateProvider,
|
||||
);
|
||||
|
||||
folderState = stateProvider.activeUser.getFake(FOLDER_ENCRYPTED_FOLDERS);
|
||||
folderState = stateProvider.singleUser.getFake(mockUserId, FOLDER_ENCRYPTED_FOLDERS);
|
||||
|
||||
// Initial state
|
||||
folderState.nextState({ "1": folderData("1", "test") });
|
||||
folderState.nextState({ "1": folderData("1") });
|
||||
});
|
||||
|
||||
describe("folders$", () => {
|
||||
it("emits encrypted folders from state", async () => {
|
||||
const folder1 = folderData("1");
|
||||
const folder2 = folderData("2");
|
||||
|
||||
await stateProvider.setUserState(
|
||||
FOLDER_ENCRYPTED_FOLDERS,
|
||||
Object.fromEntries([folder1, folder2].map((f) => [f.id, f])),
|
||||
mockUserId,
|
||||
);
|
||||
|
||||
const result = await firstValueFrom(folderService.folders$(mockUserId));
|
||||
|
||||
expect(result.length).toBe(2);
|
||||
expect(result).toIncludeAllPartialMembers([
|
||||
{ id: "1", name: makeEncString("ENC_STRING_1") },
|
||||
{ id: "2", name: makeEncString("ENC_STRING_2") },
|
||||
]);
|
||||
});
|
||||
});
|
||||
|
||||
describe("folderView$", () => {
|
||||
it("emits decrypted folders from state", async () => {
|
||||
const folder1 = folderData("1");
|
||||
const folder2 = folderData("2");
|
||||
|
||||
await stateProvider.setUserState(
|
||||
FOLDER_ENCRYPTED_FOLDERS,
|
||||
Object.fromEntries([folder1, folder2].map((f) => [f.id, f])),
|
||||
mockUserId,
|
||||
);
|
||||
|
||||
const result = await firstValueFrom(folderService.folderViews$(mockUserId));
|
||||
|
||||
expect(result.length).toBe(3);
|
||||
expect(result).toIncludeAllPartialMembers([
|
||||
{ id: "1", name: "DEC" },
|
||||
{ id: "2", name: "DEC" },
|
||||
{ name: "No Folder" },
|
||||
]);
|
||||
});
|
||||
});
|
||||
|
||||
it("encrypt", async () => {
|
||||
@@ -83,105 +124,83 @@ describe("Folder Service", () => {
|
||||
|
||||
describe("get", () => {
|
||||
it("exists", async () => {
|
||||
const result = await folderService.get("1");
|
||||
const result = await folderService.get("1", mockUserId);
|
||||
|
||||
expect(result).toEqual({
|
||||
id: "1",
|
||||
name: {
|
||||
encryptedString: "test",
|
||||
encryptionType: 0,
|
||||
},
|
||||
name: makeEncString("ENC_STRING_" + 1),
|
||||
revisionDate: null,
|
||||
});
|
||||
});
|
||||
|
||||
it("not exists", async () => {
|
||||
const result = await folderService.get("2");
|
||||
const result = await folderService.get("2", mockUserId);
|
||||
|
||||
expect(result).toBe(undefined);
|
||||
});
|
||||
});
|
||||
|
||||
it("upsert", async () => {
|
||||
await folderService.upsert(folderData("2", "test 2"));
|
||||
await folderService.upsert(folderData("2"), mockUserId);
|
||||
|
||||
expect(await firstValueFrom(folderService.folders$)).toEqual([
|
||||
expect(await firstValueFrom(folderService.folders$(mockUserId))).toEqual([
|
||||
{
|
||||
id: "1",
|
||||
name: {
|
||||
encryptedString: "test",
|
||||
encryptionType: 0,
|
||||
},
|
||||
name: makeEncString("ENC_STRING_" + 1),
|
||||
revisionDate: null,
|
||||
},
|
||||
{
|
||||
id: "2",
|
||||
name: {
|
||||
encryptedString: "test 2",
|
||||
encryptionType: 0,
|
||||
},
|
||||
name: makeEncString("ENC_STRING_" + 2),
|
||||
revisionDate: null,
|
||||
},
|
||||
]);
|
||||
});
|
||||
|
||||
it("replace", async () => {
|
||||
await folderService.replace({ "2": folderData("2", "test 2") }, mockUserId);
|
||||
await folderService.replace({ "4": folderData("4") }, mockUserId);
|
||||
|
||||
expect(await firstValueFrom(folderService.folders$)).toEqual([
|
||||
expect(await firstValueFrom(folderService.folders$(mockUserId))).toEqual([
|
||||
{
|
||||
id: "2",
|
||||
name: {
|
||||
encryptedString: "test 2",
|
||||
encryptionType: 0,
|
||||
},
|
||||
id: "4",
|
||||
name: makeEncString("ENC_STRING_" + 4),
|
||||
revisionDate: null,
|
||||
},
|
||||
]);
|
||||
});
|
||||
|
||||
it("delete", async () => {
|
||||
await folderService.delete("1");
|
||||
await folderService.delete("1", mockUserId);
|
||||
|
||||
expect((await firstValueFrom(folderService.folders$)).length).toBe(0);
|
||||
expect((await firstValueFrom(folderService.folders$(mockUserId))).length).toBe(0);
|
||||
});
|
||||
|
||||
it("clearCache", async () => {
|
||||
await folderService.clearCache();
|
||||
|
||||
expect((await firstValueFrom(folderService.folders$)).length).toBe(1);
|
||||
expect((await firstValueFrom(folderService.folderViews$)).length).toBe(0);
|
||||
});
|
||||
|
||||
describe("clear", () => {
|
||||
describe("clearDecryptedFolderState", () => {
|
||||
it("null userId", async () => {
|
||||
await folderService.clear();
|
||||
|
||||
expect((await firstValueFrom(folderService.folders$)).length).toBe(0);
|
||||
expect((await firstValueFrom(folderService.folderViews$)).length).toBe(0);
|
||||
await expect(folderService.clearDecryptedFolderState(null)).rejects.toThrow(
|
||||
"User ID is required.",
|
||||
);
|
||||
});
|
||||
|
||||
/**
|
||||
* TODO: Fix this test to address the problem where the fakes for the active user state is not
|
||||
* updated as expected
|
||||
*/
|
||||
// it("matching userId", async () => {
|
||||
// stateService.getUserId.mockResolvedValue("1");
|
||||
// await folderService.clear("1" as UserId);
|
||||
it("userId provided", async () => {
|
||||
await folderService.clearDecryptedFolderState(mockUserId);
|
||||
|
||||
// expect((await firstValueFrom(folderService.folders$)).length).toBe(0);
|
||||
// });
|
||||
expect((await firstValueFrom(folderService.folders$(mockUserId))).length).toBe(1);
|
||||
expect(
|
||||
(await firstValueFrom(stateProvider.getUserState$(FOLDER_DECRYPTED_FOLDERS, mockUserId)))
|
||||
.length,
|
||||
).toBe(0);
|
||||
});
|
||||
});
|
||||
|
||||
/**
|
||||
* TODO: Fix this test to address the problem where the fakes for the active user state is not
|
||||
* updated as expected
|
||||
*/
|
||||
// it("mismatching userId", async () => {
|
||||
// await folderService.clear("12" as UserId);
|
||||
it("clear", async () => {
|
||||
await folderService.clear(mockUserId);
|
||||
|
||||
// expect((await firstValueFrom(folderService.folders$)).length).toBe(1);
|
||||
// expect((await firstValueFrom(folderService.folderViews$)).length).toBe(2);
|
||||
// });
|
||||
expect((await firstValueFrom(folderService.folders$(mockUserId))).length).toBe(0);
|
||||
|
||||
const folderViews = await firstValueFrom(folderService.folderViews$(mockUserId));
|
||||
expect(folderViews.length).toBe(1);
|
||||
expect(folderViews[0].id).toBeNull(); // Should be the "No Folder" folder
|
||||
});
|
||||
|
||||
describe("getRotatedData", () => {
|
||||
@@ -207,10 +226,10 @@ describe("Folder Service", () => {
|
||||
});
|
||||
});
|
||||
|
||||
function folderData(id: string, name: string) {
|
||||
function folderData(id: string) {
|
||||
const data = new FolderData({} as any);
|
||||
data.id = id;
|
||||
data.name = name;
|
||||
data.name = makeEncString("ENC_STRING_" + data.id).encryptedString;
|
||||
|
||||
return data;
|
||||
}
|
||||
|
||||
@@ -1,14 +1,14 @@
|
||||
// FIXME: Update this file to be type safe and remove this and next line
|
||||
// @ts-strict-ignore
|
||||
import { Observable, firstValueFrom, map, shareReplay } from "rxjs";
|
||||
import { Observable, Subject, firstValueFrom, map, shareReplay, switchMap, merge } from "rxjs";
|
||||
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
|
||||
import { KeyService } from "../../../../../key-management/src/abstractions/key.service";
|
||||
import { I18nService } from "../../../platform/abstractions/i18n.service";
|
||||
import { Utils } from "../../../platform/misc/utils";
|
||||
import { SymmetricCryptoKey } from "../../../platform/models/domain/symmetric-crypto-key";
|
||||
import { ActiveUserState, DerivedState, StateProvider } from "../../../platform/state";
|
||||
import { StateProvider } from "../../../platform/state";
|
||||
import { UserId } from "../../../types/guid";
|
||||
import { UserKey } from "../../../types/key";
|
||||
import { CipherService } from "../../../vault/abstractions/cipher.service";
|
||||
@@ -21,11 +21,18 @@ import { FolderWithIdRequest } from "../../models/request/folder-with-id.request
|
||||
import { FOLDER_DECRYPTED_FOLDERS, FOLDER_ENCRYPTED_FOLDERS } from "../key-state/folder.state";
|
||||
|
||||
export class FolderService implements InternalFolderServiceAbstraction {
|
||||
folders$: Observable<Folder[]>;
|
||||
folderViews$: Observable<FolderView[]>;
|
||||
/**
|
||||
* Ensures we reuse the same observable stream for each userId rather than
|
||||
* creating a new one on each folderViews$ call.
|
||||
*/
|
||||
private folderViewCache = new Map<UserId, Observable<FolderView[]>>();
|
||||
|
||||
private encryptedFoldersState: ActiveUserState<Record<string, FolderData>>;
|
||||
private decryptedFoldersState: DerivedState<FolderView[]>;
|
||||
/**
|
||||
* Used to force the folderviews$ Observable to re-emit with a provided value.
|
||||
* Required because shareReplay with refCount: false maintains last emission.
|
||||
* Used during cleanup to force emit empty arrays, ensuring stale data isn't retained.
|
||||
*/
|
||||
private forceFolderViews: Record<UserId, Subject<FolderView[]>> = {};
|
||||
|
||||
constructor(
|
||||
private keyService: KeyService,
|
||||
@@ -33,23 +40,44 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
private i18nService: I18nService,
|
||||
private cipherService: CipherService,
|
||||
private stateProvider: StateProvider,
|
||||
) {
|
||||
this.encryptedFoldersState = this.stateProvider.getActive(FOLDER_ENCRYPTED_FOLDERS);
|
||||
this.decryptedFoldersState = this.stateProvider.getDerived(
|
||||
this.encryptedFoldersState.state$,
|
||||
FOLDER_DECRYPTED_FOLDERS,
|
||||
{ folderService: this, keyService: this.keyService },
|
||||
);
|
||||
) {}
|
||||
|
||||
this.folders$ = this.encryptedFoldersState.state$.pipe(
|
||||
map((folderData) => Object.values(folderData).map((f) => new Folder(f))),
|
||||
);
|
||||
folders$(userId: UserId): Observable<Folder[]> {
|
||||
return this.encryptedFoldersState(userId).state$.pipe(
|
||||
map((folders) => {
|
||||
if (folders == null) {
|
||||
return [];
|
||||
}
|
||||
|
||||
this.folderViews$ = this.decryptedFoldersState.state$;
|
||||
return Object.values(folders).map((f) => new Folder(f));
|
||||
}),
|
||||
);
|
||||
}
|
||||
|
||||
async clearCache(): Promise<void> {
|
||||
await this.decryptedFoldersState.forceValue([]);
|
||||
/**
|
||||
* Returns an Observable of decrypted folder views for the given userId.
|
||||
* Uses folderViewCache to maintain a single Observable instance per user,
|
||||
* combining normal folder state updates with forced updates.
|
||||
*/
|
||||
folderViews$(userId: UserId): Observable<FolderView[]> {
|
||||
if (!this.folderViewCache.has(userId)) {
|
||||
if (!this.forceFolderViews[userId]) {
|
||||
this.forceFolderViews[userId] = new Subject<FolderView[]>();
|
||||
}
|
||||
|
||||
const observable = merge(
|
||||
this.forceFolderViews[userId],
|
||||
this.encryptedFoldersState(userId).state$.pipe(
|
||||
switchMap((folderData) => {
|
||||
return this.decryptFolders(userId, folderData);
|
||||
}),
|
||||
),
|
||||
).pipe(shareReplay({ refCount: false, bufferSize: 1 }));
|
||||
|
||||
this.folderViewCache.set(userId, observable);
|
||||
}
|
||||
|
||||
return this.folderViewCache.get(userId);
|
||||
}
|
||||
|
||||
// TODO: This should be moved to EncryptService or something
|
||||
@@ -60,29 +88,29 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
return folder;
|
||||
}
|
||||
|
||||
async get(id: string): Promise<Folder> {
|
||||
const folders = await firstValueFrom(this.folders$);
|
||||
async get(id: string, userId: UserId): Promise<Folder> {
|
||||
const folders = await firstValueFrom(this.folders$(userId));
|
||||
|
||||
return folders.find((folder) => folder.id === id);
|
||||
}
|
||||
|
||||
getDecrypted$(id: string): Observable<FolderView | undefined> {
|
||||
return this.folderViews$.pipe(
|
||||
getDecrypted$(id: string, userId: UserId): Observable<FolderView | undefined> {
|
||||
return this.folderViews$(userId).pipe(
|
||||
map((folders) => folders.find((folder) => folder.id === id)),
|
||||
shareReplay({ refCount: true, bufferSize: 1 }),
|
||||
);
|
||||
}
|
||||
|
||||
async getAllFromState(): Promise<Folder[]> {
|
||||
return await firstValueFrom(this.folders$);
|
||||
async getAllFromState(userId: UserId): Promise<Folder[]> {
|
||||
return await firstValueFrom(this.folders$(userId));
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated For the CLI only
|
||||
* @param id id of the folder
|
||||
*/
|
||||
async getFromState(id: string): Promise<Folder> {
|
||||
const folder = await this.get(id);
|
||||
async getFromState(id: string, userId: UserId): Promise<Folder> {
|
||||
const folder = await this.get(id, userId);
|
||||
if (!folder) {
|
||||
return null;
|
||||
}
|
||||
@@ -93,12 +121,13 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
/**
|
||||
* @deprecated Only use in CLI!
|
||||
*/
|
||||
async getAllDecryptedFromState(): Promise<FolderView[]> {
|
||||
return await firstValueFrom(this.folderViews$);
|
||||
async getAllDecryptedFromState(userId: UserId): Promise<FolderView[]> {
|
||||
return await firstValueFrom(this.folderViews$(userId));
|
||||
}
|
||||
|
||||
async upsert(folderData: FolderData | FolderData[]): Promise<void> {
|
||||
await this.encryptedFoldersState.update((folders) => {
|
||||
async upsert(folderData: FolderData | FolderData[], userId: UserId): Promise<void> {
|
||||
await this.clearDecryptedFolderState(userId);
|
||||
await this.encryptedFoldersState(userId).update((folders) => {
|
||||
if (folders == null) {
|
||||
folders = {};
|
||||
}
|
||||
@@ -120,24 +149,31 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
if (!folders) {
|
||||
return;
|
||||
}
|
||||
|
||||
await this.clearDecryptedFolderState(userId);
|
||||
await this.stateProvider.getUser(userId, FOLDER_ENCRYPTED_FOLDERS).update(() => {
|
||||
const newFolders: Record<string, FolderData> = { ...folders };
|
||||
return newFolders;
|
||||
});
|
||||
}
|
||||
|
||||
async clear(userId?: UserId): Promise<void> {
|
||||
async clearDecryptedFolderState(userId: UserId): Promise<void> {
|
||||
if (userId == null) {
|
||||
await this.encryptedFoldersState.update(() => ({}));
|
||||
await this.decryptedFoldersState.forceValue([]);
|
||||
} else {
|
||||
await this.stateProvider.getUser(userId, FOLDER_ENCRYPTED_FOLDERS).update(() => ({}));
|
||||
throw new Error("User ID is required.");
|
||||
}
|
||||
|
||||
await this.setDecryptedFolders([], userId);
|
||||
}
|
||||
|
||||
async delete(id: string | string[]): Promise<any> {
|
||||
await this.encryptedFoldersState.update((folders) => {
|
||||
async clear(userId: UserId): Promise<void> {
|
||||
this.forceFolderViews[userId]?.next([]);
|
||||
|
||||
await this.encryptedFoldersState(userId).update(() => ({}));
|
||||
await this.clearDecryptedFolderState(userId);
|
||||
}
|
||||
|
||||
async delete(id: string | string[], userId: UserId): Promise<any> {
|
||||
await this.clearDecryptedFolderState(userId);
|
||||
await this.encryptedFoldersState(userId).update((folders) => {
|
||||
if (folders == null) {
|
||||
return;
|
||||
}
|
||||
@@ -164,25 +200,11 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
}
|
||||
}
|
||||
if (updates.length > 0) {
|
||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||
this.cipherService.upsert(updates.map((c) => c.toCipherData()));
|
||||
await this.cipherService.upsert(updates.map((c) => c.toCipherData()));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
async decryptFolders(folders: Folder[]) {
|
||||
const decryptFolderPromises = folders.map((f) => f.decrypt());
|
||||
const decryptedFolders = await Promise.all(decryptFolderPromises);
|
||||
|
||||
decryptedFolders.sort(Utils.getSortFunction(this.i18nService, "name"));
|
||||
|
||||
const noneFolder = new FolderView();
|
||||
noneFolder.name = this.i18nService.t("noneFolder");
|
||||
decryptedFolders.push(noneFolder);
|
||||
return decryptedFolders;
|
||||
}
|
||||
|
||||
async getRotatedData(
|
||||
originalUserKey: UserKey,
|
||||
newUserKey: UserKey,
|
||||
@@ -193,7 +215,7 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
}
|
||||
|
||||
let encryptedFolders: FolderWithIdRequest[] = [];
|
||||
const folders = await firstValueFrom(this.folderViews$);
|
||||
const folders = await firstValueFrom(this.folderViews$(userId));
|
||||
if (!folders) {
|
||||
return encryptedFolders;
|
||||
}
|
||||
@@ -205,4 +227,63 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
);
|
||||
return encryptedFolders;
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrypts the folders for a user.
|
||||
* @param userId the user id
|
||||
* @param folderData encrypted folders
|
||||
* @returns a list of decrypted folders
|
||||
*/
|
||||
private async decryptFolders(
|
||||
userId: UserId,
|
||||
folderData: Record<string, FolderData>,
|
||||
): Promise<FolderView[]> {
|
||||
// Check if the decrypted folders are already cached
|
||||
const decrypted = await firstValueFrom(
|
||||
this.stateProvider.getUser(userId, FOLDER_DECRYPTED_FOLDERS).state$,
|
||||
);
|
||||
if (decrypted?.length) {
|
||||
return decrypted;
|
||||
}
|
||||
|
||||
if (folderData == null) {
|
||||
return [];
|
||||
}
|
||||
|
||||
const folders = Object.values(folderData).map((f) => new Folder(f));
|
||||
const userKey = await firstValueFrom(this.keyService.userKey$(userId));
|
||||
if (!userKey) {
|
||||
return [];
|
||||
}
|
||||
|
||||
const decryptFolderPromises = folders.map((f) =>
|
||||
f.decryptWithKey(userKey, this.encryptService),
|
||||
);
|
||||
const decryptedFolders = await Promise.all(decryptFolderPromises);
|
||||
decryptedFolders.sort(Utils.getSortFunction(this.i18nService, "name"));
|
||||
|
||||
const noneFolder = new FolderView();
|
||||
noneFolder.name = this.i18nService.t("noneFolder");
|
||||
decryptedFolders.push(noneFolder);
|
||||
|
||||
// Cache the decrypted folders
|
||||
await this.setDecryptedFolders(decryptedFolders, userId);
|
||||
return decryptedFolders;
|
||||
}
|
||||
|
||||
/**
|
||||
* @returns a SingleUserState for the encrypted folders.
|
||||
*/
|
||||
private encryptedFoldersState(userId: UserId) {
|
||||
return this.stateProvider.getUser(userId, FOLDER_ENCRYPTED_FOLDERS);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the decrypted folders state for a user.
|
||||
* @param folders the decrypted folders
|
||||
* @param userId the user id
|
||||
*/
|
||||
private async setDecryptedFolders(folders: FolderView[], userId: UserId): Promise<void> {
|
||||
await this.stateProvider.setUserState(FOLDER_DECRYPTED_FOLDERS, folders, userId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,11 +1,3 @@
|
||||
import { mock } from "jest-mock-extended";
|
||||
|
||||
import { KeyService } from "../../../../../key-management/src/abstractions/key.service";
|
||||
import { FolderService } from "../../abstractions/folder/folder.service.abstraction";
|
||||
import { FolderData } from "../../models/data/folder.data";
|
||||
import { Folder } from "../../models/domain/folder";
|
||||
import { FolderView } from "../../models/view/folder.view";
|
||||
|
||||
import { FOLDER_DECRYPTED_FOLDERS, FOLDER_ENCRYPTED_FOLDERS } from "./folder.state";
|
||||
|
||||
describe("encrypted folders", () => {
|
||||
@@ -31,48 +23,32 @@ describe("encrypted folders", () => {
|
||||
});
|
||||
|
||||
describe("derived decrypted folders", () => {
|
||||
const keyService = mock<KeyService>();
|
||||
const folderService = mock<FolderService>();
|
||||
const sut = FOLDER_DECRYPTED_FOLDERS;
|
||||
let data: FolderData;
|
||||
|
||||
beforeEach(() => {
|
||||
data = {
|
||||
id: "id",
|
||||
name: "encName",
|
||||
revisionDate: "2024-01-31T12:00:00.000Z",
|
||||
};
|
||||
it("should deserialize decrypted folders", async () => {
|
||||
const inputObj = [
|
||||
{
|
||||
id: "id",
|
||||
name: "encName",
|
||||
revisionDate: "2024-01-31T12:00:00.000Z",
|
||||
},
|
||||
];
|
||||
|
||||
const expectedFolderView = [
|
||||
{
|
||||
id: "id",
|
||||
name: "encName",
|
||||
revisionDate: new Date("2024-01-31T12:00:00.000Z"),
|
||||
},
|
||||
];
|
||||
|
||||
const result = sut.deserializer(JSON.parse(JSON.stringify(inputObj)));
|
||||
|
||||
expect(result).toEqual(expectedFolderView);
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
jest.resetAllMocks();
|
||||
});
|
||||
|
||||
it("should deserialize encrypted folders", async () => {
|
||||
const inputObj = [data];
|
||||
|
||||
const expectedFolderView = {
|
||||
id: "id",
|
||||
name: "encName",
|
||||
revisionDate: new Date("2024-01-31T12:00:00.000Z"),
|
||||
};
|
||||
|
||||
const result = sut.deserialize(JSON.parse(JSON.stringify(inputObj)));
|
||||
|
||||
expect(result).toEqual([expectedFolderView]);
|
||||
});
|
||||
|
||||
it("should derive encrypted folders", async () => {
|
||||
const folderViewMock = new FolderView(new Folder(data));
|
||||
keyService.hasUserKey.mockResolvedValue(true);
|
||||
folderService.decryptFolders.mockResolvedValue([folderViewMock]);
|
||||
|
||||
const encryptedFoldersState = { id: data };
|
||||
const derivedStateResult = await sut.derive(encryptedFoldersState, {
|
||||
folderService,
|
||||
keyService,
|
||||
});
|
||||
|
||||
expect(derivedStateResult).toEqual([folderViewMock]);
|
||||
it("should handle null input", async () => {
|
||||
const result = sut.deserializer(null);
|
||||
expect(result).toEqual([]);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -1,34 +1,23 @@
|
||||
import { Jsonify } from "type-fest";
|
||||
|
||||
import { KeyService } from "../../../../../key-management/src/abstractions/key.service";
|
||||
import { DeriveDefinition, FOLDER_DISK, UserKeyDefinition } from "../../../platform/state";
|
||||
import { FolderService } from "../../abstractions/folder/folder.service.abstraction";
|
||||
import { FOLDER_DISK, FOLDER_MEMORY, UserKeyDefinition } from "../../../platform/state";
|
||||
import { FolderData } from "../../models/data/folder.data";
|
||||
import { Folder } from "../../models/domain/folder";
|
||||
import { FolderView } from "../../models/view/folder.view";
|
||||
|
||||
export const FOLDER_ENCRYPTED_FOLDERS = UserKeyDefinition.record<FolderData>(
|
||||
FOLDER_DISK,
|
||||
"folders",
|
||||
"folder",
|
||||
{
|
||||
deserializer: (obj: Jsonify<FolderData>) => FolderData.fromJSON(obj),
|
||||
clearOn: ["logout"],
|
||||
},
|
||||
);
|
||||
|
||||
export const FOLDER_DECRYPTED_FOLDERS = DeriveDefinition.from<
|
||||
Record<string, FolderData>,
|
||||
FolderView[],
|
||||
{ folderService: FolderService; keyService: KeyService }
|
||||
>(FOLDER_ENCRYPTED_FOLDERS, {
|
||||
deserializer: (obj) => obj.map((f) => FolderView.fromJSON(f)),
|
||||
derive: async (from, { folderService, keyService }) => {
|
||||
const folders = Object.values(from || {}).map((f) => new Folder(f));
|
||||
|
||||
if (await keyService.hasUserKey()) {
|
||||
return await folderService.decryptFolders(folders);
|
||||
} else {
|
||||
return [];
|
||||
}
|
||||
export const FOLDER_DECRYPTED_FOLDERS = new UserKeyDefinition<FolderView[]>(
|
||||
FOLDER_MEMORY,
|
||||
"decryptedFolders",
|
||||
{
|
||||
deserializer: (obj: Jsonify<FolderView[]>) => obj?.map((f) => FolderView.fromJSON(f)) ?? [],
|
||||
clearOn: ["logout", "lock"],
|
||||
},
|
||||
});
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user