Tools/specify-clearon-conditions (#8596)

* Specify user clear events for event upload * Specify generator clear events * Specify clear events for user send data * Specify generic clear on logout for encrypted secret state * Allow `clearOn`event to be passed into secret state * Match current data persistence rules * Clear ui memory on lock + logout
2025-12-23 03:33:54 +00:00 · 2024-04-08 07:26:22 -05:00
parent 759e48728e
commit 1308b326fd
8 changed files with 64 additions and 35 deletions
--- a/libs/common/src/tools/generator/state/secret-key-definition.spec.ts
+++ b/libs/common/src/tools/generator/state/secret-key-definition.spec.ts
@@ -1,16 +1,17 @@
-import { GENERATOR_DISK } from "../../../platform/state";
+import { GENERATOR_DISK, UserKeyDefinitionOptions } from "../../../platform/state";

 import { SecretClassifier } from "./secret-classifier";
 import { SecretKeyDefinition } from "./secret-key-definition";

 describe("SecretKeyDefinition", () => {
  const classifier = SecretClassifier.allSecret<{ foo: boolean }>();
-  const options = { deserializer: (v: any) => v };
+  const options: UserKeyDefinitionOptions<any> = { deserializer: (v: any) => v, clearOn: [] };

  it("toEncryptedStateKey returns a key", () => {
-    const expectedOptions = {
+    const expectedOptions: UserKeyDefinitionOptions<any> = {
      deserializer: (v: any) => v,
      cleanupDelayMs: 100,
+      clearOn: ["logout", "lock"],
    };
    const definition = SecretKeyDefinition.value(
      GENERATOR_DISK,
@@ -26,6 +27,7 @@ describe("SecretKeyDefinition", () => {
    expect(result.stateDefinition).toEqual(GENERATOR_DISK);
    expect(result.key).toBe("key");
    expect(result.cleanupDelayMs).toBe(expectedOptions.cleanupDelayMs);
+    expect(result.clearOn).toEqual(expectedOptions.clearOn);
    expect(deserializerResult).toBe(expectedDeserializerResult);
  });

--- a/libs/common/src/tools/generator/state/secret-key-definition.ts
+++ b/libs/common/src/tools/generator/state/secret-key-definition.ts
@@ -1,4 +1,4 @@
-import { KeyDefinition, KeyDefinitionOptions } from "../../../platform/state";
+import { UserKeyDefinitionOptions, UserKeyDefinition } from "../../../platform/state";
 // eslint-disable-next-line -- `StateDefinition` used as an argument
 import { StateDefinition } from "../../../platform/state/state-definition";
 import { ClassifiedFormat } from "./classified-format";
@@ -11,7 +11,7 @@ export class SecretKeyDefinition<Outer, Id, Inner extends object, Disclosed, Sec
    readonly stateDefinition: StateDefinition,
    readonly key: string,
    readonly classifier: SecretClassifier<Inner, Disclosed, Secret>,
-    readonly options: KeyDefinitionOptions<Inner>,
+    readonly options: UserKeyDefinitionOptions<Inner>,
    // type erasure is necessary here because typescript doesn't support
    // higher kinded types that generalize over collections. The invariants
    // needed to make this typesafe are maintained by the static factories.
@@ -21,12 +21,14 @@ export class SecretKeyDefinition<Outer, Id, Inner extends object, Disclosed, Sec

  /** Converts the secret key to the `KeyDefinition` used for secret storage. */
  toEncryptedStateKey() {
-    const secretKey = new KeyDefinition<ClassifiedFormat<Id, Disclosed>[]>(
+    const secretKey = new UserKeyDefinition<ClassifiedFormat<Id, Disclosed>[]>(
      this.stateDefinition,
      this.key,
      {
        cleanupDelayMs: this.options.cleanupDelayMs,
        deserializer: (jsonValue) => jsonValue as ClassifiedFormat<Id, Disclosed>[],
+        // Clear encrypted state on logout
+        clearOn: this.options.clearOn,
      },
    );

@@ -45,7 +47,7 @@ export class SecretKeyDefinition<Outer, Id, Inner extends object, Disclosed, Sec
    stateDefinition: StateDefinition,
    key: string,
    classifier: SecretClassifier<Value, Disclosed, Secret>,
-    options: KeyDefinitionOptions<Value>,
+    options: UserKeyDefinitionOptions<Value>,
  ) {
    return new SecretKeyDefinition<Value, void, Value, Disclosed, Secret>(
      stateDefinition,
@@ -69,7 +71,7 @@ export class SecretKeyDefinition<Outer, Id, Inner extends object, Disclosed, Sec
    stateDefinition: StateDefinition,
    key: string,
    classifier: SecretClassifier<Item, Disclosed, Secret>,
-    options: KeyDefinitionOptions<Item>,
+    options: UserKeyDefinitionOptions<Item>,
  ) {
    return new SecretKeyDefinition<Item[], number, Item, Disclosed, Secret>(
      stateDefinition,
@@ -93,7 +95,7 @@ export class SecretKeyDefinition<Outer, Id, Inner extends object, Disclosed, Sec
    stateDefinition: StateDefinition,
    key: string,
    classifier: SecretClassifier<Item, Disclosed, Secret>,
-    options: KeyDefinitionOptions<Item>,
+    options: UserKeyDefinitionOptions<Item>,
  ) {
    return new SecretKeyDefinition<Record<Id, Item>, Id, Item, Disclosed, Secret>(
      stateDefinition,