tests: vaults-2 (#2368)
This commit is contained in:
Mo
@@ -2,24 +2,24 @@ import { ItemsKeyMutator } from '@standardnotes/encryption'
|
||||
import { MutatorClientInterface } from '../../../Mutator/MutatorClientInterface'
|
||||
import { ItemManagerInterface } from '../../../Item/ItemManagerInterface'
|
||||
import { CreateNewDefaultItemsKey } from './CreateNewDefaultItemsKey'
|
||||
import { RemoveItemsLocally } from '../../../UseCase/RemoveItemsLocally'
|
||||
import { DiscardItemsLocally } from '../../../UseCase/DiscardItemsLocally'
|
||||
import { FindDefaultItemsKey } from './FindDefaultItemsKey'
|
||||
|
||||
export class CreateNewItemsKeyWithRollback {
|
||||
constructor(
|
||||
private mutator: MutatorClientInterface,
|
||||
private items: ItemManagerInterface,
|
||||
private createDefaultItemsKey: CreateNewDefaultItemsKey,
|
||||
private removeItemsLocally: RemoveItemsLocally,
|
||||
private findDefaultItemsKey: FindDefaultItemsKey,
|
||||
private _createDefaultItemsKey: CreateNewDefaultItemsKey,
|
||||
private _discardItemsLocally: DiscardItemsLocally,
|
||||
private _findDefaultItemsKey: FindDefaultItemsKey,
|
||||
) {}
|
||||
|
||||
async execute(): Promise<() => Promise<void>> {
|
||||
const currentDefaultItemsKey = this.findDefaultItemsKey.execute(this.items.getDisplayableItemsKeys()).getValue()
|
||||
const newDefaultItemsKey = await this.createDefaultItemsKey.execute()
|
||||
const currentDefaultItemsKey = this._findDefaultItemsKey.execute(this.items.getDisplayableItemsKeys()).getValue()
|
||||
const newDefaultItemsKey = await this._createDefaultItemsKey.execute()
|
||||
|
||||
const rollback = async () => {
|
||||
await this.removeItemsLocally.execute([newDefaultItemsKey])
|
||||
await this._discardItemsLocally.execute([newDefaultItemsKey])
|
||||
|
||||
if (currentDefaultItemsKey) {
|
||||
await this.mutator.changeItem<ItemsKeyMutator>(currentDefaultItemsKey, (mutator) => {
|
||||
|
||||
@@ -80,7 +80,7 @@ export interface ItemManagerInterface extends AbstractService {
|
||||
): T[]
|
||||
subItemsMatchingPredicates<T extends DecryptedItemInterface>(items: T[], predicates: PredicateInterface<T>[]): T[]
|
||||
removeAllItemsFromMemory(): Promise<void>
|
||||
removeItemsLocally(items: AnyItemInterface[]): void
|
||||
removeItemsFromMemory(items: AnyItemInterface[]): void
|
||||
getDirtyItems(): (DecryptedItemInterface | DeletedItemInterface)[]
|
||||
getTagLongTitle(tag: SNTag): string
|
||||
getSortedTagsForItem(item: DecryptedItemInterface<ItemContent>): SNTag[]
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import { RemoveItemsFromMemory } from './../Storage/UseCase/RemoveItemsFromMemory'
|
||||
import { InternalEventHandlerInterface } from './../Internal/InternalEventHandlerInterface'
|
||||
import { MutatorClientInterface } from './../Mutator/MutatorClientInterface'
|
||||
import { ApplicationStage } from './../Application/ApplicationStage'
|
||||
@@ -36,11 +37,20 @@ export class KeySystemKeyManager
|
||||
private readonly items: ItemManagerInterface,
|
||||
private readonly mutator: MutatorClientInterface,
|
||||
private readonly storage: StorageServiceInterface,
|
||||
private readonly _removeItemsFromMemory: RemoveItemsFromMemory,
|
||||
eventBus: InternalEventBusInterface,
|
||||
) {
|
||||
super(eventBus)
|
||||
}
|
||||
|
||||
public override deinit(): void {
|
||||
;(this.items as unknown) = undefined
|
||||
;(this.mutator as unknown) = undefined
|
||||
;(this.storage as unknown) = undefined
|
||||
;(this._removeItemsFromMemory as unknown) = undefined
|
||||
super.deinit()
|
||||
}
|
||||
|
||||
async handleEvent(event: InternalEventInterface): Promise<void> {
|
||||
if (event.type === ApplicationEvent.ApplicationStageChanged) {
|
||||
const stage = (event.payload as ApplicationStageChangedEventPayload).stage
|
||||
@@ -60,9 +70,28 @@ export class KeySystemKeyManager
|
||||
const keyPayloads = keyRawPayloads.map((rawPayload) => new DecryptedPayload<KeySystemRootKeyContent>(rawPayload))
|
||||
|
||||
const keys = keyPayloads.map((payload) => new KeySystemRootKey(payload))
|
||||
keys.forEach((key) => {
|
||||
|
||||
for (const key of keys) {
|
||||
this.rootKeyMemoryCache[key.systemIdentifier] = key
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
public getRootKeyFromStorageForVault(
|
||||
keySystemIdentifier: KeySystemIdentifier,
|
||||
): KeySystemRootKeyInterface | undefined {
|
||||
const payload = this.storage.getValue<DecryptedTransferPayload<KeySystemRootKeyContent>>(
|
||||
this.storageKeyForRootKey(keySystemIdentifier),
|
||||
)
|
||||
|
||||
if (!payload) {
|
||||
return undefined
|
||||
}
|
||||
|
||||
const keyPayload = new DecryptedPayload<KeySystemRootKeyContent>(payload)
|
||||
|
||||
const key = new KeySystemRootKey(keyPayload)
|
||||
|
||||
return key
|
||||
}
|
||||
|
||||
private storageKeyForRootKey(systemIdentifier: KeySystemIdentifier): string {
|
||||
@@ -73,17 +102,14 @@ export class KeySystemKeyManager
|
||||
* When the key system root key changes, we must re-encrypt all vault items keys
|
||||
* with this new key system root key (by simply re-syncing).
|
||||
*/
|
||||
public async reencryptKeySystemItemsKeysForVault(keySystemIdentifier: KeySystemIdentifier): Promise<void> {
|
||||
public async queueVaultItemsKeysForReencryption(keySystemIdentifier: KeySystemIdentifier): Promise<void> {
|
||||
const keySystemItemsKeys = this.getKeySystemItemsKeys(keySystemIdentifier)
|
||||
if (keySystemItemsKeys.length > 0) {
|
||||
await this.mutator.setItemsDirty(keySystemItemsKeys)
|
||||
}
|
||||
}
|
||||
|
||||
public intakeNonPersistentKeySystemRootKey(
|
||||
key: KeySystemRootKeyInterface,
|
||||
storage: KeySystemRootKeyStorageMode,
|
||||
): void {
|
||||
public cacheKey(key: KeySystemRootKeyInterface, storage: KeySystemRootKeyStorageMode): void {
|
||||
this.rootKeyMemoryCache[key.systemIdentifier] = key
|
||||
|
||||
if (storage === KeySystemRootKeyStorageMode.Local) {
|
||||
@@ -91,7 +117,7 @@ export class KeySystemKeyManager
|
||||
}
|
||||
}
|
||||
|
||||
public undoIntakeNonPersistentKeySystemRootKey(systemIdentifier: KeySystemIdentifier): void {
|
||||
public removeKeyFromCache(systemIdentifier: KeySystemIdentifier): void {
|
||||
delete this.rootKeyMemoryCache[systemIdentifier]
|
||||
void this.storage.removeValue(this.storageKeyForRootKey(systemIdentifier))
|
||||
}
|
||||
@@ -100,11 +126,11 @@ export class KeySystemKeyManager
|
||||
return this.items.getItems(ContentType.TYPES.KeySystemRootKey)
|
||||
}
|
||||
|
||||
public clearMemoryOfKeysRelatedToVault(vault: VaultListingInterface): void {
|
||||
public async wipeVaultKeysFromMemory(vault: VaultListingInterface): Promise<void> {
|
||||
delete this.rootKeyMemoryCache[vault.systemIdentifier]
|
||||
|
||||
const itemsKeys = this.getKeySystemItemsKeys(vault.systemIdentifier)
|
||||
this.items.removeItemsLocally(itemsKeys)
|
||||
await this._removeItemsFromMemory.execute(itemsKeys)
|
||||
}
|
||||
|
||||
public getSyncedKeySystemRootKeysForVault(systemIdentifier: KeySystemIdentifier): KeySystemRootKeyInterface[] {
|
||||
@@ -131,19 +157,6 @@ export class KeySystemKeyManager
|
||||
await this.mutator.setItemsToBeDeleted(keys)
|
||||
}
|
||||
|
||||
public getKeySystemRootKeyWithToken(
|
||||
systemIdentifier: KeySystemIdentifier,
|
||||
rootKeyToken: string,
|
||||
): KeySystemRootKeyInterface | undefined {
|
||||
const keys = this.getAllKeySystemRootKeysForVault(systemIdentifier).filter((key) => key.token === rootKeyToken)
|
||||
|
||||
if (keys.length > 1) {
|
||||
throw new Error('Multiple synced key system root keys found for token')
|
||||
}
|
||||
|
||||
return keys[0]
|
||||
}
|
||||
|
||||
public getPrimaryKeySystemRootKey(systemIdentifier: KeySystemIdentifier): KeySystemRootKeyInterface | undefined {
|
||||
const keys = this.getAllKeySystemRootKeysForVault(systemIdentifier)
|
||||
|
||||
|
||||
@@ -16,17 +16,13 @@ export interface KeySystemKeyManagerInterface {
|
||||
getAllKeySystemRootKeysForVault(systemIdentifier: KeySystemIdentifier): KeySystemRootKeyInterface[]
|
||||
getSyncedKeySystemRootKeysForVault(systemIdentifier: KeySystemIdentifier): KeySystemRootKeyInterface[]
|
||||
getAllSyncedKeySystemRootKeys(): KeySystemRootKeyInterface[]
|
||||
getKeySystemRootKeyWithToken(
|
||||
systemIdentifier: KeySystemIdentifier,
|
||||
keyIdentifier: string,
|
||||
): KeySystemRootKeyInterface | undefined
|
||||
getPrimaryKeySystemRootKey(systemIdentifier: KeySystemIdentifier): KeySystemRootKeyInterface | undefined
|
||||
reencryptKeySystemItemsKeysForVault(keySystemIdentifier: KeySystemIdentifier): Promise<void>
|
||||
queueVaultItemsKeysForReencryption(keySystemIdentifier: KeySystemIdentifier): Promise<void>
|
||||
|
||||
intakeNonPersistentKeySystemRootKey(key: KeySystemRootKeyInterface, storage: KeySystemRootKeyStorageMode): void
|
||||
undoIntakeNonPersistentKeySystemRootKey(systemIdentifier: KeySystemIdentifier): void
|
||||
cacheKey(key: KeySystemRootKeyInterface, storage: KeySystemRootKeyStorageMode): void
|
||||
removeKeyFromCache(systemIdentifier: KeySystemIdentifier): void
|
||||
|
||||
clearMemoryOfKeysRelatedToVault(vault: VaultListingInterface): void
|
||||
wipeVaultKeysFromMemory(vault: VaultListingInterface): Promise<void>
|
||||
deleteNonPersistentSystemRootKeysForVault(systemIdentifier: KeySystemIdentifier): Promise<void>
|
||||
deleteAllSyncedKeySystemRootKeys(systemIdentifier: KeySystemIdentifier): Promise<void>
|
||||
}
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import { DiscardItemsLocally } from './../UseCase/DiscardItemsLocally'
|
||||
import { InternalEventBusInterface } from './../Internal/InternalEventBusInterface'
|
||||
import { GetOwnedSharedVaults } from './UseCase/GetOwnedSharedVaults'
|
||||
import { IsVaultOwner } from './../VaultUser/UseCase/IsVaultOwner'
|
||||
@@ -42,6 +43,7 @@ describe('SharedVaultService', () => {
|
||||
const convertToSharedVault = {} as jest.Mocked<ConvertToSharedVault>
|
||||
const deleteSharedVaultUseCase = {} as jest.Mocked<DeleteSharedVault>
|
||||
const isVaultAdmin = {} as jest.Mocked<IsVaultOwner>
|
||||
const discardItemsLocally = {} as jest.Mocked<DiscardItemsLocally>
|
||||
|
||||
const eventBus = {} as jest.Mocked<InternalEventBusInterface>
|
||||
eventBus.addEventHandler = jest.fn()
|
||||
@@ -62,6 +64,7 @@ describe('SharedVaultService', () => {
|
||||
convertToSharedVault,
|
||||
deleteSharedVaultUseCase,
|
||||
isVaultAdmin,
|
||||
discardItemsLocally,
|
||||
eventBus,
|
||||
)
|
||||
})
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import { DiscardItemsLocally } from './../UseCase/DiscardItemsLocally'
|
||||
import { UserKeyPairChangedEventData } from './../Session/UserKeyPairChangedEventData'
|
||||
import { ClientDisplayableError, UserEventType } from '@standardnotes/responses'
|
||||
import {
|
||||
@@ -55,6 +56,7 @@ export class SharedVaultService
|
||||
private _convertToSharedVault: ConvertToSharedVault,
|
||||
private _deleteSharedVault: DeleteSharedVault,
|
||||
private _isVaultAdmin: IsVaultOwner,
|
||||
private _discardItemsLocally: DiscardItemsLocally,
|
||||
eventBus: InternalEventBusInterface,
|
||||
) {
|
||||
super(eventBus)
|
||||
@@ -132,7 +134,7 @@ export class SharedVaultService
|
||||
case UserEventType.SharedVaultItemRemoved: {
|
||||
const item = this.items.findItem(event.eventPayload.itemUuid)
|
||||
if (item) {
|
||||
this.items.removeItemsLocally([item])
|
||||
void this._discardItemsLocally.execute([item])
|
||||
}
|
||||
break
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ import { SyncServiceInterface } from './../../Sync/SyncServiceInterface'
|
||||
import { ItemManagerInterface } from '../../Item/ItemManagerInterface'
|
||||
import { AnyItemInterface, VaultListingInterface } from '@standardnotes/models'
|
||||
import { MutatorClientInterface } from '../../Mutator/MutatorClientInterface'
|
||||
import { RemoveItemsLocally } from '../../UseCase/RemoveItemsLocally'
|
||||
import { DiscardItemsLocally } from '../../UseCase/DiscardItemsLocally'
|
||||
import { KeySystemKeyManagerInterface } from '../../KeySystem/KeySystemKeyManagerInterface'
|
||||
|
||||
export class DeleteThirdPartyVault {
|
||||
@@ -11,7 +11,7 @@ export class DeleteThirdPartyVault {
|
||||
private mutator: MutatorClientInterface,
|
||||
private keys: KeySystemKeyManagerInterface,
|
||||
private sync: SyncServiceInterface,
|
||||
private removeItemsLocally: RemoveItemsLocally,
|
||||
private _discardItemsLocally: DiscardItemsLocally,
|
||||
) {}
|
||||
|
||||
async execute(vault: VaultListingInterface): Promise<void> {
|
||||
@@ -33,7 +33,7 @@ export class DeleteThirdPartyVault {
|
||||
|
||||
const itemsKeys = this.keys.getKeySystemItemsKeys(vault.systemIdentifier)
|
||||
|
||||
await this.removeItemsLocally.execute([...vaultItems, ...itemsKeys])
|
||||
await this._discardItemsLocally.execute([...vaultItems, ...itemsKeys])
|
||||
}
|
||||
|
||||
private async deleteDataOwnedByThisUser(vault: VaultListingInterface): Promise<void> {
|
||||
|
||||
@@ -14,14 +14,17 @@ export interface StorageServiceInterface {
|
||||
getAllKeys(mode?: StorageValueModes): string[]
|
||||
getValue<T>(key: string, mode?: StorageValueModes, defaultValue?: T): T
|
||||
canDecryptWithKey(key: RootKeyInterface): Promise<boolean>
|
||||
savePayload(payload: PayloadInterface): Promise<void>
|
||||
savePayloads(decryptedPayloads: PayloadInterface[]): Promise<void>
|
||||
setValue<T>(key: string, value: T, mode?: StorageValueModes): void
|
||||
removeValue(key: string, mode?: StorageValueModes): Promise<void>
|
||||
setPersistencePolicy(persistencePolicy: StoragePersistencePolicies): Promise<void>
|
||||
clearAllData(): Promise<void>
|
||||
|
||||
getRawPayloads(uuids: string[]): Promise<FullyFormedTransferPayload[]>
|
||||
savePayload(payload: PayloadInterface): Promise<void>
|
||||
savePayloads(decryptedPayloads: PayloadInterface[]): Promise<void>
|
||||
deletePayloads(payloads: FullyFormedPayloadInterface[]): Promise<void>
|
||||
deletePayloadsWithUuids(uuids: string[]): Promise<void>
|
||||
|
||||
clearAllPayloads(): Promise<void>
|
||||
isEphemeralSession(): boolean
|
||||
}
|
||||
|
||||
@@ -0,0 +1,48 @@
|
||||
import { RemoveItemsFromMemory } from './RemoveItemsFromMemory'
|
||||
import { ItemManagerInterface } from '../../Item/ItemManagerInterface'
|
||||
import { StorageServiceInterface } from '../StorageServiceInterface'
|
||||
import { PayloadManagerInterface } from '../../Payloads/PayloadManagerInterface'
|
||||
import { PayloadEmitSource, DecryptedItemInterface } from '@standardnotes/models'
|
||||
import { Uuids } from '@standardnotes/utils'
|
||||
|
||||
describe('RemoveItemsFromMemory', () => {
|
||||
let storage: StorageServiceInterface
|
||||
let items: ItemManagerInterface
|
||||
let payloads: PayloadManagerInterface
|
||||
let removeItemsFromMemory: RemoveItemsFromMemory
|
||||
|
||||
beforeEach(() => {
|
||||
storage = {
|
||||
getRawPayloads: jest.fn().mockImplementation(() => Promise.resolve([])),
|
||||
} as unknown as StorageServiceInterface
|
||||
|
||||
items = {
|
||||
removeItemsFromMemory: jest.fn(),
|
||||
} as unknown as ItemManagerInterface
|
||||
|
||||
payloads = {
|
||||
emitPayloads: jest.fn().mockImplementation(() => Promise.resolve()),
|
||||
} as unknown as PayloadManagerInterface
|
||||
|
||||
removeItemsFromMemory = new RemoveItemsFromMemory(storage, items, payloads)
|
||||
})
|
||||
|
||||
it('should execute removeItemsFromMemory use case correctly', async () => {
|
||||
const testItems: DecryptedItemInterface[] = [
|
||||
<DecryptedItemInterface>{
|
||||
uuid: 'uuid1',
|
||||
content_type: 'type1',
|
||||
},
|
||||
<DecryptedItemInterface>{
|
||||
uuid: 'uuid2',
|
||||
content_type: 'type2',
|
||||
},
|
||||
]
|
||||
|
||||
await removeItemsFromMemory.execute(testItems)
|
||||
|
||||
expect(items.removeItemsFromMemory).toHaveBeenCalledWith(testItems)
|
||||
expect(storage.getRawPayloads).toHaveBeenCalledWith(Uuids(testItems))
|
||||
expect(payloads.emitPayloads).toHaveBeenCalledWith([], PayloadEmitSource.LocalDatabaseLoaded)
|
||||
})
|
||||
})
|
||||
@@ -0,0 +1,26 @@
|
||||
import { ItemManagerInterface } from '../../Item/ItemManagerInterface'
|
||||
import { Result, UseCaseInterface } from '@standardnotes/domain-core'
|
||||
import { StorageServiceInterface } from '../StorageServiceInterface'
|
||||
import { CreatePayload, DecryptedItemInterface, PayloadEmitSource, PayloadSource } from '@standardnotes/models'
|
||||
import { Uuids } from '@standardnotes/utils'
|
||||
import { PayloadManagerInterface } from '../../Payloads/PayloadManagerInterface'
|
||||
|
||||
export class RemoveItemsFromMemory implements UseCaseInterface<void> {
|
||||
constructor(
|
||||
private storage: StorageServiceInterface,
|
||||
private items: ItemManagerInterface,
|
||||
private payloads: PayloadManagerInterface,
|
||||
) {}
|
||||
|
||||
async execute(items: DecryptedItemInterface[]): Promise<Result<void>> {
|
||||
this.items.removeItemsFromMemory(items)
|
||||
|
||||
const rawPayloads = await this.storage.getRawPayloads(Uuids(items))
|
||||
|
||||
const encryptedPayloads = rawPayloads.map((payload) => CreatePayload(payload, PayloadSource.LocalDatabaseLoaded))
|
||||
|
||||
await this.payloads.emitPayloads(encryptedPayloads, PayloadEmitSource.LocalDatabaseLoaded)
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
}
|
||||
@@ -3,11 +3,11 @@ import { ItemManagerInterface } from '../Item/ItemManagerInterface'
|
||||
import { AnyItemInterface } from '@standardnotes/models'
|
||||
import { Uuids } from '@standardnotes/utils'
|
||||
|
||||
export class RemoveItemsLocally {
|
||||
export class DiscardItemsLocally {
|
||||
constructor(private readonly items: ItemManagerInterface, private readonly storage: StorageServiceInterface) {}
|
||||
|
||||
async execute(items: AnyItemInterface[]): Promise<void> {
|
||||
this.items.removeItemsLocally(items)
|
||||
this.items.removeItemsFromMemory(items)
|
||||
|
||||
await this.storage.deletePayloadsWithUuids(Uuids(items))
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import { MutatorClientInterface, SyncServiceInterface } from '@standardnotes/services'
|
||||
import {
|
||||
KeySystemRootKeyPasswordType,
|
||||
KeySystemPasswordType,
|
||||
KeySystemRootKeyStorageMode,
|
||||
VaultListingInterface,
|
||||
VaultListingMutator,
|
||||
@@ -9,8 +9,9 @@ import { ChangeVaultKeyOptionsDTO } from './ChangeVaultKeyOptionsDTO'
|
||||
import { GetVault } from './GetVault'
|
||||
import { EncryptionProviderInterface } from '../../Encryption/EncryptionProviderInterface'
|
||||
import { KeySystemKeyManagerInterface } from '../../KeySystem/KeySystemKeyManagerInterface'
|
||||
import { Result, UseCaseInterface } from '@standardnotes/domain-core'
|
||||
|
||||
export class ChangeVaultKeyOptions {
|
||||
export class ChangeVaultKeyOptions implements UseCaseInterface<void> {
|
||||
constructor(
|
||||
private mutator: MutatorClientInterface,
|
||||
private sync: SyncServiceInterface,
|
||||
@@ -19,59 +20,101 @@ export class ChangeVaultKeyOptions {
|
||||
private getVault: GetVault,
|
||||
) {}
|
||||
|
||||
async execute(dto: ChangeVaultKeyOptionsDTO): Promise<void> {
|
||||
const useStorageMode = dto.newKeyStorageMode ?? dto.vault.keyStorageMode
|
||||
|
||||
async execute(dto: ChangeVaultKeyOptionsDTO): Promise<Result<void>> {
|
||||
if (dto.newPasswordType) {
|
||||
if (dto.vault.keyPasswordType === dto.newPasswordType.passwordType) {
|
||||
throw new Error('Vault password type is already set to this type')
|
||||
}
|
||||
|
||||
if (dto.newPasswordType.passwordType === KeySystemRootKeyPasswordType.UserInputted) {
|
||||
if (!dto.newPasswordType.userInputtedPassword) {
|
||||
throw new Error('User inputted password is required')
|
||||
}
|
||||
await this.changePasswordTypeToUserInputted(dto.vault, dto.newPasswordType.userInputtedPassword, useStorageMode)
|
||||
} else if (dto.newPasswordType.passwordType === KeySystemRootKeyPasswordType.Randomized) {
|
||||
await this.changePasswordTypeToRandomized(dto.vault, useStorageMode)
|
||||
const result = await this.handleNewPasswordType(dto)
|
||||
if (result.isFailed()) {
|
||||
return result
|
||||
}
|
||||
}
|
||||
|
||||
if (dto.newKeyStorageMode) {
|
||||
const result = this.getVault.execute({ keySystemIdentifier: dto.vault.systemIdentifier })
|
||||
|
||||
if (dto.newStorageMode) {
|
||||
const result = await this.handleNewStorageMode(dto)
|
||||
if (result.isFailed()) {
|
||||
throw new Error('Vault not found')
|
||||
}
|
||||
|
||||
const latestVault = result.getValue()
|
||||
|
||||
if (latestVault.rootKeyParams.passwordType !== KeySystemRootKeyPasswordType.UserInputted) {
|
||||
throw new Error('Vault uses randomized password and cannot change its storage preference')
|
||||
}
|
||||
|
||||
if (dto.newKeyStorageMode === latestVault.keyStorageMode) {
|
||||
throw new Error('Vault already uses this storage preference')
|
||||
}
|
||||
|
||||
if (
|
||||
dto.newKeyStorageMode === KeySystemRootKeyStorageMode.Local ||
|
||||
dto.newKeyStorageMode === KeySystemRootKeyStorageMode.Ephemeral
|
||||
) {
|
||||
await this.changeStorageModeToLocalOrEphemeral(latestVault, dto.newKeyStorageMode)
|
||||
} else if (dto.newKeyStorageMode === KeySystemRootKeyStorageMode.Synced) {
|
||||
await this.changeStorageModeToSynced(latestVault)
|
||||
return result
|
||||
}
|
||||
}
|
||||
|
||||
await this.sync.sync()
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
private async handleNewPasswordType(dto: ChangeVaultKeyOptionsDTO): Promise<Result<void>> {
|
||||
if (!dto.newPasswordType) {
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
if (dto.vault.keyPasswordType === dto.newPasswordType.passwordType) {
|
||||
return Result.fail('Vault password type is already set to this type')
|
||||
}
|
||||
|
||||
if (dto.newPasswordType.passwordType === KeySystemPasswordType.UserInputted) {
|
||||
if (!dto.newPasswordType.userInputtedPassword) {
|
||||
return Result.fail('User inputted password is required')
|
||||
}
|
||||
const useStorageMode = dto.newStorageMode ?? dto.vault.keyStorageMode
|
||||
const result = await this.changePasswordTypeToUserInputted(
|
||||
dto.vault,
|
||||
dto.newPasswordType.userInputtedPassword,
|
||||
useStorageMode,
|
||||
)
|
||||
if (result.isFailed()) {
|
||||
return result
|
||||
}
|
||||
} else if (dto.newPasswordType.passwordType === KeySystemPasswordType.Randomized) {
|
||||
const result = await this.changePasswordTypeToRandomized(dto.vault)
|
||||
if (result.isFailed()) {
|
||||
return result
|
||||
}
|
||||
}
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
private async handleNewStorageMode(dto: ChangeVaultKeyOptionsDTO): Promise<Result<void>> {
|
||||
if (!dto.newStorageMode) {
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
const result = this.getVault.execute({ keySystemIdentifier: dto.vault.systemIdentifier })
|
||||
if (result.isFailed()) {
|
||||
return Result.fail('Vault not found')
|
||||
}
|
||||
|
||||
const latestVault = result.getValue()
|
||||
|
||||
if (latestVault.rootKeyParams.passwordType !== KeySystemPasswordType.UserInputted) {
|
||||
return Result.fail('Vault uses randomized password and cannot change its storage preference')
|
||||
}
|
||||
|
||||
if (dto.newStorageMode === latestVault.keyStorageMode) {
|
||||
return Result.fail('Vault already uses this storage preference')
|
||||
}
|
||||
|
||||
if (
|
||||
dto.newStorageMode === KeySystemRootKeyStorageMode.Local ||
|
||||
dto.newStorageMode === KeySystemRootKeyStorageMode.Ephemeral
|
||||
) {
|
||||
const result = await this.changeStorageModeToLocalOrEphemeral(latestVault, dto.newStorageMode)
|
||||
if (result.isFailed()) {
|
||||
return result
|
||||
}
|
||||
} else if (dto.newStorageMode === KeySystemRootKeyStorageMode.Synced) {
|
||||
const result = await this.changeStorageModeToSynced(latestVault)
|
||||
if (result.isFailed()) {
|
||||
return result
|
||||
}
|
||||
}
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
private async changePasswordTypeToUserInputted(
|
||||
vault: VaultListingInterface,
|
||||
userInputtedPassword: string,
|
||||
storageMode: KeySystemRootKeyStorageMode,
|
||||
): Promise<void> {
|
||||
): Promise<Result<void>> {
|
||||
const newRootKey = this.encryption.createUserInputtedKeySystemRootKey({
|
||||
systemIdentifier: vault.systemIdentifier,
|
||||
userInputtedPassword: userInputtedPassword,
|
||||
@@ -80,60 +123,73 @@ export class ChangeVaultKeyOptions {
|
||||
if (storageMode === KeySystemRootKeyStorageMode.Synced) {
|
||||
await this.mutator.insertItem(newRootKey, true)
|
||||
} else {
|
||||
this.keys.intakeNonPersistentKeySystemRootKey(newRootKey, storageMode)
|
||||
this.keys.cacheKey(newRootKey, storageMode)
|
||||
}
|
||||
|
||||
await this.mutator.changeItem<VaultListingMutator>(vault, (mutator) => {
|
||||
mutator.rootKeyParams = newRootKey.keyParams
|
||||
})
|
||||
|
||||
await this.keys.reencryptKeySystemItemsKeysForVault(vault.systemIdentifier)
|
||||
await this.keys.queueVaultItemsKeysForReencryption(vault.systemIdentifier)
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
private async changePasswordTypeToRandomized(
|
||||
vault: VaultListingInterface,
|
||||
storageMode: KeySystemRootKeyStorageMode,
|
||||
): Promise<void> {
|
||||
private async changePasswordTypeToRandomized(vault: VaultListingInterface): Promise<Result<void>> {
|
||||
if (vault.keyStorageMode !== KeySystemRootKeyStorageMode.Synced) {
|
||||
this.keys.removeKeyFromCache(vault.systemIdentifier)
|
||||
|
||||
await this.mutator.changeItem<VaultListingMutator>(vault, (mutator) => {
|
||||
mutator.keyStorageMode = KeySystemRootKeyStorageMode.Synced
|
||||
})
|
||||
}
|
||||
|
||||
const newRootKey = this.encryption.createRandomizedKeySystemRootKey({
|
||||
systemIdentifier: vault.systemIdentifier,
|
||||
})
|
||||
|
||||
if (storageMode !== KeySystemRootKeyStorageMode.Synced) {
|
||||
throw new Error('Cannot change to randomized password if root key storage is not synced')
|
||||
}
|
||||
|
||||
await this.mutator.changeItem<VaultListingMutator>(vault, (mutator) => {
|
||||
mutator.rootKeyParams = newRootKey.keyParams
|
||||
})
|
||||
|
||||
await this.mutator.insertItem(newRootKey, true)
|
||||
|
||||
await this.keys.reencryptKeySystemItemsKeysForVault(vault.systemIdentifier)
|
||||
await this.keys.queueVaultItemsKeysForReencryption(vault.systemIdentifier)
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
private async changeStorageModeToLocalOrEphemeral(
|
||||
vault: VaultListingInterface,
|
||||
newKeyStorageMode: KeySystemRootKeyStorageMode,
|
||||
): Promise<void> {
|
||||
newStorageMode: KeySystemRootKeyStorageMode,
|
||||
): Promise<Result<void>> {
|
||||
const primaryKey = this.keys.getPrimaryKeySystemRootKey(vault.systemIdentifier)
|
||||
if (!primaryKey) {
|
||||
throw new Error('No primary key found')
|
||||
return Result.fail('No primary key found')
|
||||
}
|
||||
|
||||
this.keys.intakeNonPersistentKeySystemRootKey(primaryKey, newKeyStorageMode)
|
||||
if (newStorageMode === KeySystemRootKeyStorageMode.Ephemeral) {
|
||||
this.keys.removeKeyFromCache(vault.systemIdentifier)
|
||||
}
|
||||
|
||||
this.keys.cacheKey(primaryKey, newStorageMode)
|
||||
await this.keys.deleteAllSyncedKeySystemRootKeys(vault.systemIdentifier)
|
||||
|
||||
await this.mutator.changeItem<VaultListingMutator>(vault, (mutator) => {
|
||||
mutator.keyStorageMode = newKeyStorageMode
|
||||
mutator.keyStorageMode = newStorageMode
|
||||
})
|
||||
|
||||
await this.sync.sync()
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
|
||||
private async changeStorageModeToSynced(vault: VaultListingInterface): Promise<void> {
|
||||
private async changeStorageModeToSynced(vault: VaultListingInterface): Promise<Result<void>> {
|
||||
const allRootKeys = this.keys.getAllKeySystemRootKeysForVault(vault.systemIdentifier)
|
||||
const syncedRootKeys = this.keys.getSyncedKeySystemRootKeysForVault(vault.systemIdentifier)
|
||||
|
||||
this.keys.removeKeyFromCache(vault.systemIdentifier)
|
||||
|
||||
for (const key of allRootKeys) {
|
||||
const existingSyncedKey = syncedRootKeys.find((syncedKey) => syncedKey.token === key.token)
|
||||
if (existingSyncedKey) {
|
||||
@@ -146,5 +202,7 @@ export class ChangeVaultKeyOptions {
|
||||
await this.mutator.changeItem<VaultListingMutator>(vault, (mutator) => {
|
||||
mutator.keyStorageMode = KeySystemRootKeyStorageMode.Synced
|
||||
})
|
||||
|
||||
return Result.ok()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
import { KeySystemRootKeyPasswordType, KeySystemRootKeyStorageMode, VaultListingInterface } from '@standardnotes/models'
|
||||
import { KeySystemPasswordType, KeySystemRootKeyStorageMode, VaultListingInterface } from '@standardnotes/models'
|
||||
|
||||
export type ChangeVaultKeyOptionsDTO = {
|
||||
vault: VaultListingInterface
|
||||
newPasswordType:
|
||||
| { passwordType: KeySystemRootKeyPasswordType.Randomized }
|
||||
| { passwordType: KeySystemRootKeyPasswordType.UserInputted; userInputtedPassword: string }
|
||||
| { passwordType: KeySystemPasswordType.Randomized }
|
||||
| { passwordType: KeySystemPasswordType.UserInputted; userInputtedPassword: string }
|
||||
| undefined
|
||||
newKeyStorageMode: KeySystemRootKeyStorageMode | undefined
|
||||
newStorageMode: KeySystemRootKeyStorageMode | undefined
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ import { SyncServiceInterface } from '../../Sync/SyncServiceInterface'
|
||||
import { UuidGenerator } from '@standardnotes/utils'
|
||||
import {
|
||||
KeySystemRootKeyParamsInterface,
|
||||
KeySystemRootKeyPasswordType,
|
||||
KeySystemPasswordType,
|
||||
VaultListingContentSpecialized,
|
||||
VaultListingInterface,
|
||||
KeySystemRootKeyStorageMode,
|
||||
@@ -44,9 +44,7 @@ export class CreateVault {
|
||||
keySystemIdentifier,
|
||||
vaultName: dto.vaultName,
|
||||
vaultDescription: dto.vaultDescription,
|
||||
passwordType: dto.userInputtedPassword
|
||||
? KeySystemRootKeyPasswordType.UserInputted
|
||||
: KeySystemRootKeyPasswordType.Randomized,
|
||||
passwordType: dto.userInputtedPassword ? KeySystemPasswordType.UserInputted : KeySystemPasswordType.Randomized,
|
||||
rootKeyParams: rootKey.keyParams,
|
||||
storage: dto.storagePreference,
|
||||
})
|
||||
@@ -60,7 +58,7 @@ export class CreateVault {
|
||||
keySystemIdentifier: string
|
||||
vaultName: string
|
||||
vaultDescription?: string
|
||||
passwordType: KeySystemRootKeyPasswordType
|
||||
passwordType: KeySystemPasswordType
|
||||
rootKeyParams: KeySystemRootKeyParamsInterface
|
||||
storage: KeySystemRootKeyStorageMode
|
||||
}): Promise<VaultListingInterface> {
|
||||
@@ -109,7 +107,7 @@ export class CreateVault {
|
||||
if (dto.storagePreference === KeySystemRootKeyStorageMode.Synced) {
|
||||
await this.mutator.insertItem(newRootKey, true)
|
||||
} else {
|
||||
this.keys.intakeNonPersistentKeySystemRootKey(newRootKey, dto.storagePreference)
|
||||
this.keys.cacheKey(newRootKey, dto.storagePreference)
|
||||
}
|
||||
|
||||
return newRootKey
|
||||
|
||||
@@ -3,7 +3,7 @@ import { ClientDisplayableError, isClientDisplayableError } from '@standardnotes
|
||||
import {
|
||||
KeySystemIdentifier,
|
||||
KeySystemRootKeyInterface,
|
||||
KeySystemRootKeyPasswordType,
|
||||
KeySystemPasswordType,
|
||||
KeySystemRootKeyStorageMode,
|
||||
VaultListingInterface,
|
||||
VaultListingMutator,
|
||||
@@ -31,7 +31,7 @@ export class RotateVaultKey {
|
||||
|
||||
let newRootKey: KeySystemRootKeyInterface | undefined
|
||||
|
||||
if (currentRootKey.keyParams.passwordType === KeySystemRootKeyPasswordType.UserInputted) {
|
||||
if (currentRootKey.keyParams.passwordType === KeySystemPasswordType.UserInputted) {
|
||||
if (!params.userInputtedPassword) {
|
||||
throw new Error('Cannot rotate key system root key; user inputted password required')
|
||||
}
|
||||
@@ -40,7 +40,7 @@ export class RotateVaultKey {
|
||||
systemIdentifier: params.vault.systemIdentifier,
|
||||
userInputtedPassword: params.userInputtedPassword,
|
||||
})
|
||||
} else if (currentRootKey.keyParams.passwordType === KeySystemRootKeyPasswordType.Randomized) {
|
||||
} else if (currentRootKey.keyParams.passwordType === KeySystemPasswordType.Randomized) {
|
||||
newRootKey = this.encryption.createRandomizedKeySystemRootKey({
|
||||
systemIdentifier: params.vault.systemIdentifier,
|
||||
})
|
||||
@@ -53,7 +53,7 @@ export class RotateVaultKey {
|
||||
if (params.vault.keyStorageMode === KeySystemRootKeyStorageMode.Synced) {
|
||||
await this.mutator.insertItem(newRootKey, true)
|
||||
} else {
|
||||
this.keys.intakeNonPersistentKeySystemRootKey(newRootKey, params.vault.keyStorageMode)
|
||||
this.keys.cacheKey(newRootKey, params.vault.keyStorageMode)
|
||||
}
|
||||
|
||||
await this.mutator.changeItem<VaultListingMutator>(params.vault, (mutator) => {
|
||||
@@ -73,7 +73,7 @@ export class RotateVaultKey {
|
||||
errors.push(updateKeySystemItemsKeyResult)
|
||||
}
|
||||
|
||||
await this.keys.reencryptKeySystemItemsKeysForVault(params.vault.systemIdentifier)
|
||||
await this.keys.queueVaultItemsKeysForReencryption(params.vault.systemIdentifier)
|
||||
|
||||
return errors
|
||||
}
|
||||
|
||||
@@ -26,6 +26,7 @@ import { MutatorClientInterface } from '../Mutator/MutatorClientInterface'
|
||||
import { AlertService } from '../Alert/AlertService'
|
||||
import { GetVaults } from './UseCase/GetVaults'
|
||||
import { VaultLockServiceInterface } from '../VaultLock/VaultLockServiceInterface'
|
||||
import { Result } from '@standardnotes/domain-core'
|
||||
|
||||
export class VaultService
|
||||
extends AbstractService<VaultServiceEvent, VaultServiceEventPayload[VaultServiceEvent]>
|
||||
@@ -194,7 +195,7 @@ export class VaultService
|
||||
return updatedVault
|
||||
}
|
||||
|
||||
async rotateVaultRootKey(vault: VaultListingInterface): Promise<void> {
|
||||
async rotateVaultRootKey(vault: VaultListingInterface, vaultPassword?: string): Promise<void> {
|
||||
if (this.vaultLocks.isVaultLocked(vault)) {
|
||||
throw new Error('Cannot rotate root key of locked vault')
|
||||
}
|
||||
@@ -202,7 +203,7 @@ export class VaultService
|
||||
await this._rotateVaultKey.execute({
|
||||
vault,
|
||||
sharedVaultUuid: vault.isSharedVaultListing() ? vault.sharing.sharedVaultUuid : undefined,
|
||||
userInputtedPassword: undefined,
|
||||
userInputtedPassword: vaultPassword,
|
||||
})
|
||||
|
||||
await this.notifyEventSync(VaultServiceEvent.VaultRootKeyRotated, { vault })
|
||||
@@ -227,15 +228,17 @@ export class VaultService
|
||||
return this.getVault({ keySystemIdentifier: latestItem.key_system_identifier })
|
||||
}
|
||||
|
||||
async changeVaultOptions(dto: ChangeVaultKeyOptionsDTO): Promise<void> {
|
||||
async changeVaultOptions(dto: ChangeVaultKeyOptionsDTO): Promise<Result<void>> {
|
||||
if (this.vaultLocks.isVaultLocked(dto.vault)) {
|
||||
throw new Error('Attempting to change vault options on a locked vault')
|
||||
}
|
||||
|
||||
await this._changeVaultKeyOptions.execute(dto)
|
||||
const result = await this._changeVaultKeyOptions.execute(dto)
|
||||
|
||||
if (dto.newPasswordType) {
|
||||
await this.notifyEventSync(VaultServiceEvent.VaultRootKeyRotated, { vault: dto.vault })
|
||||
}
|
||||
|
||||
return result
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@ import {
|
||||
import { AbstractService } from '../Service/AbstractService'
|
||||
import { VaultServiceEvent, VaultServiceEventPayload } from './VaultServiceEvent'
|
||||
import { ChangeVaultKeyOptionsDTO } from './UseCase/ChangeVaultKeyOptionsDTO'
|
||||
import { Result } from '@standardnotes/domain-core'
|
||||
|
||||
export interface VaultServiceInterface
|
||||
extends AbstractService<VaultServiceEvent, VaultServiceEventPayload[VaultServiceEvent]> {
|
||||
@@ -34,6 +35,6 @@ export interface VaultServiceInterface
|
||||
vault: VaultListingInterface,
|
||||
params: { name: string; description: string },
|
||||
): Promise<VaultListingInterface>
|
||||
rotateVaultRootKey(vault: VaultListingInterface): Promise<void>
|
||||
changeVaultOptions(dto: ChangeVaultKeyOptionsDTO): Promise<void>
|
||||
rotateVaultRootKey(vault: VaultListingInterface, vaultPassword?: string): Promise<void>
|
||||
changeVaultOptions(dto: ChangeVaultKeyOptionsDTO): Promise<Result<void>>
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import { GetVaults } from '../Vault/UseCase/GetVaults'
|
||||
import { KeySystemRootKeyPasswordType, KeySystemRootKeyStorageMode, VaultListingInterface } from '@standardnotes/models'
|
||||
import { KeySystemPasswordType, KeySystemRootKeyStorageMode, VaultListingInterface } from '@standardnotes/models'
|
||||
import { VaultLockServiceInterface } from './VaultLockServiceInterface'
|
||||
import { VaultLockServiceEvent, VaultLockServiceEventPayload } from './VaultLockServiceEvent'
|
||||
import { AbstractService } from '../Service/AbstractService'
|
||||
@@ -51,19 +51,19 @@ export class VaultLockService
|
||||
}
|
||||
|
||||
public isVaultLockable(vault: VaultListingInterface): boolean {
|
||||
return vault.keyPasswordType === KeySystemRootKeyPasswordType.UserInputted
|
||||
return vault.keyPasswordType === KeySystemPasswordType.UserInputted
|
||||
}
|
||||
|
||||
public lockNonPersistentVault(vault: VaultListingInterface): void {
|
||||
public async lockNonPersistentVault(vault: VaultListingInterface): Promise<void> {
|
||||
if (vault.keyStorageMode === KeySystemRootKeyStorageMode.Synced) {
|
||||
throw new Error('Vault uses synced key storage and cannot be locked')
|
||||
}
|
||||
|
||||
if (vault.keyPasswordType !== KeySystemRootKeyPasswordType.UserInputted) {
|
||||
if (vault.keyPasswordType !== KeySystemPasswordType.UserInputted) {
|
||||
throw new Error('Vault uses randomized password and cannot be locked')
|
||||
}
|
||||
|
||||
this.keys.clearMemoryOfKeysRelatedToVault(vault)
|
||||
await this.keys.wipeVaultKeysFromMemory(vault)
|
||||
|
||||
this.lockMap.set(vault.uuid, true)
|
||||
|
||||
@@ -71,7 +71,7 @@ export class VaultLockService
|
||||
}
|
||||
|
||||
public async unlockNonPersistentVault(vault: VaultListingInterface, password: string): Promise<boolean> {
|
||||
if (vault.keyPasswordType !== KeySystemRootKeyPasswordType.UserInputted) {
|
||||
if (vault.keyPasswordType !== KeySystemPasswordType.UserInputted) {
|
||||
throw new Error('Vault uses randomized password and cannot be unlocked with user inputted password')
|
||||
}
|
||||
|
||||
@@ -84,12 +84,12 @@ export class VaultLockService
|
||||
userInputtedPassword: password,
|
||||
})
|
||||
|
||||
this.keys.intakeNonPersistentKeySystemRootKey(derivedRootKey, vault.keyStorageMode)
|
||||
this.keys.cacheKey(derivedRootKey, vault.keyStorageMode)
|
||||
|
||||
await this.encryption.decryptErroredPayloads()
|
||||
|
||||
if (this.computeVaultLockState(vault) === 'locked') {
|
||||
this.keys.undoIntakeNonPersistentKeySystemRootKey(vault.systemIdentifier)
|
||||
this.keys.removeKeyFromCache(vault.systemIdentifier)
|
||||
return false
|
||||
}
|
||||
|
||||
|
||||
@@ -7,6 +7,6 @@ export interface VaultLockServiceInterface
|
||||
getLockedvaults(): VaultListingInterface[]
|
||||
isVaultLocked(vault: VaultListingInterface): boolean
|
||||
isVaultLockable(vault: VaultListingInterface): boolean
|
||||
lockNonPersistentVault(vault: VaultListingInterface): void
|
||||
lockNonPersistentVault(vault: VaultListingInterface): Promise<void>
|
||||
unlockNonPersistentVault(vault: VaultListingInterface, password: string): Promise<boolean>
|
||||
}
|
||||
|
||||
@@ -153,6 +153,7 @@ export * from './Storage/KeyValueStoreInterface'
|
||||
export * from './Storage/StorageKeys'
|
||||
export * from './Storage/StorageServiceInterface'
|
||||
export * from './Storage/StorageTypes'
|
||||
export * from './Storage/UseCase/RemoveItemsFromMemory'
|
||||
export * from './Strings/InfoStrings'
|
||||
export * from './Strings/Messages'
|
||||
export * from './Subscription/AppleIAPProductId'
|
||||
@@ -166,7 +167,7 @@ export * from './Sync/SyncOptions'
|
||||
export * from './Sync/SyncQueueStrategy'
|
||||
export * from './Sync/SyncServiceInterface'
|
||||
export * from './Sync/SyncSource'
|
||||
export * from './UseCase/RemoveItemsLocally'
|
||||
export * from './UseCase/DiscardItemsLocally'
|
||||
export * from './User/AccountEvent'
|
||||
export * from './User/AccountEventData'
|
||||
export * from './User/CredentialsChangeFunctionResponse'
|
||||
|
||||
Reference in New Issue
Block a user