fix: only encrypt if enable (#3236)

* fix: error page display issue * fix: override document with empty data * chore: add logs * fix: encrypt errors * fix: encrypt errors
2024-08-30 18:12:39 +00:00 · 2023-08-18 22:32:51 +08:00
parent 23a34af30f
commit de01bf70cd
20 changed files with 171 additions and 106 deletions
--- a/frontend/rust-lib/flowy-user/src/entities/user_setting.rs
+++ b/frontend/rust-lib/flowy-user/src/entities/user_setting.rs
@ -149,7 +149,7 @@ impl From<UserCloudConfig> for UserCloudConfigPB {
  fn from(value: UserCloudConfig) -> Self {
    Self {
      enable_sync: value.enable_sync,
-      enable_encrypt: value.enable_encrypt,
+      enable_encrypt: value.enable_encrypt(),
      encrypt_secret: value.encrypt_secret,
    }
  }
--- a/frontend/rust-lib/flowy-user/src/event_handler.rs
+++ b/frontend/rust-lib/flowy-user/src/event_handler.rs
@ -5,6 +5,7 @@ use serde_json::Value;

 use flowy_error::{FlowyError, FlowyResult};
 use flowy_sqlite::kv::StorePreferences;
+use flowy_user_deps::cloud::UserCloudConfig;
 use flowy_user_deps::entities::*;
 use lib_dispatch::prelude::*;
 use lib_infra::box_any::BoxAny;
@ -12,7 +13,9 @@ use lib_infra::box_any::BoxAny;
 use crate::entities::*;
 use crate::manager::UserManager;
 use crate::notification::{send_notification, UserNotification};
-use crate::services::cloud_config::{generate_cloud_config, get_cloud_config, save_cloud_config};
+use crate::services::cloud_config::{
+  get_cloud_config, get_or_create_cloud_config, save_cloud_config,
+};

 fn upgrade_manager(manager: AFPluginState<Weak<UserManager>>) -> FlowyResult<Arc<UserManager>> {
  let manager = manager
@ -186,12 +189,6 @@ pub async fn set_encrypt_secret_handler(
  let manager = upgrade_manager(manager)?;
  let store_preferences = upgrade_store_preferences(store_preferences)?;
  let data = data.into_inner();
-
-  let mut config = get_cloud_config(&store_preferences).unwrap_or_else(|| {
-    tracing::trace!("Generate default cloud config");
-    generate_cloud_config(&store_preferences)
-  });
-
  match data.encryption_type {
    EncryptionTypePB::NoEncryption => {
      tracing::error!("Encryption type is NoEncryption, but set encrypt secret");
@ -203,8 +200,7 @@ pub async fn set_encrypt_secret_handler(
        &data.encryption_secret,
      )?;

-      config.encrypt_secret = data.encryption_secret;
-      config.enable_encrypt = true;
+      let config = UserCloudConfig::new(data.encryption_secret).with_enable_encrypt(true);
      manager
        .set_encrypt_secret(
          data.user_id,
@ -212,10 +208,10 @@ pub async fn set_encrypt_secret_handler(
          EncryptionType::SelfEncryption(data.encryption_sign),
        )
        .await?;
+      save_cloud_config(data.user_id, &store_preferences, config)?;
    },
  }

-  save_cloud_config(data.user_id, &store_preferences, config)?;
  manager.resume_sign_up().await?;
  Ok(())
 }
@ -250,9 +246,9 @@ pub async fn set_cloud_config_handler(
 ) -> Result<(), FlowyError> {
  let manager = upgrade_manager(manager)?;
  let session = manager.get_session()?;
-  let store_preferences = upgrade_store_preferences(store_preferences)?;
  let update = data.into_inner();
-  let mut config = get_cloud_config(&store_preferences)
+  let store_preferences = upgrade_store_preferences(store_preferences)?;
+  let mut config = get_cloud_config(session.user_id, &store_preferences)
    .ok_or(FlowyError::internal().context("Can't find any cloud config"))?;

  if let Some(enable_sync) = update.enable_sync {
@ -261,20 +257,21 @@ pub async fn set_cloud_config_handler(
  }

  if let Some(enable_encrypt) = update.enable_encrypt {
-    config.enable_encrypt = enable_encrypt;
+    debug_assert!(enable_encrypt, "Disable encryption is not supported");
+
    if enable_encrypt {
+      tracing::info!("Enable encryption for user: {}", session.user_id);
+      config = config.with_enable_encrypt(enable_encrypt);
+      let encrypt_secret = config.encrypt_secret.clone();
+
      // The encryption secret is generated when the user first enables encryption and will be
      // used to validate the encryption secret is correct when the user logs in.
-      let encryption_sign =
-        manager.generate_encryption_sign(session.user_id, &config.encrypt_secret)?;
+      let encryption_sign = manager.generate_encryption_sign(session.user_id, &encrypt_secret)?;
      let encryption_type = EncryptionType::SelfEncryption(encryption_sign);
      manager
-        .set_encrypt_secret(
-          session.user_id,
-          config.encrypt_secret.clone(),
-          encryption_type.clone(),
-        )
+        .set_encrypt_secret(session.user_id, encrypt_secret, encryption_type.clone())
        .await?;
+      save_cloud_config(session.user_id, &store_preferences, config.clone())?;

      let params =
        UpdateUserProfileParams::new(session.user_id).with_encryption_type(encryption_type);
@ -282,8 +279,7 @@ pub async fn set_cloud_config_handler(
    }
  }

-  let config_pb = UserCloudConfigPB::from(config.clone());
-  save_cloud_config(session.user_id, &store_preferences, config)?;
+  let config_pb = UserCloudConfigPB::from(config);
  send_notification(
    &session.user_id.to_string(),
    UserNotification::DidUpdateCloudConfig,
@ -295,12 +291,15 @@ pub async fn set_cloud_config_handler(

 #[tracing::instrument(level = "debug", skip_all, err)]
 pub async fn get_cloud_config_handler(
+  manager: AFPluginState<Weak<UserManager>>,
  store_preferences: AFPluginState<Weak<StorePreferences>>,
 ) -> DataResult<UserCloudConfigPB, FlowyError> {
+  let manager = upgrade_manager(manager)?;
+  let session = manager.get_session()?;
+
  let store_preferences = upgrade_store_preferences(store_preferences)?;
  // Generate the default config if the config is not exist
-  let config = get_cloud_config(&store_preferences)
-    .unwrap_or_else(|| generate_cloud_config(&store_preferences));
+  let config = get_or_create_cloud_config(session.user_id, &store_preferences);
  data_result_ok(config.into())
 }

@ -389,7 +388,6 @@ pub async fn open_historical_users_handler(
  Ok(())
 }

-#[tracing::instrument(level = "debug", skip_all, err)]
 pub async fn push_realtime_event_handler(
  payload: AFPluginData<RealtimePayloadPB>,
  manager: AFPluginState<Weak<UserManager>>,
--- a/frontend/rust-lib/flowy-user/src/event_map.rs
+++ b/frontend/rust-lib/flowy-user/src/event_map.rs
@ -6,7 +6,7 @@ use strum_macros::Display;

 use flowy_derive::{Flowy_Event, ProtoBuf_Enum};
 use flowy_error::FlowyResult;
-use flowy_user_deps::cloud::UserService;
+use flowy_user_deps::cloud::{UserCloudConfig, UserService};
 use flowy_user_deps::entities::*;
 use lib_dispatch::prelude::*;
 use lib_infra::future::{to_fut, Fut};
@ -74,6 +74,7 @@ pub trait UserStatusCallback: Send + Sync + 'static {
  fn did_init(
    &self,
    user_id: i64,
+    cloud_config: &Option<UserCloudConfig>,
    user_workspace: &UserWorkspace,
    device_id: &str,
  ) -> Fut<FlowyResult<()>>;
@ -145,6 +146,7 @@ impl UserStatusCallback for DefaultUserStatusCallback {
  fn did_init(
    &self,
    _user_id: i64,
+    _cloud_config: &Option<UserCloudConfig>,
    _user_workspace: &UserWorkspace,
    _device_id: &str,
  ) -> Fut<FlowyResult<()>> {
--- a/frontend/rust-lib/flowy-user/src/manager.rs
+++ b/frontend/rust-lib/flowy-user/src/manager.rs
@ -25,7 +25,7 @@ use crate::migrations::historical_document::HistoricalEmptyDocumentMigration;
 use crate::migrations::local_user_to_cloud::migration_user_to_cloud;
 use crate::migrations::migration::UserLocalDataMigration;
 use crate::migrations::MigrationUser;
-use crate::services::cloud_config::remove_cloud_config;
+use crate::services::cloud_config::get_cloud_config;
 use crate::services::database::UserDB;
 use crate::services::entities::{ResumableSignUp, Session};
 use crate::services::user_awareness::UserAwarenessDataSource;
@ -121,8 +121,14 @@ impl UserManager {
      self
        .initialize_user_awareness(&session, UserAwarenessDataSource::Local)
        .await;
+      let cloud_config = get_cloud_config(session.user_id, &self.store_preferences);
      if let Err(e) = user_status_callback
-        .did_init(session.user_id, &session.user_workspace, &session.device_id)
+        .did_init(
+          session.user_id,
+          &cloud_config,
+          &session.user_workspace,
+          &session.device_id,
+        )
        .await
      {
        tracing::error!("Failed to call did_init callback: {:?}", e);
@ -213,7 +219,6 @@ impl UserManager {
    auth_type: AuthType,
    params: BoxAny,
  ) -> Result<UserProfile, FlowyError> {
-    remove_cloud_config(&self.store_preferences);
    self.update_auth_type(&auth_type).await;

    let migration_user = self.get_migration_user(&auth_type).await;
@ -325,7 +330,6 @@ impl UserManager {
    let session = self.get_session()?;
    self.database.close(session.user_id)?;
    self.set_current_session(None)?;
-    remove_cloud_config(&self.store_preferences);

    let server = self.cloud_services.get_user_service()?;
    tokio::spawn(async move {
--- a/frontend/rust-lib/flowy-user/src/services/cloud_config.rs
+++ b/frontend/rust-lib/flowy-user/src/services/cloud_config.rs
@ -7,41 +7,48 @@ use flowy_user_deps::cloud::UserCloudConfig;

 const CLOUD_CONFIG_KEY: &str = "af_user_cloud_config";

-pub fn generate_cloud_config(store_preference: &Arc<StorePreferences>) -> UserCloudConfig {
+fn generate_cloud_config(uid: i64, store_preference: &Arc<StorePreferences>) -> UserCloudConfig {
  let config = UserCloudConfig::new(generate_encrypt_secret());
-  let key = cache_key_for_cloud_config();
+  let key = cache_key_for_cloud_config(uid);
  store_preference.set_object(&key, config.clone()).unwrap();
  config
 }

-pub fn remove_cloud_config(store_preference: &Arc<StorePreferences>) {
-  let key = cache_key_for_cloud_config();
-  store_preference.remove(&key);
-}
-
 pub fn save_cloud_config(
  uid: i64,
  store_preference: &Arc<StorePreferences>,
  config: UserCloudConfig,
 ) -> FlowyResult<()> {
-  let encrypt_secret = config.encrypt_secret.clone();
-  let key = cache_key_for_cloud_config();
+  tracing::info!("save user:{} cloud config: {}", uid, config);
+  let key = cache_key_for_cloud_config(uid);
  store_preference.set_object(&key, config)?;
-  store_preference.set_object(&format!("{}-encrypt-secret", uid), encrypt_secret)?;
  Ok(())
 }

-fn cache_key_for_cloud_config() -> String {
-  CLOUD_CONFIG_KEY.to_string()
+fn cache_key_for_cloud_config(uid: i64) -> String {
+  format!("{}:{}", CLOUD_CONFIG_KEY, uid)
 }

-pub fn get_cloud_config(store_preference: &Arc<StorePreferences>) -> Option<UserCloudConfig> {
-  let key = cache_key_for_cloud_config();
+pub fn get_cloud_config(
+  uid: i64,
+  store_preference: &Arc<StorePreferences>,
+) -> Option<UserCloudConfig> {
+  let key = cache_key_for_cloud_config(uid);
  store_preference.get_object::<UserCloudConfig>(&key)
 }

-pub fn get_encrypt_secret(store_preference: &Arc<StorePreferences>) -> Option<String> {
-  let key = cache_key_for_cloud_config();
+pub fn get_or_create_cloud_config(
+  uid: i64,
+  store_preferences: &Arc<StorePreferences>,
+) -> UserCloudConfig {
+  let key = cache_key_for_cloud_config(uid);
+  store_preferences
+    .get_object::<UserCloudConfig>(&key)
+    .unwrap_or_else(|| generate_cloud_config(uid, store_preferences))
+}
+
+pub fn get_encrypt_secret(uid: i64, store_preference: &Arc<StorePreferences>) -> Option<String> {
+  let key = cache_key_for_cloud_config(uid);
  store_preference
    .get_object::<UserCloudConfig>(&key)
    .map(|config| config.encrypt_secret)
--- a/frontend/rust-lib/flowy-user/src/services/user_encryption.rs
+++ b/frontend/rust-lib/flowy-user/src/services/user_encryption.rs
@ -37,7 +37,7 @@ impl UserManager {
        "Failed to get store preference",
      ))?;

-    let encrypt_secret = get_encrypt_secret(&store_preference).ok_or(FlowyError::new(
+    let encrypt_secret = get_encrypt_secret(uid, &store_preference).ok_or(FlowyError::new(
      ErrorCode::Internal,
      "Encrypt secret is not set",
    ))?;