Details
- Reviewers
inka - Commits
- rCOMMc33ba331b511: [native][web] migrate keyservers to SQLite
Check if migration succeeded and keyservers are in database
Diff Detail
- Repository
- rCOMM Comm
- Branch
- handle-migration-failure
- Lint
No Lint Coverage - Unit
No Test Coverage
Event Timeline
We have it in redux-persist so we need to move it to the database, we did the same for other stores
native/redux/persist.js | ||
---|---|---|
1026 ↗ | (On Diff #35960) | It's a convention, we do the same for migrating other stores |
1036 ↗ | (On Diff #35960) | I copy-pasted in from here but looks like it's not needed anymore. It was used to log-out user if migration fails - wondering how we should handle this now. |
native/redux/persist.js | ||
---|---|---|
1036 ↗ | (On Diff #35960) | Hmmm, if usingCommServicesAccessToken is false, then we can probably set the cookie of Ashoat's keyserver to null... If usingCommServicesAccessToken is true, then I'm not sure what to do... We should probably have a similar logic that logs the user out if the CSAT is missing, but I don't really know. This logic, if it even existed, would probably try to do a recovery, and that's not what we want to happen |
native/redux/persist.js | ||
---|---|---|
1036 ↗ | (On Diff #35960) |
Isn't that what we want for the old logic? If the Redux store is corrupt, it forces a recovery login, which should result in the Redux data being fixed because the keyserver provides new data.
I think you're right that logging into identity again won't fix the Redux data. Perhaps what we want here is a version of a recovery login that clears all of the Redux state. Right now recovery login always leaves the Redux state in place. In theory, a version of recovery login that clears the Redux state would be the same as a user-initiated login, right? It seems like a good idea to hide this from the user.
I think there are three things we need to do here:
|
My last inline comment was confused. Probably worth ignoring it if you haven't already read it 😅
native/redux/persist.js | ||
---|---|---|
1036 ↗ | (On Diff #35960) | I thought about this some more. If all we want is to clear the Redux state in this particular case, it seems like it would be more simple to just call resetUserSpecificStateOnIdentityActions here like we do in eg. D10860. This avoids the need for any special differentiation between 'transparent_recovery' and 'reset_recovery'. As for triggering keyserver session recovery code, this was some confusion on my part. We would want to trigger identity session recovery code here, so it has nothing to do with my task ENG-6586, which is about keyserver session recovery. So here's what I think now:
@kamil, what do you think of making the changes from point 1 here? Do you know if we need to additionally clear the auth metadata or call clearSensitiveData? |
native/redux/persist.js | ||
---|---|---|
1036 ↗ | (On Diff #35960) | I might be missing some context but it looks okay - and I think we have to call clearSensitiveData, A failed migration could leave the database in a bad state so we should delete and recreate it. Not sure if this is the right approach to later automatically recover the session but I would suggest something like this: try { await commCoreModule.processKeyserverStoreOperations(dbOperations); } catch (exception) { if (isTaskCancelledError(exception)) { //database is being deleted anyway return state; } const stateAfterReset = resetUserSpecificStateOnIdentityActions( state, defaultState, nonUserSpecificFieldsNative, //this does not include `keyserverStore` ); const keyserverInfos = { ...stateAfterReset.keyserverStore.keyserverInfos, }; for (const key in keyserverInfos) { // similar approach to: https://github.com/CommE2E/comm/blob/406f32b4afe1bc12f42ea82610d9db63ae680946/native/redux/client-db-utils.js#L50 keyserverInfos[key] = { ...keyserverInfos[key], cookie: null }; // removing cookie to logout and trigger database deletion } const keyserverStore = { ...stateAfterReset.keyserverStore, keyserverInfos, }; return { ...stateAfterReset, keyserverStore, }; } return state; }, I think we can add this on both web and native as a general approach to handle failed migrations. so before fixing it I want to ask if this is okay (cc. @inka, @ashoat) |
native/redux/persist.js | ||
---|---|---|
1036 ↗ | (On Diff #35960) | I think this makes sense to me. We should probably factor that new logic out into a separate function, and call it from migrations 53, 58, and 59 in order to resolve ENG-6636. Additionally – it looks like your example code is missing clearSensitiveData, which you indicated should be called. Will that additionally handle clearing the auth metadata? |
native/redux/persist.js | ||
---|---|---|
1036 ↗ | (On Diff #35960) |
make sense
I thought setting cookie: null would automatically cause clearSensitiveData in SQLiteDataHandler - I'll double-check that.
yes, clearSensitiveData clears everything on native with metadata from SecureStore, on web it's persisted in redux-persist which we store in SQLite |
native/redux/persist.js | ||
---|---|---|
1036 ↗ | (On Diff #35960) | We should also clear the fields of keyserver store cleared on logout: connection.connectionIssue, connection.queuedActivityUpdates , connection.lateResponses, and probably remove keyservers that are not Ashoat's keyserver. |
We might need to do something additional to clear the auth metadata from CommCoreModule.
We may also need to call clearSensitiveData.
I thought setting cookie: null would automatically cause clearSensitiveData in SQLiteDataHandler - I'll double-check that.
yes, clearSensitiveData clears everything on native with metadata from SecureStore, on web it's persisted in redux-persist which we store in SQLite
I'm assuming that this was checked. In the future clearSensitiveData should be called on changes to CSAT, but I think [[ https://linear.app/comm/issue/ENG-5647/[native]-update-sqlitedatahandler | ENG-5647 ]] will handle that