"use strict"; import utils = require('../../services/utils'); import sql = require('../../services/sql'); import entityChangesService = require('../../services/entity_changes'); import eventService = require('../../services/events'); import dateUtils = require('../../services/date_utils'); import cls = require('../../services/cls'); import log = require('../../services/log'); import protectedSessionService = require('../../services/protected_session'); import blobService = require('../../services/blob'); import Becca = require('../becca-interface'); let becca: Becca | null = null; interface ContentOpts { forceSave?: boolean; forceFrontendReload?: boolean; } interface ConstructorData> { primaryKeyName: string; entityName: string; hashedProperties: (keyof T)[]; } /** * Base class for all backend entities. */ abstract class AbstractBeccaEntity> { protected utcDateModified?: string; protected dateCreated?: string; protected dateModified?: string; protected isSynced?: boolean; protected blobId?: string; utcDateCreated!: string; isProtected?: boolean; protected beforeSaving() { const constructorData = (this.constructor as unknown as ConstructorData); if (!(this as any)[constructorData.primaryKeyName]) { (this as any)[constructorData.primaryKeyName] = utils.newEntityId(); } } protected getUtcDateChanged() { return this.utcDateModified || this.utcDateCreated; } protected get becca(): Becca { if (!becca) { becca = require('../becca'); } return becca as Becca; } protected putEntityChange(isDeleted: boolean) { const constructorData = (this.constructor as unknown as ConstructorData); entityChangesService.putEntityChange({ entityName: constructorData.entityName, entityId: (this as any)[constructorData.primaryKeyName], hash: this.generateHash(isDeleted), isErased: false, utcDateChanged: this.getUtcDateChanged(), isSynced: constructorData.entityName !== 'options' || !!this.isSynced }); } protected generateHash(isDeleted: boolean): string { const constructorData = (this.constructor as unknown as ConstructorData); let contentToHash = ""; for (const propertyName of constructorData.hashedProperties) { contentToHash += `|${(this as any)[propertyName]}`; } if (isDeleted) { contentToHash += "|deleted"; } return utils.hash(contentToHash).substr(0, 10); } protected getPojoToSave() { return this.getPojo(); } hasStringContent(): boolean { // TODO: Not sure why some entities don't implement it. return true; } abstract getPojo(): {}; get isDeleted(): boolean { // TODO: Not sure why some entities don't implement it. return false; } /** * Saves entity - executes SQL, but doesn't commit the transaction on its own */ // TODO: opts not used but called a few times, maybe should be used by derived classes or passed to beforeSaving. save(opts?: {}): this { const constructorData = (this.constructor as unknown as ConstructorData); const entityName = constructorData.entityName; const primaryKeyName = constructorData.primaryKeyName; const isNewEntity = !(this as any)[primaryKeyName]; this.beforeSaving(); const pojo = this.getPojoToSave(); sql.transactional(() => { sql.upsert(entityName, primaryKeyName, pojo); if (entityName === 'recent_notes') { return; } this.putEntityChange(!!this.isDeleted); if (!cls.isEntityEventsDisabled()) { const eventPayload = { entityName, entity: this }; if (isNewEntity) { eventService.emit(eventService.ENTITY_CREATED, eventPayload); } eventService.emit(eventService.ENTITY_CHANGED, eventPayload); } }); return this; } protected _setContent(content: string | Buffer, opts: ContentOpts = {}) { // client code asks to save entity even if blobId didn't change (something else was changed) opts.forceSave = !!opts.forceSave; opts.forceFrontendReload = !!opts.forceFrontendReload; if (content === null || content === undefined) { const constructorData = (this.constructor as unknown as ConstructorData); throw new Error(`Cannot set null content to ${constructorData.primaryKeyName} '${(this as any)[constructorData.primaryKeyName]}'`); } if (this.hasStringContent()) { content = content.toString(); } else { content = Buffer.isBuffer(content) ? content : Buffer.from(content); } const unencryptedContentForHashCalculation = this.getUnencryptedContentForHashCalculation(content); if (this.isProtected) { if (protectedSessionService.isProtectedSessionAvailable()) { const encryptedContent = protectedSessionService.encrypt(content); if (!encryptedContent) { throw new Error(`Unable to encrypt the content of the entity.`); } content = encryptedContent; } else { throw new Error(`Cannot update content of blob since protected session is not available.`); } } sql.transactional(() => { const newBlobId = this.saveBlob(content, unencryptedContentForHashCalculation, opts); const oldBlobId = this.blobId; if (newBlobId !== oldBlobId || opts.forceSave) { this.blobId = newBlobId; this.save(); if (oldBlobId && newBlobId !== oldBlobId) { this.deleteBlobIfNotUsed(oldBlobId); } } }); } private deleteBlobIfNotUsed(oldBlobId: string) { if (sql.getValue("SELECT 1 FROM notes WHERE blobId = ? LIMIT 1", [oldBlobId])) { return; } if (sql.getValue("SELECT 1 FROM attachments WHERE blobId = ? LIMIT 1", [oldBlobId])) { return; } if (sql.getValue("SELECT 1 FROM revisions WHERE blobId = ? LIMIT 1", [oldBlobId])) { return; } sql.execute("DELETE FROM blobs WHERE blobId = ?", [oldBlobId]); // blobs are not marked as erased in entity_changes, they are just purged completely // this is because technically every keystroke can create a new blob, and there would be just too many sql.execute("DELETE FROM entity_changes WHERE entityName = 'blobs' AND entityId = ?", [oldBlobId]); } private getUnencryptedContentForHashCalculation(unencryptedContent: Buffer | string) { if (this.isProtected) { // a "random" prefix makes sure that the calculated hash/blobId is different for a decrypted/encrypted content const encryptedPrefixSuffix = "t$[nvQg7q)&_ENCRYPTED_?M:Bf&j3jr_"; return Buffer.isBuffer(unencryptedContent) ? Buffer.concat([Buffer.from(encryptedPrefixSuffix), unencryptedContent]) : `${encryptedPrefixSuffix}${unencryptedContent}`; } else { return unencryptedContent; } } private saveBlob(content: string | Buffer, unencryptedContentForHashCalculation: string | Buffer, opts: ContentOpts = {}) { /* * We're using the unencrypted blob for the hash calculation, because otherwise the random IV would * cause every content blob to be unique which would balloon the database size (esp. with revisioning). * This has minor security implications (it's easy to infer that given content is shared between different * notes/attachments), but the trade-off comes out clearly positive. */ const newBlobId = utils.hashedBlobId(unencryptedContentForHashCalculation); const blobNeedsInsert = !sql.getValue('SELECT 1 FROM blobs WHERE blobId = ?', [newBlobId]); if (!blobNeedsInsert) { return newBlobId; } const pojo = { blobId: newBlobId, content: content, dateModified: dateUtils.localNowDateTime(), utcDateModified: dateUtils.utcNowDateTime() }; sql.upsert("blobs", "blobId", pojo); // we can't reuse blobId as an entity_changes hash, because this one has to be calculatable without having // access to the decrypted content const hash = blobService.calculateContentHash(pojo); entityChangesService.putEntityChange({ entityName: 'blobs', entityId: newBlobId, hash: hash, isErased: false, utcDateChanged: pojo.utcDateModified, isSynced: true, // overriding componentId will cause the frontend to think the change is coming from a different component // and thus reload componentId: opts.forceFrontendReload ? utils.randomString(10) : null }); eventService.emit(eventService.ENTITY_CHANGED, { entityName: 'blobs', entity: this }); return newBlobId; } protected _getContent(): string | Buffer { const row = sql.getRow<{ content: string | Buffer }>(`SELECT content FROM blobs WHERE blobId = ?`, [this.blobId]); if (!row) { const constructorData = (this.constructor as unknown as ConstructorData); throw new Error(`Cannot find content for ${constructorData.primaryKeyName} '${(this as any)[constructorData.primaryKeyName]}', blobId '${this.blobId}'`); } return blobService.processContent(row.content, this.isProtected || false, this.hasStringContent()); } /** * Mark the entity as (soft) deleted. It will be completely erased later. * * This is a low-level method, for notes and branches use `note.deleteNote()` and 'branch.deleteBranch()` instead. */ markAsDeleted(deleteId: string | null = null) { const constructorData = (this.constructor as unknown as ConstructorData); const entityId = (this as any)[constructorData.primaryKeyName]; const entityName = constructorData.entityName; this.utcDateModified = dateUtils.utcNowDateTime(); sql.execute(`UPDATE ${entityName} SET isDeleted = 1, deleteId = ?, utcDateModified = ? WHERE ${constructorData.primaryKeyName} = ?`, [deleteId, this.utcDateModified, entityId]); if (this.dateModified) { this.dateModified = dateUtils.localNowDateTime(); sql.execute(`UPDATE ${entityName} SET dateModified = ? WHERE ${constructorData.primaryKeyName} = ?`, [this.dateModified, entityId]); } log.info(`Marking ${entityName} ${entityId} as deleted`); this.putEntityChange(true); eventService.emit(eventService.ENTITY_DELETED, { entityName, entityId, entity: this }); } markAsDeletedSimple() { const constructorData = (this.constructor as unknown as ConstructorData); const entityId = (this as any)[constructorData.primaryKeyName]; const entityName = constructorData.entityName; this.utcDateModified = dateUtils.utcNowDateTime(); sql.execute(`UPDATE ${entityName} SET isDeleted = 1, utcDateModified = ? WHERE ${constructorData.primaryKeyName} = ?`, [this.utcDateModified, entityId]); log.info(`Marking ${entityName} ${entityId} as deleted`); this.putEntityChange(true); eventService.emit(eventService.ENTITY_DELETED, { entityName, entityId, entity: this }); } } export = AbstractBeccaEntity;