@protontech/drive-sdk 0.6.2 → 0.7.1

package/src/internal/nodes/nodesManagement.test.ts

@@ -6,6 +6,7 @@ import { DecryptedNode } from './interface';
 import { NodesManagement } from './nodesManagement';
 import { NodeResult } from '../../interface';
 import { NodeOutOfSyncError } from './errors';
+import { ValidationError } from '../../errors';
 
 describe('NodesManagement', () => {
     let apiService: NodeAPIService;
@@ -57,7 +58,7 @@ describe('NodesManagement', () => {
             restoreNodes: jest.fn(async function* (uids) {
                 yield* uids.map((uid) => ({ ok: true, uid }) as NodeResult);
             }),
-            deleteNodes: jest.fn(async function* (uids) {
+            deleteTrashedNodes: jest.fn(async function* (uids) {
                 yield* uids.map((uid) => ({ ok: true, uid }) as NodeResult);
             }),
             createFolder: jest.fn(),
@@ -117,7 +118,12 @@ describe('NodesManagement', () => {
                     nameSessionKey: `${uid}-nameSessionKey`,
                 }),
             ),
-            getRootNodeEmailKey: jest.fn().mockResolvedValue({ email: 'root-email', addressKey: 'root-key' }),
+            getNodeSigningKeys: jest.fn().mockResolvedValue({
+                type: 'userAddress',
+                email: 'root-email',
+                addressId: 'root-addressId',
+                key: 'root-key',
+            }),
             notifyNodeChanged: jest.fn(),
             notifyNodeDeleted: jest.fn(),
             notifyChildCreated: jest.fn(),
@@ -136,11 +142,11 @@ describe('NodesManagement', () => {
             nameAuthor: { ok: true, value: 'newSignatureEmail' },
             hash: 'newHash',
         });
-        expect(nodesAccess.getRootNodeEmailKey).toHaveBeenCalledWith('nodeUid');
+        expect(nodesAccess.getNodeSigningKeys).toHaveBeenCalledWith({ nodeUid: 'nodeUid', parentNodeUid: 'parentUid' });
         expect(cryptoService.encryptNewName).toHaveBeenCalledWith(
             { key: 'parentUid-key', hashKey: 'parentUid-hashKey' },
             'nodeUid-nameSessionKey',
-            { email: 'root-email', addressKey: 'root-key' },
+            { type: 'userAddress', email: 'root-email', addressId: 'root-addressId', key: 'root-key' },
             'new name',
         );
         expect(apiService.renameNode).toHaveBeenCalledWith(
@@ -181,9 +187,12 @@ describe('NodesManagement', () => {
             keyAuthor: { ok: true, value: 'movedSignatureEmail' },
             nameAuthor: { ok: true, value: 'movedNameSignatureEmail' },
         });
-        expect(nodesAccess.getRootNodeEmailKey).toHaveBeenCalledWith('newParentNodeUid');
+        expect(nodesAccess.getNodeSigningKeys).toHaveBeenCalledWith({
+            nodeUid: 'nodeUid',
+            parentNodeUid: 'newParentNodeUid',
+        });
         expect(cryptoService.encryptNodeWithNewParent).toHaveBeenCalledWith(
-            nodes.nodeUid,
+            nodes.nodeUid.name,
             expect.objectContaining({
                 key: 'nodeUid-key',
                 passphrase: 'nodeUid-passphrase',
@@ -192,7 +201,7 @@ describe('NodesManagement', () => {
                 nameSessionKey: 'nodeUid-nameSessionKey',
             }),
             expect.objectContaining({ key: 'newParentNodeUid-key', hashKey: 'newParentNodeUid-hashKey' }),
-            { email: 'root-email', addressKey: 'root-key' },
+            { type: 'userAddress', email: 'root-email', addressId: 'root-addressId', key: 'root-key' },
         );
         expect(apiService.moveNode).toHaveBeenCalledWith(
             'nodeUid',
@@ -223,7 +232,7 @@ describe('NodesManagement', () => {
         const newNode = await management.moveNode('anonymousNodeUid', 'newParentNodeUid');
 
         expect(cryptoService.encryptNodeWithNewParent).toHaveBeenCalledWith(
-            nodes.anonymousNodeUid,
+            nodes.anonymousNodeUid.name,
             expect.objectContaining({
                 key: 'anonymousNodeUid-key',
                 passphrase: 'anonymousNodeUid-passphrase',
@@ -232,7 +241,7 @@ describe('NodesManagement', () => {
                 nameSessionKey: 'anonymousNodeUid-nameSessionKey',
             }),
             expect.objectContaining({ key: 'newParentNodeUid-key', hashKey: 'newParentNodeUid-hashKey' }),
-            { email: 'root-email', addressKey: 'root-key' },
+            { type: 'userAddress', email: 'root-email', addressId: 'root-addressId', key: 'root-key' },
         );
         expect(newNode).toEqual({
             ...nodes.anonymousNodeUid,
@@ -276,9 +285,12 @@ describe('NodesManagement', () => {
             keyAuthor: { ok: true, value: 'copiedSignatureEmail' },
             nameAuthor: { ok: true, value: 'copiedNameSignatureEmail' },
         });
-        expect(nodesAccess.getRootNodeEmailKey).toHaveBeenCalledWith('newParentNodeUid');
+        expect(nodesAccess.getNodeSigningKeys).toHaveBeenCalledWith({
+            nodeUid: 'nodeUid',
+            parentNodeUid: 'newParentNodeUid',
+        });
         expect(cryptoService.encryptNodeWithNewParent).toHaveBeenCalledWith(
-            nodes.nodeUid,
+            nodes.nodeUid.name,
             expect.objectContaining({
                 key: 'nodeUid-key',
                 passphrase: 'nodeUid-passphrase',
@@ -287,7 +299,7 @@ describe('NodesManagement', () => {
                 nameSessionKey: 'nodeUid-nameSessionKey',
             }),
             expect.objectContaining({ key: 'newParentNodeUid-key', hashKey: 'newParentNodeUid-hashKey' }),
-            { email: 'root-email', addressKey: 'root-key' },
+            { type: 'userAddress', email: 'root-email', addressId: 'root-addressId', key: 'root-key' },
         );
         expect(apiService.copyNode).toHaveBeenCalledWith('nodeUid', {
             parentUid: 'newParentNodeUid',
@@ -313,7 +325,7 @@ describe('NodesManagement', () => {
         const newNode = await management.copyNode('anonymousNodeUid', 'newParentNodeUid');
 
         expect(cryptoService.encryptNodeWithNewParent).toHaveBeenCalledWith(
-            nodes.anonymousNodeUid,
+            nodes.anonymousNodeUid.name,
             expect.objectContaining({
                 key: 'anonymousNodeUid-key',
                 passphrase: 'anonymousNodeUid-passphrase',
@@ -322,7 +334,7 @@ describe('NodesManagement', () => {
                 nameSessionKey: 'anonymousNodeUid-nameSessionKey',
             }),
             expect.objectContaining({ key: 'newParentNodeUid-key', hashKey: 'newParentNodeUid-hashKey' }),
-            { email: 'root-email', addressKey: 'root-key' },
+            { type: 'userAddress', email: 'root-email', addressId: 'root-addressId', key: 'root-key' },
         );
         expect(newNode).toEqual({
             ...nodes.anonymousNodeUid,
@@ -339,6 +351,49 @@ describe('NodesManagement', () => {
         });
     });
 
+    it('copyNode manages copy of node with new name', async () => {
+        const encryptedCrypto = {
+            encryptedName: 'copiedArmoredNodeName',
+            hash: 'copiedHash',
+            armoredNodePassphrase: 'copiedArmoredNodePassphrase',
+            armoredNodePassphraseSignature: 'copiedArmoredNodePassphraseSignature',
+            signatureEmail: 'copiedSignatureEmail',
+            nameSignatureEmail: 'copiedNameSignatureEmail',
+        };
+        cryptoService.encryptNodeWithNewParent = jest.fn().mockResolvedValue(encryptedCrypto);
+
+        const newName = 'new name';
+        const newNode = await management.copyNode('nodeUid', 'newParentNodeUid', newName);
+
+        expect(newNode).toEqual({
+            ...nodes.nodeUid,
+            name: { ok: true, value: newName },
+            uid: 'newCopiedNodeUid',
+            parentUid: 'newParentNodeUid',
+            encryptedName: 'copiedArmoredNodeName',
+            hash: 'copiedHash',
+            keyAuthor: { ok: true, value: 'copiedSignatureEmail' },
+            nameAuthor: { ok: true, value: 'copiedNameSignatureEmail' },
+        });
+        expect(cryptoService.encryptNodeWithNewParent).toHaveBeenCalledWith(
+            { ok: true, value: newName },
+            expect.objectContaining({
+                key: 'nodeUid-key',
+                passphrase: 'nodeUid-passphrase',
+                passphraseSessionKey: 'nodeUid-passphraseSessionKey',
+                contentKeyPacketSessionKey: 'nodeUid-contentKeyPacketSessionKey',
+                nameSessionKey: 'nodeUid-nameSessionKey',
+            }),
+            expect.objectContaining({ key: 'newParentNodeUid-key', hashKey: 'newParentNodeUid-hashKey' }),
+            { type: 'userAddress', email: 'root-email', addressId: 'root-addressId', key: 'root-key' },
+        );
+    });
+
+    it('copyNode throws error if name is invalid', async () => {
+        const promise = management.copyNode('nodeUid', 'newParentNodeUid', 'invalid/name');
+        await expect(promise).rejects.toThrow(ValidationError);
+    });
+
     it('trashes node and updates cache', async () => {
         const uids = ['v1~n1', 'v1~n2'];
         const trashed = new Set();

package/src/internal/nodes/nodesManagement.ts

@@ -1,17 +1,17 @@
 import { c } from 'ttag';
 
-import { MemberRole, NodeType, NodeResult, NodeResultWithNewUid, resultOk } from '../../interface';
+import { MemberRole, NodeType, NodeResult, NodeResultWithNewUid, resultOk, InvalidNameError } from '../../interface';
 import { AbortError, ValidationError } from '../../errors';
-import { getErrorMessage } from '../errors';
+import { createErrorFromUnknown, getErrorMessage } from '../errors';
 import { splitNodeUid } from '../uids';
-import { NodeAPIService } from './apiService';
+import { NodeAPIServiceBase } from './apiService';
 import { NodesCryptoCache } from './cryptoCache';
 import { NodesCryptoService } from './cryptoService';
 import { NodeOutOfSyncError } from './errors';
 import { generateFolderExtendedAttributes } from './extendedAttributes';
-import { DecryptedNode } from './interface';
+import { DecryptedNode, EncryptedNode } from './interface';
 import { splitExtension, joinNameAndExtension } from './nodeName';
-import { NodesAccess } from './nodesAccess';
+import { NodesAccessBase } from './nodesAccess';
 import { validateNodeName } from './validations';
 
 const AVAILABLE_NAME_BATCH_SIZE = 10;
@@ -26,12 +26,16 @@ const AVAILABLE_NAME_LIMIT = 1000;
  * This module uses other modules providing low-level operations, such
  * as API service, cache, crypto service, etc.
  */
-export class NodesManagement {
+export abstract class NodesManagementBase<
+    TEncryptedNode extends EncryptedNode = EncryptedNode,
+    TDecryptedNode extends DecryptedNode = DecryptedNode,
+    TNodesCryptoService extends NodesCryptoService = NodesCryptoService,
+> {
     constructor(
-        private apiService: NodeAPIService,
-        private cryptoCache: NodesCryptoCache,
-        private cryptoService: NodesCryptoService,
-        private nodesAccess: NodesAccess,
+        protected apiService: NodeAPIServiceBase<TEncryptedNode>,
+        protected cryptoCache: NodesCryptoCache,
+        protected cryptoService: NodesCryptoService,
+        protected nodesAccess: NodesAccessBase<TEncryptedNode, TDecryptedNode, TNodesCryptoService>,
     ) {
         this.apiService = apiService;
         this.cryptoCache = cryptoCache;
@@ -43,13 +47,13 @@ export class NodesManagement {
         nodeUid: string,
         newName: string,
         options = { allowRenameRootNode: false },
-    ): Promise<DecryptedNode> {
+    ): Promise<TDecryptedNode> {
         validateNodeName(newName);
 
         const node = await this.nodesAccess.getNode(nodeUid);
         const { nameSessionKey: nodeNameSessionKey } = await this.nodesAccess.getNodePrivateAndSessionKeys(nodeUid);
         const parentKeys = await this.nodesAccess.getParentKeys(node);
-        const address = await this.nodesAccess.getRootNodeEmailKey(nodeUid);
+        const signingKeys = await this.nodesAccess.getNodeSigningKeys({ nodeUid, parentNodeUid: node.parentUid });
 
         if (!options.allowRenameRootNode && (!node.hash || !parentKeys.hashKey)) {
             throw new ValidationError(c('Error').t`Renaming root item is not allowed`);
@@ -58,7 +62,7 @@ export class NodesManagement {
         const { signatureEmail, armoredNodeName, hash } = await this.cryptoService.encryptNewName(
             parentKeys,
             nodeNameSessionKey,
-            address,
+            signingKeys,
             newName,
         );
 
@@ -91,11 +95,11 @@ export class NodesManagement {
         }
 
         await this.nodesAccess.notifyNodeChanged(nodeUid);
-        const newNode: DecryptedNode = {
+        const newNode: TDecryptedNode = {
             ...node,
             name: resultOk(newName),
             encryptedName: armoredNodeName,
-            nameAuthor: resultOk(signatureEmail),
+            nameAuthor: resultOk(signatureEmail || null),
             hash,
         };
         return newNode;
@@ -123,15 +127,13 @@ export class NodesManagement {
         }
     }
 
-    async moveNode(nodeUid: string, newParentUid: string): Promise<DecryptedNode> {
-        const [node, address] = await Promise.all([
-            this.nodesAccess.getNode(nodeUid),
-            this.nodesAccess.getRootNodeEmailKey(newParentUid),
-        ]);
+    async moveNode(nodeUid: string, newParentUid: string): Promise<TDecryptedNode> {
+        const node = await this.nodesAccess.getNode(nodeUid);
 
-        const [keys, newParentKeys] = await Promise.all([
+        const [keys, newParentKeys, signingKeys] = await Promise.all([
             this.nodesAccess.getNodePrivateAndSessionKeys(nodeUid),
             this.nodesAccess.getNodeKeys(newParentUid),
+            this.nodesAccess.getNodeSigningKeys({ nodeUid, parentNodeUid: newParentUid }),
         ]);
 
         if (!node.hash) {
@@ -142,10 +144,10 @@ export class NodesManagement {
         }
 
         const encryptedCrypto = await this.cryptoService.encryptNodeWithNewParent(
-            node,
+            node.name,
             keys,
             { key: newParentKeys.key, hashKey: newParentKeys.hashKey },
-            address,
+            signingKeys,
         );
 
         // Node could be uploaded or renamed by anonymous user and thus have
@@ -174,7 +176,7 @@ export class NodesManagement {
                 // TODO: When moving photos, we need to pass content hash.
             },
         );
-        const newNode: DecryptedNode = {
+        const newNode: TDecryptedNode = {
             ...node,
             encryptedName: encryptedCrypto.encryptedName,
             parentUid: newParentUid,
@@ -188,16 +190,18 @@ export class NodesManagement {
 
     // Improvement requested: copy nodes in parallel using copy_multiple endpoint
     async *copyNodes(
-        nodeUids: string[],
+        nodeUidsOrWithNames: (string | { uid: string; name: string })[],
         newParentNodeUid: string,
         signal?: AbortSignal,
     ): AsyncGenerator<NodeResultWithNewUid> {
-        for (const nodeUid of nodeUids) {
+        for (const nodeUidOrWithName of nodeUidsOrWithNames) {
             if (signal?.aborted) {
                 throw new AbortError(c('Error').t`Copy operation aborted`);
             }
+            const nodeUid = typeof nodeUidOrWithName === 'string' ? nodeUidOrWithName : nodeUidOrWithName.uid;
+            const name = typeof nodeUidOrWithName === 'string' ? undefined : nodeUidOrWithName.name;
             try {
-                const { uid: newNodeUid } = await this.copyNode(nodeUid, newParentNodeUid);
+                const { uid: newNodeUid } = await this.copyNode(nodeUid, newParentNodeUid, name);
                 yield {
                     uid: nodeUid,
                     newUid: newNodeUid,
@@ -207,21 +211,24 @@ export class NodesManagement {
                 yield {
                     uid: nodeUid,
                     ok: false,
-                    error: getErrorMessage(error),
+                    error: createErrorFromUnknown(error),
                 };
             }
         }
     }
 
-    async copyNode(nodeUid: string, newParentUid: string): Promise<DecryptedNode> {
-        const [node, address] = await Promise.all([
-            this.nodesAccess.getNode(nodeUid),
-            this.nodesAccess.getRootNodeEmailKey(newParentUid),
-        ]);
+    async copyNode(nodeUid: string, newParentUid: string, name?: string): Promise<TDecryptedNode> {
+        if (name) {
+            validateNodeName(name);
+        }
 
-        const [keys, newParentKeys] = await Promise.all([
+        const node = await this.nodesAccess.getNode(nodeUid);
+        const nodeName = name ? resultOk<string, Error | InvalidNameError>(name) : node.name;
+
+        const [keys, newParentKeys, signingKeys] = await Promise.all([
             this.nodesAccess.getNodePrivateAndSessionKeys(nodeUid),
             this.nodesAccess.getNodeKeys(newParentUid),
+            this.nodesAccess.getNodeSigningKeys({ nodeUid, parentNodeUid: newParentUid }),
         ]);
 
         if (!newParentKeys.hashKey) {
@@ -229,10 +236,10 @@ export class NodesManagement {
         }
 
         const encryptedCrypto = await this.cryptoService.encryptNodeWithNewParent(
-            node,
+            nodeName,
             keys,
             { key: newParentKeys.key, hashKey: newParentKeys.hashKey },
-            address,
+            signingKeys,
         );
 
         // Node could be uploaded or renamed by anonymous user and thus have
@@ -254,8 +261,9 @@ export class NodesManagement {
             nameSignatureEmail: encryptedCrypto.nameSignatureEmail,
             hash: encryptedCrypto.hash,
         });
-        const newNode: DecryptedNode = {
+        const newNode: TDecryptedNode = {
             ...node,
+            name: nodeName,
             uid: newNodeUid,
             encryptedName: encryptedCrypto.encryptedName,
             parentUid: newParentUid,
@@ -286,7 +294,7 @@ export class NodesManagement {
     }
 
     async *deleteNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
-        for await (const result of this.apiService.deleteNodes(nodeUids, signal)) {
+        for await (const result of this.apiService.deleteTrashedNodes(nodeUids, signal)) {
             if (result.ok) {
                 await this.nodesAccess.notifyNodeDeleted(result.uid);
             }
@@ -295,7 +303,7 @@ export class NodesManagement {
     }
 
     // FIXME create test for create folder
-    async createFolder(parentNodeUid: string, folderName: string, modificationTime?: Date): Promise<DecryptedNode> {
+    async createFolder(parentNodeUid: string, folderName: string, modificationTime?: Date): Promise<TDecryptedNode> {
         validateNodeName(folderName);
 
         const parentKeys = await this.nodesAccess.getNodeKeys(parentNodeUid);
@@ -303,12 +311,12 @@ export class NodesManagement {
             throw new ValidationError(c('Error').t`Creating folders in non-folders is not allowed`);
         }
 
-        const address = await this.nodesAccess.getRootNodeEmailKey(parentNodeUid);
+        const signingKeys = await this.nodesAccess.getNodeSigningKeys({ parentNodeUid });
         const extendedAttributes = generateFolderExtendedAttributes(modificationTime);
 
         const { encryptedCrypto, keys } = await this.cryptoService.createFolder(
             { key: parentKeys.key, hashKey: parentKeys.hashKey },
-            address,
+            signingKeys,
             folderName,
             extendedAttributes,
         );
@@ -324,8 +332,33 @@ export class NodesManagement {
         });
 
         await this.nodesAccess.notifyChildCreated(parentNodeUid);
+        const node = this.generateNodeFolder(nodeUid, parentNodeUid, folderName, encryptedCrypto);
+        await this.cryptoCache.setNodeKeys(nodeUid, keys);
+        return node;
+    }
 
-        const node: DecryptedNode = {
+    protected abstract generateNodeFolder(
+        nodeUid: string,
+        parentUid: string,
+        name: string,
+        encryptedCrypto: {
+            hash: string;
+            encryptedName: string;
+            signatureEmail: string | null;
+        },
+    ): TDecryptedNode;
+
+    protected generateNodeFolderBase(
+        nodeUid: string,
+        parentNodeUid: string,
+        name: string,
+        encryptedCrypto: {
+            hash: string;
+            encryptedName: string;
+            signatureEmail: string | null;
+        },
+    ): DecryptedNode {
+        return {
             // Internal metadata
             hash: encryptedCrypto.hash,
             encryptedName: encryptedCrypto.encryptedName,
@@ -336,6 +369,7 @@ export class NodesManagement {
             type: NodeType.Folder,
             mediaType: 'Folder',
             creationTime: new Date(),
+            modificationTime: new Date(),
 
             // Share node metadata
             isShared: false,
@@ -344,14 +378,11 @@ export class NodesManagement {
 
             // Decrypted metadata
             isStale: false,
-            keyAuthor: resultOk(encryptedCrypto.signatureEmail),
-            nameAuthor: resultOk(encryptedCrypto.signatureEmail),
-            name: resultOk(folderName),
+            keyAuthor: resultOk(encryptedCrypto.signatureEmail || null),
+            nameAuthor: resultOk(encryptedCrypto.signatureEmail || null),
+            name: resultOk(name),
             treeEventScopeId: splitNodeUid(nodeUid).volumeId,
         };
-
-        await this.cryptoCache.setNodeKeys(nodeUid, keys);
-        return node;
     }
 
     async findAvailableName(parentFolderUid: string, name: string): Promise<string> {
@@ -392,3 +423,18 @@ export class NodesManagement {
         throw new ValidationError(c('Error').t`No available name found`);
     }
 }
+
+export class NodesManagement extends NodesManagementBase {
+    protected generateNodeFolder(
+        nodeUid: string,
+        parentNodeUid: string,
+        name: string,
+        encryptedCrypto: {
+            hash: string;
+            encryptedName: string;
+            signatureEmail: string | null;
+        },
+    ): DecryptedNode {
+        return this.generateNodeFolderBase(nodeUid, parentNodeUid, name, encryptedCrypto);
+    }
+}

package/src/internal/nodes/nodesRevisions.ts

@@ -1,6 +1,6 @@
 import { Logger } from '../../interface';
 import { makeNodeUidFromRevisionUid } from '../uids';
-import { NodeAPIService } from './apiService';
+import { NodeAPIServiceBase } from './apiService';
 import { NodesCryptoService } from './cryptoService';
 import { NodesAccess } from './nodesAccess';
 import { parseFileExtendedAttributes } from './extendedAttributes';
@@ -12,9 +12,9 @@ import { DecryptedRevision } from './interface';
 export class NodesRevisons {
     constructor(
         private logger: Logger,
-        private apiService: NodeAPIService,
+        private apiService: NodeAPIServiceBase,
         private cryptoService: NodesCryptoService,
-        private nodesAccess: NodesAccess,
+        private nodesAccess: Pick<NodesAccess, 'getNodeKeys'>,
     ) {
         this.logger = logger;
         this.apiService = apiService;

package/src/internal/photos/albums.ts

@@ -1,7 +1,7 @@
 import { BatchLoading } from '../batchLoading';
 import { DecryptedNode } from '../nodes';
 import { PhotosAPIService } from './apiService';
-import { NodesService } from './interface';
+import { PhotosNodesAccess } from './nodes';
 import { PhotoSharesManager } from './shares';
 
 const BATCH_LOADING_SIZE = 10;
@@ -13,7 +13,7 @@ export class Albums {
     constructor(
         private apiService: PhotosAPIService,
         private photoShares: PhotoSharesManager,
-        private nodesService: NodesService,
+        private nodesService: PhotosNodesAccess,
     ) {
         this.apiService = apiService;
         this.photoShares = photoShares;

package/src/internal/photos/index.ts

@@ -6,6 +6,10 @@ import {
     ProtonDriveEntitiesCache,
     ProtonDriveTelemetry,
 } from '../../interface';
+import { NodesCryptoService } from '../nodes/cryptoService';
+import { NodesCryptoReporter } from '../nodes/cryptoReporter';
+import { NodesCryptoCache } from '../nodes/cryptoCache';
+import { ShareTargetType } from '../shares';
 import { SharesCache } from '../shares/cache';
 import { SharesCryptoCache } from '../shares/cryptoCache';
 import { SharesCryptoService } from '../shares/cryptoService';
@@ -14,7 +18,8 @@ import { UploadTelemetry } from '../upload/telemetry';
 import { UploadQueue } from '../upload/queue';
 import { Albums } from './albums';
 import { PhotosAPIService } from './apiService';
-import { NodesService, SharesService } from './interface';
+import { SharesService } from './interface';
+import { PhotosNodesAPIService, PhotosNodesAccess, PhotosNodesCache, PhotosNodesManagement } from './nodes';
 import { PhotoSharesManager } from './shares';
 import { PhotosTimeline } from './timeline';
 import {
@@ -24,7 +29,10 @@ import {
     PhotoUploadManager,
     PhotoUploadMetadata,
 } from './upload';
-import { ShareTargetType } from '../shares';
+import { NodesRevisons } from '../nodes/nodesRevisions';
+import { NodesEventsHandler } from '../nodes/events';
+
+export type { DecryptedPhotoNode } from './interface';
 
 // Only photos and albums can be shared in photos volume.
 export const PHOTOS_SHARE_TARGET_TYPES = [ShareTargetType.Photo, ShareTargetType.Album];
@@ -40,7 +48,7 @@ export function initPhotosModule(
     apiService: DriveAPIService,
     driveCrypto: DriveCrypto,
     photoShares: PhotoSharesManager,
-    nodesService: NodesService,
+    nodesService: PhotosNodesAccess,
 ) {
     const api = new PhotosAPIService(apiService);
     const timeline = new PhotosTimeline(
@@ -89,6 +97,40 @@ export function initPhotoSharesModule(
     );
 }
 
+/**
+ * Provides facade for the photo nodes module.
+ *
+ * The photo nodes module wraps the core nodes module and adds photo specific
+ * metadata. It provides the same interface so it can be used in the same way.
+ */
+export function initPhotosNodesModule(
+    telemetry: ProtonDriveTelemetry,
+    apiService: DriveAPIService,
+    driveEntitiesCache: ProtonDriveEntitiesCache,
+    driveCryptoCache: ProtonDriveCryptoCache,
+    account: ProtonDriveAccount,
+    driveCrypto: DriveCrypto,
+    sharesService: PhotoSharesManager,
+    clientUid: string | undefined,
+) {
+    const api = new PhotosNodesAPIService(telemetry.getLogger('nodes-api'), apiService, clientUid);
+    const cache = new PhotosNodesCache(telemetry.getLogger('nodes-cache'), driveEntitiesCache);
+    const cryptoCache = new NodesCryptoCache(telemetry.getLogger('nodes-cache'), driveCryptoCache);
+    const cryptoReporter = new NodesCryptoReporter(telemetry, sharesService);
+    const cryptoService = new NodesCryptoService(telemetry, driveCrypto, account, cryptoReporter);
+    const nodesAccess = new PhotosNodesAccess(telemetry, api, cache, cryptoCache, cryptoService, sharesService);
+    const nodesEventHandler = new NodesEventsHandler(telemetry.getLogger('nodes-events'), cache);
+    const nodesManagement = new PhotosNodesManagement(api, cryptoCache, cryptoService, nodesAccess);
+    const nodesRevisions = new NodesRevisons(telemetry.getLogger('nodes'), api, cryptoService, nodesAccess);
+
+    return {
+        access: nodesAccess,
+        management: nodesManagement,
+        revisions: nodesRevisions,
+        eventHandler: nodesEventHandler,
+    };
+}
+
 /**
  * Provides facade for the photo upload module.
  *

package/src/internal/photos/interface.ts

@@ -1,6 +1,6 @@
 import { PrivateKey } from '../../crypto';
-import { MissingNode, MetricVolumeType } from '../../interface';
-import { DecryptedNode } from '../nodes';
+import { MetricVolumeType, PhotoAttributes } from '../../interface';
+import { DecryptedNode, EncryptedNode, DecryptedUnparsedNode } from '../nodes/interface';
 import { EncryptedShare } from '../shares';
 
 export interface SharesService {
@@ -23,10 +23,22 @@ export interface SharesService {
     getVolumeMetricContext(volumeId: string): Promise<MetricVolumeType>;
 }
 
-export interface NodesService {
-    getNode(nodeUid: string): Promise<DecryptedNode>;
-    iterateNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<DecryptedNode | MissingNode>;
-    getNodeKeys(nodeUid: string): Promise<{
-        hashKey?: Uint8Array;
-    }>;
-}
+export type EncryptedPhotoNode = EncryptedNode & {
+    photo?: EcnryptedPhotoAttributes;
+};
+
+export type DecryptedUnparsedPhotoNode = DecryptedUnparsedNode & {
+    photo?: PhotoAttributes;
+};
+
+export type DecryptedPhotoNode = DecryptedNode & {
+    photo?: PhotoAttributes;
+};
+
+export type EcnryptedPhotoAttributes = Omit<PhotoAttributes, 'albums'> & {
+    contentHash?: string;
+    albums: (PhotoAttributes['albums'][0] & {
+        nameHash?: string;
+        contentHash?: string;
+    })[];
+};