@secrecy/lib 1.75.0-feat-groups-identity.1 → 1.75.0-feat-groups-identity.3

package/dist/lib/client/SecrecyAppClient.js

@@ -32,7 +32,7 @@ export class SecrecyAppClient {
         //   return this.jwt;
         // }
         const { jwt } = await this.#client.apiClient.auth.jwt.query({
-            includeEmail: typeof this.jwtDecoded.email === 'string',
+            includeEmail: typeof this.jwtDecoded['email'] === 'string',
         });
         this.jwt = jwt;
         this.jwtDecoded = decode(jwt);

package/dist/lib/client/SecrecyCloudClient.js

@@ -463,7 +463,6 @@ export class SecrecyCloudClient {
         return node;
     }
     encryptNodesForIdentities = async (identityNodes) => {
-        const pubKeys = Object.keys(identityNodes).map((identityPubKey) => identityPubKey);
         const nodeIds = Object.values(identityNodes).flatMap((nodeIds) => nodeIds);
         if (nodeIds.length === 0) {
             return {};

package/dist/lib/client/SecrecyDbClient.js

@@ -1,6 +1,3 @@
 export class SecrecyDbClient {
-    #client;
-    constructor(client) {
-        this.#client = client;
-    }
+    constructor(_client) { }
 }

package/dist/lib/client/convert/data.js

@@ -2,6 +2,10 @@ import { dataCache } from '../../cache.js';
 import { decryptCryptoBox } from '../../crypto/index.js';
 import { sodium } from '../../sodium.js';
 export function apiDataToInternal(apiData, keyPairs) {
+    const priv = keyPairs[apiData.access.identityPubKey];
+    if (priv === undefined) {
+        throw new Error(`Missing private key for identityPubKey ${apiData.access.identityPubKey}`);
+    }
     const data = {
         id: apiData.id,
         md5: apiData.md5,
@@ -10,7 +14,7 @@ export function apiDataToInternal(apiData, keyPairs) {
         size: apiData.size,
         sizeEncrypted: apiData.sizeEncrypted,
         key: apiData.access.key
-            ? sodium.to_hex(decryptCryptoBox(sodium.from_hex(apiData.access.key), apiData.access.sharedByPubKey, keyPairs[apiData.access.identityPubKey]))
+            ? sodium.to_hex(decryptCryptoBox(sodium.from_hex(apiData.access.key), apiData.access.sharedByPubKey, priv))
             : null,
         mime: apiData.mime ?? undefined,
         ext: apiData.ext ?? undefined,

package/dist/lib/client/convert/mail.js

@@ -10,6 +10,9 @@ export async function convertInternalMailToExternal({ mail, keyPairs, }) {
     }
     const pubKey = mail.senderPubKey;
     const privateKey = keyPairs[mail.recipientPubKey];
+    if (privateKey === undefined) {
+        throw new Error(`Missing private key for recipientPubKey ${mail.recipientPubKey}`);
+    }
     const body = sodium.to_string(decryptCryptoBox(sodium.from_hex(mail.body), pubKey, privateKey));
     const subject = sodium.to_string(decryptCryptoBox(sodium.from_hex(mail.subject), pubKey, privateKey));
     const hash = sodium.crypto_generichash(sodium.crypto_generichash_BYTES, JSON.stringify({ body, subject }), mI.hashKey, 'hex');

package/dist/lib/client/convert/node.js

@@ -31,19 +31,28 @@ async function apiNodeToInternal(apiNode, keyPairs) {
             continue;
         }
         const pk = keyPairs[access.identityPubKey];
+        if (pk === undefined) {
+            console.log(access, keyPairs);
+            throw new Error(`Missing private key for identityPubKey ${access.identityPubKey}`);
+        }
         const key = decryptCryptoBox(sodium.from_hex(access.nameKey), access.sharedByPubKey, pk);
         access.nameKey = sodium.to_hex(key);
     }
     const firstAccess = internal.accesses[0];
-    if (!firstAccess || firstAccess.nameKey === null) {
+    if (!firstAccess) {
         throw new Error('No access found for node ' + internal.id);
     }
-    internal.name = sodium.to_string(await decryptSecretStream(sodium.from_hex(firstAccess.nameKey), sodium.from_hex(internal.name)));
+    if (firstAccess.nameKey !== null) {
+        internal.name = sodium.to_string(await decryptSecretStream(sodium.from_hex(firstAccess.nameKey), sodium.from_hex(internal.name)));
+    }
     for (const b of internal.breadcrumb) {
         if (b.nameKey === null) {
             continue;
         }
         const pk = keyPairs[b.identityPubKey];
+        if (pk === undefined) {
+            throw new Error(`Missing private key for identityPubKey ${b.identityPubKey}`);
+        }
         const key = decryptCryptoBox(sodium.from_hex(b.nameKey), b.sharedByPubKey, pk);
         b.nameKey = sodium.to_hex(key);
         b.name = sodium.to_string(await decryptSecretStream(key, sodium.from_hex(b.name)));
@@ -108,6 +117,9 @@ export async function apiNodeToExternal(apiNode, keyPairs) {
 export async function apiNodeForEncryptionToInternal(apiNode, keyPairs) {
     const history = apiNode.history.map((history) => {
         const pk = keyPairs[history.access.identityPubKey];
+        if (pk === undefined) {
+            throw new Error(`Missing private key for identityPubKey ${history.access.identityPubKey}`);
+        }
         const key = decryptCryptoBox(sodium.from_hex(history.access.key), history.access.sharedByPublicKey, pk);
         return {
             id: history.id,
@@ -124,6 +136,9 @@ export async function apiNodeForEncryptionToInternal(apiNode, keyPairs) {
     internal.access = { ...apiNode.access };
     if (apiNode.access.nameKey !== null) {
         const pk = keyPairs[apiNode.access.identityPubKey];
+        if (pk === undefined) {
+            throw new Error(`Missing private key for identityPubKey ${apiNode.access.identityPubKey}`);
+        }
         const key = decryptCryptoBox(sodium.from_hex(apiNode.access.nameKey), apiNode.access.sharedByPublicKey, pk);
         internal.name = sodium.to_string(await decryptSecretStream(key, sodium.from_hex(internal.name)));
         internal.access.nameKey = sodium.to_hex(key);

package/dist/lib/client/data-link.js

@@ -32,7 +32,10 @@ export const downloadDataLinkSchema = z.union([
 export async function downloadDataFromLink(opts) {
     let dataUrl = opts.dataUrl ?? 'https://data.secrecy.tech/';
     dataUrl = dataUrl.endsWith('/') ? dataUrl : `${dataUrl}/`;
-    const rawDataLink = await fetch(`${dataUrl}${opts.dataLinkSlug}/json`)
+    const rawDataLink = await fetch(`${dataUrl}${opts.dataLinkSlug}/json`, {
+        mode: 'no-cors',
+        credentials: 'include',
+    })
         .then((res) => res.json())
         .catch((err) => {
         throw new Error(`Unable to fetch "${`${dataUrl}${opts.dataLinkSlug}/json"`}`, { cause: err });

package/dist/lib/client/index.js

@@ -41,7 +41,7 @@ export class SecrecyClient extends BaseClient {
         this.#keyPairs = opts.keyPairs;
         this.#groupIdentities = opts.identities.filter((i) => i.kind === 'GROUP');
         const uaIdentities = opts.identities.filter((i) => i.kind === 'USER_APP');
-        if (uaIdentities.length !== 1) {
+        if (!uaIdentities[0]) {
             throw new Error('One USER_APP identity is required');
         }
         this.#uaIdentity = uaIdentities[0];

package/dist/lib/client/types/identity.js

@@ -9,6 +9,7 @@ export const groupSchema = z.object({
     kind: z.literal('GROUP'),
     identityPubKey: z.string(),
     groupId: z.string(),
+    groupRole: z.enum(['ADMIN', 'MEMBER']),
     sharedByPubKey: z.string(),
     groupOwnerPubKey: z.string(),
 });

package/dist/lib/client/upload.js

@@ -160,15 +160,6 @@ export async function uploadData({ storageType, data, password, forcePassword =
             signal,
         });
         if (uploadData.parts.length === 0) {
-            // TODO why?
-            // if (
-            //   uploadData.type === 'authed' &&
-            //   (typeof uaIdentity === 'undefined' ||
-            //     typeof uaIdentity === 'string' ||
-            //     uploadData.keyPair.pub !== keyPair.publicKey)
-            // ) {
-            //   throw new Error('The public key does not match with cached key!')
-            // }
             await uploadProgress?.({
                 total: encryptedData.byteLength,
                 current: encryptedData.byteLength,

package/dist/lib/crypto/data.js

@@ -46,7 +46,7 @@ function decrypt(header, key) {
     };
 }
 export const CHUNK_SIZE = 8192;
-export async function encryptSecretStream(key, data, progress, abort) {
+export async function encryptSecretStream(key, data, progress, signal) {
     await setup();
     const { encrypt: crypt, destroy, header } = encrypt(key);
     const encryptedChunk = CHUNK_SIZE + sodium.crypto_secretstream_xchacha20poly1305_ABYTES;
@@ -69,7 +69,7 @@ export async function encryptSecretStream(key, data, progress, abort) {
     });
     let lastPercent = total / max;
     for (const chunk of chunks(data, CHUNK_SIZE)) {
-        if (abort?.signal.aborted === true) {
+        if (signal?.aborted === true) {
             throw new Error(`Encrypt aborted`);
         }
         spark.append(chunk.buffer);
@@ -102,7 +102,7 @@ export async function encryptSecretStream(key, data, progress, abort) {
         md5: spark.end(),
     };
 }
-export async function decryptSecretStream(key, data, progress, abort) {
+export async function decryptSecretStream(key, data, progress, signal) {
     await setup();
     const header = data.slice(0, sodium.crypto_secretstream_xchacha20poly1305_HEADERBYTES);
     data = data.slice(sodium.crypto_secretstream_xchacha20poly1305_HEADERBYTES);
@@ -118,7 +118,7 @@ export async function decryptSecretStream(key, data, progress, abort) {
     let total = 0;
     let lastPercent = total / max;
     for (const chunk of chunks(data, chunkSize)) {
-        if (abort?.signal.aborted === true) {
+        if (signal?.aborted === true) {
             throw new Error(`Decrypt aborted`);
         }
         const messageTag = decryptFn(chunk);

package/dist/lib/crypto/domain.js

@@ -43,19 +43,15 @@ const encryptedContentFromParts = async (arg) => {
             onDownloadProgress: (pr) => {
                 arg.onProgress(`${arg.dataId}-${part.order}`, pr);
             },
-            signal: arg.signal,
+            signal: arg.signal ?? null,
         })
             .arrayBuffer());
         const md5Part = await md5(buf);
         if (md5Part !== part.md5) {
             throw new Error(`Invalid md5 for part ${part.order} of data ${arg.dataId}`);
         }
-        if (typeof parts[arg.dataId] === 'undefined') {
-            parts[arg.dataId] = [{ data: buf, order: part.order }];
-        }
-        else {
-            parts[arg.dataId].push({ data: buf, order: part.order });
-        }
+        parts[arg.dataId] ??= [];
+        parts[arg.dataId].push({ data: buf, order: part.order });
     };
     await promiseAllLimit(3, arg.dataParts.map((p) => async () => byPart(p)));
     return concatenate(...parts[arg.dataId].sort((a, b) => a.order - b.order).map((p) => p.data));

package/dist/lib/minify/lz4.js

@@ -1,3 +1,4 @@
+// @ts-nocheck
 // lz4-ts @license BSD-3-Clause / Copyright (c) 2015, Pierre Curto / 2016, oov. All rights reserved.
 /**
  * Copyright (c) 2015, Pierre Curto

package/dist/lib/utils/links.js

@@ -8,8 +8,8 @@ export const secrecyApplications = [
 ];
 function getEnv() {
     if (typeof window === 'undefined') {
-        return process.env.VERCEL_ENV
-            ? process.env.VERCEL_ENV
+        return process.env['VERCEL_ENV']
+            ? process.env['VERCEL_ENV']
             : 'production';
     }
     if (window.location.hostname.includes('secrecy.tech')) {
@@ -24,10 +24,10 @@ function getEnv() {
     return 'production';
 }
 const env = getEnv();
-const secrecyUrl = process.env.NEXT_PUBLIC_IS_SECRECY_INTERNAL !== 'true'
+const secrecyUrl = process.env['NEXT_PUBLIC_IS_SECRECY_INTERNAL'] !== 'true'
     ? 'www.secrecy.tech'
-    : (process.env.VERCEL_URL ??
-        process.env.NEXT_PUBLIC_VERCEL_URL ??
+    : (process.env['VERCEL_URL'] ??
+        process.env['NEXT_PUBLIC_VERCEL_URL'] ??
         'www.secrecy.tech');
 function withPath(origin, path) {
     if (!path) {

package/dist/lib/utils.js

@@ -2,7 +2,7 @@ export const kiloToBytes = (kb) => kb * 1024;
 export const gigaToBytes = (gb) => gb * 2 ** 30;
 // Returns the first "primary" email that's found, else returns the first email in the array.
 export const getPreferedEmail = (emails) => {
-    if (emails.length === 0) {
+    if (!emails[0]) {
         throw new Error("There's no email!");
     }
     return emails.find(({ isPrimary }) => isPrimary) ?? emails[0];

package/dist/lib/worker/sodium.js

@@ -55,7 +55,7 @@ export const encrypt = process.env.NODE_ENV !== 'test'
         });
     }
     : async (key, dataToEncrypt, progress, signal) => {
-        return encryptSecretStream(key, dataToEncrypt);
+        return encryptSecretStream(key, dataToEncrypt, progress, signal);
     };
 export const decrypt = process.env.NODE_ENV !== 'test'
     ? async (key, dataToDecrypt, progress, signal) => {
@@ -100,5 +100,5 @@ export const decrypt = process.env.NODE_ENV !== 'test'
         });
     }
     : async (key, dataToDecrypt, progress, signal) => {
-        return decryptSecretStream(key, dataToDecrypt);
+        return decryptSecretStream(key, dataToDecrypt, progress, signal);
     };

package/dist/types/base-client.d.ts

@@ -1,4 +1,4 @@
-import { type ApiClient, type RouterOutputs, type RouterInputs, CreateTrpcClientOptions } from './client.js';
+import { type ApiClient, type RouterOutputs, type RouterInputs, type CreateTrpcClientOptions } from './client.js';
 import { type InfuraNetwork, type PublicUser } from './index.js';
 import { type SelfUser } from './client/types/user.js';
 export type SecrecyUrls = {

package/dist/types/client/SecrecyCloudClient.d.ts

@@ -2,7 +2,7 @@ import type { ProgressCallback, SecrecyClient, UploadDataOptions } from '../inde
 import type { DataMetadata, DataStorageType, LocalData, Node, NodeFull, NodeType } from './types/index.js';
 import { type Progress } from '../types.js';
 import { type RouterInputs, type RouterOutputs } from '../client.js';
-import { DownloadDataFromLinkOptions } from './data-link.js';
+import { type DownloadDataFromLinkOptions } from './data-link.js';
 export declare class SecrecyCloudClient {
     #private;
     constructor(client: SecrecyClient);

package/dist/types/client/SecrecyDbClient.d.ts

@@ -1,5 +1,4 @@
 import type { SecrecyClient } from '../index.js';
 export declare class SecrecyDbClient {
-    #private;
-    constructor(client: SecrecyClient);
+    constructor(_client: SecrecyClient);
 }

package/dist/types/client/SecrecyOrganizationClient.d.ts

@@ -1,4 +1,4 @@
-import { RouterInputs, RouterOutputs } from '../client.js';
+import type { RouterInputs, RouterOutputs } from '../client.js';
 import type { SecrecyClient } from '../index.js';
 export declare class SecrecyOrganizationClient {
     #private;

package/dist/types/client/data-link.d.ts

@@ -1,6 +1,6 @@
 import z from 'zod';
-import { ProgressCallback } from '.';
-import { Progress } from 'ky';
+import { type ProgressCallback } from '.';
+import { type Progress } from 'ky';
 export declare const downloadDataLinkSchema: z.ZodUnion<readonly [z.ZodObject<{
     name: z.ZodString;
     md5: z.ZodString;

package/dist/types/client/index.d.ts

@@ -6,7 +6,7 @@ import { SecrecyAppClient } from './SecrecyAppClient.js';
 import { SecrecyDbClient } from './SecrecyDbClient.js';
 import { SecrecyWalletClient } from './SecrecyWalletClient.js';
 import { SecrecyPayClient } from './SecrecyPayClient.js';
-import { ApiClient, type RouterInputs, type RouterOutputs } from '../client.js';
+import { type ApiClient, type RouterInputs, type RouterOutputs } from '../client.js';
 import { SecrecyUserClient } from './SecrecyUserClient.js';
 import { SecrecyPseudonymClient } from './SecrecyPseudonymClient.js';
 import { SecrecyOrganizationClient } from './SecrecyOrganizationClient.js';

package/dist/types/client/types/identity.d.ts

@@ -9,6 +9,10 @@ export declare const groupSchema: z.ZodObject<{
     kind: z.ZodLiteral<"GROUP">;
     identityPubKey: z.ZodString;
     groupId: z.ZodString;
+    groupRole: z.ZodEnum<{
+        ADMIN: "ADMIN";
+        MEMBER: "MEMBER";
+    }>;
     sharedByPubKey: z.ZodString;
     groupOwnerPubKey: z.ZodString;
 }, z.core.$strip>;
@@ -21,6 +25,10 @@ export declare const accessIdentitySchema: z.ZodDiscriminatedUnion<[z.ZodObject<
     kind: z.ZodLiteral<"GROUP">;
     identityPubKey: z.ZodString;
     groupId: z.ZodString;
+    groupRole: z.ZodEnum<{
+        ADMIN: "ADMIN";
+        MEMBER: "MEMBER";
+    }>;
     sharedByPubKey: z.ZodString;
     groupOwnerPubKey: z.ZodString;
 }, z.core.$strip>], "kind">;

package/dist/types/client/types/index.d.ts

@@ -14,6 +14,10 @@ export declare const secrecyUserApp: z.ZodReadonly<z.ZodObject<{
         kind: z.ZodLiteral<"GROUP">;
         identityPubKey: z.ZodString;
         groupId: z.ZodString;
+        groupRole: z.ZodEnum<{
+            ADMIN: "ADMIN";
+            MEMBER: "MEMBER";
+        }>;
         sharedByPubKey: z.ZodString;
         groupOwnerPubKey: z.ZodString;
     }, z.core.$strip>], "kind">>;

package/dist/types/client/upload.d.ts

@@ -1,7 +1,7 @@
-import { DataStorageType, LocalData } from './types/data.js';
-import { ProgressCallback } from './index.js';
-import { FileTypeResult } from 'file-type';
-import { ApiClient, RouterInputs } from '../client.js';
+import type { DataStorageType, LocalData } from './types/data.js';
+import type { ProgressCallback } from './index.js';
+import { type FileTypeResult } from 'file-type';
+import { type ApiClient, type RouterInputs } from '../client.js';
 import type { UserAppIdentity } from './types/identity.js';
 export type UploadDataOptions = {
     storageType: DataStorageType;

package/dist/types/crypto/data.d.ts

@@ -10,5 +10,5 @@ export interface SecretStreamProgress {
     total: number;
     current: number;
 }
-export declare function encryptSecretStream(key: Uint8Array, data: Uint8Array<ArrayBuffer>, progress?: (progress: SecretStreamProgress) => Promise<void>, abort?: AbortController): Promise<EncryptedFile>;
-export declare function decryptSecretStream(key: Uint8Array, data: Uint8Array<ArrayBuffer>, progress?: (progress: SecretStreamProgress) => Promise<void>, abort?: AbortController): Promise<Uint8Array<ArrayBuffer>>;
+export declare function encryptSecretStream(key: Uint8Array, data: Uint8Array<ArrayBuffer>, progress?: (progress: SecretStreamProgress) => Promise<void>, signal?: AbortSignal): Promise<EncryptedFile>;
+export declare function decryptSecretStream(key: Uint8Array, data: Uint8Array<ArrayBuffer>, progress?: (progress: SecretStreamProgress) => Promise<void>, signal?: AbortSignal): Promise<Uint8Array<ArrayBuffer>>;

package/dist/types/crypto/domain.d.ts

@@ -1,6 +1,6 @@
 import { type Progress } from '../types.js';
-import { ApiExtendedData } from '../client/types';
-import { ProgressCallback } from '../client/index';
+import { type ApiExtendedData } from '../client/types';
+import { type ProgressCallback } from '../client/index';
 import z from 'zod';
 import { downloadDataLinkSchema } from '../client/data-link.js';
 import type { UserAppIdentity } from '../client/types/identity.js';

package/package.json

@@ -2,7 +2,7 @@
   "name": "@secrecy/lib",
   "author": "Anonymize <anonymize@gmail.com>",
   "description": "Anonymize Secrecy Library",
-  "version": "1.75.0-feat-groups-identity.1",
+  "version": "1.75.0-feat-groups-identity.3",
   "repository": {
     "type": "git",
     "url": "https://github.com/anonymize-org/lib.git"