cojson 0.8.49 → 0.9.0

package/src/coValues/coList.ts

@@ -288,6 +288,7 @@ export class RawCoListView<
   ) {
     const entry =
       this.insertions[opID.sessionID]?.[opID.txIndex]?.[opID.changeIdx];
+
     if (!entry) {
       throw new Error("Missing op " + opID);
     }
@@ -412,6 +413,14 @@ export class RawCoList<
     item: Item,
     after?: number,
     privacy: "private" | "trusting" = "private",
+  ) {
+    this.appendItems([item], after, privacy);
+  }
+
+  appendItems(
+    items: Item[],
+    after?: number,
+    privacy: "private" | "trusting" = "private",
   ) {
     const entries = this.entries();
     after =
@@ -420,7 +429,7 @@ export class RawCoList<
           ? entries.length - 1
           : 0
         : after;
-    let opIDBefore;
+    let opIDBefore: OpID | "start";
     if (entries.length > 0) {
       const entryBefore = entries[after];
       if (!entryBefore) {
@@ -433,16 +442,20 @@ export class RawCoList<
       }
       opIDBefore = "start";
     }
-    this.core.makeTransaction(
-      [
-        {
-          op: "app",
-          value: isCoValue(item) ? item.id : item,
-          after: opIDBefore,
-        },
-      ],
-      privacy,
-    );
+
+    const changes = items.map((item) => ({
+      op: "app",
+      value: isCoValue(item) ? item.id : item,
+      after: opIDBefore,
+    }));
+
+    if (opIDBefore !== "start") {
+      // When added as successors we need to reverse the items
+      // to keep the same insertion order
+      changes.reverse();
+    }
+
+    this.core.makeTransaction(changes, privacy);
 
     const listAfter = new RawCoList(this.core) as this;
 

package/src/coValues/coMap.ts

@@ -383,6 +383,26 @@ export class RawCoMap<
     this.processNewTransactions();
   }
 
+  assign(
+    entries: Partial<Shape>,
+    privacy: "private" | "trusting" = "private",
+  ): void {
+    if (this.isTimeTravelEntity()) {
+      throw new Error("Cannot set value on a time travel entity");
+    }
+
+    this.core.makeTransaction(
+      Object.entries(entries).map(([key, value]) => ({
+        op: "set",
+        key,
+        value: isCoValue(value) ? value.id : value,
+      })),
+      privacy,
+    );
+
+    this.processNewTransactions();
+  }
+
   /** Delete the given key (setting it to undefined).
    *
    * If `privacy` is `"private"` **(default)**, `key` is encrypted in the transaction, only readable by other members of the group this `CoMap` belongs to. Not even sync servers can see the content in plaintext.

package/src/coValues/group.ts

@@ -513,11 +513,39 @@ export class RawGroup<
     }
 
     for (const child of childGroups) {
+      // Since child references are mantained only for the key rotation,
+      // circular references are skipped here because it's more performant
+      // than always checking for circular references in childs inside the permission checks
+      if (child.isSelfExtension(this)) {
+        continue;
+      }
+
       child.rotateReadKey();
     }
   }
 
+  /** Detect circular references in group inheritance */
+  isSelfExtension(parent: RawGroup) {
+    if (parent.id === this.id) {
+      return true;
+    }
+
+    const childGroups = this.getChildGroups();
+
+    for (const child of childGroups) {
+      if (child.isSelfExtension(parent)) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+
   extend(parent: RawGroup) {
+    if (this.isSelfExtension(parent)) {
+      return;
+    }
+
     if (this.myRole() !== "admin") {
       throw new Error(
         "To extend a group, the current account must be an admin in the child group",
@@ -634,9 +662,7 @@ export class RawGroup<
       .getCurrentContent() as M;
 
     if (init) {
-      for (const [key, value] of Object.entries(init)) {
-        map.set(key, value, initPrivacy);
-      }
+      map.assign(init, initPrivacy);
     }
 
     return map;
@@ -666,10 +692,8 @@ export class RawGroup<
       })
       .getCurrentContent() as L;
 
-    if (init) {
-      for (const item of init) {
-        list.append(item, undefined, initPrivacy);
-      }
+    if (init?.length) {
+      list.appendItems(init, undefined, initPrivacy);
     }
 
     return list;

package/src/crypto/export.ts

@@ -0,0 +1,2 @@
+export * from "./PureJSCrypto.js";
+export * from "./WasmCrypto.js";

package/src/permissions.ts

@@ -137,6 +137,7 @@ function resolveMemberStateFromParentReference(
   coValue: CoValueCore,
   memberState: MemberState,
   parentReference: ParentGroupReference,
+  extendChain: Set<CoValueCore["id"]>,
 ) {
   const parentGroup = coValue.node.expectCoValueLoaded(
     getParentGroupId(parentReference),
@@ -147,14 +148,21 @@ function resolveMemberStateFromParentReference(
     return;
   }
 
+  // Skip circular references
+  if (extendChain.has(parentGroup.id)) {
+    return;
+  }
+
   const initialAdmin = parentGroup.header.ruleset.initialAdmin;
 
   if (!initialAdmin) {
     throw new Error("Group must have initialAdmin");
   }
 
+  extendChain.add(parentGroup.id);
+
   const { memberState: parentGroupMemberState } =
-    determineValidTransactionsForGroup(parentGroup, initialAdmin);
+    determineValidTransactionsForGroup(parentGroup, initialAdmin, extendChain);
 
   for (const agent of Object.keys(parentGroupMemberState) as Array<
     keyof MemberState
@@ -171,6 +179,7 @@ function resolveMemberStateFromParentReference(
 function determineValidTransactionsForGroup(
   coValue: CoValueCore,
   initialAdmin: RawAccountID | AgentID,
+  extendChain?: Set<CoValueCore["id"]>,
 ): { validTransactions: ValidTransactionsResult[]; memberState: MemberState } {
   const allTransactionsSorted: {
     sessionID: SessionID;
@@ -305,7 +314,24 @@ function determineValidTransactionsForGroup(
         logPermissionError("Only admins can set parent extensions");
         continue;
       }
-      resolveMemberStateFromParentReference(coValue, memberState, change.key);
+
+      extendChain = extendChain ?? new Set([]);
+
+      resolveMemberStateFromParentReference(
+        coValue,
+        memberState,
+        change.key,
+        extendChain,
+      );
+
+      // Circular reference detected, drop all the transactions involved
+      if (extendChain.has(coValue.id)) {
+        logPermissionError(
+          "Circular extend detected, dropping the transaction",
+        );
+        continue;
+      }
+
       validTransactions.push({ txID: { sessionID, txIndex }, tx });
       continue;
     } else if (isChildExtension(change.key)) {
@@ -320,6 +346,7 @@ function determineValidTransactionsForGroup(
         );
         continue;
       }
+
       validTransactions.push({ txID: { sessionID, txIndex }, tx });
       continue;
     } else if (isWriteKeyForMember(change.key)) {

package/src/tests/coList.test.ts

@@ -75,6 +75,26 @@ test("Push is equivalent to append after last item", () => {
   expect(content.toJSON()).toEqual(["hello", "world", "hooray"]);
 });
 
+test("appendItems add an array of items at the end of the list", () => {
+  const node = new LocalNode(...randomAnonymousAccountAndSessionID(), Crypto);
+
+  const coValue = node.createCoValue({
+    type: "colist",
+    ruleset: { type: "unsafeAllowAll" },
+    meta: null,
+    ...Crypto.createdNowUnique(),
+  });
+
+  const content = expectList(coValue.getCurrentContent());
+
+  expect(content.type).toEqual("colist");
+
+  content.append("hello", 0, "trusting");
+  expect(content.toJSON()).toEqual(["hello"]);
+  content.appendItems(["world", "hooray", "universe"], undefined, "trusting");
+  expect(content.toJSON()).toEqual(["hello", "world", "hooray", "universe"]);
+});
+
 test("Can push into empty list", () => {
   const node = new LocalNode(...randomAnonymousAccountAndSessionID(), Crypto);
 
@@ -92,3 +112,23 @@ test("Can push into empty list", () => {
   content.append("hello", undefined, "trusting");
   expect(content.toJSON()).toEqual(["hello"]);
 });
+
+test("init the list correctly", () => {
+  const node = new LocalNode(...randomAnonymousAccountAndSessionID(), Crypto);
+
+  const group = node.createGroup();
+
+  const content = group.createList(["hello", "world", "hooray", "universe"]);
+
+  expect(content.type).toEqual("colist");
+  expect(content.toJSON()).toEqual(["hello", "world", "hooray", "universe"]);
+
+  content.append("hello", content.toJSON().length - 1, "trusting");
+  expect(content.toJSON()).toEqual([
+    "hello",
+    "world",
+    "hooray",
+    "universe",
+    "hello",
+  ]);
+});

package/src/tests/coMap.test.ts

@@ -175,3 +175,35 @@ test("Can get last tx ID for a key in CoMap", () => {
   content.set("hello", "C", "trusting");
   expect(content.lastEditAt("hello")?.tx.txIndex).toEqual(2);
 });
+
+test("Can set items in bulk with assign", () => {
+  const node = new LocalNode(...randomAnonymousAccountAndSessionID(), Crypto);
+
+  const coValue = node.createCoValue({
+    type: "comap",
+    ruleset: { type: "unsafeAllowAll" },
+    meta: null,
+    ...Crypto.createdNowUnique(),
+  });
+
+  const content = expectMap(coValue.getCurrentContent());
+
+  expect(content.type).toEqual("comap");
+
+  content.set("key1", "set1", "trusting");
+
+  content.assign(
+    {
+      key1: "assign1",
+      key2: "assign2",
+      key3: "assign3",
+    },
+    "trusting",
+  );
+
+  expect(content.toJSON()).toEqual({
+    key1: "assign1",
+    key2: "assign2",
+    key3: "assign3",
+  });
+});

package/src/tests/group.test.ts

@@ -609,4 +609,33 @@ describe("writeOnly", () => {
 
     expect(mapOnNode2.get("test")).toEqual("Written from node2");
   });
+
+  test("self-extend a group should not break anything", async () => {
+    const { node1 } = await createTwoConnectedNodes("server", "server");
+
+    const group = node1.node.createGroup();
+    group.extend(group);
+
+    const map = group.createMap();
+    map.set("test", "Hello!");
+
+    expect(map.get("test")).toEqual("Hello!");
+  });
+
+  test("should not break when introducing extend cycles", async () => {
+    const { node1 } = await createTwoConnectedNodes("server", "server");
+
+    const group = node1.node.createGroup();
+    const group2 = node1.node.createGroup();
+    const group3 = node1.node.createGroup();
+
+    group.extend(group2);
+    group2.extend(group3);
+    group3.extend(group);
+
+    const map = group.createMap();
+    map.set("test", "Hello!");
+
+    expect(map.get("test")).toEqual("Hello!");
+  });
 });

package/src/tests/permissions.test.ts

@@ -2854,3 +2854,57 @@ test("High-level permissions work correctly when a group is extended", async ()
 
   expect(mapAsReaderAfterRemove.get("foo")).not.toEqual("baz");
 });
+
+test("self-extensions should not break the permissions checks", () => {
+  const { group } = newGroupHighLevel();
+
+  group.set(`child_${group.id}`, "extend", "trusting");
+  group.set(`parent_${group.id}`, "extend", "trusting");
+
+  const map = group.createMap();
+  map.set("test", "Hello!");
+
+  expect(map.get("test")).toEqual("Hello!");
+});
+
+test("extend cycles should not break the permissions checks", () => {
+  const { group, node } = newGroupHighLevel();
+
+  const group2 = node.createGroup();
+  const group3 = node.createGroup();
+
+  group.set(`child_${group2.id}`, "extend", "trusting");
+  group2.set(`child_${group3.id}`, "extend", "trusting");
+  group3.set(`child_${group.id}`, "extend", "trusting");
+
+  group.set(`parent_${group2.id}`, "extend", "trusting");
+  group2.set(`parent_${group3.id}`, "extend", "trusting");
+  group3.set(`parent_${group.id}`, "extend", "trusting");
+
+  const map = group.createMap();
+  map.set("test", "Hello!");
+
+  expect(map.get("test")).toEqual("Hello!");
+});
+
+test("extend cycles should not break the keys rotation", () => {
+  const { group, node } = newGroupHighLevel();
+
+  const group2 = node.createGroup();
+  const group3 = node.createGroup();
+
+  group.set(`child_${group2.id}`, "extend", "trusting");
+  group2.set(`child_${group3.id}`, "extend", "trusting");
+  group3.set(`child_${group.id}`, "extend", "trusting");
+
+  group.set(`parent_${group2.id}`, "extend", "trusting");
+  group2.set(`parent_${group3.id}`, "extend", "trusting");
+  group3.set(`parent_${group.id}`, "extend", "trusting");
+
+  group.rotateReadKey();
+
+  const map = group.createMap();
+  map.set("test", "Hello!");
+
+  expect(map.get("test")).toEqual("Hello!");
+});