Merge branch 'develop' into feat/mls-addparticipants-federation-v2

cryptography/src/commonJvmAndroid/kotlin/com.wire.kalium.cryptography/MLSClientImpl.kt

@@ -327,9 +327,16 @@ class MLSClientImpl(
             value.handle,
             value.displayName,
             value.domain,
-            value.certificate
+            value.certificate,
+            toDeviceStatus(value.status)
         )
 
+        fun toDeviceStatus(value: com.wire.crypto.DeviceStatus) = when (value) {
+            com.wire.crypto.DeviceStatus.VALID -> CryptoCertificateStatus.VALID
+            com.wire.crypto.DeviceStatus.EXPIRED -> CryptoCertificateStatus.EXPIRED
+            com.wire.crypto.DeviceStatus.REVOKED -> CryptoCertificateStatus.REVOKED
+        }
+
         // TODO: remove later, when CoreCrypto return the groupId instead of Hex value
         @Suppress("MagicNumber")
         fun toGroupId(hexValue: String): MLSGroupId {
@@ -366,19 +373,15 @@ class MLSClientImpl(
             value.commitDelay?.toLong(),
             value.senderClientId?.let { CryptoQualifiedClientId.fromEncodedString(String(it)) },
             value.hasEpochChanged,
-            value.identity?.let {
-                WireIdentity(it.clientId, it.handle, it.displayName, it.domain, it.certificate)
-            }
+            value.identity?.let { toIdentity(it) }
         )
 
         fun toDecryptedMessageBundle(value: BufferedDecryptedMessage) = DecryptedMessageBundle(
             value.message,
             value.commitDelay?.toLong(),
             value.senderClientId?.let { CryptoQualifiedClientId.fromEncodedString(String(it)) },
             value.hasEpochChanged,
-            value.identity?.let {
-                WireIdentity(it.clientId, it.handle, it.displayName, it.domain, it.certificate)
-            }
+            value.identity?.let { toIdentity(it) }
         )
     }
 }

cryptography/src/commonMain/kotlin/com/wire/kalium/cryptography/IDs.kt

@@ -78,9 +78,14 @@ data class WireIdentity(
     val handle: String,
     val displayName: String,
     val domain: String,
-    val certificate: String
+    val certificate: String,
+    val status: CryptoCertificateStatus
 )
 
+enum class CryptoCertificateStatus {
+    VALID, EXPIRED, REVOKED;
+}
+
 @Suppress("MagicNumber")
 data class E2EIQualifiedClientId(
     val value: String,

logic/src/appleMain/kotlin/com/wire/kalium/logic/feature/e2ei/CertificateStatusChecker.kt

@@ -17,12 +17,14 @@
  */
 package com.wire.kalium.logic.feature.e2ei
 
+import com.wire.kalium.cryptography.CryptoCertificateStatus
+
 actual interface CertificateStatusChecker {
-    actual fun status(notAfterTimestamp: Long): CertificateStatus
+    actual fun status(notAfterTimestamp: Long, certificateStatus: CryptoCertificateStatus): CertificateStatus
 }
 
 actual class CertificateStatusCheckerImpl : CertificateStatusChecker {
-    override fun status(notAfterTimestamp: Long): CertificateStatus {
+    override fun status(notAfterTimestamp: Long, certificateStatus: CryptoCertificateStatus): CertificateStatus {
         TODO("Not yet implemented")
     }
 }

logic/src/appleMain/kotlin/com/wire/kalium/logic/feature/e2ei/PemCertificateDecoder.kt

@@ -17,15 +17,17 @@
  */
 package com.wire.kalium.logic.feature.e2ei
 
+import com.wire.kalium.cryptography.CryptoCertificateStatus
+
 actual interface PemCertificateDecoder {
-    actual fun decode(certificate: String): E2eiCertificate
+    actual fun decode(certificate: String, status: CryptoCertificateStatus): E2eiCertificate
 }
 
 actual class PemCertificateDecoderImpl actual constructor(
     private val x509CertificateGenerator: X509CertificateGenerator,
     private val certificateStatusChecker: CertificateStatusChecker
 ) : PemCertificateDecoder {
-    override fun decode(certificate: String): E2eiCertificate {
+    override fun decode(certificate: String, status: CryptoCertificateStatus): E2eiCertificate {
         TODO("Not yet implemented")
     }
 }

logic/src/commonJvmAndroid/kotlin/com/wire/kalium/logic/feature/e2ei/CertificateStatusChecker.kt

@@ -17,20 +17,21 @@
  */
 package com.wire.kalium.logic.feature.e2ei
 
+import com.wire.kalium.cryptography.CryptoCertificateStatus
 import java.util.Date
 
 actual interface CertificateStatusChecker {
-    actual fun status(notAfterTimestamp: Long): CertificateStatus
+    actual fun status(notAfterTimestamp: Long, certificateStatus: CryptoCertificateStatus): CertificateStatus
 }
 
 actual class CertificateStatusCheckerImpl : CertificateStatusChecker {
-    override fun status(notAfterTimestamp: Long): CertificateStatus {
-        // TODO check for revoked from coreCrypto when API is ready
-
+    override fun status(notAfterTimestamp: Long, certificateStatus: CryptoCertificateStatus): CertificateStatus {
         val current = Date()
-        println("current timestap is ${current.time}")
-        if (current.time >= notAfterTimestamp)
-            return CertificateStatus.EXPIRED
-        return CertificateStatus.VALID
+
+        return when {
+            (certificateStatus == CryptoCertificateStatus.REVOKED) -> CertificateStatus.REVOKED
+            (current.time >= notAfterTimestamp || certificateStatus == CryptoCertificateStatus.EXPIRED) -> CertificateStatus.EXPIRED
+            else -> CertificateStatus.VALID
+        }
     }
 }

logic/src/commonJvmAndroid/kotlin/com/wire/kalium/logic/feature/e2ei/PemCertificateDecoder.kt

@@ -17,21 +17,22 @@
  */
 package com.wire.kalium.logic.feature.e2ei
 
+import com.wire.kalium.cryptography.CryptoCertificateStatus
 import com.wire.kalium.logic.util.serialNumber
 
 actual interface PemCertificateDecoder {
-    actual fun decode(certificate: String): E2eiCertificate
+    actual fun decode(certificate: String, status: CryptoCertificateStatus): E2eiCertificate
 }
 
 actual class PemCertificateDecoderImpl actual constructor(
     private val x509CertificateGenerator: X509CertificateGenerator,
     private val certificateStatusChecker: CertificateStatusChecker
 ) : PemCertificateDecoder {
-    override fun decode(certificate: String): E2eiCertificate {
+    override fun decode(certificate: String, status: CryptoCertificateStatus): E2eiCertificate {
         x509CertificateGenerator.generate(certificate.toByteArray()).also {
             return E2eiCertificate(
                 issuer = it.value.issuerX500Principal.name,
-                status = certificateStatusChecker.status(it.value.notAfter.time),
+                status = certificateStatusChecker.status(it.value.notAfter.time, status),
                 serialNumber = it.value.serialNumber.toString(BASE_16).serialNumber(),
                 certificateDetail = certificate
             )

logic/src/commonMain/kotlin/com/wire/kalium/logic/data/conversation/ConversationRepository.kt

@@ -215,9 +215,6 @@ interface ConversationRepository {
     suspend fun clearContent(conversationId: ConversationId): Either<CoreFailure, Unit>
     suspend fun observeIsUserMember(conversationId: ConversationId, userId: UserId): Flow<Either<CoreFailure, Boolean>>
     suspend fun whoDeletedMe(conversationId: ConversationId): Either<CoreFailure, UserId?>
-
-    suspend fun deleteUserFromConversations(userId: UserId): Either<CoreFailure, Unit>
-
     suspend fun getConversationsByUserId(userId: UserId): Either<CoreFailure, List<Conversation>>
     suspend fun insertConversations(conversations: List<Conversation>): Either<CoreFailure, Unit>
     suspend fun changeConversationName(
@@ -875,10 +872,6 @@ internal class ConversationDataSource internal constructor(
         )?.toModel()
     }
 
-    override suspend fun deleteUserFromConversations(userId: UserId): Either<CoreFailure, Unit> = wrapStorageRequest {
-        conversationDAO.revokeOneOnOneConversationsWithDeletedUser(userId.toDao())
-    }
-
     override suspend fun getConversationsByUserId(userId: UserId): Either<CoreFailure, List<Conversation>> {
         return wrapStorageRequest { conversationDAO.getConversationsByUserId(userId.toDao()) }
             .map { it.map { entity -> conversationMapper.fromDaoModel(entity) } }

logic/src/commonMain/kotlin/com/wire/kalium/logic/data/team/TeamRepository.kt

@@ -31,6 +31,7 @@ import com.wire.kalium.logic.di.MapperProvider
 import com.wire.kalium.logic.functional.Either
 import com.wire.kalium.logic.functional.flatMap
 import com.wire.kalium.logic.functional.map
+import com.wire.kalium.logic.functional.onFailure
 import com.wire.kalium.logic.functional.onSuccess
 import com.wire.kalium.logic.sync.receiver.handler.legalhold.LegalHoldHandler
 import com.wire.kalium.logic.sync.receiver.handler.legalhold.LegalHoldRequestHandler
@@ -50,6 +51,7 @@ import kotlinx.coroutines.flow.map
 
 interface TeamRepository {
     suspend fun fetchTeamById(teamId: TeamId): Either<CoreFailure, Team>
+    suspend fun fetchMembersByTeamId(teamId: TeamId, userDomain: String): Either<CoreFailure, Unit>
     suspend fun getTeam(teamId: TeamId): Flow<Team?>
     suspend fun deleteConversation(conversationId: ConversationId, teamId: TeamId): Either<CoreFailure, Unit>
     suspend fun updateMemberRole(teamId: String, userId: String, permissionCode: Int?): Either<CoreFailure, Unit>
@@ -81,11 +83,45 @@ internal class TeamDataSource(
     }.map { teamDTO ->
         teamMapper.fromDtoToEntity(teamDTO)
     }.flatMap { teamEntity ->
-        wrapStorageRequest { teamDAO.insertTeam(team = teamEntity) }.map {
+        wrapStorageRequest {
+            teamDAO.insertTeam(teamEntity)
+        }.map {
             teamMapper.fromDaoModelToTeam(teamEntity)
         }
     }
 
+    override suspend fun fetchMembersByTeamId(teamId: TeamId, userDomain: String): Either<CoreFailure, Unit> {
+        var hasMore = true
+        var error: CoreFailure? = null
+        while (hasMore && error == null) {
+            wrapApiRequest {
+                teamsApi.getTeamMembers(
+                    teamId = teamId.value,
+                    limitTo = FETCH_TEAM_MEMBER_PAGE_SIZE
+                )
+            }.onSuccess {
+                hasMore = it.hasMore
+            }.map {
+                it.members.map { teamMember ->
+                    val userId = QualifiedIDEntity(teamMember.nonQualifiedUserId, userDomain)
+                    val userType = userTypeEntityTypeMapper.teamRoleCodeToUserType(teamMember.permissions?.own)
+                    userId to userType
+                }
+            }.flatMap { teamMembers ->
+                wrapStorageRequest {
+                    userDAO.upsertTeamMemberUserTypes(teamMembers.toMap())
+                }
+            }.onFailure {
+                error = it
+            }
+        }
+        return if (error != null) {
+            Either.Left(error!!)
+        } else {
+            Either.Right(Unit)
+        }
+    }
+
     override suspend fun getTeam(teamId: TeamId): Flow<Team?> =
         teamDAO.getTeamById(teamId.value)
             .map {
@@ -147,6 +183,7 @@ internal class TeamDataSource(
                     eventContentDTO = EventContentDTO.User.LegalHoldEnabledDTO(id = selfUserId.toString())
                 )
             )
+
             LegalHoldStatusDTO.DISABLED -> legalHoldHandler.handleDisable(
                 eventMapper.legalHoldDisabled(
                     id = LocalId.generate(),
@@ -155,6 +192,7 @@ internal class TeamDataSource(
                     eventContentDTO = EventContentDTO.User.LegalHoldDisabledDTO(id = selfUserId.toString())
                 )
             )
+
             LegalHoldStatusDTO.PENDING ->
                 legalHoldRequestHandler.handle(
                     eventMapper.legalHoldRequest(
@@ -168,7 +206,12 @@ internal class TeamDataSource(
                         )
                     )
                 )
+
             LegalHoldStatusDTO.NO_CONSENT -> Either.Right(Unit)
         }.map { legalHoldStatusMapper.fromApiModel(response.legalHoldStatusDTO) }
     }
+
+    private companion object {
+        const val FETCH_TEAM_MEMBER_PAGE_SIZE = 200
+    }
 }

logic/src/commonMain/kotlin/com/wire/kalium/logic/data/user/UserRepository.kt

@@ -110,7 +110,7 @@ interface UserRepository {
      */
     suspend fun getAllRecipients(): Either<CoreFailure, Pair<List<Recipient>, List<Recipient>>>
     suspend fun updateUserFromEvent(event: Event.User.Update): Either<CoreFailure, Unit>
-    suspend fun removeUser(userId: UserId): Either<CoreFailure, Unit>
+    suspend fun markUserAsDeletedAndRemoveFromGroupConversations(userId: UserId): Either<CoreFailure, Unit>
 
     /**
      * Marks federated user as defederated in order to hold conversation history
@@ -502,9 +502,9 @@ internal class UserDataSource internal constructor(
         }
     }
 
-    override suspend fun removeUser(userId: UserId): Either<CoreFailure, Unit> {
+    override suspend fun markUserAsDeletedAndRemoveFromGroupConversations(userId: UserId): Either<CoreFailure, Unit> {
         return wrapStorageRequest {
-            userDAO.markUserAsDeleted(userId.toDao())
+            userDAO.markUserAsDeletedAndRemoveFromGroupConv(userId.toDao())
         }
     }
 

logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/UserSessionScope.kt

@@ -875,7 +875,9 @@ class UserSessionScope internal constructor(
 
     private val syncSelfTeamUseCase: SyncSelfTeamUseCase
         get() = SyncSelfTeamUseCaseImpl(
-            userRepository = userRepository, teamRepository = teamRepository
+            userRepository = userRepository,
+            teamRepository = teamRepository,
+            fetchAllTeamMembersEagerly = kaliumConfigs.fetchAllTeamMembersEagerly
         )
 
     private val joinExistingMLSConversationUseCase: JoinExistingMLSConversationUseCase
@@ -1088,22 +1090,23 @@ class UserSessionScope internal constructor(
             )
         })
 
-    internal val mlsMigrationWorker get() =
-        MLSMigrationWorkerImpl(
-            userConfigRepository,
-            featureConfigRepository,
-            mlsConfigHandler,
-            mlsMigrationConfigHandler,
-            mlsMigrator,
-        )
+    internal val mlsMigrationWorker
+        get() =
+            MLSMigrationWorkerImpl(
+                userConfigRepository,
+                featureConfigRepository,
+                mlsConfigHandler,
+                mlsMigrationConfigHandler,
+                mlsMigrator,
+            )
 
     internal val mlsMigrationManager: MLSMigrationManager = MLSMigrationManagerImpl(
-            kaliumConfigs,
-            featureSupport,
-            incrementalSyncRepository,
-            lazy { clientRepository },
-            lazy { users.timestampKeyRepository },
-            lazy { mlsMigrationWorker }
+        kaliumConfigs,
+        featureSupport,
+        incrementalSyncRepository,
+        lazy { clientRepository },
+        lazy { users.timestampKeyRepository },
+        lazy { mlsMigrationWorker }
     )
 
     private val mlsPublicKeysRepository: MLSPublicKeysRepository

logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/e2ei/CertificateStatusChecker.kt

@@ -17,8 +17,10 @@
  */
 package com.wire.kalium.logic.feature.e2ei
 
+import com.wire.kalium.cryptography.CryptoCertificateStatus
+
 expect interface CertificateStatusChecker {
-    fun status(notAfterTimestamp: Long): CertificateStatus
+    fun status(notAfterTimestamp: Long, certificateStatus: CryptoCertificateStatus): CertificateStatus
 }
 
 expect class CertificateStatusCheckerImpl() : CertificateStatusChecker

logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/e2ei/PemCertificateDecoder.kt

@@ -17,8 +17,10 @@
  */
 package com.wire.kalium.logic.feature.e2ei
 
+import com.wire.kalium.cryptography.CryptoCertificateStatus
+
 expect interface PemCertificateDecoder {
-    fun decode(certificate: String): E2eiCertificate
+    fun decode(certificate: String, status: CryptoCertificateStatus): E2eiCertificate
 }
 
 expect class PemCertificateDecoderImpl(

logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/e2ei/usecase/GetE2EICertificateUseCase.kt

@@ -40,7 +40,7 @@ class GetE2eiCertificateUseCaseImpl internal constructor(
                 GetE2EICertificateUseCaseResult.Failure.NotActivated
             },
             {
-                val certificate = pemCertificateDecoder.decode(it.certificate)
+                val certificate = pemCertificateDecoder.decode(it.certificate, it.status)
                 GetE2EICertificateUseCaseResult.Success(certificate)
             }
         )