Merge branch 'develop' into feature/onboarding

# Conflicts: # frontend/src/components/SetupUserKey.vue
cryptomator · Oct 25, 2023 · bf29d70 · bf29d70
2 parents dd90976 + 40871c5
commit bf29d70
Show file tree

Hide file tree

Showing 29 changed files with 1,224 additions and 1,035 deletions.
diff --git a/backend/pom.xml b/backend/pom.xml
@@ -13,7 +13,7 @@
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     <quarkus.container-image.group>cryptomator</quarkus.container-image.group>
     <quarkus.container-image.name>hub</quarkus.container-image.name>
-    <quarkus.platform.version>3.2.4.Final</quarkus.platform.version>
+    <quarkus.platform.version>3.4.3</quarkus.platform.version>
     <quarkus.jib.base-jvm-image>eclipse-temurin:17-jre</quarkus.jib.base-jvm-image> <!-- irrelevant for -Pnative -->
     <jwt.version>4.4.0</jwt.version>
     <surefire-plugin.version>3.1.2</surefire-plugin.version>

diff --git a/backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java b/backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java
@@ -3,7 +3,6 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.annotation.JsonSubTypes;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.annotation.security.RolesAllowed;
 import jakarta.inject.Inject;
 import jakarta.ws.rs.BadRequestException;
@@ -37,7 +36,6 @@
 import java.util.UUID;
 
 @Path("/auditlog")
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditLogResource {
 
 	@Inject

diff --git a/backend/src/main/java/org/cryptomator/hub/api/UsersResource.java b/backend/src/main/java/org/cryptomator/hub/api/UsersResource.java
@@ -7,12 +7,14 @@
 import jakarta.validation.Valid;
 import jakarta.ws.rs.Consumes;
 import jakarta.ws.rs.GET;
+import jakarta.ws.rs.POST;
 import jakarta.ws.rs.PUT;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.Produces;
 import jakarta.ws.rs.QueryParam;
 import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
+import org.cryptomator.hub.entities.AccessToken;
 import org.cryptomator.hub.entities.Device;
 import org.cryptomator.hub.entities.User;
 import org.eclipse.microprofile.jwt.JsonWebToken;
@@ -76,6 +78,24 @@ public UserDto getMe(@QueryParam("withDevices") boolean withDevices) {
 		return new UserDto(user.id, user.name, user.pictureUrl, user.email, devices, user.publicKey, user.privateKey, user.setupCode);
 	}
 
+	@POST
+	@Path("/me/reset")
+	@RolesAllowed("user")
+	@NoCache
+	@Transactional
+	@Operation(summary = "resets the user account")
+	@APIResponse(responseCode = "204", description = "deleted keys, devices and access permissions")
+	public Response resetMe() {
+		User user = User.findById(jwt.getSubject());
+		user.publicKey = null;
+		user.privateKey = null;
+		user.setupCode = null;
+		user.persist();
+		Device.deleteByOwner(user.id);
+		AccessToken.deleteByUser(user.id);
+		return Response.noContent().build();
+	}
+
 	@GET
 	@Path("/")
 	@RolesAllowed("user")

diff --git a/backend/src/main/java/org/cryptomator/hub/api/VaultResource.java b/backend/src/main/java/org/cryptomator/hub/api/VaultResource.java
@@ -4,7 +4,6 @@
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.exceptions.JWTVerificationException;
 import com.fasterxml.jackson.annotation.JsonProperty;
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import io.quarkus.security.identity.SecurityIdentity;
 import jakarta.annotation.Nullable;
 import jakarta.annotation.security.RolesAllowed;
@@ -71,7 +70,6 @@
 import java.util.stream.Stream;
 
 @Path("/vaults")
-@RegisterForReflection(targets = {UUID[].class})
 public class VaultResource {
 
 	@Inject

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AccessToken.java b/backend/src/main/java/org/cryptomator/hub/entities/AccessToken.java
@@ -1,7 +1,7 @@
 package org.cryptomator.hub.entities;
 
 import io.quarkus.hibernate.orm.panache.PanacheEntityBase;
-import io.quarkus.runtime.annotations.RegisterForReflection;
+import io.quarkus.panache.common.Parameters;
 import jakarta.persistence.CascadeType;
 import jakarta.persistence.Column;
 import jakarta.persistence.Embeddable;
@@ -10,6 +10,7 @@
 import jakarta.persistence.JoinColumn;
 import jakarta.persistence.ManyToOne;
 import jakarta.persistence.MapsId;
+import jakarta.persistence.NamedQuery;
 import jakarta.persistence.NoResultException;
 import jakarta.persistence.Table;
 
@@ -18,8 +19,8 @@
 import java.util.UUID;
 
 @Entity
+@NamedQuery(name = "AccessToken.deleteByUser", query = "DELETE FROM AccessToken a WHERE a.id.userId = :userId")
 @Table(name = "access_token")
-@RegisterForReflection(targets = {UUID[].class})
 public class AccessToken extends PanacheEntityBase {
 
 	@EmbeddedId
@@ -83,6 +84,11 @@ public static AccessToken unlock(UUID vaultId, String userId) {
 		}
 	}
 
+
+	public static void deleteByUser(String userId) {
+		delete("#AccessToken.deleteByUser", Parameters.with("userId", userId));
+	}
+
 	@Override
 	public boolean equals(Object o) {
 		if (this == o) return true;

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultAccessGrant.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultAccessGrant.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -13,7 +12,6 @@
 @Entity
 @Table(name = "audit_event_vault_access_grant")
 @DiscriminatorValue(AuditEventVaultAccessGrant.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultAccessGrant extends AuditEvent {
 
 	public static final String TYPE = "VAULT_ACCESS_GRANT";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultCreate.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultCreate.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -13,7 +12,6 @@
 @Entity
 @Table(name = "audit_event_vault_create")
 @DiscriminatorValue(AuditEventVaultCreate.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultCreate extends AuditEvent {
 
 	public static final String TYPE = "VAULT_CREATE";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultKeyRetrieve.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultKeyRetrieve.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -15,7 +14,6 @@
 @Entity
 @Table(name = "audit_event_vault_key_retrieve")
 @DiscriminatorValue(AuditEventVaultKeyRetrieve.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultKeyRetrieve extends AuditEvent {
 
 	public static final String TYPE = "VAULT_KEY_RETRIEVE";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultMemberAdd.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultMemberAdd.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -15,7 +14,6 @@
 @Entity
 @Table(name = "audit_event_vault_member_add")
 @DiscriminatorValue(AuditEventVaultMemberAdd.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultMemberAdd extends AuditEvent {
 
 	public static final String TYPE = "VAULT_MEMBER_ADD";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultMemberRemove.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultMemberRemove.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -13,7 +12,6 @@
 @Entity
 @Table(name = "audit_event_vault_member_remove")
 @DiscriminatorValue(AuditEventVaultMemberRemove.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultMemberRemove extends AuditEvent {
 
 	public static final String TYPE = "VAULT_MEMBER_REMOVE";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultMemberUpdate.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultMemberUpdate.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -15,7 +14,6 @@
 @Entity
 @Table(name = "audit_event_vault_member_update")
 @DiscriminatorValue(AuditEventVaultMemberUpdate.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultMemberUpdate extends AuditEvent {
 
 	public static final String TYPE = "VAULT_MEMBER_UPDATE";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultOwnershipClaim.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultOwnershipClaim.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -13,7 +12,6 @@
 @Entity
 @Table(name = "audit_event_vault_ownership_claim")
 @DiscriminatorValue(AuditEventVaultOwnershipClaim.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultOwnershipClaim extends AuditEvent {
 
 	public static final String TYPE = "VAULT_OWNERSHIP_CLAIM";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultUpdate.java b/backend/src/main/java/org/cryptomator/hub/entities/AuditEventVaultUpdate.java
@@ -1,6 +1,5 @@
 package org.cryptomator.hub.entities;
 
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.DiscriminatorValue;
 import jakarta.persistence.Entity;
@@ -13,7 +12,6 @@
 @Entity
 @Table(name = "audit_event_vault_update")
 @DiscriminatorValue(AuditEventVaultUpdate.TYPE)
-@RegisterForReflection(targets = {UUID[].class})
 public class AuditEventVaultUpdate extends AuditEvent {
 
 	public static final String TYPE = "VAULT_UPDATE";

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/Device.java b/backend/src/main/java/org/cryptomator/hub/entities/Device.java
@@ -24,6 +24,7 @@
 @NamedQuery(name = "Device.findByIdAndOwner",
 		query = "SELECT d FROM Device d WHERE d.id = :deviceId AND d.owner.id = :userId"
 )
+@NamedQuery(name = "Device.deleteByOwner", query = "DELETE FROM Device d WHERE d.owner.id = :userId")
 @NamedQuery(name = "Device.allInList",
 		query = """
 				SELECT d
@@ -99,4 +100,9 @@ public static Device findByIdAndUser(String deviceId, String userId) throws NoRe
 	public static Stream<Device> findAllInList(List<String> ids) {
 		return find("#Device.allInList", Parameters.with("ids", ids)).stream();
 	}
+
+	public static void deleteByOwner(String userId) {
+		delete("#Device.deleteByOwner", Parameters.with("userId", userId));
+	}
+
 }
diff --git a/backend/src/main/java/org/cryptomator/hub/entities/EffectiveVaultAccess.java b/backend/src/main/java/org/cryptomator/hub/entities/EffectiveVaultAccess.java
@@ -2,7 +2,6 @@
 
 import io.quarkus.hibernate.orm.panache.PanacheEntityBase;
 import io.quarkus.panache.common.Parameters;
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.Embeddable;
 import jakarta.persistence.EmbeddedId;
@@ -47,7 +46,6 @@ SELECT count(DISTINCT u)
 		FROM EffectiveVaultAccess eva
 		WHERE eva.id.vaultId = :vaultId AND eva.id.authorityId = :authorityId
 		""")
-@RegisterForReflection(targets = {UUID[].class})
 public class EffectiveVaultAccess extends PanacheEntityBase {
 
 	@EmbeddedId

diff --git a/backend/src/main/java/org/cryptomator/hub/entities/Vault.java b/backend/src/main/java/org/cryptomator/hub/entities/Vault.java
@@ -2,7 +2,6 @@
 
 import io.quarkus.hibernate.orm.panache.PanacheEntityBase;
 import io.quarkus.panache.common.Parameters;
-import io.quarkus.runtime.annotations.RegisterForReflection;
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.FetchType;
@@ -54,7 +53,6 @@
 				WHERE v.id IN :ids
 				"""
 )
-@RegisterForReflection(targets = {UUID[].class})
 public class Vault extends PanacheEntityBase {
 
 	@Id

diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties
@@ -32,7 +32,7 @@ hub.keycloak.oidc.cryptomator-client-id=cryptomator
 %dev.quarkus.keycloak.devservices.realm-name=cryptomator
 %dev.quarkus.keycloak.devservices.port=8180
 %dev.quarkus.keycloak.devservices.service-name=quarkus-cryptomator-hub
-%dev.quarkus.keycloak.devservices.image-name=ghcr.io/cryptomator/keycloak:22.0.1
+%dev.quarkus.keycloak.devservices.image-name=ghcr.io/cryptomator/keycloak:22.0.4
 %dev.quarkus.oidc.devui.grant.type=code
 # OIDC will be mocked during unit tests. Use fake auth url to prevent dev services to start:
 %test.quarkus.oidc.auth-server-url=http://localhost:43210/dev/null