Add new sync (#1093)

* Add record migration * Add database functions for inserting history No real tests yet :( I would like to avoid running postgres lol * Add index handler, use UUIDs not strings * Fix a bunch of tests, remove Option<Uuid> * Add tests, all passing * Working upload sync * Record downloading works * Sync download works * Don't waste requests * Use a page size for uploads, make it variable later * Aaaaaand they're encrypted now too * Add cek * Allow reading tail across hosts * Revert "Allow reading tail across hosts" Not like that This reverts commit 7b0c72e7e050c358172f9b53cbd21b9e44cf4931. * Handle multiple shards properly * format * Format and make clippy happy * use some fancy types (#1098) * use some fancy types * fmt * Goodbye horrible tuple * Update atuin-server-postgres/migrations/20230623070418_records.sql Co-authored-by: Conrad Ludgate <conradludgate@gmail.com> * fmt * Sort tests too because time sucks * fix features --------- Co-authored-by: Conrad Ludgate <conradludgate@gmail.com>
author: Ellie Huxtable <ellie@elliehuxtable.com> 2023-07-14 20:44:08 +0100
committer: GitHub <noreply@github.com> 2023-07-14 20:44:08 +0100
commit: 97e24d0d41bb743833e457de5ba49c5c233eb3b3 (patch)
tree: f0cfefd9048df83d3029cb0b0d21f1f88813fe2e /atuin-client/src/record/encryption.rs
parent: Bump semver from 5.7.1 to 5.7.2 in /docs (#1100) (diff)
download: atuin-97e24d0d41bb743833e457de5ba49c5c233eb3b3.zip
1 files changed, 31 insertions, 34 deletions
diff --git a/atuin-client/src/record/encryption.rs b/atuin-client/src/record/encryption.rs
index f14bf027..6760d97b 100644
--- a/atuin-client/src/record/encryption.rs
+++ b/atuin-client/src/record/encryption.rs
@@ -1,4 +1,6 @@
-use atuin_common::record::{AdditionalData, DecryptedData, EncryptedData, Encryption};
+use atuin_common::record::{
+    AdditionalData, DecryptedData, EncryptedData, Encryption, HostId, RecordId,
+};
 use base64::{engine::general_purpose, Engine};
 use eyre::{ensure, Context, Result};
 use rusty_paserk::{Key, KeyId, Local, PieWrappedKey};
@@ -158,10 +160,11 @@ struct AtuinFooter {
 // This cannot be changed, otherwise it breaks the authenticated encryption.
 #[derive(Debug, Copy, Clone, Serialize)]
 struct Assertions<'a> {
-    id: &'a str,
+    id: &'a RecordId,
     version: &'a str,
     tag: &'a str,
-    host: &'a str,
+    host: &'a HostId,
+    parent: Option<&'a RecordId>,
 }
 
 impl<'a> From<AdditionalData<'a>> for Assertions<'a> {
@@ -171,6 +174,7 @@ impl<'a> From<AdditionalData<'a>> for Assertions<'a> {
             version: ad.version,
             tag: ad.tag,
             host: ad.host,
+            parent: ad.parent,
         }
     }
 }
@@ -183,7 +187,7 @@ impl Assertions<'_> {
 
 #[cfg(test)]
 mod tests {
-    use atuin_common::record::Record;
+    use atuin_common::{record::Record, utils::uuid_v7};
 
     use super::*;
 
@@ -192,10 +196,11 @@ mod tests {
         let key = Key::<V4, Local>::new_os_random();
 
         let ad = AdditionalData {
-            id: "foo",
+            id: &RecordId(uuid_v7()),
             version: "v0",
             tag: "kv",
-            host: "1234",
+            host: &HostId(uuid_v7()),
+            parent: None,
         };
 
         let data = DecryptedData(vec![1, 2, 3, 4]);
@@ -210,10 +215,11 @@ mod tests {
         let key = Key::<V4, Local>::new_os_random();
 
         let ad = AdditionalData {
-            id: "foo",
+            id: &RecordId(uuid_v7()),
             version: "v0",
             tag: "kv",
-            host: "1234",
+            host: &HostId(uuid_v7()),
+            parent: None,
         };
 
         let data = DecryptedData(vec![1, 2, 3, 4]);
@@ -233,10 +239,11 @@ mod tests {
         let fake_key = Key::<V4, Local>::new_os_random();
 
         let ad = AdditionalData {
-            id: "foo",
+            id: &RecordId(uuid_v7()),
             version: "v0",
             tag: "kv",
-            host: "1234",
+            host: &HostId(uuid_v7()),
+            parent: None,
         };
 
         let data = DecryptedData(vec![1, 2, 3, 4]);
@@ -250,10 +257,11 @@ mod tests {
         let key = Key::<V4, Local>::new_os_random();
 
         let ad = AdditionalData {
-            id: "foo",
+            id: &RecordId(uuid_v7()),
             version: "v0",
             tag: "kv",
-            host: "1234",
+            host: &HostId(uuid_v7()),
+            parent: None,
         };
 
         let data = DecryptedData(vec![1, 2, 3, 4]);
@@ -261,10 +269,8 @@ mod tests {
         let encrypted = PASETO_V4::encrypt(data, ad, &key.to_bytes());
 
         let ad = AdditionalData {
-            id: "foo1",
-            version: "v0",
-            tag: "kv",
-            host: "1234",
+            id: &RecordId(uuid_v7()),
+            ..ad
         };
         let _ = PASETO_V4::decrypt(encrypted, ad, &key.to_bytes()).unwrap_err();
     }
@@ -275,10 +281,11 @@ mod tests {
         let key2 = Key::<V4, Local>::new_os_random();
 
         let ad = AdditionalData {
-            id: "foo",
+            id: &RecordId(uuid_v7()),
             version: "v0",
             tag: "kv",
-            host: "1234",
+            host: &HostId(uuid_v7()),
+            parent: None,
         };
 
         let data = DecryptedData(vec![1, 2, 3, 4]);
@@ -304,10 +311,10 @@ mod tests {
     fn full_record_round_trip() {
         let key = [0x55; 32];
         let record = Record::builder()
-            .id("1".to_owned())
+            .id(RecordId(uuid_v7()))
             .version("v0".to_owned())
             .tag("kv".to_owned())
-            .host("host1".to_owned())
+            .host(HostId(uuid_v7()))
             .timestamp(1687244806000000)
             .data(DecryptedData(vec![1, 2, 3, 4]))
             .build();
@@ -316,30 +323,20 @@ mod tests {
 
         assert!(!encrypted.data.data.is_empty());
         assert!(!encrypted.data.content_encryption_key.is_empty());
-        assert_eq!(encrypted.id, "1");
-        assert_eq!(encrypted.host, "host1");
-        assert_eq!(encrypted.version, "v0");
-        assert_eq!(encrypted.tag, "kv");
-        assert_eq!(encrypted.timestamp, 1687244806000000);
 
         let decrypted = encrypted.decrypt::<PASETO_V4>(&key).unwrap();
 
         assert_eq!(decrypted.data.0, [1, 2, 3, 4]);
-        assert_eq!(decrypted.id, "1");
-        assert_eq!(decrypted.host, "host1");
-        assert_eq!(decrypted.version, "v0");
-        assert_eq!(decrypted.tag, "kv");
-        assert_eq!(decrypted.timestamp, 1687244806000000);
     }
 
     #[test]
     fn full_record_round_trip_fail() {
         let key = [0x55; 32];
         let record = Record::builder()
-            .id("1".to_owned())
+            .id(RecordId(uuid_v7()))
             .version("v0".to_owned())
             .tag("kv".to_owned())
-            .host("host1".to_owned())
+            .host(HostId(uuid_v7()))
             .timestamp(1687244806000000)
             .data(DecryptedData(vec![1, 2, 3, 4]))
             .build();
@@ -347,13 +344,13 @@ mod tests {
         let encrypted = record.encrypt::<PASETO_V4>(&key);
 
         let mut enc1 = encrypted.clone();
-        enc1.host = "host2".to_owned();
+        enc1.host = HostId(uuid_v7());
         let _ = enc1
             .decrypt::<PASETO_V4>(&key)
             .expect_err("tampering with the host should result in auth failure");
 
         let mut enc2 = encrypted;
-        enc2.id = "2".to_owned();
+        enc2.id = RecordId(uuid_v7());
         let _ = enc2
             .decrypt::<PASETO_V4>(&key)
             .expect_err("tampering with the id should result in auth failure");
author	Ellie Huxtable <ellie@elliehuxtable.com>	2023-07-14 20:44:08 +0100
committer	GitHub <noreply@github.com>	2023-07-14 20:44:08 +0100
commit	97e24d0d41bb743833e457de5ba49c5c233eb3b3 (patch)
tree	f0cfefd9048df83d3029cb0b0d21f1f88813fe2e /atuin-client/src/record/encryption.rs
parent	Bump semver from 5.7.1 to 5.7.2 in /docs (#1100) (diff)
download	atuin-97e24d0d41bb743833e457de5ba49c5c233eb3b3.zip