Use EncryptedFilesSyncJob

[abuabraham-ttd]

Update to use EncryptedFilesSyncJob and not PrivateSiteRefresh for syncing encrypted files.
Handle metadata missing first level hash

UID2-5060

[vishalegbert-ttd]

Maybe plaintextMetadata instead

[vishalegbert-ttd]

These two lines caused me a lot of confusion

In upload(Object data, JsonObject extraMeta), we already get a collection of saltSnapshots, presumably one old and one new. There is no point uploading twice

From the collection received in upload(), find the old snapshots, set it as a property, something like this.oldSnapshots

Call super.upload on the newest snapshot only

In getSnapshots, it should return the concat of this.oldSnapshots and data (which is the newest snapshot we just uploaded)

[abuabraham-ttd]

Unfortunately, no, in current implementation.

The execution flow is;

For snapshot in snapshots:
call super.upload()

So second snapshot writes metadata without including earlier snapshot. Hence we store previousSeenSnapshots.

[abuabraham-ttd]

@vishalegbert-ttd "Call super.upload on the newest snapshot only"

Will mean; metadata.json will only have newest entry

[vishalegbert-ttd]

@Override
    protected List<RotatingSaltProvider.SaltSnapshot> getSnapshots(RotatingSaltProvider.SaltSnapshot data){
        if (this.allSnapshots == null) {
            throw new IllegalStateException("Snapshots are not initialized. Please call upload() first.");
        }

        return this.allSnapshots;
    }

    @Override
    protected JsonObject getMetadata() throws Exception {
        if (this.allSnapshots == null) {
            throw new IllegalStateException("Extra metadata is null. Please call upload() first.");
        }
        
        return this.extraMetadata;
    }


    @Override
    public void upload(Object data, JsonObject extraMeta) throws Exception {
        List<RotatingSaltProvider.SaltSnapshot> snapshots = new ArrayList<>((Collection<RotatingSaltProvider.SaltSnapshot>) data);

        int size = snapshots.size();

        // Process first n-1 snapshots
        for (int i = 0; i < size - 1; i++) {
            RotatingSaltProvider.SaltSnapshot snapshot = snapshots.get(i);
            String location = getSaltSnapshotLocation(snapshot);
            super.uploadSaltsSnapshot(snapshot, location);
        }

        // Upload the last snapshot
        this.allSnapshots = snapshots;
        this.extraMetadata = extraMeta;
        super.upload(snapshots.get(size - 1));
    }```

[vishalegbert-ttd]

Does this make sense?

[abuabraham-ttd]

Yes, as discussed on call yesterday. I updated to what I had in mind, that includes modification to SaltStoreWriter . We can have a chat today and use either of this.

[abuabraham-ttd]

Changes to accept saltProvider and not just saltEntries.

We can then pass unencrypted saltEntries along with metadata to encryption process.

[abuabraham-ttd]

passing metadata in extraMeta argument to use this info while encrypting per site.

[abuabraham-ttd]

re-organised the method to not have this noop

[abuabraham-ttd]

dont need this as well, as getSnapshots is handled in upload(Object data, JsonObject extraMeta)

[abuabraham-ttd]

gets all snapshots, calls buildAndUploadMetadata with extraMeta and snapshotmeta.

buildAndUploadMetadata works same way for both unencrypted and encrypted

[abuabraham-ttd]

removed override

[abuabraham-ttd]

constructs metadata and upload based on init metadata.

For unencrypted, it is provider.getMetadata();
For encrypted, it is extraMeta

[abuabraham-ttd]

,split it to a function, no change in implementation , except making it return snapshotsMetadata

[abuabraham-ttd]

removed the noop override. It can be private

[vishalegbert-ttd]

The original SaltStoreWrite code only uploaded the latest snapshot, now it will re-upload all of them..

[abuabraham-ttd]

`
public void upload(RotatingSaltProvider.SaltSnapshot data) throws Exception {
final Instant now = Instant.now();
final long generated = now.getEpochSecond();

    JsonObject metadata = null;
    try {
        metadata = provider.getMetadata();
    } catch (CloudStorageException e) {
        if (e.getMessage().contains("The specified key does not exist")) {
            metadata = new JsonObject();
        } else {
            throw e;
        }
    }
    // bump up metadata version
    metadata.put("version", versionGenerator.getVersion());
    metadata.put("generated", generated);

    final JsonArray snapshotsMetadata = new JsonArray();
    metadata.put("salts", snapshotsMetadata);

    List<RotatingSaltProvider.SaltSnapshot> snapshots = this.getSnapshots(data);

    for (RotatingSaltProvider.SaltSnapshot snapshot : snapshots) {
        final String location = getSaltSnapshotLocation(snapshot);
        final JsonObject snapshotMetadata = new JsonObject();
        snapshotMetadata.put("effective", snapshot.getEffective().toEpochMilli());
        snapshotMetadata.put("expires", snapshot.getExpires().toEpochMilli());
        snapshotMetadata.put("location", location);
        snapshotMetadata.put("size", snapshot.getAllRotatingSalts().length);
        snapshotsMetadata.add(snapshotMetadata);

        uploadSaltsSnapshot(snapshot, location);
    }

    fileManager.uploadMetadata(metadata, "salts", new CloudPath(provider.getMetadataPath()));

    // refresh manually
    refreshProvider();
}`

how? Isn't the behavior the same? loop through snapshots and upload. 

Or did I miss anything? 

[abuabraham-ttd]

snapshots = this.getSnapshots(data)

controls what snapshots are returned, and it only returns newestEffective. It isn't changed (if I understand it correctly)

[vishalegbert-ttd]

Ah no sorry you're right