Encrypt read key with invites on key change

2025-06-08 05:57:03 +09:00 · 2025-05-12 13:29:41 +02:00 · 2025-05-12 13:29:41 +02:00 · ac68d0850b
commit ac68d0850b
parent c2dc1770b6
2 changed files with 28 additions and 1 deletions
--- a/commonspace/object/acl/list/aclrecordbuilder.go
+++ b/commonspace/object/acl/list/aclrecordbuilder.go
@ -626,7 +626,10 @@ func (a *aclRecordBuilder) buildReadKeyChange(payload ReadKeyChangePayload, remo
 	if err != nil {
 		return nil, err
 	}
-	var aclReadKeys []*aclrecordproto.AclEncryptedReadKey
+	var (
+		aclReadKeys []*aclrecordproto.AclEncryptedReadKey
+		invites     []*aclrecordproto.AclEncryptedReadKey
+	)
 	for identity, st := range a.state.accountStates {
 		if removedIdentities != nil {
 			if _, exists := removedIdentities[identity]; exists {
@ -649,6 +652,23 @@ func (a *aclRecordBuilder) buildReadKeyChange(payload ReadKeyChangePayload, remo
 			EncryptedReadKey: enc,
 		})
 	}
+	for _, invite := range a.state.invites {
+		if invite.Type != aclrecordproto.AclInviteType_AnyoneCanJoin {
+			continue
+		}
+		protoIdentity, err := invite.Key.Marshall()
+		if err != nil {
+			return nil, err
+		}
+		enc, err := invite.Key.Encrypt(protoKey)
+		if err != nil {
+			return nil, err
+		}
+		invites = append(invites, &aclrecordproto.AclEncryptedReadKey{
+			Identity:         protoIdentity,
+			EncryptedReadKey: enc,
+		})
+	}
 	// encrypting metadata key with new read key
 	mkPubKey, err := payload.MetadataKey.GetPublic().Marshall()
 	if err != nil {
@ -680,6 +700,7 @@ func (a *aclRecordBuilder) buildReadKeyChange(payload ReadKeyChangePayload, remo
 		MetadataPubKey:           mkPubKey,
 		EncryptedMetadataPrivKey: encPrivKey,
 		EncryptedOldReadKey:      encOldKey,
+		InviteKeys:               invites,
 	}
 	return readRec, nil
 }
--- a/commonspace/object/acl/list/acltestsuite_test.go
+++ b/commonspace/object/acl/list/acltestsuite_test.go
@ -53,6 +53,7 @@ func TestAclExecutor(t *testing.T) {
 		{"a.init::a", nil},
 		// creating an invite
 		{"a.invite::invId", nil},
+		{"a.invite_anyone::oldInvId", nil},
 		// cannot self join
 		{"a.join::invId", ErrInsufficientPermissions},
 		// now b can join
@ -130,7 +131,12 @@ func TestAclExecutor(t *testing.T) {
 		{"a.changes::r,g", ErrInsufficientPermissions},
 		{"a.invite_anyone::invAnyoneId", nil},
 		{"new.invite_join::invAnyoneId", nil},
+		// invite keys persist after user removal
+		{"a.remove::new", nil},
 		{"new1.invite_join::invAnyoneId", nil},
+		{"a.revoke::invAnyoneId", nil},
+		{"new2.invite_join::invAnyoneId", ErrNoSuchInvite},
+		{"new2.invite_join::oldInvId", nil},
 	}
 	for _, cmd := range cmds {
 		err := a.Execute(cmd.cmd)