Fix invalid change and add logs

commonspace/object/tree/objecttree/objecttree_test.go

@@ -15,6 +15,7 @@ import (
 
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/list"
+	"github.com/anyproto/any-sync/commonspace/object/acl/liststorage"
 	"github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto"
 	"github.com/anyproto/any-sync/commonspace/object/tree/treestorage"
 )
@@ -241,6 +242,84 @@ func TestObjectTree(t *testing.T) {
 		require.NoError(t, err)
 	})
 
+	t.Run("filter changes when no aclHeadId", func(t *testing.T) {
+		exec := list.NewAclExecutor("spaceId")
+		type cmdErr struct {
+			cmd string
+			err error
+		}
+		cmds := []cmdErr{
+			{"a.init::a", nil},
+			{"a.invite::invId", nil},
+			{"b.join::invId", nil},
+			{"a.approve::b,r", nil},
+		}
+		for _, cmd := range cmds {
+			err := exec.Execute(cmd.cmd)
+			require.Equal(t, cmd.err, err, cmd)
+		}
+		aAccount := exec.ActualAccounts()["a"]
+		bAccount := exec.ActualAccounts()["b"]
+		root, err := CreateObjectTreeRoot(ObjectTreeCreatePayload{
+			PrivKey:       aAccount.Keys.SignKey,
+			ChangeType:    "changeType",
+			ChangePayload: nil,
+			SpaceId:       "spaceId",
+			IsEncrypted:   true,
+		}, aAccount.Acl)
+		require.NoError(t, err)
+		aStore, _ := treestorage.NewInMemoryTreeStorage(root, []string{root.Id}, []*treechangeproto.RawTreeChangeWithId{root})
+		aTree, err := BuildKeyFilterableObjectTree(aStore, aAccount.Acl)
+		require.NoError(t, err)
+		_, err = aTree.AddContent(ctx, SignableChangeContent{
+			Data:        []byte("some"),
+			Key:         aAccount.Keys.SignKey,
+			IsSnapshot:  false,
+			IsEncrypted: true,
+			DataType:    mockDataType,
+		})
+		require.NoError(t, err)
+		bStore := aTree.Storage().(*treestorage.InMemoryTreeStorage).Copy()
+		// copying old version of storage
+		prevAclRecs, err := bAccount.Acl.RecordsAfter(ctx, "")
+		require.NoError(t, err)
+		storage, err := liststorage.NewInMemoryAclListStorage(prevAclRecs[0].Id, prevAclRecs)
+		require.NoError(t, err)
+		acl, err := list.BuildAclListWithIdentity(bAccount.Keys, storage, list.NoOpAcceptorVerifier{})
+		require.NoError(t, err)
+		// creating tree with old storage which doesn't have a new invite record
+		bTree, err := BuildKeyFilterableObjectTree(bStore, acl)
+		require.NoError(t, err)
+		err = exec.Execute("a.invite::inv1Id")
+		require.NoError(t, err)
+		res, err := aTree.AddContent(ctx, SignableChangeContent{
+			Data:        []byte("some"),
+			Key:         aAccount.Keys.SignKey,
+			IsSnapshot:  false,
+			IsEncrypted: true,
+			DataType:    mockDataType,
+		})
+		unexpectedId := res.Added[0].Id
+		require.NoError(t, err)
+		var collectedChanges []*Change
+		err = aTree.IterateRoot(func(change *Change, decrypted []byte) (any, error) {
+			return nil, nil
+		}, func(change *Change) bool {
+			collectedChanges = append(collectedChanges, change)
+			return true
+		})
+		require.NoError(t, err)
+		bObjTree := bTree.(*objectTree)
+		// this is just a random slice, so the func works
+		indexes := []int{1, 2, 3, 4, 5}
+		// checking that we filter the changes
+		filtered, filteredChanges, _, _ := bObjTree.validator.FilterChanges(bObjTree.aclList, collectedChanges, nil, indexes)
+		require.True(t, filtered)
+		for _, ch := range filteredChanges {
+			require.NotEqual(t, unexpectedId, ch.Id)
+		}
+	})
+
 	t.Run("add content", func(t *testing.T) {
 		root, err := CreateObjectTreeRoot(ObjectTreeCreatePayload{
 			PrivKey:       keys.SignKey,