Merge branch '804-self-destructing-messages' into 'master'

Merge 'Self-destruct timer for messages' to master Closes #1863 See merge request briar/briar!1396
2026-02-12 18:59:06 +01:00 · 2021-04-15 15:24:19 +00:00
parent 8671229f76 8991762b0c
commit d70d27e665
237 changed files with 10871 additions and 1882 deletions
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/FeatureFlags.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/FeatureFlags.java
@@ -9,4 +9,5 @@ public interface FeatureFlags {

 	boolean shouldEnableProfilePictures();

+	boolean shouldEnableDisappearingMessages();
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/cleanup/CleanupHook.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/cleanup/CleanupHook.java
@@ -0,0 +1,29 @@
+package org.briarproject.bramble.api.cleanup;
+
+import org.briarproject.bramble.api.db.DatabaseComponent;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.db.Transaction;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.sync.GroupId;
+import org.briarproject.bramble.api.sync.MessageId;
+
+import java.util.Collection;
+
+/**
+ * An interface for registering a hook with the {@link CleanupManager}
+ * that will be called when a message's cleanup deadline is reached.
+ */
+@NotNullByDefault
+public interface CleanupHook {
+
+	/**
+	 * Called when the cleanup deadlines of one or more messages are reached.
+	 * <p>
+	 * The callee is not required to delete the messages, but the hook won't be
+	 * called again for these messages unless another cleanup timer is set (see
+	 * {@link DatabaseComponent#setCleanupTimerDuration(Transaction, MessageId, long)}
+	 * and {@link DatabaseComponent#startCleanupTimer(Transaction, MessageId)}).
+	 */
+	void deleteMessages(Transaction txn, GroupId g,
+			Collection<MessageId> messageIds) throws DbException;
+}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/cleanup/CleanupManager.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/cleanup/CleanupManager.java
@@ -0,0 +1,42 @@
+package org.briarproject.bramble.api.cleanup;
+
+import org.briarproject.bramble.api.cleanup.event.CleanupTimerStartedEvent;
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.db.DatabaseComponent;
+import org.briarproject.bramble.api.db.Transaction;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.sync.ClientId;
+import org.briarproject.bramble.api.sync.MessageId;
+
+/**
+ * The CleanupManager is responsible for tracking the cleanup deadlines of
+ * messages and passing them to their respective
+ * {@link CleanupHook CleanupHooks} when the deadlines are reached.
+ * <p>
+ * The CleanupManager responds to
+ * {@link CleanupTimerStartedEvent CleanupTimerStartedEvents} broadcast by the
+ * {@link DatabaseComponent}.
+ * <p>
+ * See {@link DatabaseComponent#setCleanupTimerDuration(Transaction, MessageId, long)},
+ * {@link DatabaseComponent#startCleanupTimer(Transaction, MessageId)},
+ * {@link DatabaseComponent#stopCleanupTimer(Transaction, MessageId)}.
+ */
+@NotNullByDefault
+public interface CleanupManager {
+
+	/**
+	 * When scheduling a cleanup task we overshoot the deadline by this many
+	 * milliseconds to reduce the number of tasks that need to be scheduled
+	 * when messages have cleanup deadlines that are close together.
+	 */
+	long BATCH_DELAY_MS = 1000;
+
+	/**
+	 * Registers a hook to be called when messages are due for cleanup.
+	 * This method should be called before
+	 * {@link LifecycleManager#startServices(SecretKey)}.
+	 */
+	void registerCleanupHook(ClientId c, int majorVersion,
+			CleanupHook hook);
+}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/cleanup/event/CleanupTimerStartedEvent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/cleanup/event/CleanupTimerStartedEvent.java
@@ -0,0 +1,32 @@
+package org.briarproject.bramble.api.cleanup.event;
+
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.sync.MessageId;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * An event that is broadcast when a message's cleanup timer is started.
+ */
+@Immutable
+@NotNullByDefault
+public class CleanupTimerStartedEvent extends Event {
+
+	private final MessageId messageId;
+	private final long cleanupDeadline;
+
+	public CleanupTimerStartedEvent(MessageId messageId,
+			long cleanupDeadline) {
+		this.messageId = messageId;
+		this.cleanupDeadline = cleanupDeadline;
+	}
+
+	public MessageId getMessageId() {
+		return messageId;
+	}
+
+	public long getCleanupDeadline() {
+		return cleanupDeadline;
+	}
+}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java
@@ -1,6 +1,7 @@
 package org.briarproject.bramble.api.client;

 import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.crypto.PrivateKey;
 import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.data.BdfDictionary;
@@ -16,6 +17,7 @@ import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.MessageId;

 import java.security.GeneralSecurityException;
+import java.util.Collection;
 import java.util.Map;

@NotNullByDefault
@@ -50,9 +52,11 @@ public interface ClientHelper {
 	BdfDictionary getGroupMetadataAsDictionary(Transaction txn, GroupId g)
 			throws DbException, FormatException;

+	Collection<MessageId> getMessageIds(Transaction txn, GroupId g,
+			BdfDictionary query) throws DbException, FormatException;
+
 	BdfDictionary getMessageMetadataAsDictionary(MessageId m)
-			throws DbException,
-			FormatException;
+			throws DbException, FormatException;

 	BdfDictionary getMessageMetadataAsDictionary(Transaction txn, MessageId m)
 			throws DbException, FormatException;
@@ -119,4 +123,17 @@ public interface ClientHelper {
 	Map<TransportId, TransportProperties> parseAndValidateTransportPropertiesMap(
 			BdfDictionary properties) throws FormatException;

+	/**
+	 * Retrieves the contact ID from the group metadata of the given contact
+	 * group.
+	 */
+	ContactId getContactId(Transaction txn, GroupId contactGroupId)
+			throws DbException, FormatException;
+
+	/**
+	 * Stores the given contact ID in the group metadata of the given contact
+	 * group.
+	 */
+	void setContactId(Transaction txn, GroupId contactGroupId, ContactId c)
+			throws DbException;
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/client/ContactGroupConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/client/ContactGroupConstants.java
@@ -0,0 +1,9 @@
+package org.briarproject.bramble.api.client;
+
+public interface ContactGroupConstants {
+
+	/**
+	 * Group metadata key for associating a contact ID with a contact group.
+	 */
+	String GROUP_KEY_CONTACT_ID = "contactId";
+}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseComponent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseComponent.java
@@ -41,6 +41,18 @@ import javax.annotation.Nullable;
@NotNullByDefault
 public interface DatabaseComponent extends TransactionManager {

+	/**
+	 * Return value for {@link #getNextCleanupDeadline(Transaction)} if
+	 * no messages are scheduled to be deleted.
+	 */
+	long NO_CLEANUP_DEADLINE = -1;
+
+	/**
+	 * Return value for {@link #startCleanupTimer(Transaction, MessageId)}
+	 * if the cleanup timer was not started.
+	 */
+	long TIMER_NOT_STARTED = -1;
+
 	/**
 	 * Opens the database and returns true if the database already existed.
 	 *
@@ -288,6 +300,16 @@ public interface DatabaseComponent extends TransactionManager {
 	Collection<MessageId> getMessageIds(Transaction txn, GroupId g)
 			throws DbException;

+	/**
+	 * Returns the IDs of any delivered messages in the given group with
+	 * metadata that matches all entries in the given query. If the query is
+	 * empty, the IDs of all delivered messages are returned.
+	 * <p/>
+	 * Read-only.
+	 */
+	Collection<MessageId> getMessageIds(Transaction txn, GroupId g,
+			Metadata query) throws DbException;
+
 	/**
 	 * Returns the IDs of any messages that need to be validated.
 	 * <p/>
@@ -314,6 +336,15 @@ public interface DatabaseComponent extends TransactionManager {
 	Collection<MessageId> getMessagesToShare(Transaction txn)
 			throws DbException;

+	/**
+	 * Returns the IDs of any messages of any messages that are due for
+	 * deletion, along with their group IDs.
+	 * <p/>
+	 * Read-only.
+	 */
+	Map<GroupId, Collection<MessageId>> getMessagesToDelete(Transaction txn)
+			throws DbException;
+
 	/**
 	 * Returns the metadata for all delivered messages in the given group.
 	 * <p/>
@@ -395,6 +426,15 @@ public interface DatabaseComponent extends TransactionManager {
 	MessageStatus getMessageStatus(Transaction txn, ContactId c, MessageId m)
 			throws DbException;

+	/**
+	 * Returns the next time (in milliseconds since the Unix epoch) when a
+	 * message is due to be deleted, or {@link #NO_CLEANUP_DEADLINE}
+	 * if no messages are scheduled to be deleted.
+	 * <p/>
+	 * Read-only.
+	 */
+	long getNextCleanupDeadline(Transaction txn) throws DbException;
+
 	/*
 	 * Returns the next time (in milliseconds since the Unix epoch) when a
 	 * message is due to be sent to the given contact. The returned value may
@@ -535,6 +575,13 @@ public interface DatabaseComponent extends TransactionManager {
 	void removeTransportKeys(Transaction txn, TransportId t, KeySetId k)
 			throws DbException;

+	/**
+	 * Sets the cleanup timer duration for the given message. This does not
+	 * start the message's cleanup timer.
+	 */
+	void setCleanupTimerDuration(Transaction txn, MessageId m, long duration)
+			throws DbException;
+
 	/**
 	 * Marks the given contact as verified.
 	 */
@@ -557,6 +604,12 @@ public interface DatabaseComponent extends TransactionManager {
 	 */
 	void setMessagePermanent(Transaction txn, MessageId m) throws DbException;

+	/**
+	 * Marks the given message as not shared. This method is only meant for
+	 * testing.
+	 */
+	void setMessageNotShared(Transaction txn, MessageId m) throws DbException;
+
 	/**
 	 * Marks the given message as shared.
 	 */
@@ -599,6 +652,22 @@ public interface DatabaseComponent extends TransactionManager {
 	void setTransportKeysActive(Transaction txn, TransportId t, KeySetId k)
 			throws DbException;

+	/**
+	 * Starts the cleanup timer for the given message, if a timer duration
+	 * has been set and the timer has not already been started.
+	 *
+	 * @return The cleanup deadline, or {@link #TIMER_NOT_STARTED} if no
+	 * timer duration has been set for this message or its timer has already
+	 * been started.
+	 */
+	long startCleanupTimer(Transaction txn, MessageId m) throws DbException;
+
+	/**
+	 * Stops the cleanup timer for the given message, if the timer has been
+	 * started.
+	 */
+	void stopCleanupTimer(Transaction txn, MessageId m) throws DbException;
+
 	/**
 	 * Stores the given transport keys, deleting any keys they have replaced.
 	 */
--- a/bramble-api/src/main/java/org/briarproject/bramble/util/ValidationUtils.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/util/ValidationUtils.java
@@ -6,7 +6,9 @@ import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;

 import javax.annotation.Nullable;
+import javax.annotation.concurrent.Immutable;

+@Immutable
@NotNullByDefault
 public class ValidationUtils {

@@ -64,4 +66,9 @@ public class ValidationUtils {
 		if (dictionary != null && dictionary.size() != size)
 			throw new FormatException();
 	}
+
+	public static void checkRange(@Nullable Long l, long min, long max)
+			throws FormatException {
+		if (l != null && (l < min || l > max)) throw new FormatException();
+	}
 }