Implement more of the server-side sync3

Author: ChrisPenner

share-api/src/Share/Web/UCM/SyncV2/Impl.hs

@@ -7,34 +7,29 @@ import Codec.Serialise qualified as CBOR
 import Conduit qualified as C
 import Control.Concurrent.STM qualified as STM
 import Control.Concurrent.STM.TBMQueue qualified as STM
-import Control.Monad.Except (ExceptT (ExceptT), withExceptT)
+import Control.Monad.Except (withExceptT)
 import Control.Monad.Trans.Except (runExceptT)
 import Data.Binary.Builder qualified as Builder
 import Data.Set qualified as Set
-import Data.Text.Encoding qualified as Text
 import Data.Vector qualified as Vector
 import Ki.Unlifted qualified as Ki
 import Servant
 import Servant.Conduit (ConduitToSourceIO (..))
 import Servant.Types.SourceT (SourceT (..))
 import Servant.Types.SourceT qualified as SourceT
-import Share.Codebase qualified as Codebase
-import Share.IDs (ProjectBranchShortHand (..), ProjectReleaseShortHand (..), ProjectShortHand (..), UserHandle, UserId)
+import Share.IDs (UserId)
 import Share.IDs qualified as IDs
 import Share.Postgres qualified as PG
 import Share.Postgres.Causal.Queries qualified as CausalQ
 import Share.Postgres.Cursors qualified as Cursor
-import Share.Postgres.Queries qualified as PGQ
-import Share.Postgres.Users.Queries qualified as UserQ
 import Share.Prelude
-import Share.Project (Project (..))
-import Share.User (User (..))
 import Share.Utils.Logging qualified as Logging
 import Share.Utils.Unison (hash32ToCausalHash)
 import Share.Web.App
-import Share.Web.Authorization qualified as AuthZ
 import Share.Web.Errors
 import Share.Web.UCM.Sync.HashJWT qualified as HashJWT
+import Share.Web.UCM.SyncCommon.Impl
+import Share.Web.UCM.SyncCommon.Types
 import Share.Web.UCM.SyncV2.Queries qualified as SSQ
 import Share.Web.UCM.SyncV2.Types (IsCausalSpine (..), IsLibRoot (..))
 import U.Codebase.Sqlite.Orphans ()
@@ -58,17 +53,6 @@ server mayUserId =
       causalDependenciesStream = causalDependenciesStreamImpl mayUserId
     }
 
-parseBranchRef :: SyncV2.BranchRef -> Either Text (Either ProjectReleaseShortHand ProjectBranchShortHand)
-parseBranchRef (SyncV2.BranchRef branchRef) =
-  case parseRelease <|> parseBranch of
-    Just a -> Right a
-    Nothing -> Left $ "Invalid repo info: " <> branchRef
-  where
-    parseBranch :: Maybe (Either ProjectReleaseShortHand ProjectBranchShortHand)
-    parseBranch = fmap Right . eitherToMaybe $ IDs.fromText @ProjectBranchShortHand branchRef
-    parseRelease :: Maybe (Either ProjectReleaseShortHand ProjectBranchShortHand)
-    parseRelease = fmap Left . eitherToMaybe $ IDs.fromText @ProjectReleaseShortHand branchRef
-
 downloadEntitiesStreamImpl :: Maybe UserId -> SyncV2.DownloadEntitiesRequest -> WebApp (SourceIO (SyncV2.CBORStream SyncV2.DownloadEntitiesChunk))
 downloadEntitiesStreamImpl mayCallerUserId (SyncV2.DownloadEntitiesRequest {causalHash = causalHashJWT, branchRef, knownHashes}) = do
   either emitErr id <$> runExceptT do

src/Share/Web/UCM/SyncCommon/Impl.hs

@@ -1,4 +1,36 @@
-module Share.Web.UCM.SyncCommon.Impl (codebaseForBranchRef) where
+module Share.Web.UCM.SyncCommon.Impl
+  ( parseBranchRef,
+    codebaseForBranchRef,
+  )
+where
+
+import Control.Monad.Except (ExceptT (ExceptT))
+import Servant
+import Share.Codebase qualified as Codebase
+import Share.IDs (ProjectBranchShortHand (..), ProjectReleaseShortHand (..), ProjectShortHand (..))
+import Share.IDs qualified as IDs
+import Share.Postgres qualified as PG
+import Share.Postgres.Queries qualified as PGQ
+import Share.Postgres.Users.Queries qualified as UserQ
+import Share.Prelude
+import Share.Project (Project (..))
+import Share.User (User (..))
+import Share.Web.App
+import Share.Web.Authorization qualified as AuthZ
+import Share.Web.UCM.SyncCommon.Types
+import U.Codebase.Sqlite.Orphans ()
+import Unison.SyncV2.Types qualified as SyncV2
+
+parseBranchRef :: SyncV2.BranchRef -> Either Text (Either ProjectReleaseShortHand ProjectBranchShortHand)
+parseBranchRef (SyncV2.BranchRef branchRef) =
+  case parseRelease <|> parseBranch of
+    Just a -> Right a
+    Nothing -> Left $ "Invalid repo info: " <> branchRef
+  where
+    parseBranch :: Maybe (Either ProjectReleaseShortHand ProjectBranchShortHand)
+    parseBranch = fmap Right . eitherToMaybe $ IDs.fromText @ProjectBranchShortHand branchRef
+    parseRelease :: Maybe (Either ProjectReleaseShortHand ProjectBranchShortHand)
+    parseRelease = fmap Left . eitherToMaybe $ IDs.fromText @ProjectReleaseShortHand branchRef
 
 codebaseForBranchRef :: SyncV2.BranchRef -> (ExceptT CodebaseLoadingError WebApp Codebase.CodebaseEnv)
 codebaseForBranchRef branchRef = do

src/Share/Web/UCM/SyncCommon/Types.hs

@@ -1,45 +1,27 @@
-module Share.Web.UCM.SyncCommon.Types () where
+{-# LANGUAGE DataKinds #-}
 
-newtype BranchRef = BranchRef {unBranchRef :: Text}
-  deriving (Serialise, Eq, Show, Ord, ToJSON, FromJSON) via Text
-
-instance From (ProjectAndBranch ProjectName ProjectBranchName) BranchRef where
-  from pab = BranchRef $ from pab
+module Share.Web.UCM.SyncCommon.Types (CodebaseLoadingError (..)) where
 
+import Data.Text.Encoding qualified as Text
+import Servant
+import Share.IDs
+import Share.IDs qualified as IDs
+import Share.Prelude
+import Share.Utils.Logging qualified as Logging
+import Share.Web.Errors
+import Unison.SyncCommon.Types
 
 data CodebaseLoadingError
   = CodebaseLoadingErrorProjectNotFound ProjectShortHand
   | CodebaseLoadingErrorUserNotFound UserHandle
-  | CodebaseLoadingErrorNoReadPermission SyncV2.BranchRef
-  | CodebaseLoadingErrorInvalidBranchRef Text SyncV2.BranchRef
+  | CodebaseLoadingErrorNoReadPermission BranchRef
+  | CodebaseLoadingErrorInvalidBranchRef Text BranchRef
   deriving stock (Show)
   deriving (Logging.Loggable) via Logging.ShowLoggable Logging.UserFault CodebaseLoadingError
 
 instance ToServerError CodebaseLoadingError where
   toServerError = \case
     CodebaseLoadingErrorProjectNotFound projectShortHand -> (ErrorID "codebase-loading:project-not-found", Servant.err404 {errBody = from . Text.encodeUtf8 $ "Project not found: " <> (IDs.toText projectShortHand)})
     CodebaseLoadingErrorUserNotFound userHandle -> (ErrorID "codebase-loading:user-not-found", Servant.err404 {errBody = from . Text.encodeUtf8 $ "User not found: " <> (IDs.toText userHandle)})
-    CodebaseLoadingErrorNoReadPermission branchRef -> (ErrorID "codebase-loading:no-read-permission", Servant.err403 {errBody = from . Text.encodeUtf8 $ "No read permission for branch ref: " <> (SyncV2.unBranchRef branchRef)})
-    CodebaseLoadingErrorInvalidBranchRef err branchRef -> (ErrorID "codebase-loading:invalid-branch-ref", Servant.err400 {errBody = from . Text.encodeUtf8 $ "Invalid branch ref: " <> err <> " " <> (SyncV2.unBranchRef branchRef)})
-
-codebaseForBranchRef :: SyncV2.BranchRef -> (ExceptT CodebaseLoadingError WebApp Codebase.CodebaseEnv)
-codebaseForBranchRef branchRef = do
-  case parseBranchRef branchRef of
-    Left err -> throwError (CodebaseLoadingErrorInvalidBranchRef err branchRef)
-    Right (Left (ProjectReleaseShortHand {userHandle, projectSlug})) -> do
-      let projectShortHand = ProjectShortHand {userHandle, projectSlug}
-      (Project {ownerUserId = projectOwnerUserId}, contributorId) <- ExceptT . PG.tryRunTransaction $ do
-        project <- PGQ.projectByShortHand projectShortHand `whenNothingM` throwError (CodebaseLoadingErrorProjectNotFound $ projectShortHand)
-        pure (project, Nothing)
-      authZToken <- lift AuthZ.checkDownloadFromProjectBranchCodebase `whenLeftM` \_err -> throwError (CodebaseLoadingErrorNoReadPermission branchRef)
-      let codebaseLoc = Codebase.codebaseLocationForProjectBranchCodebase projectOwnerUserId contributorId
-      pure $ Codebase.codebaseEnv authZToken codebaseLoc
-    Right (Right (ProjectBranchShortHand {userHandle, projectSlug, contributorHandle})) -> do
-      let projectShortHand = ProjectShortHand {userHandle, projectSlug}
-      (Project {ownerUserId = projectOwnerUserId}, contributorId) <- ExceptT . PG.tryRunTransaction $ do
-        project <- (PGQ.projectByShortHand projectShortHand) `whenNothingM` throwError (CodebaseLoadingErrorProjectNotFound projectShortHand)
-        mayContributorUserId <- for contributorHandle \ch -> fmap user_id $ (UserQ.userByHandle ch) `whenNothingM` throwError (CodebaseLoadingErrorUserNotFound ch)
-        pure (project, mayContributorUserId)
-      authZToken <- lift AuthZ.checkDownloadFromProjectBranchCodebase `whenLeftM` \_err -> throwError (CodebaseLoadingErrorNoReadPermission branchRef)
-      let codebaseLoc = Codebase.codebaseLocationForProjectBranchCodebase projectOwnerUserId contributorId
-      pure $ Codebase.codebaseEnv authZToken codebaseLoc
+    CodebaseLoadingErrorNoReadPermission branchRef -> (ErrorID "codebase-loading:no-read-permission", Servant.err403 {errBody = from . Text.encodeUtf8 $ "No read permission for branch ref: " <> (unBranchRef branchRef)})
+    CodebaseLoadingErrorInvalidBranchRef err branchRef -> (ErrorID "codebase-loading:invalid-branch-ref", Servant.err400 {errBody = from . Text.encodeUtf8 $ "Invalid branch ref: " <> err <> " " <> (unBranchRef branchRef)})

src/Share/Web/UCM/SyncV3/Impl.hs

@@ -5,8 +5,8 @@
 module Share.Web.UCM.SyncV3.Impl (server) where
 
 import Control.Lens hiding ((.=))
+import Control.Monad.Cont (ContT (..), MonadCont (..))
 import Control.Monad.Except (runExceptT)
-import Control.Monad.Trans.Except (ExceptT)
 import Data.Set qualified as Set
 import Data.Set.Lens (setOf)
 import Data.Vector (Vector)
@@ -18,17 +18,21 @@ import Share.IDs (UserId)
 import Share.Postgres qualified as PG
 import Share.Prelude
 import Share.Web.App
+import Share.Web.Authentication.Types qualified as AuthN
 import Share.Web.Authorization qualified as AuthZ
+import Share.Web.UCM.Sync.HashJWT qualified as HashJWT
+import Share.Web.UCM.SyncCommon.Impl (codebaseForBranchRef)
+import Share.Web.UCM.SyncCommon.Types
 import Share.Web.UCM.SyncV3.API qualified as SyncV3
 import Share.Web.UCM.SyncV3.Queries qualified as Q
 import U.Codebase.Sqlite.Orphans ()
+import Unison.Debug qualified as Debug
 import Unison.Hash32 (Hash32)
-import Unison.Share.API.Hash (HashJWT)
+import Unison.Share.API.Hash (HashJWT, HashJWTClaims (..))
 import Unison.SyncV3.Types
 import Unison.Util.Websockets (Queues (..), withQueues)
 import UnliftIO qualified
 import UnliftIO.STM
-import Unison.Debug qualified as Debug
 
 -- Amount of entities to buffer from the network into the send/recv queues.
 sendBufferSize :: Natural
@@ -48,69 +52,90 @@ server mayUserId =
     { downloadEntities = downloadEntitiesImpl mayUserId
     }
 
+type SyncM = ContT (Either SyncError ()) WebApp
+
 downloadEntitiesImpl :: Maybe UserId -> WS.Connection -> WebApp ()
-downloadEntitiesImpl _mayCallerUserId conn = do
+downloadEntitiesImpl mayCallerUserId conn = do
   Debug.debugLogM Debug.Temp "Got connection"
   -- Auth is currently done via HashJWTs
   _authZReceipt <- AuthZ.checkDownloadFromUserCodebase
-  doSyncEmitter shareEmitter conn
+  doSyncEmitter mayCallerUserId conn
 
 -- | Given a helper which understands how to wire things into its backend, This
 -- implements the sync emitter logic which is independent of the backend.
 doSyncEmitter ::
-  forall m.
-  (MonadUnliftIO m) =>
-  ( (SyncState HashTag Hash32) ->
-    Queues (MsgOrError SyncError (FromEmitterMessage Hash32 Text)) (MsgOrError SyncError (FromReceiverMessage HashJWT Hash32)) ->
-    m (Maybe SyncError)
-  ) ->
+  Maybe UserId ->
   WS.Connection ->
-  m ()
-doSyncEmitter emitterImpl conn = do
+  WebApp ()
+doSyncEmitter mayCallerUserId conn = do
   withQueues @(MsgOrError SyncError (FromEmitterMessage Hash32 Text)) @(MsgOrError SyncError (FromReceiverMessage HashJWT Hash32))
     recvBufferSize
     sendBufferSize
     conn
-    \(q@Queues {receive}) -> handleErr q $ do
-      Debug.debugLogM Debug.Temp "Got queues"
-      let recvM :: ExceptT SyncError m (FromReceiverMessage HashJWT Hash32)
-          recvM = do
-            result <- liftIO $ atomically receive
-            Debug.debugM Debug.Temp "Received: " result
-            case result of
-              Msg msg -> pure msg
-              Err err -> throwError err
-
-      Debug.debugLogM Debug.Temp "Waiting for init message"
-      initMsg <- recvM
-      Debug.debugM Debug.Temp "Got init: " initMsg
-      syncState <- case initMsg of
-        ReceiverInitStream initMsg -> lift $ initialize initMsg
-        other -> throwError $ InitializationError ("Expected ReceiverInitStream message, got: " <> tShow other)
-      lift (emitterImpl syncState q) >>= \case
-        Nothing -> pure ()
-        Just err -> throwError err
+    \(q@Queues {receive}) -> do
+      handleErr q $ do
+        withErrorCont \onErr -> do
+          Debug.debugLogM Debug.Temp "Got queues"
+          let recvM :: SyncM (FromReceiverMessage HashJWT Hash32)
+              recvM = do
+                result <- liftIO $ atomically receive
+                Debug.debugM Debug.Temp "Received: " result
+                case result of
+                  Msg msg -> pure msg
+                  Err err -> onErr err
+
+          Debug.debugLogM Debug.Temp "Waiting for init message"
+          initMsg <- recvM
+          Debug.debugM Debug.Temp "Got init: " initMsg
+          syncState <- case initMsg of
+            ReceiverInitStream initMsg -> initialize onErr mayCallerUserId initMsg
+            other -> onErr $ InitializationError ("Expected ReceiverInitStream message, got: " <> tShow other)
+          lift (shareEmitter syncState q)
+            >>= maybe (pure ()) (onErr)
   where
+    -- Given a continuation-based action, run it in the base monad, capturing any early exits
+    withErrorCont ::
+      ((forall x. SyncError -> SyncM x) -> SyncM ()) ->
+      WebApp (Either SyncError ())
+    withErrorCont action = do
+      flip runContT pure $ callCC \cc -> do
+        Right <$> action (fmap absurd . cc . Left)
+    -- If we get an error, send it to the client then shut down.
+    handleErr ::
+      Queues (MsgOrError err a) o ->
+      WebApp (Either err ()) ->
+      WebApp ()
     handleErr (Queues {send, shutdown}) action = do
-      runExceptT action >>= \case
+      action >>= \case
         Left err -> do
           atomically $ do
             send (Err err)
           liftIO $ shutdown
         Right r -> pure r
 
-initialize :: InitMsg ah -> m (SyncState sh hash)
-initialize InitMsg{initMsgClientVersion, initMsgBranchRef, initMsgRootCausal, initMsgRequestedDepth} = do
-  let initialCausalHash = hashjwtHash initMsgRootCausal
+initialize :: (forall x. SyncError -> SyncM x) -> (Maybe UserId) -> InitMsg HashJWT -> SyncM (SyncState sh Hash32)
+initialize onErr caller InitMsg {initMsgRootCausal, initMsgBranchRef} = do
+  HashJWTClaims {hash = initialCausalHash} <-
+    lift (HashJWT.verifyHashJWT caller initMsgRootCausal) >>= \case
+      Right ch -> pure ch
+      Left err -> onErr $ HashJWTVerificationError (AuthN.authErrMsg err)
   validRequestsVar <- newTVarIO Set.empty
-  requestedEntitiesVar <- newTVarIO (Set.singleton initialCausalHash)
+  requestedEntitiesVar <- newTVarIO (Set.singleton (CausalEntity, initialCausalHash))
   entitiesAlreadySentVar <- newTVarIO Set.empty
-  pure $ SyncState
-    { codebase = PG.codebaseEnv,
-      validRequestsVar,
-      requestedEntitiesVar,
-      entitiesAlreadySentVar
-    }
+  (lift . runExceptT $ codebaseForBranchRef initMsgBranchRef) >>= \case
+    Left err -> case err of
+      CodebaseLoadingErrorNoReadPermission {} -> onErr $ NoReadPermission initMsgBranchRef
+      CodebaseLoadingErrorProjectNotFound {} -> onErr $ ProjectNotFound initMsgBranchRef
+      CodebaseLoadingErrorUserNotFound {} -> onErr $ UserNotFound initMsgBranchRef
+      CodebaseLoadingErrorInvalidBranchRef msg _ -> onErr $ InvalidBranchRef msg initMsgBranchRef
+    Right codebase ->
+      pure $
+        SyncState
+          { codebase,
+            validRequestsVar,
+            requestedEntitiesVar,
+            entitiesAlreadySentVar
+          }
 
 data SyncState sh hash = SyncState
   { codebase :: CodebaseEnv,
@@ -129,27 +154,26 @@ shareEmitter ::
   (SyncState HashTag Hash32) ->
   Queues (MsgOrError SyncError (FromEmitterMessage Hash32 Text)) (MsgOrError SyncError (FromReceiverMessage HashJWT Hash32)) ->
   WebApp (Maybe SyncError)
-shareEmitter SyncState {requestedEntitiesVar, entitiesAlreadySentVar, validRequestsVar, codebase} (Queues {send, receive, shutdown}) = Ki.scoped $ \scope -> do
-  errVar <- newEmptyTMVarIO
-  let onErr :: SyncError -> STM ()
-      onErr e = do
-        UnliftIO.putTMVar errVar e
-  Ki.fork scope $ sendWorker onErr
-  Ki.fork scope $ receiveWorker onErr
-  r <- atomically $ (Ki.awaitAll scope $> Nothing) <|> (Just <$> UnliftIO.takeTMVar errVar)
-  liftIO $ shutdown
-  pure r
+shareEmitter SyncState {requestedEntitiesVar, entitiesAlreadySentVar, validRequestsVar, codebase} (Queues {send, receive}) = do
+  Ki.scoped $ \scope -> do
+    errVar <- newEmptyTMVarIO
+    let onErrSTM :: SyncError -> STM ()
+        onErrSTM e = do
+          UnliftIO.putTMVar errVar e
+    Ki.fork scope $ sendWorker onErrSTM
+    Ki.fork scope $ receiveWorker onErrSTM
+    atomically ((Ki.awaitAll scope $> Nothing) <|> (Just <$> UnliftIO.takeTMVar errVar))
   where
     sendWorker :: (SyncError -> STM ()) -> WebApp ()
-    sendWorker onErr = forever $ do
+    sendWorker onErrSTM = forever $ do
       reqs <- atomically $ do
         reqs <- readTVar requestedEntitiesVar
         validRequests <- readTVar validRequestsVar
         let forbiddenRequests = Set.difference reqs validRequests
         validRequests <-
           if not (Set.null forbiddenRequests)
             then do
-              onErr (ForbiddenEntityRequest forbiddenRequests)
+              onErrSTM (ForbiddenEntityRequest forbiddenRequests)
               pure $ Set.difference validRequests forbiddenRequests
             else do
               pure validRequests
@@ -179,11 +203,11 @@ shareEmitter SyncState {requestedEntitiesVar, entitiesAlreadySentVar, validReque
           send $ Msg (EmitterEntityMsg entity)
 
     receiveWorker :: (SyncError -> STM ()) -> WebApp ()
-    receiveWorker onErr = forever $ do
+    receiveWorker onErrSTM = forever $ do
       atomically $ do
         receive >>= \case
-          Err err -> onErr err
-          Msg (ReceiverInitStream {}) -> onErr (InitializationError "Received duplicate ReceiverInitStream message")
+          Err err -> onErrSTM err
+          Msg (ReceiverInitStream {}) -> onErrSTM (InitializationError "Received duplicate ReceiverInitStream message")
           Msg (ReceiverEntityRequest (EntityRequestMsg {hashes})) -> do
             modifyTVar' requestedEntitiesVar (\s -> Set.union s (Set.fromList hashes))