Merge branch 'wireapp:develop' into develop

cassandra-schema.cql

@@ -353,10 +353,9 @@ CREATE TABLE brig_test.oauth_user_refresh_token (
     AND read_repair_chance = 0.0
     AND speculative_retry = '99PERCENTILE';
 
-CREATE TABLE brig_test.invitation_info (
-    code ascii PRIMARY KEY,
-    id uuid,
-    inviter uuid
+CREATE TABLE brig_test.users_pending_activation (
+    user uuid PRIMARY KEY,
+    expires_at timestamp
 ) WITH bloom_filter_fp_chance = 0.01
     AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'}
     AND comment = ''
@@ -867,24 +866,6 @@ CREATE TABLE brig_test.connection_remote (
     AND speculative_retry = '99PERCENTILE';
 CREATE INDEX connection_remote_right_domain_idx ON brig_test.connection_remote (right_domain);
 
-CREATE TABLE brig_test.users_pending_activation (
-    user uuid PRIMARY KEY,
-    expires_at timestamp
-) WITH bloom_filter_fp_chance = 0.01
-    AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'}
-    AND comment = ''
-    AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
-    AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
-    AND crc_check_chance = 1.0
-    AND dclocal_read_repair_chance = 0.1
-    AND default_time_to_live = 0
-    AND gc_grace_seconds = 864000
-    AND max_index_interval = 2048
-    AND memtable_flush_period_in_ms = 0
-    AND min_index_interval = 128
-    AND read_repair_chance = 0.0
-    AND speculative_retry = '99PERCENTILE';
-
 CREATE TABLE brig_test.connection (
     left uuid,
     right uuid,
@@ -910,27 +891,6 @@ CREATE TABLE brig_test.connection (
     AND speculative_retry = '99PERCENTILE';
 CREATE INDEX conn_status ON brig_test.connection (status);
 
-CREATE TABLE brig_test.password_reset (
-    key ascii PRIMARY KEY,
-    code ascii,
-    retries int,
-    timeout timestamp,
-    user uuid
-) WITH bloom_filter_fp_chance = 0.1
-    AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'}
-    AND comment = ''
-    AND compaction = {'class': 'org.apache.cassandra.db.compaction.LeveledCompactionStrategy'}
-    AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
-    AND crc_check_chance = 1.0
-    AND dclocal_read_repair_chance = 0.1
-    AND default_time_to_live = 0
-    AND gc_grace_seconds = 864000
-    AND max_index_interval = 2048
-    AND memtable_flush_period_in_ms = 0
-    AND min_index_interval = 128
-    AND read_repair_chance = 0.0
-    AND speculative_retry = '99PERCENTILE';
-
 CREATE TABLE brig_test.federation_remotes (
     domain text PRIMARY KEY,
     restriction int,
@@ -950,20 +910,16 @@ CREATE TABLE brig_test.federation_remotes (
     AND read_repair_chance = 0.0
     AND speculative_retry = '99PERCENTILE';
 
-CREATE TABLE brig_test.invitation (
-    inviter uuid,
-    id uuid,
+CREATE TABLE brig_test.password_reset (
+    key ascii PRIMARY KEY,
     code ascii,
-    created_at timestamp,
-    email text,
-    name text,
-    phone text,
-    PRIMARY KEY (inviter, id)
-) WITH CLUSTERING ORDER BY (id ASC)
-    AND bloom_filter_fp_chance = 0.01
+    retries int,
+    timeout timestamp,
+    user uuid
+) WITH bloom_filter_fp_chance = 0.1
     AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'}
     AND comment = ''
-    AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
+    AND compaction = {'class': 'org.apache.cassandra.db.compaction.LeveledCompactionStrategy'}
     AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
     AND crc_check_chance = 1.0
     AND dclocal_read_repair_chance = 0.1

changelog.d/1-api-changes/WPB-10797

@@ -0,0 +1 @@
+Services allowlist are blocked by 409 (mls-services-not-allowed) for teams with default protocol MLS.

changelog.d/1-api-changes/WPB-11163

@@ -0,0 +1 @@
+The `POST /clients` and `PUT /clients/:cid` endpoints support a new capability "consume-notifications"

changelog.d/2-features/WPB-11163-consume-notifications-capability

@@ -0,0 +1 @@
+Clients can declare to be supporting a capability for consuming notifications

changelog.d/5-internal/WPB-11101

@@ -0,0 +1 @@
+Remove unused invitation tables from brig.

integration/integration.cabal

@@ -136,6 +136,7 @@ library
     Test.MLS.Message
     Test.MLS.Notifications
     Test.MLS.One2One
+    Test.MLS.Services
     Test.MLS.SubConversation
     Test.MLS.Unreachable
     Test.Notifications

integration/test/API/Brig.hs

@@ -136,6 +136,15 @@ getClient u cli = do
       joinHttpPath ["clients", c]
   submit "GET" req
 
+-- | https://staging-nginz-https.zinfra.io/v6/api/swagger-ui/#/default/get_clients
+getSelfClients ::
+  (HasCallStack, MakesValue user) =>
+  user ->
+  App Response
+getSelfClients u =
+  baseRequest u Brig Versioned (joinHttpPath ["clients"])
+    >>= submit "GET"
+
 -- | https://staging-nginz-https.zinfra.io/v5/api/swagger-ui/#/default/delete_self
 deleteUser :: (HasCallStack, MakesValue user) => user -> App Response
 deleteUser user = do
@@ -833,3 +842,26 @@ upgradePersonalToTeam :: (HasCallStack, MakesValue user) => user -> String -> Ap
 upgradePersonalToTeam user name = do
   req <- baseRequest user Brig Versioned $ joinHttpPath ["upgrade-personal-to-team"]
   submit "POST" $ req & addJSONObject ["name" .= name, "icon" .= "default"]
+
+postServiceWhitelist ::
+  ( HasCallStack,
+    MakesValue user,
+    MakesValue tid,
+    MakesValue update
+  ) =>
+  user ->
+  tid ->
+  update ->
+  App Response
+postServiceWhitelist user tid update = do
+  tidStr <- asString tid
+  updateJson <- make update
+  req <-
+    baseRequest user Brig Versioned $
+      joinHttpPath
+        [ "teams",
+          tidStr,
+          "services",
+          "whitelist"
+        ]
+  submit "POST" (addJSON updateJson req)

integration/test/Test/Client.hs

@@ -4,6 +4,7 @@ module Test.Client where
 
 import API.Brig
 import qualified API.Brig as API
+import API.BrigCommon
 import API.Gundeck
 import Control.Lens hiding ((.=))
 import Control.Monad.Codensity
@@ -70,3 +71,53 @@ testListClientsIfBackendIsOffline = do
     bindResponse (listUsersClients ownUser1 [ownUser1, ownUser2, downUser]) $ \resp -> do
       resp.status `shouldMatchInt` 200
       resp.json %. "qualified_user_map" `shouldMatch` expectedResponse
+
+testCreateClientWithCapabilities :: App ()
+testCreateClientWithCapabilities = do
+  let allCapabilities = ["legalhold-implicit-consent", "consumable-notifications"]
+  alice <- randomUser OwnDomain def
+  addClient alice def {acapabilities = Just allCapabilities} `bindResponse` \resp -> do
+    resp.status `shouldMatchInt` 201
+    resp.json %. "capabilities" `shouldMatchSet` allCapabilities
+  getSelfClients alice `bindResponse` \resp -> do
+    resp.status `shouldMatchInt` 200
+    resp.json %. "0.capabilities" `shouldMatchSet` allCapabilities
+
+testUpdateClientWithConsumableNotificationsCapability :: App ()
+testUpdateClientWithConsumableNotificationsCapability = do
+  domain <- asString OwnDomain
+  let consumeCapability = "consumable-notifications"
+  alice <- randomUser domain def
+  aliceId <- alice %. "id" & asString
+  cid <-
+    addClient alice def {acapabilities = Nothing} `bindResponse` \resp -> do
+      resp.status `shouldMatchInt` 201
+      resp.json %. "id" & asString
+  let cli =
+        ClientIdentity
+          { domain = domain,
+            user = aliceId,
+            client = cid
+          }
+  updateClient cli def {capabilities = Just [consumeCapability]} >>= assertSuccess
+  getSelfClients alice `bindResponse` \resp -> do
+    resp.status `shouldMatchInt` 200
+    resp.json %. "0.capabilities" `shouldMatch` [consumeCapability]
+
+testGetClientCapabilitiesV6 :: App ()
+testGetClientCapabilitiesV6 = do
+  let allCapabilities = ["legalhold-implicit-consent", "consumable-notifications"]
+  alice <- randomUser OwnDomain def
+  addClient alice def {acapabilities = Just allCapabilities} `bindResponse` \resp -> do
+    resp.status `shouldMatchInt` 201
+    resp.json %. "capabilities" `shouldMatchSet` allCapabilities
+
+  getSelfClients alice `bindResponse` \resp -> do
+    resp.status `shouldMatchInt` 200
+    resp.json %. "0.capabilities" `shouldMatchSet` allCapabilities
+
+  -- In API v6 and below, the "capabilities" field is an enum, so having a new
+  -- value for this enum is a breaking change.
+  withAPIVersion 6 $ getSelfClients alice `bindResponse` \resp -> do
+    resp.status `shouldMatchInt` 200
+    resp.json %. "0.capabilities.capabilities" `shouldMatchSet` ["legalhold-implicit-consent"]

integration/test/Test/MLS/Services.hs

@@ -0,0 +1,95 @@
+module Test.MLS.Services where
+
+import API.Brig
+import API.Common
+import API.GalleyInternal (patchTeamFeatureConfig)
+import SetupHelpers
+import Testlib.JSON
+import Testlib.Prelude
+
+testWhitelistUpdatePermissions :: (HasCallStack) => App ()
+testWhitelistUpdatePermissions = do
+  -- Create a team
+  (owner, tid, []) <- createTeam OwnDomain 1
+
+  -- Create a team admin
+  admin <- createTeamMemberWithRole owner tid "admin"
+
+  -- Create a service
+  email <- randomEmail
+  provider <- make <$> setupProvider owner def {newProviderEmail = email}
+  providerId <- provider %. "id" & asString
+  service <- make <$> newService OwnDomain providerId def
+
+  do
+    -- Check that a random user can't add the service to the whitelist
+    uid <- randomUser OwnDomain def
+    serviceId <- service %. "id" & asString
+    np <-
+      make
+        $ object
+          [ "id" .= serviceId,
+            "provider" .= providerId,
+            "whitelisted" .= True
+          ]
+    bindResponse (postServiceWhitelist uid tid np) $ \resp -> do
+      resp.status `shouldMatchInt` 403
+      (resp.jsonBody %. "label") `shouldMatch` Just "insufficient-permissions"
+
+  do
+    -- Check that an admin can add the service to the whitelist
+    serviceId <- service %. "id" & asString
+    np <-
+      make
+        $ object
+          [ "id" .= serviceId,
+            "provider" .= providerId,
+            "whitelisted" .= True
+          ]
+    postServiceWhitelist admin tid np >>= assertStatus 200
+
+  -- set team's defaultProtocol to MLS
+  mlsConfig <-
+    make
+      $ object
+        [ "config"
+            .= object
+              [ "allowedCipherSuites" .= [1 :: Int],
+                "defaultCipherSuite" .= (1 :: Int),
+                "defaultProtocol" .= "mls",
+                "protocolToggleUsers" .= ([] :: [String]),
+                "supportedProtocols" .= ["mls", "proteus"]
+              ],
+          "status" .= "enabled",
+          "ttl" .= "unlimited"
+        ]
+  patchTeamFeatureConfig OwnDomain tid "mls" mlsConfig >>= assertStatus 200
+
+  do
+    -- Check that a random user can't add the service to the whitelist
+    uid <- randomUser OwnDomain def
+    serviceId <- service %. "id" & asString
+    np <-
+      make
+        $ object
+          [ "id" .= serviceId,
+            "provider" .= providerId,
+            "whitelisted" .= True
+          ]
+    bindResponse (postServiceWhitelist uid tid np) $ \resp -> do
+      resp.status `shouldMatchInt` 409
+      (resp.jsonBody %. "label") `shouldMatch` Just "mls-services-not-allowed"
+
+  do
+    -- Check that an admin can't add the service to the whitelist
+    serviceId <- service %. "id" & asString
+    np <-
+      make
+        $ object
+          [ "id" .= serviceId,
+            "provider" .= providerId,
+            "whitelisted" .= True
+          ]
+    postServiceWhitelist admin tid np >>= \resp -> do
+      resp.status `shouldMatchInt` 409
+      (resp.jsonBody %. "label") `shouldMatch` Just "mls-services-not-allowed"

libs/cassandra-util/src/Cassandra/Options.hs

@@ -5,34 +5,28 @@
 
 module Cassandra.Options where
 
-import Cassandra.Helpers
-import Control.Lens
 import Data.Aeson.TH
 import Imports
 
 data Endpoint = Endpoint
-  { _host :: !Text,
-    _port :: !Word16
+  { host :: !Text,
+    port :: !Word16
   }
   deriving (Show, Generic)
 
-deriveFromJSON toOptionFieldName ''Endpoint
-
-makeLenses ''Endpoint
+deriveFromJSON defaultOptions ''Endpoint
 
 data CassandraOpts = CassandraOpts
-  { _endpoint :: !Endpoint,
-    _keyspace :: !Text,
+  { endpoint :: !Endpoint,
+    keyspace :: !Text,
     -- | If this option is unset, use all available nodes.
     -- If this option is set, use only cassandra nodes in the given datacentre
     --
     -- This option is most likely only necessary during a cassandra DC migration
     -- FUTUREWORK: remove this option again, or support a datacentre migration feature
-    _filterNodesByDatacentre :: !(Maybe Text),
-    _tlsCa :: Maybe FilePath
+    filterNodesByDatacentre :: !(Maybe Text),
+    tlsCa :: Maybe FilePath
   }
   deriving (Show, Generic)
 
-deriveFromJSON toOptionFieldName ''CassandraOpts
-
-makeLenses ''CassandraOpts
+deriveFromJSON defaultOptions ''CassandraOpts