Device deactivation (#4963)

* Device deactivation * Check active status in service * Format and work around potential deadlocks
2024-11-21 12:05:42 +01:00 · 2024-10-31 17:05:13 -04:00 · 2024-10-31 17:05:13 -04:00 · a04df4beba
commit a04df4beba
parent 751fd33aef
19 changed files with 8801 additions and 36 deletions
--- a/src/Api/Controllers/DevicesController.cs
+++ b/src/Api/Controllers/DevicesController.cs
@ -196,8 +196,8 @@ public class DevicesController : Controller
    }

    [HttpDelete("{id}")]
-    [HttpPost("{id}/delete")]
-    public async Task Delete(string id)
+    [HttpPost("{id}/deactivate")]
+    public async Task Deactivate(string id)
    {
        var device = await _deviceRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
        if (device == null)
@ -205,7 +205,7 @@ public class DevicesController : Controller
            throw new NotFoundException();
        }

-        await _deviceService.DeleteAsync(device);
+        await _deviceService.DeactivateAsync(device);
    }

    [AllowAnonymous]
--- a/src/Core/Entities/Device.cs
+++ b/src/Core/Entities/Device.cs
@ -38,6 +38,10 @@ public class Device : ITableObject<Guid>
    /// </summary>
    public string? EncryptedPrivateKey { get; set; }

+    /// <summary>
+    /// Whether the device is active for the user.
+    /// </summary>
+    public bool Active { get; set; } = true;

    public void SetNewId()
    {
--- a/src/Core/Services/IDeviceService.cs
+++ b/src/Core/Services/IDeviceService.cs
@ -7,7 +7,7 @@ public interface IDeviceService
 {
    Task SaveAsync(Device device);
    Task ClearTokenAsync(Device device);
-    Task DeleteAsync(Device device);
+    Task DeactivateAsync(Device device);
    Task UpdateDevicesTrustAsync(string currentDeviceIdentifier,
        Guid currentUserId,
        DeviceKeysUpdateRequestModel currentDeviceUpdate,
--- a/src/Core/Services/Implementations/DeviceService.cs
+++ b/src/Core/Services/Implementations/DeviceService.cs
@ -41,9 +41,18 @@ public class DeviceService : IDeviceService
        await _pushRegistrationService.DeleteRegistrationAsync(device.Id.ToString());
    }

-    public async Task DeleteAsync(Device device)
+    public async Task DeactivateAsync(Device device)
    {
-        await _deviceRepository.DeleteAsync(device);
+        // already deactivated
+        if (!device.Active)
+        {
+            return;
+        }
+
+        device.Active = false;
+        device.RevisionDate = DateTime.UtcNow;
+        await _deviceRepository.UpsertAsync(device);
+
        await _pushRegistrationService.DeleteRegistrationAsync(device.Id.ToString());
    }

--- a/src/Infrastructure.EntityFramework/Configurations/DeviceEntityTypeConfiguration.cs
+++ b/src/Infrastructure.EntityFramework/Configurations/DeviceEntityTypeConfiguration.cs
@ -21,6 +21,10 @@ public class DeviceEntityTypeConfiguration : IEntityTypeConfiguration<Device>
            .HasIndex(d => d.Identifier)
            .IsClustered(false);

+        builder.Property(c => c.Active)
+            .ValueGeneratedNever()
+            .HasDefaultValue(true);
+
        builder.ToTable(nameof(Device));
    }
 }
--- a/Procedures/Device_Create.sql
+++ b/Procedures/Device_Create.sql
@ -9,7 +9,8 @@
    @RevisionDate DATETIME2(7),
    @EncryptedUserKey VARCHAR(MAX) = NULL,
    @EncryptedPublicKey VARCHAR(MAX) = NULL,
-    @EncryptedPrivateKey VARCHAR(MAX) = NULL
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
 AS
 BEGIN
    SET NOCOUNT ON
@ -26,7 +27,8 @@ BEGIN
        [RevisionDate],
        [EncryptedUserKey],
        [EncryptedPublicKey],
-        [EncryptedPrivateKey]
+        [EncryptedPrivateKey],
+        [Active]
    )
    VALUES
    (
@ -40,6 +42,7 @@ BEGIN
        @RevisionDate,
        @EncryptedUserKey,
        @EncryptedPublicKey,
-        @EncryptedPrivateKey
+        @EncryptedPrivateKey,
+        @Active
    )
 END
--- a/Procedures/Device_DeleteById.sql
+++ b/Procedures/Device_DeleteById.sql
@ -1,12 +0,0 @@
-CREATE PROCEDURE [dbo].[Device_DeleteById]
-    @Id UNIQUEIDENTIFIER
-AS
-BEGIN
-    SET NOCOUNT ON
-
-    DELETE
-    FROM
-        [dbo].[Device]
-    WHERE
-        [Id] = @Id
-END
--- a/Procedures/Device_Update.sql
+++ b/Procedures/Device_Update.sql
@ -9,7 +9,8 @@
    @RevisionDate DATETIME2(7),
    @EncryptedUserKey VARCHAR(MAX) = NULL,
    @EncryptedPublicKey VARCHAR(MAX) = NULL,
-    @EncryptedPrivateKey VARCHAR(MAX) = NULL
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
 AS
 BEGIN
    SET NOCOUNT ON
@ -26,7 +27,8 @@ BEGIN
        [RevisionDate] = @RevisionDate,
        [EncryptedUserKey] = @EncryptedUserKey,
        [EncryptedPublicKey] = @EncryptedPublicKey,
-        [EncryptedPrivateKey] = @EncryptedPrivateKey
+        [EncryptedPrivateKey] = @EncryptedPrivateKey,
+        [Active] = @Active
    WHERE
        [Id] = @Id
 END
--- a/src/Sql/dbo/Tables/Device.sql
+++ b/src/Sql/dbo/Tables/Device.sql
@ -1,25 +1,24 @@
 CREATE TABLE [dbo].[Device] (
-    [Id]           UNIQUEIDENTIFIER NOT NULL,
-    [UserId]       UNIQUEIDENTIFIER NOT NULL,
-    [Name]         NVARCHAR (50)    NOT NULL,
-    [Type]         SMALLINT         NOT NULL,
-    [Identifier]   NVARCHAR (50)    NOT NULL,
-    [PushToken]    NVARCHAR (255)   NULL,
-    [CreationDate] DATETIME2 (7)    NOT NULL,
-    [RevisionDate] DATETIME2 (7)    NOT NULL,
-    [EncryptedUserKey] VARCHAR (MAX) NULL,
-    [EncryptedPublicKey] VARCHAR (MAX) NULL,
-    [EncryptedPrivateKey] VARCHAR (MAX) NULL,
+    [Id]                  UNIQUEIDENTIFIER NOT NULL,
+    [UserId]              UNIQUEIDENTIFIER NOT NULL,
+    [Name]                NVARCHAR (50)    NOT NULL,
+    [Type]                SMALLINT         NOT NULL,
+    [Identifier]          NVARCHAR (50)    NOT NULL,
+    [PushToken]           NVARCHAR (255)   NULL,
+    [CreationDate]        DATETIME2 (7)    NOT NULL,
+    [RevisionDate]        DATETIME2 (7)    NOT NULL,
+    [EncryptedUserKey]    VARCHAR (MAX)    NULL,
+    [EncryptedPublicKey]  VARCHAR (MAX)    NULL,
+    [EncryptedPrivateKey] VARCHAR (MAX)    NULL,
+    [Active]              BIT              NOT NULL CONSTRAINT [DF_Device_Active] DEFAULT (1),
    CONSTRAINT [PK_Device] PRIMARY KEY CLUSTERED ([Id] ASC),
    CONSTRAINT [FK_Device_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])
 );

-
 GO
 CREATE UNIQUE NONCLUSTERED INDEX [UX_Device_UserId_Identifier]
    ON [dbo].[Device]([UserId] ASC, [Identifier] ASC);

-
 GO
 CREATE NONCLUSTERED INDEX [IX_Device_Identifier]
    ON [dbo].[Device]([Identifier] ASC);
--- a/util/Migrator/DbScripts/2024-10-31-00_DeviceActivation.sql
+++ b/util/Migrator/DbScripts/2024-10-31-00_DeviceActivation.sql
@ -0,0 +1,118 @@
+SET DEADLOCK_PRIORITY HIGH
+GO
+
+-- add column
+IF COL_LENGTH('[dbo].[Device]', 'Active') IS NULL
+    BEGIN
+    ALTER TABLE
+            [dbo].[Device]
+        ADD
+            [Active] BIT NOT NULL CONSTRAINT [DF_Device_Active] DEFAULT (1)
+END
+GO
+
+-- refresh view
+CREATE OR ALTER VIEW [dbo].[DeviceView]
+AS
+    SELECT
+        *
+    FROM
+        [dbo].[Device]
+GO
+
+-- drop now-unused proc for deletion
+IF OBJECT_ID('[dbo].[Device_DeleteById]') IS NOT NULL
+    BEGIN
+    DROP PROCEDURE [dbo].[Device_DeleteById]
+END
+GO
+
+-- refresh procs
+CREATE OR ALTER PROCEDURE [dbo].[Device_Create]
+    @Id UNIQUEIDENTIFIER OUTPUT,
+    @UserId UNIQUEIDENTIFIER,
+    @Name NVARCHAR(50),
+    @Type TINYINT,
+    @Identifier NVARCHAR(50),
+    @PushToken NVARCHAR(255),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @EncryptedUserKey VARCHAR(MAX) = NULL,
+    @EncryptedPublicKey VARCHAR(MAX) = NULL,
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    INSERT INTO [dbo].[Device]
+        (
+        [Id],
+        [UserId],
+        [Name],
+        [Type],
+        [Identifier],
+        [PushToken],
+        [CreationDate],
+        [RevisionDate],
+        [EncryptedUserKey],
+        [EncryptedPublicKey],
+        [EncryptedPrivateKey],
+        [Active]
+        )
+    VALUES
+        (
+            @Id,
+            @UserId,
+            @Name,
+            @Type,
+            @Identifier,
+            @PushToken,
+            @CreationDate,
+            @RevisionDate,
+            @EncryptedUserKey,
+            @EncryptedPublicKey,
+            @EncryptedPrivateKey,
+            @Active
+        )
+END
+GO
+
+CREATE OR ALTER PROCEDURE [dbo].[Device_Update]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER,
+    @Name NVARCHAR(50),
+    @Type TINYINT,
+    @Identifier NVARCHAR(50),
+    @PushToken NVARCHAR(255),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @EncryptedUserKey VARCHAR(MAX) = NULL,
+    @EncryptedPublicKey VARCHAR(MAX) = NULL,
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE
+        [dbo].[Device]
+    SET
+        [UserId] = @UserId,
+        [Name] = @Name,
+        [Type] = @Type,
+        [Identifier] = @Identifier,
+        [PushToken] = @PushToken,
+        [CreationDate] = @CreationDate,
+        [RevisionDate] = @RevisionDate,
+        [EncryptedUserKey] = @EncryptedUserKey,
+        [EncryptedPublicKey] = @EncryptedPublicKey,
+        [EncryptedPrivateKey] = @EncryptedPrivateKey,
+        [Active] = @Active
+    WHERE
+        [Id] = @Id
+END
+GO
+
+SET DEADLOCK_PRIORITY NORMAL
+GO
--- a/util/MySqlMigrations/Migrations/20241031170511_DeviceActivation.Designer.cs
+++ b/util/MySqlMigrations/Migrations/20241031170511_DeviceActivation.Designer.cs
--- a/util/MySqlMigrations/Migrations/20241031170511_DeviceActivation.cs
+++ b/util/MySqlMigrations/Migrations/20241031170511_DeviceActivation.cs
@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.MySqlMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class DeviceActivation : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "Active",
+            table: "Device",
+            type: "tinyint(1)",
+            nullable: false,
+            defaultValue: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "Active",
+            table: "Device");
+    }
+}
--- a/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -939,6 +939,10 @@ namespace Bit.MySqlMigrations.Migrations
                        .ValueGeneratedOnAdd()
                        .HasColumnType("char(36)");

+                    b.Property<bool>("Active")
+                        .HasColumnType("tinyint(1)")
+                        .HasDefaultValue(true);
+
                    b.Property<DateTime>("CreationDate")
                        .HasColumnType("datetime(6)");

--- a/util/PostgresMigrations/Migrations/20241031170505_DeviceActivation.Designer.cs
+++ b/util/PostgresMigrations/Migrations/20241031170505_DeviceActivation.Designer.cs
--- a/util/PostgresMigrations/Migrations/20241031170505_DeviceActivation.cs
+++ b/util/PostgresMigrations/Migrations/20241031170505_DeviceActivation.cs
@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.PostgresMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class DeviceActivation : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "Active",
+            table: "Device",
+            type: "boolean",
+            nullable: false,
+            defaultValue: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "Active",
+            table: "Device");
+    }
+}
--- a/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -944,6 +944,10 @@ namespace Bit.PostgresMigrations.Migrations
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid");

+                    b.Property<bool>("Active")
+                        .HasColumnType("boolean")
+                        .HasDefaultValue(true);
+
                    b.Property<DateTime>("CreationDate")
                        .HasColumnType("timestamp with time zone");

--- a/util/SqliteMigrations/Migrations/20241031170500_DeviceActivation.Designer.cs
+++ b/util/SqliteMigrations/Migrations/20241031170500_DeviceActivation.Designer.cs
--- a/util/SqliteMigrations/Migrations/20241031170500_DeviceActivation.cs
+++ b/util/SqliteMigrations/Migrations/20241031170500_DeviceActivation.cs
@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.SqliteMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class DeviceActivation : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "Active",
+            table: "Device",
+            type: "INTEGER",
+            nullable: false,
+            defaultValue: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "Active",
+            table: "Device");
+    }
+}
--- a/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -928,6 +928,10 @@ namespace Bit.SqliteMigrations.Migrations
                        .ValueGeneratedOnAdd()
                        .HasColumnType("TEXT");

+                    b.Property<bool>("Active")
+                        .HasColumnType("INTEGER")
+                        .HasDefaultValue(true);
+
                    b.Property<DateTime>("CreationDate")
                        .HasColumnType("TEXT");