Device deactivation (#4963)

* Device deactivation

* Check active status in service

* Format and work around potential deadlocks

src/Api/Controllers/DevicesController.cs

@@ -196,8 +196,8 @@ public class DevicesController : Controller
     }
 
     [HttpDelete("{id}")]
-    [HttpPost("{id}/delete")]
+    [HttpPost("{id}/deactivate")]
-    public async Task Delete(string id)
+    public async Task Deactivate(string id)
     {
         var device = await _deviceRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
         if (device == null)
@@ -205,7 +205,7 @@ public class DevicesController : Controller
             throw new NotFoundException();
         }
 
-        await _deviceService.DeleteAsync(device);
+        await _deviceService.DeactivateAsync(device);
     }
 
     [AllowAnonymous]

src/Core/Entities/Device.cs

@@ -38,6 +38,10 @@ public class Device : ITableObject<Guid>
     /// </summary>
     public string? EncryptedPrivateKey { get; set; }
 
+    /// <summary>
+    /// Whether the device is active for the user.
+    /// </summary>
+    public bool Active { get; set; } = true;
 
     public void SetNewId()
     {

src/Core/Services/IDeviceService.cs

@@ -7,7 +7,7 @@ public interface IDeviceService
 {
     Task SaveAsync(Device device);
     Task ClearTokenAsync(Device device);
-    Task DeleteAsync(Device device);
+    Task DeactivateAsync(Device device);
     Task UpdateDevicesTrustAsync(string currentDeviceIdentifier,
         Guid currentUserId,
         DeviceKeysUpdateRequestModel currentDeviceUpdate,

src/Core/Services/Implementations/DeviceService.cs

@@ -41,9 +41,18 @@ public class DeviceService : IDeviceService
         await _pushRegistrationService.DeleteRegistrationAsync(device.Id.ToString());
     }
 
-    public async Task DeleteAsync(Device device)
+    public async Task DeactivateAsync(Device device)
     {
-        await _deviceRepository.DeleteAsync(device);
+        // already deactivated
+        if (!device.Active)
+        {
+            return;
+        }
+
+        device.Active = false;
+        device.RevisionDate = DateTime.UtcNow;
+        await _deviceRepository.UpsertAsync(device);
+
         await _pushRegistrationService.DeleteRegistrationAsync(device.Id.ToString());
     }
 

src/Infrastructure.EntityFramework/Configurations/DeviceEntityTypeConfiguration.cs

@@ -21,6 +21,10 @@ public class DeviceEntityTypeConfiguration : IEntityTypeConfiguration<Device>
             .HasIndex(d => d.Identifier)
             .IsClustered(false);
 
+        builder.Property(c => c.Active)
+            .ValueGeneratedNever()
+            .HasDefaultValue(true);
+
         builder.ToTable(nameof(Device));
     }
 }

src/Sql/dbo/Stored Procedures/Device_Create.sql

@@ -9,7 +9,8 @@
     @RevisionDate DATETIME2(7),
     @EncryptedUserKey VARCHAR(MAX) = NULL,
     @EncryptedPublicKey VARCHAR(MAX) = NULL,
-    @EncryptedPrivateKey VARCHAR(MAX) = NULL
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
 AS
 BEGIN
     SET NOCOUNT ON
@@ -26,7 +27,8 @@ BEGIN
         [RevisionDate],
         [EncryptedUserKey],
         [EncryptedPublicKey],
-        [EncryptedPrivateKey]
+        [EncryptedPrivateKey],
+        [Active]
     )
     VALUES
     (
@@ -40,6 +42,7 @@ BEGIN
         @RevisionDate,
         @EncryptedUserKey,
         @EncryptedPublicKey,
-        @EncryptedPrivateKey
+        @EncryptedPrivateKey,
+        @Active
     )
 END

src/Sql/dbo/Stored Procedures/Device_DeleteById.sql

@@ -1,12 +0,0 @@
-CREATE PROCEDURE [dbo].[Device_DeleteById]
-    @Id UNIQUEIDENTIFIER
-AS
-BEGIN
-    SET NOCOUNT ON
-
-    DELETE
-    FROM
-        [dbo].[Device]
-    WHERE
-        [Id] = @Id
-END

src/Sql/dbo/Stored Procedures/Device_Update.sql

@@ -9,7 +9,8 @@
     @RevisionDate DATETIME2(7),
     @EncryptedUserKey VARCHAR(MAX) = NULL,
     @EncryptedPublicKey VARCHAR(MAX) = NULL,
-    @EncryptedPrivateKey VARCHAR(MAX) = NULL
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
 AS
 BEGIN
     SET NOCOUNT ON
@@ -26,7 +27,8 @@ BEGIN
         [RevisionDate] = @RevisionDate,
         [EncryptedUserKey] = @EncryptedUserKey,
         [EncryptedPublicKey] = @EncryptedPublicKey,
-        [EncryptedPrivateKey] = @EncryptedPrivateKey
+        [EncryptedPrivateKey] = @EncryptedPrivateKey,
+        [Active] = @Active
     WHERE
         [Id] = @Id
 END

src/Sql/dbo/Tables/Device.sql

@@ -10,16 +10,15 @@
     [EncryptedUserKey]    VARCHAR (MAX)    NULL,
     [EncryptedPublicKey]  VARCHAR (MAX)    NULL,
     [EncryptedPrivateKey] VARCHAR (MAX)    NULL,
+    [Active]              BIT              NOT NULL CONSTRAINT [DF_Device_Active] DEFAULT (1),
     CONSTRAINT [PK_Device] PRIMARY KEY CLUSTERED ([Id] ASC),
     CONSTRAINT [FK_Device_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])
 );
 
-
 GO
 CREATE UNIQUE NONCLUSTERED INDEX [UX_Device_UserId_Identifier]
     ON [dbo].[Device]([UserId] ASC, [Identifier] ASC);
 
-
 GO
 CREATE NONCLUSTERED INDEX [IX_Device_Identifier]
     ON [dbo].[Device]([Identifier] ASC);

util/Migrator/DbScripts/2024-10-31-00_DeviceActivation.sql

@@ -0,0 +1,118 @@
+SET DEADLOCK_PRIORITY HIGH
+GO
+
+-- add column
+IF COL_LENGTH('[dbo].[Device]', 'Active') IS NULL
+    BEGIN
+    ALTER TABLE
+            [dbo].[Device]
+        ADD
+            [Active] BIT NOT NULL CONSTRAINT [DF_Device_Active] DEFAULT (1)
+END
+GO
+
+-- refresh view
+CREATE OR ALTER VIEW [dbo].[DeviceView]
+AS
+    SELECT
+        *
+    FROM
+        [dbo].[Device]
+GO
+
+-- drop now-unused proc for deletion
+IF OBJECT_ID('[dbo].[Device_DeleteById]') IS NOT NULL
+    BEGIN
+    DROP PROCEDURE [dbo].[Device_DeleteById]
+END
+GO
+
+-- refresh procs
+CREATE OR ALTER PROCEDURE [dbo].[Device_Create]
+    @Id UNIQUEIDENTIFIER OUTPUT,
+    @UserId UNIQUEIDENTIFIER,
+    @Name NVARCHAR(50),
+    @Type TINYINT,
+    @Identifier NVARCHAR(50),
+    @PushToken NVARCHAR(255),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @EncryptedUserKey VARCHAR(MAX) = NULL,
+    @EncryptedPublicKey VARCHAR(MAX) = NULL,
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    INSERT INTO [dbo].[Device]
+        (
+        [Id],
+        [UserId],
+        [Name],
+        [Type],
+        [Identifier],
+        [PushToken],
+        [CreationDate],
+        [RevisionDate],
+        [EncryptedUserKey],
+        [EncryptedPublicKey],
+        [EncryptedPrivateKey],
+        [Active]
+        )
+    VALUES
+        (
+            @Id,
+            @UserId,
+            @Name,
+            @Type,
+            @Identifier,
+            @PushToken,
+            @CreationDate,
+            @RevisionDate,
+            @EncryptedUserKey,
+            @EncryptedPublicKey,
+            @EncryptedPrivateKey,
+            @Active
+        )
+END
+GO
+
+CREATE OR ALTER PROCEDURE [dbo].[Device_Update]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER,
+    @Name NVARCHAR(50),
+    @Type TINYINT,
+    @Identifier NVARCHAR(50),
+    @PushToken NVARCHAR(255),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @EncryptedUserKey VARCHAR(MAX) = NULL,
+    @EncryptedPublicKey VARCHAR(MAX) = NULL,
+    @EncryptedPrivateKey VARCHAR(MAX) = NULL,
+    @Active BIT = 1
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE
+        [dbo].[Device]
+    SET
+        [UserId] = @UserId,
+        [Name] = @Name,
+        [Type] = @Type,
+        [Identifier] = @Identifier,
+        [PushToken] = @PushToken,
+        [CreationDate] = @CreationDate,
+        [RevisionDate] = @RevisionDate,
+        [EncryptedUserKey] = @EncryptedUserKey,
+        [EncryptedPublicKey] = @EncryptedPublicKey,
+        [EncryptedPrivateKey] = @EncryptedPrivateKey,
+        [Active] = @Active
+    WHERE
+        [Id] = @Id
+END
+GO
+
+SET DEADLOCK_PRIORITY NORMAL
+GO

util/MySqlMigrations/Migrations/20241031170511_DeviceActivation.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.MySqlMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class DeviceActivation : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "Active",
+            table: "Device",
+            type: "tinyint(1)",
+            nullable: false,
+            defaultValue: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "Active",
+            table: "Device");
+    }
+}

util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -939,6 +939,10 @@ namespace Bit.MySqlMigrations.Migrations
                         .ValueGeneratedOnAdd()
                         .HasColumnType("char(36)");
 
+                    b.Property<bool>("Active")
+                        .HasColumnType("tinyint(1)")
+                        .HasDefaultValue(true);
+
                     b.Property<DateTime>("CreationDate")
                         .HasColumnType("datetime(6)");
 

util/PostgresMigrations/Migrations/20241031170505_DeviceActivation.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.PostgresMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class DeviceActivation : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "Active",
+            table: "Device",
+            type: "boolean",
+            nullable: false,
+            defaultValue: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "Active",
+            table: "Device");
+    }
+}

util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -944,6 +944,10 @@ namespace Bit.PostgresMigrations.Migrations
                         .ValueGeneratedOnAdd()
                         .HasColumnType("uuid");
 
+                    b.Property<bool>("Active")
+                        .HasColumnType("boolean")
+                        .HasDefaultValue(true);
+
                     b.Property<DateTime>("CreationDate")
                         .HasColumnType("timestamp with time zone");
 

util/SqliteMigrations/Migrations/20241031170500_DeviceActivation.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.SqliteMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class DeviceActivation : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "Active",
+            table: "Device",
+            type: "INTEGER",
+            nullable: false,
+            defaultValue: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "Active",
+            table: "Device");
+    }
+}

util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -928,6 +928,10 @@ namespace Bit.SqliteMigrations.Migrations
                         .ValueGeneratedOnAdd()
                         .HasColumnType("TEXT");
 
+                    b.Property<bool>("Active")
+                        .HasColumnType("INTEGER")
+                        .HasDefaultValue(true);
+
                     b.Property<DateTime>("CreationDate")
                         .HasColumnType("TEXT");