add some additional test coverage

Author: adrastaea

packages/backend/src/nest/auth/sigchain.service.spec.ts

@@ -7,6 +7,8 @@ import { LocalDbModule } from '../local-db/local-db.module'
 import { TestModule } from '../common/test.module'
 import { SigChainModule } from './sigchain.service.module'
 import { SigChain } from './sigchain'
+import { SocketEvents } from '@quiet/types'
+import waitForExpect from 'wait-for-expect'
 
 const logger = createLogger('auth:sigchainManager.spec')
 
@@ -128,4 +130,65 @@ describe('SigChainService - listener lifecycle', () => {
     expect(chainA.listenerCount('updated')).toBe(1)
     expect(chainB.listenerCount('updated')).toBe(0)
   })
+
+  it('does not emit iOS-native key or device events on non-ios platforms', async () => {
+    const emitSpy = jest.spyOn(sigChainService.serverIoProvider.io, 'emit')
+
+    await sigChainService.createChain('desktopOnly', 'alice', true)
+
+    expect(emitSpy.mock.calls.filter(([event]) => event === SocketEvents.KEYS_UPDATED)).toHaveLength(0)
+    expect(emitSpy.mock.calls.filter(([event]) => event === SocketEvents.DEVICE_CREDENTIALS_UPDATED)).toHaveLength(0)
+  })
+
+  it('emits new keys to iOS once and does not resend already-stored keys', async () => {
+    const originalPlatform = process.platform
+    Object.defineProperty(process, 'platform', { value: 'ios' })
+
+    try {
+      const emitSpy = jest.spyOn(sigChainService.serverIoProvider.io, 'emit')
+      const chain = await sigChainService.createChain('iosKeys', 'alice', true)
+      const teamId = chain.team!.id
+
+      await waitForExpect(async () => {
+        const keyCalls = emitSpy.mock.calls.filter(([event]) => event === SocketEvents.KEYS_UPDATED)
+        expect(keyCalls).toHaveLength(1)
+        expect((keyCalls[0][1] as { keys: unknown[] }).keys.length).toBeGreaterThan(0)
+        const storedKeys = await localDbService.getKeysStoredInKeychain(teamId)
+        expect(storedKeys).toHaveLength((keyCalls[0][1] as { keys: unknown[] }).keys.length)
+      })
+
+      const storedKeysAfterFirstUpdate = await localDbService.getKeysStoredInKeychain(teamId)
+
+      chain.emit('updated')
+
+      await new Promise(resolve => setTimeout(resolve, 25))
+
+      expect(emitSpy.mock.calls.filter(([event]) => event === SocketEvents.KEYS_UPDATED)).toHaveLength(1)
+      expect(await localDbService.getKeysStoredInKeychain(teamId)).toEqual(storedKeysAfterFirstUpdate)
+    } finally {
+      Object.defineProperty(process, 'platform', { value: originalPlatform })
+    }
+  })
+
+  it('emits device credentials for the NSE on ios', async () => {
+    const originalPlatform = process.platform
+    Object.defineProperty(process, 'platform', { value: 'ios' })
+
+    try {
+      const emitSpy = jest.spyOn(sigChainService.serverIoProvider.io, 'emit')
+      const chain = await sigChainService.createChain('iosDeviceCredentials', 'alice', true)
+
+      await waitForExpect(() => {
+        const deviceCalls = emitSpy.mock.calls.filter(([event]) => event === SocketEvents.DEVICE_CREDENTIALS_UPDATED)
+        expect(deviceCalls).toHaveLength(1)
+        expect(deviceCalls[0][1]).toEqual({
+          deviceId: chain.device.deviceId,
+          teamId: chain.team!.id,
+          signingPrivateKey: chain.device.keys.signature.secretKey,
+        })
+      })
+    } finally {
+      Object.defineProperty(process, 'platform', { value: originalPlatform })
+    }
+  })
 })

packages/backend/src/nest/connections-manager/connections-manager.service.spec.ts

@@ -166,6 +166,68 @@ describe('ConnectionsManagerService', () => {
     }
   })
 
+  it('falls back to the stored community QSS endpoint when no authoritative endpoint is available', async () => {
+    const originalPlatform = process.platform
+    Object.defineProperty(process, 'platform', {
+      value: 'ios',
+    })
+
+    try {
+      await localDbService.setCommunity({
+        ...community,
+        teamId: 'team-id',
+        qssEndpoint: 'ws://community.example/ws',
+      })
+      await localDbService.setCurrentCommunityId(community.id)
+
+      qssService._qssEndpoint = undefined as any
+
+      const emitSpy = jest.spyOn(connectionsManagerService.serverIoProvider.io, 'emit')
+
+      await (connectionsManagerService as any).emitNseQssUrl()
+
+      expect(emitSpy).toHaveBeenCalledWith(SocketEvents.NSE_QSS_URL_UPDATED, {
+        teamId: 'team-id',
+        qssUrl: 'http://community.example/ws',
+      })
+    } finally {
+      Object.defineProperty(process, 'platform', {
+        value: originalPlatform,
+      })
+    }
+  })
+
+  it('skips NSE QSS URL emission when no valid ws or wss endpoint can be derived', async () => {
+    const originalPlatform = process.platform
+    Object.defineProperty(process, 'platform', {
+      value: 'ios',
+    })
+
+    try {
+      await localDbService.setCommunity({
+        ...community,
+        teamId: 'team-id',
+        qssEndpoint: 'https://community.example/api',
+      })
+      await localDbService.setCurrentCommunityId(community.id)
+
+      qssService._qssEndpoint = 'https://authoritative.example/api'
+
+      const emitSpy = jest.spyOn(connectionsManagerService.serverIoProvider.io, 'emit')
+
+      await (connectionsManagerService as any).emitNseQssUrl()
+
+      expect(emitSpy).not.toHaveBeenCalledWith(
+        SocketEvents.NSE_QSS_URL_UPDATED,
+        expect.objectContaining({ teamId: 'team-id' })
+      )
+    } finally {
+      Object.defineProperty(process, 'platform', {
+        value: originalPlatform,
+      })
+    }
+  })
+
   it('pauses and resumes qss alongside the mobile lifecycle', async () => {
     const closeSocketSpy = jest.spyOn(connectionsManagerService, 'closeSocket').mockResolvedValue()
     const openSocketSpy = jest.spyOn(connectionsManagerService, 'openSocket').mockResolvedValue()

packages/backend/src/nest/qps/qps.service.spec.ts

@@ -428,4 +428,39 @@ describe('QPSService', () => {
       expect(sendBatchPushSpy).toHaveBeenCalledWith(TEAM_ID)
     })
   })
+
+  describe('sendPush', () => {
+    beforeEach(() => {
+      qssClient.connected = true
+      qssClient.sendMessage.mockResolvedValue(pushSuccessResponse)
+    })
+
+    it('strips qssUrl from single push data before sending to QPS', async () => {
+      await qpsService.sendPush('ucan-user-a', 'title', 'body', {
+        cid: 'cid-1',
+        qssUrl: 'https://untrusted.example',
+      })
+
+      expect(qssClient.sendMessage).toHaveBeenCalledWith(
+        WebsocketEvents.SEND_PUSH,
+        expect.objectContaining({
+          payload: {
+            ucan: 'ucan-user-a',
+            title: 'title',
+            body: 'body',
+            data: { cid: 'cid-1' },
+          },
+        }),
+        true
+      )
+    })
+
+    it('skips single push when QSS is not connected', async () => {
+      qssClient.connected = false
+
+      await qpsService.sendPush('ucan-user-a', 'title', 'body', { cid: 'cid-1' })
+
+      expect(qssClient.sendMessage).not.toHaveBeenCalled()
+    })
+  })
 })

packages/backend/src/nest/qss/qss.service.spec.ts

@@ -21,7 +21,7 @@ import {
   QSSOperationResult,
 } from './qss.types'
 import { createLogger } from '../common/logger'
-import { Community, Identity } from '@quiet/types'
+import { Community, Identity, SocketEvents } from '@quiet/types'
 import { getReduxStoreFactory, prepareStore, Store } from '@quiet/state-manager'
 import { FactoryGirl } from 'factory-girl'
 import { DateTime } from 'luxon'
@@ -640,6 +640,7 @@ describe('QSSService', () => {
       expect(initStatusOrig.qssSetup).toBeTruthy()
       const syncSeq = 41
       await localDbService.setLastSyncSeq(sigchainService.team.id, 40)
+      const emitSpy = jest.spyOn(qssService['socketService'].serverIoProvider.io, 'emit')
 
       mockedJoinStatus = jest.spyOn(qssService, 'joinStatus').mockReturnValue(JoinStatus.JOINED)
       mockedSendMessage = jest
@@ -708,6 +709,10 @@ describe('QSSService', () => {
       expect(result).toBe(true)
       expect(mockedSendMessage).toHaveBeenCalledTimes(1)
       expect(await localDbService.getLastSyncSeq(sigchainService.team.id)).toBe(syncSeq)
+      expect(emitSpy).toHaveBeenCalledWith(SocketEvents.NSE_SYNC_SEQ_UPDATED, {
+        teamId: sigchainService.team.id,
+        lastSyncSeq: syncSeq,
+      })
 
       const pendingMessages = await localDbService.getPendingQssLogSyncMessages()
       expect(pendingMessages).toEqual({})
@@ -754,6 +759,131 @@ describe('QSSService', () => {
       })
     })
 
+    it(`reconciles by pull when a fanout arrives before a sync-seq baseline is established`, async () => {
+      await initCommunity({ qssEnabled: true, qssSetup: true })
+      const teamId = sigchainService.activeChain.team!.id
+      const pullSpy = jest.spyOn(qssService as any, '_pullLatestLogEntriesForTeam').mockResolvedValue(undefined)
+
+      jest.spyOn(orbitDbService, 'handleFanoutMessage').mockResolvedValue(true)
+
+      qssClient.emit(WebsocketEvents.LOG_ENTRY_SYNC, {
+        ts: DateTime.utc().toMillis(),
+        status: CommunityOperationStatus.SUCCESS,
+        payload: {
+          teamId,
+          hash: 'fanout-baseline-hash',
+          hashedDbId: 'fanout-baseline-db-id',
+          encEntry: {
+            encrypted: {
+              contents: new Uint8Array(),
+              scope: {
+                type: EncryptionScopeType.ROLE,
+                name: RoleName.MEMBER,
+                generation: 1,
+              },
+            },
+            signature: {
+              signature: 'fanout-baseline-sig' as Base58,
+              author: { type: 'USER', name: 'fanout-user' } as any,
+            },
+            ts: DateTime.utc().toMillis(),
+            userId: sigchainService.user.userId,
+            teamId,
+          },
+          syncSeq: 1,
+        },
+      } satisfies LogEntrySyncMessage)
+
+      await waitForExpect(() => {
+        expect(pullSpy).toHaveBeenCalledWith(teamId)
+      })
+      expect(await localDbService.getLastSyncSeq(teamId)).toBeNull()
+    })
+
+    it(`reconciles by pull when a sync-seq gap is detected from fanout`, async () => {
+      await initCommunity({ qssEnabled: true, qssSetup: true })
+      const teamId = sigchainService.activeChain.team!.id
+      await localDbService.setLastSyncSeq(teamId, 5)
+      const pullSpy = jest.spyOn(qssService as any, '_pullLatestLogEntriesForTeam').mockResolvedValue(undefined)
+
+      jest.spyOn(orbitDbService, 'handleFanoutMessage').mockResolvedValue(true)
+
+      qssClient.emit(WebsocketEvents.LOG_ENTRY_SYNC, {
+        ts: DateTime.utc().toMillis(),
+        status: CommunityOperationStatus.SUCCESS,
+        payload: {
+          teamId,
+          hash: 'fanout-gap-hash',
+          hashedDbId: 'fanout-gap-db-id',
+          encEntry: {
+            encrypted: {
+              contents: new Uint8Array(),
+              scope: {
+                type: EncryptionScopeType.ROLE,
+                name: RoleName.MEMBER,
+                generation: 1,
+              },
+            },
+            signature: {
+              signature: 'fanout-gap-sig' as Base58,
+              author: { type: 'USER', name: 'fanout-user' } as any,
+            },
+            ts: DateTime.utc().toMillis(),
+            userId: sigchainService.user.userId,
+            teamId,
+          },
+          syncSeq: 7,
+        },
+      } satisfies LogEntrySyncMessage)
+
+      await waitForExpect(() => {
+        expect(pullSpy).toHaveBeenCalledWith(teamId)
+      })
+      expect(await localDbService.getLastSyncSeq(teamId)).toBe(5)
+    })
+
+    it(`reconciles by pull when fanout ingest fails even with a contiguous sync seq`, async () => {
+      await initCommunity({ qssEnabled: true, qssSetup: true })
+      const teamId = sigchainService.activeChain.team!.id
+      await localDbService.setLastSyncSeq(teamId, 5)
+      const pullSpy = jest.spyOn(qssService as any, '_pullLatestLogEntriesForTeam').mockResolvedValue(undefined)
+
+      jest.spyOn(orbitDbService, 'handleFanoutMessage').mockResolvedValue(false)
+
+      qssClient.emit(WebsocketEvents.LOG_ENTRY_SYNC, {
+        ts: DateTime.utc().toMillis(),
+        status: CommunityOperationStatus.SUCCESS,
+        payload: {
+          teamId,
+          hash: 'fanout-failure-hash',
+          hashedDbId: 'fanout-failure-db-id',
+          encEntry: {
+            encrypted: {
+              contents: new Uint8Array(),
+              scope: {
+                type: EncryptionScopeType.ROLE,
+                name: RoleName.MEMBER,
+                generation: 1,
+              },
+            },
+            signature: {
+              signature: 'fanout-failure-sig' as Base58,
+              author: { type: 'USER', name: 'fanout-user' } as any,
+            },
+            ts: DateTime.utc().toMillis(),
+            userId: sigchainService.user.userId,
+            teamId,
+          },
+          syncSeq: 6,
+        },
+      } satisfies LogEntrySyncMessage)
+
+      await waitForExpect(() => {
+        expect(pullSpy).toHaveBeenCalledWith(teamId)
+      })
+      expect(await localDbService.getLastSyncSeq(teamId)).toBe(5)
+    })
+
     it(`fails to send log sync to QSS and writes pending message to local DB`, async () => {
       await initCommunity({ qssEnabled: true, qssSetup: true })
       const initStatusOrig = await qssService.getQssInitStatus()

packages/mobile/src/setupTests.tsx

@@ -47,6 +47,9 @@ jest.mock('react-native', () => {
     requestNotificationPermission: jest.fn(),
     checkNotificationPermission: jest.fn(),
     handleIncomingEvents: jest.fn(),
+    saveKeysInKeychain: jest.fn(),
+    saveDeviceCredentials: jest.fn(),
+    saveUserMetadata: jest.fn(),
     saveNseQssUrl: jest.fn(),
     saveNseLastSyncSeq: jest.fn(),
   }