kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2026-02-04 08:06:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

레포지토리 레이어의 코드를 Kysely 기반으로 모두 마이그레이션 (WiP)

Browse Source
This commit is contained in:
static
2025-01-20 16:05:35 +09:00
parent 63eacbb1b3
commit a3c169f706
17 changed files with 724 additions and 456 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
src/lib/server/db/mek.ts
View File

@@ -1,8 +1,19 @@
import { SqliteError } from "better-sqlite3";
import { and, or, eq } from "drizzle-orm";
import db from "./drizzle";
import { DatabaseError } from "pg";
import { IntegrityError } from "./error";
import { mek, mekLog, clientMek } from "./schema";
import db from "./kysely";
import type { MekState } from "./schema";
interface Mek {
userId: number;
version: number;
state: MekState;
}
interface ClientMekWithDetails extends Mek {
clientId: number;
encMek: string;
encMekSig: string;
}
export const registerInitialMek = async (
userId: number,
@@ -10,58 +21,80 @@ export const registerInitialMek = async (
encMek: string,
encMekSig: string,
) => {
await db.transaction(
async (tx) => {
try {
await tx.insert(mek).values({
userId,
await db.transaction().execute(async (trx) => {
try {
await trx
.insertInto("master_encryption_key")
.values({
user_id: userId,
version: 1,
state: "active",
});
await tx.insert(clientMek).values({
userId,
clientId: createdBy,
mekVersion: 1,
encMek,
encMekSig,
});
await tx.insert(mekLog).values({
userId,
mekVersion: 1,
})
.execute();
await trx
.insertInto("client_master_encryption_key")
.values({
user_id: userId,
client_id: createdBy,
version: 1,
encrypted_key: encMek,
encrypted_key_signature: encMekSig,
})
.execute();
await trx
.insertInto("master_encryption_key_log")
.values({
user_id: userId,
master_encryption_key_version: 1,
timestamp: new Date(),
action: "create",
actionBy: createdBy,
});
} catch (e) {
if (e instanceof SqliteError && e.code === "SQLITE_CONSTRAINT_PRIMARYKEY") {
throw new IntegrityError("MEK already registered");
}
throw e;
action_by: createdBy,
})
.execute();
} catch (e) {
if (e instanceof DatabaseError && e.code === "23505") {
throw new IntegrityError("MEK already registered");
}
},
{ behavior: "exclusive" },
);
throw e;
}
});
};
export const getInitialMek = async (userId: number) => {
const meks = await db
.select()
.from(mek)
.where(and(eq(mek.userId, userId), eq(mek.version, 1)))
.limit(1);
return meks[0] ?? null;
const mek = await db
.selectFrom("master_encryption_key")
.selectAll()
.where("user_id", "=", userId)
.where("version", "=", 1)
.limit(1)
.executeTakeFirst();
return mek
? ({ userId: mek.user_id, version: mek.version, state: mek.state } satisfies Mek)
: null;
};
export const getAllValidClientMeks = async (userId: number, clientId: number) => {
return await db
.select()
.from(clientMek)
.innerJoin(mek, and(eq(clientMek.userId, mek.userId), eq(clientMek.mekVersion, mek.version)))
.where(
and(
eq(clientMek.userId, userId),
eq(clientMek.clientId, clientId),
or(eq(mek.state, "active"), eq(mek.state, "retired")),
),
);
const clientMeks = await db
.selectFrom("client_master_encryption_key")
.innerJoin("master_encryption_key", (join) =>
join
.onRef("client_master_encryption_key.user_id", "=", "master_encryption_key.user_id")
.onRef("client_master_encryption_key.version", "=", "master_encryption_key.version"),
)
.selectAll()
.where("user_id", "=", userId)
.where("client_id", "=", clientId)
.where((eb) => eb.or([eb("state", "=", "active"), eb("state", "=", "retired")]))
.execute();
return clientMeks.map(
({ user_id, client_id, version, state, encrypted_key, encrypted_key_signature }) =>
({
userId: user_id,
version,
state: state as "active" | "retired",
clientId: client_id,
encMek: encrypted_key,
encMekSig: encrypted_key_signature,
}) satisfies ClientMekWithDetails,
);
};