till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 20:01:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

feat(spaces): end-to-end shared-space sync (membership lookup + plaintext)

Browse source 
Closes the gap between "invite flow UI exists" and "two users in the
same space actually see each other's data". Three pieces land together
because they're meaningless without each other.

mana-auth — new internal endpoint:
  GET /api/v1/internal/users/:userId/memberships
  Returns [{organizationId, role}, ...] for the user. mana-sync uses
  this to populate the multi-member RLS session config.

mana-sync — membership lookup:
  new internal/memberships package with an HTTP client + 5 min
  per-user cache, fail-open (empty list = pre-Spaces behavior).
  Config gets MANA_AUTH_URL (default http://localhost:3001).
  Handler.NewHandler takes the Lookup. Every Push/Pull/Stream call
  now passes spaceIDsFor(userID) to Store methods.
  GetChangesSince + GetAllChangesSince extend their WHERE clause:
    WHERE (user_id = $1 OR space_id = ANY($memberSpaces))
  so co-members see each other's rows, not just the author.

apps/web — encryption skip for shared-space records:
  encryptRecord now checks record.spaceId:
    - `_personal:<userId>` sentinel OR no active shared space → encrypt
      with user master key (E2E as today).
    - Active space resolves to non-personal type AND spaceId matches
      that space → skip encryption; write lands plaintext.
  decryptRecord is unchanged because its per-field isEncrypted() guard
  already passes plaintext through.
  Phase-1 compromise: shared-space data is protected by server RLS
  only, not E2E. Phase 2 adds per-Space shared keys with per-member
  wrap — tracked in docs/plans/spaces-foundation.md.

Plus docs/plans/shared-space-smoketest.md: step-by-step Zwei-User-Test
mit erwarteten Ergebnissen und Debugging-Hinweisen bei Problemen.

Build + go test + web check all green.

Plan: docs/plans/spaces-foundation.md

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Till JS 2026-04-20 20:46:53 +02:00
parent da373491b8
commit 38d35247cd
8 changed files with 365 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

9
services/mana-sync/cmd/server/main.go
View file

@ -16,6 +16,7 @@ import (
"github.com/mana/mana-sync/internal/backup"
"github.com/mana/mana-sync/internal/billing"
"github.com/mana/mana-sync/internal/config"
"github.com/mana/mana-sync/internal/memberships"
"github.com/mana/mana-sync/internal/store"
syncHandler "github.com/mana/mana-sync/internal/sync"
"github.com/mana/mana-sync/internal/ws"
@ -55,8 +56,14 @@ func main() {
billingChecker := billing.NewChecker(cfg.ManaCreditsURL, cfg.ServiceKey)
billingMiddleware := billingChecker.Middleware(validator)
// Initialize Space-membership lookup against mana-auth. The handler
// passes the caller's membership list into every sync query so the
// multi-member RLS policy lets co-members of a shared Space see each
// other's records.
membershipLookup := memberships.New(cfg.ManaAuthURL, cfg.ServiceKey)
// Initialize sync handler
handler := syncHandler.NewHandler(db, validator, hub)
handler := syncHandler.NewHandler(db, validator, hub, membershipLookup)
// Set up routes
mux := http.NewServeMux()