WIP

2026-04-06 13:01:47 +01:00 · 2026-04-06 13:01:47 +01:00 · d034ad5cb3
commit d034ad5cb3
parent 0e3e5a99cd
50 changed files with 6515 additions and 1492 deletions
--- a/sync-server/build.rs
+++ b/sync-server/build.rs
@ -1,5 +1,16 @@
-// generated by `sqlx migrate build-script`
 fn main() {
    // trigger recompilation when a new migration is added
    println!("cargo:rerun-if-changed=migrations");
+
+    // Ensure the history-ui dist directory exists so rust-embed can compile
+    // even when the frontend hasn't been built yet.
+    let dist_path = std::path::Path::new("../frontend/history-ui/dist");
+    if !dist_path.exists() {
+        std::fs::create_dir_all(dist_path).expect("Failed to create history-ui dist directory");
+        std::fs::write(
+            dist_path.join("index.html"),
+            "<!DOCTYPE html><html><body><p>Run <code>npm run build -w history-ui</code> first.</p></body></html>",
+        )
+        .expect("Failed to write placeholder index.html");
+    }
 }
--- a/sync-server/src/app_state/database/migrations/20260314000000_add_idempotency_key.sql
+++ b/sync-server/src/app_state/database/migrations/20260314000000_add_idempotency_key.sql
@ -0,0 +1,2 @@
+CREATE INDEX IF NOT EXISTS idx_documents_document_id
+ON documents (document_id, vault_update_id);
--- a/sync-server/src/app_state/websocket/utils.rs
+++ b/sync-server/src/app_state/websocket/utils.rs
@ -33,7 +33,7 @@ pub fn get_authenticated_handshake(
                let user = auth(state, handshake.token.trim(), vault_id)?;
                Ok(AuthenticatedWebSocketHandshake { handshake, user })
            }
-            WebSocketClientMessage::CursorPositions(_) | WebSocketClientMessage::Ping {} => Err(
+            WebSocketClientMessage::CursorPositions(_) => Err(
                unauthenticated_error(anyhow::anyhow!("Expected a handshake message")),
            ),
        }
--- a/sync-server/src/server.rs
+++ b/sync-server/src/server.rs
@ -4,24 +4,27 @@ mod delete_document;
 mod device_id_header;
 mod fetch_document_version;
 mod fetch_document_version_content;
+mod fetch_document_versions;
 mod fetch_latest_document_version;
 mod fetch_latest_documents;
+mod fetch_vault_history;
 mod index;
+mod list_vaults;
 mod ping;
 mod rate_limit;
 mod requests;
 mod responses;
+mod restore_document_version;
 mod update_document;
 mod websocket;

-use anyhow::{Context as _, Result, anyhow};
+use anyhow::{Context as _, Result};
 use auth::auth_middleware;
 use axum::{
    Router,
    extract::{DefaultBodyLimit, Request},
    http::{self, HeaderValue, Method},
    middleware,
-    response::IntoResponse,
    routing::{IntoMakeService, delete, get, post, put},
 };
 use device_id_header::DEVICE_ID_HEADER_NAME;
@ -52,7 +55,7 @@ pub async fn create_server(config: Config) -> Result<()> {

    let server_config = app_state.config.server.clone();

-    let app = Router::new()
+    let mut app = Router::new()
        .nest("/", get_authed_routes(app_state.clone()))
        .route("/", get(index::index))
        .route("/assets/*path", get(index::spa_assets))
@ -155,6 +158,10 @@ fn get_authed_routes(app_state: AppState) -> Router<AppState> {
            "/vaults/:vault_id/documents/:document_id/text",
            put(update_document::update_text),
        )
+        .route(
+            "/vaults/:vault_id/documents/:document_id/versions",
+            get(fetch_document_versions::fetch_document_versions),
+        )
        .route(
            "/vaults/:vault_id/documents/:document_id/versions/:vault_update_id",
            get(fetch_document_version::fetch_document_version),
@ -167,6 +174,14 @@ fn get_authed_routes(app_state: AppState) -> Router<AppState> {
            "/vaults/:vault_id/documents/:document_id",
            delete(delete_document::delete_document),
        )
+        .route(
+            "/vaults/:vault_id/documents/:document_id/restore",
+            post(restore_document_version::restore_document_version),
+        )
+        .route(
+            "/vaults/:vault_id/history",
+            get(fetch_vault_history::fetch_vault_history),
+        )
        .layer(middleware::from_fn_with_state(app_state, auth_middleware))
 }

--- a/sync-server/src/server/fetch_document_versions.rs
+++ b/sync-server/src/server/fetch_document_versions.rs
@ -0,0 +1,42 @@
+use axum::{
+    Json,
+    extract::{Path, State},
+};
+use log::debug;
+use serde::Deserialize;
+
+use crate::{
+    app_state::{
+        AppState,
+        database::models::{DocumentId, DocumentVersionWithoutContent, VaultId},
+    },
+    errors::{SyncServerError, server_error},
+    utils::normalize::normalize,
+};
+
+#[derive(Deserialize)]
+pub struct FetchDocumentVersionsPathParams {
+    #[serde(deserialize_with = "normalize")]
+    vault_id: VaultId,
+
+    document_id: DocumentId,
+}
+
+#[axum::debug_handler]
+pub async fn fetch_document_versions(
+    Path(FetchDocumentVersionsPathParams {
+        vault_id,
+        document_id,
+    }): Path<FetchDocumentVersionsPathParams>,
+    State(state): State<AppState>,
+) -> Result<Json<Vec<DocumentVersionWithoutContent>>, SyncServerError> {
+    debug!("Fetching all versions for document `{document_id}` in vault `{vault_id}`");
+
+    let versions = state
+        .database
+        .get_document_versions(&vault_id, &document_id, None)
+        .await
+        .map_err(server_error)?;
+
+    Ok(Json(versions))
+}
--- a/sync-server/src/server/fetch_vault_history.rs
+++ b/sync-server/src/server/fetch_vault_history.rs
@ -0,0 +1,70 @@
+use axum::{
+    Json,
+    extract::{Path, Query, State},
+};
+use log::debug;
+use serde::Deserialize;
+
+use super::responses::VaultHistoryResponse;
+use crate::{
+    app_state::{
+        AppState,
+        database::models::{VaultId, VaultUpdateId},
+    },
+    errors::{SyncServerError, client_error, server_error},
+    utils::normalize::normalize,
+};
+
+const DEFAULT_LIMIT: i64 = 50;
+const MAX_LIMIT: i64 = 500;
+
+#[derive(Deserialize)]
+pub struct FetchVaultHistoryPathParams {
+    #[serde(deserialize_with = "normalize")]
+    vault_id: VaultId,
+}
+
+#[derive(Deserialize)]
+pub struct QueryParams {
+    limit: Option<i64>,
+    before_update_id: Option<VaultUpdateId>,
+}
+
+#[axum::debug_handler]
+pub async fn fetch_vault_history(
+    Path(FetchVaultHistoryPathParams { vault_id }): Path<FetchVaultHistoryPathParams>,
+    Query(QueryParams {
+        limit,
+        before_update_id,
+    }): Query<QueryParams>,
+    State(state): State<AppState>,
+) -> Result<Json<VaultHistoryResponse>, SyncServerError> {
+    if let Some(id) = before_update_id
+        && id <= 0
+    {
+        return Err(client_error(anyhow::anyhow!(
+            "before_update_id must be a positive integer"
+        )));
+    }
+
+    let limit = limit.unwrap_or(DEFAULT_LIMIT).clamp(1, MAX_LIMIT);
+
+    debug!(
+        "Fetching vault history for vault `{vault_id}` (limit={limit}, before={before_update_id:?})"
+    );
+
+    // Fetch one extra row to determine if there are more results
+    let mut versions = state
+        .database
+        .get_vault_history(&vault_id, limit + 1, before_update_id, None)
+        .await
+        .map_err(server_error)?;
+
+    #[allow(clippy::cast_sign_loss)] // limit is clamped to [1, 500] above
+    let has_more = versions.len() > limit as usize;
+    if has_more {
+        versions.pop();
+    }
+
+    Ok(Json(VaultHistoryResponse { versions, has_more }))
+}
--- a/sync-server/src/server/index.rs
+++ b/sync-server/src/server/index.rs
@ -1,7 +1,77 @@
-use axum::response::{Html, IntoResponse};
+use axum::{
+    body::Body,
+    extract::{Path, State},
+    http::{StatusCode, header},
+    response::{Html, IntoResponse, Response},
+};
+use log::warn;
+use rust_embed::Embed;

-pub async fn index() -> impl IntoResponse {
-    const HTML_CONTENT: &str = include_str!("./assets/index.html");
-    let html_content = HTML_CONTENT;
-    Html(html_content)
+use crate::app_state::AppState;
+
+#[derive(Embed)]
+#[folder = "../frontend/history-ui/dist/"]
+struct HistoryUiAssets;
+
+pub async fn index(State(_state): State<AppState>) -> impl IntoResponse {
+    if let Some(content) = HistoryUiAssets::get("index.html") {
+        Html(
+            std::str::from_utf8(content.data.as_ref())
+                .inspect_err(|e| warn!("Embedded index.html is not valid UTF-8: {e}"))
+                .unwrap_or("<h1>VaultLink</h1>")
+                .to_owned(),
+        )
+        .into_response()
+    } else {
+        warn!("No embedded index.html found — history UI may not have been built");
+        Html("<h1>VaultLink server</h1>".to_owned()).into_response()
+    }
+}
+
+pub async fn spa_assets(Path(path): Path<String>) -> impl IntoResponse {
+    // The route is /assets/*path so path is relative to assets/.
+    // The embedded files include the assets/ prefix from the dist directory.
+    let full_path = format!("assets/{path}");
+    if let Some(content) = HistoryUiAssets::get(&full_path) {
+        let mime = mime_guess::from_path(&full_path).first_or_octet_stream();
+        return Response::builder()
+            .status(StatusCode::OK)
+            .header(header::CONTENT_TYPE, mime.as_ref())
+            .body(Body::from(content.data.to_vec()))
+            .unwrap_or_else(|_| {
+                Response::builder()
+                    .status(StatusCode::INTERNAL_SERVER_ERROR)
+                    .body(Body::empty())
+                    .unwrap_or_else(|_| Response::new(Body::empty()))
+            });
+    }
+
+    // Asset paths must match an embedded file — no SPA fallback.
+    // Serving index.html here would return 200 with text/html for missing
+    // .css/.js files, causing the browser to silently ignore the content.
+    Response::builder()
+        .status(StatusCode::NOT_FOUND)
+        .body(Body::from("Not found"))
+        .unwrap_or_else(|_| Response::new(Body::from("Not found")))
+}
+
+/// SPA fallback for production: serves index.html for client-side routes
+/// (e.g. `/documents/123`).
+pub async fn spa_fallback() -> impl IntoResponse {
+    match HistoryUiAssets::get("index.html") {
+        Some(content) => Response::builder()
+            .status(StatusCode::OK)
+            .header(header::CONTENT_TYPE, "text/html")
+            .body(Body::from(content.data.to_vec()))
+            .unwrap_or_else(|_| {
+                Response::builder()
+                    .status(StatusCode::INTERNAL_SERVER_ERROR)
+                    .body(Body::empty())
+                    .unwrap_or_else(|_| Response::new(Body::empty()))
+            }),
+        None => Response::builder()
+            .status(StatusCode::NOT_FOUND)
+            .body(Body::from("Not found"))
+            .unwrap_or_else(|_| Response::new(Body::from("Not found"))),
+    }
 }
--- a/sync-server/src/server/restore_document_version.rs
+++ b/sync-server/src/server/restore_document_version.rs
@ -0,0 +1,147 @@
+use anyhow::anyhow;
+use axum::{
+    Extension, Json,
+    extract::{Path, State},
+};
+use axum_extra::TypedHeader;
+use log::{debug, info};
+use serde::Deserialize;
+
+use super::device_id_header::DeviceIdHeader;
+use crate::{
+    app_state::{
+        AppState,
+        database::models::{
+            DocumentId, DocumentVersionWithoutContent, StoredDocumentVersion, VaultId,
+            VaultUpdateId,
+        },
+    },
+    config::user_config::User,
+    errors::{SyncServerError, client_error, not_found_error, server_error, write_transaction_error},
+    utils::{find_first_available_path::find_first_available_path, normalize::normalize},
+};
+
+#[derive(Deserialize)]
+pub struct RestorePathParams {
+    #[serde(deserialize_with = "normalize")]
+    vault_id: VaultId,
+
+    document_id: DocumentId,
+}
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct RestoreDocumentVersionRequest {
+    pub vault_update_id: VaultUpdateId,
+}
+
+#[axum::debug_handler]
+pub async fn restore_document_version(
+    Path(RestorePathParams {
+        vault_id,
+        document_id,
+    }): Path<RestorePathParams>,
+    Extension(user): Extension<User>,
+    TypedHeader(device_id): TypedHeader<DeviceIdHeader>,
+    State(state): State<AppState>,
+    Json(request): Json<RestoreDocumentVersionRequest>,
+) -> Result<Json<DocumentVersionWithoutContent>, SyncServerError> {
+    debug!(
+        "Restoring document `{document_id}` in vault `{vault_id}` to version `{}`",
+        request.vault_update_id
+    );
+
+    if request.vault_update_id <= 0 {
+        return Err(client_error(anyhow!(
+            "Invalid vault_update_id: `{}`",
+            request.vault_update_id
+        )));
+    }
+
+    let mut transaction = state
+        .database
+        .create_write_transaction(&vault_id)
+        .await
+        .map_err(write_transaction_error)?;
+
+    let target_version = state
+        .database
+        .get_document_version(&vault_id, request.vault_update_id, Some(&mut *transaction))
+        .await
+        .map_err(server_error)?
+        .ok_or_else(|| {
+            not_found_error(anyhow!("Version `{}` not found", request.vault_update_id))
+        })?;
+
+    if target_version.document_id != document_id {
+        transaction.rollback().await.map_err(server_error)?;
+        return Err(not_found_error(anyhow!(
+            "Version `{}` does not belong to document `{document_id}`",
+            request.vault_update_id,
+        )));
+    }
+
+    if target_version.is_deleted {
+        transaction.rollback().await.map_err(server_error)?;
+        return Err(client_error(anyhow!(
+            "Cannot restore to a deleted version `{}`",
+            request.vault_update_id,
+        )));
+    }
+
+    let existing = state
+        .database
+        .get_latest_non_deleted_document_by_path(
+            &vault_id,
+            &target_version.relative_path,
+            Some(&mut *transaction),
+        )
+        .await
+        .map_err(server_error)?;
+
+    let restore_path = if let Some(existing_doc) = &existing
+        && existing_doc.document_id != document_id
+    {
+        find_first_available_path(
+            &vault_id,
+            &target_version.relative_path,
+            &state.database,
+            &mut transaction,
+        )
+        .await
+        .map_err(server_error)?
+    } else {
+        target_version.relative_path.clone()
+    };
+
+    let last_update_id = state
+        .database
+        .get_max_update_id_in_vault(&vault_id, Some(&mut *transaction))
+        .await
+        .map_err(server_error)?;
+
+    let new_version = StoredDocumentVersion {
+        vault_update_id: last_update_id + 1,
+        document_id,
+        relative_path: restore_path,
+        content: target_version.content,
+        updated_date: chrono::Utc::now(),
+        is_deleted: false,
+        user_id: user.name.clone(),
+        device_id: device_id.0.clone(),
+        has_been_merged: false,
+    };
+
+    state
+        .database
+        .insert_document_version(&vault_id, &new_version, Some(transaction))
+        .await
+        .map_err(server_error)?;
+
+    info!(
+        "Restored document `{document_id}` to version `{}` as new version `{}`",
+        request.vault_update_id, new_version.vault_update_id
+    );
+
+    Ok(Json(new_version.into()))
+}