Feature: More events and event refinement

[infeo]

This PR adds mainly to new events:

• BrokenDirFileEvent: If the directory link file (dir.c9r) is empty or obese, thus breaking cleartext paths
• BrokenFileNodeEvent: If a c9r directory does not contain any identification file

[coderabbitai]

Walkthrough

The pull request introduces a new event handling mechanism across several components within the cryptographic filesystem. In the CryptoPathMapper and DirectoryIdLoader classes, a new field and constructor parameter for a Consumer<FilesystemEvent> are added to enable event notifications when issues, such as broken file nodes or directory files, occur. New event types, namely BrokenDirFileEvent and BrokenFileNodeEvent, are defined and integrated as permitted subclasses of the FilesystemEvent interface. Additionally, DecryptionFailedEvent is updated to accept a general Exception instead of a specific authentication exception, and error handling in FileHeaderHolder reflects this change. Corresponding tests are modified to include the event consumer and verify that the expected events are triggered under error conditions.

Possibly related PRs

• Feature: Public method for decrypting ciphertext name. #263: The changes in the main PR are related to those in the retrieved PR as both introduce a new event handling mechanism involving the Consumer<FilesystemEvent> for error notifications, specifically addressing broken file nodes and directory files.
• Feature: Notification API for Filesystem events #277: The changes in the main PR, which enhance event handling in the CryptoPathMapper class, are related to the retrieved PR as both involve the introduction of a Consumer<FilesystemEvent> for handling filesystem events, specifically integrating event-driven mechanisms for error notifications.

Suggested labels

enhancement

Suggested reviewers

• overheadhunter

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b2ed90d and d5e238c.

📒 Files selected for processing (1)

• src/test/java/org/cryptomator/cryptofs/CryptoPathMapperTest.java (18 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• src/test/java/org/cryptomator/cryptofs/CryptoPathMapperTest.java

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: Analyse
• GitHub Check: Build and Test

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

src/test/java/org/cryptomator/cryptofs/DirectoryIdLoaderTest.java (2)

99-100: Verify event emission for empty directory file

Test verifies that the event consumer is called with a BrokenDirFileEvent when an empty directory file is encountered.

Consider enhancing this test to also verify the content of the event (e.g., check that the path in the event matches dirFilePath). This would provide more thorough test coverage.

-var isBrokenDirFileEvent = (ArgumentMatcher<FilesystemEvent>) ev -> ev instanceof BrokenDirFileEvent;
-verify(eventConsumer).accept(ArgumentMatchers.argThat(isBrokenDirFileEvent));
+var isBrokenDirFileEvent = (ArgumentMatcher<FilesystemEvent>) ev -> 
+    ev instanceof BrokenDirFileEvent brokenEvent && brokenEvent.path().equals(dirFilePath);
+verify(eventConsumer).accept(ArgumentMatchers.argThat(isBrokenDirFileEvent));

---

113-114: Verify event emission for oversized directory file

Similar to the previous case, test verifies event emission for the oversized directory file scenario.

Same suggestion as above - consider enhancing the test to verify the content of the event for more thorough coverage.

-var isBrokenDirFileEvent = (ArgumentMatcher<FilesystemEvent>) ev -> ev instanceof BrokenDirFileEvent;
-verify(eventConsumer).accept(ArgumentMatchers.argThat(isBrokenDirFileEvent));
+var isBrokenDirFileEvent = (ArgumentMatcher<FilesystemEvent>) ev -> 
+    ev instanceof BrokenDirFileEvent brokenEvent && brokenEvent.path().equals(dirFilePath);
+verify(eventConsumer).accept(ArgumentMatchers.argThat(isBrokenDirFileEvent));

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8507188 and b2ed90d.

📒 Files selected for processing (10)

• src/main/java/org/cryptomator/cryptofs/CryptoPathMapper.java (5 hunks)
• src/main/java/org/cryptomator/cryptofs/DirectoryIdLoader.java (2 hunks)
• src/main/java/org/cryptomator/cryptofs/event/BrokenDirFileEvent.java (1 hunks)
• src/main/java/org/cryptomator/cryptofs/event/BrokenFileNodeEvent.java (1 hunks)
• src/main/java/org/cryptomator/cryptofs/event/DecryptionFailedEvent.java (1 hunks)
• src/main/java/org/cryptomator/cryptofs/event/FilesystemEvent.java (1 hunks)
• src/main/java/org/cryptomator/cryptofs/fh/FileHeaderHolder.java (1 hunks)
• src/test/java/org/cryptomator/cryptofs/CryptoPathMapperTest.java (18 hunks)
• src/test/java/org/cryptomator/cryptofs/DirectoryIdLoaderTest.java (4 hunks)
• src/test/java/org/cryptomator/cryptofs/fh/FileHeaderHolderTest.java (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Analyse

🔇 Additional comments (27)

src/main/java/org/cryptomator/cryptofs/event/BrokenDirFileEvent.java (1)

1-12: Well-structured event implementation

This new event record is clearly documented and properly implements the FilesystemEvent interface. The documentation effectively explains the conditions that trigger this event (empty or oversized dir.c9r file).

src/main/java/org/cryptomator/cryptofs/event/BrokenFileNodeEvent.java (1)

1-15: Good implementation with comprehensive documentation

The event record is well-designed with both cleartext and ciphertext paths, providing complete context about the broken file node. The documentation clearly explains its purpose and includes a useful cross-reference to UnknownType.

src/main/java/org/cryptomator/cryptofs/event/DecryptionFailedEvent.java (1)

11-11: Improved exception handling flexibility

Good change to broaden the exception type from a specific AuthenticationFailedException to generic Exception. This allows for more comprehensive error reporting by capturing all possible decryption failures, not just authentication issues.

src/main/java/org/cryptomator/cryptofs/fh/FileHeaderHolder.java (1)

83-83: Simplified error handling consistent with event changes

This change aligns with the modification to DecryptionFailedEvent, properly passing any exception to the event consumer. The simplification improves the error reporting by treating all exceptions uniformly.

src/main/java/org/cryptomator/cryptofs/event/FilesystemEvent.java (1)

25-25: Expansion of FilesystemEvent interface to include new event types

The sealed interface has been updated to permit two new event types: BrokenDirFileEvent and BrokenFileNodeEvent. This aligns with the PR objective of introducing events for detecting broken directory files and file nodes.

src/main/java/org/cryptomator/cryptofs/DirectoryIdLoader.java (5)

4-5: Added imports for new event type

Properly imported the necessary event-related classes.

---

17-17: Added Consumer import

Import for Java's Consumer functional interface to support event notifications.

---

24-29: Added event consumer field and constructor parameter

Event consumer is properly injected through constructor, following good dependency injection practices.

---

37-38: Emit event before throwing exception for empty directory file

Correctly notifies the system about broken directory files by emitting a BrokenDirFileEvent before throwing the exception, enhancing error reporting.

---

40-41: Emit event before throwing exception for oversized directory file

Similar to the empty file case, properly notifies about oversized directory files before throwing the exception.

src/test/java/org/cryptomator/cryptofs/DirectoryIdLoaderTest.java (4)

3-4: Added imports for event classes

Necessary imports for the new event types being tested.

---

9-10: Added Mockito-related and Consumer imports

Added the required imports to support mocking and testing the event consumer functionality.

Also applies to: 20-20, 26-27, 29-29

---

38-40: Added mock event consumer

Created a mock event consumer and passed it to the constructor, aligning with the changes in the implementation class.

---

47-47: Setup mock behavior for event consumer

Configured the mock to do nothing when accept is called, allowing verification of interactions later.

src/test/java/org/cryptomator/cryptofs/CryptoPathMapperTest.java (5)

13-13: Added FilesystemEvent import

Required import for the event functionality.

---

31-31: Added Consumer and static Mockito imports

Necessary imports to support the event consumer functionality in tests.

Also applies to: 35-35

---

48-48: Added mock event consumer field

Created a mock event consumer to be used across test methods.

---

82-83: Updated CryptoPathMapper constructor calls to include event consumer

Properly updated constructor calls to pass the event consumer parameter, keeping the tests aligned with implementation changes.

Also applies to: 106-107, 140-141, 178-179, 215-216

---

263-264: Updated remaining CryptoPathMapper constructor calls

Consistently updated all constructor calls across test methods to include the event consumer parameter.

Also applies to: 272-273, 285-286, 301-302, 317-318, 335-336, 396-397, 411-412, 427-428, 443-444

src/test/java/org/cryptomator/cryptofs/fh/FileHeaderHolderTest.java (2)

15-16: LGTM! Good addition of parameterized testing.

Adding support for parameterized tests will make the test suite more maintainable.

---

93-96: Great refactoring to use parameterized tests!

Converting the individual test methods into a single parameterized test that handles both AuthenticationFailedException and IllegalArgumentException reduces code duplication while maintaining the same test coverage. This change aligns with the updated DecryptionFailedEvent that now accepts general exceptions rather than specific authentication exceptions.

src/main/java/org/cryptomator/cryptofs/CryptoPathMapper.java (6)

16-17: LGTM! Good addition of necessary imports.

These imports support the new event handling functionality for broken file nodes.

Also applies to: 32-32

---

47-47: LGTM! Well-placed field for event handling.

Adding a dedicated field for the event consumer follows good object-oriented design principles.

---

54-54: LGTM! Constructor updated to support event handling.

Good practice to inject the event consumer through the constructor, following dependency injection principles.

---

60-60: LGTM! Proper field initialization.

Field initialization is straightforward and follows the class's initialization pattern.

---

106-106: Good implementation of event notification for broken file nodes.

This line properly notifies the system when a broken file node is detected, which aligns with the PR objective to improve error handling for directory and file nodes.

---

120-120:

❓ Verification inconclusive

Address the TODO comment about cleartext paths in logs.

The TODO comment indicates a potential security concern with logging cleartext paths. Consider implementing this improvement to prevent potential information leakage in logs.

---

🏁 Script executed:

#!/bin/bash
# Search for other instances of cleartext paths in logs to see if there's a pattern or standard approach
rg -n "cleartext.*log|log.*cleartext" --type java

Length of output: 51

---

Security Alert: Potential Cleartext Logging Vulnerability

At src/main/java/org/cryptomator/cryptofs/CryptoPathMapper.java (line 120), the exception message includes the raw cleartextPath, which could lead to sensitive information leakage if logged. Please review this and consider one of the following improvements:

• Remove or Sanitize the File Path: Modify the exception message so that it does not reveal the full cleartext path. If the path (or part of it) is essential for debugging, consider redacting sensitive segments.
• Ensure Consistent Handling: Verify that this pattern isn’t repeated elsewhere in the codebase—if it is, establish a standardized, secure logging approach across all modules.

Given that our automated search for similar logging patterns returned no additional instances, please manually verify whether this instance is an isolated occurrence or part of a broader pattern that needs addressing.