feat: remove server peer (#1017)

* feat: remove server peer

* chore: Refactor based on PR review

* chore: spelling in src/member-api.js

Co-authored-by: Andrew Chou <[email protected]>

---------

Co-authored-by: Mauve Signweaver <[email protected]>
Co-authored-by: Andrew Chou <[email protected]>

Author: 3 people

src/mapeo-project.js

@@ -410,9 +410,9 @@ export class MapeoProject extends TypedEmitter {
             member.selfHostedServerDetails
           ) {
             const { baseUrl } = member.selfHostedServerDetails
-            const wsUrl = new URL(`/sync/${this.#projectPublicId}`, baseUrl)
-            wsUrl.protocol = wsUrl.protocol === 'http:' ? 'ws:' : 'wss:'
-            serverWebsocketUrls.push(wsUrl.href)
+            serverWebsocketUrls.push(
+              baseUrlToWS(baseUrl, this.#projectPublicId)
+            )
           }
         }
         return serverWebsocketUrls
@@ -1086,3 +1086,16 @@ function mapAndValidateDeviceInfo(doc, { coreDiscoveryKey }) {
   }
   return doc
 }
+
+/**
+ *
+ * @param {string} baseUrl
+ * @param {string} projectPublicId
+ * @returns {string}
+ */
+export function baseUrlToWS(baseUrl, projectPublicId) {
+  const wsUrl = new URL(`/sync/${projectPublicId}`, baseUrl)
+  wsUrl.protocol = wsUrl.protocol === 'http:' ? 'ws:' : 'wss:'
+
+  return wsUrl.href
+}

src/member-api.js

@@ -19,7 +19,12 @@ import { isHostnameIpAddress } from './lib/is-hostname-ip-address.js'
 import { ErrorWithCode, getErrorMessage } from './lib/error.js'
 import { InviteAbortedError } from './errors.js'
 import { wsCoreReplicator } from './lib/ws-core-replicator.js'
-import { MEMBER_ROLE_ID, ROLES, isRoleIdForNewInvite } from './roles.js'
+import {
+  BLOCKED_ROLE_ID,
+  MEMBER_ROLE_ID,
+  ROLES,
+  isRoleIdForNewInvite,
+} from './roles.js'
 /**
  * @import {
  *   DeviceInfo,
@@ -317,6 +322,46 @@ export class MemberApi extends TypedEmitter {
     })
   }
 
+  /**
+   * Remove a server peer. Only works when the peer is reachable
+   *
+   * @param {string} serverDeviceId
+   * @param {object} [options]
+   * @param {boolean} [options.dangerouslyAllowInsecureConnections] Allow insecure network connections. Should only be used in tests.
+   * @returns {Promise<void>}
+   */
+  async removeServerPeer(
+    serverDeviceId,
+    { dangerouslyAllowInsecureConnections = false } = {}
+  ) {
+    // Get device ID for URL
+    // Parse through URL to ensure end pathname if missing
+    const member = await this.getById(serverDeviceId)
+
+    if (!member.selfHostedServerDetails) {
+      throw new ErrorWithCode(
+        'DEVICE_ID_NOT_FOR_SERVER',
+        'DeviceId is not for a server peer'
+      )
+    }
+
+    if (member.role.roleId === BLOCKED_ROLE_ID) {
+      throw new ErrorWithCode('ALREADY_BLOCKED', 'Server peer already blocked')
+    }
+
+    const { baseUrl } = member.selfHostedServerDetails
+
+    // Add blocked role to project
+    await this.#roles.assignRole(serverDeviceId, BLOCKED_ROLE_ID)
+
+    // TODO: Catch fail and sync with server after
+    await this.#waitForInitialSyncWithServer({
+      baseUrl,
+      serverDeviceId,
+      dangerouslyAllowInsecureConnections,
+    })
+  }
+
   /**
    * @param {string} baseUrl Server base URL. Should already be validated.
    * @returns {Promise<{ serverDeviceId: string }>}
@@ -448,6 +493,7 @@ export class MemberApi extends TypedEmitter {
       result.name = deviceInfo.name
       result.deviceType = deviceInfo.deviceType
       result.joinedAt = deviceInfo.createdAt
+      result.selfHostedServerDetails = deviceInfo.selfHostedServerDetails
     } catch (err) {
       // Attempting to get someone else may throw because sync hasn't occurred or completed
       // Only throw if attempting to get themself since the relevant information should be available

test-e2e/server.js

@@ -10,7 +10,7 @@ import pDefer from 'p-defer'
 import { pEvent } from 'p-event'
 import RAM from 'random-access-memory'
 import { map } from 'iterpal'
-import { MEMBER_ROLE_ID } from '../src/roles.js'
+import { BLOCKED_ROLE_ID, MEMBER_ROLE_ID } from '../src/roles.js'
 import comapeoServer from '@comapeo/cloud'
 import {
   connectPeers,
@@ -372,6 +372,41 @@ test('data can be synced via a server', async (t) => {
   )
 })
 
+test('add server, remove server, check that it knows it got blocked', async (t) => {
+  const manager = createManager('seed', t)
+  await manager.setDeviceInfo({ name: 'manager', deviceType: 'mobile' })
+
+  // Because we need to stop the server, we can't use a remote server here.
+  const { server, serverBaseUrl } = await createLocalTestServer(t)
+  t.after(() => server.close())
+
+  const projectId = await manager.createProject({ name: 'foo' })
+  const project = await manager.getProject(projectId)
+  await project.$member.addServerPeer(serverBaseUrl, {
+    dangerouslyAllowInsecureConnections: true,
+  })
+  const serverPeer = await findServerPeer(project)
+  assert(serverPeer, 'test setup: server peer exists')
+
+  await project.$member.removeServerPeer(serverPeer.deviceId, {
+    dangerouslyAllowInsecureConnections: true,
+  })
+
+  const serverMember = await findServerPeer(project)
+
+  assert.equal(serverMember?.role.roleId, BLOCKED_ROLE_ID, 'server now blocked')
+
+  // @ts-expect-error - does not exist on type
+  const serverManager = /** @type {MapeoManager} */ server.comapeo
+  const serverProject = await serverManager.getProject(projectId)
+  const serverMemberState = await findServerPeer(serverProject)
+  assert.equal(
+    serverMemberState?.role.roleId,
+    BLOCKED_ROLE_ID,
+    'server knows it is blocked'
+  )
+})
+
 test('connecting and then immediately disconnecting (and then immediately connecting again)', async (t) => {
   const manager = createManager('seed', t)
   await manager.setDeviceInfo({ name: 'manager', deviceType: 'mobile' })