-
Mikel Astiz authored
Nigori is a special datatype because failing to commit local changes (e.g. custom passphrase set) can lead to problematic scenarios (e.g. user data exposed unencrypted) or in rare cases complicated conflict-resolution scenarios (e.g. keystore rotation took place before committing the custom passphrase) that worst-case cannot be resolved synchronously (e.g. keystore keys are missing and hence keys are pending for some time, until keystore keys are received). It's very hard to universally reason about all side effects of local commits and conflict resolution cases. Instead, this patch introduces infrastructure that adopts the command design pattern to concisely represent what the intended local change is. Local changes may now fail to apply, in particular if there is a conflict. But in such case the infrastructure allows dealing with the failure, with custom logic that depends on the precise command type. Similarly, success is only reported once the commit is acked by the sync server, which is a desirable property and useful foundation for future work. This may introduce additional latency in the existing UX, e.g. while setting up a custom passphrase, but manual tests indicate that it's not noticeable. In this patch, only the infrastructure is introduced without actually adopting it for the various local changes. Future patches will take care of such adoption. Bug: 922900 Change-Id: Ib55d3a401f1f68a1a910ee1e2b9119889d4f73b6 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1864770 Commit-Queue: Mikel Astiz <mastiz@chromium.org> Reviewed-by:
Maksim Moskvitin <mmoskvitin@google.com> Cr-Commit-Position: refs/heads/master@{#706401}
7a70ddb9
