Skip to content

feat: local-only schema fields (#166)#213

Merged
careck merged 19 commits into
developmentfrom
feat/166-local-only-fields
Jun 12, 2026
Merged

feat: local-only schema fields (#166)#213
careck merged 19 commits into
developmentfrom
feat/166-local-only-fields

Conversation

@careck

@careck careck commented Jun 10, 2026

Copy link
Copy Markdown
Member

Summary

  • Adds local_only: true field property to Rhai schema definitions
  • UpdateField ops targeting local-only fields are dropped from sync deltas
  • CreateNote ops have local-only field values stripped before sync
  • Snapshot notes have local-only field values stripped
  • Export gains include_local_only option (checkbox in export dialog)
  • UI shows lock icon + "Local only" indicator on local-only fields
  • Documentation added to SCRIPTING.md
  • Full round-trip integration test covering all sync boundaries + export

Closes #166

Test plan

  • Create schema with local_only: true field — verify it parses and displays
  • Update a local-only field — verify value persists locally
  • Check operations_since — local-only UpdateField ops must not appear
  • Check CreateNote in sync — local-only field values must be stripped
  • Check snapshot — local-only field values must be stripped
  • Export with checkbox unchecked — local-only fields empty in archive
  • Export with checkbox checked — local-only fields present in archive
  • Import archive with local-only data — fields populate
  • Lock icon visible next to local-only field labels
  • Non-owner sees local-only indicator in read-only mode
  • All 7 locales have correct translations

careck added 19 commits June 10, 2026 13:55
@careck
feat: add local_only flag to FieldDefinition schema parsing
a5ad2b9
@careck
feat: add is_field_local_only helper for sync filtering
02596d3
@careck
feat: filter local_only fields from sync deltas and snapshots
b3366bb 
- UpdateField ops targeting local-only fields dropped from operations_since
- CreateNote ops have local-only field values stripped
- Snapshot notes have local-only field values stripped
@careck
docs: document local_only field property in SCRIPTING.md
c362bea
@careck
feat: add include_local_only option to workspace export
857a2cc 
When exporting a workspace, local-only fields can now be stripped
from notes by passing include_local_only=false. The Tauri export
command exposes this as a new boolean parameter.
@careck
feat: show local-only indicator on field labels in UI
542dcb9 
- Add localOnly: boolean to TypeScript FieldDefinition interface
- Add localOnlyHint i18n key to all 7 locale files (en, de, es, fr, ja, ko, zh)
- Show lock icon + hint text above local-only fields in edit mode (InfoPanel)
- Show lock icon next to field label in read-only mode (FieldDisplay)
- Covers top-level fields and field groups in both edit and view modes
@careck
feat: add include local-only data checkbox to export dialog
ab2c49c
@careck
chore: fix clippy warnings and rustfmt
a845715
@careck
test: add full round-trip integration test for local_only fields
1f998fa
@careck
chore: rustfmt
67721ce
@careck
feat: add local-only my_notes field to TextNote schema for testing
daaef6a
@careck
fix: remove CreateNote field stripping to preserve signature integrity
926b81a 
Stripping local_only fields from CreateNote ops invalidated their Ed25519
signature, causing receivers to reject them (breaking attachment sync).
UpdateField filtering + snapshot stripping are sufficient for local-only
data protection. Also updates TextNote field count assertions for the new
my_notes field.
@careck
feat: add relay session renewal without delete/recreate
55c7f42 
When a relay session expires, users can now click "Renew Session" in the
relay account dialog instead of deleting and recreating the account.
Uses stored credentials to re-authenticate automatically.
@careck
fix: always auto-login relay clients instead of checking local expiry
3064cbd 
Sessions can be invalidated server-side before the local 30-day expiry
(server restart, concurrent login, admin action). Remove the
session_expires_at check from all 8 relay client build sites so
auto-login always runs when stored credentials are available.
@careck
fix: use seconds-precision RFC 3339 timestamps for relay invite API
cdb6816 
The relay server rejects nanosecond-precision timestamps from chrono's
default to_rfc3339(). Switch to to_rfc3339_opts(SecondsFormat::Secs, true)
which produces clean "2026-06-19T05:23:45Z" format.
@careck
fix: restore relay session expiry check with 5-minute buffer
3921f4f 
The previous "always auto-login" approach triggered rate limiting (429)
when multiple relay operations fired in quick succession. Restore the
expiry check but with a 5-minute buffer to proactively refresh sessions
approaching expiry while avoiding unnecessary login attempts.
@careck
fix: add retry-on-401 for relay polling and auto-login for snapshot p…
5e6dc98 
…olling

When the relay server invalidates a session before the local expiry
timestamp, the 5-minute buffer proactive refresh doesn't help. Add
reactive retry logic to poll_receive_workspace: if ensure_mailbox
returns 401, re-login and rebuild the client before proceeding.

Also add proactive auto-login to poll_all_identity_snapshots which
previously used raw session tokens without any refresh logic.
@careck
fix: add pre-flight token check with retry-on-401 for poll_sync
867cdf0 
The SyncEngine receives a RelayChannel at construction and uses it
internally for all relay operations. If the token is expired server-side,
every operation fails. Add a pre-flight ensure_mailbox check before
building the RelayChannel — if 401, re-login and use the fresh token.
@careck
fix: persist refreshed relay session tokens to prevent re-login loops
61aaa0a 
After a successful retry-on-401 re-login, the new session token was only
used for the current poll cycle. The next cycle read the same stale token
from the RelayAccountManager, triggering another re-login attempt and
eventually hitting the rate limiter.

Now both poll_receive_workspace and poll_sync persist the refreshed token
via save_relay_account after re-login, so subsequent cycles use the fresh
token without re-authenticating.
@careck careck merged commit 3045328 into development Jun 12, 2026
2 checks passed
@careck careck deleted the feat/166-local-only-fields branch June 12, 2026 06:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@careck