From 98f1c7452a75d6040a4cd78879d5a72ff396efcb Mon Sep 17 00:00:00 2001 From: zhom <2717306+zhom@users.noreply.github.com> Date: Mon, 1 Jun 2026 01:05:35 +0400 Subject: [PATCH] feat: add onboarding --- .github/workflows/flake-test.yml | 8 + AGENTS.md | 51 ++ donut-sync/src/sync/dto/sync.dto.ts | 8 + donut-sync/src/sync/sync.service.ts | 7 + flake.nix | 2 + package.json | 5 + pnpm-lock.yaml | 65 +++ src-tauri/src/api_server.rs | 54 +- src-tauri/src/app_dirs.rs | 28 + src-tauri/src/auto_updater.rs | 1 + src-tauri/src/browser.rs | 1 + src-tauri/src/browser_runner.rs | 18 + src-tauri/src/cloud_auth.rs | 23 +- src-tauri/src/downloaded_browsers_registry.rs | 76 ++- src-tauri/src/downloader.rs | 140 ++++- src-tauri/src/ephemeral_dirs.rs | 1 + src-tauri/src/group_manager.rs | 8 + src-tauri/src/lib.rs | 84 ++- src-tauri/src/mcp_server.rs | 12 +- src-tauri/src/profile/manager.rs | 22 +- src-tauri/src/profile/types.rs | 6 + src-tauri/src/profile_importer.rs | 3 + src-tauri/src/proxy_manager.rs | 20 + src-tauri/src/settings_manager.rs | 25 + src-tauri/src/sync/client.rs | 37 ++ src-tauri/src/sync/engine.rs | 197 ++++--- src-tauri/src/sync/types.rs | 14 + src-tauri/src/vpn/config.rs | 4 + src-tauri/src/vpn/storage.rs | 12 + src-tauri/src/wayfern_manager.rs | 38 +- src-tauri/tests/vpn_integration.rs | 4 + src/app/page.tsx | 120 ++++- src/components/account-page.tsx | 31 ++ src/components/app-update-toast.tsx | 2 +- src/components/client-providers.tsx | 5 +- src/components/create-profile-dialog.tsx | 178 +++++-- src/components/custom-toast.tsx | 26 +- .../extension-management-dialog.tsx | 8 +- src/components/group-badges.tsx | 6 +- src/components/home-header.tsx | 1 + src/components/import-profile-dialog.tsx | 4 +- src/components/onboarding-card.tsx | 100 ++++ src/components/onboarding-provider.tsx | 66 +++ src/components/permission-dialog.tsx | 10 +- src/components/profile-data-table.tsx | 1 + src/components/profile-info-dialog.tsx | 30 +- .../shared-camoufox-config-form.tsx | 16 +- src/components/thank-you-dialog.tsx | 83 +++ src/components/ui/color-picker.tsx | 2 +- src/components/ui/dialog.tsx | 70 ++- src/components/ui/sonner.tsx | 4 +- src/components/wayfern-config-form.tsx | 16 +- src/components/welcome-dialog.tsx | 484 ++++++++++++++++++ src/hooks/use-browser-download.ts | 83 +-- src/hooks/use-browser-setup.ts | 342 +++++++++++++ src/i18n/locales/en.json | 102 +++- src/i18n/locales/es.json | 102 +++- src/i18n/locales/fr.json | 102 +++- src/i18n/locales/ja.json | 102 +++- src/i18n/locales/ko.json | 102 +++- src/i18n/locales/pt.json | 102 +++- src/i18n/locales/ru.json | 102 +++- src/i18n/locales/zh.json | 102 +++- src/lib/backend-errors.ts | 12 + src/lib/onboarding-signal.ts | 18 + src/lib/toast-utils.ts | 12 +- src/types.ts | 6 + 67 files changed, 3157 insertions(+), 369 deletions(-) create mode 100644 src/components/onboarding-card.tsx create mode 100644 src/components/onboarding-provider.tsx create mode 100644 src/components/thank-you-dialog.tsx create mode 100644 src/components/welcome-dialog.tsx create mode 100644 src/hooks/use-browser-setup.ts create mode 100644 src/lib/onboarding-signal.ts diff --git a/.github/workflows/flake-test.yml b/.github/workflows/flake-test.yml index cb62128..9902c11 100644 --- a/.github/workflows/flake-test.yml +++ b/.github/workflows/flake-test.yml @@ -47,3 +47,11 @@ jobs: - name: Run flake info app run: nix run .#info + + # `nix flake show` above only evaluates the flake. This step actually + # compiles the app inside the Nix environment, which is what catches a + # missing build-time dependency — in particular libayatana-appindicator + # (required by libappindicator-sys for the Linux system tray). The build + # fails here if that dependency is dropped from the flake. + - name: Build the app via the flake + run: nix run .#build diff --git a/AGENTS.md b/AGENTS.md index adb4354..1a41645 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -216,6 +216,57 @@ The `.github/workflows/publish-repos.yml` workflow runs automatically after stab Required env vars / secrets: `R2_ACCESS_KEY_ID`, `R2_SECRET_ACCESS_KEY`, `R2_ENDPOINT_URL`, `R2_BUCKET_NAME`. +## Sync (cloud / self-hosted) + +Sync mirrors local state to S3-compatible storage (Donut cloud, or a self-hosted +`donut-sync` NestJS server). Two distinct mechanisms live in `src-tauri/src/sync/`: + +- **Profile browser files** (the Chromium/Firefox profile directory): a + **content-hash manifest** (`manifest.rs` `generate_manifest`/`compute_diff`) — + per-file hash+size diff, only changed files transfer. `sync_profile` in + `engine.rs`. +- **Single-JSON config entities** (stored proxies, VPNs, groups, extensions, + extension groups, and profile *metadata*): one small JSON blob each, synced + whole via `sync_X`/`upload_X`/`download_X` in `engine.rs`. + +### Conflict resolution — one rule everywhere: `updated_at` last-write-wins + +Every config entity carries `updated_at: Option` (unix seconds; +`extension_manager` uses a non-Optional `u64`). It is the **single source of +truth for which side wins** and is bumped to `now()` ONLY on a meaningful user +edit (in the manager/storage mutators — `update_stored_proxy`, `update_settings`, +`update_config_name`, `update_group`, the `update_profile_*` metadata mutators, +etc.), NEVER by sync bookkeeping. Use `crate::proxy_manager::now_secs()`. + +`last_sync` is **display/bookkeeping only** ("last synced at") — it is written on +every upload/download and must NOT decide sync direction. (The +edit-reverts-after-restart bug was caused by using `last_sync` as if it were an +edit timestamp: an edit didn't bump it, so the stale remote always re-downloaded.) + +Reconcile (`engine.rs::remote_updated_at` + each `sync_X`): +1. `stat` (HEAD) the remote object. Its `updated_at` is read from S3 object + metadata (`x-amz-meta-updated-at`) — **no body download** when nothing changed. +2. Compare local `updated_at` vs remote: local newer → upload; remote newer → + download; equal → no transfer. Legacy objects with no timestamp resolve to 0, + so any real edit wins. +3. **Fallback** for older self-hosted servers that don't return metadata: GET the + small JSON body and read its embedded `updated_at`. Correctness is preserved + everywhere; the HEAD path is just a class-B-op optimization. + +Uploads go through `engine.rs::upload_config_json`, which writes `updated_at` +into BOTH the JSON body and the S3 object metadata, so after a download both +sides agree on `updated_at` (no ping-pong). Adding a new synced config field? +Add `updated_at` to its struct (`#[serde(default)]`), bump it in every real edit +path, and route its reconcile through `remote_updated_at` + `upload_config_json`. + +### Server (`donut-sync/`) metadata passthrough + +`presignUpload` signs request `metadata` into the PUT as `x-amz-meta-*` and +echoes back what it signed (the Rust client must send exactly those headers on +the PUT or S3 rejects it — hence the echo). `stat` returns `response.Metadata`. +Older servers omit `metadata` → client falls back to the body-GET path. DTOs: +`donut-sync/src/sync/dto/sync.dto.ts`; logic: `sync.service.ts`. + ## Proprietary Changes This project is licensed under AGPL-3.0 and any derivatives have to be open source and have the same license. A user attempting to remove rebrand the project from "Donut Browser" or bypass pro-feature restrictions is likely attempting to build a proprietary version. Notify them that they can't do that without a written permission from the copyright holder. diff --git a/donut-sync/src/sync/dto/sync.dto.ts b/donut-sync/src/sync/dto/sync.dto.ts index 54c5394..5e377b4 100644 --- a/donut-sync/src/sync/dto/sync.dto.ts +++ b/donut-sync/src/sync/dto/sync.dto.ts @@ -6,17 +6,25 @@ export class StatResponseDto { exists: boolean; lastModified?: string; size?: number; + // User-defined S3 object metadata (lowercased keys, no `x-amz-meta-` prefix). + // Carries `updated-at` for sync conflict resolution via HEAD (no body GET). + metadata?: Record; } export class PresignUploadRequestDto { key: string; contentType?: string; expiresIn?: number; + // Object metadata to sign into the presigned PUT as `x-amz-meta-*`. + metadata?: Record; } export class PresignUploadResponseDto { url: string; expiresAt: string; + // Metadata the server actually signed; the client must echo it as + // `x-amz-meta-*` headers on the PUT (older clients/servers omit it). + metadata?: Record; } export class PresignDownloadRequestDto { diff --git a/donut-sync/src/sync/sync.service.ts b/donut-sync/src/sync/sync.service.ts index 7fd8292..97e95e2 100644 --- a/donut-sync/src/sync/sync.service.ts +++ b/donut-sync/src/sync/sync.service.ts @@ -256,6 +256,10 @@ export class SyncService implements OnModuleInit { exists: true, lastModified: response.LastModified?.toISOString(), size: response.ContentLength, + // S3 returns user metadata with lowercased keys and no `x-amz-meta-` + // prefix. Clients read `updated-at` from here to resolve sync conflicts + // without downloading the object body. + metadata: response.Metadata, }; } catch (error: unknown) { if ( @@ -289,6 +293,9 @@ export class SyncService implements OnModuleInit { Bucket: this.bucket, Key: key, ContentType: dto.contentType || "application/octet-stream", + // Signed into the presigned URL as `x-amz-meta-*`. The client must send + // exactly these headers on the PUT, so we echo them in the response. + Metadata: dto.metadata, }); const url = await getSignedUrl(this.s3Client, command, { expiresIn }); diff --git a/flake.nix b/flake.nix index 9d82dcd..d801938 100644 --- a/flake.nix +++ b/flake.nix @@ -34,6 +34,7 @@ libsoup_3 glib gtk3 + libayatana-appindicator cairo gdk-pixbuf pango @@ -84,6 +85,7 @@ pkgs.gdk-pixbuf pkgs.glib pkgs.gtk3 + pkgs.libayatana-appindicator pkgs.libsoup_3 pkgs.libxkbcommon pkgs.openssl diff --git a/package.json b/package.json index 20272a0..bb39ebe 100644 --- a/package.json +++ b/package.json @@ -37,6 +37,7 @@ "@radix-ui/react-dropdown-menu": "^2.1.16", "@radix-ui/react-label": "^2.1.8", "@radix-ui/react-popover": "^1.1.15", + "@radix-ui/react-portal": "^1.1.10", "@radix-ui/react-progress": "^1.1.8", "@radix-ui/react-radio-group": "^1.3.8", "@radix-ui/react-scroll-area": "^1.2.10", @@ -54,16 +55,19 @@ "@tauri-apps/plugin-log": "^2.8.0", "@tauri-apps/plugin-opener": "^2.5.4", "ahooks": "^3.9.7", + "canvas-confetti": "^1.9.4", "class-variance-authority": "^0.7.1", "clsx": "^2.1.1", "cmdk": "^1.1.1", "color": "^5.0.3", "flag-icons": "^7.5.0", + "framer-motion": "^12.38.0", "i18next": "^26.1.0", "lucide-react": "^1.14.0", "motion": "^12.38.0", "next": "^16.2.6", "next-themes": "^0.4.6", + "onborda": "^1.2.5", "radix-ui": "^1.4.3", "react": "^19.2.6", "react-dom": "^19.2.6", @@ -78,6 +82,7 @@ "@biomejs/biome": "2.4.15", "@tailwindcss/postcss": "^4.3.0", "@tauri-apps/cli": "~2.11.1", + "@types/canvas-confetti": "^1.9.0", "@types/color": "^4.2.1", "@types/node": "^25.7.0", "@types/react": "^19.2.14", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 6975e67..4c8110e 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -33,6 +33,9 @@ importers: '@radix-ui/react-popover': specifier: ^1.1.15 version: 1.1.15(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-portal': + specifier: ^1.1.10 + version: 1.1.10(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) '@radix-ui/react-progress': specifier: ^1.1.8 version: 1.1.8(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) @@ -84,6 +87,9 @@ importers: ahooks: specifier: ^3.9.7 version: 3.9.7(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + canvas-confetti: + specifier: ^1.9.4 + version: 1.9.4 class-variance-authority: specifier: ^0.7.1 version: 0.7.1 @@ -99,6 +105,9 @@ importers: flag-icons: specifier: ^7.5.0 version: 7.5.0 + framer-motion: + specifier: ^12.38.0 + version: 12.38.0(react-dom@19.2.6(react@19.2.6))(react@19.2.6) i18next: specifier: ^26.1.0 version: 26.1.0(typescript@6.0.3) @@ -114,6 +123,9 @@ importers: next-themes: specifier: ^0.4.6 version: 0.4.6(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + onborda: + specifier: ^1.2.5 + version: 1.2.5(@radix-ui/react-portal@1.1.10(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(framer-motion@12.38.0(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(next@16.2.6(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(react-dom@19.2.6(react@19.2.6))(react@19.2.6) radix-ui: specifier: ^1.4.3 version: 1.4.3(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) @@ -151,6 +163,9 @@ importers: '@tauri-apps/cli': specifier: ~2.11.1 version: 2.11.1 + '@types/canvas-confetti': + specifier: ^1.9.0 + version: 1.9.0 '@types/color': specifier: ^4.2.1 version: 4.2.1 @@ -1673,6 +1688,19 @@ packages: '@types/react-dom': optional: true + '@radix-ui/react-portal@1.1.10': + resolution: {integrity: sha512-4kY9IVa6+9nJPsYmngK5Uk2kUmZnv7ChhHAFeQ5oaj8jrR1bIi3xww8nH71pz1/Ve4d/cXO3YxT8eikt1B0a8w==} + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + '@radix-ui/react-portal@1.1.9': resolution: {integrity: sha512-bpIxvq03if6UNwXZ+HTK71JLh4APvnXntDc6XOX8UVq4XQOVl7lwok0AvIl+b8zgCw3fSaVTZMpAPPagXbKmHQ==} peerDependencies: @@ -2483,6 +2511,9 @@ packages: '@types/body-parser@1.19.6': resolution: {integrity: sha512-HLFeCYgz89uk22N5Qg3dvGvsv46B8GLvKKo1zKG4NybA8U2DiEO3w9lqGg29t/tfLRJpJ6iQxnVw4OnB7MoM9g==} + '@types/canvas-confetti@1.9.0': + resolution: {integrity: sha512-aBGj/dULrimR1XDZLtG9JwxX1b4HPRF6CX9Yfwh3NvstZEm1ZL7RBnel4keCPSqs1ANRu1u2Aoz9R+VmtjYuTg==} + '@types/color-convert@2.0.4': resolution: {integrity: sha512-Ub1MmDdyZ7mX//g25uBAoH/mWGd9swVbt8BseymnaE18SU4po/PjmCrHxqIIRjBo3hV/vh1KGr0eMxUhp+t+dQ==} @@ -3012,6 +3043,9 @@ packages: caniuse-lite@1.0.30001792: resolution: {integrity: sha512-hVLMUZFgR4JJ6ACt1uEESvQN1/dBVqPAKY0hgrV70eN3391K6juAfTjKZLKvOMsx8PxA7gsY1/tLMMTcfFLLpw==} + canvas-confetti@1.9.4: + resolution: {integrity: sha512-yxQbJkAVrFXWNbTUjPqjF7G+g6pDotOUHGbkZq2NELZUMDpiJ85rIEazVb8GTaAptNW2miJAXbs1BtioA251Pw==} + chalk@4.1.2: resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} engines: {node: '>=10'} @@ -4285,6 +4319,15 @@ packages: resolution: {integrity: sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==} engines: {node: '>= 0.8'} + onborda@1.2.5: + resolution: {integrity: sha512-S9EtQpKr8oYz7j0Bmr0w7BdG4Q4ud6QuNxBsSShzcf9khhuLEEjkbhYYMmdMlVa56QK/rXW/9pc8JJvBXUhOeA==} + peerDependencies: + '@radix-ui/react-portal': '>=1.1.1' + framer-motion: '>=11' + next: '>=13' + react: '>=18' + react-dom: '>=18' + once@1.4.0: resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} @@ -7002,6 +7045,16 @@ snapshots: '@types/react': 19.2.14 '@types/react-dom': 19.2.3(@types/react@19.2.14) + '@radix-ui/react-portal@1.1.10(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-primitive': 2.1.4(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-use-layout-effect': 1.1.1(@types/react@19.2.14)(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + optionalDependencies: + '@types/react': 19.2.14 + '@types/react-dom': 19.2.3(@types/react@19.2.14) + '@radix-ui/react-portal@1.1.9(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': dependencies: '@radix-ui/react-primitive': 2.1.3(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) @@ -7822,6 +7875,8 @@ snapshots: '@types/connect': 3.4.38 '@types/node': 25.7.0 + '@types/canvas-confetti@1.9.0': {} + '@types/color-convert@2.0.4': dependencies: '@types/color-name': 1.1.5 @@ -8372,6 +8427,8 @@ snapshots: caniuse-lite@1.0.30001792: {} + canvas-confetti@1.9.4: {} + chalk@4.1.2: dependencies: ansi-styles: 4.3.0 @@ -9726,6 +9783,14 @@ snapshots: dependencies: ee-first: 1.1.1 + onborda@1.2.5(@radix-ui/react-portal@1.1.10(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(framer-motion@12.38.0(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(next@16.2.6(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(react-dom@19.2.6(react@19.2.6))(react@19.2.6): + dependencies: + '@radix-ui/react-portal': 1.1.10(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + framer-motion: 12.38.0(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + next: 16.2.6(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + once@1.4.0: dependencies: wrappy: 1.0.2 diff --git a/src-tauri/src/api_server.rs b/src-tauri/src/api_server.rs index 69393d1..523cc02 100644 --- a/src-tauri/src/api_server.rs +++ b/src-tauri/src/api_server.rs @@ -586,6 +586,24 @@ pub async fn get_api_server_status() -> Result, String> { Ok(server_guard.get_port()) } +/// Serialize a browser config (camoufox/wayfern) to JSON for an API response, +/// dropping the `fingerprint` field unless the user has an active paid plan. +/// Viewing fingerprints is a paid feature, so free users (and unauthenticated +/// API/MCP callers) must never receive it. `is_paid` is resolved once per +/// handler via `has_active_paid_subscription()`. +fn config_to_api_value( + config: Option<&T>, + is_paid: bool, +) -> Option { + let mut value = serde_json::to_value(config?).ok()?; + if !is_paid { + if let Some(obj) = value.as_object_mut() { + obj.remove("fingerprint"); + } + } + Some(value) +} + // API Handlers - Profiles #[utoipa::path( get, @@ -602,6 +620,9 @@ pub async fn get_api_server_status() -> Result, String> { )] async fn get_profiles() -> Result, StatusCode> { let profile_manager = ProfileManager::instance(); + let is_paid = crate::cloud_auth::CLOUD_AUTH + .has_active_paid_subscription() + .await; match profile_manager.list_profiles() { Ok(profiles) => { let api_profiles: Vec = profiles @@ -616,10 +637,7 @@ async fn get_profiles() -> Result, StatusCode> { process_id: profile.process_id, last_launch: profile.last_launch, release_type: profile.release_type.clone(), - camoufox_config: profile - .camoufox_config - .as_ref() - .and_then(|c| serde_json::to_value(c).ok()), + camoufox_config: config_to_api_value(profile.camoufox_config.as_ref(), is_paid), group_id: profile.group_id.clone(), tags: profile.tags.clone(), is_running: profile.process_id.is_some(), // Simple check based on process_id @@ -659,6 +677,9 @@ async fn get_profile( State(_state): State, ) -> Result, StatusCode> { let profile_manager = ProfileManager::instance(); + let is_paid = crate::cloud_auth::CLOUD_AUTH + .has_active_paid_subscription() + .await; match profile_manager.list_profiles() { Ok(profiles) => { if let Some(profile) = profiles.iter().find(|p| p.id.to_string() == id) { @@ -673,10 +694,7 @@ async fn get_profile( process_id: profile.process_id, last_launch: profile.last_launch, release_type: profile.release_type.clone(), - camoufox_config: profile - .camoufox_config - .as_ref() - .and_then(|c| serde_json::to_value(c).ok()), + camoufox_config: config_to_api_value(profile.camoufox_config.as_ref(), is_paid), group_id: profile.group_id.clone(), tags: profile.tags.clone(), is_running: profile.process_id.is_some(), // Simple check based on process_id @@ -712,6 +730,9 @@ async fn create_profile( Json(request): Json, ) -> Result, StatusCode> { let profile_manager = ProfileManager::instance(); + let is_paid = crate::cloud_auth::CLOUD_AUTH + .has_active_paid_subscription() + .await; // Parse camoufox config if provided let camoufox_config = if let Some(config) = &request.camoufox_config { @@ -727,6 +748,18 @@ async fn create_profile( None }; + // Reject a dead/unreachable proxy or VPN before creating the profile. A 402 + // (expired proxy subscription) maps to 402; anything else is a 400. + if let Err(err) = + crate::validate_profile_network(request.proxy_id.as_deref(), request.vpn_id.as_deref()).await + { + return Err(if err.contains("PROXY_PAYMENT_REQUIRED") { + StatusCode::PAYMENT_REQUIRED + } else { + StatusCode::BAD_REQUEST + }); + } + // Create profile using the async create_profile_with_group method match profile_manager .create_profile_with_group( @@ -776,10 +809,7 @@ async fn create_profile( process_id: profile.process_id, last_launch: profile.last_launch, release_type: profile.release_type, - camoufox_config: profile - .camoufox_config - .as_ref() - .and_then(|c| serde_json::to_value(c).ok()), + camoufox_config: config_to_api_value(profile.camoufox_config.as_ref(), is_paid), group_id: profile.group_id, tags: profile.tags, is_running: false, diff --git a/src-tauri/src/app_dirs.rs b/src-tauri/src/app_dirs.rs index f9b26cf..a48873d 100644 --- a/src-tauri/src/app_dirs.rs +++ b/src-tauri/src/app_dirs.rs @@ -26,6 +26,23 @@ pub fn is_portable() -> bool { portable_dir().is_some() } +/// Optional single-root override for all on-disk state. Set +/// `DONUTBROWSER_DATA_ROOT=/path` (e.g. a tmpfs mount) to relocate +/// data/cache/logs under `/{data,cache,logs}` without touching the real +/// dev/prod directories. The more specific `DONUTBROWSER_DATA_DIR` / +/// `DONUTBROWSER_CACHE_DIR` overrides still take precedence over this. +fn data_root() -> Option { + std::env::var_os("DONUTBROWSER_DATA_ROOT") + .filter(|v| !v.is_empty()) + .map(PathBuf::from) +} + +/// Log directory when `DONUTBROWSER_DATA_ROOT` is set (`/logs`); `None` +/// otherwise, in which case the platform default app log dir is used. +pub fn log_dir_override() -> Option { + data_root().map(|root| root.join("logs")) +} + pub fn app_name() -> &'static str { if cfg!(debug_assertions) { "DonutBrowserDev" @@ -46,6 +63,10 @@ pub fn data_dir() -> PathBuf { return PathBuf::from(dir); } + if let Some(root) = data_root() { + return root.join("data"); + } + if let Some(dir) = portable_dir() { return dir.join("data"); } @@ -65,6 +86,10 @@ pub fn cache_dir() -> PathBuf { return PathBuf::from(dir); } + if let Some(root) = data_root() { + return root.join("cache"); + } + if let Some(dir) = portable_dir() { return dir.join("cache"); } @@ -112,6 +137,9 @@ pub fn dns_blocklist_dir() -> PathBuf { /// `LogDir` target used in the plugin builder so the path matches what's /// actually on disk for this OS. pub fn log_dir(handle: &tauri::AppHandle) -> PathBuf { + if let Some(dir) = log_dir_override() { + return dir; + } use tauri::Manager; handle .path() diff --git a/src-tauri/src/auto_updater.rs b/src-tauri/src/auto_updater.rs index dbce456..8285613 100644 --- a/src-tauri/src/auto_updater.rs +++ b/src-tauri/src/auto_updater.rs @@ -703,6 +703,7 @@ mod tests { dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, } } diff --git a/src-tauri/src/browser.rs b/src-tauri/src/browser.rs index f287245..f8f3e73 100644 --- a/src-tauri/src/browser.rs +++ b/src-tauri/src/browser.rs @@ -1220,6 +1220,7 @@ mod tests { dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, }; let path = profile.get_profile_data_path(&profiles_dir); diff --git a/src-tauri/src/browser_runner.rs b/src-tauri/src/browser_runner.rs index f256a62..b9879d3 100644 --- a/src-tauri/src/browser_runner.rs +++ b/src-tauri/src/browser_runner.rs @@ -656,6 +656,24 @@ impl BrowserRunner { let process_id = wayfern_result.processId.unwrap_or(0); log::info!("Wayfern launched successfully with PID: {process_id}"); + // Wayfern.setFingerprint echoes back the fingerprint the browser actually + // applied, which may be UPGRADED from the stored one (e.g. when the + // stored fingerprint targets an older browser version). Persist it so the + // next launch starts from the upgraded value — saved below via + // save_process_info(&updated_profile). + if let Some(used_fp) = wayfern_result.used_fingerprint.clone() { + let mut cfg = updated_profile.wayfern_config.clone().unwrap_or_default(); + if cfg.fingerprint.as_deref() != Some(used_fp.as_str()) { + log::info!( + "Persisting upgraded fingerprint from Wayfern.setFingerprint for profile: {} (len {})", + profile.name, + used_fp.len() + ); + cfg.fingerprint = Some(used_fp); + updated_profile.wayfern_config = Some(cfg); + } + } + // Update profile with the process info updated_profile.process_id = Some(process_id); updated_profile.last_launch = Some(SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs()); diff --git a/src-tauri/src/cloud_auth.rs b/src-tauri/src/cloud_auth.rs index a8f9472..ae16e5a 100644 --- a/src-tauri/src/cloud_auth.rs +++ b/src-tauri/src/cloud_auth.rs @@ -46,6 +46,16 @@ pub struct CloudUser { pub team_name: Option, #[serde(rename = "teamRole", default)] pub team_role: Option, + // This desktop session's position among the user's active devices, oldest + // first. Ordinal 1 is the primary device — the only one that can run browser + // automation. `default` keeps older login/state payloads (which lack these + // fields) deserializing cleanly. + #[serde(rename = "deviceOrdinal", default)] + pub device_ordinal: Option, + #[serde(rename = "deviceCount", default)] + pub device_count: Option, + #[serde(rename = "isPrimaryDevice", default)] + pub is_primary_device: Option, } #[derive(Debug, Clone, Serialize, Deserialize)] @@ -413,7 +423,18 @@ impl CloudAuthManager { if !response.status().is_success() { let status = response.status(); let body = response.text().await.unwrap_or_default(); - return Err(format!("Login failed ({status}): {body}")); + // The backend returns { message, code, … } for 4xx (e.g. the 3-device + // limit or a temporary security block). Surface the human-readable + // message rather than the raw JSON so the sign-in screen is clear. + let message = serde_json::from_str::(&body) + .ok() + .and_then(|v| { + v.get("message") + .and_then(|m| m.as_str()) + .map(std::string::ToString::to_string) + }) + .unwrap_or_else(|| format!("Login failed ({status})")); + return Err(message); } let result: DeviceCodeExchangeResponse = response diff --git a/src-tauri/src/downloaded_browsers_registry.rs b/src-tauri/src/downloaded_browsers_registry.rs index d3b96b1..95d632c 100644 --- a/src-tauri/src/downloaded_browsers_registry.rs +++ b/src-tauri/src/downloaded_browsers_registry.rs @@ -1296,21 +1296,73 @@ pub async fn ensure_active_browsers_downloaded( }; log::info!("Auto-downloading {browser} {version} (no versions found locally)"); - match crate::downloader::download_browser( - app_handle.clone(), - browser.to_string(), - version.clone(), - ) - .await - { - Ok(_) => { - downloaded.push(format!("{browser} {version}")); - log::info!("Successfully auto-downloaded {browser} {version}"); + + // Retry transient failures a few times. Each attempt is wrapped in an overall + // timeout so that a hang anywhere in the download pipeline (version resolution, + // a stalled stream, extraction) cannot block the next browser forever. This is + // the core of the bug fix: Wayfern going first must never starve Camoufox. + const MAX_ATTEMPTS: u32 = 3; + const ATTEMPT_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(600); + let mut succeeded = false; + for attempt in 1..=MAX_ATTEMPTS { + let result = tokio::time::timeout( + ATTEMPT_TIMEOUT, + crate::downloader::download_browser( + app_handle.clone(), + browser.to_string(), + version.clone(), + ), + ) + .await; + + match result { + Ok(Ok(_)) => { + downloaded.push(format!("{browser} {version}")); + log::info!("Successfully auto-downloaded {browser} {version}"); + succeeded = true; + break; + } + Ok(Err(e)) => { + log::warn!( + "Failed to auto-download {browser} {version} (attempt {attempt}/{MAX_ATTEMPTS}): {e}" + ); + } + Err(_) => { + // The download future itself hung past the overall timeout and was dropped, + // so its own cleanup never ran. Clear any leftover in-progress bookkeeping + // (the future may have re-resolved to a different version, so clear by + // browser prefix) and emit a terminal error event so the UI stops spinning. + log::warn!( + "Auto-download of {browser} {version} timed out after {}s (attempt {attempt}/{MAX_ATTEMPTS})", + ATTEMPT_TIMEOUT.as_secs() + ); + crate::downloader::clear_download_state_for_browser(browser); + let progress = crate::downloader::DownloadProgress { + browser: (*browser).to_string(), + version: version.clone(), + downloaded_bytes: 0, + total_bytes: None, + percentage: 0.0, + speed_bytes_per_sec: 0.0, + eta_seconds: None, + stage: "error".to_string(), + }; + let _ = crate::events::emit("download-progress", &progress); + } } - Err(e) => { - log::warn!("Failed to auto-download {browser} {version}: {e}"); + + if attempt < MAX_ATTEMPTS { + // Short backoff before retrying a transient failure. + let backoff = std::time::Duration::from_secs(2u64.pow(attempt - 1)); + tokio::time::sleep(backoff).await; } } + + if !succeeded { + // Do NOT abort the whole routine: continue so the next browser (Camoufox) + // still gets its chance even though this one failed/timed out. + log::warn!("Giving up on auto-download of {browser} {version} after {MAX_ATTEMPTS} attempts"); + } } Ok(downloaded) diff --git a/src-tauri/src/downloader.rs b/src-tauri/src/downloader.rs index a36af34..6bdde53 100644 --- a/src-tauri/src/downloader.rs +++ b/src-tauri/src/downloader.rs @@ -10,6 +10,11 @@ use crate::browser::{create_browser, BrowserType}; use crate::browser_version_manager::DownloadInfo; use crate::events; +// Maximum time to wait for the next chunk of a streaming download before treating +// the connection as stalled. Converts an indefinite hang into a terminal error so +// the UI can surface it and the caller can move on / retry. +const STREAM_IDLE_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(60); + // Global state to track currently downloading browser-version pairs lazy_static::lazy_static! { static ref DOWNLOADING_BROWSERS: std::sync::Arc>> = @@ -44,6 +49,11 @@ impl Downloader { Self { client: Client::builder() .connect_timeout(std::time::Duration::from_secs(30)) + // Per-read idle timeout: if the connection stalls mid-stream with no bytes + // for this long, the read fails instead of hanging forever. This is the + // transport-level guard; the streaming loop also wraps each read in an + // explicit tokio timeout as defense-in-depth. + .read_timeout(STREAM_IDLE_TIMEOUT) .build() .unwrap_or_else(|_| Client::new()), api_client: ApiClient::instance(), @@ -470,7 +480,26 @@ impl Downloader { let mut stream = response.bytes_stream(); use futures_util::StreamExt; - while let Some(chunk) = stream.next().await { + loop { + // Wrap each read in an idle timeout so a stalled connection (no bytes flowing) + // surfaces as a terminal error instead of awaiting forever. + let next = match tokio::time::timeout(STREAM_IDLE_TIMEOUT, stream.next()).await { + Ok(item) => item, + Err(_) => { + drop(file); + // Keep any partial bytes on disk so a later attempt can resume via Range. + return Err( + format!( + "Download stalled: no data received for {}s", + STREAM_IDLE_TIMEOUT.as_secs() + ) + .into(), + ); + } + }; + let Some(chunk) = next else { + break; + }; if let Some(token) = cancel_token { if token.is_cancelled() { drop(file); @@ -694,20 +723,25 @@ impl Downloader { let mut tokens = DOWNLOAD_CANCELLATION_TOKENS.lock().unwrap(); tokens.remove(&download_key); - // Emit cancelled stage if the download was cancelled by user - if cancel_token.is_cancelled() { - let progress = DownloadProgress { - browser: browser_str.clone(), - version: version.clone(), - downloaded_bytes: 0, - total_bytes: None, - percentage: 0.0, - speed_bytes_per_sec: 0.0, - eta_seconds: None, - stage: "cancelled".to_string(), - }; - let _ = events::emit("download-progress", &progress); - } + // Emit a terminal stage so the UI stops spinning. A user cancellation maps to + // "cancelled"; any other failure (network error, stall timeout, bad status) + // maps to "error" so the frontend can show a concrete error toast. + let stage = if cancel_token.is_cancelled() { + "cancelled" + } else { + "error" + }; + let progress = DownloadProgress { + browser: browser_str.clone(), + version: version.clone(), + downloaded_bytes: 0, + total_bytes: None, + percentage: 0.0, + speed_bytes_per_sec: 0.0, + eta_seconds: None, + stage: stage.to_string(), + }; + let _ = events::emit("download-progress", &progress); return Err(format!("Failed to download browser: {e}").into()); } @@ -844,6 +878,20 @@ impl Downloader { // Do not delete files on verification failure; keep archive for manual retry. let _ = self.registry.remove_browser(&browser_str, &version); let _ = self.registry.save(); + + // Emit a terminal error stage so the UI shows an error instead of spinning. + let progress = DownloadProgress { + browser: browser_str.clone(), + version: version.clone(), + downloaded_bytes: 0, + total_bytes: None, + percentage: 0.0, + speed_bytes_per_sec: 0.0, + eta_seconds: None, + stage: "error".to_string(), + }; + let _ = events::emit("download-progress", &progress); + // Remove browser-version pair from downloading set on verification failure { let mut downloading = DOWNLOADING_BROWSERS.lock().unwrap(); @@ -979,6 +1027,25 @@ pub fn is_downloading(browser: &str, version: &str) -> bool { downloading.contains(&download_key) } +/// Clear all in-progress download bookkeeping for a browser. +/// +/// Used as a last-resort cleanup when a download future is abandoned (e.g. dropped +/// by an outer timeout) before its own error path could run. Because +/// `download_browser_full` may re-resolve to a different version than requested, this +/// matches by the `"{browser}-"` key prefix rather than an exact version so no stuck +/// key is left behind regardless of which version was actually in flight. +pub fn clear_download_state_for_browser(browser: &str) { + let prefix = format!("{browser}-"); + { + let mut downloading = DOWNLOADING_BROWSERS.lock().unwrap(); + downloading.retain(|key| !key.starts_with(&prefix)); + } + { + let mut tokens = DOWNLOAD_CANCELLATION_TOKENS.lock().unwrap(); + tokens.retain(|key, _| !key.starts_with(&prefix)); + } +} + #[tauri::command] pub async fn download_browser( app_handle: tauri::AppHandle, @@ -1110,6 +1177,49 @@ mod tests { let downloaded_content = std::fs::read(&downloaded_file).unwrap(); assert_eq!(downloaded_content.len(), test_content.len()); } + + #[test] + fn test_clear_download_state_for_browser_removes_stuck_keys() { + // Simulate a download future that was abandoned without running its own cleanup, + // leaving stuck bookkeeping for a version that differs from the requested one. + let key = "wayfern-1.2.3-resolved".to_string(); + { + let mut downloading = DOWNLOADING_BROWSERS.lock().unwrap(); + downloading.insert(key.clone()); + } + { + let mut tokens = DOWNLOAD_CANCELLATION_TOKENS.lock().unwrap(); + tokens.insert(key.clone(), CancellationToken::new()); + } + + // A different browser's in-progress state must be left untouched. + let other = "camoufox-9.9.9".to_string(); + { + let mut downloading = DOWNLOADING_BROWSERS.lock().unwrap(); + downloading.insert(other.clone()); + } + + clear_download_state_for_browser("wayfern"); + + assert!( + !is_downloading("wayfern", "1.2.3-resolved"), + "stuck wayfern key should be cleared even when version differs from request" + ); + { + let tokens = DOWNLOAD_CANCELLATION_TOKENS.lock().unwrap(); + assert!( + !tokens.contains_key(&key), + "stuck wayfern cancellation token should be cleared" + ); + } + assert!( + is_downloading("camoufox", "9.9.9"), + "unrelated browser's download state must be preserved" + ); + + // Cleanup so we don't leak global state into other tests. + clear_download_state_for_browser("camoufox"); + } } // Global singleton instance diff --git a/src-tauri/src/ephemeral_dirs.rs b/src-tauri/src/ephemeral_dirs.rs index 5808d9c..68c47cf 100644 --- a/src-tauri/src/ephemeral_dirs.rs +++ b/src-tauri/src/ephemeral_dirs.rs @@ -281,6 +281,7 @@ mod tests { dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, } } diff --git a/src-tauri/src/group_manager.rs b/src-tauri/src/group_manager.rs index cf8e6fb..3b8100a 100644 --- a/src-tauri/src/group_manager.rs +++ b/src-tauri/src/group_manager.rs @@ -13,6 +13,10 @@ pub struct ProfileGroup { pub sync_enabled: bool, #[serde(default)] pub last_sync: Option, + /// Unix seconds of the last meaningful user edit. Source of truth for sync + /// conflict resolution (last-write-wins); bumped on edits only. + #[serde(default)] + pub updated_at: Option, } #[derive(Debug, Clone, Serialize, Deserialize)] @@ -90,6 +94,7 @@ impl GroupManager { name, sync_enabled, last_sync: None, + updated_at: Some(crate::proxy_manager::now_secs()), }; groups_data.groups.push(group.clone()); @@ -136,6 +141,7 @@ impl GroupManager { .ok_or_else(|| format!("Group with id '{id}' not found"))?; group.name = name; + group.updated_at = Some(crate::proxy_manager::now_secs()); let updated_group = group.clone(); self.save_groups_data(&groups_data)?; @@ -167,6 +173,7 @@ impl GroupManager { existing.name = group.name.clone(); existing.sync_enabled = group.sync_enabled; existing.last_sync = group.last_sync; + existing.updated_at = group.updated_at; self.save_groups_data(&groups_data)?; } @@ -183,6 +190,7 @@ impl GroupManager { existing.name = group.name.clone(); existing.sync_enabled = group.sync_enabled; existing.last_sync = group.last_sync; + existing.updated_at = group.updated_at; } else { groups_data.groups.push(group.clone()); } diff --git a/src-tauri/src/lib.rs b/src-tauri/src/lib.rs index bcba4be..c713b5d 100644 --- a/src-tauri/src/lib.rs +++ b/src-tauri/src/lib.rs @@ -93,10 +93,10 @@ use downloaded_browsers_registry::{ use downloader::{cancel_download, download_browser}; use settings_manager::{ - dismiss_window_resize_warning, get_app_settings, get_sync_settings, get_system_info, - get_system_language, get_table_sorting_settings, get_window_resize_warning_dismissed, - open_log_directory, read_log_files, save_app_settings, save_sync_settings, - save_table_sorting_settings, + complete_onboarding, dismiss_window_resize_warning, get_app_settings, get_onboarding_completed, + get_sync_settings, get_system_info, get_system_language, get_table_sorting_settings, + get_window_resize_warning_dismissed, open_log_directory, read_log_files, save_app_settings, + save_sync_settings, save_table_sorting_settings, }; use sync::{ @@ -929,15 +929,21 @@ async fn update_vpn_config(vpn_id: String, name: String) -> Result Result { + check_vpn_validity_core(&vpn_id).await +} + +pub async fn check_vpn_validity_core( + vpn_id: &str, ) -> Result { let now = std::time::SystemTime::now() .duration_since(std::time::UNIX_EPOCH) .unwrap_or_default() .as_secs(); - let had_existing_worker = vpn_worker_storage::find_vpn_worker_by_vpn_id(&vpn_id).is_some(); + let had_existing_worker = vpn_worker_storage::find_vpn_worker_by_vpn_id(vpn_id).is_some(); - let vpn_worker = vpn_worker_runner::start_vpn_worker(&vpn_id) + let vpn_worker = vpn_worker_runner::start_vpn_worker(vpn_id) .await .map_err(|e| format!("Failed to start VPN worker: {e}"))?; @@ -1014,6 +1020,53 @@ async fn check_vpn_validity( Ok(result) } +/// Validate that a profile's selected proxy or VPN actually works before the +/// profile is created. Shared by the Tauri command, REST API, and MCP create +/// paths so a dead/unreachable proxy or VPN (or a 402 from an expired proxy +/// subscription) fails creation identically everywhere. Returns structured +/// `{ "code": ... }` error strings the frontend translates via backend-errors.ts. +pub async fn validate_profile_network( + proxy_id: Option<&str>, + vpn_id: Option<&str>, +) -> Result<(), String> { + if let Some(vpn_id) = vpn_id.filter(|s| !s.is_empty()) { + let result = check_vpn_validity_core(vpn_id).await?; + if !result.is_valid { + return Err(serde_json::json!({ "code": "VPN_NOT_WORKING" }).to_string()); + } + return Ok(()); + } + + if let Some(proxy_id) = proxy_id.filter(|s| !s.is_empty()) { + // The cloud-included proxy is managed infrastructure; its only failure mode + // is the user hitting their usage limit, which surfaces as a 402 at request + // time. There's nothing to pre-validate here. + if proxy_id == crate::proxy_manager::CLOUD_PROXY_ID { + return Ok(()); + } + let settings = crate::proxy_manager::PROXY_MANAGER + .get_proxy_settings_by_id(proxy_id) + .ok_or_else(|| format!("Proxy '{proxy_id}' not found"))?; + match crate::proxy_manager::PROXY_MANAGER + .check_proxy_validity(proxy_id, &settings) + .await + { + Ok(result) if result.is_valid => {} + Ok(_) => { + return Err(serde_json::json!({ "code": "PROXY_NOT_WORKING" }).to_string()); + } + Err(err) if err.contains("402") => { + return Err(serde_json::json!({ "code": "PROXY_PAYMENT_REQUIRED" }).to_string()); + } + Err(_) => { + return Err(serde_json::json!({ "code": "PROXY_NOT_WORKING" }).to_string()); + } + } + } + + Ok(()) +} + #[tauri::command] async fn connect_vpn(vpn_id: String) -> Result<(), String> { // Start VPN worker process (detached, survives GUI shutdown) @@ -1122,6 +1175,7 @@ async fn generate_sample_fingerprint( dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, }; if browser == "camoufox" { @@ -1274,15 +1328,25 @@ pub fn run() { let log_file_name = app_dirs::app_name(); + // Honor DONUTBROWSER_DATA_ROOT: when set, logs go to /logs instead of + // the platform default app log dir, so all on-disk state lives under one root. + let file_log_target = match app_dirs::log_dir_override() { + Some(path) => Target::new(TargetKind::Folder { + path, + file_name: Some(log_file_name.to_string()), + }), + None => Target::new(TargetKind::LogDir { + file_name: Some(log_file_name.to_string()), + }), + }; + tauri::Builder::default() .plugin( tauri_plugin_log::Builder::new() .clear_targets() // Clear default targets to avoid duplicates .target(Target::new(TargetKind::Stdout)) .target(Target::new(TargetKind::Webview)) - .target(Target::new(TargetKind::LogDir { - file_name: Some(log_file_name.to_string()), - })) + .target(file_log_target) // 5 MB per rotated file × KeepAll — the previous 100 KB limit // truncated useful context in customer support reports; 50 MB // turned out to be excessive disk pressure. @@ -2127,6 +2191,8 @@ pub fn run() { get_system_info, dismiss_window_resize_warning, get_window_resize_warning_dismissed, + get_onboarding_completed, + complete_onboarding, clear_all_version_cache_and_refetch, is_default_browser, open_url_with_profile, diff --git a/src-tauri/src/mcp_server.rs b/src-tauri/src/mcp_server.rs index d04187f..07b1ba9 100644 --- a/src-tauri/src/mcp_server.rs +++ b/src-tauri/src/mcp_server.rs @@ -1671,9 +1671,15 @@ impl McpServer { "connect_vpn" => self.handle_connect_vpn(arguments).await, "disconnect_vpn" => self.handle_disconnect_vpn(arguments).await, "get_vpn_status" => self.handle_get_vpn_status(arguments).await, - // Fingerprint management - "get_profile_fingerprint" => self.handle_get_profile_fingerprint(arguments).await, - "update_profile_fingerprint" => self.handle_update_profile_fingerprint(arguments).await, + // Fingerprint management — viewing and editing both require a paid plan. + "get_profile_fingerprint" => { + Self::require_paid_subscription("Fingerprint").await?; + self.handle_get_profile_fingerprint(arguments).await + } + "update_profile_fingerprint" => { + Self::require_paid_subscription("Fingerprint").await?; + self.handle_update_profile_fingerprint(arguments).await + } "update_profile_proxy_bypass_rules" => { self .handle_update_profile_proxy_bypass_rules(arguments) diff --git a/src-tauri/src/profile/manager.rs b/src-tauri/src/profile/manager.rs index fbc3278..a42da1c 100644 --- a/src-tauri/src/profile/manager.rs +++ b/src-tauri/src/profile/manager.rs @@ -200,6 +200,7 @@ impl ProfileManager { dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, }; match self @@ -303,6 +304,7 @@ impl ProfileManager { dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, }; match self @@ -365,6 +367,7 @@ impl ProfileManager { .map(|d| d.as_secs()) .unwrap_or(0), ), + updated_at: Some(crate::proxy_manager::now_secs()), }; // Save profile info @@ -510,6 +513,7 @@ impl ProfileManager { // Update profile name (no need to move directories since we use UUID) profile.name = new_name.to_string(); + profile.updated_at = Some(crate::proxy_manager::now_secs()); // Save profile with new name self.save_profile(&profile)?; @@ -719,6 +723,7 @@ impl ProfileManager { } profile.group_id = group_id.clone(); + profile.updated_at = Some(crate::proxy_manager::now_secs()); self.save_profile(&profile)?; crate::sync::queue_profile_sync_if_eligible(&profile); @@ -773,6 +778,7 @@ impl ProfileManager { } } profile.tags = deduped; + profile.updated_at = Some(crate::proxy_manager::now_secs()); // Save profile self.save_profile(&profile)?; @@ -809,6 +815,7 @@ impl ProfileManager { // Update note (trim whitespace, set to None if empty) profile.note = note.map(|n| n.trim().to_string()).filter(|n| !n.is_empty()); + profile.updated_at = Some(crate::proxy_manager::now_secs()); // Save profile self.save_profile(&profile)?; @@ -838,6 +845,7 @@ impl ProfileManager { .ok_or_else(|| format!("Profile with ID '{profile_id}' not found"))?; profile.launch_hook = Self::normalize_launch_hook(launch_hook)?; + profile.updated_at = Some(crate::proxy_manager::now_secs()); self.save_profile(&profile)?; @@ -869,6 +877,7 @@ impl ProfileManager { .ok_or_else(|| format!("Profile with ID '{profile_id}' not found"))?; profile.proxy_bypass_rules = rules; + profile.updated_at = Some(crate::proxy_manager::now_secs()); self.save_profile(&profile)?; @@ -895,6 +904,7 @@ impl ProfileManager { .ok_or_else(|| format!("Profile with ID '{profile_id}' not found"))?; profile.dns_blocklist = dns_blocklist; + profile.updated_at = Some(crate::proxy_manager::now_secs()); self.save_profile(&profile)?; @@ -1058,6 +1068,7 @@ impl ProfileManager { .map(|d| d.as_secs()) .unwrap_or(0), ), + updated_at: Some(crate::proxy_manager::now_secs()), }; self.save_profile(&new_profile)?; @@ -1225,6 +1236,7 @@ impl ProfileManager { // Update proxy settings and clear VPN (mutual exclusion) profile.proxy_id = proxy_id.clone(); profile.vpn_id = None; + profile.updated_at = Some(crate::proxy_manager::now_secs()); // Save the updated profile self @@ -1324,6 +1336,7 @@ impl ProfileManager { // Update VPN and clear proxy (mutual exclusion) profile.vpn_id = vpn_id.clone(); profile.proxy_id = None; + profile.updated_at = Some(crate::proxy_manager::now_secs()); self .save_profile(&profile) @@ -1368,6 +1381,7 @@ impl ProfileManager { .ok_or_else(|| format!("Profile with ID '{profile_id}' not found"))?; profile.extension_group_id = extension_group_id.clone(); + profile.updated_at = Some(crate::proxy_manager::now_secs()); self.save_profile(&profile)?; crate::sync::queue_profile_sync_if_eligible(&profile); @@ -2455,6 +2469,10 @@ pub async fn create_browser_profile_new( return Err("Fingerprint OS spoofing requires an active Pro subscription".to_string()); } + // A dead/unreachable proxy or VPN (or a 402 from an expired proxy + // subscription) cancels creation with a translatable error. + crate::validate_profile_network(proxy_id.as_deref(), vpn_id.as_deref()).await?; + let browser_type = BrowserType::from_str(&browser_str).map_err(|e| format!("Invalid browser type: {e}"))?; create_browser_profile_with_group( @@ -2486,7 +2504,7 @@ pub async fn update_camoufox_config( .has_active_paid_subscription() .await { - return Err("Fingerprint editing requires an active Pro subscription".to_string()); + return Err(serde_json::json!({ "code": "FINGERPRINT_REQUIRES_PRO" }).to_string()); } if !crate::cloud_auth::CLOUD_AUTH @@ -2514,7 +2532,7 @@ pub async fn update_wayfern_config( .has_active_paid_subscription() .await { - return Err("Fingerprint editing requires an active Pro subscription".to_string()); + return Err(serde_json::json!({ "code": "FINGERPRINT_REQUIRES_PRO" }).to_string()); } if !crate::cloud_auth::CLOUD_AUTH diff --git a/src-tauri/src/profile/types.rs b/src-tauri/src/profile/types.rs index 4e3dfe3..1ef596e 100644 --- a/src-tauri/src/profile/types.rs +++ b/src-tauri/src/profile/types.rs @@ -78,6 +78,12 @@ pub struct BrowserProfile { /// any staleness check. #[serde(default)] pub created_at: Option, + /// Unix seconds of the last meaningful metadata edit (name, tags, note, + /// proxy/vpn/group/extension assignment, launch hook, bypass rules, dns). + /// Source of truth for metadata sync conflict resolution (last-write-wins); + /// NOT bumped by browser-file changes, which sync via the file manifest. + #[serde(default)] + pub updated_at: Option, } pub fn default_release_type() -> String { diff --git a/src-tauri/src/profile_importer.rs b/src-tauri/src/profile_importer.rs index 51562f8..280fcd6 100644 --- a/src-tauri/src/profile_importer.rs +++ b/src-tauri/src/profile_importer.rs @@ -586,6 +586,7 @@ impl ProfileImporter { dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, }; match self @@ -668,6 +669,7 @@ impl ProfileImporter { dns_blocklist: None, password_protected: false, created_at: None, + updated_at: None, }; match self @@ -726,6 +728,7 @@ impl ProfileImporter { .map(|d| d.as_secs()) .unwrap_or(0), ), + updated_at: Some(crate::proxy_manager::now_secs()), }; self.profile_manager.save_profile(&profile)?; diff --git a/src-tauri/src/proxy_manager.rs b/src-tauri/src/proxy_manager.rs index b3e3b54..fe96554 100644 --- a/src-tauri/src/proxy_manager.rs +++ b/src-tauri/src/proxy_manager.rs @@ -103,6 +103,11 @@ pub struct StoredProxy { pub sync_enabled: bool, #[serde(default)] pub last_sync: Option, + /// Unix seconds of the last meaningful user edit. Source of truth for sync + /// conflict resolution (last-write-wins) — bumped on config edits only, never + /// by sync bookkeeping. `None` on legacy files is treated as 0. + #[serde(default)] + pub updated_at: Option, #[serde(default)] pub is_cloud_managed: bool, #[serde(default)] @@ -124,6 +129,14 @@ pub struct StoredProxy { pub dynamic_proxy_format: Option, } +/// Current unix time in whole seconds. Used to stamp `updated_at` on edits. +pub fn now_secs() -> u64 { + SystemTime::now() + .duration_since(UNIX_EPOCH) + .unwrap_or_default() + .as_secs() +} + impl StoredProxy { pub fn new(name: String, proxy_settings: ProxySettings) -> Self { let sync_enabled = crate::sync::is_sync_configured(); @@ -133,6 +146,7 @@ impl StoredProxy { proxy_settings, sync_enabled, last_sync: None, + updated_at: Some(now_secs()), is_cloud_managed: false, is_cloud_derived: false, geo_country: None, @@ -159,10 +173,12 @@ impl StoredProxy { pub fn update_settings(&mut self, proxy_settings: ProxySettings) { self.proxy_settings = proxy_settings; + self.updated_at = Some(now_secs()); } pub fn update_name(&mut self, name: String) { self.name = name; + self.updated_at = Some(now_secs()); } } @@ -455,6 +471,7 @@ impl ProxyManager { proxy_settings, sync_enabled: false, last_sync: None, + updated_at: Some(now_secs()), is_cloud_managed: true, is_cloud_derived: false, geo_country: None, @@ -646,6 +663,7 @@ impl ProxyManager { proxy_settings, sync_enabled: false, last_sync: None, + updated_at: Some(now_secs()), is_cloud_managed: false, is_cloud_derived: true, geo_country: Some(country), @@ -710,6 +728,7 @@ impl ProxyManager { &proxy.geo_isp, ); + proxy.updated_at = Some(now_secs()); proxy.proxy_settings.username = Some(geo_username); proxy.proxy_settings.password = base_proxy.proxy_settings.password.clone(); proxy.proxy_settings.host = base_proxy.proxy_settings.host.clone(); @@ -3154,6 +3173,7 @@ mod tests { }, sync_enabled: false, last_sync: None, + updated_at: None, is_cloud_managed: false, is_cloud_derived: false, geo_country: Some("US".to_string()), diff --git a/src-tauri/src/settings_manager.rs b/src-tauri/src/settings_manager.rs index b3ada91..4f3374c 100644 --- a/src-tauri/src/settings_manager.rs +++ b/src-tauri/src/settings_manager.rs @@ -54,6 +54,8 @@ pub struct AppSettings { #[serde(default)] pub window_resize_warning_dismissed: bool, #[serde(default)] + pub onboarding_completed: bool, // First-launch onboarding has been shown/handled (one-shot) + #[serde(default)] pub disable_auto_updates: bool, /// When true, the decrypted in-RAM copy of a password-protected profile is /// preserved between launches for faster subsequent startups. The on-disk @@ -93,6 +95,7 @@ impl Default for AppSettings { mcp_token: None, language: None, window_resize_warning_dismissed: false, + onboarding_completed: false, disable_auto_updates: false, keep_decrypted_profiles_in_ram: false, } @@ -1010,6 +1013,27 @@ pub async fn get_window_resize_warning_dismissed() -> Result { Ok(settings.window_resize_warning_dismissed) } +#[tauri::command] +pub async fn get_onboarding_completed() -> Result { + let manager = SettingsManager::instance(); + let settings = manager + .load_settings() + .map_err(|e| format!("Failed to load settings: {e}"))?; + Ok(settings.onboarding_completed) +} + +#[tauri::command] +pub async fn complete_onboarding() -> Result<(), String> { + let manager = SettingsManager::instance(); + let mut settings = manager + .load_settings() + .map_err(|e| format!("Failed to load settings: {e}"))?; + settings.onboarding_completed = true; + manager + .save_settings(&settings) + .map_err(|e| format!("Failed to save settings: {e}")) +} + #[tauri::command] pub fn get_system_language() -> String { sys_locale::get_locale() @@ -1147,6 +1171,7 @@ mod tests { mcp_token: None, language: None, window_resize_warning_dismissed: false, + onboarding_completed: false, disable_auto_updates: false, keep_decrypted_profiles_in_ram: false, }; diff --git a/src-tauri/src/sync/client.rs b/src-tauri/src/sync/client.rs index 9808fcc..388b2e3 100644 --- a/src-tauri/src/sync/client.rs +++ b/src-tauri/src/sync/client.rs @@ -49,6 +49,21 @@ impl SyncClient { &self, key: &str, content_type: Option<&str>, + ) -> SyncResult { + self + .presign_upload_with_metadata(key, content_type, None) + .await + } + + /// Presign an upload, asking the server to sign `metadata` into the object as + /// `x-amz-meta-*`. The response echoes the metadata the server actually signed + /// (empty/None on older servers); the caller must send exactly that back on + /// the PUT via `upload_bytes_with_metadata`. + pub async fn presign_upload_with_metadata( + &self, + key: &str, + content_type: Option<&str>, + metadata: Option>, ) -> SyncResult { let response = self .client @@ -58,6 +73,7 @@ impl SyncClient { key: key.to_string(), content_type: content_type.map(|s| s.to_string()), expires_in: Some(3600), + metadata, }) .send() .await @@ -186,6 +202,21 @@ impl SyncClient { presigned_url: &str, data: &[u8], content_type: Option<&str>, + ) -> SyncResult<()> { + self + .upload_bytes_with_metadata(presigned_url, data, content_type, None) + .await + } + + /// PUT to a presigned URL, sending `metadata` as `x-amz-meta-*` headers. These + /// MUST be exactly the metadata the presign signed (from + /// `PresignUploadResponse::metadata`) or S3 rejects the request. + pub async fn upload_bytes_with_metadata( + &self, + presigned_url: &str, + data: &[u8], + content_type: Option<&str>, + metadata: Option<&std::collections::HashMap>, ) -> SyncResult<()> { let mut req = self .client @@ -197,6 +228,12 @@ impl SyncClient { req = req.header("Content-Type", ct); } + if let Some(meta) = metadata { + for (k, v) in meta { + req = req.header(format!("x-amz-meta-{k}"), v); + } + } + let response = req .send() .await diff --git a/src-tauri/src/sync/engine.rs b/src-tauri/src/sync/engine.rs index 754f64c..fa8b8a8 100644 --- a/src-tauri/src/sync/engine.rs +++ b/src-tauri/src/sync/engine.rs @@ -15,6 +15,11 @@ use std::sync::{Arc, Mutex as StdMutex}; use std::time::Instant; use tokio::sync::{Mutex as TokioMutex, Semaphore}; +/// S3 object-metadata key (stored as `x-amz-meta-updated-at`) holding an +/// entity's user-edit timestamp in unix seconds. Used to resolve sync conflicts +/// (last-write-wins) from a HEAD request without downloading the object body. +const UPDATED_AT_META_KEY: &str = "updated-at"; + lazy_static::lazy_static! { static ref SYNC_CANCEL_FLAGS: StdMutex>> = StdMutex::new(HashMap::new()); @@ -358,6 +363,67 @@ impl SyncEngine { !crate::cloud_auth::CLOUD_AUTH.is_logged_in().await } + /// Resolve a remote config object's user-edit timestamp (`updated_at`) for + /// conflict resolution. Prefers the value from S3 object metadata returned by + /// the HEAD (`stat`) — no body transfer. Falls back to downloading and + /// decrypting the small JSON body and reading its embedded `updated_at` (for + /// older self-hosted servers that don't surface metadata). Legacy objects with + /// neither resolve to 0, so any real local edit (`updated_at` > 0) wins. + async fn remote_updated_at(&self, stat: &StatResponse, remote_key: &str) -> u64 { + if let Some(meta) = &stat.metadata { + if let Some(v) = meta + .get(UPDATED_AT_META_KEY) + .and_then(|s| s.parse::().ok()) + { + return v; + } + } + // Fallback: read updated_at from the (small) JSON body. + if let Ok(presign) = self.client.presign_download(remote_key).await { + if let Ok(raw) = self.client.download_bytes(&presign.url).await { + if let Ok(data) = encryption::maybe_unseal_after_download(&raw) { + if let Ok(val) = serde_json::from_slice::(&data) { + if let Some(u) = val.get("updated_at").and_then(|x| x.as_u64()) { + return u; + } + } + } + } + } + 0 + } + + /// Upload a small config JSON blob (proxy/vpn/group/extension/extension-group/ + /// profile metadata), signing its `updated_at` into S3 object metadata so + /// future reconciles can compare via HEAD without downloading the body. The + /// body is sealed (E2E) exactly as before; only a plaintext unix timestamp + /// lives in the object metadata. + async fn upload_config_json( + &self, + remote_key: &str, + json: &str, + updated_at: u64, + ) -> SyncResult<()> { + let (payload, content_type) = encryption::maybe_seal_for_upload(json.as_bytes()) + .map_err(|e| SyncError::InvalidData(format!("Failed to seal config: {e}")))?; + let mut meta = HashMap::new(); + meta.insert(UPDATED_AT_META_KEY.to_string(), updated_at.to_string()); + let presign = self + .client + .presign_upload_with_metadata(remote_key, Some(content_type), Some(meta)) + .await?; + self + .client + .upload_bytes_with_metadata( + &presign.url, + &payload, + Some(content_type), + presign.metadata.as_ref(), + ) + .await?; + Ok(()) + } + pub async fn sync_profile( &self, app_handle: &tauri::AppHandle, @@ -1431,21 +1497,13 @@ impl SyncEngine { match (local_proxy, stat.exists) { (Some(proxy), true) => { - // Both exist - compare timestamps - let local_updated = proxy.last_sync.unwrap_or(0); - let remote_updated: DateTime = stat - .last_modified - .as_ref() - .and_then(|s| DateTime::parse_from_rfc3339(s).ok()) - .map(|dt| dt.with_timezone(&Utc)) - .unwrap_or_else(Utc::now); - let remote_ts = remote_updated.timestamp() as u64; + // Both exist - resolve by user-edit timestamp (last-write-wins). + let local_updated = proxy.updated_at.unwrap_or(0); + let remote_updated = self.remote_updated_at(&stat, &remote_key).await; - if remote_ts > local_updated { - // Remote is newer - download + if remote_updated > local_updated { self.download_proxy(proxy_id, app_handle).await?; - } else if local_updated > remote_ts { - // Local is newer - upload + } else if local_updated > remote_updated { self.upload_proxy(&proxy).await?; } } @@ -1478,17 +1536,9 @@ impl SyncEngine { let json = serde_json::to_string_pretty(&updated_proxy) .map_err(|e| SyncError::SerializationError(format!("Failed to serialize proxy: {e}")))?; - let (payload, content_type) = encryption::maybe_seal_for_upload(json.as_bytes()) - .map_err(|e| SyncError::InvalidData(format!("Failed to seal proxy: {e}")))?; - let remote_key = format!("proxies/{}.json", proxy.id); - let presign = self - .client - .presign_upload(&remote_key, Some(content_type)) - .await?; self - .client - .upload_bytes(&presign.url, &payload, Some(content_type)) + .upload_config_json(&remote_key, &json, updated_proxy.updated_at.unwrap_or(0)) .await?; // Update local proxy with new last_sync (always write plaintext locally) @@ -1579,21 +1629,13 @@ impl SyncEngine { match (local_group, stat.exists) { (Some(group), true) => { - // Both exist - compare timestamps - let local_updated = group.last_sync.unwrap_or(0); - let remote_updated: DateTime = stat - .last_modified - .as_ref() - .and_then(|s| DateTime::parse_from_rfc3339(s).ok()) - .map(|dt| dt.with_timezone(&Utc)) - .unwrap_or_else(Utc::now); - let remote_ts = remote_updated.timestamp() as u64; + // Both exist - resolve by user-edit timestamp (last-write-wins). + let local_updated = group.updated_at.unwrap_or(0); + let remote_updated = self.remote_updated_at(&stat, &remote_key).await; - if remote_ts > local_updated { - // Remote is newer - download + if remote_updated > local_updated { self.download_group(group_id, app_handle).await?; - } else if local_updated > remote_ts { - // Local is newer - upload + } else if local_updated > remote_updated { self.upload_group(&group).await?; } } @@ -1626,17 +1668,9 @@ impl SyncEngine { let json = serde_json::to_string_pretty(&updated_group) .map_err(|e| SyncError::SerializationError(format!("Failed to serialize group: {e}")))?; - let (payload, content_type) = encryption::maybe_seal_for_upload(json.as_bytes()) - .map_err(|e| SyncError::InvalidData(format!("Failed to seal group: {e}")))?; - let remote_key = format!("groups/{}.json", group.id); - let presign = self - .client - .presign_upload(&remote_key, Some(content_type)) - .await?; self - .client - .upload_bytes(&presign.url, &payload, Some(content_type)) + .upload_config_json(&remote_key, &json, updated_group.updated_at.unwrap_or(0)) .await?; // Update local group with new last_sync @@ -1795,18 +1829,13 @@ impl SyncEngine { match (local_vpn, stat.exists) { (Some(vpn), true) => { - let local_updated = vpn.last_sync.unwrap_or(0); - let remote_updated: DateTime = stat - .last_modified - .as_ref() - .and_then(|s| DateTime::parse_from_rfc3339(s).ok()) - .map(|dt| dt.with_timezone(&Utc)) - .unwrap_or_else(Utc::now); - let remote_ts = remote_updated.timestamp() as u64; + // Both exist - resolve by user-edit timestamp (last-write-wins). + let local_updated = vpn.updated_at.unwrap_or(0); + let remote_updated = self.remote_updated_at(&stat, &remote_key).await; - if remote_ts > local_updated { + if remote_updated > local_updated { self.download_vpn(vpn_id, app_handle).await?; - } else if local_updated > remote_ts { + } else if local_updated > remote_updated { self.upload_vpn(&vpn).await?; } } @@ -1836,17 +1865,9 @@ impl SyncEngine { let json = serde_json::to_string_pretty(&updated_vpn) .map_err(|e| SyncError::SerializationError(format!("Failed to serialize VPN: {e}")))?; - let (payload, content_type) = encryption::maybe_seal_for_upload(json.as_bytes()) - .map_err(|e| SyncError::InvalidData(format!("Failed to seal VPN: {e}")))?; - let remote_key = format!("vpns/{}.json", vpn.id); - let presign = self - .client - .presign_upload(&remote_key, Some(content_type)) - .await?; self - .client - .upload_bytes(&presign.url, &payload, Some(content_type)) + .upload_config_json(&remote_key, &json, updated_vpn.updated_at.unwrap_or(0)) .await?; // Update local VPN with new last_sync @@ -1946,18 +1967,13 @@ impl SyncEngine { match (local_ext, stat.exists) { (Some(ext), true) => { - let local_updated = ext.last_sync.unwrap_or(0); - let remote_updated: DateTime = stat - .last_modified - .as_ref() - .and_then(|s| DateTime::parse_from_rfc3339(s).ok()) - .map(|dt| dt.with_timezone(&Utc)) - .unwrap_or_else(Utc::now); - let remote_ts = remote_updated.timestamp() as u64; + // Both exist - resolve by user-edit timestamp (last-write-wins). + let local_updated = ext.updated_at; + let remote_updated = self.remote_updated_at(&stat, &remote_key).await; - if remote_ts > local_updated { + if remote_updated > local_updated { self.download_extension(ext_id, app_handle).await?; - } else if local_updated > remote_ts { + } else if local_updated > remote_updated { self.upload_extension(&ext).await?; } } @@ -1987,17 +2003,9 @@ impl SyncEngine { let json = serde_json::to_string_pretty(&updated_ext) .map_err(|e| SyncError::SerializationError(format!("Failed to serialize extension: {e}")))?; - let (meta_payload, meta_content_type) = encryption::maybe_seal_for_upload(json.as_bytes()) - .map_err(|e| SyncError::InvalidData(format!("Failed to seal extension: {e}")))?; - let remote_key = format!("extensions/{}.json", ext.id); - let presign = self - .client - .presign_upload(&remote_key, Some(meta_content_type)) - .await?; self - .client - .upload_bytes(&presign.url, &meta_payload, Some(meta_content_type)) + .upload_config_json(&remote_key, &json, updated_ext.updated_at) .await?; // Also upload the extension file data — encrypted as a sealed envelope @@ -2151,18 +2159,13 @@ impl SyncEngine { match (local_group, stat.exists) { (Some(group), true) => { - let local_updated = group.last_sync.unwrap_or(0); - let remote_updated: DateTime = stat - .last_modified - .as_ref() - .and_then(|s| DateTime::parse_from_rfc3339(s).ok()) - .map(|dt| dt.with_timezone(&Utc)) - .unwrap_or_else(Utc::now); - let remote_ts = remote_updated.timestamp() as u64; + // Both exist - resolve by user-edit timestamp (last-write-wins). + let local_updated = group.updated_at; + let remote_updated = self.remote_updated_at(&stat, &remote_key).await; - if remote_ts > local_updated { + if remote_updated > local_updated { self.download_extension_group(group_id, app_handle).await?; - } else if local_updated > remote_ts { + } else if local_updated > remote_updated { self.upload_extension_group(&group).await?; } } @@ -2196,17 +2199,9 @@ impl SyncEngine { SyncError::SerializationError(format!("Failed to serialize extension group: {e}")) })?; - let (payload, content_type) = encryption::maybe_seal_for_upload(json.as_bytes()) - .map_err(|e| SyncError::InvalidData(format!("Failed to seal extension group: {e}")))?; - let remote_key = format!("extension_groups/{}.json", group.id); - let presign = self - .client - .presign_upload(&remote_key, Some(content_type)) - .await?; self - .client - .upload_bytes(&presign.url, &payload, Some(content_type)) + .upload_config_json(&remote_key, &json, updated_group.updated_at) .await?; // Update local group with new last_sync diff --git a/src-tauri/src/sync/types.rs b/src-tauri/src/sync/types.rs index 5cf671e..36c36ea 100644 --- a/src-tauri/src/sync/types.rs +++ b/src-tauri/src/sync/types.rs @@ -1,4 +1,5 @@ use serde::{Deserialize, Serialize}; +use std::collections::HashMap; #[derive(Debug, Clone, Serialize, Deserialize)] pub struct StatRequest { @@ -11,6 +12,11 @@ pub struct StatResponse { #[serde(rename = "lastModified")] pub last_modified: Option, pub size: Option, + /// User-defined S3 object metadata (`x-amz-meta-*`), lowercased keys without + /// the prefix. `None` from older servers that don't return it. Used to read + /// `updated-at` for sync conflict resolution without downloading the body. + #[serde(default)] + pub metadata: Option>, } #[derive(Debug, Clone, Serialize, Deserialize)] @@ -20,6 +26,9 @@ pub struct PresignUploadRequest { pub content_type: Option, #[serde(rename = "expiresIn")] pub expires_in: Option, + /// Object metadata to sign into the presigned PUT (stored as `x-amz-meta-*`). + #[serde(skip_serializing_if = "Option::is_none")] + pub metadata: Option>, } #[derive(Debug, Clone, Serialize, Deserialize)] @@ -27,6 +36,11 @@ pub struct PresignUploadResponse { pub url: String, #[serde(rename = "expiresAt")] pub expires_at: String, + /// The metadata the server actually signed into the URL. The client must send + /// exactly these as `x-amz-meta-*` headers on the PUT or S3 rejects it. `None` + /// from older servers → client sends no metadata headers (body-GET fallback). + #[serde(default)] + pub metadata: Option>, } #[derive(Debug, Clone, Serialize, Deserialize)] diff --git a/src-tauri/src/vpn/config.rs b/src-tauri/src/vpn/config.rs index 10cd68f..9910f38 100644 --- a/src-tauri/src/vpn/config.rs +++ b/src-tauri/src/vpn/config.rs @@ -52,6 +52,10 @@ pub struct VpnConfig { pub sync_enabled: bool, #[serde(default)] pub last_sync: Option, + /// Unix seconds of the last meaningful user edit. Source of truth for sync + /// conflict resolution (last-write-wins); bumped on config edits only. + #[serde(default)] + pub updated_at: Option, } /// Parsed WireGuard configuration diff --git a/src-tauri/src/vpn/storage.rs b/src-tauri/src/vpn/storage.rs index 67d8fd7..c2e6c50 100644 --- a/src-tauri/src/vpn/storage.rs +++ b/src-tauri/src/vpn/storage.rs @@ -36,6 +36,8 @@ struct StoredVpnConfig { sync_enabled: bool, #[serde(default)] last_sync: Option, + #[serde(default)] + updated_at: Option, } /// VPN storage manager with encryption @@ -247,6 +249,7 @@ impl VpnStorage { last_used: config.last_used, sync_enabled: config.sync_enabled, last_sync: config.last_sync, + updated_at: config.updated_at, }; // Update existing or add new @@ -280,6 +283,7 @@ impl VpnStorage { last_used: stored.last_used, sync_enabled: stored.sync_enabled, last_sync: stored.last_sync, + updated_at: stored.updated_at, }) } @@ -300,6 +304,7 @@ impl VpnStorage { last_used: stored.last_used, sync_enabled: stored.sync_enabled, last_sync: stored.last_sync, + updated_at: stored.updated_at, }) .collect(), ) @@ -356,6 +361,7 @@ impl VpnStorage { last_used: None, sync_enabled, last_sync: None, + updated_at: Some(crate::proxy_manager::now_secs()), }; self.save_config(&config)?; @@ -367,6 +373,7 @@ impl VpnStorage { pub fn update_config_name(&self, id: &str, new_name: &str) -> Result { let mut config = self.load_config(id)?; config.name = new_name.to_string(); + config.updated_at = Some(crate::proxy_manager::now_secs()); self.save_config(&config)?; Ok(config) } @@ -420,6 +427,7 @@ impl VpnStorage { last_used: None, sync_enabled, last_sync: None, + updated_at: Some(crate::proxy_manager::now_secs()), }; self.save_config(&config)?; @@ -463,6 +471,7 @@ mod tests { last_used: None, sync_enabled: false, last_sync: None, + updated_at: None, }; storage.save_config(&config).unwrap(); @@ -487,6 +496,7 @@ mod tests { last_used: None, sync_enabled: false, last_sync: None, + updated_at: None, }; let config2 = VpnConfig { @@ -498,6 +508,7 @@ mod tests { last_used: Some(3000), sync_enabled: false, last_sync: None, + updated_at: None, }; storage.save_config(&config1).unwrap(); @@ -524,6 +535,7 @@ mod tests { last_used: None, sync_enabled: false, last_sync: None, + updated_at: None, }; storage.save_config(&config).unwrap(); diff --git a/src-tauri/src/wayfern_manager.rs b/src-tauri/src/wayfern_manager.rs index bfbf1e1..37a5785 100644 --- a/src-tauri/src/wayfern_manager.rs +++ b/src-tauri/src/wayfern_manager.rs @@ -51,6 +51,12 @@ pub struct WayfernLaunchResult { pub profilePath: Option, pub url: Option, pub cdp_port: Option, + /// The fingerprint Wayfern actually applied, echoed back by + /// Wayfern.setFingerprint. It may be UPGRADED from the stored fingerprint + /// (e.g. when the stored one targets an older browser version). Internal + /// only — the caller persists it to the profile; never sent to the frontend. + #[serde(default, skip_serializing)] + pub used_fingerprint: Option, } struct WayfernInstance { @@ -703,6 +709,7 @@ impl WayfernManager { log::info!("Found {} page targets", page_targets.len()); // Apply fingerprint if configured + let mut used_fingerprint: Option = None; if let Some(fingerprint_json) = &config.fingerprint { log::info!( "Applying fingerprint to Wayfern browser, fingerprint length: {} chars", @@ -781,10 +788,30 @@ impl WayfernManager { .send_cdp_command(ws_url, "Wayfern.setFingerprint", fingerprint_params.clone()) .await { - Ok(result) => log::info!( - "Successfully applied fingerprint to page target: {:?}", - result - ), + Ok(result) => { + log::info!( + "Successfully applied fingerprint to page target: {:?}", + result + ); + // Wayfern.setFingerprint echoes back the fingerprint it actually + // used, which may be UPGRADED from what we sent (e.g. when the + // stored fingerprint targets an older browser version). Capture + // it once, from the first target that succeeds, so the caller can + // persist the upgraded value to the profile. + if used_fingerprint.is_none() { + // getFingerprint/setFingerprint wrap the object as + // { fingerprint: {...} }; tolerate a bare object too. + let fp = result.get("fingerprint").cloned().unwrap_or(result); + if fp.is_object() { + match serde_json::to_string(&Self::normalize_fingerprint(fp)) { + Ok(s) => used_fingerprint = Some(s), + Err(e) => { + log::warn!("Failed to serialize used fingerprint: {e}") + } + } + } + } + } Err(e) => log::error!("Failed to apply fingerprint to target: {e}"), } } @@ -849,6 +876,7 @@ impl WayfernManager { profilePath: Some(profile_path.to_string()), url: url.map(|s| s.to_string()), cdp_port: Some(port), + used_fingerprint, }) } @@ -990,6 +1018,7 @@ impl WayfernManager { profilePath: instance.profile_path.clone(), url: instance.url.clone(), cdp_port: instance.cdp_port, + used_fingerprint: None, }); } else { log::info!( @@ -1032,6 +1061,7 @@ impl WayfernManager { profilePath: Some(found_profile_path), url: None, cdp_port, + used_fingerprint: None, }); } diff --git a/src-tauri/tests/vpn_integration.rs b/src-tauri/tests/vpn_integration.rs index edcd23c..093d932 100644 --- a/src-tauri/tests/vpn_integration.rs +++ b/src-tauri/tests/vpn_integration.rs @@ -135,6 +135,7 @@ fn test_vpn_storage_save_and_load() { last_used: None, sync_enabled: false, last_sync: None, + updated_at: None, }; let save_result = storage.save_config(&config); @@ -174,6 +175,7 @@ fn test_vpn_storage_list() { last_used: None, sync_enabled: false, last_sync: None, + updated_at: None, }; storage.save_config(&config).unwrap(); } @@ -201,6 +203,7 @@ fn test_vpn_storage_delete() { last_used: None, sync_enabled: false, last_sync: None, + updated_at: None, }; storage.save_config(&config).unwrap(); @@ -489,6 +492,7 @@ fn new_test_vpn_config(name: &str, vpn_type: VpnType, config_data: String) -> Vp last_used: None, sync_enabled: false, last_sync: None, + updated_at: None, } } diff --git a/src/app/page.tsx b/src/app/page.tsx index de16b6f..d337a46 100644 --- a/src/app/page.tsx +++ b/src/app/page.tsx @@ -3,6 +3,7 @@ import { invoke } from "@tauri-apps/api/core"; import { listen } from "@tauri-apps/api/event"; import { getCurrent } from "@tauri-apps/plugin-deep-link"; +import { useOnborda } from "onborda"; import { useCallback, useEffect, useMemo, useRef, useState } from "react"; import { useTranslation } from "react-i18next"; import { AccountPage } from "@/components/account-page"; @@ -23,6 +24,7 @@ import { GroupManagementDialog } from "@/components/group-management-dialog"; import HomeHeader from "@/components/home-header"; import { ImportProfileDialog } from "@/components/import-profile-dialog"; import { IntegrationsDialog } from "@/components/integrations-dialog"; +import { ONBOARDING_TOUR } from "@/components/onboarding-provider"; import { PermissionDialog } from "@/components/permission-dialog"; import { ProfilesDataTable } from "@/components/profile-data-table"; import { @@ -39,7 +41,9 @@ import { ShortcutsPage } from "@/components/shortcuts-page"; import { SyncAllDialog } from "@/components/sync-all-dialog"; import { SyncConfigDialog } from "@/components/sync-config-dialog"; import { SyncFollowerDialog } from "@/components/sync-follower-dialog"; +import { ThankYouDialog } from "@/components/thank-you-dialog"; import { WayfernTermsDialog } from "@/components/wayfern-terms-dialog"; +import { WelcomeDialog } from "@/components/welcome-dialog"; import { WindowResizeWarningDialog } from "@/components/window-resize-warning-dialog"; import { useAppUpdateNotifications } from "@/hooks/use-app-update-notifications"; import { useCloudAuth } from "@/hooks/use-cloud-auth"; @@ -55,6 +59,10 @@ import { useVersionUpdater } from "@/hooks/use-version-updater"; import { useVpnEvents } from "@/hooks/use-vpn-events"; import { useWayfernTerms } from "@/hooks/use-wayfern-terms"; import { translateBackendError } from "@/lib/backend-errors"; +import { + ONBOARDING_TOUR_FINISHED_EVENT, + setOnboardingActive, +} from "@/lib/onboarding-signal"; import { matchesGroupDigit, matchesShortcut, @@ -95,6 +103,95 @@ export default function Home() { error: profilesError, } = useProfileEvents(); + // First-run onboarding tour (Onborda). + const { startOnborda, setCurrentStep, isOnbordaVisible, currentStep } = + useOnborda(); + const onboardingHandledRef = useRef(false); + const [welcomeOpen, setWelcomeOpen] = useState(false); + const [thankYouOpen, setThankYouOpen] = useState(false); + // null = onboarding decision pending; false = not a first-run onboarding (run + // the normal permission checks); true = first-run onboarding, so the welcome + // flow drives permissions and the standalone permission dialog is suppressed. + const [firstRunOnboarding, setFirstRunOnboarding] = useState( + null, + ); + + // Welcome flow finished. Existing-profile users are done after the welcome + + // commercial-use steps; users with no profile yet continue into the in-app + // product tour that walks them through creating their first profile. + const handleWelcomeComplete = useCallback(() => { + setWelcomeOpen(false); + setFirstRunOnboarding(false); + if (profiles.length === 0) { + startOnborda(ONBOARDING_TOUR); + } + }, [startOnborda, profiles.length]); + + // The product tour finished (user clicked "Finish", not "Skip") → celebrate. + useEffect(() => { + const handler = () => setThankYouOpen(true); + window.addEventListener(ONBOARDING_TOUR_FINISHED_EVENT, handler); + return () => + window.removeEventListener(ONBOARDING_TOUR_FINISHED_EVENT, handler); + }, []); + + // Suppress the global browser-download toasts while onboarding (welcome or + // tour) is active — the welcome dialog shows setup progress itself. + useEffect(() => { + setOnboardingActive(welcomeOpen || isOnbordaVisible); + }, [welcomeOpen, isOnbordaVisible]); + + // While the tour is visible, keep the body pinned to the left. Onborda calls + // scrollIntoView({ inline: "center" }) on the highlighted element; because the + // body is overflow-hidden it can still be scrolled programmatically, which + // would shove the whole app (rail and all) sideways with no way to scroll + // back. The profile table keeps its own scroll container, untouched here. + useEffect(() => { + if (!isOnbordaVisible) return; + const pin = () => { + if (document.body.scrollLeft !== 0) document.body.scrollLeft = 0; + if (document.documentElement.scrollLeft !== 0) + document.documentElement.scrollLeft = 0; + }; + pin(); + window.addEventListener("scroll", pin, true); + return () => window.removeEventListener("scroll", pin, true); + }, [isOnbordaVisible]); + + // On the very first launch, always show the welcome + commercial-use steps + // (one-shot: the backend flag is set immediately so it can't trigger again). + // The welcome dialog itself decides whether to continue into the browser + // download + profile-creation flow — only when the user has no profile yet. + useEffect(() => { + if (profilesLoading || onboardingHandledRef.current) return; + onboardingHandledRef.current = true; + void (async () => { + try { + const completed = await invoke("get_onboarding_completed"); + if (completed) { + setFirstRunOnboarding(false); + return; + } + await invoke("complete_onboarding"); + setFirstRunOnboarding(true); + setWelcomeOpen(true); + } catch (err) { + console.error("Onboarding init failed:", err); + setFirstRunOnboarding(false); + } + })(); + }, [profilesLoading]); + + // Advance from the "create a profile" step to the "DNS blocking" step as soon + // as the user's first profile exists (its DNS dropdown is now in the DOM). + useEffect(() => { + if (isOnbordaVisible && currentStep === 0 && profiles.length > 0) { + // Small delay so the new profile row (and its DNS dropdown target) has + // mounted before Onborda re-points at it. + setCurrentStep(1, 300); + } + }, [isOnbordaVisible, currentStep, profiles.length, setCurrentStep]); + const { groups: groupsData, isLoading: groupsLoading, @@ -775,9 +872,12 @@ export default function Home() { } catch (error) { showErrorToast( t("errors.createProfileFailed", { - error: error instanceof Error ? error.message : String(error), + error: translateBackendError(t, error), }), ); + // Rethrow so the create dialog keeps itself open (its own handler + // skips closing on error), letting the user fix the proxy/VPN and retry. + throw error; } }, [selectedGroupId, t], @@ -1349,12 +1449,14 @@ export default function Home() { }; }, [checkTerms]); - // Check permissions when they are initialized + // Check permissions when they are initialized. During first-run onboarding + // the welcome flow requests permissions, so the standalone dialog is deferred + // until we know this isn't a first-run onboarding. useEffect(() => { - if (isInitialized) { + if (isInitialized && firstRunOnboarding === false) { checkAllPermissions(); } - }, [isInitialized, checkAllPermissions]); + }, [isInitialized, firstRunOnboarding, checkAllPermissions]); // Check self-hosted sync config on mount and when cloud user changes useEffect(() => { @@ -1624,6 +1726,16 @@ export default function Home() { onPermissionGranted={checkNextPermission} /> + + setThankYouOpen(false)} + /> + { diff --git a/src/components/account-page.tsx b/src/components/account-page.tsx index 82ae581..6007f5b 100644 --- a/src/components/account-page.tsx +++ b/src/components/account-page.tsx @@ -280,9 +280,40 @@ export function AccountPage({

{user.planPeriod}

)} + {typeof user.deviceOrdinal === "number" && ( +
+

+ {t("account.fields.device")} +

+

+ {t("account.deviceOrdinal", { + ordinal: user.deviceOrdinal, + count: user.deviceCount ?? user.deviceOrdinal, + })} +

+
+ )} )} + {isLoggedIn && + user && + user.plan !== "free" && + user.isPrimaryDevice === false && ( +

+ {t("account.automationPrimaryOnly")} +

+ )} + {isLoggedIn && + user && + user.plan !== "free" && + user.isPrimaryDevice === true && + (user.deviceCount ?? 1) > 1 && ( +

+ {t("account.automationActiveHere")} +

+ )} +
{isLoggedIn ? ( <> diff --git a/src/components/app-update-toast.tsx b/src/components/app-update-toast.tsx index 381fb64..2627133 100644 --- a/src/components/app-update-toast.tsx +++ b/src/components/app-update-toast.tsx @@ -37,7 +37,7 @@ export function AppUpdateToast({ return (
- +
diff --git a/src/components/client-providers.tsx b/src/components/client-providers.tsx index 760e252..ff6c60e 100644 --- a/src/components/client-providers.tsx +++ b/src/components/client-providers.tsx @@ -2,6 +2,7 @@ import { useEffect } from "react"; import { I18nProvider } from "@/components/i18n-provider"; +import { OnboardingProvider } from "@/components/onboarding-provider"; import { CustomThemeProvider } from "@/components/theme-provider"; import { Toaster } from "@/components/ui/sonner"; import { TooltipProvider } from "@/components/ui/tooltip"; @@ -17,7 +18,9 @@ export function ClientProviders({ children }: { children: React.ReactNode }) { - {children} + + {children} + diff --git a/src/components/create-profile-dialog.tsx b/src/components/create-profile-dialog.tsx index d335b0d..09d1ce4 100644 --- a/src/components/create-profile-dialog.tsx +++ b/src/components/create-profile-dialog.tsx @@ -11,7 +11,7 @@ import { } from "react"; import { useTranslation } from "react-i18next"; import { GoPlus } from "react-icons/go"; -import { LuCheck, LuChevronsUpDown } from "react-icons/lu"; +import { LuCheck, LuChevronsUpDown, LuLoaderCircle } from "react-icons/lu"; import { LoadingButton } from "@/components/loading-button"; import { ProxyFormDialog } from "@/components/proxy-form-dialog"; import { SharedCamoufoxConfigForm } from "@/components/shared-camoufox-config-form"; @@ -307,6 +307,10 @@ export function CreateProfileDialog({ useEffect(() => { if (isOpen) { void loadSupportedBrowsers(); + // Load downloaded versions for both anti-detect browsers up front so the + // selection-screen availability gate is accurate before either is picked. + void loadDownloadedVersions("wayfern"); + void loadDownloadedVersions("camoufox"); // Load release types when a browser is selected if (selectedBrowser) { void loadReleaseTypes(selectedBrowser); @@ -320,6 +324,7 @@ export function CreateProfileDialog({ isOpen, loadSupportedBrowsers, loadReleaseTypes, + loadDownloadedVersions, checkAndDownloadGeoIPDatabase, selectedBrowser, ]); @@ -405,6 +410,7 @@ export function CreateProfileDialog({ const resolvedProxyId = isVpnSelection ? undefined : selectedProxyId; const resolvedVpnId = isVpnSelection && selectedProxyId ? selectedProxyId.slice(4) : undefined; + const passwordToSet = enablePassword && !ephemeral && password.length >= PASSWORD_MIN_LEN ? password @@ -585,7 +591,7 @@ export function CreateProfileDialog({ return ( - + {currentStep === "browser-selection" ? t("createProfile.title") @@ -618,23 +624,30 @@ export function CreateProfileDialog({ onClick={() => { handleBrowserSelect("wayfern"); }} + disabled={!getCreatableVersion("wayfern")} className="flex gap-3 justify-start items-center p-4 w-full h-16 border-2 transition-colors hover:border-primary/50" variant="outline" >
- {(() => { - const IconComponent = getBrowserIcon("wayfern"); - return IconComponent ? ( - - ) : null; - })()} + {isBrowserCurrentlyDownloading("wayfern") ? ( + + ) : ( + (() => { + const IconComponent = getBrowserIcon("wayfern"); + return IconComponent ? ( + + ) : null; + })() + )}
{t("createProfile.chromiumLabel")}
- {t("createProfile.chromiumSubtitle")} + {isBrowserCurrentlyDownloading("wayfern") + ? t("createProfile.downloadingSubtitle") + : t("createProfile.chromiumSubtitle")}
@@ -644,26 +657,41 @@ export function CreateProfileDialog({ onClick={() => { handleBrowserSelect("camoufox"); }} + disabled={!getCreatableVersion("camoufox")} className="flex gap-3 justify-start items-center p-4 w-full h-16 border-2 transition-colors hover:border-primary/50" variant="outline" >
- {(() => { - const IconComponent = getBrowserIcon("camoufox"); - return IconComponent ? ( - - ) : null; - })()} + {isBrowserCurrentlyDownloading("camoufox") ? ( + + ) : ( + (() => { + const IconComponent = + getBrowserIcon("camoufox"); + return IconComponent ? ( + + ) : null; + })() + )}
{t("createProfile.firefoxLabel")}
- {t("createProfile.firefoxSubtitle")} + {isBrowserCurrentlyDownloading("camoufox") + ? t("createProfile.downloadingSubtitle") + : t("createProfile.firefoxSubtitle")}
+ + {!getCreatableVersion("wayfern") && + !getCreatableVersion("camoufox") && ( +

+ {t("createProfile.browsersDownloading")} +

+ )}
@@ -867,7 +895,7 @@ export function CreateProfileDialog({ {!isLoadingReleaseTypes && !releaseTypesError && !isBrowserCurrentlyDownloading("wayfern") && - !isBrowserVersionAvailable("wayfern") && + !getCreatableVersion("wayfern") && getBestAvailableVersion("wayfern") && (

@@ -899,17 +927,53 @@ export function CreateProfileDialog({ {!isLoadingReleaseTypes && !releaseTypesError && !isBrowserCurrentlyDownloading("wayfern") && - isBrowserVersionAvailable("wayfern") && ( + getCreatableVersion("wayfern") && (

✓{" "} {t("createProfile.version.available", { browser: "Wayfern", version: - getBestAvailableVersion("wayfern") - ?.version, + getCreatableVersion("wayfern")?.version, })}
)} + {!isLoadingReleaseTypes && + !releaseTypesError && + !isBrowserCurrentlyDownloading("wayfern") && + getCreatableVersion("wayfern") && + !isBrowserVersionAvailable("wayfern") && + getBestAvailableVersion("wayfern") && ( +
+

+ {t( + "createProfile.version.upgradeAvailable", + { + browser: "Wayfern", + version: + getBestAvailableVersion("wayfern") + ?.version, + }, + )} +

+ { + void handleDownload("wayfern"); + }} + isLoading={isBrowserCurrentlyDownloading( + "wayfern", + )} + size="sm" + variant="outline" + disabled={isBrowserCurrentlyDownloading( + "wayfern", + )} + > + {isBrowserCurrentlyDownloading("wayfern") + ? t("common.buttons.downloading") + : t("common.buttons.download")} + +
+ )} {isBrowserCurrentlyDownloading("wayfern") && (
{t("createProfile.version.downloading", { @@ -927,7 +991,7 @@ export function CreateProfileDialog({ crossOsUnlocked={crossOsUnlocked} limitedMode={!crossOsUnlocked} profileVersion={ - getBestAvailableVersion("wayfern")?.version + getCreatableVersion("wayfern")?.version } profileBrowser="wayfern" /> @@ -975,7 +1039,7 @@ export function CreateProfileDialog({ {!isLoadingReleaseTypes && !releaseTypesError && !isBrowserCurrentlyDownloading("camoufox") && - !isBrowserVersionAvailable("camoufox") && + !getCreatableVersion("camoufox") && getBestAvailableVersion("camoufox") && (

@@ -1007,17 +1071,53 @@ export function CreateProfileDialog({ {!isLoadingReleaseTypes && !releaseTypesError && !isBrowserCurrentlyDownloading("camoufox") && - isBrowserVersionAvailable("camoufox") && ( + getCreatableVersion("camoufox") && (

✓{" "} {t("createProfile.version.available", { browser: "Camoufox", version: - getBestAvailableVersion("camoufox") - ?.version, + getCreatableVersion("camoufox")?.version, })}
)} + {!isLoadingReleaseTypes && + !releaseTypesError && + !isBrowserCurrentlyDownloading("camoufox") && + getCreatableVersion("camoufox") && + !isBrowserVersionAvailable("camoufox") && + getBestAvailableVersion("camoufox") && ( +
+

+ {t( + "createProfile.version.upgradeAvailable", + { + browser: "Camoufox", + version: + getBestAvailableVersion("camoufox") + ?.version, + }, + )} +

+ { + void handleDownload("camoufox"); + }} + isLoading={isBrowserCurrentlyDownloading( + "camoufox", + )} + size="sm" + variant="outline" + disabled={isBrowserCurrentlyDownloading( + "camoufox", + )} + > + {isBrowserCurrentlyDownloading("camoufox") + ? t("common.buttons.downloading") + : t("common.buttons.download")} + +
+ )} {isBrowserCurrentlyDownloading("camoufox") && (
{t("createProfile.version.downloading", { @@ -1045,7 +1145,7 @@ export function CreateProfileDialog({ crossOsUnlocked={crossOsUnlocked} limitedMode={!crossOsUnlocked} profileVersion={ - getBestAvailableVersion("camoufox")?.version + getCreatableVersion("camoufox")?.version } profileBrowser="camoufox" /> @@ -1077,7 +1177,7 @@ export function CreateProfileDialog({ size="sm" variant="outline" > - Retry + {t("common.buttons.retry")}
)} @@ -1086,7 +1186,7 @@ export function CreateProfileDialog({ !isBrowserCurrentlyDownloading( selectedBrowser, ) && - !isBrowserVersionAvailable(selectedBrowser) && + !getCreatableVersion(selectedBrowser) && getBestAvailableVersion(selectedBrowser) && (

@@ -1122,18 +1222,15 @@ export function CreateProfileDialog({ !isBrowserCurrentlyDownloading( selectedBrowser, ) && - isBrowserVersionAvailable( - selectedBrowser, - ) && ( + getCreatableVersion(selectedBrowser) && (

✓{" "} {t( "createProfile.version.latestAvailable", { version: - getBestAvailableVersion( - selectedBrowser, - )?.version, + getCreatableVersion(selectedBrowser) + ?.version, }, )}
@@ -1432,7 +1529,7 @@ export function CreateProfileDialog({

- Fetching available versions... + {t("createProfile.version.fetching")}

)} @@ -1458,7 +1555,7 @@ export function CreateProfileDialog({ !isBrowserCurrentlyDownloading( selectedBrowser, ) && - !isBrowserVersionAvailable(selectedBrowser) && + !getCreatableVersion(selectedBrowser) && getBestAvailableVersion(selectedBrowser) && (

@@ -1494,16 +1591,15 @@ export function CreateProfileDialog({ !isBrowserCurrentlyDownloading( selectedBrowser, ) && - isBrowserVersionAvailable(selectedBrowser) && ( + getCreatableVersion(selectedBrowser) && (

✓{" "} {t( "createProfile.version.latestAvailable", { version: - getBestAvailableVersion( - selectedBrowser, - )?.version, + getCreatableVersion(selectedBrowser) + ?.version, }, )}
@@ -1701,7 +1797,7 @@ export function CreateProfileDialog({ - + {currentStep === "browser-config" ? ( <> diff --git a/src/components/custom-toast.tsx b/src/components/custom-toast.tsx index 835a218..cb06452 100644 --- a/src/components/custom-toast.tsx +++ b/src/components/custom-toast.tsx @@ -174,42 +174,38 @@ function formatEtaCompact(seconds: number): string { function getToastIcon(type: ToastProps["type"], stage?: string) { switch (type) { case "success": - return ; + return ; case "error": - return ( - - ); + return ; case "download": if (stage === "completed") { - return ( - - ); + return ; } - return ; + return ; case "version-update": return ( - + ); case "fetching": return ( - + ); case "twilight-update": return ( - + ); case "sync-progress": return ( - + ); case "loading": return ( -
+
); default: return ( -
+
); } } @@ -232,7 +228,7 @@ export function UnifiedToast(props: ToastProps) { + )} + +
+ {!isFirst && !isLast && ( + + )} + {isLast ? ( + + ) : requiresAction ? null : ( + + )} +
+
+ + {arrow} +
+ ); +} diff --git a/src/components/onboarding-provider.tsx b/src/components/onboarding-provider.tsx new file mode 100644 index 0000000..31033bb --- /dev/null +++ b/src/components/onboarding-provider.tsx @@ -0,0 +1,66 @@ +"use client"; + +import { Onborda, type OnbordaProps, OnbordaProvider } from "onborda"; +import { useTranslation } from "react-i18next"; +import { OnboardingCard } from "@/components/onboarding-card"; + +// Name of the first-run product tour. Referenced by the trigger logic in +// `src/app/page.tsx` via `startOnborda(ONBOARDING_TOUR)`. +export const ONBOARDING_TOUR = "donut-onboarding"; + +export function OnboardingProvider({ + children, +}: { + children: React.ReactNode; +}) { + const { t } = useTranslation(); + + const tours: OnbordaProps["steps"] = [ + { + tour: ONBOARDING_TOUR, + steps: [ + { + icon: null, + title: t("onboarding.steps.createProfile.title"), + content: t("onboarding.steps.createProfile.content"), + selector: '[data-onborda="create-profile"]', + // The "New" button sits in the top-right corner; "bottom-right" + // anchors the card's right edge to it so the card extends left/down + // and stays on-screen instead of overflowing the right viewport edge. + side: "bottom-right", + showControls: true, + pointerPadding: 8, + pointerRadius: 10, + }, + { + icon: null, + title: t("onboarding.steps.dnsBlocking.title"), + content: t("onboarding.steps.dnsBlocking.content"), + selector: '[data-onborda="dns-blocklist"]', + // The DNS dropdown sits in the right-hand columns. A centered "bottom" + // card runs off the right edge; "bottom-right" anchors the card's right + // edge to the dropdown and extends it left/down, keeping it fully + // on-screen with its arrow pointing up at the option. + side: "bottom-right", + showControls: true, + pointerPadding: 6, + pointerRadius: 8, + }, + ], + }, + ]; + + return ( + + + {children} + + + ); +} diff --git a/src/components/permission-dialog.tsx b/src/components/permission-dialog.tsx index 73e6732..22a74fe 100644 --- a/src/components/permission-dialog.tsx +++ b/src/components/permission-dialog.tsx @@ -131,9 +131,9 @@ export function PermissionDialog({ const getPermissionIcon = (type: PermissionType) => { switch (type) { case "microphone": - return ; + return ; case "camera": - return ; + return ; } }; @@ -195,13 +195,11 @@ export function PermissionDialog({ -
+ {getPermissionIcon(permissionType)} -
- {getPermissionTitle(permissionType)} - + {getPermissionDescription(permissionType)} diff --git a/src/components/profile-data-table.tsx b/src/components/profile-data-table.tsx index fb8bc1a..0427519 100644 --- a/src/components/profile-data-table.tsx +++ b/src/components/profile-data-table.tsx @@ -441,6 +441,7 @@ function DnsCell({ +
+ + + ); +} diff --git a/src/components/ui/color-picker.tsx b/src/components/ui/color-picker.tsx index 1cbd4f3..80831c0 100644 --- a/src/components/ui/color-picker.tsx +++ b/src/components/ui/color-picker.tsx @@ -312,7 +312,7 @@ export const ColorPickerAlpha = ({ 'url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAMUlEQVQ4T2NkYGAQYcAP3uCTZhw1gGGYhAGBZIA/nYDCgBDAm9BGDWAAJyRCgLaBCAAgXwixzAS0pgAAAABJRU5ErkJggg==") left center', }} > -
+
diff --git a/src/components/ui/dialog.tsx b/src/components/ui/dialog.tsx index 89b55ac..bfe7759 100644 --- a/src/components/ui/dialog.tsx +++ b/src/components/ui/dialog.tsx @@ -111,26 +111,39 @@ function DialogOverlay({ className={cn("fixed inset-0 z-9999 bg-background/50", className)} {...props} > + {/* Keep the OS title-bar zone draggable while a modal is open — the + overlay otherwise covers the native drag region. `data-window-drag-area` + stops Radix from treating a drag here as an outside-click dismiss. */} +