trilium/services/notes.js

const sql = require('./sql');
const options = require('./options');
const utils = require('./utils');
const notes = require('./notes');
const audit_category = require('./audit_category');
const data_encryption = require('./data_encryption');
const sync_table = require('./sync_table');

async function createNewNote(parentNoteId, note, browserId) {
    const noteId = utils.newNoteId();
    const noteTreeId = utils.newNoteTreeId();

    let newNotePos = 0;

    if (note.target === 'into') {
        const maxNotePos = await sql.getSingleValue('select max(note_pos) from notes_tree where note_pid = ? and is_deleted = 0', [parentNoteId]);

        newNotePos = maxNotePos === null ? 0 : maxNotePos + 1;
    }
    else if (note.target === 'after') {
        const afterNote = await sql.getSingleResult('select note_pos from notes_tree where note_id = ?', [note.target_note_id]);

        newNotePos = afterNote.note_pos + 1;

        await sql.execute('update notes_tree set note_pos = note_pos + 1, date_modified = ? where note_pid = ? and note_pos > ? and is_deleted = 0',
            [utils.nowTimestamp(), parentNoteId, afterNote.note_pos]);
    }
    else {
        throw new Error('Unknown target: ' + note.target);
    }

    await sql.doInTransaction(async () => {
        await sql.addAudit(audit_category.CREATE_NOTE, browserId, noteId);
        await sync_table.addNoteTreeSync(noteTreeId);
        await sync_table.addNoteSync(noteId);

        const now = utils.nowTimestamp();

        await sql.insert("notes", {
            'note_id': noteId,
            'note_title': note.note_title,
            'note_text': '',
            'date_created': now,
            'date_modified': now,
            'is_protected': note.is_protected
        });

        await sql.insert("notes_tree", {
            'note_tree_id': noteTreeId,
            'note_id': noteId,
            'note_pid': parentNoteId,
            'note_pos': newNotePos,
            'is_expanded': 0,
            'date_modified': now,
            'is_deleted': 0
        });
    });

    return {
        noteId,
        noteTreeId
    };
}

async function encryptNote(note, ctx) {
    note.detail.note_title = data_encryption.encrypt(ctx.getDataKey(), data_encryption.noteTitleIv(note.detail.note_id), note.detail.note_title);
    note.detail.note_text = data_encryption.encrypt(ctx.getDataKey(), data_encryption.noteTextIv(note.detail.note_id), note.detail.note_text);
}

async function protectNoteRecursively(noteId, dataKey, protect) {
    const note = await sql.getSingleResult("SELECT * FROM notes WHERE note_id = ?", [noteId]);

    await protectNote(note, dataKey, protect);

    const children = await sql.getFlattenedResults("note_id", "SELECT note_id FROM notes_tree WHERE note_pid = ?", [noteId]);

    for (const childNoteId of children) {
        await protectNoteRecursively(childNoteId, dataKey, protect);
    }
}

async function protectNote(note, dataKey, protect) {
    let changed = false;

    if (protect && !note.is_protected) {
        note.note_title = data_encryption.encrypt(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
        note.note_text = data_encryption.encrypt(dataKey, data_encryption.noteTextIv(note.note_id), note.note_text);
        note.is_protected = true;

        changed = true;
    }
    else if (!protect && note.is_protected) {
        note.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
        note.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(note.note_id), note.note_text);
        note.is_protected = false;

        changed = true;
    }

    if (changed) {
        console.log("Updating...");

        await sql.execute("UPDATE notes SET note_title = ?, note_text = ?, is_protected = ? WHERE note_id = ?",
            [note.note_title, note.note_text, note.is_protected, note.note_id]);

        await sync_table.addNoteSync(note.note_id);
    }

    await protectNoteHistory(note.note_id, dataKey, protect);
}

async function protectNoteHistory(noteId, dataKey, protect) {
    const historyToChange = await sql.getResults("SELECT * FROM notes_history WHERE note_id = ? AND is_protected != ?", [noteId, protect]);

    for (const history of historyToChange) {
        if (protect) {
            history.note_title = data_encryption.encrypt(dataKey, data_encryption.noteTitleIv(history.note_history_id), history.note_title);
            history.note_text = data_encryption.encrypt(dataKey, data_encryption.noteTextIv(history.note_history_id), history.note_text);
            history.is_protected = true;
        }
        else {
            history.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(history.note_history_id), history.note_title);
            history.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(history.note_history_id), history.note_text);
            history.is_protected = false;
        }

        await sql.execute("UPDATE notes_history SET note_title = ?, note_text = ?, is_protected = ? WHERE note_history_id = ?",
            [history.note_title, history.note_text, history.is_protected, history.note_history_id]);

        await sync_table.addNoteHistorySync(history.note_history_id);
    }
}

async function updateNote(noteId, newNote, ctx) {
    let noteTitleForHistory = newNote.detail.note_title;
    let noteTextForHistory = newNote.detail.note_text;

    if (newNote.detail.is_protected) {
        await encryptNote(newNote, ctx);
    }

    const origNoteDetail = await sql.getSingleResult("select * from notes where note_id = ?", [noteId]);

    const now = utils.nowTimestamp();

    const historySnapshotTimeInterval = parseInt(await options.getOption('history_snapshot_time_interval'));

    const historyCutoff = now - historySnapshotTimeInterval;

    const existingNoteHistoryId = await sql.getSingleValue("select note_history_id from notes_history where note_id = ? and date_modified_from >= ?", [noteId, historyCutoff]);

    await sql.doInTransaction(async () => {
        if (!existingNoteHistoryId) {
            const newNoteHistoryId = utils.newNoteHistoryId();

            await sql.execute("insert into notes_history (note_history_id, note_id, note_title, note_text, is_protected, date_modified_from, date_modified_to) " +
                "values (?, ?, ?, ?, ?, ?, ?)", [
                newNoteHistoryId,
                noteId,
                noteTitleForHistory,
                noteTextForHistory,
                false, // we don't care about encryption - this will be handled in protectNoteHistory()
                now,
                now
            ]);

            await sync_table.addNoteHistorySync(newNoteHistoryId);
        }

        await protectNoteHistory(noteId, ctx.getDataKeyOrNull(), newNote.detail.is_protected);

        await addNoteAudits(origNoteDetail, newNote.detail, ctx.browserId);

        await sql.execute("update notes set note_title = ?, note_text = ?, is_protected = ?, date_modified = ? where note_id = ?", [
            newNote.detail.note_title,
            newNote.detail.note_text,
            newNote.detail.is_protected,
            now,
            noteId]);

        await sql.remove("images", noteId);

        for (const img of newNote.images) {
            img.image_data = atob(img.image_data);

            await sql.insert("images", img);
        }

        await sql.remove("links", noteId);

        for (const link in newNote.links) {
            //await sql.insert("links", link);
        }

        await sync_table.addNoteTreeSync(noteId);
        await sync_table.addNoteSync(noteId);
    });
}

async function addNoteAudits(origNote, newNote, browserId) {
    const noteId = newNote.note_id;

    if (!origNote || newNote.note_title !== origNote.note_title) {
        await sql.deleteRecentAudits(audit_category.UPDATE_TITLE, browserId, noteId);
        await sql.addAudit(audit_category.UPDATE_TITLE, browserId, noteId);
    }

    if (!origNote || newNote.note_text !== origNote.note_text) {
        await sql.deleteRecentAudits(audit_category.UPDATE_CONTENT, browserId, noteId);
        await sql.addAudit(audit_category.UPDATE_CONTENT, browserId, noteId);
    }

    if (!origNote || newNote.is_protected !== origNote.is_protected) {
        const origIsProtected = origNote ? origNote.is_protected : null;

        await sql.addAudit(audit_category.PROTECTED, browserId, noteId, origIsProtected, newNote.is_protected);
    }
}


async function deleteNote(noteTreeId, browserId) {
    const now = utils.nowTimestamp();
    await sql.execute("update notes_tree set is_deleted = 1, date_modified = ? where note_tree_id = ?", [now, noteTreeId]);
    await sync_table.addNoteTreeSync(noteTreeId);

    const noteId = await sql.getSingleValue("SELECT note_id FROM notes_tree WHERE note_tree_id = ?", [noteTreeId]);

    const notDeletedNoteTreesCount = await sql.getSingleValue("SELECT COUNT(*) FROM notes_tree WHERE note_id = ?", [noteId]);

    if (!notDeletedNoteTreesCount) {
        await sql.execute("update notes set is_deleted = 1, date_modified = ? where note_id = ?", [now, noteTreeId]);
        await sync_table.addNoteSync(noteTreeId);

        const children = await sql.getResults("select note_tree_id from notes_tree where note_pid = ? and is_deleted = 0", [noteTreeId]);

        for (const child of children) {
            await deleteNote(child.note_tree_id, browserId);
        }

        await sql.addAudit(audit_category.DELETE_NOTE, browserId, noteTreeId);
    }
}

module.exports = {
    createNewNote,
    updateNote,
    addNoteAudits,
    deleteNote,
    protectNoteRecursively
};