Rather than redoing ProfileManager.observeLocal() altogether:
- Keep the existing profiles subscription (localSubscription)
- Reload ALL local profiles on NE notifications
The reload is "heavy" because each profile save causes a reload of ALL
profiles, but it's the most reliable approach and in the end, it only
takes 1-2msec. It can be improved later.
Partially reverts #1049, because the app did not sync when a VPN
configuration was deleted from the OS settings.
Especially useful on macOS and tvOS where Network Extension does not
retain this information when the profile is disabled. On these
platforms, there's no native way to tell the last used profile, so save
it to UserDefaults and fall back to it when tunnel.currentProfile is
nil.
This was not apparent on TestFlight, but features from single iOS and
macOS "Full version" purchases were not being credited on the Apple TV
because of the incomplete `#if` conditionals.
When level is .beta, it was relying on beta receipt exclusively without
falling back to production receipt.
This was preventing the sandbox receipt ("production" in TestFlight)
from being read unless the AppUserLevel was explicitly set to .freemium
(0).
The remote container is shared by ProfileManager and
PreferencesManager, but it must be the same for CloudKit sync
to work properly.
Externalize the logic of onEligibleFeatures() so that the
AppContext singleton can update the managers (and their
repositories) with the new remote store.
Now that the remote profile repository is reloaded every time that
eligible features change, the .removeDuplicates() may also be
restored. Just add a .dropFirst() to skip the initially empty
value of eligible features. Even when features are eventually empty,
a value is always emitted after IAPManager.reloadReceipt()
Lastly, enable Core Data lightweight migration.
Regressions from #1017
Only offer compensations to former purchasers:
- .appleTV to .full purchasers
- .full to .appleTV purchasers
Always suggest .fullTV to new purchasers.
Finally rename:
- .full to .iOS_macOS
- .fullTV to .allFeatures (lifetime)
Suggest whenever .fullTV is suggested. For this reason, subscriptions
are not suggested to existing full version purchasers, because they only
miss the one-time .appleTV purchase. Group purchases by feature products
and full version products, e.g.:
- Features
- Apple TV
- Full version
- Yearly
- Monthly
- Full
- Full + TV
Additionally, fix reloadReceipt() slowing down onLaunch() sometimes. The
warning sign would appear on restricted profiles until the receipt is
loaded.
- Present paywall only on save/connect because PurchaseRequiredButton
instances were presenting paywalls with partial requirements
- Retain PurchaseRequiredButton just to flag paid features visually, but
do nothing on tap
- Suggest paywall products via IAPManager and required features, rather
than from views
- Handle .sharing/.appleTV requirements in ProfileCoordinator, rather
than in StorageSection
- Discontinue platform purchases, but treat as full if iOS + macOS
Before anything, remove any code related to App Group containers from
tvOS target because they are not available. Include the beta receipt
override, it's broken for that reason.
In short:
- Store all Core Data containers locally. Do not use the App Group for
Core Data for consistency across platforms.
- Store logs in the App Group on iOS/macOS, but locally on tvOS (see
`urlForCaches`).
Then, rather than one container per model, merge models into:
- Local: Providers
- Remote: Profiles + Preferences (now in the same CloudKit container)
Reuse the remote model for backups too.
This change is safe because:
- Local profiles are stored via Network Extension in the keychain, not
Core Data
- Remote profiles are re-imported via CloudKit sync
- Providers are re-downloaded on first use
- Preferences are lost, but they are "cheap" data
- Profile backups are lost, but they were hidden anyway
Could not create the Preferences Core Data container in the App Group
because sub-directories did not exist. Create them upfront when using
App Group URLs.
This was not an issue with other Core Data containers because they are
stored in the app directories, where "Library/Documents" already exists.
Restore CDModulePreferencesV3 to track the history of module prefrences.
This way, excluded endpoints may be saved globally to Core Data as a
starting point. Then in Profile.userInfo we only save the relevant
exclusions for the current configuration.
The .excludedEndpoints relationship is therefore moved out of
CDProviderPreferencesV3.
Further refactoring:
- ModuleViewParameters now includes a ModulePreferences observable that
module views can observe
- Tunnel doesn't need access to PreferencesManager anymore (exclusions
are in Profile.userInfo)
Store module preferences in the Profile.userInfo field for atomicity.
Access and modification are dramatically simplified, and synchronization
comes for free.
On the other side, fix provider preferences synchronization by using
viewContext for the CloudKit container.
Fixes#992
- Save/rollback was done outside of MOC
- Use different contexts for module/provider preferences
- Save providers → also saves modules
- Discard modules → also discards providers
- Use background context because it's not automatically merged (can
rollback)
- Expose ModulePreferences in OpenVPNView as StateObject
- Rework Blacklist to a more reusable ObservableList
- Reapply #988
Exclude endpoints from OpenVPN modules and providers with the generic
Blacklist<T> observable. Eventually, rebuild the Profile in
PacketTunnelProvider (via DefaultTunnelProcessor) with the applied
exclusions from preferences.
Revisit approach to preferences:
- Module preferences
- Tied to the module and therefore to the parent profile
- Load/save in ProfileEditor on request (rather than on
ProfileEditor.load)
- Provider preferences
- Shared globally across profiles
- Load/save in module view if needed
For more consistency with Core Data:
- Revert to observables for both module and provider preferences
- Treat excluded endpoints as relationships rather than a serialized
Array
- Add/remove single relationships over bulk delete + re-add
- Do not map the relationships, Blacklist only needs exists/add/remove:
- isExcludedEndpoint
- addExcludedEndpoint
- removeExcludedEndpoint
Some clean-up:
- Move the importer logic to OpenVPNView.ImportModifier
- Move the preview data to OpenVPN.Configuration.Builder.forPreviews
- Drop objectWillChange.send() on .repository didSet to avoid potential
recursion during SwiftUI updates
Closes#971
Sort out the increasing mess coming from:
- AppContext*
- Dependencies
- Shared*
by doing the following:
- Keep in the "Shared" folder only the entities actually shared by
App/Tunnel
- Create TunnelContext
- Move AppContext and related to the App/Context folder
- Move TunnelContext and related to the Tunnel/Context folder
- Delete Shared+* extensions, use AppContext/TunnelContext singletons
from the app
- Create a Dependencies factory singleton to create entities in a single
place
- Split extensions by domain
- Make it clear with `func` vs `var` when a dependency method returns a
new instance
Formerly via blocks, now with final classes.
App:
- ProfileProcessor
- AppTunnelProcessor
- Implemented by DefaultAppProcessor in app
- Implemented by MockAppProcessor in UILibrary (for previews)
Tunnel:
- PacketTunnelProcessor
- Implemented by DefaultTunnelProcessor
Simplify preferences model by doing a bulk load/save together with
load/save Profile. ModulePreferences is now a struct rather than an
ObservableObject, because it doesn't need ad hoc observation. It's just
a binding to ProfileEditor.preferences
Fix:
- Disable CloudKit in tunnel singleton of PreferencesManager
(.sharedForTunnel)
Additionally:
- Replace MainActor in PreferencesManager with Sendable (immutable)
- Replace MainActor from ProviderPreferencesRepository with Sendable
(syncs on NSManagedObjectContext)
- Drop ModuleMetadata for good
Replace favorites entities with a PreferencesManager, that returns
observables for:
- Module preferences (by module UUID)
- Provider preferences (by ProviderID)
Automate preferences availability in:
- Module views (empty for now)
- VPN server view (favorites)
Synchronize preferences by making this a CloudKit container. Preferences
are also available in the Tunnel by storing the container in the App
Group.
Let the AppCoordinator take care of the connection requirements via
modals:
- onInteractiveLogin() - now presented on AppError
- onProviderEntityRequired()
- onPurchaseRequired()
- Any other connection error
Subviews must not use tunnel.connect(), rather they route connection
requests via the ConnectionFlow callbacks. In particular, migrate to the
AppCoordinator the connection logic from:
- TunnelToggleButton.perform()
- ProviderEntitySelector.onSelect()
onInteractiveLogin() and onPurchaseRequired() are now handled
internally, while onProviderEntityRequired() is kept public because it's
how subviews may present the entity selector.
Extras:
- Avoid modals overlap with a 500ms delay
- Shrink interactive login size on macOS
Some providers require specific credentials for OpenVPN, different from
account credentials. Update the API index with this information to show
an information footer and possibly a link to the OpenVPN credentials.
Also, fix the OTP footer not appearing on macOS.
Especially for flaky tests:
- Do objectWillChange.send() _before_ performing the change
- Send more events to .didChange to be more deterministic about test
expectations
