Currently, NEProfileRepository decodes profiles from ALL NE managers on
any update. This is undesirable considering that:
- Profiles are only _added_ by the app
- Externally, profiles can only be _removed_
Therefore:
- Observe the initial managers to decode the initial profiles from them
- Publish values manually on save/delete (to ProfileManager eventually)
- Observe the subsequent updates for when a profile is removed
externally, i.e. its ID doesn't appear in managers
Fixes#741
Resolve some flickering and state inconsistency due to overextended
observation of VPNProviderManager. Narrow down its scope to
VPNProviderServerView.
The downside of that, for now, is that servers are loaded "lazily late",
but this flow will make region selection from home easier.
Finally, show filters in popover on iPad.
Improve rendering and work around some SwiftUI bugs, e.g. with .menu
Picker on iOS (use .navigationLink instead).
Here goes the hierarchy bottom-up:
- ProviderPicker: a Picker wrapper built around ProviderManager
- ProviderContentModifier: adds a ProviderPicker on top and replaces the
content with a set of provider selectors when a provider is selected
- VPNProviderContentModifier: wrapper for ProviderContentModifier that
adds a VPN server selector
- OpenVPNView: provides a view of specific OpenVPN settings, and adds a
credentials selector to the provider/server selectors provided by
VPNProviderContentModifier
Update library to allow optional VPN configurations. This in turn allows
a module to be used with a provider, where the configuration is
generated on the fly.
- [x] NE managers were not deleted when unable to be decoded to a
profile
- [x] Keychain items were not deleted on profile removal
- [x] Perform clean-up on app launch
- [x] Perform clean-up on app active
Prematurely merged as #727 then reverted, this is the complete PR.
Initial integration of providers via API:
- Generic views and modifiers for provider/server selection
- Add in OpenVPNView
- Prepare in WireGuardView
Also:
- Introduce ProfileProcessor, move IAP processing there
- Move .asModuleView() to ModuleViewModifier for proper animation
- Use .themeModal() rather than .sheet()
Mainly:
- Aggregate shared/mock entities in less scattered files
- Review package dependencies
Also:
- Decouple ProfileRepository from Core Data Repository in UtilsLibrary
(filters done by ProfileManager)
Profiles are being maintained in two places:
- Core Data
- NetworkExtension
Core Data is redundant for local profiles, so make NetworkExtension the
only source of truth.
Remote profiles were never deleted. Now, when removing a profile:
- The profile is deleted from the local store
- The profile is deleted from the remote store
- Other synced devices receive the update and delete the profile from
their remote store
- However, they retain a local copy of the profile
- The copy doesn't appear as "Shared on iCloud" anymore
Also, fix SwiftUI not refreshing when remote profiles are updated. There
was no objectWillChange nor Published around
ProfileManager.allRemoteProfiles, and ProfileRowView was not treating it
as ObservedObject.
Closes#673
Follow the same approach as #636, because if no profiles are formerly
installed the first import will trigger a VPN permission alert. Weird
things may happen in that case if profiles are imported in parallel.
Keep two separate stores to accomplish per-profile sharing:
- Local store, where to push updates manually (save/remove/search)
- Remote iCloud store, where to pull updates from
A profile can be added/removed to/from the iCloud store so that other
devices can push/pull updates to it.
Consequently, updates to the iCloud store will NEVER cause a profile
deletion. Once removed, the profile will stay locally.
Fixes#586Fixes#555
Helps with automation. Install the VPN configuration before persisting a
profile, so that the 1:1 reference with OS settings is maintained.
Likewise, uninstall the VPN configuration after removing a profile.
This before-save hook also resolves a problem with multiple imports,
where multiple VPN permission alerts coalesce if no VPN configuration is
installed. Now the first import waits for the permission synchronously.
Fixes#618