Refactors the list locking feature to be database-centric, resolving UI inconsistencies.
The previous session-based unlocking mechanism caused issues where the UI would not update correctly after unlocking a list, as items were held in memory only.
This commit implements a new lifecycle-aware approach:
- When a locked list is opened, it is temporarily unlocked in the database (items are decrypted and inserted).
- When the detail screen is closed, the list is automatically re-locked if it was locked initially (items are encrypted and removed from the DB).
- This ensures that the UI always works with a consistent database state, fixing all related bugs (item creation, deletion, checking).
- The `sessionUnlockedItems` logic has been completely removed from the ViewModels and MainActivity.
Addresses critical security and stability issues related to encryption and biometric authentication.
Improves KeyManager logic, enhances SettingsScreen UX/Security, adds new string resources, and updates MainActivity.
This commit introduces a visual indicator (down arrow icon) to the SettingsScreen
that appears when the content is scrollable, enhancing user experience by
clearly communicating that more content is available below.
The changes include:
- Removed previous custom scrollbar implementation attempts.
- Implemented an AnimatedVisibility composable with a KeyboardArrowDown icon
at the bottom of the LazyColumn in SettingsScreen. This icon's visibility
is dynamically controlled by the LazyListState, appearing only when the
list can scroll forward.
- Added missing German translations for various strings to resolve lint errors.
- Integrated Toast messages for successful data export, import, and sync folder
selection in MainActivity and JsonImportExportDialog for better user feedback.
- Removed unused 'foundation' dependency from build.gradle.kts and libs.versions.toml.
Korrigiert einen Fehler, bei dem der Hauptschalter für die "Datenverschlüsselung" nicht mehr ausgeschaltet werden konnte, wenn er aktiviert wurde, ohne dass anschließend ein Passwort gesetzt wurde.
Die Logik wurde vervollständigt, sodass der Schalter nun in allen Zuständen korrekt funktioniert und nicht mehr "hängen" bleibt.
Dieses Commit behebt einen kritischen Absturz bei der Passworterstellung und eine Kaskade von Folgefehlern in der Logik zum Sperren, Entsperren und Verwalten des UI-Status.
KORRIGIERTE FEHLER:
- **Absturz bei Passworterstellung behoben:** Die Logik zur Erstellung von Schlüsseln wurde grundlegend überarbeitet, um den Android-Sicherheitsvorgaben für biometrisch-gebundene Schlüssel zu entsprechen. Der 'Key user not authenticated'-Absturz ist damit behoben.
- **Sicherheitslücken geschlossen:** Das Ändern oder Entfernen des Passworts sowie das Deaktivieren der Verschlüsselung erfordern nun eine zwingende biometrische Bestätigung.
- **Fehler beim Sperren/Entsperren behoben:**
- Einkaufslisten sind nach dem Entsperren nicht mehr leer.
- Der Inhalt von Notizen/Rezepten wird nach dem Sperren und Verlassen der Seite nicht mehr gelöscht.
- Die Benutzeroberfläche zeigt nach dem Sperren eines Elements nun zuverlässig den Sperrbildschirm an.
- Die 'Sperre entfernen'-Optionen sind jetzt immer korrekt verfügbar.
- **Verbesserte UI-Logik:**
- Der überflüssige Biometrie-Schalter im Passwort-Dialog wurde entfernt.
- Der Biometrie-Schalter in den Einstellungen erscheint nun korrekt, nachdem ein Passwort erfolgreich gesetzt wurde.
Dieses Commit behebt eine Reihe kritischer Fehler im Zusammenhang mit dem Sperren und Entsperren von Elementen, die zu Datenverlust und inkonsistentem UI-Verhalten führten.
KORRIGIERTE FEHLER:
- **Leere Einkaufslisten:** Einkaufslisten sind nach dem Entsperren nicht mehr leer. Die entschlüsselten Artikel werden nun korrekt in die Datenbank wiedereingefügt.
- **Gelöschter Inhalt:** Das Sperren einer Notiz oder eines Rezepts führt nicht mehr zum Löschen des Inhalts beim nächsten Speichern.
- **Inkonsistente UI:**
- Nach dem Sperren eines Elements wird nun zuverlässig der Sperrbildschirm angezeigt.
- Die 'Sperre entfernen'-Optionen für Notizen und Rezepte sind jetzt korrekt aktiviert und die zugrundeliegende Funktion ist robust gegenüber alten, unverschlüsselten Daten.
- **Fehlgeschlagene Aktionen:**
- Das Sperren von Listen schlägt nicht mehr stillschweigend fehl. Die Aktion holt sich jetzt immer einen gültigen Schlüssel per Biometrie.
- **Build-Fehler:** Ein Kompilierungsfehler in den Notes- und RecipesViewModels wurde behoben.
Dieses Commit behebt kritische Sicherheitslücken und verbessert die Logik sowie die Benutzerfreundlichkeit der Verschlüsselungsfunktionen.
WICHTIGSTE ÄNDERUNGEN:
1. **Sicherheitslücken geschlossen:**
* Das Ändern oder Entfernen des Verschlüsselungspassworts erfordert nun eine zwingende biometrische Authentifizierung.
* Auch das Deaktivieren der Verschlüsselung ist jetzt durch eine Biometrie-Abfrage geschützt, um unbefugtes Löschen des Schlüssels zu verhindern.
* Dies schließt die Lücke, bei der eine Person mit Zugriff auf das entsperrte Gerät die Daten hätte kompromittieren können.
2. **Biometrie-Logik korrigiert:**
* Die Funktion 'Biometrisches Entsperren' funktioniert nun wie vorgesehen. Bei Aktivierung wird der Hauptschlüssel beim App-Start einmalig per Biometrie geladen.
* Dieser Schlüssel wird für die gesamte Sitzung wiederverwendet, sodass gesperrte Elemente ohne wiederholte Abfragen geöffnet werden können.
* Die Funktion kann über einen neuen Schalter in den Einstellungen jederzeit an- und ausgeschaltet werden.
3. **Verbesserungen an der UI:**
* Die missverständliche Bezeichnung 'Syncronisationsordner verschlüsseln' wurde zu 'Datenverschlüsselung' korrigiert.
4. **Kompatibilität des Entschlüsselungs-Skripts:**
* Das externe Skript decrypt.py wurde aktualisiert, um die neue, verschachtelte Verschlüsselungsstruktur zu verstehen und eine vollständige 'Tiefenentschlüsselung' der exportierten JSON-Dateien durchzuführen.
Behebt einen Absturz, der beim Entsperren von Elementen auftrat, die mit einer früheren, fehlerhaften App-Version 'gesperrt' wurden. Diese Version hatte nur ein isLocked-Flag gesetzt, ohne die Daten tatsächlich zu verschlüsseln, was zu einem IllegalArgumentException führte, wenn die neue, strikte Entschlüsselungslogik auf reinen Text traf.
ÄNDERUNGEN:
- Die Entschlüsselungslogik in MainActivity für Notizen und Rezepte fängt nun Fehler ab.
- Wenn eine Entschlüsselung fehlschlägt, wird eine Warnung protokolliert und der Inhalt wird als unverschlüsselter Text behandelt. Dies gilt sowohl für den Titel als auch für den Inhalt, um die Kompatibilität mit verschiedenen alten Datenständen zu gewährleisten.
- Eine Hilfsfunktion setDecryptedDetails wurde in den entsprechenden ViewModels wieder eingeführt, um die wiederhergestellten Daten einfach in der UI anzuzeigen.
ERGEBNIS:
- Die App stürzt nicht mehr ab, wenn alte, 'gesperrte' Elemente geöffnet werden.
- Die Warnungen im Log (Could not decrypt...) sind ein erwartetes Verhalten und bestätigen, dass die Fallback-Logik für Altdaten korrekt funktioniert.
Dieses Commit führt eine grundlegende Überarbeitung der Verschlüsselungsmethode für Einkaufslisten ein und vereinfacht die Verschlüsselung für Notizen und Rezepte, um die Komplexität zu reduzieren und die Robustheit zu erhöhen.
HAUPTÄNDERUNGEN:
- **Einkaufslisten-Verschlüsselung:**
- Anstatt jeden Artikel einzeln zu verschlüsseln, wird nun die gesamte Artikelliste in ein JSON-Format serialisiert, verschlüsselt und in einer neuen Spalte (encryptedItems) in der shopping_lists-Tabelle gespeichert.
- Beim Sperren werden die ursprünglichen Artikel aus ihrer Tabelle entfernt und beim Entsperren aus dem verschlüsselten JSON-String wiederhergestellt.
- Dies vereinfacht die Zustandsverwaltung erheblich und verhindert das Hinzufügen von Artikeln zu gesperrten Listen.
- **Notiz- & Rezept-Verschlüsselung:**
- Die Verschlüsselung wurde so vereinfacht, dass nur noch der Inhalt (content) und nicht mehr der Titel (title) verschlüsselt wird. Dies reduziert die Komplexität und potenzielle Fehlerquellen.
- **State Management & UI:**
- Das isDecrypted-Flag wurde aus den Details-Datenklassen entfernt.
- Für Einkaufslisten werden entschlüsselte Artikel nun für die Dauer der Sitzung im ViewModel zwischengespeichert (sessionUnlockedItems), was die Logik vereinfacht.
- Die UI wurde angepasst, um diese Änderungen zu unterstützen und die Handhabung von gesperrten Inhalten zu verbessern.
- **Fehlerbehandlung & Datenbank:**
- Verbesserte Fehlerbehandlung bei Entschlüsselungsfehlern (z.B. bei beschädigten Daten) mit Nutzerbenachrichtigung.
- Die Datenbankversion wurde auf 8 erhöht und eine entsprechende Migration hinzugefügt.
This commit addresses build errors related to nullable types in the `toggle...Lock` functions across `RecipesViewModel`, `NotesViewModel`, and `ShoppingListsViewModel`.
- The `fileEncryptor` parameter in `toggleRecipeLock` and `toggleNoteLock` was incorrectly marked as nullable, leading to compilation failures. This has been corrected to `FileEncryptor` (non-nullable).
- The `secretKey` parameter, although nullable in the function signature, is guaranteed to be non-null within the encryption/decryption logic due to an early null check. Non-null asserted calls (`!!`) are now used for `secretKey` when passed to `fileEncryptor.encrypt` and `fileEncryptor.decrypt` to resolve argument type mismatches.
This commit fixes a critical bug where saving an already encrypted item would lead to double encryption, making the data unrecoverable.
The `save` methods in the ViewModels (`RecipesViewModel`, `NotesViewModel`, `ShoppingListsViewModel`) were encrypting content if the `isLocked` flag was true, without checking if the content was already encrypted. This happened when saving on navigating back from the detail screen.
The fix introduces an `isDecrypted` flag in the `...Details` data classes.
- This flag is set to `true` only when content is explicitly decrypted for viewing or editing.
- The `save` methods now only perform encryption if `isLocked` is true AND `isDecrypted` is true.
- This ensures that already encrypted data is never re-encrypted.
This commit addresses several critical bugs:
1. **Encryption Locking:** Toggling the lock state on items (recipes, notes, shopping lists) only changed a boolean flag without performing encryption/decryption. This led to crashes when trying to access supposedly locked items.
- The `FileEncryptor` now includes a check to prevent crashes on invalid data.
- The `toggleRecipeLock` function and its equivalents are refactored to use a `SecretKey` to perform cryptography.
- A migration path is included for items "locked" with the old buggy mechanism.
- The UI now consistently uses biometric prompts to retrieve the necessary keys.
- The fix is applied to Recipes, Notes, and Shopping Lists.
2. **SAF Permissions:** The app would crash with a `ParcelableException` during automatic import/export because of lost permissions to the sync folder URI.
- Added a check to verify URI permissions before any file access in `performAutomaticImport`.
3. **Deprecated Code:** Replaced deprecated calls to `keyManager.getSecretKey()` with the new biometric prompt-based flow (`getDecryptionCipher` and `getSecretKeyFromAuthenticatedCipher`) in `JsonImportExportDialog` and for automatic exports.
This commit addresses a critical bug where toggling the lock state on items (recipes, notes, shopping lists) only changed a boolean flag without performing any encryption or decryption. This led to crashes when trying to access supposedly locked items, as the app would attempt to decrypt plaintext data.
The following changes have been made:
- The `FileEncryptor` now includes a check to prevent crashes on invalid data.
- The `toggleRecipeLock` function in `RecipesViewModel` (and its equivalents for notes and shopping lists) has been refactored to accept a `SecretKey`.
- The function now performs encryption when locking and decryption when unlocking.
- A migration path is included to handle items that were "locked" under the old, buggy mechanism. When unlocking these items, the app will detect the decryption failure, assume the data is plaintext, and correctly unlock the item.
- The UI in `MainActivity` has been updated to always use the biometric prompt to retrieve the necessary key for both locking and unlocking, ensuring the key is available for the cryptographic operations.
- The fix has been consistently applied to Recipes, Notes, and Shopping Lists for uniform behavior.
This commit resolves several issues related to biometric authentication, improving both security and stability.
- Differentiates BiometricPrompt configuration for cryptographic operations versus simple UI locking.
- Disables device credential fallback for CryptoObject-based prompts to fix a bug where unlocking via pattern/PIN failed. This aligns with Android's security model for hardware-backed keys.
- Removes the negative button from non-crypto prompts that allow device credential fallback, fixing an IllegalArgumentException crash.
- Adds hardware capability checks to the UI. Biometric lock options are now disabled on devices without a strong biometric sensor, preventing users from getting locked out.
- Adds a Python script (decrypt.py) to allow for cross-platform decryption of encrypted sync files.
Refactors the encryption and biometric authentication logic to correctly handle decryption of synchronized files when the app starts.
- Implements a biometric prompt on app startup if sync folder encryption is enabled.
- Uses BiometricPrompt with CryptoObject for a more secure authentication flow.
- Splits KeyManager.getSecretKey into a two-step process to support the new flow.
- Fixes a NullPointerException in KeyManager when generating a new master key.
- Fixes an IllegalBlockSizeException by setting an authentication validity duration.
- Fixes a GCMParameterSpec issue during key decryption.
- Enables OnBackInvokedCallback in the manifest to address a system warning.
The automatic JSON export was appending to existing files instead of overwriting them. This led to corrupted JSON files with trailing data, causing parsing errors on import.
This change modifies the automatic export logic to use `contentResolver.openFileDescriptor(uri, "w")`, which explicitly truncates the files before writing. This ensures that each export creates a clean JSON file.
This commit updates several dependencies to their latest versions and resolves all outstanding warnings in the project. The encryption functionality is now fully integrated and up-to-date.
- Updated dependencies:
- junit-version from 1.2.1 to 1.3.0
- core-ktx from 1.13.1 to 1.17.0
- material-icons-extended from 1.7.7 to 1.7.8
- material from 1.12.0 to 1.13.0
- Suppressed UnstableApiUsage warning in settings.gradle.kts.
- Removed unused imports in AppViewModelProvider.kt.
This commit removes several unused functions and a class from ShoppingListsViewModel.kt to clean up the codebase.
- Removed unused functions:
- deleteItem
- moveItemToTop
- moveItemToBottom
- moveItemUp
- moveItemDown
- Removed unused class ShoppingListItemDetails and its associated functions toShoppingListItem and isValid.
This commit refactors the `KeyManager.kt` file to use the more idiomatic Kotlin KTX extension function for `SharedPreferences.edit`. This improves code readability and conciseness.
This commit includes several updates and fixes:
- **Gradle:**
- Updated Gradle to version `8.14.3`.
- Fixed the deprecated `exec` method in `app/build.gradle.kts`.
- **Dependencies:**
- Updated `espresso-core` to `3.7.0`.
- **Code Cleanup:**
- Suppressed a deprecation warning in `KeyManager.kt` for `setUserAuthenticationValidityDurationSeconds`.
- Removed several unused imports across the project.
- Minor code reformatting.
This commit updates several dependencies and moves them to the `libs.versions.toml` file for better management.
- **Updated and Migrated:**
- `material-icons-extended`: `1.6.8` -> `1.7.7`
- `documentfile`: `1.0.1` -> `1.1.0`
- `kotlinx-serialization-json`: `1.6.0` -> `1.9.0`
- **Migrated to Version Catalog:**
- `com.google.android.material:material`: `1.12.0`
- `com.github.jeziellago:compose-markdown`: `0.5.7`
In MainActivity, the secretKey was accessed multiple times during a single import/export operation. This could lead to inconsistent behavior if the key changes unexpectedly.
This commit introduces a local variable `currentSecretKey` to capture the key at the beginning of the operation and use it consistently throughout.
Additionally, this commit includes minor cleanups:
- Removed an unused `android:label` from the `AndroidManifest.xml`.
- Removed unused imports in `KeyManager.kt.
This commit addresses several UI/UX concerns in the SettingsScreen:
- **Section Reordering:** Reordered sections to place 'Security' at the bottom, improving logical grouping.
- **Scrollability:** Made the entire SettingsScreen scrollable to prevent content overflow on smaller screens.
- **Color Theme Selection:** Replaced FlowRow with LazyRow for color theme selection, making it horizontally scrollable and saving vertical space. Reduced the size of color theme circles and checkmark icons for a more compact look.
- **Label Handling:** Applied weight(1f) to text labels in rows to better handle longer text in different languages, preventing truncation and improving responsiveness.
- **Start Screen Selection:** Replaced the ExposedDropdownMenuBox with a simpler TextButton and standard DropdownMenu for a cleaner UI.
This commit introduces an optional file encryption feature for the synchronization folder, enhancing data security.
Key changes include:
- **Encryption Utilities:** Added KeyManager.kt for password-derived key management and FileEncryptor.kt for AES/GCM file encryption/decryption.
- **Automatic Sync Integration:** Modified MainActivity.kt to integrate encryption/decryption into the automatic import/export process, based on user settings.
- **User Interface:** Added UI elements in SettingsScreen.kt to enable/disable encryption, set/change passwords, and remove encryption. An EncryptionPasswordDialog.kt was created for password management.
- **Error Handling:** Implemented robust error handling for JSON parsing and decryption failures during synchronization.
- **Resource Management:** Added necessary string resources for the new UI elements and a salt resource for key derivation.
- **Bug Fixes:** Addressed compilation errors related to type mismatches and a lint error for missing translations.
Note: The current implementation of password storage in KeyManager.kt uses a simplified approach for development. For production use, a more robust KeyStore integration with hardware-backed security is recommended for storing the derived encryption key.
This commit introduces several improvements to the automatic synchronization feature:
- **Recipe Synchronization:** Recipes are now included in the automatic JSON export and import process, ensuring all user data is synchronized.
- **Separated Sync Logic:** The automatic synchronization process has been refactored to separate import and export operations. Data is now imported on app startup (ON_START) and exported on app shutdown (ON_STOP), preventing conflicts and crashes that occurred due to simultaneous read/write operations.
- **Upsert for Imports:** JSON import functions for notes, shopping lists, and recipes now use an "upsert" strategy. This means existing items are updated, and new items are inserted, preventing primary key violations and app crashes during import.
- **JSON Parsing Error Handling:** Added try-catch blocks around JSON deserialization to gracefully handle malformed JSON data in sync files, improving app stability.
- **Build Fix:** Corrected a compilation error related to the return type of upsertShoppingList in the NoteshopRepository interface.
- Add a new setting to define the default start screen (Last opened, Shopping Lists, Notes, or Recipes).
- The app now remembers the last opened main screen and restores it on startup, unless a default start screen is set.
- Add settings to reset the names of the "Shopping Lists" and "Recipes" drawer items back to their default values.
- Move the "About" button to the bottom of the navigation drawer.
- Fix an issue where the recipe import button showed the wrong text when the recipe list was renamed.
- Fix hint texts in search fields by removing trailing "...".
- Add a new "Recipes" section to the app, including functionality to create, view, edit, delete, and reorder recipes.
- The recipe content is rendered as Markdown.
- Unify the UI for adding new items:
- The "+" button for Notes and Recipes now opens a dialog directly, consistent with Shopping Lists.
- The dialogs for adding notes and recipes now include an import button.
- The import button labels have been updated for clarity ("Aus TXT importieren" and "Aus MD/TXT importieren").
- Enhance navigation drawer:
- The "Recipes" entry can now be renamed, similar to "Shopping Lists".
- The order of items in the drawer has been adjusted to place "Recipes" above "Notes".
- Rename "Unlock list/note" to "Remove lock" for clarity.
- Move lock/unlock operations to a background thread to prevent UI lag.
- Optimize list sorting by moving it from the UI to the ViewModel.
- Remove redundant sorting in the notes list.
- Fix build error related to missing import.
Implements new features for shopping lists:
- Adds an option to import a shopping list from a TXT file via the new list dialog.
- Introduces a button on the shopping list detail screen to mark/unmark all items as completed in bulk.
- Adjusts the UI layout of the item counter and the bulk action button for better alignment.
Updates the standard shopping list items with user-provided corrections and new entries.
- Merges new items from user input with existing standard items, ensuring uniqueness and alphabetical sorting.
- Corrects minor typos in the German list.
- Provides English translations for the standard list items in the default strings.xml.
Adds a new item counter to the shopping list detail screen, showing the number of checked and total items.
Further improves UI performance and addresses scrolling jank by:
- Replacing the scrollable Column in the drawer with a more performant LazyColumn.
- Removing the graphicsLayer scaling animation from list items as a diagnostic step to improve rendering speed.
- Memoizing list sorting and filtering operations to prevent expensive recalculations on every recomposition.
Introduces bulk database operations to improve performance and reduce redundant queries. Refactors multiple functions in the ViewModel to use these more efficient batch methods.
- Adds bulk insert, update, and delete methods to ShoppingListDao.
- Implements corresponding bulk methods in the NoteshopRepository.
- Refactors moveList, deleteCompletedItems, saveShoppingListItem, and createStandardList in ShoppingListsViewModel to use bulk operations, fixing N+1 query issues.
Additionally, this commit fixes two UI issues with the navigation drawer:
- Makes the drawer content scrollable to ensure all items are accessible in landscape mode.
- Removes a conflicting SideEffect in the theme that caused rendering issues with edge-to-edge.
Adds donation, license (GPLv3), and library information to the About screen.
Implements clickable links for donation and license URLs using modern LinkAnnotation. Externalizes all new UI strings to both default (English) and German resource files.
The implementation is fully localized and resolves previous build issues and deprecation warnings.
This commit updates the minimum SDK version to 28 and integrates the Material Design library.
It also adds a new app logo and displays it in the About screen, alongside an improved version information retrieval.
Key changes include:
- Updated minSdk to 28 in build.gradle.kts.
- Added 'com.google.android.material:material:1.12.0' dependency.
- Introduced 'noteshop_logo.xml' drawable.
- Integrated 'noteshop_logo' into AboutScreen.kt.
- Refactored version information retrieval in AboutScreen.kt for better compatibility.
- Changed app theme to 'Theme.MaterialComponents.DayNight.NoActionBar' in themes.xml.
