Always scope sites query to active user.

platform-darwin/MasterPassword-macOS.xcodeproj/project.pbxproj

@@ -3024,7 +3024,6 @@
 				CLANG_WARN_OBJC_RECEIVER_WEAK = NO;
 				CLANG_WARN_OBJC_REPEATED_USE_OF_WEAK = NO;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
-				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
 				CLANG_WARN_STRICT_PROTOTYPES = YES;
 				CLANG_WARN_SUSPICIOUS_IMPLICIT_CONVERSION = YES;
@@ -3126,7 +3125,6 @@
 				CLANG_WARN_OBJC_RECEIVER_WEAK = NO;
 				CLANG_WARN_OBJC_REPEATED_USE_OF_WEAK = NO;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
-				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
 				CLANG_WARN_STRICT_PROTOTYPES = YES;
 				CLANG_WARN_SUSPICIOUS_IMPLICIT_CONVERSION = YES;
@@ -3202,7 +3200,7 @@
 				CLANG_ENABLE_MODULES = YES;
 				CLANG_ENABLE_OBJC_ARC = YES;
 				CODE_SIGN_ENTITLEMENTS = Source/Mac/MasterPassword.entitlements;
-				CODE_SIGN_IDENTITY = "-";
+				CODE_SIGN_IDENTITY = "Apple Development";
 				COMBINE_HIDPI_IMAGES = YES;
 				ENABLE_HARDENED_RUNTIME = YES;
 				GCC_PREFIX_HEADER = "Source/MasterPassword-Prefix.pch";
@@ -3242,7 +3240,7 @@
 				CLANG_ENABLE_MODULES = YES;
 				CLANG_ENABLE_OBJC_ARC = YES;
 				CODE_SIGN_ENTITLEMENTS = Source/Mac/MasterPassword.entitlements;
-				CODE_SIGN_IDENTITY = "-";
+				CODE_SIGN_IDENTITY = "Apple Development";
 				COMBINE_HIDPI_IMAGES = YES;
 				ENABLE_HARDENED_RUNTIME = YES;
 				GCC_PREFIX_HEADER = "Source/MasterPassword-Prefix.pch";

platform-darwin/Source/MPAlgorithmV0.m

@@ -88,7 +88,7 @@ static NSOperationQueue *_mpwQueue = nil;
 - (BOOL)tryMigrateUser:(MPUserEntity *)user inContext:(NSManagedObjectContext *)moc {
 
     NSError *error = nil;
-    NSFetchRequest *migrationRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPSiteEntity class] )];
+    NSFetchRequest *migrationRequest = [MPSiteEntity fetchRequest];
     migrationRequest.predicate = [NSPredicate predicateWithFormat:@"version_ < %d AND user == %@", self.version, user];
     NSArray *migrationSites = [moc executeFetchRequest:migrationRequest error:&error];
     if (!migrationSites) {

platform-darwin/Source/MPAppDelegate_Store.m

@@ -51,7 +51,6 @@ PearlAssociatedObjectProperty( NSNumber*, StoreCorrupted, storeCorrupted );
 
 + (NSManagedObjectContext *)managedObjectContextForMainThreadIfReady {
 
-    NSAssert( [[NSThread currentThread] isMainThread], @"Can only access main MOC from the main thread." );
     NSManagedObjectContext *mainManagedObjectContext = [[self get] mainManagedObjectContextIfReady];
     if (!mainManagedObjectContext || ![[NSThread currentThread] isMainThread])
         return nil;
@@ -155,97 +154,11 @@ PearlAssociatedObjectProperty( NSNumber*, StoreCorrupted, storeCorrupted );
 
 - (NSManagedObjectContext *)mainManagedObjectContextIfReady {
 
-    [self loadStore];
-    return self.mainManagedObjectContext;
-}
-
-- (NSManagedObjectContext *)privateManagedObjectContextIfReady {
+    NSAssert( [[NSThread currentThread] isMainThread], @"Can only access main MOC from the main thread." );
 
     [self loadStore];
-    return self.privateManagedObjectContext;
-}
-
-- (NSURL *)localStoreURL {
-
-    NSURL *applicationSupportURL = [[[NSFileManager defaultManager] URLsForDirectory:NSApplicationSupportDirectory
-                                                                           inDomains:NSUserDomainMask] lastObject];
-    return [[[applicationSupportURL
-            URLByAppendingPathComponent:[NSBundle mainBundle].bundleIdentifier isDirectory:YES]
-            URLByAppendingPathComponent:@"MasterPassword" isDirectory:NO]
-            URLByAppendingPathExtension:@"sqlite"];
-}
-
-- (void)loadStore {
-
-    static dispatch_once_t once = 0;
-    dispatch_once( &once, ^{
-        (self.storeQueue = [NSOperationQueue new]).maxConcurrentOperationCount = 1;
-    } );
-
-    // Do nothing if already fully set up, otherwise (re-)load the store.
-    if (self.mainManagedObjectContext && self.privateManagedObjectContext)
-        return;
-
-    [self.storeQueue addOperationWithBlock:^{
-        // Do nothing if already fully set up, otherwise (re-)load the store.
-        if (self.mainManagedObjectContext && self.privateManagedObjectContext)
-            return;
-
-        // Unregister any existing observers and contexts.
-        PearlRemoveNotificationObserversFrom( self.mainManagedObjectContext );
-        [self.mainManagedObjectContext performBlockAndWait:^{
-            [self.mainManagedObjectContext reset];
-            self.mainManagedObjectContext = nil;
-        }];
-        [self.privateManagedObjectContext performBlockAndWait:^{
-            [self.privateManagedObjectContext reset];
-            self.privateManagedObjectContext = nil;
-        }];
-        NSError *error = nil;
-        for (NSPersistentStore *store in self.storeCoordinator.persistentStores)
-            if (![self.storeCoordinator removePersistentStore:store error:&error] || error) {
-                MPError( error, @"Couldn't remove persistence store from coordinator." );
-                return;
-            }
-
-        // Don't load when the store is corrupted.
-        if ([self.storeCorrupted boolValue])
-            return;
-
-        // Check if migration is necessary.
-        [self migrateStore];
-
-        // Create a new store coordinator.
-        NSURL *localStoreURL = [self localStoreURL];
-        if (![[NSFileManager defaultManager] createDirectoryAtURL:[localStoreURL URLByDeletingLastPathComponent]
-                                      withIntermediateDirectories:YES attributes:nil error:&error]) {
-            MPError( error, @"Couldn't create our application support directory." );
-            PearlRemoveNotificationObserversFrom( self.mainManagedObjectContext );
-            self.mainManagedObjectContext = nil;
-            self.privateManagedObjectContext = nil;
-            return;
-        }
-        if (![self.storeCoordinator addPersistentStoreWithType:NSSQLiteStoreType configuration:nil URL:localStoreURL
-                                                       options:@{
-                                                               NSMigratePersistentStoresAutomaticallyOption: @YES,
-                                                               NSInferMappingModelAutomaticallyOption      : @YES,
-                                                               STORE_OPTIONS
-                                                       } error:&error]) {
-            MPError( error, @"Failed to open store." );
-            PearlRemoveNotificationObserversFrom( self.mainManagedObjectContext );
-            self.mainManagedObjectContext = nil;
-            self.privateManagedObjectContext = nil;
-            self.storeCorrupted = @YES;
-            [self handleCoordinatorError:error];
-            return;
-        }
-        self.storeCorrupted = @NO;
-
-        // Install managed object contexts and observers.
-        self.privateManagedObjectContext = [[NSManagedObjectContext alloc] initWithConcurrencyType:NSPrivateQueueConcurrencyType];
-        self.privateManagedObjectContext.mergePolicy = NSMergeByPropertyObjectTrumpMergePolicy;
-        self.privateManagedObjectContext.persistentStoreCoordinator = self.storeCoordinator;
 
+    if (!self.mainManagedObjectContext && self.privateManagedObjectContext.persistentStoreCoordinator) {
         self.mainManagedObjectContext = [[NSManagedObjectContext alloc] initWithConcurrencyType:NSMainQueueConcurrencyType];
         self.mainManagedObjectContext.parentContext = self.privateManagedObjectContext;
         if (@available( iOS 10.0, macOS 10.12, * ))
@@ -275,6 +188,86 @@ PearlAssociatedObjectProperty( NSNumber*, StoreCorrupted, storeCorrupted );
                     [self.mainManagedObjectContext saveToStore];
                 } );
 #endif
+    }
+
+    return self.mainManagedObjectContext;
+}
+
+- (NSManagedObjectContext *)privateManagedObjectContextIfReady {
+
+    [self loadStore];
+    return self.privateManagedObjectContext;
+}
+
+- (NSURL *)localStoreURL {
+
+    NSURL *applicationSupportURL = [[[NSFileManager defaultManager] URLsForDirectory:NSApplicationSupportDirectory
+                                                                           inDomains:NSUserDomainMask] lastObject];
+    return [[[applicationSupportURL
+            URLByAppendingPathComponent:[NSBundle mainBundle].bundleIdentifier isDirectory:YES]
+            URLByAppendingPathComponent:@"MasterPassword" isDirectory:NO]
+            URLByAppendingPathExtension:@"sqlite"];
+}
+
+- (void)loadStore {
+
+    static dispatch_once_t once = 0;
+    dispatch_once( &once, ^{
+        (self.storeQueue = [NSOperationQueue new]).maxConcurrentOperationCount = 1;
+    } );
+
+    // Do nothing if already fully set up, otherwise (re-)load the store.
+    if ([self.storeCoordinator.persistentStores count])
+        return;
+
+    NSOperation *storeOperation = [NSBlockOperation blockOperationWithBlock:^{
+        // Do nothing if already fully set up, otherwise (re-)load the store.
+        if ([self.storeCoordinator.persistentStores count])
+            return;
+
+        // Unregister any existing observers and contexts.
+        PearlRemoveNotificationObserversFrom( self.mainManagedObjectContext );
+        [self.mainManagedObjectContext performBlockAndWait:^{
+            [self.mainManagedObjectContext reset];
+            self.mainManagedObjectContext = nil;
+        }];
+        [self.privateManagedObjectContext performBlockAndWait:^{
+            [self.privateManagedObjectContext reset];
+            self.privateManagedObjectContext = nil;
+        }];
+
+        // Don't load when the store is corrupted.
+        if ([self.storeCorrupted boolValue])
+            return;
+
+        // Check if migration is necessary.
+        [self migrateStore];
+
+        // Create a new store coordinator.
+        NSURL *localStoreURL = [self localStoreURL];
+        NSError *error = nil;
+        if (![[NSFileManager defaultManager] createDirectoryAtURL:[localStoreURL URLByDeletingLastPathComponent]
+                                      withIntermediateDirectories:YES attributes:nil error:&error]) {
+            MPError( error, @"Couldn't create our application support directory." );
+            return;
+        }
+        if (![self.storeCoordinator addPersistentStoreWithType:NSSQLiteStoreType configuration:nil URL:localStoreURL
+                                                       options:@{
+                                                               NSMigratePersistentStoresAutomaticallyOption: @YES,
+                                                               NSInferMappingModelAutomaticallyOption      : @YES,
+                                                               STORE_OPTIONS
+                                                       } error:&error]) {
+            MPError( error, @"Failed to open store." );
+            self.storeCorrupted = @YES;
+            [self handleCoordinatorError:error];
+            return;
+        }
+        self.storeCorrupted = @NO;
+
+        // Install managed object contexts and observers.
+        self.privateManagedObjectContext = [[NSManagedObjectContext alloc] initWithConcurrencyType:NSPrivateQueueConcurrencyType];
+        self.privateManagedObjectContext.mergePolicy = NSMergeByPropertyObjectTrumpMergePolicy;
+        self.privateManagedObjectContext.persistentStoreCoordinator = self.storeCoordinator;
 
         // Perform a data sanity check on the newly loaded store to find and fix any issues.
         if ([[MPConfig get].checkInconsistency boolValue])
@@ -282,6 +275,8 @@ PearlAssociatedObjectProperty( NSNumber*, StoreCorrupted, storeCorrupted );
                 [self findAndFixInconsistenciesSaveInContext:context];
             }];
     }];
+
+    [self.storeQueue addOperations:@[ storeOperation ] waitUntilFinished:YES];
 }
 
 - (void)retryCorruptStore {
@@ -623,7 +618,7 @@ PearlAssociatedObjectProperty( NSNumber*, StoreCorrupted, storeCorrupted );
 
         // Find an existing user to update.
         NSError *error = nil;
-        NSFetchRequest *userFetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPUserEntity class] )];
+        NSFetchRequest *userFetchRequest = [MPUserEntity fetchRequest];
         userFetchRequest.predicate = [NSPredicate predicateWithFormat:@"name == %@", @(importUser->fullName)];
         NSArray *users = [context executeFetchRequest:userFetchRequest error:&error];
         if (!users)
@@ -661,7 +656,7 @@ PearlAssociatedObjectProperty( NSNumber*, StoreCorrupted, storeCorrupted );
             MPMarshalledSite *importSite = &importUser->sites[s];
 
             // Find an existing site to update.
-            NSFetchRequest *siteFetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPSiteEntity class] )];
+            NSFetchRequest *siteFetchRequest = [MPSiteEntity fetchRequest];
             siteFetchRequest.predicate = [NSPredicate predicateWithFormat:@"name == %@ AND user == %@", @(importSite->siteName), user];
             NSArray *existingSites = [context executeFetchRequest:siteFetchRequest error:&error];
             if (!existingSites)
@@ -735,9 +730,9 @@ PearlAssociatedObjectProperty( NSNumber*, StoreCorrupted, storeCorrupted );
             return nil;
         }
 
-        for (NSString *feature in @[MPProductGenerateLogins, MPProductGenerateAnswers, MPProductOSIntegration, MPProductTouchID])
+        for (NSString *feature in @[ MPProductGenerateLogins, MPProductGenerateAnswers, MPProductOSIntegration, MPProductTouchID ])
             if ([[MPAppDelegate_Shared get] isFeatureUnlocked:feature])
-                mpw_marshal_data_set_str( digest( strf( @"%@/%@", user.name, feature )).UTF8String, exportFile->data,
+                mpw_marshal_data_set_str( digest( strf( @"%@/%@", user.name, feature ) ).UTF8String, exportFile->data,
                         "user", "_ext_mpw", feature.UTF8String, nil );
 
         MPKey *key = [[MPKey alloc] initForFullName:user.name withMasterPassword:masterPassword];

platform-darwin/Source/Mac/Base.lproj/MainMenu.xib

@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="16096" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES">
+<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="16097.3" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES">
     <dependencies>
         <deployment identifier="macosx"/>
-        <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="16096"/>
+        <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="16097.3"/>
     </dependencies>
     <objects>
         <customObject id="-2" userLabel="File's Owner" customClass="NSApplication">
@@ -199,6 +199,7 @@
                                 </attributedString>
                                 <modifierMask key="keyEquivalentModifierMask"/>
                             </menuItem>
+                            <menuItem isSeparatorItem="YES" id="lhE-aV-1P4"/>
                             <menuItem title="Diagnostics" id="GSN-f0-q7s">
                                 <modifierMask key="keyEquivalentModifierMask"/>
                                 <connections>
@@ -216,6 +217,23 @@
                                 </attributedString>
                                 <modifierMask key="keyEquivalentModifierMask"/>
                             </menuItem>
+                            <menuItem title="Copy Device Identifier" id="c2c-Vy-iqg">
+                                <modifierMask key="keyEquivalentModifierMask"/>
+                                <connections>
+                                    <action selector="copyIdentifier:" target="494" id="dDF-fR-z6h"/>
+                                </connections>
+                            </menuItem>
+                            <menuItem title="Your anonymous device identifier allows support to find your diagnostic reports." enabled="NO" id="xMa-pq-Bqg">
+                                <attributedString key="attributedTitle">
+                                    <fragment content="Your anonymous device identifier allows support to find your diagnostic reports.">
+                                        <attributes>
+                                            <font key="NSFont" size="11" name="Helvetica"/>
+                                            <paragraphStyle key="NSParagraphStyle" alignment="natural" lineBreakMode="wordWrapping" baseWritingDirection="natural" firstLineHeadIndent="8"/>
+                                        </attributes>
+                                    </fragment>
+                                </attributedString>
+                                <modifierMask key="keyEquivalentModifierMask"/>
+                            </menuItem>
                         </items>
                     </menu>
                 </menuItem>

platform-darwin/Source/Mac/MPMacAppDelegate.h

@@ -42,6 +42,7 @@
 - (IBAction)showPasswordWindow:(id)sender;
 - (void)setLoginItemEnabled:(BOOL)enabled;
 - (IBAction)togglePreference:(id)sender;
+- (IBAction)copyIdentifier:(id)sender;
 - (IBAction)newUser:(NSMenuItem *)sender;
 - (IBAction)lock:(id)sender;
 - (IBAction)terminate:(id)sender;

platform-darwin/Source/Mac/MPMacAppDelegate.m

@@ -435,6 +435,12 @@ static OSStatus MPHotKeyHander(EventHandlerCallRef nextHandler, EventRef theEven
     [self updateMenuItems];
 }
 
+- (IBAction)copyIdentifier:(id)sender {
+    [[NSPasteboard generalPasteboard] declareTypes:@[ NSStringPboardType ] owner:nil];
+    if (![[NSPasteboard generalPasteboard] setString:[PearlKeyChain deviceIdentifier] forType:NSPasteboardTypeString])
+        wrn( @"Couldn't copy device identifier to pasteboard." );
+}
+
 - (IBAction)newUser:(NSMenuItem *)sender {
 
     NSAlert *alert = [NSAlert new];
@@ -646,7 +652,7 @@ static OSStatus MPHotKeyHander(EventHandlerCallRef nextHandler, EventRef theEven
     self.deleteUserItem.toolTip = mainActiveUser? nil: @"First select the user to delete.";
 
     NSError *error = nil;
-    NSFetchRequest *fetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPUserEntity class] )];
+    NSFetchRequest *fetchRequest = [MPUserEntity fetchRequest];
     fetchRequest.sortDescriptors = @[ [NSSortDescriptor sortDescriptorWithKey:@"lastUsed" ascending:NO] ];
     NSArray *users = [mainContext executeFetchRequest:fetchRequest error:&error];
     if (!users)

platform-darwin/Source/Mac/MPSiteModel.m

@@ -213,12 +213,12 @@
 
 - (BOOL)generated {
 
-    return self.type & MPResultTypeClassTemplate;
+    return (self.type & MPResultTypeClassTemplate) == MPResultTypeClassTemplate;
 }
 
 - (BOOL)stored {
 
-    return self.type & MPResultTypeClassStateful;
+    return (self.type & MPResultTypeClassStateful) == MPResultTypeClassStateful;
 }
 
 - (BOOL)transient {

platform-darwin/Source/Mac/MPSitesWindowController.m

@@ -628,7 +628,7 @@
     [MPMacAppDelegate managedObjectContextPerformBlock:^(NSManagedObjectContext *context) {
         prof_rewind( @"moc" );
 
-        NSFetchRequest *fetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPSiteEntity class] )];
+        NSFetchRequest *fetchRequest = [MPSiteEntity fetchRequest];
         fetchRequest.sortDescriptors = @[ [[NSSortDescriptor alloc] initWithKey:@"lastUsed" ascending:NO] ];
         fetchRequest.predicate =
                 [NSPredicate predicateWithFormat:@"name LIKE[cd] %@ AND user == %@", queryPattern, [MPMacAppDelegate get].activeUserOID];

platform-darwin/Source/iOS/MPSitesViewController.m

@@ -423,6 +423,7 @@ typedef NS_OPTIONS( NSUInteger, MPPasswordsTips ) {
             fetchRequest.sortDescriptors = @[
                     [[NSSortDescriptor alloc] initWithKey:NSStringFromSelector( @selector( lastUsed ) ) ascending:NO]
             ];
+            fetchRequest.predicate = [NSPredicate predicateWithFormat:@"user == %@", [MPiOSAppDelegate get].activeUserOID];
 
             (self.fetchedResultsController = [[NSFetchedResultsController alloc]
                     initWithFetchRequest:fetchRequest managedObjectContext:mainContext

platform-darwin/Source/iOS/MPUsersViewController.m

@@ -696,7 +696,7 @@ referenceSizeForFooterInSection:(NSInteger)section {
 
     [self afterUpdatesMainQueue:^{
         if (![MPiOSAppDelegate managedObjectContextForMainThreadPerformBlockAndWait:^(NSManagedObjectContext *mainContext) {
-            NSFetchRequest *fetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPUserEntity class] )];
+            NSFetchRequest *fetchRequest = [MPUserEntity fetchRequest];
             fetchRequest.sortDescriptors = @[
                     [NSSortDescriptor sortDescriptorWithKey:NSStringFromSelector( @selector( lastUsed ) ) ascending:NO]
             ];

platform-darwin/Source/iOS/MPiOSAppDelegate.m

@@ -475,8 +475,7 @@ MP_LIBS_END
             for (NSURLQueryItem *item in [NSURLComponents componentsWithString:[url absoluteString]].queryItems)
                 if ([item.name isEqualToString:@"fullName"]) {
                     [MPiOSAppDelegate managedObjectContextPerformBlock:^(NSManagedObjectContext *context) {
-                        NSFetchRequest
-                                *fetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPUserEntity class] )];
+                        NSFetchRequest *fetchRequest = [MPUserEntity fetchRequest];
                         fetchRequest.predicate = [NSPredicate predicateWithFormat:@"name == %@", item.value];
                         NSArray *users = [context executeFetchRequest:fetchRequest error:nil];
                         [self migrateFor:users.firstObject];