CloudTrayMenu: Allow dev tokens

[joaomariolago]

• Do not remove a file token if it is invalid to allow other services that may use dev tokens to keep working
• Make sure token is removed from bag always since it was legacy behavior and may leak the token

Summary by Sourcery

Improve CloudTrayMenu token management by separating bag and file token cleanup, preserving developer tokens stored in files, always clearing legacy bag tokens, and ensuring filebrowser operations are properly awaited

Bug Fixes:

• Prevent premature removal of file tokens when invalid to support dev tokens

Enhancements:

• Rename legacy bag token cleaning to cleanMajorTomBagToken and add cleanMajorTomFileToken for file-based tokens
• Preserve invalid file tokens for developer usage and always clear legacy bag tokens to prevent leaks
• Modify updateMajorTomToken to delete existing token file before creating and writing a new one
• Add await to filebrowser create, write, and delete calls to ensure API operations complete

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR refactors CloudTrayMenu token management by separating bag versus file token cleanup, preserves file-based dev tokens on validation failure, ensures legacy bag tokens are always cleared, pre-cleans the file token before updates, and adds proper awaiting for filebrowser HTTP operations.

Sequence diagram for updated MajorTom token validation and cleanup

sequenceDiagram
participant CloudTrayMenu
participant Bag
participant Filebrowser

CloudTrayMenu->>Bag: getData('major_tom')
CloudTrayMenu->>CloudTrayMenu: isMajorTomTokenValid(tokenToUse, true)
alt Token invalid
    CloudTrayMenu->>CloudTrayMenu: Do not remove file token (preserve dev token)
    CloudTrayMenu->>CloudTrayMenu: Set tokenToUse = undefined
else Token valid and differs from file token
    CloudTrayMenu->>CloudTrayMenu: updateMajorTomToken(tokenToUse)
    CloudTrayMenu->>Filebrowser: cleanMajorTomFileToken()
    CloudTrayMenu->>Filebrowser: createFile(MAJOR_TOM_CLOUD_TOKEN_FILE.path, true)
    CloudTrayMenu->>Filebrowser: writeToFile(MAJOR_TOM_CLOUD_TOKEN_FILE.path, token)
end
CloudTrayMenu->>Bag: cleanMajorTomBagToken() (always)
CloudTrayMenu->>Bag: setData('major_tom', { ...data })
CloudTrayMenu->>CloudTrayMenu: Set local_token

Loading

Class diagram for updated CloudTrayMenu token management methods

classDiagram
class CloudTrayMenu {
  +async cleanMajorTomBagToken(): Promise<void>
  +async cleanMajorTomFileToken(): Promise<void>
  +async fetchMajorTomData(): Promise<InstalledExtensionData>
  +async updateMajorTomToken(token: string): Promise<void>
}
class Filebrowser {
  +async createFile(folder_path: string, override: Boolean = false): Promise<void>
  +async writeToFile(file: string, content: string): Promise<void>
  +async deleteFile(file: FilebrowserFile): Promise<void>
}
CloudTrayMenu --> Filebrowser : uses

Loading

Flow diagram for MajorTom token update process

flowchart TD
    A[Start token update] --> B{Is token valid?}
    B -- No --> C[Preserve file token]
    C --> D[Remove bag token]
    D --> E[Set local_token to empty]
    B -- Yes --> F{Does token differ from file token?}
    F -- Yes --> G[Clean file token]
    G --> H[Create file token]
    H --> I[Write new token]
    I --> D
    F -- No --> D

Loading

File-Level Changes

Change	Details	Files
Separate bag and file token cleanup	Rename cleanMajorTomToken to cleanMajorTomBagToken Introduce cleanMajorTomFileToken Move file token deletion into its own method	core/frontend/src/components/cloud/CloudTrayMenu.vue
Preserve file-based tokens and always clean bag tokens in fetch logic	Skip file token removal when invalid Copy bag token to file token when updated Unconditionally clean bag token after fetch	core/frontend/src/components/cloud/CloudTrayMenu.vue
Pre-clean file token before writing updates	Wrap cleanMajorTomFileToken call in updateMajorTomToken with try/catch	core/frontend/src/components/cloud/CloudTrayMenu.vue
Await filebrowser HTTP calls	Add await to back_axios calls in createFile Add await to back_axios calls in writeToFile Add await to back_axios calls in deleteFile	core/frontend/src/libs/filebrowser.ts

Possibly linked issues

• #0: The PR refactors token handling to clear the bag token and store it in a file, resolving the issue with token conflicts during restore.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• Consider logging errors in the catch block around cleanMajorTomFileToken so you can track file delete failures instead of silently swallowing them.
• It would be safer to add explicit error handling or response status checks in your Filebrowser methods (createFile/writeToFile/deleteFile) to avoid unhandled axios failures.
• You could refactor the bag and file token cleanup into a shared utility to reduce duplication between cleanMajorTomBagToken and cleanMajorTomFileToken.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- Consider logging errors in the catch block around cleanMajorTomFileToken so you can track file delete failures instead of silently swallowing them.
- It would be safer to add explicit error handling or response status checks in your Filebrowser methods (createFile/writeToFile/deleteFile) to avoid unhandled axios failures.
- You could refactor the bag and file token cleanup into a shared utility to reduce duplication between cleanMajorTomBagToken and cleanMajorTomFileToken.

## Individual Comments

### Comment 1
<location> `core/frontend/src/components/cloud/CloudTrayMenu.vue:289` </location>
<code_context>
       this.operation_error_message = String(error)
     },
-    async cleanMajorTomToken(): Promise<void> {
+    async cleanMajorTomBagToken(): Promise<void> {
       const data = await bag.getData('major_tom')
       if (data && data.token) {
</code_context>

<issue_to_address>
Consider handling the case where bag.getData('major_tom') returns null or undefined.

Spreading a null value into setData may cause runtime errors; ensure data is always an object before spreading.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
      const data = await bag.getData('major_tom')
      if (data && data.token) {
        delete data.token
      }
      await bag.setData('major_tom', { ...data })
=======
      const data = await bag.getData('major_tom') || {}
      if (data.token) {
        delete data.token
      }
      await bag.setData('major_tom', { ...data })
>>>>>>> REPLACE

</suggested_fix>

### Comment 2
<location> `core/frontend/src/components/cloud/CloudTrayMenu.vue:336` </location>
<code_context>
       this.local_token = tokenToUse ?? ''
     },
     async updateMajorTomToken(token: string): Promise<void> {
+      try {
+        await this.cleanMajorTomFileToken()
+      } catch {
+        /** Do nothing */
+      }
</code_context>

<issue_to_address>
Catching all errors without logging may obscure underlying issues.

Consider logging the exception or adding a comment to clarify why silent failure is appropriate in this context.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
    async updateMajorTomToken(token: string): Promise<void> {
+      try {
+        await this.cleanMajorTomFileToken()
+      } catch {
+        /** Do nothing */
+      }
=======
    async updateMajorTomToken(token: string): Promise<void> {
      try {
        await this.cleanMajorTomFileToken()
      } catch (err) {
        // Log the error to help diagnose issues with token cleanup.
        // Silent failure is appropriate here because token cleanup is non-critical.
        console.error('Failed to clean Major Tom file token:', err)
      }
>>>>>>> REPLACE

</suggested_fix>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[Williangalvani]

I cant connect to cloud either on master or in this PR... are we not supporting outdated major tom versions? I'm on 2025-04-10

[voorloopnul]

I cant connect to cloud either on master or in this PR... are we not supporting outdated major tom versions? I'm on 2025-04-10

Good point, @joaomariolago maybe we should preserve the token in the bag and let majortom remove it when he finds a token in the filesystem.

[joaomariolago]

I cant connect to cloud either on master or in this PR... are we not supporting outdated major tom versions? I'm on 2025-04-10

Good point, @joaomariolago maybe we should preserve the token in the bag and let majortom remove it when he finds a token in the filesystem.

I think this was the original behavior of the PR, we decided on other discussions to remove the token from bag always, but if we think is better I can revert to keep in both bag and file system

[voorloopnul]

I cant connect to cloud either on master or in this PR... are we not supporting outdated major tom versions? I'm on 2025-04-10

Good point, @joaomariolago maybe we should preserve the token in the bag and let majortom remove it when he finds a token in the filesystem.

I think this was the original behavior of the PR, we decided on other discussions to remove the token from bag always, but if we think is better I can revert to keep in both bag and file system

I think it's a valid behavior, older versions of major tom should still be able to use from the bag, and once majortom get updated it can remove the token from the bag and consume from the filesystem.

[joaomariolago]

@Williangalvani can you re-check this PR after last changes to check if it is working for you now