add logins store api methods for bulk insert and meta insert

The a few new method
```
fn add_with_record(&self, entry_with_record: LoginEntryWithRecordFields);
fn add_many_with_records(&self, entries_with_records: Vec<LoginEntryWithRecordFields>);
fn add_many(&self, entries: Vec<LoginEntry>);
```
is intended to be used during migration on desktop.

Author: jo

CHANGELOG.md

@@ -18,6 +18,10 @@
 - `RemoteSettingsService::sync` is now more efficient.  It checks the remote settings changes
   endpoint and only syncs collections that have been modified since the last sync.
 
+### Logins
+- new method `add_with_record(&self, entry: LoginEntry, record: RecordFields)`
+  to be used during migration from different store.
+
 ## 🔧 What's Fixed 🔧
 
 ### Remote Settings

components/logins/src/db.rs

@@ -351,6 +351,74 @@ impl LoginDb {
         Ok(())
     }
 
+    /// Adds multiple logins within a single transaction and returns the successfully saved logins.
+    pub fn add_many(
+        &self,
+        entries: Vec<LoginEntry>,
+        encdec: &dyn EncryptorDecryptor,
+    ) -> Result<Vec<Result<EncryptedLogin>>> {
+        let now_ms = util::system_time_ms_i64(SystemTime::now());
+
+        let entries_with_records = entries
+            .into_iter()
+            .map(|entry| {
+                let guid = Guid::random();
+                LoginEntryWithRecordFields {
+                    entry,
+                    record: RecordFields {
+                        id: guid.to_string(),
+                        time_created: now_ms,
+                        time_password_changed: now_ms,
+                        time_last_used: now_ms,
+                        times_used: 1,
+                    }
+                }
+            })
+            .collect();
+
+        self.add_many_with_records(entries_with_records, encdec)
+    }
+
+    /// Adds multiple logins with records within a single transaction and returns the successfully saved logins.
+    pub fn add_many_with_records(
+        &self,
+        entries_with_records: Vec<LoginEntryWithRecordFields>,
+        encdec: &dyn EncryptorDecryptor,
+    ) -> Result<Vec<Result<EncryptedLogin>>> {
+        let tx = self.unchecked_transaction()?;
+        let mut results = vec![];
+        for entry_with_record in entries_with_records {
+            let guid = Guid::from_string(entry_with_record.record.id.clone());
+            match self.fixup_and_check_for_dupes(&guid, entry_with_record.entry, encdec) {
+                Ok(new_entry) => {
+                    let sec_fields = SecureLoginFields {
+                        username: new_entry.username,
+                        password: new_entry.password,
+                    };
+                    let encrypted_login = EncryptedLogin {
+                        record: entry_with_record.record,
+                        fields: LoginFields {
+                            origin: new_entry.origin,
+                            form_action_origin: new_entry.form_action_origin,
+                            http_realm: new_entry.http_realm,
+                            username_field: new_entry.username_field,
+                            password_field: new_entry.password_field,
+                        },
+                        sec_fields: sec_fields.encrypt(encdec)?,
+                    };
+                    let result = self
+                        .insert_new_login(&encrypted_login)
+                        .map(|_| encrypted_login);
+                    results.push(result);
+                }
+
+                Err(error) => results.push(Err(error)),
+            }
+        }
+        tx.commit()?;
+        Ok(results)
+    }
+
     pub fn add(
         &self,
         entry: LoginEntry,
@@ -359,32 +427,27 @@ impl LoginDb {
         let guid = Guid::random();
         let now_ms = util::system_time_ms_i64(SystemTime::now());
 
-        let new_entry = self.fixup_and_check_for_dupes(&guid, entry, encdec)?;
-        let sec_fields = SecureLoginFields {
-            username: new_entry.username,
-            password: new_entry.password,
-        };
-        let result = EncryptedLogin {
+        let entry_with_record = LoginEntryWithRecordFields {
+            entry,
             record: RecordFields {
                 id: guid.to_string(),
                 time_created: now_ms,
                 time_password_changed: now_ms,
                 time_last_used: now_ms,
                 times_used: 1,
-            },
-            fields: LoginFields {
-                origin: new_entry.origin,
-                form_action_origin: new_entry.form_action_origin,
-                http_realm: new_entry.http_realm,
-                username_field: new_entry.username_field,
-                password_field: new_entry.password_field,
-            },
-            sec_fields: sec_fields.encrypt(encdec)?,
+            }
         };
-        let tx = self.unchecked_transaction()?;
-        self.insert_new_login(&result)?;
-        tx.commit()?;
-        Ok(result)
+
+        self.add_with_record(entry_with_record, encdec)
+    }
+
+    pub fn add_with_record(
+        &self,
+        entry_with_record: LoginEntryWithRecordFields,
+        encdec: &dyn EncryptorDecryptor,
+    ) -> Result<EncryptedLogin> {
+        let mut results = self.add_many_with_records(vec![entry_with_record], encdec)?;
+        results.pop().expect("there should be a single result")
     }
 
     pub fn update(
@@ -988,6 +1051,130 @@ mod tests {
         assert_eq!(db.get_all().unwrap().len(), 2);
     }
 
+    #[test]
+    fn test_add_many() {
+        ensure_initialized();
+
+        let login_a = LoginEntry {
+            origin: "https://a.example.com".into(),
+            http_realm: Some("https://www.example.com".into()),
+            username: "test".into(),
+            password: "sekret".into(),
+            ..LoginEntry::default()
+        };
+
+        let login_b = LoginEntry {
+            origin: "https://b.example.com".into(),
+            http_realm: Some("https://www.example.com".into()),
+            username: "test".into(),
+            password: "sekret".into(),
+            ..LoginEntry::default()
+        };
+
+        let db = LoginDb::open_in_memory().unwrap();
+        let added = db
+            .add_many(vec![login_a.clone(), login_b.clone()], &*TEST_ENCDEC)
+            .expect("should be able to add logins");
+
+        let [added_a, added_b] = added.as_slice() else {
+            panic!("there should really be 2")
+        };
+
+        let fetched_a = db
+            .get_by_id(&added_a.as_ref().unwrap().record.id)
+            .expect("should work")
+            .expect("should get a record");
+
+        assert_eq!(fetched_a.fields.origin, login_a.origin);
+
+        let fetched_b = db
+            .get_by_id(&added_b.as_ref().unwrap().record.id)
+            .expect("should work")
+            .expect("should get a record");
+
+        assert_eq!(fetched_b.fields.origin, login_b.origin);
+    }
+
+    #[test]
+    fn test_add_many_with_failed_constraint() {
+        ensure_initialized();
+
+        let login_a = LoginEntry {
+            origin: "https://example.com".into(),
+            http_realm: Some("https://www.example.com".into()),
+            username: "test".into(),
+            password: "sekret".into(),
+            ..LoginEntry::default()
+        };
+
+        let login_b = LoginEntry {
+            // same origin will result in duplicate error
+            origin: "https://example.com".into(),
+            http_realm: Some("https://www.example.com".into()),
+            username: "test".into(),
+            password: "sekret".into(),
+            ..LoginEntry::default()
+        };
+
+        let db = LoginDb::open_in_memory().unwrap();
+        let added = db
+            .add_many(vec![login_a.clone(), login_b.clone()], &*TEST_ENCDEC)
+            .expect("should be able to add logins");
+
+        let [added_a, added_b] = added.as_slice() else {
+            panic!("there should really be 2")
+        };
+
+        // first entry has been saved successfully
+        let fetched_a = db
+            .get_by_id(&added_a.as_ref().unwrap().record.id)
+            .expect("should work")
+            .expect("should get a record");
+
+        assert_eq!(fetched_a.fields.origin, login_a.origin);
+
+        // second entry failed
+        assert!(!added_b.is_ok());
+    }
+
+    #[test]
+    fn test_add_with_record() {
+        ensure_initialized();
+
+        let guid = Guid::random();
+        let now_ms = util::system_time_ms_i64(SystemTime::now());
+        let login = LoginEntry {
+            origin: "https://www.example.com".into(),
+            http_realm: Some("https://www.example.com".into()),
+            username: "test".into(),
+            password: "sekret".into(),
+            ..LoginEntry::default()
+        };
+        let record = RecordFields {
+            id: guid.to_string(),
+            time_created: now_ms,
+            time_password_changed: now_ms + 100,
+            time_last_used: now_ms + 10,
+            times_used: 42,
+        };
+
+        let db = LoginDb::open_in_memory().unwrap();
+        let entry_with_record = LoginEntryWithRecordFields {
+            entry: login.clone(),
+            record: record.clone(),
+        };
+        let added = db
+            .add_with_record(entry_with_record, &*TEST_ENCDEC)
+            .expect("should be able to add login with record");
+
+        let fetched = db
+            .get_by_id(&added.record.id)
+            .expect("should work")
+            .expect("should get a record");
+
+        assert_eq!(fetched.record, record);
+    }
+
     #[test]
     fn test_unicode_submit() {
         ensure_initialized();

components/logins/src/encryption.rs

@@ -402,10 +402,8 @@ mod test {
                 key: create_key().unwrap(),
             }),
         };
-        assert!(matches!(
-            other_encdec.decrypt(ciphertext).err().unwrap(),
-            LoginsApiError::DecryptionFailed { reason: _ }
-        ));
+
+        assert_eq!(other_encdec.decrypt(ciphertext).err().unwrap().to_string(), "decryption failed: Crypto error: NSS error: NSS error: -8190  (decrypt SecureLoginFields)");
     }
 
     #[test]

components/logins/src/login.rs

@@ -342,6 +342,13 @@ pub struct RecordFields {
     pub times_used: i64,
 }
 
+/// A login together with record fields, handed over to the store API; ie a login persisted
+/// elsewhere, useful for migrations
+pub struct LoginEntryWithRecordFields {
+    pub entry: LoginEntry,
+    pub record: RecordFields,
+}
+
 /// A login handed over to the store API; ie a login not yet persisted
 #[derive(Debug, Clone, Hash, PartialEq, Eq, Default)]
 pub struct LoginEntry {

components/logins/src/logins.udl

@@ -48,6 +48,23 @@ dictionary LoginEntry {
     string username;
 };
 
+/// Login data specific to database records.
+/// The add_with_record API inputs this.
+dictionary RecordFields {
+    string id;
+    i64 times_used;
+    i64 time_created;
+    i64 time_last_used;
+    i64 time_password_changed;
+};
+
+/// A login together with record fields, handed over to the store API; ie a login persisted
+/// elsewhere, useful for migrations
+dictionary LoginEntryWithRecordFields {
+    LoginEntry entry;
+    RecordFields record;
+};
+
 /// A login stored in the database
 dictionary Login {
     // record fields
@@ -146,6 +163,15 @@ interface LoginStore {
     [Throws=LoginsApiError]
     Login add(LoginEntry login);
 
+    [Throws=LoginsApiError]
+    sequence<Login?> add_many(sequence<LoginEntry> logins);
+
+    [Throws=LoginsApiError]
+    Login add_with_record(LoginEntryWithRecordFields entry_with_record);
+
+    [Throws=LoginsApiError]
+    sequence<Login?> add_many_with_records(sequence<LoginEntryWithRecordFields> entries_with_records);
+
     [Throws=LoginsApiError]
     Login update([ByRef] string id, LoginEntry login);