Merge branch 'develop'

Libraries external/Realm/Realm.framework/CHANGELOG.md

@@ -1,3 +1,170 @@
+3.3.1 Release notes (2018-03-28)
+=============================================================
+
+Realm Object Server v3.0.0 or newer is required when using synchronized Realms.
+
+### Enhancements
+
+* Expose `RLMObject.object(forPrimaryKey:)` as a factory method for Swift so
+  that it is callable with recent versions of Swift.
+
+### Bugfixes
+
+* Exclude the RLMObject-derived Permissions classes from the types repored by
+  `Realm.Configuration.defaultConfiguration.objectTypes` to avoid a failed
+  cast.
+* Cancel pending `Realm.asyncOpen()` calls when authentication fails with a
+  non-transient error such as missing the Realm path in the URL.
+* Fix "fcntl() inside prealloc()" errors on APFS.
+
+3.3.0 Release notes (2018-03-19)
+=============================================================
+
+Realm Object Server v3.0.0 or newer is required when using synchronized Realms.
+
+### Enhancements
+
+* Add `Realm.permissions`, `Realm.permissions(forType:)`, and `Realm.permissions(forClassNamed:)` as convenience
+  methods for accessing the permissions of the Realm or a type.
+
+### Bugfixes
+
+* Fix `+[RLMClassPermission objectInRealm:forClass:]` to work for classes that are part of the permissions API,
+  such as `RLMPermissionRole`.
+* Fix runtime errors when applications define an `Object` subclass with the
+  same name as one of the Permissions object types.
+
+3.2.0 Release notes (2018-03-15)
+=============================================================
+
+Realm Object Server v3.0.0 or newer is required when using synchronized Realms.
+
+### Enhancements
+
+* Added an improved API for adding subscriptions in partially-synchronized Realms. `Results.subscribe()` can be
+  used to subscribe to any result set, and the returned `SyncSubscription` object can be used to observe the state
+  of the subscription and ultimately to remove the subscription. See the documentation for more information
+  (<https://docs.realm.io/platform/v/3.x/using-synced-realms/syncing-data>).
+* Added a fine-grained permissions system for use with partially-synchronized Realms. This allows permissions to be
+  defined at the level of individual objects or classes. See the documentation for more information
+  (<https://docs.realm.io/platform/v/3.x/using-synced-realms/access-control>).
+* Added `SyncConfiguration.automatic()` and `SyncConfiguration.automatic(user:)`.
+  These methods return a `Realm.Configuration` appropriate for syncing with the default
+  synced Realm for the current (or specified) user. These should be considered the preferred methods
+  for accessing synced Realms going forwards.
+* Added `+[RLMSyncSession sessionForRealm:]` to retrieve the sync session corresponding to a `RLMRealm`.
+
+### Bugfixes
+
+* Fix incorrect initalization of `RLMSyncManager` that made it impossible to
+  set `errorHandler`.
+* Fix compiler warnings when building with Xcode 9.3.
+* Fix some warnings when running with UBsan.
+
+3.2.0-rc.1 Release notes (2018-03-14)
+=============================================================
+
+Realm Object Server v3.0.0-rc.1 or newer is required when using synchronized Realms.
+
+### Enhancements
+
+* Added `SyncConfiguration.automatic()` and `SyncConfiguration.automatic(user:)`.
+  These methods return a `Realm.Configuration` appropriate for syncing with the default
+  synced Realm for the current (or specified). These should be considered the preferred methods
+  for accessing synced Realms going forwards.
+* A role is now automatically created for each user with that user as its only member.
+  This simplifies the common use case of restricting access to specific objects to a single user.
+  This role can be accessed at `PermissionUser.role`.
+* Improved error reporting when the server rejects a schema change due to a lack of permissions.
+
+### Bugfixes
+
+* Fix incorrect initalization of `RLMSyncManager` that made it impossible to
+  set `errorHandler`.
+* Fix compiler warnings when building with Xcode 9.3.
+
+3.2.0-beta.3 Release notes (2018-03-01)
+=============================================================
+
+Realm Object Server v3.0.0-alpha.9 or newer is required when using synchronized Realms.
+
+### Bugfixes
+
+* Fix a crash that would occur when using partial sync with Realm Object Server v3.0.0-alpha.9.
+
+3.2.0-beta.2 Release notes (2018-02-28)
+=============================================================
+
+Realm Object Server v3.0.0-alpha.8 or newer is required when using synchronized Realms.
+
+### Enhancements
+
+* Added `findOrCreate(forRoleNamed:)` and `findOrCreate(forRole:)` to `List<Permission>`
+  to simplify the process of adding permissions for a role.
+* Added `+permissionForRoleNamed:inArray:`, `+permissionForRoleNamed:onRealm:`,
+  `+permissionForRoleNamed:onClass:realm:`, `+permissionForRoleNamed:onClassNamed:realm:`,
+  and `+permissionForRoleNamed:onObject:` to `RLMSyncPermission` to simplify the process
+  of adding permissions for a role.
+* Added `+[RLMSyncSession sessionForRealm:]` to retrieve the sync session corresponding to a `RLMRealm`.
+
+### Bugfixes
+
+* `PermissionRole.users` and `PermissionUser.roles` are now public as intended.
+* Fixed the handling of `setPermissions` in `-[RLMRealm privilegesForRealm]` and related methods.
+
+3.2.0-beta.1 Release notes (2018-02-19)
+=============================================================
+
+### Enhancements
+
+* Added an improved API for adding subscriptions in partially-synchronized Realms. `Results.subscribe()` can be
+  used to subscribe to any result set, and the returned `SyncSubscription` object can be used to observe the state
+  of the subscription and ultimately to remove the subscription.
+* Added a fine-grained permissions system for use with partially-synchronized Realms. This allows permissions to be
+  defined at the level of individual objects or classes. See `Permission` and related types for more information.
+
+### Bugfixes
+
+* Fix some warnings when running with UBsan.
+
+3.1.1 Release notes (2018-02-03)
+=============================================================
+
+Prebuilt Swift frameworks for Carthage are now built with Xcode 9.2.
+
+### Bugfixes
+
+* Fix a memory leak when opening Realms with an explicit `objectTypes` array
+  from Swift.
+
+3.1.0 Release notes (2018-01-16)
+=============================================================
+
+* Prebuilt frameworks are now included for Swift 3.2.3 and 4.0.3.
+* Prebuilt frameworks are no longer included for Swift 3.0.x.
+* Building from source with Xcode versions prior to Xcode 8.3 is no longer supported.
+
+### Enhancements
+
+* Add `Results.distinct(by:)` / `-[RLMResults distinctResultsUsingKeyPaths:]`, which return a `Results`
+  containing only objects with unique values at the given key paths.
+* Improve performance of change checking for notifications in certain cases.
+* Realm Object Server errors not explicitly recognized by the client are now reported to the application
+  regardless.
+* Add support for JSON Web Token as a sync credential source.
+* Add support for Nickname and Anonymous Auth as a sync credential source.
+* Improve allocator performance when writing to a highly fragmented file. This
+  should significantly improve performance when inserting large numbers of
+  objects which have indexed properties.
+* Improve write performance for complex object graphs involving many classes
+  linking to each other.
+
+### Bugfixes
+
+* Add a missing check for a run loop in the permission API methods which
+  require one.
+* Fix some cases where non-fatal sync errors were being treated as fatal errors.
+
 3.0.2 Release notes (2017-11-08)
 =============================================================
 

Libraries external/Realm/Realm.framework/Headers/RLMObject.h

@@ -374,7 +374,7 @@ NS_ASSUME_NONNULL_BEGIN
  @return    An object of this object type, or `nil` if an object with the given primary key does not exist.
  @see       `-primaryKey`
  */
-+ (nullable instancetype)objectForPrimaryKey:(nullable id)primaryKey;
++ (nullable instancetype)objectForPrimaryKey:(nullable id)primaryKey NS_SWIFT_NAME(object(forPrimaryKey:));
 
 
 #pragma mark - Querying Specific Realms
@@ -423,7 +423,7 @@ NS_ASSUME_NONNULL_BEGIN
  @return    An object of this object type, or `nil` if an object with the given primary key does not exist.
  @see       `-primaryKey`
  */
-+ (nullable instancetype)objectInRealm:(RLMRealm *)realm forPrimaryKey:(nullable id)primaryKey;
++ (nullable instancetype)objectInRealm:(RLMRealm *)realm forPrimaryKey:(nullable id)primaryKey NS_SWIFT_NAME(object(in:forPrimaryKey:));
 
 #pragma mark - Notifications
 

Libraries external/Realm/Realm.framework/Headers/RLMObjectBase.h

@@ -37,6 +37,7 @@ NS_ASSUME_NONNULL_BEGIN
 + (BOOL)shouldIncludeInDefaultSchema;
 
 + (nullable NSString *)_realmObjectName;
++ (nullable NSDictionary<NSString *, NSString *> *)_realmColumnNames;
 
 @end
 

Libraries external/Realm/Realm.framework/Headers/RLMRealm.h

@@ -20,6 +20,9 @@
 #import "RLMConstants.h"
 
 @class RLMRealmConfiguration, RLMRealm, RLMObject, RLMSchema, RLMMigration, RLMNotificationToken, RLMThreadSafeReference;
+struct RLMRealmPrivileges;
+struct RLMClassPrivileges;
+struct RLMObjectPrivileges;
 
 /**
  A callback block for opening Realms asynchronously.
@@ -507,7 +510,7 @@ NS_REFINED_FOR_SWIFT;
  As with `addObject:`, the object cannot already be managed by a different
  Realm. Use `-[RLMObject createOrUpdateInRealm:withValue:]` to copy values to
  a different Realm.
- 
+
  If there is a property or KVC value on `object` whose value is nil, and it corresponds
  to a nullable property on an existing object being updated, that nullable property will
  be set to nil.
@@ -606,6 +609,88 @@ NS_REFINED_FOR_SWIFT;
  */
 + (BOOL)performMigrationForConfiguration:(RLMRealmConfiguration *)configuration error:(NSError **)error;
 
+#pragma mark - Privileges
+
+/**
+ Returns the computed privileges which the current user has for this Realm.
+
+ This combines all privileges granted on the Realm by all Roles which the
+ current User is a member of into the final privileges which will be enforced by
+ the server.
+
+ The privilege calculation is done locally using cached data, and inherently may
+ be stale. It is possible that this method may indicate that an operation is
+ permitted but the server will still reject it if permission is revoked before
+ the changes have been integrated on the server.
+
+ Non-synchronized Realms always have permission to perform all operations.
+
+ @warning This currently returns incorrect results for non-partially-synchronized read-only Realms.
+ @return The privileges which the current user has for the current Realm.
+ */
+- (struct RLMRealmPrivileges)privilegesForRealm;
+
+/**
+ Returns the computed privileges which the current user has for the given object.
+
+ This combines all privileges granted on the object by all Roles which the
+ current User is a member of into the final privileges which will be enforced by
+ the server.
+
+ The privilege calculation is done locally using cached data, and inherently may
+ be stale. It is possible that this method may indicate that an operation is
+ permitted but the server will still reject it if permission is revoked before
+ the changes have been integrated on the server.
+
+ Non-synchronized Realms always have permission to perform all operations.
+
+ The object must be a valid object managed by this Realm. Passing in an
+ invalidated object, an unmanaged object, or an object managed by a different
+ Realm will throw an exception.
+
+ @warning This currently returns incorrect results for non-partially-synchronized read-only Realms.
+ @return The privileges which the current user has for the given object.
+ */
+- (struct RLMObjectPrivileges)privilegesForObject:(RLMObject *)object;
+
+/**
+ Returns the computed privileges which the current user has for the given class.
+
+ This combines all privileges granted on the class by all Roles which the
+ current User is a member of into the final privileges which will be enforced by
+ the server.
+
+ The privilege calculation is done locally using cached data, and inherently may
+ be stale. It is possible that this method may indicate that an operation is
+ permitted but the server will still reject it if permission is revoked before
+ the changes have been integrated on the server.
+
+ Non-synchronized Realms always have permission to perform all operations.
+
+ @warning This currently returns incorrect results for non-partially-synchronized read-only Realms.
+ @return The privileges which the current user has for the given object.
+ */
+- (struct RLMClassPrivileges)privilegesForClass:(Class)cls;
+
+/**
+ Returns the computed privileges which the current user has for the named class.
+
+ This combines all privileges granted on the class by all Roles which the
+ current User is a member of into the final privileges which will be enforced by
+ the server.
+
+ The privilege calculation is done locally using cached data, and inherently may
+ be stale. It is possible that this method may indicate that an operation is
+ permitted but the server will still reject it if permission is revoked before
+ the changes have been integrated on the server.
+
+ Non-synchronized Realms always have permission to perform all operations.
+
+ @warning This currently returns incorrect results for non-partially-synchronized read-only Realms.
+ @return The privileges which the current user has for the given object.
+ */
+- (struct RLMClassPrivileges)privilegesForClassNamed:(NSString *)className;
+
 #pragma mark - Unavailable Methods
 
 /**

Libraries external/Realm/Realm.framework/Headers/RLMResults.h

@@ -187,6 +187,15 @@ NS_ASSUME_NONNULL_BEGIN
  */
 - (RLMResults<RLMObjectType> *)sortedResultsUsingDescriptors:(NSArray<RLMSortDescriptor *> *)properties;
 
+/**
+ Returns a distinct `RLMResults` from an existing results collection.
+ 
+ @param keyPaths  The key paths used produce distinct results
+ 
+ @return    An `RLMResults` made distinct based on the specified key paths
+ */
+- (RLMResults<RLMObjectType> *)distinctResultsUsingKeyPaths:(NSArray<NSString *> *)keyPaths;
+
 #pragma mark - Notifications
 
 /**

Libraries external/Realm/Realm.framework/Headers/RLMSyncConfiguration.h

@@ -18,6 +18,7 @@
 
 #import <Foundation/Foundation.h>
 
+@class RLMRealmConfiguration;
 @class RLMSyncUser;
 
 NS_ASSUME_NONNULL_BEGIN
@@ -67,6 +68,20 @@ NS_ASSUME_NONNULL_BEGIN
  */
 - (instancetype)initWithUser:(RLMSyncUser *)user realmURL:(NSURL *)url;
 
+/**
+Return a Realm configuration for syncing with the default Realm of the currently logged-in sync user.
+
+Partial synchronization is enabled in the returned configuration.
+ */
++ (RLMRealmConfiguration *)automaticConfiguration;
+
+/**
+ Return a Realm configuration for syncing with the default Realm of the given sync user.
+
+ Partial synchronization is enabled in the returned configuration.
+ */
++ (RLMRealmConfiguration *)automaticConfigurationForUser:(RLMSyncUser *)user;
+
 /// :nodoc:
 - (instancetype)init __attribute__((unavailable("This type cannot be created directly")));
 

Libraries external/Realm/Realm.framework/Headers/RLMSyncCredentials.h

@@ -45,6 +45,15 @@ extern RLMIdentityProvider const RLMIdentityProviderGoogle;
 /// A CloudKit account as an identity provider.
 extern RLMIdentityProvider const RLMIdentityProviderCloudKit;
 
+/// A JSON Web Token as an identity provider.
+extern RLMIdentityProvider const RLMIdentityProviderJWT;
+
+/// An Anonymous account as an identity provider.
+extern RLMIdentityProvider const RLMIdentityProviderAnonymous;
+
+/// A Nickname account as an identity provider.
+extern RLMIdentityProvider const RLMIdentityProviderNickname;
+
 /**
  Opaque credentials representing a specific Realm Object Server user.
  */
@@ -81,6 +90,21 @@ extern RLMIdentityProvider const RLMIdentityProviderCloudKit;
                                password:(NSString *)password
                                register:(BOOL)shouldRegister;
 
+/**
+ Construct and return credentials from a JSON Web Token.
+ */
++ (instancetype)credentialsWithJWT:(NSString *)token;
+
+/**
+ Construct and return anonymous credentials
+ */
++ (instancetype)anonymousCredentials;
+    
+/**
+ Construct and return credentials from a nickname
+ */
++ (instancetype)credentialsWithNickname:(NSString *)nickname isAdmin:(BOOL)isAdmin;
+
 /**
  Construct and return special credentials representing a token that can
  be directly used to open a Realm. The identity is used to uniquely identify

Libraries external/Realm/Realm.framework/Headers/RLMSyncPermission.h

@@ -16,7 +16,342 @@
 //
 ////////////////////////////////////////////////////////////////////////////
 
-#import <Foundation/Foundation.h>
+#import <Realm/RLMObject.h>
+
+@protocol RLMPermission, RLMPermissionUser;
+@class RLMPermission, RLMPermissionUser, RLMPermissionRole,
+       RLMArray<RLMObjectType>, RLMLinkingObjects<RLMObjectType: RLMObject *>;
+
+NS_ASSUME_NONNULL_BEGIN
+
+/**
+ A permission which can be applied to a Realm, Class, or specific Object.
+
+ Permissions are applied by adding the permission to the RLMRealmPermission singleton
+ object, the RLMClassPermission object for the desired class, or to a user-defined
+ RLMArray<RLMPermission> property on a specific Object instance. The meaning of each of
+ the properties of RLMPermission depend on what the permission is applied to, and so are
+ left undocumented here. See `RLMRealmPrivileges`, `RLMClassPrivileges`, and
+ `RLMObjectPrivileges` for details about what each of the properties mean when applied to
+ that type.
+ */
+@interface RLMPermission : RLMObject
+/// The Role which this Permission applies to. All users within the Role are
+/// granted the permissions specified by the fields below any
+/// objects/classes/realms which use this Permission.
+///
+/// This property cannot be modified once set.
+@property (nonatomic) RLMPermissionRole *role;
+
+/// Whether the user can read the object to which this Permission is attached.
+@property (nonatomic) bool canRead;
+/// Whether the user can modify the object to which this Permission is attached.
+@property (nonatomic) bool canUpdate;
+/// Whether the user can delete the object to which this Permission is attached.
+///
+/// This field is only applicable to Permissions attached to Objects, and not
+/// to Realms or Classes.
+@property (nonatomic) bool canDelete;
+/// Whether the user can add or modify Permissions for the object which this
+/// Permission is attached to.
+@property (nonatomic) bool canSetPermissions;
+/// Whether the user can subscribe to queries for this object type.
+///
+/// This field is only applicable to Permissions attached to Classes, and not
+/// to Realms or Objects.
+@property (nonatomic) bool canQuery;
+/// Whether the user can create new objects of the type this Permission is attached to.
+///
+/// This field is only applicable to Permissions attached to Classes, and not
+/// to Realms or Objects.
+@property (nonatomic) bool canCreate;
+/// Whether the user can modify the schema of the Realm which this
+/// Permission is attached to.
+///
+/// This field is only applicable to Permissions attached to Realms, and not
+/// to Realms or Objects.
+@property (nonatomic) bool canModifySchema;
+
+/**
+ Returns the Permission object for the named Role in the array, creating it if needed.
+
+ This function should be used in preference to manually querying the array for
+ the applicable Permission as it ensures that there is exactly one Permission
+ for the given Role in the array, merging duplicates or creating and adding new
+ ones as needed.
+*/
++ (RLMPermission *)permissionForRoleNamed:(NSString *)roleName inArray:(RLMArray<RLMPermission *><RLMPermission> *)array;
+
+/**
+ Returns the Permission object for the named Role on the Realm, creating it if needed.
+
+ This function should be used in preference to manually querying for the
+ applicable Permission as it ensures that there is exactly one Permission for
+ the given Role on the Realm, merging duplicates or creating and adding new ones
+ as needed.
+*/
++ (RLMPermission *)permissionForRoleNamed:(NSString *)roleName onRealm:(RLMRealm *)realm;
+
+/**
+ Returns the Permission object for the named Role on the Class, creating it if needed.
+
+ This function should be used in preference to manually querying for the
+ applicable Permission as it ensures that there is exactly one Permission for
+ the given Role on the Class, merging duplicates or creating and adding new ones
+ as needed.
+*/
++ (RLMPermission *)permissionForRoleNamed:(NSString *)roleName onClass:(Class)cls realm:(RLMRealm *)realm;
+
+/**
+ Returns the Permission object for the named Role on the named class, creating it if needed.
+
+ This function should be used in preference to manually querying for the
+ applicable Permission as it ensures that there is exactly one Permission for
+ the given Role on the Class, merging duplicates or creating and adding new ones
+ as needed.
+*/
++ (RLMPermission *)permissionForRoleNamed:(NSString *)roleName onClassNamed:(NSString *)className realm:(RLMRealm *)realm;
+
+/**
+ Returns the Permission object for the named Role on the object, creating it if needed.
+
+ This function should be used in preference to manually querying for the
+ applicable Permission as it ensures that there is exactly one Permission for
+ the given Role on the Realm, merging duplicates or creating and adding new ones
+ as needed.
+
+ The given object must have a RLMArray<RLMPermission> property defined on it. If
+ more than one such property is present, the first will be used.
+*/
++ (RLMPermission *)permissionForRoleNamed:(NSString *)roleName onObject:(RLMObject *)object;
+@end
+
+/**
+ A Role within the permissions system.
+
+ A Role consists of a name for the role and a list of users which are members of the role.
+ Roles are granted privileges on Realms, Classes and Objects, and in turn grant those
+ privileges to all users which are members of the role.
+
+ A role named "everyone" is automatically created in new Realms, and all new users which
+ connect to the Realm are automatically added to it. Any other roles you wish to use are
+ managed as normal Realm objects.
+ */
+@interface RLMPermissionRole : RLMObject
+/// The name of the Role
+@property (nonatomic) NSString *name;
+/// The users which belong to the role
+@property (nonatomic) RLMArray<RLMPermissionUser *><RLMPermissionUser> *users;
+@end
+
+/**
+ A representation of a sync user within the permissions system.
+
+ RLMPermissionUser objects are created automatically for each sync user which connects to
+ a Realm, and can also be created manually if you wish to grant permissions to a user
+ which has not yet connected to this Realm.
+ */
+@interface RLMPermissionUser : RLMObject
+/// The unique Realm Object Server user ID string identifying this user. This will have
+/// the same value as `-[RLMSyncUser identity]`.
+@property (nonatomic) NSString *identity;
+
+/// The user's private role. This will be initialized to a role named for the user's
+/// identity that contains this user as its only member.
+@property (nonatomic) RLMPermissionRole *role;
+
+/// Roles which this user belongs to.
+@property (nonatomic, readonly) RLMLinkingObjects<RLMPermissionRole *> *roles;
+
+/// Get the user object in the given Realm, creating it if needed.
++ (RLMPermissionUser *)userInRealm:(RLMRealm *)realm withIdentity:(NSString *)identity;
+@end
+
+/**
+ A singleton object which describes Realm-wide permissions.
+
+ An object of this type is automatically created in the Realm for you, and more objects
+ cannot be created manually. Call `+[RLMRealmPermission objectInRealm:]` to obtain the
+ instance for a specific Realm.
+
+ See `RLMRealmPrivileges` for the meaning of permissions applied to a Realm.
+ */
+@interface RLMRealmPermission : RLMObject
+/// The permissions for the Realm.
+@property (nonatomic) RLMArray<RLMPermission *><RLMPermission> *permissions;
+
+/// Retrieve the singleton object for the given Realm. This will return `nil`
+/// for non-partial-sync Realms.
++ (nullable instancetype)objectInRealm:(RLMRealm *)realm;
+@end
+
+/**
+ An object which describes class-wide permissions.
+
+ An instance of this object is automatically created in the Realm for class in your schema,
+ and should not be created manually. Call `+[RLMClassPermission objectInRealm:forClassNamed:]`
+ or  `+[RLMClassPermission objectInRealm:forClass:]` to obtain the existing instance, or
+ query `RLMClassPermission` as normal.
+ */
+@interface RLMClassPermission : RLMObject
+/// The name of the class which these permissions apply to.
+@property (nonatomic) NSString *name;
+/// The permissions for this class.
+@property (nonatomic) RLMArray<RLMPermission *><RLMPermission> *permissions;
+
+/// Retrieve the object for the named RLMObject subclass. This will return `nil`
+/// for non-partial-sync Realms.
++ (nullable instancetype)objectInRealm:(RLMRealm *)realm forClassNamed:(NSString *)className;
+/// Retrieve the object for the given RLMObject subclass. This will return `nil`
+/// for non-partial-sync Realms.
++ (nullable instancetype)objectInRealm:(RLMRealm *)realm forClass:(Class)cls;
+@end
+
+/**
+ A description of the actual privileges which apply to a Realm.
+
+ This is a combination of all of the privileges granted to all of the Roles which the
+ current User is a member of, obtained by calling `-[RLMRealm privilegesForRealm]` on
+ the Realm.
+
+ By default, all operations are permitted, and each privilege field indicates an operation
+ which may be forbidden.
+ */
+struct RLMRealmPrivileges {
+    /// If `false`, the current User is not permitted to see the Realm at all. This can
+    /// happen only if the Realm was created locally and has not yet been synchronized.
+    bool read : 1;
+
+    /// If `false`, no modifications to the Realm are permitted. Write transactions can
+    /// be performed locally, but any changes made will be reverted by the server.
+    /// `setPermissions` and `modifySchema` will always be `false` when this is `false`.
+    bool update : 1;
+
+    /// If `false`, no modifications to the permissions property of the RLMRealmPermissions
+    /// object for are permitted. Write transactions can be performed locally, but any
+    /// changes made will be reverted by the server.
+    ///
+    /// Note that if invalide privilege changes are made, `-[RLMRealm privilegesFor*:]`
+    /// will return results reflecting those invalid changes until synchronization occurs.
+    ///
+    /// Even if this field is `true`, note that the user will be unable to grant
+    /// privileges to a Role which they do not themselves have.
+    ///
+    /// Adding or removing Users from a Role is controlled by Update privileges on that
+    /// Role, and not by this value.
+    bool setPermissions : 1;
+
+    /// If `false`, the user is not permitted to add new object types to the Realm or add
+    /// new properties to existing objec types. Defining new RLMObject subclasses (and not
+    /// excluding them from the schema with `-[RLMRealmConfiguration setObjectClasses:]`)
+    /// will result in the application crashing if the object types are not first added on
+    /// the server by a more privileged user.
+    bool modifySchema : 1;
+};
+
+/**
+ A description of the actual privileges which apply to a Class within a Realm.
+
+ This is a combination of all of the privileges granted to all of the Roles which the
+ current User is a member of, obtained by calling `-[RLMRealm privilegesForClass:]` or
+ `-[RLMRealm privilegesForClassNamed:]` on the Realm.
+
+ By default, all operations are permitted, and each privilege field indicates an operation
+ which may be forbidden.
+ */
+struct RLMClassPrivileges {
+    /// If `false`, the current User is not permitted to see objects of this type, and
+    /// attempting to query this class will always return empty results.
+    ///
+    /// Note that Read permissions are transitive, and so it may be possible to read an
+    /// object which the user does not directly have Read permissions for by following a
+    /// link to it from an object they do have Read permissions for. This does not apply
+    /// to any of the other permission types.
+    bool read : 1;
+
+    /// If `false`, creating new objects of this type is not permitted. Write transactions
+    /// creating objects can be performed locally, but the objects will be deleted by the
+    /// server when synchronization occurs.
+    ///
+    /// For objects with Primary Keys, it may not be locally determinable if Create or
+    /// Update privileges are applicable. It may appear that you are creating a new object,
+    /// but an object with that Primary Key may already exist and simply not be visible to
+    /// you, in which case it is actually an Update operation.
+    bool create : 1;
+
+    /// If `false`, no modifications to objects of this type are permitted. Write
+    /// transactions modifying the objects can be performed locally, but any changes made
+    /// will be reverted by the server.
+    ///
+    /// Deleting an object is considered a modification, and is governed by this privilege.
+    bool update : 1;
+
+    /// If `false`, the User is not permitted to create new subscriptions for this class.
+    /// Local queries against the objects within the Realm will work, but new
+    /// subscriptions will never add objects to the Realm.
+    bool subscribe : 1;
+
+    /// If `false`, no modifications to the permissions property of the RLMClassPermissions
+    /// object for this type are permitted. Write transactions can be performed locally,
+    /// but any changes made will be reverted by the server.
+    ///
+    /// Note that if invalid privilege changes are made, `-[RLMRealm privilegesFor*:]`
+    /// will return results reflecting those invalid changes until synchronization occurs.
+    ///
+    /// Even if this field is `true`, note that the user will be unable to grant
+    /// privileges to a Role which they do not themselves have.
+    bool setPermissions : 1;
+};
+
+/**
+ A description of the actual privileges which apply to a specific RLMObject.
+
+ This is a combination of all of the privileges granted to all of the Roles which the
+ current User is a member of, obtained by calling `-[RLMRealm privilegesForObject:]` on
+ the Realm.
+
+ By default, all operations are permitted, and each privilege field indicates an operation
+ which may be forbidden.
+ */
+struct RLMObjectPrivileges {
+    /// If `false`, the current User is not permitted to read this object directly.
+    ///
+    /// Objects which cannot be read by a user will appear in a Realm due to that read
+    /// permissions are transitive. All objects which a readable object links to are
+    /// themselves implicitly readable. If the link to an object with `read=false` is
+    /// removed, the object will be deleted from the local Realm.
+    bool read : 1;
+
+    /// If `false`, modifying the fields of this type is not permitted. Write
+    /// transactions modifying the objects can be performed locally, but any changes made
+    /// will be reverted by the server.
+    ///
+    /// Note that even if this is `true`, the user may not be able to modify the
+    /// `RLMArray<RLMPermission> *` property of the object (if it exists), as that is
+    /// governed by `setPermissions`.
+    bool update : 1;
+
+    /// If `false`, deleting this object is not permitted. Write transactions which delete
+    /// the object can be performed locally, but the server will restore it.
+    ///
+    /// It is possible to have `update` but not `delete` privileges, or vice versa. For
+    /// objects with primary keys, `delete` but not `update` is ill-advised, as an object
+    /// can be updated by deleting and recreating it.
+    bool del : 1;
+
+    /// If `false`, modifying the privileges of this specific object is not permitted.
+    ///
+    /// Object-specific permissions are set by declaring a `RLMArray<RLMPermission> *`
+    /// property on the `RLMObject` subclass. Modifications to this property are
+    /// controlled by `setPermissions` rather than `update`.
+    ///
+    /// Even if this field is `true`, note that the user will be unable to grant
+    /// privileges to a Role which they do not themselves have.
+    bool setPermissions : 1;
+};
+
+/// :nodoc:
+FOUNDATION_EXTERN id RLMPermissionForRole(RLMArray *array, id role);
 
 /**
  Access levels which can be granted to Realm Mobile Platform users
@@ -46,8 +381,6 @@ typedef NS_ENUM(NSUInteger, RLMSyncAccessLevel) {
     RLMSyncAccessLevelAdmin         = 3,
 };
 
-NS_ASSUME_NONNULL_BEGIN
-
 /**
  A property on which a `RLMResults<RLMSyncPermission *>` can be queried or filtered.
 

Libraries external/Realm/Realm.framework/Headers/RLMSyncSession.h

@@ -161,6 +161,12 @@ NS_REFINED_FOR_SWIFT;
  */
 + (void)immediatelyHandleError:(RLMSyncErrorActionToken *)token;
 
+/**
+ Get the sync session for the given Realm if it is a synchronized Realm, or `nil`
+ if it is not.
+ */
++ (nullable RLMSyncSession *)sessionForRealm:(RLMRealm *)realm;
+
 @end
 
 // MARK: - Error action token

Libraries external/Realm/Realm.framework/Headers/RLMSyncSubscription.h

@@ -0,0 +1,138 @@
+////////////////////////////////////////////////////////////////////////////
+//
+// Copyright 2018 Realm Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////
+
+#import <Realm/RLMResults.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+/**
+ `RLMSyncSubscriptionState` is an enumeration representing the possible state of a sync subscription.
+ */
+typedef NS_ENUM(NSInteger, RLMSyncSubscriptionState) {
+    /**
+     An error occurred while creating the subscription or while the server was processing it.
+     */
+    RLMSyncSubscriptionStateError = -1,
+
+    /**
+     The subscription is being created, but has not yet been written to the synced Realm.
+     */
+    RLMSyncSubscriptionStateCreating = 2,
+
+    /**
+     The subscription has been created, and is waiting to be processed by the server.
+     */
+    RLMSyncSubscriptionStatePending = 0,
+
+    /**
+     The subscription has been processed by the server, and objects matching the subscription
+     are now being synchronized to this client.
+     */
+    RLMSyncSubscriptionStateComplete = 1,
+
+    /**
+     This subscription has been removed.
+     */
+    RLMSyncSubscriptionStateInvalidated = 3,
+};
+
+/**
+ `RLMSyncSubscription` represents a subscription to a set of objects in a synced Realm.
+
+ When partial sync is enabled for a synced Realm, the only objects that the server synchronizes to the
+ client are those that match a sync subscription registered by that client. A subscription consists of
+ of a query (represented by an `RLMResults`) and an optional name.
+
+ The state of the subscription can be observed using [Key-Value Observing](https://developer.apple.com/library/content/documentation/Cocoa/Conceptual/KeyValueObserving/KeyValueObserving.html) on the `state` property.
+
+ Subscriptions are created using `-[RLMResults subscribe]` or `-[RLMResults subscribeWithName:]`.
+ */
+@interface RLMSyncSubscription : NSObject
+
+/**
+ The unique name for this subscription.
+
+ This will be `nil` if a name was not provided when the subscription was created.
+ */
+@property (nonatomic, readonly, nullable) NSString *name;
+
+/**
+ The state of the subscription. See `RLMSyncSubscriptionState`.
+ */
+@property (nonatomic, readonly) RLMSyncSubscriptionState state;
+
+/**
+ The error associated with this subscription, if any.
+
+ Will be non-nil only when `state` is `RLMSyncSubscriptionStateError`.
+ */
+@property (nonatomic, readonly, nullable) NSError *error;
+
+/**
+ Remove this subscription.
+
+ Removing a subscription will delete all objects from the local Realm that were matched
+ only by that subscription and not any remaining subscriptions. The deletion is performed
+ by the server, and so has no immediate impact on the contents of the local Realm. If the
+ device is currently offline, the removal will not be processed until the device returns online.
+ */
+- (void)unsubscribe;
+
+#pragma mark - Unavailable Methods
+
+/**
+ `-[RLMSyncSubscription init]` is not available because `RLMSyncSubscription` cannot be created directly.
+ */
+- (instancetype)init __attribute__((unavailable("RLMSyncSubscription cannot be created directly")));
+
+/**
+ `+[RLMSyncSubscription new]` is not available because `RLMSyncSubscription` cannot be created directly.
+ */
++ (instancetype)new __attribute__((unavailable("RLMSyncSubscription cannot be created directly")));
+
+@end
+
+/**
+ Support for subscribing to the results of object queries in a synced Realm.
+ */
+@interface RLMResults (SyncSubscription)
+
+/**
+ Subscribe to the query represented by this `RLMResults`.
+
+ The subscription will not be explicitly named.
+
+ @return The subscription
+
+ @see RLMSyncSubscription
+*/
+- (RLMSyncSubscription *)subscribe;
+
+/**
+ Subscribe to the query represented by this `RLMResults`.
+
+ @param subscriptionName The name of the subscription
+
+ @return The subscription
+
+ @see RLMSyncSubscription
+*/
+- (RLMSyncSubscription *)subscribeWithName:(NSString *)subscriptionName;
+@end
+
+NS_ASSUME_NONNULL_END

Libraries external/Realm/Realm.framework/Headers/RLMSyncUtil.h

@@ -157,6 +157,12 @@ typedef RLM_ERROR_ENUM(NSInteger, RLMSyncAuthError, RLMSyncAuthErrorDomain) {
     /// An error that indicates a problem with the session (a specific Realm opened for sync).
     RLMSyncAuthErrorClientSessionError              = 4,
 
+    /// An error that indicates that the provided credentials are ill-formed.
+    RLMSyncAuthErrorInvalidParameters               = 601,
+
+    /// An error that indicates that no Realm path was included in the URL.
+    RLMSyncAuthErrorMissingPath                     = 602,
+
     /// An error that indicates that the provided credentials are invalid.
     RLMSyncAuthErrorInvalidCredential               = 611,
 

Libraries external/Realm/Realm.framework/Headers/Realm.h

@@ -35,6 +35,7 @@
 #import <Realm/RLMSyncManager.h>
 #import <Realm/RLMSyncPermission.h>
 #import <Realm/RLMSyncSession.h>
+#import <Realm/RLMSyncSubscription.h>
 #import <Realm/RLMSyncUser.h>
 #import <Realm/RLMSyncUtil.h>
 #import <Realm/NSError+RLMSync.h>

Libraries external/Realm/Realm.framework/PrivateHeaders/RLMProperty_Private.h

@@ -93,6 +93,7 @@ static inline NSString *RLMTypeToString(RLMPropertyType type) {
 @property (nonatomic, copy, nullable) NSString *objectClassName;
 
 // private properties
+@property (nonatomic, readwrite) NSString *columnName;
 @property (nonatomic, assign) NSUInteger index;
 @property (nonatomic, assign) BOOL isPrimary;
 @property (nonatomic, assign) Ivar swiftIvar;

Libraries external/Realm/Realm.framework/PrivateHeaders/RLMRealmConfiguration_Private.h

@@ -34,6 +34,8 @@ NS_ASSUME_NONNULL_BEGIN
 + (RLMRealmConfiguration *)rawDefaultConfiguration;
 
 + (void)resetRealmConfigurationState;
+
+- (void)setCustomSchemaWithoutCopying:(nullable RLMSchema *)schema;
 @end
 
 // Get a path in the platform-appropriate documents directory with the given filename

Libraries external/Realm/Realm.framework/PrivateHeaders/RLMSyncUtil_Private.h

@@ -62,6 +62,8 @@ extern NSString *const kRLMSyncRegisterKey;
 extern NSString *const kRLMSyncUnderlyingErrorKey;
 extern NSString *const kRLMSyncUserIDKey;
 
+FOUNDATION_EXTERN uint8_t RLMGetComputedPermissions(RLMRealm *realm, id _Nullable object);
+
 #define RLM_SYNC_UNINITIALIZABLE \
 - (instancetype)init __attribute__((unavailable("This type cannot be created directly"))); \
 + (instancetype)new __attribute__((unavailable("This type cannot be created directly")));

Libraries external/Realm/RealmSwift.framework/Headers/RealmSwift-Swift.h

@@ -1,4 +1,4 @@
-// Generated by Apple Swift version 4.0.2 (swiftlang-900.0.69.2 clang-900.0.38)
+// Generated by Apple Swift version 4.1 (swiftlang-902.0.48 clang-902.0.37.1)
 #pragma clang diagnostic push
 #pragma clang diagnostic ignored "-Wgcc-compat"
 
@@ -15,15 +15,6 @@
 # define __has_warning(x) 0
 #endif
 
-#if __has_attribute(external_source_symbol)
-# define SWIFT_STRINGIFY(str) #str
-# define SWIFT_MODULE_NAMESPACE_PUSH(module_name) _Pragma(SWIFT_STRINGIFY(clang attribute push(__attribute__((external_source_symbol(language="Swift", defined_in=module_name, generated_declaration))), apply_to=any(function, enum, objc_interface, objc_category, objc_protocol))))
-# define SWIFT_MODULE_NAMESPACE_POP _Pragma("clang attribute pop")
-#else
-# define SWIFT_MODULE_NAMESPACE_PUSH(module_name)
-# define SWIFT_MODULE_NAMESPACE_POP
-#endif
-
 #if __has_include(<swift/objc-prologue.h>)
 # include <swift/objc-prologue.h>
 #endif
@@ -38,7 +29,7 @@
 # define SWIFT_TYPEDEFS 1
 # if __has_include(<uchar.h>)
 #  include <uchar.h>
-# elif !defined(__cplusplus) || __cplusplus < 201103L
+# elif !defined(__cplusplus)
 typedef uint_least16_t char16_t;
 typedef uint_least32_t char32_t;
 # endif
@@ -186,7 +177,13 @@ typedef unsigned int swift_uint4  __attribute__((__ext_vector_type__(4)));
 #pragma clang diagnostic ignored "-Wunknown-pragmas"
 #pragma clang diagnostic ignored "-Wnullability"
 
-SWIFT_MODULE_NAMESPACE_PUSH("RealmSwift")
+#if __has_attribute(external_source_symbol)
+# pragma push_macro("any")
+# undef any
+# pragma clang attribute push(__attribute__((external_source_symbol(language="Swift", defined_in="RealmSwift",generated_declaration))), apply_to=any(function,enum,objc_interface,objc_category,objc_protocol))
+# pragma pop_macro("any")
+#endif
+
 @class RLMRealm;
 @class RLMObjectSchema;
 @class RLMSchema;
@@ -299,6 +296,23 @@ SWIFT_CLASS_NAMED("Object")
 @end
 
 
+/// An object which describes class-wide permissions.
+/// An instance of this object is automatically created in the Realm for class in your schema,
+/// and should not be created manually.
+SWIFT_CLASS_NAMED("ClassPermission")
+@interface RealmSwiftClassPermission : RealmSwiftObject
+/// The name of the class which these permissions apply to.
+@property (nonatomic, copy) NSString * _Nonnull name;
+/// :nodoc:
++ (NSString * _Nonnull)_realmObjectName SWIFT_WARN_UNUSED_RESULT;
+/// :nodoc:
++ (NSString * _Nonnull)primaryKey SWIFT_WARN_UNUSED_RESULT;
+- (nonnull instancetype)init OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithRealm:(RLMRealm * _Nonnull)realm schema:(RLMObjectSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithValue:(id _Nonnull)value schema:(RLMSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+@end
+
+
 /// Object interface which allows untyped getters and setters for Objects.
 /// :nodoc:
 SWIFT_CLASS("_TtC10RealmSwift13DynamicObject")
@@ -317,12 +331,21 @@ SWIFT_CLASS("_TtC10RealmSwift13DynamicObject")
 @end
 
 
+SWIFT_CLASS("_TtC10RealmSwift36KeyValueObservationNotificationToken")
+@interface KeyValueObservationNotificationToken : RLMNotificationToken
+- (void)invalidate;
+- (nonnull instancetype)init SWIFT_UNAVAILABLE;
++ (nonnull instancetype)new SWIFT_DEPRECATED_MSG("-init is unavailable");
+@end
+
+
 /// :nodoc:
 /// Internal class. Do not use directly. Used for reflection and initialization
 SWIFT_CLASS("_TtC10RealmSwift18LinkingObjectsBase")
 @interface LinkingObjectsBase : NSObject <NSFastEnumeration>
 - (NSInteger)countByEnumeratingWithState:(NSFastEnumerationState * _Nonnull)state objects:(id _Nullable * _Nonnull)buffer count:(NSInteger)len SWIFT_WARN_UNUSED_RESULT;
 - (nonnull instancetype)init SWIFT_UNAVAILABLE;
++ (nonnull instancetype)new SWIFT_DEPRECATED_MSG("-init is unavailable");
 @end
 
 
@@ -357,8 +380,101 @@ SWIFT_CLASS_NAMED("ObjectUtil")
 - (nonnull instancetype)init OBJC_DESIGNATED_INITIALIZER;
 @end
 
+@class RealmSwiftPermissionRole;
+
+/// A permission which can be applied to a Realm, Class, or specific Object.
+/// Permissions are applied by adding the permission to the RealmPermission singleton
+/// object, the ClassPermission object for the desired class, or to a user-defined
+/// List<Permission> property on a specific Object instance. The meaning of each of
+/// the properties of Permission depend on what the permission is applied to, and so are
+/// left undocumented here. See <code>RealmPrivileges</code>, <code>ClassPrivileges</code>, and
+/// <code>ObjectPrivileges</code> for details about what each of the properties mean when applied to
+/// that type.
+SWIFT_CLASS_NAMED("Permission")
+@interface RealmSwiftPermission : RealmSwiftObject
+/// The Role which this Permission applies to. All users within the Role are
+/// granted the permissions specified by the fields below any
+/// objects/classes/realms which use this Permission.
+/// This property cannot be modified once set.
+@property (nonatomic, strong) RealmSwiftPermissionRole * _Nullable role;
+/// Whether the user can read the object to which this Permission is attached.
+@property (nonatomic) BOOL canRead;
+/// Whether the user can modify the object to which this Permission is attached.
+@property (nonatomic) BOOL canUpdate;
+/// Whether the user can delete the object to which this Permission is attached.
+/// This field is only applicable to Permissions attached to Objects, and not
+/// to Realms or Classes.
+@property (nonatomic) BOOL canDelete;
+/// Whether the user can add or modify Permissions for the object which this
+/// Permission is attached to.
+@property (nonatomic) BOOL canSetPermissions;
+/// Whether the user can subscribe to queries for this object type.
+/// This field is only applicable to Permissions attached to Classes, and not
+/// to Realms or Objects.
+@property (nonatomic) BOOL canQuery;
+/// Whether the user can create new objects of the type this Permission is attached to.
+/// This field is only applicable to Permissions attached to Classes, and not
+/// to Realms or Objects.
+@property (nonatomic) BOOL canCreate;
+/// Whether the user can modify the schema of the Realm which this
+/// Permission is attached to.
+/// This field is only applicable to Permissions attached to Realms, and not
+/// to Realms or Objects.
+@property (nonatomic) BOOL canModifySchema;
+/// :nodoc:
++ (NSString * _Nonnull)_realmObjectName SWIFT_WARN_UNUSED_RESULT;
+- (nonnull instancetype)init OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithRealm:(RLMRealm * _Nonnull)realm schema:(RLMObjectSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithValue:(id _Nonnull)value schema:(RLMSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+@end
 
 
+/// A Role within the permissions system.
+/// A Role consists of a name for the role and a list of users which are members of the role.
+/// Roles are granted privileges on Realms, Classes and Objects, and in turn grant those
+/// privileges to all users which are members of the role.
+/// A role named “everyone” is automatically created in new Realms, and all new users which
+/// connect to the Realm are automatically added to it. Any other roles you wish to use are
+/// managed as normal Realm objects.
+SWIFT_CLASS_NAMED("PermissionRole")
+@interface RealmSwiftPermissionRole : RealmSwiftObject
+/// The name of the Role
+@property (nonatomic, copy) NSString * _Nonnull name;
+/// :nodoc:
++ (NSString * _Nonnull)_realmObjectName SWIFT_WARN_UNUSED_RESULT;
+/// :nodoc:
++ (NSString * _Nonnull)primaryKey SWIFT_WARN_UNUSED_RESULT;
+/// :nodoc:
++ (NSDictionary<NSString *, NSString *> * _Nonnull)_realmColumnNames SWIFT_WARN_UNUSED_RESULT;
+- (nonnull instancetype)init OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithRealm:(RLMRealm * _Nonnull)realm schema:(RLMObjectSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithValue:(id _Nonnull)value schema:(RLMSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+@end
+
+
+/// A representation of a sync user within the permissions system.
+/// PermissionUser objects are created automatically for each sync user which connects to
+/// a Realm, and can also be created manually if you wish to grant permissions to a user
+/// which has not yet connected to this Realm. When creating a PermissionUser manually, you
+/// must also manually add it to the “everyone” Role.
+SWIFT_CLASS_NAMED("PermissionUser")
+@interface RealmSwiftPermissionUser : RealmSwiftObject
+/// The unique Realm Object Server user ID string identifying this user. This will
+/// have the same value as <code>SyncUser.identity</code>
+@property (nonatomic, copy) NSString * _Nonnull identity;
+/// The user’s private role. This will be initialized to a role named for the user’s
+/// identity that contains this user as its only member.
+@property (nonatomic, strong) RealmSwiftPermissionRole * _Nullable role;
+/// :nodoc:
++ (NSString * _Nonnull)_realmObjectName SWIFT_WARN_UNUSED_RESULT;
+/// :nodoc:
++ (NSString * _Nonnull)primaryKey SWIFT_WARN_UNUSED_RESULT;
+/// :nodoc:
++ (NSDictionary<NSString *, NSString *> * _Nonnull)_realmColumnNames SWIFT_WARN_UNUSED_RESULT;
+- (nonnull instancetype)init OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithRealm:(RLMRealm * _Nonnull)realm schema:(RLMObjectSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithValue:(id _Nonnull)value schema:(RLMSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+@end
 
 
 
@@ -369,5 +485,26 @@ SWIFT_CLASS_NAMED("ObjectUtil")
 
 
 
-SWIFT_MODULE_NAMESPACE_POP
+
+
+
+
+/// A singleton object which describes Realm-wide permissions.
+/// An object of this type is automatically created in the Realm for you, and more objects
+/// cannot be created manually.
+/// See <code>RealmPrivileges</code> for the meaning of permissions applied to a Realm.
+SWIFT_CLASS_NAMED("RealmPermission")
+@interface RealmSwiftRealmPermission : RealmSwiftObject
+/// :nodoc:
++ (NSString * _Nonnull)_realmObjectName SWIFT_WARN_UNUSED_RESULT;
+/// :nodoc:
++ (NSString * _Nonnull)primaryKey SWIFT_WARN_UNUSED_RESULT;
+- (nonnull instancetype)init OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithRealm:(RLMRealm * _Nonnull)realm schema:(RLMObjectSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+- (nonnull instancetype)initWithValue:(id _Nonnull)value schema:(RLMSchema * _Nonnull)schema OBJC_DESIGNATED_INITIALIZER;
+@end
+
+#if __has_attribute(external_source_symbol)
+# pragma clang attribute pop
+#endif
 #pragma clang diagnostic pop

Nextcloud.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IDEDidComputeMac32BitWarning</key>
+	<true/>
+</dict>
+</plist>

iOSClient/Brand/Picker.plist

@@ -17,7 +17,7 @@
 	<key>CFBundlePackageType</key>
 	<string>XPC!</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.20.7</string>
+	<string>2.20.8</string>
 	<key>CFBundleVersion</key>
 	<string>00003</string>
 	<key>NSAppTransportSecurity</key>

iOSClient/Brand/PickerFileProvider.plist

@@ -17,7 +17,7 @@
 	<key>CFBundlePackageType</key>
 	<string>XPC!</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.20.7</string>
+	<string>2.20.8</string>
 	<key>CFBundleVersion</key>
 	<string>00003</string>
 	<key>NSExtension</key>

iOSClient/Brand/Share.plist

@@ -17,7 +17,7 @@
 	<key>CFBundlePackageType</key>
 	<string>XPC!</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.20.7</string>
+	<string>2.20.8</string>
 	<key>CFBundleVersion</key>
 	<string>00003</string>
 	<key>NSAppTransportSecurity</key>

iOSClient/Brand/iOSClient.plist

@@ -46,7 +46,7 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.20.7</string>
+	<string>2.20.8</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleURLTypes</key>

iOSClient/Library/OCCommunicationLib/OCCommunication.m

@@ -1731,7 +1731,7 @@
         NSDictionary *jsongParsed = [NSJSONSerialization JSONObjectWithData:responseData options:NSJSONReadingMutableContainers error:&error];
         NSLog(@"[LOG] Activity : %@",jsongParsed);
         
-        if (jsongParsed && jsongParsed.allKeys > 0) {
+        if (jsongParsed && [jsongParsed isKindOfClass:[NSDictionary class]] && jsongParsed.allKeys > 0) {
             
             NSDictionary *ocs = [jsongParsed valueForKey:@"ocs"];
             NSDictionary *meta = [ocs valueForKey:@"meta"];

iOSClient/Main/CCMain.m

@@ -3856,12 +3856,6 @@
                                         [[NCManageDatabase sharedInstance] clearDateReadWithServerUrl:_autoUploadDirectory directoryID:nil];
                                                                                 
                                         [self readFolder:serverUrl];
-                                        
-                                        //NSLog(@"[LOG] Update Folder Photo");
-                                        //NSString *autoUploadPath = [[NCManageDatabase sharedInstance] getAccountAutoUploadPath:appDelegate.activeUrl];
-                                        //if ([autoUploadPath length] > 0) {
-                                        //    [[CCSynchronize sharedSynchronize] readFileForFolder:_metadata.fileName serverUrl:serverUrl selector:selectorReadFileFolder];
-                                        //}
                                     }];
         }
 

iOSClient/Networking/OCNetworking.m

@@ -266,7 +266,6 @@
             tableMetadata *metadataFolder;
             NSString *directoryIDFolder;
             NSString *serverUrlFolder;
-            NSString *serverUrl;
             
             // Metadata . (self Folder)
             if ([_metadataNet.serverUrl isEqualToString:[CCUtility getHomeServerUrlActiveUrl:_activeUrl]]) {
@@ -311,11 +310,8 @@
                 } else
                     continue;
                 
-                if (itemDto.isDirectory) {
-                        
-                    serverUrl = [CCUtility stringAppendServerUrl:_metadataNet.serverUrl addFileName:fileName];
-                        
-                    (void)[[NCManageDatabase sharedInstance] addDirectoryWithEncrypted:itemDto.isEncrypted favorite:itemDto.isFavorite fileID:itemDto.ocId permissions:itemDto.permissions serverUrl:serverUrl];
+                if (itemDto.isDirectory) {                        
+                    (void)[[NCManageDatabase sharedInstance] addDirectoryWithEncrypted:itemDto.isEncrypted favorite:itemDto.isFavorite fileID:itemDto.ocId permissions:itemDto.permissions serverUrl:[CCUtility stringAppendServerUrl:_metadataNet.serverUrl addFileName:fileName]];
                 }
                 
                 // ----- BUG #942 ---------
@@ -443,11 +439,11 @@
                 serverUrl = [CCUtility stringAppendServerUrl:[_activeUrl stringByAppendingString:webDAV] addFileName:serverUrl];
                 
                 if (itemDto.isDirectory) {
-                    directoryID = [[NCManageDatabase sharedInstance] addDirectoryWithEncrypted:itemDto.isEncrypted favorite:itemDto.isFavorite fileID:itemDto.ocId permissions:itemDto.permissions serverUrl:[NSString stringWithFormat:@"%@/%@", serverUrl, fileName]].directoryID;
-                } else {
-                    directoryID = [[NCManageDatabase sharedInstance] getDirectoryID:serverUrl];
+                    (void)[[NCManageDatabase sharedInstance] addDirectoryWithEncrypted:itemDto.isEncrypted favorite:itemDto.isFavorite fileID:itemDto.ocId permissions:itemDto.permissions serverUrl:[NSString stringWithFormat:@"%@/%@", serverUrl, fileName]];
                 }
                 
+                directoryID = [[NCManageDatabase sharedInstance] getDirectoryID:serverUrl];
+                
                 isFolderEncrypted = [CCUtility isFolderEncrypted:serverUrl account:_metadataNet.account];
                 
                 [metadatas addObject:[CCUtility trasformedOCFileToCCMetadata:itemDto fileName:itemDto.fileName serverUrl:serverUrl directoryID:directoryID autoUploadFileName:autoUploadFileName autoUploadDirectory:autoUploadDirectory activeAccount:_metadataNet.account directoryUser:directoryUser isFolderEncrypted:isFolderEncrypted]];
@@ -618,11 +614,11 @@
                 serverUrl = [CCUtility stringAppendServerUrl:[_activeUrl stringByAppendingString:webDAV] addFileName:serverUrl];
                 
                 if (itemDto.isDirectory) {
-                    directoryID = [[NCManageDatabase sharedInstance] addDirectoryWithEncrypted:itemDto.isEncrypted favorite:itemDto.isFavorite fileID:itemDto.ocId permissions:itemDto.permissions serverUrl:[NSString stringWithFormat:@"%@/%@", serverUrl, fileName]].directoryID;
-                } else {
-                    directoryID = [[NCManageDatabase sharedInstance] getDirectoryID:serverUrl];
+                    (void)[[NCManageDatabase sharedInstance] addDirectoryWithEncrypted:itemDto.isEncrypted favorite:itemDto.isFavorite fileID:itemDto.ocId permissions:itemDto.permissions serverUrl:[NSString stringWithFormat:@"%@/%@", serverUrl, fileName]];
                 }
                 
+                directoryID = [[NCManageDatabase sharedInstance] getDirectoryID:serverUrl];
+                
                 isFolderEncrypted = [CCUtility isFolderEncrypted:serverUrl account:_metadataNet.account];
                 
                 [metadatas addObject:[CCUtility trasformedOCFileToCCMetadata:itemDto fileName:itemDto.fileName serverUrl:serverUrl directoryID:directoryID autoUploadFileName:autoUploadFileName autoUploadDirectory:autoUploadDirectory activeAccount:_metadataNet.account directoryUser:directoryUser isFolderEncrypted:isFolderEncrypted]];

iOSClient/Security/NCEndToEndMetadata.swift

@@ -160,7 +160,7 @@ class NCEndToEndMetadata : NSObject  {
                     return false
                 }
                 
-                guard let metadataKeyBase64 = NCEndToEndEncryption.sharedManager().decryptAsymmetricData(metadataKeyEncryptedData as Data!, privateKey: privateKey) else {
+                guard let metadataKeyBase64 = NCEndToEndEncryption.sharedManager().decryptAsymmetricData(metadataKeyEncryptedData as Data?, privateKey: privateKey) else {
                     return false
                 }
                 

iOSClient/Settings/NCEndToEndInitialize.swift

@@ -106,7 +106,7 @@ class NCEndToEndInitialize : NSObject, OCNetworkingDelegate  {
             appDelegate.messageNotification("E2E get publicKey", description: "forbidden: the user can't access the public keys", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
             
         default:
-            appDelegate.messageNotification("E2E get publicKey", description: message as String!, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
+            appDelegate.messageNotification("E2E get publicKey", description: message as String, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
         }
     }
 
@@ -129,7 +129,7 @@ class NCEndToEndInitialize : NSObject, OCNetworkingDelegate  {
             appDelegate.messageNotification("E2E sign publicKey", description: "conflict: a public key for the user already exists", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
             
         default:
-            appDelegate.messageNotification("E2E sign publicKey", description: message as String!, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
+            appDelegate.messageNotification("E2E sign publicKey", description: message as String, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
         }
     }
     
@@ -239,7 +239,7 @@ class NCEndToEndInitialize : NSObject, OCNetworkingDelegate  {
             appDelegate.messageNotification("E2E get privateKey", description: "forbidden: the user can't access the private key", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
             
         default:
-            appDelegate.messageNotification("E2E get privateKey", description: message as String!, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
+            appDelegate.messageNotification("E2E get privateKey", description: message as String, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
         }
     }
     
@@ -263,7 +263,7 @@ class NCEndToEndInitialize : NSObject, OCNetworkingDelegate  {
             appDelegate.messageNotification("E2E store privateKey", description: "conflict: a private key for the user already exists", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
         
         default:
-            appDelegate.messageNotification("E2E store privateKey", description: message as String!, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
+            appDelegate.messageNotification("E2E store privateKey", description: message as String, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
         }
     }
     
@@ -296,7 +296,7 @@ class NCEndToEndInitialize : NSObject, OCNetworkingDelegate  {
             appDelegate.messageNotification("E2E Server publicKey", description: "forbidden: the user can't access the Server publickey", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
             
         default:
-            appDelegate.messageNotification("E2E Server publicKey", description: message as String!, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
+            appDelegate.messageNotification("E2E Server publicKey", description: message as String, visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
         }
     }
 }

iOSClient/Synchronize/CCSynchronize.m

@@ -44,6 +44,7 @@
             
             sharedSynchronize = [CCSynchronize new];
             sharedSynchronize.foldersInSynchronized = [NSMutableOrderedSet new];
+            sharedSynchronize->appDelegate = (AppDelegate *)[[UIApplication sharedApplication] delegate];
         }
         return sharedSynchronize;
     }
@@ -105,6 +106,10 @@
     (void)[[NCManageDatabase sharedInstance] addMetadata:metadataFolder];
     [[NCManageDatabase sharedInstance] setDirectoryWithServerUrl:metadataNet.serverUrl serverUrlTo:nil etag:metadataFolder.etag fileID:metadataFolder.fileID encrypted:metadataFolder.e2eEncrypted];
 
+    // reload folder ../ *
+    NSString *serverUrlParent = [[NCManageDatabase sharedInstance] getServerUrl:metadataFolder.directoryID];
+    [appDelegate.activeMain reloadDatasource:serverUrlParent];
+    
     dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_LOW, 0), ^{
         
         NSMutableArray *metadatasForVerifyChange = [NSMutableArray new];
@@ -283,9 +288,10 @@
                 
                 NSString *serverUrl = [CCUtility stringAppendServerUrl:metadataNet.serverUrl addFileName:metadataNet.fileName];
                 tableDirectory *tableDirectory = [[NCManageDatabase sharedInstance] getTableDirectoryWithPredicate:[NSPredicate predicateWithFormat:@"account = %@ AND serverUrl = %@", metadataNet.account, serverUrl]];
+                tableMetadata *tableMetadata = [[NCManageDatabase sharedInstance] getMetadataWithPredicate:[NSPredicate predicateWithFormat:@"account = %@ AND fileID = %@", metadataNet.account, metadata.fileID]];
                 
-                // Verify changed etag
-                if (![tableDirectory.etag isEqualToString:metadata.etag] && tableDirectory) {
+                // Verify changed etag OR was not favorite
+                if (!([tableDirectory.etag isEqualToString:metadata.etag]) || (tableMetadata == nil || tableMetadata.favorite == NO)) {
                     
                     if ([metadataNet.selector isEqualToString:selectorReadFileFolder])
                         [self readFolder:serverUrl selector:selectorReadFolder];