update me and me.devices in single transaction

backend/src/main/java/org/cryptomator/hub/api/UsersResource.java

@@ -74,11 +74,29 @@ public Response putMe(@Nullable @Valid UserDto dto) {
 			user.setEcdsaPublicKey(dto.ecdsaPublicKey);
 			user.setPrivateKeys(dto.privateKeys);
 			user.setSetupCode(dto.setupCode);
+			updateDevices(user, dto);
 		}
 		userRepo.persist(user);
 		return Response.created(URI.create(".")).build();
 	}
 
+	/**
+	 * updates those devices that are present in both the entity and the dto. No devices are added or removed.
+	 * @param userEntity The persistent entity
+	 * @param userDto The DTO
+	 */
+	private void updateDevices(User userEntity, UserDto userDto) {
+		var dtos = userDto.devices.stream().collect(Collectors.toMap(DeviceResource.DeviceDto::id, Function.identity()));
+		var updatedDevices = userEntity.devices.stream().filter(d -> dtos.containsKey(d.getId())).peek(device -> {
+			var dto = dtos.get(device.getId());
+			device.setType(dto.type());
+			device.setName(dto.name());
+			device.setPublickey(dto.publicKey());
+			device.setUserPrivateKeys(dto.userPrivateKeys());
+		});
+		deviceRepo.persist(updatedDevices);
+	}
+
 	@POST
 	@Path("/me/access-tokens")
 	@RolesAllowed("user")

frontend/src/common/userdata.ts

@@ -134,11 +134,10 @@ class UserData {
       const payload: { setupCode: string } = await JWEParser.parse(me.setupCode).decryptEcdhEs(userKeys.ecdhKeyPair.privateKey);
       me.ecdsaPublicKey = await userKeys.encodedEcdsaPublicKey();
       me.privateKey = await userKeys.encryptWithSetupCode(payload.setupCode);
-      await backend.users.putMe(me); // TODO: update user and devices in single transaction!
       for (const device of me.devices) {
         device.userPrivateKey = await userKeys.encryptForDevice(base64.parse(device.publicKey));
-        await backend.devices.putDevice(device); // TODO: update user and devices in single transaction!
       }
+      await backend.users.putMe(me);
     }
   }