Change invite logic
This commit is contained in:
mcrakhman
parent
675885d875
commit
08b8ecba32
@ -681,10 +681,9 @@ func (m *ACLUserAdd) GetPermissions() ACLUserPermissions {
|
||||
|
||||
type ACLUserInvite struct {
|
||||
AcceptPublicKey []byte `protobuf:"bytes,1,opt,name=acceptPublicKey,proto3" json:"acceptPublicKey,omitempty"`
|
||||
EncryptPublicKey []byte `protobuf:"bytes,2,opt,name=encryptPublicKey,proto3" json:"encryptPublicKey,omitempty"`
|
||||
EncryptSymKeyHash uint64 `protobuf:"varint,2,opt,name=encryptSymKeyHash,proto3" json:"encryptSymKeyHash,omitempty"`
|
||||
EncryptedReadKeys [][]byte `protobuf:"bytes,3,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"`
|
||||
Permissions ACLUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.ACLUserPermissions" json:"permissions,omitempty"`
|
||||
InviteId string `protobuf:"bytes,5,opt,name=inviteId,proto3" json:"inviteId,omitempty"`
|
||||
}
|
||||
|
||||
func (m *ACLUserInvite) Reset() { *m = ACLUserInvite{} }
|
||||
@ -727,11 +726,11 @@ func (m *ACLUserInvite) GetAcceptPublicKey() []byte {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *ACLUserInvite) GetEncryptPublicKey() []byte {
|
||||
func (m *ACLUserInvite) GetEncryptSymKeyHash() uint64 {
|
||||
if m != nil {
|
||||
return m.EncryptPublicKey
|
||||
return m.EncryptSymKeyHash
|
||||
}
|
||||
return nil
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *ACLUserInvite) GetEncryptedReadKeys() [][]byte {
|
||||
@ -748,18 +747,11 @@ func (m *ACLUserInvite) GetPermissions() ACLUserPermissions {
|
||||
return ACLUserPermissions_Admin
|
||||
}
|
||||
|
||||
func (m *ACLUserInvite) GetInviteId() string {
|
||||
if m != nil {
|
||||
return m.InviteId
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
type ACLUserJoin struct {
|
||||
Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
|
||||
EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"`
|
||||
AcceptSignature []byte `protobuf:"bytes,3,opt,name=acceptSignature,proto3" json:"acceptSignature,omitempty"`
|
||||
InviteId string `protobuf:"bytes,4,opt,name=inviteId,proto3" json:"inviteId,omitempty"`
|
||||
AcceptPubKey []byte `protobuf:"bytes,4,opt,name=acceptPubKey,proto3" json:"acceptPubKey,omitempty"`
|
||||
EncryptedReadKeys [][]byte `protobuf:"bytes,5,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"`
|
||||
}
|
||||
|
||||
@ -817,11 +809,11 @@ func (m *ACLUserJoin) GetAcceptSignature() []byte {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *ACLUserJoin) GetInviteId() string {
|
||||
func (m *ACLUserJoin) GetAcceptPubKey() []byte {
|
||||
if m != nil {
|
||||
return m.InviteId
|
||||
return m.AcceptPubKey
|
||||
}
|
||||
return ""
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *ACLUserJoin) GetEncryptedReadKeys() [][]byte {
|
||||
@ -1019,61 +1011,61 @@ func init() {
|
||||
}
|
||||
|
||||
var fileDescriptor_14abe0d1b4206d54 = []byte{
|
||||
// 859 bytes of a gzipped FileDescriptorProto
|
||||
// 854 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0x1b, 0x45,
|
||||
0x14, 0xdf, 0x59, 0x3b, 0x71, 0xf6, 0xd9, 0x6d, 0xdc, 0x11, 0xa4, 0xab, 0xa8, 0x58, 0xd6, 0x8a,
|
||||
0x83, 0x55, 0x81, 0x0b, 0x06, 0xa9, 0x28, 0x07, 0x90, 0x6b, 0x5a, 0xd9, 0x24, 0x87, 0x6a, 0x02,
|
||||
0x14, 0x71, 0x9b, 0xee, 0x8e, 0x92, 0x51, 0xed, 0xdd, 0xd5, 0xec, 0xd8, 0xc8, 0x47, 0xce, 0x5c,
|
||||
0xe0, 0x23, 0xf0, 0x41, 0x38, 0x71, 0xe1, 0xd8, 0x0b, 0x12, 0x47, 0x94, 0x7c, 0x01, 0xee, 0x5c,
|
||||
0xd0, 0xcc, 0xfe, 0xdf, 0xb5, 0x2d, 0x2a, 0x59, 0x3d, 0x24, 0xde, 0xf7, 0xde, 0xef, 0x3d, 0xff,
|
||||
0xe6, 0xf7, 0xde, 0xbc, 0x35, 0x7c, 0x18, 0xbe, 0xba, 0x7a, 0x44, 0xdd, 0xb9, 0xfa, 0x13, 0xcc,
|
||||
0x0d, 0x84, 0x17, 0x8a, 0x40, 0x06, 0x8f, 0xf4, 0xff, 0x28, 0xf7, 0x0e, 0xb5, 0x03, 0x5b, 0x99,
|
||||
0xc3, 0x79, 0x06, 0x1d, 0x42, 0x7f, 0x18, 0x4f, 0x2e, 0x88, 0xb6, 0xb1, 0x0d, 0xad, 0x90, 0xae,
|
||||
0xe7, 0x01, 0xf5, 0x6c, 0xd4, 0x47, 0x83, 0x0e, 0x49, 0x4d, 0xfc, 0x00, 0xac, 0x88, 0x5f, 0xf9,
|
||||
0x54, 0x2e, 0x05, 0xb3, 0x4d, 0x1d, 0xcb, 0x1d, 0xce, 0xe7, 0x80, 0x8b, 0x75, 0x5e, 0x70, 0x79,
|
||||
0x3d, 0xdb, 0x55, 0xed, 0x2e, 0x98, 0xdc, 0xd3, 0x65, 0x2c, 0x62, 0x72, 0xcf, 0xf9, 0x15, 0x81,
|
||||
0x95, 0xb3, 0x38, 0x81, 0xc3, 0x50, 0xb0, 0xd5, 0x2c, 0x4e, 0xb3, 0x48, 0x62, 0xe1, 0x53, 0x38,
|
||||
0xe2, 0x1e, 0xf3, 0x25, 0x97, 0xeb, 0x84, 0x42, 0x66, 0x63, 0x0c, 0x4d, 0x8f, 0x4a, 0x6a, 0x37,
|
||||
0xb4, 0x5f, 0x3f, 0xe3, 0x21, 0x60, 0x77, 0x29, 0x04, 0xf3, 0x25, 0x61, 0xd4, 0x3b, 0x67, 0xeb,
|
||||
0x29, 0x8d, 0xae, 0xed, 0x66, 0x1f, 0x0d, 0x9a, 0x64, 0x43, 0x44, 0x9d, 0x51, 0xf2, 0x05, 0x8b,
|
||||
0x24, 0x5d, 0x84, 0xf6, 0x41, 0x1f, 0x0d, 0x1a, 0x24, 0x77, 0x38, 0x3f, 0x99, 0xd0, 0x52, 0x1c,
|
||||
0x83, 0x40, 0x96, 0x98, 0xa0, 0x0a, 0x93, 0xf7, 0xe1, 0x0e, 0xf3, 0x5d, 0xb1, 0x0e, 0x25, 0x0f,
|
||||
0xfc, 0x73, 0x96, 0x52, 0x2d, 0x3b, 0x95, 0x36, 0x51, 0x48, 0x5d, 0x36, 0xf3, 0x34, 0x65, 0x8b,
|
||||
0xa4, 0x26, 0x7e, 0x08, 0xdd, 0x04, 0xca, 0xbc, 0x84, 0x9d, 0xe6, 0xdc, 0x21, 0x35, 0xbf, 0xc2,
|
||||
0x7a, 0x4c, 0xf0, 0x15, 0x55, 0x65, 0x2f, 0xdd, 0x6b, 0xb6, 0x60, 0x9a, 0xb8, 0x45, 0x6a, 0xfe,
|
||||
0x2d, 0x6a, 0x1c, 0xfe, 0x3f, 0x35, 0x5a, 0x55, 0x35, 0xfe, 0x34, 0xe1, 0x78, 0x3c, 0xb9, 0x98,
|
||||
0x04, 0xbe, 0x64, 0xbe, 0xfc, 0x96, 0xce, 0x97, 0x0c, 0x7f, 0x0c, 0xad, 0x65, 0xc4, 0xc4, 0xd8,
|
||||
0x8b, 0x1b, 0xd7, 0x1e, 0xbd, 0x3b, 0xcc, 0x67, 0x6f, 0x3c, 0xb9, 0xf8, 0x26, 0x0e, 0x4e, 0x0d,
|
||||
0x92, 0xe2, 0xf0, 0x19, 0x80, 0x7a, 0x24, 0x6c, 0x11, 0xac, 0xe2, 0xb9, 0x6a, 0x8f, 0xec, 0x7a,
|
||||
0x56, 0x1c, 0x9f, 0x1a, 0xa4, 0x80, 0xc6, 0xdf, 0xc1, 0x3b, 0xca, 0x7a, 0xce, 0xc4, 0x82, 0x47,
|
||||
0x11, 0x0f, 0xfc, 0xc9, 0x35, 0xf5, 0xaf, 0x98, 0xd6, 0xb3, 0x3d, 0x72, 0xea, 0x55, 0xaa, 0xc8,
|
||||
0xa9, 0x41, 0x36, 0x56, 0x48, 0x59, 0xcd, 0xfc, 0x15, 0x97, 0x4c, 0x8b, 0xbf, 0x91, 0x55, 0x1c,
|
||||
0x4f, 0x59, 0xc5, 0x16, 0xfe, 0x14, 0x8e, 0x94, 0xf5, 0x55, 0xc0, 0x7d, 0xdd, 0x8a, 0xf6, 0xe8,
|
||||
0xa4, 0x9e, 0xa9, 0xa2, 0x53, 0x83, 0x64, 0xc8, 0x27, 0x2d, 0x38, 0x58, 0x29, 0x0d, 0x9d, 0xa7,
|
||||
0x7a, 0xc8, 0xbe, 0x54, 0xe3, 0x7b, 0x06, 0x40, 0xdd, 0x79, 0xa2, 0xb0, 0x8d, 0xfa, 0x8d, 0x41,
|
||||
0x7b, 0x74, 0x5a, 0xae, 0x55, 0x94, 0x9f, 0x14, 0xd0, 0xce, 0xbf, 0x08, 0x8e, 0xc6, 0x93, 0x8b,
|
||||
0x4b, 0x49, 0x25, 0x53, 0x13, 0x29, 0xf2, 0xc6, 0xb2, 0x48, 0xd7, 0x6a, 0x92, 0xb2, 0x13, 0x3f,
|
||||
0x8e, 0x0f, 0xad, 0x53, 0x22, 0xdb, 0xd4, 0x5f, 0x77, 0xbf, 0x4e, 0x5d, 0xc7, 0x49, 0x01, 0x8a,
|
||||
0xcf, 0xa0, 0xc5, 0xf5, 0xd9, 0x23, 0xbb, 0xa1, 0xb3, 0xfa, 0xe5, 0x2c, 0x0d, 0x1b, 0xc6, 0xf2,
|
||||
0x44, 0x4f, 0x7d, 0x29, 0xd6, 0x24, 0x4d, 0x38, 0xfd, 0x1a, 0x3a, 0xc5, 0x00, 0xee, 0x42, 0xe3,
|
||||
0x15, 0x5b, 0x27, 0xf7, 0x5e, 0x3d, 0xe2, 0x61, 0xa2, 0xcc, 0xf6, 0xe1, 0x88, 0x0b, 0x90, 0x18,
|
||||
0x76, 0x66, 0x7e, 0x86, 0x9c, 0x5f, 0x10, 0x74, 0x8a, 0x74, 0xf7, 0x70, 0x5f, 0xbf, 0x80, 0x76,
|
||||
0x98, 0x8d, 0x49, 0xa4, 0x67, 0xec, 0xee, 0xe8, 0xbd, 0x5d, 0x33, 0x16, 0x91, 0x62, 0x86, 0xf3,
|
||||
0x1b, 0x02, 0xc8, 0xef, 0xc0, 0x1e, 0x18, 0x7d, 0x00, 0xf7, 0xaa, 0xfb, 0x20, 0x6e, 0x40, 0x87,
|
||||
0xd4, 0x03, 0x55, 0xfe, 0xcd, 0x37, 0xe6, 0xff, 0x0f, 0x82, 0x3b, 0x25, 0xc1, 0xf1, 0x00, 0x8e,
|
||||
0xa9, 0xeb, 0xb2, 0x50, 0x3e, 0x5f, 0xbe, 0x9c, 0x73, 0xf7, 0x9c, 0xa5, 0x27, 0xa9, 0xba, 0x0b,
|
||||
0x2b, 0x2d, 0x87, 0x9a, 0xa5, 0x95, 0x96, 0x63, 0xdf, 0xee, 0xb1, 0x74, 0x1f, 0xf4, 0x71, 0x66,
|
||||
0x5e, 0xb2, 0x39, 0x33, 0xdb, 0xf9, 0x1d, 0x41, 0xbb, 0x70, 0x61, 0xf7, 0xd0, 0xb3, 0x4c, 0xb2,
|
||||
0xcb, 0xec, 0x5d, 0xda, 0x28, 0x4a, 0x96, 0xb9, 0x4b, 0xbc, 0x9a, 0x65, 0x5e, 0x9b, 0x25, 0x3a,
|
||||
0xd8, 0x22, 0x91, 0x13, 0x65, 0x7d, 0x4b, 0xf6, 0xe6, 0xae, 0x63, 0x3c, 0x83, 0xe3, 0x64, 0x2b,
|
||||
0x10, 0x16, 0xce, 0xa9, 0x9b, 0xdd, 0xe9, 0x07, 0x65, 0x4d, 0x49, 0x09, 0x44, 0xaa, 0x49, 0xce,
|
||||
0x8f, 0x08, 0xee, 0xd5, 0x60, 0x7b, 0x10, 0x70, 0xd3, 0xcb, 0xb1, 0xb1, 0xf9, 0xe5, 0xe8, 0xac,
|
||||
0xe0, 0xfe, 0x96, 0xc5, 0xbf, 0x93, 0x48, 0x65, 0xa4, 0xcc, 0x37, 0x1d, 0xa9, 0x87, 0x8f, 0x01,
|
||||
0xd7, 0x21, 0xd8, 0x82, 0x83, 0xb1, 0xb7, 0xe0, 0x7e, 0xd7, 0xc0, 0x00, 0x87, 0x2f, 0x04, 0x97,
|
||||
0x4c, 0x74, 0x91, 0x7a, 0x56, 0x7c, 0x99, 0xe8, 0x9a, 0x4f, 0x3e, 0xfa, 0xe3, 0xa6, 0x87, 0x5e,
|
||||
0xdf, 0xf4, 0xd0, 0xdf, 0x37, 0x3d, 0xf4, 0xf3, 0x6d, 0xcf, 0x78, 0x7d, 0xdb, 0x33, 0xfe, 0xba,
|
||||
0xed, 0x19, 0xdf, 0x9f, 0x6c, 0xfe, 0x85, 0xf7, 0xf2, 0x50, 0x7f, 0x7c, 0xf2, 0x5f, 0x00, 0x00,
|
||||
0x00, 0xff, 0xff, 0x0d, 0xd2, 0xee, 0x14, 0x02, 0x0a, 0x00, 0x00,
|
||||
0x83, 0x55, 0x81, 0x0b, 0x06, 0xa9, 0x28, 0x07, 0x90, 0x6b, 0x5a, 0x39, 0x24, 0x87, 0x6a, 0x02,
|
||||
0x14, 0x71, 0x9b, 0xee, 0x8e, 0xe2, 0x51, 0xed, 0xdd, 0xd5, 0xec, 0xd8, 0xc8, 0x47, 0xce, 0x5c,
|
||||
0xe0, 0x23, 0xf0, 0x41, 0xb8, 0x23, 0x71, 0xe9, 0x05, 0xc4, 0x11, 0x25, 0x1f, 0x83, 0x0b, 0x9a,
|
||||
0xd9, 0xff, 0xbb, 0xb6, 0x45, 0x25, 0xab, 0x87, 0xc4, 0xf3, 0xde, 0xfb, 0xbd, 0xe7, 0xdf, 0xfc,
|
||||
0xe6, 0xcd, 0x1b, 0xc3, 0x87, 0xe1, 0xab, 0xeb, 0x47, 0xd4, 0x9d, 0xab, 0x3f, 0xc1, 0xdc, 0x40,
|
||||
0x78, 0xa1, 0x08, 0x64, 0xf0, 0x48, 0xff, 0x8f, 0x72, 0xef, 0x50, 0x3b, 0xb0, 0x95, 0x39, 0x9c,
|
||||
0x67, 0xd0, 0x21, 0xf4, 0x87, 0xf1, 0xe4, 0x92, 0x68, 0x1b, 0xdb, 0xd0, 0x0a, 0xe9, 0x7a, 0x1e,
|
||||
0x50, 0xcf, 0x46, 0x7d, 0x34, 0xe8, 0x90, 0xd4, 0xc4, 0x0f, 0xc0, 0x8a, 0xf8, 0xb5, 0x4f, 0xe5,
|
||||
0x52, 0x30, 0xdb, 0xd4, 0xb1, 0xdc, 0xe1, 0x7c, 0x0e, 0xb8, 0x58, 0xe7, 0x05, 0x97, 0xb3, 0xf3,
|
||||
0x5d, 0xd5, 0xee, 0x82, 0xc9, 0x3d, 0x5d, 0xc6, 0x22, 0x26, 0xf7, 0x9c, 0x5f, 0x11, 0x58, 0x39,
|
||||
0x8b, 0x13, 0x38, 0x0c, 0x05, 0x5b, 0x9d, 0xc7, 0x69, 0x16, 0x49, 0x2c, 0x7c, 0x0a, 0x47, 0xdc,
|
||||
0x63, 0xbe, 0xe4, 0x72, 0x9d, 0x50, 0xc8, 0x6c, 0x8c, 0xa1, 0xe9, 0x51, 0x49, 0xed, 0x86, 0xf6,
|
||||
0xeb, 0x35, 0x1e, 0x02, 0x76, 0x97, 0x42, 0x30, 0x5f, 0x12, 0x46, 0xbd, 0x0b, 0xb6, 0x9e, 0xd2,
|
||||
0x68, 0x66, 0x37, 0xfb, 0x68, 0xd0, 0x24, 0x1b, 0x22, 0x6a, 0x8f, 0x92, 0x2f, 0x58, 0x24, 0xe9,
|
||||
0x22, 0xb4, 0x0f, 0xfa, 0x68, 0xd0, 0x20, 0xb9, 0xc3, 0xf9, 0xc9, 0x84, 0x96, 0xe2, 0x18, 0x04,
|
||||
0xb2, 0xc4, 0x04, 0x55, 0x98, 0xbc, 0x0f, 0x77, 0x98, 0xef, 0x8a, 0x75, 0x28, 0x79, 0xe0, 0x5f,
|
||||
0xb0, 0x94, 0x6a, 0xd9, 0xa9, 0xb4, 0x89, 0x42, 0xea, 0xb2, 0x73, 0x4f, 0x53, 0xb6, 0x48, 0x6a,
|
||||
0xe2, 0x87, 0xd0, 0x4d, 0xa0, 0xcc, 0x4b, 0xd8, 0x69, 0xce, 0x1d, 0x52, 0xf3, 0x2b, 0xac, 0xc7,
|
||||
0x04, 0x5f, 0x51, 0x55, 0xf6, 0xca, 0x9d, 0xb1, 0x05, 0xd3, 0xc4, 0x2d, 0x52, 0xf3, 0x6f, 0x51,
|
||||
0xe3, 0xf0, 0xff, 0xa9, 0xd1, 0xaa, 0xaa, 0xf1, 0xa7, 0x09, 0xc7, 0xe3, 0xc9, 0xe5, 0x24, 0xf0,
|
||||
0x25, 0xf3, 0xe5, 0xb7, 0x74, 0xbe, 0x64, 0xf8, 0x63, 0x68, 0x2d, 0x23, 0x26, 0xc6, 0x5e, 0x7c,
|
||||
0x70, 0xed, 0xd1, 0xbb, 0xc3, 0xbc, 0xf7, 0xc6, 0x93, 0xcb, 0x6f, 0xe2, 0xe0, 0xd4, 0x20, 0x29,
|
||||
0x0e, 0x9f, 0x01, 0xa8, 0x25, 0x61, 0x8b, 0x60, 0x15, 0xf7, 0x55, 0x7b, 0x64, 0xd7, 0xb3, 0xe2,
|
||||
0xf8, 0xd4, 0x20, 0x05, 0x34, 0xfe, 0x0e, 0xde, 0x51, 0xd6, 0x73, 0x26, 0x16, 0x3c, 0x8a, 0x78,
|
||||
0xe0, 0x4f, 0x66, 0xd4, 0xbf, 0x66, 0x5a, 0xcf, 0xf6, 0xc8, 0xa9, 0x57, 0xa9, 0x22, 0xa7, 0x06,
|
||||
0xd9, 0x58, 0x21, 0x65, 0x75, 0xee, 0xaf, 0xb8, 0x64, 0x5a, 0xfc, 0x8d, 0xac, 0xe2, 0x78, 0xca,
|
||||
0x2a, 0xb6, 0xf0, 0xa7, 0x70, 0xa4, 0xac, 0xaf, 0x02, 0xee, 0xeb, 0xa3, 0x68, 0x8f, 0x4e, 0xea,
|
||||
0x99, 0x2a, 0x3a, 0x35, 0x48, 0x86, 0x7c, 0xd2, 0x82, 0x83, 0x95, 0xd2, 0xd0, 0x79, 0xaa, 0x9b,
|
||||
0xec, 0x4b, 0xd5, 0xbe, 0x67, 0x00, 0xd4, 0x9d, 0x27, 0x0a, 0xdb, 0xa8, 0xdf, 0x18, 0xb4, 0x47,
|
||||
0xa7, 0xe5, 0x5a, 0x45, 0xf9, 0x49, 0x01, 0xed, 0xfc, 0x8b, 0xe0, 0x68, 0x3c, 0xb9, 0xbc, 0x92,
|
||||
0x54, 0x32, 0xd5, 0x91, 0x22, 0x3f, 0x58, 0x16, 0xe9, 0x5a, 0x4d, 0x52, 0x76, 0xe2, 0xc7, 0xf1,
|
||||
0xa6, 0x75, 0x4a, 0x64, 0x9b, 0xfa, 0xeb, 0xee, 0xd7, 0xa9, 0xeb, 0x38, 0x29, 0x40, 0xf1, 0x19,
|
||||
0xb4, 0xb8, 0xde, 0x7b, 0x64, 0x37, 0x74, 0x56, 0xbf, 0x9c, 0xa5, 0x61, 0xc3, 0x58, 0x9e, 0xe8,
|
||||
0xa9, 0x2f, 0xc5, 0x9a, 0xa4, 0x09, 0xa7, 0x5f, 0x43, 0xa7, 0x18, 0xc0, 0x5d, 0x68, 0xbc, 0x62,
|
||||
0xeb, 0xe4, 0xde, 0xab, 0x25, 0x1e, 0x26, 0xca, 0x6c, 0x6f, 0x8e, 0xb8, 0x00, 0x89, 0x61, 0x67,
|
||||
0xe6, 0x67, 0xc8, 0xf9, 0x05, 0x41, 0xa7, 0x48, 0x77, 0x0f, 0xf7, 0xf5, 0x0b, 0x68, 0x87, 0x59,
|
||||
0x9b, 0x44, 0xba, 0xc7, 0xee, 0x8e, 0xde, 0xdb, 0xd5, 0x63, 0x11, 0x29, 0x66, 0x38, 0xbf, 0x21,
|
||||
0x80, 0xfc, 0x0e, 0xec, 0x81, 0xd1, 0x07, 0x70, 0xaf, 0x3a, 0x0f, 0xe2, 0x03, 0xe8, 0x90, 0x7a,
|
||||
0xa0, 0xca, 0xbf, 0xf9, 0xc6, 0xfc, 0xff, 0x42, 0x70, 0xa7, 0x24, 0x38, 0x1e, 0xc0, 0x31, 0x75,
|
||||
0x5d, 0x16, 0xca, 0xe7, 0xcb, 0x97, 0x73, 0xee, 0x5e, 0xb0, 0x74, 0x27, 0x55, 0x77, 0x81, 0xea,
|
||||
0xd5, 0x7a, 0x91, 0x4e, 0x1e, 0x53, 0x4f, 0x9e, 0x7a, 0xe0, 0x6d, 0x6f, 0xec, 0x0f, 0x04, 0xed,
|
||||
0xc2, 0xb5, 0xdc, 0xc3, 0xc9, 0x64, 0xc2, 0x5c, 0x65, 0x2f, 0x66, 0xa3, 0x28, 0x4c, 0xe6, 0xc6,
|
||||
0x0e, 0x74, 0x32, 0xad, 0xf2, 0x39, 0x5f, 0xf2, 0x6d, 0x96, 0xe3, 0x60, 0x8b, 0x1c, 0x4e, 0x94,
|
||||
0x9d, 0x52, 0x32, 0x25, 0x77, 0x6d, 0xe7, 0x19, 0x1c, 0x27, 0x33, 0x80, 0xb0, 0x70, 0x4e, 0xdd,
|
||||
0xec, 0x06, 0x3f, 0x28, 0xeb, 0x47, 0x4a, 0x20, 0x52, 0x4d, 0x72, 0x7e, 0x44, 0x70, 0xaf, 0x06,
|
||||
0xdb, 0x83, 0x90, 0x9b, 0x9e, 0xc2, 0xc6, 0xe6, 0xa7, 0xd0, 0x59, 0xc1, 0xfd, 0x2d, 0x63, 0x7e,
|
||||
0x27, 0x91, 0x4a, 0xfb, 0x98, 0x6f, 0xda, 0x3e, 0x0f, 0x1f, 0x03, 0xae, 0x43, 0xb0, 0x05, 0x07,
|
||||
0x63, 0x6f, 0xc1, 0xfd, 0xae, 0x81, 0x01, 0x0e, 0x5f, 0x08, 0x2e, 0x99, 0xe8, 0x22, 0xb5, 0x56,
|
||||
0x7c, 0x99, 0xe8, 0x9a, 0x4f, 0x3e, 0xfa, 0xfd, 0xa6, 0x87, 0x5e, 0xdf, 0xf4, 0xd0, 0x3f, 0x37,
|
||||
0x3d, 0xf4, 0xf3, 0x6d, 0xcf, 0x78, 0x7d, 0xdb, 0x33, 0xfe, 0xbe, 0xed, 0x19, 0xdf, 0x9f, 0x6c,
|
||||
0xfe, 0x3d, 0xf7, 0xf2, 0x50, 0x7f, 0x7c, 0xf2, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xa5, 0x4a,
|
||||
0x77, 0x11, 0xf0, 0x09, 0x00, 0x00,
|
||||
}
|
||||
|
||||
func (m *RawACLRecord) Marshal() (dAtA []byte, err error) {
|
||||
@ -1640,13 +1632,6 @@ func (m *ACLUserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
||||
_ = i
|
||||
var l int
|
||||
_ = l
|
||||
if len(m.InviteId) > 0 {
|
||||
i -= len(m.InviteId)
|
||||
copy(dAtA[i:], m.InviteId)
|
||||
i = encodeVarintAclrecord(dAtA, i, uint64(len(m.InviteId)))
|
||||
i--
|
||||
dAtA[i] = 0x2a
|
||||
}
|
||||
if m.Permissions != 0 {
|
||||
i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions))
|
||||
i--
|
||||
@ -1661,12 +1646,10 @@ func (m *ACLUserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
||||
dAtA[i] = 0x1a
|
||||
}
|
||||
}
|
||||
if len(m.EncryptPublicKey) > 0 {
|
||||
i -= len(m.EncryptPublicKey)
|
||||
copy(dAtA[i:], m.EncryptPublicKey)
|
||||
i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptPublicKey)))
|
||||
if m.EncryptSymKeyHash != 0 {
|
||||
i = encodeVarintAclrecord(dAtA, i, uint64(m.EncryptSymKeyHash))
|
||||
i--
|
||||
dAtA[i] = 0x12
|
||||
dAtA[i] = 0x10
|
||||
}
|
||||
if len(m.AcceptPublicKey) > 0 {
|
||||
i -= len(m.AcceptPublicKey)
|
||||
@ -1707,10 +1690,10 @@ func (m *ACLUserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
||||
dAtA[i] = 0x2a
|
||||
}
|
||||
}
|
||||
if len(m.InviteId) > 0 {
|
||||
i -= len(m.InviteId)
|
||||
copy(dAtA[i:], m.InviteId)
|
||||
i = encodeVarintAclrecord(dAtA, i, uint64(len(m.InviteId)))
|
||||
if len(m.AcceptPubKey) > 0 {
|
||||
i -= len(m.AcceptPubKey)
|
||||
copy(dAtA[i:], m.AcceptPubKey)
|
||||
i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptPubKey)))
|
||||
i--
|
||||
dAtA[i] = 0x22
|
||||
}
|
||||
@ -2146,9 +2129,8 @@ func (m *ACLUserInvite) Size() (n int) {
|
||||
if l > 0 {
|
||||
n += 1 + l + sovAclrecord(uint64(l))
|
||||
}
|
||||
l = len(m.EncryptPublicKey)
|
||||
if l > 0 {
|
||||
n += 1 + l + sovAclrecord(uint64(l))
|
||||
if m.EncryptSymKeyHash != 0 {
|
||||
n += 1 + sovAclrecord(uint64(m.EncryptSymKeyHash))
|
||||
}
|
||||
if len(m.EncryptedReadKeys) > 0 {
|
||||
for _, b := range m.EncryptedReadKeys {
|
||||
@ -2159,10 +2141,6 @@ func (m *ACLUserInvite) Size() (n int) {
|
||||
if m.Permissions != 0 {
|
||||
n += 1 + sovAclrecord(uint64(m.Permissions))
|
||||
}
|
||||
l = len(m.InviteId)
|
||||
if l > 0 {
|
||||
n += 1 + l + sovAclrecord(uint64(l))
|
||||
}
|
||||
return n
|
||||
}
|
||||
|
||||
@ -2184,7 +2162,7 @@ func (m *ACLUserJoin) Size() (n int) {
|
||||
if l > 0 {
|
||||
n += 1 + l + sovAclrecord(uint64(l))
|
||||
}
|
||||
l = len(m.InviteId)
|
||||
l = len(m.AcceptPubKey)
|
||||
if l > 0 {
|
||||
n += 1 + l + sovAclrecord(uint64(l))
|
||||
}
|
||||
@ -3903,10 +3881,10 @@ func (m *ACLUserInvite) Unmarshal(dAtA []byte) error {
|
||||
}
|
||||
iNdEx = postIndex
|
||||
case 2:
|
||||
if wireType != 2 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field EncryptPublicKey", wireType)
|
||||
if wireType != 0 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field EncryptSymKeyHash", wireType)
|
||||
}
|
||||
var byteLen int
|
||||
m.EncryptSymKeyHash = 0
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowAclrecord
|
||||
@ -3916,26 +3894,11 @@ func (m *ACLUserInvite) Unmarshal(dAtA []byte) error {
|
||||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
byteLen |= int(b&0x7F) << shift
|
||||
m.EncryptSymKeyHash |= uint64(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
if byteLen < 0 {
|
||||
return ErrInvalidLengthAclrecord
|
||||
}
|
||||
postIndex := iNdEx + byteLen
|
||||
if postIndex < 0 {
|
||||
return ErrInvalidLengthAclrecord
|
||||
}
|
||||
if postIndex > l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
m.EncryptPublicKey = append(m.EncryptPublicKey[:0], dAtA[iNdEx:postIndex]...)
|
||||
if m.EncryptPublicKey == nil {
|
||||
m.EncryptPublicKey = []byte{}
|
||||
}
|
||||
iNdEx = postIndex
|
||||
case 3:
|
||||
if wireType != 2 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType)
|
||||
@ -3987,38 +3950,6 @@ func (m *ACLUserInvite) Unmarshal(dAtA []byte) error {
|
||||
break
|
||||
}
|
||||
}
|
||||
case 5:
|
||||
if wireType != 2 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field InviteId", wireType)
|
||||
}
|
||||
var stringLen uint64
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowAclrecord
|
||||
}
|
||||
if iNdEx >= l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
stringLen |= uint64(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
intStringLen := int(stringLen)
|
||||
if intStringLen < 0 {
|
||||
return ErrInvalidLengthAclrecord
|
||||
}
|
||||
postIndex := iNdEx + intStringLen
|
||||
if postIndex < 0 {
|
||||
return ErrInvalidLengthAclrecord
|
||||
}
|
||||
if postIndex > l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
m.InviteId = string(dAtA[iNdEx:postIndex])
|
||||
iNdEx = postIndex
|
||||
default:
|
||||
iNdEx = preIndex
|
||||
skippy, err := skipAclrecord(dAtA[iNdEx:])
|
||||
@ -4173,9 +4104,9 @@ func (m *ACLUserJoin) Unmarshal(dAtA []byte) error {
|
||||
iNdEx = postIndex
|
||||
case 4:
|
||||
if wireType != 2 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field InviteId", wireType)
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field AcceptPubKey", wireType)
|
||||
}
|
||||
var stringLen uint64
|
||||
var byteLen int
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowAclrecord
|
||||
@ -4185,23 +4116,25 @@ func (m *ACLUserJoin) Unmarshal(dAtA []byte) error {
|
||||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
stringLen |= uint64(b&0x7F) << shift
|
||||
byteLen |= int(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
intStringLen := int(stringLen)
|
||||
if intStringLen < 0 {
|
||||
if byteLen < 0 {
|
||||
return ErrInvalidLengthAclrecord
|
||||
}
|
||||
postIndex := iNdEx + intStringLen
|
||||
postIndex := iNdEx + byteLen
|
||||
if postIndex < 0 {
|
||||
return ErrInvalidLengthAclrecord
|
||||
}
|
||||
if postIndex > l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
m.InviteId = string(dAtA[iNdEx:postIndex])
|
||||
m.AcceptPubKey = append(m.AcceptPubKey[:0], dAtA[iNdEx:postIndex]...)
|
||||
if m.AcceptPubKey == nil {
|
||||
m.AcceptPubKey = []byte{}
|
||||
}
|
||||
iNdEx = postIndex
|
||||
case 5:
|
||||
if wireType != 2 {
|
||||
|
||||
@ -63,25 +63,18 @@ message ACLUserAdd {
|
||||
ACLUserPermissions permissions = 4;
|
||||
}
|
||||
|
||||
// accept key, encrypt key, invite id
|
||||
// GetSpace(id) -> ... (space header + acl root) -> diff
|
||||
// Join(ACLJoinRecord) -> Ok
|
||||
|
||||
message ACLUserInvite {
|
||||
bytes acceptPublicKey = 1;
|
||||
// TODO: change to read key
|
||||
bytes encryptPublicKey = 2;
|
||||
uint64 encryptSymKeyHash = 2;
|
||||
repeated bytes encryptedReadKeys = 3;
|
||||
ACLUserPermissions permissions = 4;
|
||||
// TODO: either derive inviteId from pub keys or think if it is possible to just use ACL record id
|
||||
string inviteId = 5;
|
||||
}
|
||||
|
||||
message ACLUserJoin {
|
||||
bytes identity = 1;
|
||||
bytes encryptionKey = 2;
|
||||
bytes acceptSignature = 3;
|
||||
string inviteId = 4;
|
||||
bytes acceptPubKey = 4;
|
||||
repeated bytes encryptedReadKeys = 5;
|
||||
}
|
||||
|
||||
|
||||
@ -4,6 +4,8 @@ import (
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/aclrecordproto"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/common"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/cid"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/asymmetric/signingkey"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/symmetric"
|
||||
"github.com/gogo/protobuf/proto"
|
||||
)
|
||||
|
||||
@ -23,6 +25,69 @@ func newACLRecordBuilder(id string, keychain *common.Keychain) ACLRecordBuilder
|
||||
}
|
||||
}
|
||||
|
||||
func (a *aclRecordBuilder) BuildUserJoin(acceptPrivKeyBytes []byte, encSymKeyBytes []byte, state *ACLState) (rec *aclrecordproto.RawACLRecord, err error) {
|
||||
acceptPrivKey, err := signingkey.NewSigningEd25519PrivKeyFromBytes(acceptPrivKeyBytes)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
acceptPubKeyBytes, err := acceptPrivKey.GetPublic().Raw()
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
encSymKey, err := symmetric.DeriveFromBytes(encSymKeyBytes)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
invite, err := state.Invite(acceptPubKeyBytes)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
encPrivKey, signPrivKey := state.UserKeys()
|
||||
var symKeys [][]byte
|
||||
for _, rk := range invite.EncryptedReadKeys {
|
||||
dec, err := encSymKey.Decrypt(rk)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
newEnc, err := encPrivKey.GetPublic().Encrypt(dec)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
symKeys = append(symKeys, newEnc)
|
||||
}
|
||||
idSignature, err := acceptPrivKey.Sign(state.Identity())
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
encPubKeyBytes, err := encPrivKey.GetPublic().Raw()
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
userJoin := &aclrecordproto.ACLUserJoin{
|
||||
Identity: state.Identity(),
|
||||
EncryptionKey: encPubKeyBytes,
|
||||
AcceptSignature: idSignature,
|
||||
AcceptPubKey: acceptPubKeyBytes,
|
||||
EncryptedReadKeys: symKeys,
|
||||
}
|
||||
marshalledJoin, err := userJoin.Marshal()
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
joinSignature, err := signPrivKey.Sign(marshalledJoin)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
rec = &aclrecordproto.RawACLRecord{
|
||||
Payload: marshalledJoin,
|
||||
Signature: joinSignature,
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (a *aclRecordBuilder) ConvertFromRaw(rawIdRecord *aclrecordproto.RawACLRecordWithId) (rec *ACLRecord, err error) {
|
||||
rawRec := &aclrecordproto.RawACLRecord{}
|
||||
err = proto.Unmarshal(rawIdRecord.Payload, rawRec)
|
||||
|
||||
@ -7,6 +7,7 @@ import (
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/app/logger"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/aclrecordproto"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/common"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/asymmetric/encryptionkey"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/asymmetric/signingkey"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/symmetric"
|
||||
@ -23,6 +24,8 @@ var ErrUserRemoved = errors.New("user was removed from the document")
|
||||
var ErrDocumentForbidden = errors.New("your user was forbidden access to the document")
|
||||
var ErrUserAlreadyExists = errors.New("user already exists")
|
||||
var ErrNoSuchRecord = errors.New("no such record")
|
||||
var ErrNoSuchInvite = errors.New("no such invite")
|
||||
var ErrOldInvite = errors.New("invite is too old")
|
||||
var ErrInsufficientPermissions = errors.New("insufficient permissions")
|
||||
var ErrNoReadKey = errors.New("acl state doesn't have a read key")
|
||||
var ErrInvalidSignature = errors.New("signature is invalid")
|
||||
@ -41,6 +44,7 @@ type ACLState struct {
|
||||
userInvites map[string]*aclrecordproto.ACLUserInvite
|
||||
encryptionKey encryptionkey.PrivKey
|
||||
signingKey signingkey.PrivKey
|
||||
totalReadKeys int
|
||||
|
||||
identity string
|
||||
permissionsAtRecord map[string][]UserPermissionPair
|
||||
@ -199,6 +203,8 @@ func (st *ACLState) saveReadKeyFromRoot(root *aclrecordproto.ACLRoot) (err error
|
||||
}
|
||||
st.currentReadKeyHash = root.CurrentReadKeyHash
|
||||
st.userReadKeys[root.CurrentReadKeyHash] = readKey
|
||||
st.totalReadKeys++
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
@ -207,7 +213,10 @@ func (st *ACLState) applyChangeData(changeData *aclrecordproto.ACLData, hash uin
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
st.currentReadKeyHash = hash
|
||||
if hash != st.currentReadKeyHash {
|
||||
st.totalReadKeys++
|
||||
st.currentReadKeyHash = hash
|
||||
}
|
||||
}()
|
||||
|
||||
if !st.isUserJoin(changeData) {
|
||||
@ -262,14 +271,14 @@ func (st *ACLState) applyUserPermissionChange(ch *aclrecordproto.ACLUserPermissi
|
||||
}
|
||||
|
||||
func (st *ACLState) applyUserInvite(ch *aclrecordproto.ACLUserInvite) error {
|
||||
st.userInvites[ch.InviteId] = ch
|
||||
st.userInvites[string(ch.AcceptPublicKey)] = ch
|
||||
return nil
|
||||
}
|
||||
|
||||
func (st *ACLState) applyUserJoin(ch *aclrecordproto.ACLUserJoin) error {
|
||||
invite, exists := st.userInvites[ch.InviteId]
|
||||
invite, exists := st.userInvites[string(ch.AcceptPubKey)]
|
||||
if !exists {
|
||||
return fmt.Errorf("no such invite with id %s", ch.InviteId)
|
||||
return fmt.Errorf("no such invite with such public key %s", keys.EncodeBytesToString(ch.AcceptPubKey))
|
||||
}
|
||||
chIdentity := string(ch.Identity)
|
||||
|
||||
@ -284,7 +293,7 @@ func (st *ACLState) applyUserJoin(ch *aclrecordproto.ACLUserJoin) error {
|
||||
return fmt.Errorf("public key verifying invite accepts is given in incorrect format: %v", err)
|
||||
}
|
||||
|
||||
res, err := verificationKey.(signingkey.PubKey).Verify(ch.Identity, signature)
|
||||
res, err := verificationKey.Verify(ch.Identity, signature)
|
||||
if err != nil {
|
||||
return fmt.Errorf("verification returned error: %w", err)
|
||||
}
|
||||
@ -361,8 +370,8 @@ func (st *ACLState) applyUserRemove(ch *aclrecordproto.ACLUserRemove) error {
|
||||
return ErrFailedToDecrypt
|
||||
}
|
||||
|
||||
st.currentReadKeyHash = hash
|
||||
st.userReadKeys[st.currentReadKeyHash] = key
|
||||
st.userReadKeys[hash] = key
|
||||
break
|
||||
}
|
||||
}
|
||||
return nil
|
||||
@ -404,6 +413,26 @@ func (st *ACLState) isUserAdd(data *aclrecordproto.ACLData, identity []byte) boo
|
||||
return data.GetAclContent() != nil && userAdd != nil && bytes.Compare(userAdd.GetIdentity(), identity) == 0
|
||||
}
|
||||
|
||||
func (st *ACLState) GetUserStates() map[string]*aclrecordproto.ACLUserState {
|
||||
func (st *ACLState) UserStates() map[string]*aclrecordproto.ACLUserState {
|
||||
return st.userStates
|
||||
}
|
||||
|
||||
func (st *ACLState) Invite(acceptPubKey []byte) (invite *aclrecordproto.ACLUserInvite, err error) {
|
||||
invite, exists := st.userInvites[string(acceptPubKey)]
|
||||
if !exists {
|
||||
err = ErrNoSuchInvite
|
||||
return
|
||||
}
|
||||
if len(invite.EncryptedReadKeys) != st.totalReadKeys {
|
||||
err = ErrOldInvite
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (st *ACLState) UserKeys() (encKey encryptionkey.PrivKey, signKey signingkey.PrivKey) {
|
||||
return st.encryptionKey, st.signingKey
|
||||
}
|
||||
|
||||
func (st *ACLState) Identity() []byte {
|
||||
return []byte(st.identity)
|
||||
}
|
||||
|
||||
@ -22,9 +22,9 @@ func TestAclList_ACLState_UserInviteAndJoin(t *testing.T) {
|
||||
idC := keychain.GetIdentity("C")
|
||||
|
||||
// checking final state
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Admin, aclList.ACLState().GetUserStates()[idA].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Writer, aclList.ACLState().GetUserStates()[idB].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Reader, aclList.ACLState().GetUserStates()[idC].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Admin, aclList.ACLState().UserStates()[idA].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Writer, aclList.ACLState().UserStates()[idB].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Reader, aclList.ACLState().UserStates()[idC].Permissions)
|
||||
assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.ACLState().CurrentReadKeyHash())
|
||||
|
||||
var records []*ACLRecord
|
||||
@ -61,11 +61,11 @@ func TestAclList_ACLState_UserJoinAndRemove(t *testing.T) {
|
||||
idC := keychain.GetIdentity("C")
|
||||
|
||||
// checking final state
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Admin, aclList.ACLState().GetUserStates()[idA].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Reader, aclList.ACLState().GetUserStates()[idC].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Admin, aclList.ACLState().UserStates()[idA].Permissions)
|
||||
assert.Equal(t, aclrecordproto.ACLUserPermissions_Reader, aclList.ACLState().UserStates()[idC].Permissions)
|
||||
assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.ACLState().CurrentReadKeyHash())
|
||||
|
||||
_, exists := aclList.ACLState().GetUserStates()[idB]
|
||||
_, exists := aclList.ACLState().UserStates()[idB]
|
||||
assert.Equal(t, false, exists)
|
||||
|
||||
var records []*ACLRecord
|
||||
|
||||
@ -9,6 +9,7 @@ import (
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/cid"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/asymmetric/encryptionkey"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/asymmetric/signingkey"
|
||||
"github.com/anytypeio/go-anytype-infrastructure-experiments/common/util/keys/symmetric"
|
||||
"hash/fnv"
|
||||
"io/ioutil"
|
||||
"path"
|
||||
@ -183,7 +184,7 @@ func (t *ACLListStorageBuilder) parseACLChange(ch *ACLChange) (convCh *aclrecord
|
||||
UserAdd: &aclrecordproto2.ACLUserAdd{
|
||||
Identity: []byte(t.keychain.GetIdentity(add.Identity)),
|
||||
EncryptionKey: rawKey,
|
||||
EncryptedReadKeys: t.encryptReadKeys(add.EncryptedReadKeys, encKey),
|
||||
EncryptedReadKeys: t.encryptReadKeysWithPubKey(add.EncryptedReadKeys, encKey),
|
||||
Permissions: t.convertPermission(add.Permission),
|
||||
},
|
||||
},
|
||||
@ -191,16 +192,16 @@ func (t *ACLListStorageBuilder) parseACLChange(ch *ACLChange) (convCh *aclrecord
|
||||
case ch.UserJoin != nil:
|
||||
join := ch.UserJoin
|
||||
|
||||
encKey := t.keychain.
|
||||
GetKey(join.EncryptionKey).(encryptionkey.PrivKey)
|
||||
encKey := t.keychain.GetKey(join.EncryptionKey).(encryptionkey.PrivKey)
|
||||
rawKey, _ := encKey.GetPublic().Raw()
|
||||
|
||||
idKey, _ := t.keychain.SigningKeysByYAMLIdentity[join.Identity].GetPublic().Raw()
|
||||
signKey := t.keychain.GetKey(join.AcceptSignature).(signingkey.PrivKey)
|
||||
signKey := t.keychain.GetKey(join.AcceptKey).(signingkey.PrivKey)
|
||||
signature, err := signKey.Sign(idKey)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
acceptPubKey, _ := signKey.GetPublic().Raw()
|
||||
|
||||
convCh = &aclrecordproto2.ACLContentValue{
|
||||
Value: &aclrecordproto2.ACLContentValue_UserJoin{
|
||||
@ -208,26 +209,24 @@ func (t *ACLListStorageBuilder) parseACLChange(ch *ACLChange) (convCh *aclrecord
|
||||
Identity: []byte(t.keychain.GetIdentity(join.Identity)),
|
||||
EncryptionKey: rawKey,
|
||||
AcceptSignature: signature,
|
||||
InviteId: join.InviteId,
|
||||
EncryptedReadKeys: t.encryptReadKeys(join.EncryptedReadKeys, encKey),
|
||||
AcceptPubKey: acceptPubKey,
|
||||
EncryptedReadKeys: t.encryptReadKeysWithPubKey(join.EncryptedReadKeys, encKey),
|
||||
},
|
||||
},
|
||||
}
|
||||
case ch.UserInvite != nil:
|
||||
invite := ch.UserInvite
|
||||
rawAcceptKey, _ := t.keychain.GetKey(invite.AcceptKey).(signingkey.PrivKey).GetPublic().Raw()
|
||||
encKey := t.keychain.
|
||||
GetKey(invite.EncryptionKey).(encryptionkey.PrivKey)
|
||||
rawEncKey, _ := encKey.GetPublic().Raw()
|
||||
hash := t.keychain.GetKey(invite.EncryptionKey).(*SymKey).Hash
|
||||
encKey := t.keychain.ReadKeysByHash[hash]
|
||||
|
||||
convCh = &aclrecordproto2.ACLContentValue{
|
||||
Value: &aclrecordproto2.ACLContentValue_UserInvite{
|
||||
UserInvite: &aclrecordproto2.ACLUserInvite{
|
||||
AcceptPublicKey: rawAcceptKey,
|
||||
EncryptPublicKey: rawEncKey,
|
||||
EncryptedReadKeys: t.encryptReadKeys(invite.EncryptedReadKeys, encKey),
|
||||
EncryptSymKeyHash: hash,
|
||||
EncryptedReadKeys: t.encryptReadKeysWithSymKey(invite.EncryptedReadKeys, encKey.Key),
|
||||
Permissions: t.convertPermission(invite.Permissions),
|
||||
InviteId: invite.InviteId,
|
||||
},
|
||||
},
|
||||
}
|
||||
@ -278,7 +277,7 @@ func (t *ACLListStorageBuilder) parseACLChange(ch *ACLChange) (convCh *aclrecord
|
||||
return convCh
|
||||
}
|
||||
|
||||
func (t *ACLListStorageBuilder) encryptReadKeys(keys []string, encKey encryptionkey.PrivKey) (enc [][]byte) {
|
||||
func (t *ACLListStorageBuilder) encryptReadKeysWithPubKey(keys []string, encKey encryptionkey.PrivKey) (enc [][]byte) {
|
||||
for _, k := range keys {
|
||||
realKey := t.keychain.GetKey(k).(*SymKey).Key.Bytes()
|
||||
res, err := encKey.GetPublic().Encrypt(realKey)
|
||||
@ -291,6 +290,19 @@ func (t *ACLListStorageBuilder) encryptReadKeys(keys []string, encKey encryption
|
||||
return
|
||||
}
|
||||
|
||||
func (t *ACLListStorageBuilder) encryptReadKeysWithSymKey(keys []string, key *symmetric.Key) (enc [][]byte) {
|
||||
for _, k := range keys {
|
||||
realKey := t.keychain.GetKey(k).(*SymKey).Key.Bytes()
|
||||
res, err := key.Encrypt(realKey)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
enc = append(enc, res)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (t *ACLListStorageBuilder) convertPermission(perm string) aclrecordproto2.ACLUserPermissions {
|
||||
switch perm {
|
||||
case "admin":
|
||||
|
||||
@ -23,8 +23,7 @@ type ACLChange struct {
|
||||
UserJoin *struct {
|
||||
Identity string `yaml:"identity"`
|
||||
EncryptionKey string `yaml:"encryptionKey"`
|
||||
AcceptSignature string `yaml:"acceptSignature"`
|
||||
InviteId string `yaml:"inviteId"`
|
||||
AcceptKey string `yaml:"acceptKey"`
|
||||
EncryptedReadKeys []string `yaml:"encryptedReadKeys"`
|
||||
} `yaml:"userJoin"`
|
||||
|
||||
@ -33,7 +32,6 @@ type ACLChange struct {
|
||||
EncryptionKey string `yaml:"encryptionKey"`
|
||||
EncryptedReadKeys []string `yaml:"encryptedReadKeys"`
|
||||
Permissions string `yaml:"permissions"`
|
||||
InviteId string `yaml:"inviteId"`
|
||||
} `yaml:"userInvite"`
|
||||
|
||||
UserRemove *struct {
|
||||
|
||||
@ -6,10 +6,9 @@ records:
|
||||
aclChanges:
|
||||
- userInvite:
|
||||
acceptKey: key.Sign.Onetime1
|
||||
encryptionKey: key.Enc.Onetime1
|
||||
encryptionKey: key.Read.EncKey
|
||||
encryptedReadKeys: [key.Read.1]
|
||||
permissions: writer
|
||||
inviteId: A.1.2
|
||||
- userAdd:
|
||||
identity: C
|
||||
permission: reader
|
||||
@ -21,8 +20,7 @@ records:
|
||||
- userJoin:
|
||||
identity: B
|
||||
encryptionKey: key.Enc.B
|
||||
acceptSignature: key.Sign.Onetime1
|
||||
inviteId: A.1.2
|
||||
acceptKey: key.Sign.Onetime1
|
||||
encryptedReadKeys: [key.Read.1]
|
||||
readKey: key.Read.1
|
||||
keys:
|
||||
@ -48,3 +46,5 @@ keys:
|
||||
Read:
|
||||
- name: 1
|
||||
value: derived
|
||||
- name: EncKey
|
||||
value: generated
|
||||
|
||||
@ -6,10 +6,9 @@ records:
|
||||
aclChanges:
|
||||
- userInvite:
|
||||
acceptKey: key.Sign.Onetime1
|
||||
encryptionKey: key.Enc.Onetime1
|
||||
encryptionKey: key.Read.EncKey
|
||||
encryptedReadKeys: [key.Read.1]
|
||||
permissions: writer
|
||||
inviteId: A.1.2
|
||||
- userAdd:
|
||||
identity: C
|
||||
permission: reader
|
||||
@ -21,8 +20,7 @@ records:
|
||||
- userJoin:
|
||||
identity: B
|
||||
encryptionKey: key.Enc.B
|
||||
acceptSignature: key.Sign.Onetime1
|
||||
inviteId: A.1.2
|
||||
acceptKey: key.Sign.Onetime1
|
||||
encryptedReadKeys: [key.Read.1]
|
||||
readKey: key.Read.1
|
||||
- identity: A
|
||||
@ -57,3 +55,5 @@ keys:
|
||||
value: derived
|
||||
- name: 2
|
||||
value: generated
|
||||
- name: EncKey
|
||||
value: generated
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user