From 718a5b04dc5c84405a09b7ea493781d95c9cf385 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Wed, 21 Jun 2023 19:42:12 +0200 Subject: [PATCH 01/17] Update proto --- commonfile/fileproto/file_drpc.pb.go | 2 +- .../object/acl/aclrecordproto/aclrecord.pb.go | 4622 ++++++++--------- .../acl/aclrecordproto/protos/aclrecord.proto | 127 +- commonspace/object/acl/list/aclstate.go | 87 +- commonspace/object/acl/list/models.go | 28 +- commonspace/object/acl/list/validator.go | 5 + .../object/tree/objecttree/objecttree.go | 8 +- .../tree/objecttree/objecttreevalidator.go | 12 +- .../spacesyncproto/spacesync_drpc.pb.go | 6 +- .../coordinatorproto/coordinator_drpc.pb.go | 2 +- net/peer/peer.go | 14 +- .../testservice/testservice_drpc.pb.go | 6 +- 12 files changed, 2426 insertions(+), 2493 deletions(-) create mode 100644 commonspace/object/acl/list/validator.go diff --git a/commonfile/fileproto/file_drpc.pb.go b/commonfile/fileproto/file_drpc.pb.go index a03c22cd..2f9ee69d 100644 --- a/commonfile/fileproto/file_drpc.pb.go +++ b/commonfile/fileproto/file_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.33 +// protoc-gen-go-drpc version: v0.0.32 // source: commonfile/fileproto/protos/file.proto package fileproto diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index 6842e829..8d185378 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -22,24 +22,31 @@ var _ = math.Inf // proto package needs to be updated. const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package +// AclUserPermissions contains different possible user roles type AclUserPermissions int32 const ( - AclUserPermissions_Admin AclUserPermissions = 0 - AclUserPermissions_Writer AclUserPermissions = 1 - AclUserPermissions_Reader AclUserPermissions = 2 + AclUserPermissions_None AclUserPermissions = 0 + AclUserPermissions_Owner AclUserPermissions = 1 + AclUserPermissions_Admin AclUserPermissions = 2 + AclUserPermissions_Writer AclUserPermissions = 3 + AclUserPermissions_Reader AclUserPermissions = 4 ) var AclUserPermissions_name = map[int32]string{ - 0: "Admin", - 1: "Writer", - 2: "Reader", + 0: "None", + 1: "Owner", + 2: "Admin", + 3: "Writer", + 4: "Reader", } var AclUserPermissions_value = map[string]int32{ - "Admin": 0, - "Writer": 1, - "Reader": 2, + "None": 0, + "Owner": 1, + "Admin": 2, + "Writer": 3, + "Reader": 4, } func (x AclUserPermissions) String() string { @@ -50,6 +57,7 @@ func (AclUserPermissions) EnumDescriptor() ([]byte, []int) { return fileDescriptor_c8e9f754f34e929b, []int{0} } +// RawAclRecord is a proto message containing the acl payload in bytes, signature of the account who added it and signature of the acceptor type RawAclRecord struct { Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3" json:"payload,omitempty"` Signature []byte `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"` @@ -118,6 +126,7 @@ func (m *RawAclRecord) GetAcceptorSignature() []byte { return nil } +// RawAclRecordWithId is a raw record and the id for convenience type RawAclRecordWithId struct { Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3" json:"payload,omitempty"` Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` @@ -170,12 +179,12 @@ func (m *RawAclRecordWithId) GetId() string { return "" } +// AclRecord is a record containing the acl data type AclRecord struct { PrevId string `protobuf:"bytes,1,opt,name=prevId,proto3" json:"prevId,omitempty"` Identity []byte `protobuf:"bytes,2,opt,name=identity,proto3" json:"identity,omitempty"` Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` - ReadKeyId string `protobuf:"bytes,4,opt,name=readKeyId,proto3" json:"readKeyId,omitempty"` - Timestamp int64 `protobuf:"varint,5,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + Timestamp int64 `protobuf:"varint,4,opt,name=timestamp,proto3" json:"timestamp,omitempty"` } func (m *AclRecord) Reset() { *m = AclRecord{} } @@ -232,13 +241,6 @@ func (m *AclRecord) GetData() []byte { return nil } -func (m *AclRecord) GetReadKeyId() string { - if m != nil { - return m.ReadKeyId - } - return "" -} - func (m *AclRecord) GetTimestamp() int64 { if m != nil { return m.Timestamp @@ -246,6 +248,7 @@ func (m *AclRecord) GetTimestamp() int64 { return 0 } +// AclRoot is a root of access control list type AclRoot struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` MasterKey []byte `protobuf:"bytes,2,opt,name=masterKey,proto3" json:"masterKey,omitempty"` @@ -330,14 +333,478 @@ func (m *AclRoot) GetIdentitySignature() []byte { return nil } +// AclAccountInvite contains the public invite key, the private part of which is sent to the user directly +type AclAccountInvite struct { + InviteKey []byte `protobuf:"bytes,1,opt,name=inviteKey,proto3" json:"inviteKey,omitempty"` +} + +func (m *AclAccountInvite) Reset() { *m = AclAccountInvite{} } +func (m *AclAccountInvite) String() string { return proto.CompactTextString(m) } +func (*AclAccountInvite) ProtoMessage() {} +func (*AclAccountInvite) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{4} +} +func (m *AclAccountInvite) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountInvite) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountInvite.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountInvite) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountInvite.Merge(m, src) +} +func (m *AclAccountInvite) XXX_Size() int { + return m.Size() +} +func (m *AclAccountInvite) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountInvite.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountInvite proto.InternalMessageInfo + +func (m *AclAccountInvite) GetInviteKey() []byte { + if m != nil { + return m.InviteKey + } + return nil +} + +// AclAccountRequestJoin contains the reference to the invite record and the data of the person who wants to join, confirmed by the private invite key +type AclAccountRequestJoin struct { + InviteIdentity []byte `protobuf:"bytes,1,opt,name=inviteIdentity,proto3" json:"inviteIdentity,omitempty"` + InviteRecordId string `protobuf:"bytes,2,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"` + InviteIdentitySignature []byte `protobuf:"bytes,3,opt,name=inviteIdentitySignature,proto3" json:"inviteIdentitySignature,omitempty"` +} + +func (m *AclAccountRequestJoin) Reset() { *m = AclAccountRequestJoin{} } +func (m *AclAccountRequestJoin) String() string { return proto.CompactTextString(m) } +func (*AclAccountRequestJoin) ProtoMessage() {} +func (*AclAccountRequestJoin) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{5} +} +func (m *AclAccountRequestJoin) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountRequestJoin) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountRequestJoin.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountRequestJoin) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountRequestJoin.Merge(m, src) +} +func (m *AclAccountRequestJoin) XXX_Size() int { + return m.Size() +} +func (m *AclAccountRequestJoin) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountRequestJoin.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountRequestJoin proto.InternalMessageInfo + +func (m *AclAccountRequestJoin) GetInviteIdentity() []byte { + if m != nil { + return m.InviteIdentity + } + return nil +} + +func (m *AclAccountRequestJoin) GetInviteRecordId() string { + if m != nil { + return m.InviteRecordId + } + return "" +} + +func (m *AclAccountRequestJoin) GetInviteIdentitySignature() []byte { + if m != nil { + return m.InviteIdentitySignature + } + return nil +} + +// AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor +type AclAccountRequestAccept struct { + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + RequestRecordId string `protobuf:"bytes,2,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"` + EncryptedReadKeys []byte `protobuf:"bytes,3,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` +} + +func (m *AclAccountRequestAccept) Reset() { *m = AclAccountRequestAccept{} } +func (m *AclAccountRequestAccept) String() string { return proto.CompactTextString(m) } +func (*AclAccountRequestAccept) ProtoMessage() {} +func (*AclAccountRequestAccept) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{6} +} +func (m *AclAccountRequestAccept) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountRequestAccept) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountRequestAccept.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountRequestAccept) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountRequestAccept.Merge(m, src) +} +func (m *AclAccountRequestAccept) XXX_Size() int { + return m.Size() +} +func (m *AclAccountRequestAccept) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountRequestAccept.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountRequestAccept proto.InternalMessageInfo + +func (m *AclAccountRequestAccept) GetIdentity() []byte { + if m != nil { + return m.Identity + } + return nil +} + +func (m *AclAccountRequestAccept) GetRequestRecordId() string { + if m != nil { + return m.RequestRecordId + } + return "" +} + +func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []byte { + if m != nil { + return m.EncryptedReadKeys + } + return nil +} + +// AclAccountInviteRevoke revokes the invite record +type AclAccountInviteRevoke struct { + InviteRecordId string `protobuf:"bytes,1,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"` +} + +func (m *AclAccountInviteRevoke) Reset() { *m = AclAccountInviteRevoke{} } +func (m *AclAccountInviteRevoke) String() string { return proto.CompactTextString(m) } +func (*AclAccountInviteRevoke) ProtoMessage() {} +func (*AclAccountInviteRevoke) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{7} +} +func (m *AclAccountInviteRevoke) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountInviteRevoke) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountInviteRevoke.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountInviteRevoke) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountInviteRevoke.Merge(m, src) +} +func (m *AclAccountInviteRevoke) XXX_Size() int { + return m.Size() +} +func (m *AclAccountInviteRevoke) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountInviteRevoke.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountInviteRevoke proto.InternalMessageInfo + +func (m *AclAccountInviteRevoke) GetInviteRecordId() string { + if m != nil { + return m.InviteRecordId + } + return "" +} + +// AclReadKeys are all read keys in Acl +type AclReadKeys struct { + ReadKey [][]byte `protobuf:"bytes,1,rep,name=readKey,proto3" json:"readKey,omitempty"` +} + +func (m *AclReadKeys) Reset() { *m = AclReadKeys{} } +func (m *AclReadKeys) String() string { return proto.CompactTextString(m) } +func (*AclReadKeys) ProtoMessage() {} +func (*AclReadKeys) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{8} +} +func (m *AclReadKeys) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclReadKeys.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclReadKeys) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclReadKeys.Merge(m, src) +} +func (m *AclReadKeys) XXX_Size() int { + return m.Size() +} +func (m *AclReadKeys) XXX_DiscardUnknown() { + xxx_messageInfo_AclReadKeys.DiscardUnknown(m) +} + +var xxx_messageInfo_AclReadKeys proto.InternalMessageInfo + +func (m *AclReadKeys) GetReadKey() [][]byte { + if m != nil { + return m.ReadKey + } + return nil +} + +// AclEncryptedReadKeys are all keys for specific identity +type AclEncryptedReadKeys struct { + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + EncryptedReadKeys []byte `protobuf:"bytes,2,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` +} + +func (m *AclEncryptedReadKeys) Reset() { *m = AclEncryptedReadKeys{} } +func (m *AclEncryptedReadKeys) String() string { return proto.CompactTextString(m) } +func (*AclEncryptedReadKeys) ProtoMessage() {} +func (*AclEncryptedReadKeys) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{9} +} +func (m *AclEncryptedReadKeys) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclEncryptedReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclEncryptedReadKeys.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclEncryptedReadKeys) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclEncryptedReadKeys.Merge(m, src) +} +func (m *AclEncryptedReadKeys) XXX_Size() int { + return m.Size() +} +func (m *AclEncryptedReadKeys) XXX_DiscardUnknown() { + xxx_messageInfo_AclEncryptedReadKeys.DiscardUnknown(m) +} + +var xxx_messageInfo_AclEncryptedReadKeys proto.InternalMessageInfo + +func (m *AclEncryptedReadKeys) GetIdentity() []byte { + if m != nil { + return m.Identity + } + return nil +} + +func (m *AclEncryptedReadKeys) GetEncryptedReadKeys() []byte { + if m != nil { + return m.EncryptedReadKeys + } + return nil +} + +// AclAccountPermissionChange changes permissions of specific account +type AclAccountPermissionChange struct { + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,2,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` +} + +func (m *AclAccountPermissionChange) Reset() { *m = AclAccountPermissionChange{} } +func (m *AclAccountPermissionChange) String() string { return proto.CompactTextString(m) } +func (*AclAccountPermissionChange) ProtoMessage() {} +func (*AclAccountPermissionChange) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{10} +} +func (m *AclAccountPermissionChange) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountPermissionChange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountPermissionChange.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountPermissionChange) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountPermissionChange.Merge(m, src) +} +func (m *AclAccountPermissionChange) XXX_Size() int { + return m.Size() +} +func (m *AclAccountPermissionChange) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountPermissionChange.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountPermissionChange proto.InternalMessageInfo + +func (m *AclAccountPermissionChange) GetIdentity() []byte { + if m != nil { + return m.Identity + } + return nil +} + +func (m *AclAccountPermissionChange) GetPermissions() AclUserPermissions { + if m != nil { + return m.Permissions + } + return AclUserPermissions_None +} + +// AclReadKeyChange changes the key for a space +type AclReadKeyChange struct { + AccountKeys []*AclEncryptedReadKeys `protobuf:"bytes,1,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"` +} + +func (m *AclReadKeyChange) Reset() { *m = AclReadKeyChange{} } +func (m *AclReadKeyChange) String() string { return proto.CompactTextString(m) } +func (*AclReadKeyChange) ProtoMessage() {} +func (*AclReadKeyChange) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{11} +} +func (m *AclReadKeyChange) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclReadKeyChange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclReadKeyChange.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclReadKeyChange) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclReadKeyChange.Merge(m, src) +} +func (m *AclReadKeyChange) XXX_Size() int { + return m.Size() +} +func (m *AclReadKeyChange) XXX_DiscardUnknown() { + xxx_messageInfo_AclReadKeyChange.DiscardUnknown(m) +} + +var xxx_messageInfo_AclReadKeyChange proto.InternalMessageInfo + +func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKeys { + if m != nil { + return m.AccountKeys + } + return nil +} + +// AclAccountRemove removes an account and changes read key for space +type AclAccountRemove struct { + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + AccountKeys []*AclEncryptedReadKeys `protobuf:"bytes,2,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"` +} + +func (m *AclAccountRemove) Reset() { *m = AclAccountRemove{} } +func (m *AclAccountRemove) String() string { return proto.CompactTextString(m) } +func (*AclAccountRemove) ProtoMessage() {} +func (*AclAccountRemove) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{12} +} +func (m *AclAccountRemove) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountRemove) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountRemove.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountRemove) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountRemove.Merge(m, src) +} +func (m *AclAccountRemove) XXX_Size() int { + return m.Size() +} +func (m *AclAccountRemove) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountRemove.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountRemove proto.InternalMessageInfo + +func (m *AclAccountRemove) GetIdentity() []byte { + if m != nil { + return m.Identity + } + return nil +} + +func (m *AclAccountRemove) GetAccountKeys() []*AclEncryptedReadKeys { + if m != nil { + return m.AccountKeys + } + return nil +} + +// AclContentValue contains possible values for Acl type AclContentValue struct { // Types that are valid to be assigned to Value: // - // *AclContentValue_UserAdd - // *AclContentValue_UserRemove - // *AclContentValue_UserPermissionChange - // *AclContentValue_UserInvite - // *AclContentValue_UserJoin + // *AclContentValue_Invite + // *AclContentValue_InviteRevoke + // *AclContentValue_RequestJoin + // *AclContentValue_RequestAccept + // *AclContentValue_PermissionChange + // *AclContentValue_AccountRemove + // *AclContentValue_ReadKeyChange Value isAclContentValue_Value `protobuf_oneof:"value"` } @@ -345,7 +812,7 @@ func (m *AclContentValue) Reset() { *m = AclContentValue{} } func (m *AclContentValue) String() string { return proto.CompactTextString(m) } func (*AclContentValue) ProtoMessage() {} func (*AclContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{4} + return fileDescriptor_c8e9f754f34e929b, []int{13} } func (m *AclContentValue) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -380,27 +847,35 @@ type isAclContentValue_Value interface { Size() int } -type AclContentValue_UserAdd struct { - UserAdd *AclUserAdd `protobuf:"bytes,1,opt,name=userAdd,proto3,oneof" json:"userAdd,omitempty"` +type AclContentValue_Invite struct { + Invite *AclAccountInvite `protobuf:"bytes,1,opt,name=invite,proto3,oneof" json:"invite,omitempty"` } -type AclContentValue_UserRemove struct { - UserRemove *AclUserRemove `protobuf:"bytes,2,opt,name=userRemove,proto3,oneof" json:"userRemove,omitempty"` +type AclContentValue_InviteRevoke struct { + InviteRevoke *AclAccountInviteRevoke `protobuf:"bytes,2,opt,name=inviteRevoke,proto3,oneof" json:"inviteRevoke,omitempty"` } -type AclContentValue_UserPermissionChange struct { - UserPermissionChange *AclUserPermissionChange `protobuf:"bytes,3,opt,name=userPermissionChange,proto3,oneof" json:"userPermissionChange,omitempty"` +type AclContentValue_RequestJoin struct { + RequestJoin *AclAccountRequestJoin `protobuf:"bytes,3,opt,name=requestJoin,proto3,oneof" json:"requestJoin,omitempty"` } -type AclContentValue_UserInvite struct { - UserInvite *AclUserInvite `protobuf:"bytes,4,opt,name=userInvite,proto3,oneof" json:"userInvite,omitempty"` +type AclContentValue_RequestAccept struct { + RequestAccept *AclAccountRequestAccept `protobuf:"bytes,4,opt,name=requestAccept,proto3,oneof" json:"requestAccept,omitempty"` } -type AclContentValue_UserJoin struct { - UserJoin *AclUserJoin `protobuf:"bytes,5,opt,name=userJoin,proto3,oneof" json:"userJoin,omitempty"` +type AclContentValue_PermissionChange struct { + PermissionChange *AclAccountPermissionChange `protobuf:"bytes,5,opt,name=permissionChange,proto3,oneof" json:"permissionChange,omitempty"` +} +type AclContentValue_AccountRemove struct { + AccountRemove *AclAccountRemove `protobuf:"bytes,6,opt,name=accountRemove,proto3,oneof" json:"accountRemove,omitempty"` +} +type AclContentValue_ReadKeyChange struct { + ReadKeyChange *AclReadKeyChange `protobuf:"bytes,7,opt,name=readKeyChange,proto3,oneof" json:"readKeyChange,omitempty"` } -func (*AclContentValue_UserAdd) isAclContentValue_Value() {} -func (*AclContentValue_UserRemove) isAclContentValue_Value() {} -func (*AclContentValue_UserPermissionChange) isAclContentValue_Value() {} -func (*AclContentValue_UserInvite) isAclContentValue_Value() {} -func (*AclContentValue_UserJoin) isAclContentValue_Value() {} +func (*AclContentValue_Invite) isAclContentValue_Value() {} +func (*AclContentValue_InviteRevoke) isAclContentValue_Value() {} +func (*AclContentValue_RequestJoin) isAclContentValue_Value() {} +func (*AclContentValue_RequestAccept) isAclContentValue_Value() {} +func (*AclContentValue_PermissionChange) isAclContentValue_Value() {} +func (*AclContentValue_AccountRemove) isAclContentValue_Value() {} +func (*AclContentValue_ReadKeyChange) isAclContentValue_Value() {} func (m *AclContentValue) GetValue() isAclContentValue_Value { if m != nil { @@ -409,37 +884,51 @@ func (m *AclContentValue) GetValue() isAclContentValue_Value { return nil } -func (m *AclContentValue) GetUserAdd() *AclUserAdd { - if x, ok := m.GetValue().(*AclContentValue_UserAdd); ok { - return x.UserAdd +func (m *AclContentValue) GetInvite() *AclAccountInvite { + if x, ok := m.GetValue().(*AclContentValue_Invite); ok { + return x.Invite } return nil } -func (m *AclContentValue) GetUserRemove() *AclUserRemove { - if x, ok := m.GetValue().(*AclContentValue_UserRemove); ok { - return x.UserRemove +func (m *AclContentValue) GetInviteRevoke() *AclAccountInviteRevoke { + if x, ok := m.GetValue().(*AclContentValue_InviteRevoke); ok { + return x.InviteRevoke } return nil } -func (m *AclContentValue) GetUserPermissionChange() *AclUserPermissionChange { - if x, ok := m.GetValue().(*AclContentValue_UserPermissionChange); ok { - return x.UserPermissionChange +func (m *AclContentValue) GetRequestJoin() *AclAccountRequestJoin { + if x, ok := m.GetValue().(*AclContentValue_RequestJoin); ok { + return x.RequestJoin } return nil } -func (m *AclContentValue) GetUserInvite() *AclUserInvite { - if x, ok := m.GetValue().(*AclContentValue_UserInvite); ok { - return x.UserInvite +func (m *AclContentValue) GetRequestAccept() *AclAccountRequestAccept { + if x, ok := m.GetValue().(*AclContentValue_RequestAccept); ok { + return x.RequestAccept } return nil } -func (m *AclContentValue) GetUserJoin() *AclUserJoin { - if x, ok := m.GetValue().(*AclContentValue_UserJoin); ok { - return x.UserJoin +func (m *AclContentValue) GetPermissionChange() *AclAccountPermissionChange { + if x, ok := m.GetValue().(*AclContentValue_PermissionChange); ok { + return x.PermissionChange + } + return nil +} + +func (m *AclContentValue) GetAccountRemove() *AclAccountRemove { + if x, ok := m.GetValue().(*AclContentValue_AccountRemove); ok { + return x.AccountRemove + } + return nil +} + +func (m *AclContentValue) GetReadKeyChange() *AclReadKeyChange { + if x, ok := m.GetValue().(*AclContentValue_ReadKeyChange); ok { + return x.ReadKeyChange } return nil } @@ -447,14 +936,17 @@ func (m *AclContentValue) GetUserJoin() *AclUserJoin { // XXX_OneofWrappers is for the internal use of the proto package. func (*AclContentValue) XXX_OneofWrappers() []interface{} { return []interface{}{ - (*AclContentValue_UserAdd)(nil), - (*AclContentValue_UserRemove)(nil), - (*AclContentValue_UserPermissionChange)(nil), - (*AclContentValue_UserInvite)(nil), - (*AclContentValue_UserJoin)(nil), + (*AclContentValue_Invite)(nil), + (*AclContentValue_InviteRevoke)(nil), + (*AclContentValue_RequestJoin)(nil), + (*AclContentValue_RequestAccept)(nil), + (*AclContentValue_PermissionChange)(nil), + (*AclContentValue_AccountRemove)(nil), + (*AclContentValue_ReadKeyChange)(nil), } } +// AclData contains different acl content type AclData struct { AclContent []*AclContentValue `protobuf:"bytes,1,rep,name=aclContent,proto3" json:"aclContent,omitempty"` } @@ -463,7 +955,7 @@ func (m *AclData) Reset() { *m = AclData{} } func (m *AclData) String() string { return proto.CompactTextString(m) } func (*AclData) ProtoMessage() {} func (*AclData) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{5} + return fileDescriptor_c8e9f754f34e929b, []int{14} } func (m *AclData) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -499,462 +991,6 @@ func (m *AclData) GetAclContent() []*AclContentValue { return nil } -type AclState struct { - ReadKeyIds []string `protobuf:"bytes,1,rep,name=readKeyIds,proto3" json:"readKeyIds,omitempty"` - UserStates []*AclUserState `protobuf:"bytes,2,rep,name=userStates,proto3" json:"userStates,omitempty"` - Invites map[string]*AclUserInvite `protobuf:"bytes,3,rep,name=invites,proto3" json:"invites,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` -} - -func (m *AclState) Reset() { *m = AclState{} } -func (m *AclState) String() string { return proto.CompactTextString(m) } -func (*AclState) ProtoMessage() {} -func (*AclState) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{6} -} -func (m *AclState) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclState) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclState.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclState) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclState.Merge(m, src) -} -func (m *AclState) XXX_Size() int { - return m.Size() -} -func (m *AclState) XXX_DiscardUnknown() { - xxx_messageInfo_AclState.DiscardUnknown(m) -} - -var xxx_messageInfo_AclState proto.InternalMessageInfo - -func (m *AclState) GetReadKeyIds() []string { - if m != nil { - return m.ReadKeyIds - } - return nil -} - -func (m *AclState) GetUserStates() []*AclUserState { - if m != nil { - return m.UserStates - } - return nil -} - -func (m *AclState) GetInvites() map[string]*AclUserInvite { - if m != nil { - return m.Invites - } - return nil -} - -type AclUserState struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,2,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` -} - -func (m *AclUserState) Reset() { *m = AclUserState{} } -func (m *AclUserState) String() string { return proto.CompactTextString(m) } -func (*AclUserState) ProtoMessage() {} -func (*AclUserState) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{7} -} -func (m *AclUserState) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclUserState) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclUserState.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclUserState) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclUserState.Merge(m, src) -} -func (m *AclUserState) XXX_Size() int { - return m.Size() -} -func (m *AclUserState) XXX_DiscardUnknown() { - xxx_messageInfo_AclUserState.DiscardUnknown(m) -} - -var xxx_messageInfo_AclUserState proto.InternalMessageInfo - -func (m *AclUserState) GetIdentity() []byte { - if m != nil { - return m.Identity - } - return nil -} - -func (m *AclUserState) GetPermissions() AclUserPermissions { - if m != nil { - return m.Permissions - } - return AclUserPermissions_Admin -} - -type AclUserAdd struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,2,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` -} - -func (m *AclUserAdd) Reset() { *m = AclUserAdd{} } -func (m *AclUserAdd) String() string { return proto.CompactTextString(m) } -func (*AclUserAdd) ProtoMessage() {} -func (*AclUserAdd) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{8} -} -func (m *AclUserAdd) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclUserAdd) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclUserAdd.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclUserAdd) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclUserAdd.Merge(m, src) -} -func (m *AclUserAdd) XXX_Size() int { - return m.Size() -} -func (m *AclUserAdd) XXX_DiscardUnknown() { - xxx_messageInfo_AclUserAdd.DiscardUnknown(m) -} - -var xxx_messageInfo_AclUserAdd proto.InternalMessageInfo - -func (m *AclUserAdd) GetIdentity() []byte { - if m != nil { - return m.Identity - } - return nil -} - -func (m *AclUserAdd) GetEncryptedReadKeys() [][]byte { - if m != nil { - return m.EncryptedReadKeys - } - return nil -} - -func (m *AclUserAdd) GetPermissions() AclUserPermissions { - if m != nil { - return m.Permissions - } - return AclUserPermissions_Admin -} - -type AclUserInvite struct { - AcceptPublicKey []byte `protobuf:"bytes,1,opt,name=acceptPublicKey,proto3" json:"acceptPublicKey,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,2,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` -} - -func (m *AclUserInvite) Reset() { *m = AclUserInvite{} } -func (m *AclUserInvite) String() string { return proto.CompactTextString(m) } -func (*AclUserInvite) ProtoMessage() {} -func (*AclUserInvite) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{9} -} -func (m *AclUserInvite) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclUserInvite) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclUserInvite.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclUserInvite) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclUserInvite.Merge(m, src) -} -func (m *AclUserInvite) XXX_Size() int { - return m.Size() -} -func (m *AclUserInvite) XXX_DiscardUnknown() { - xxx_messageInfo_AclUserInvite.DiscardUnknown(m) -} - -var xxx_messageInfo_AclUserInvite proto.InternalMessageInfo - -func (m *AclUserInvite) GetAcceptPublicKey() []byte { - if m != nil { - return m.AcceptPublicKey - } - return nil -} - -func (m *AclUserInvite) GetEncryptedReadKeys() [][]byte { - if m != nil { - return m.EncryptedReadKeys - } - return nil -} - -func (m *AclUserInvite) GetPermissions() AclUserPermissions { - if m != nil { - return m.Permissions - } - return AclUserPermissions_Admin -} - -type AclUserJoin struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - AcceptSignature []byte `protobuf:"bytes,2,opt,name=acceptSignature,proto3" json:"acceptSignature,omitempty"` - AcceptPubKey []byte `protobuf:"bytes,3,opt,name=acceptPubKey,proto3" json:"acceptPubKey,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,4,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` -} - -func (m *AclUserJoin) Reset() { *m = AclUserJoin{} } -func (m *AclUserJoin) String() string { return proto.CompactTextString(m) } -func (*AclUserJoin) ProtoMessage() {} -func (*AclUserJoin) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{10} -} -func (m *AclUserJoin) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclUserJoin) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclUserJoin.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclUserJoin) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclUserJoin.Merge(m, src) -} -func (m *AclUserJoin) XXX_Size() int { - return m.Size() -} -func (m *AclUserJoin) XXX_DiscardUnknown() { - xxx_messageInfo_AclUserJoin.DiscardUnknown(m) -} - -var xxx_messageInfo_AclUserJoin proto.InternalMessageInfo - -func (m *AclUserJoin) GetIdentity() []byte { - if m != nil { - return m.Identity - } - return nil -} - -func (m *AclUserJoin) GetAcceptSignature() []byte { - if m != nil { - return m.AcceptSignature - } - return nil -} - -func (m *AclUserJoin) GetAcceptPubKey() []byte { - if m != nil { - return m.AcceptPubKey - } - return nil -} - -func (m *AclUserJoin) GetEncryptedReadKeys() [][]byte { - if m != nil { - return m.EncryptedReadKeys - } - return nil -} - -type AclUserRemove struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - ReadKeyReplaces []*AclReadKeyReplace `protobuf:"bytes,2,rep,name=readKeyReplaces,proto3" json:"readKeyReplaces,omitempty"` -} - -func (m *AclUserRemove) Reset() { *m = AclUserRemove{} } -func (m *AclUserRemove) String() string { return proto.CompactTextString(m) } -func (*AclUserRemove) ProtoMessage() {} -func (*AclUserRemove) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{11} -} -func (m *AclUserRemove) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclUserRemove) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclUserRemove.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclUserRemove) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclUserRemove.Merge(m, src) -} -func (m *AclUserRemove) XXX_Size() int { - return m.Size() -} -func (m *AclUserRemove) XXX_DiscardUnknown() { - xxx_messageInfo_AclUserRemove.DiscardUnknown(m) -} - -var xxx_messageInfo_AclUserRemove proto.InternalMessageInfo - -func (m *AclUserRemove) GetIdentity() []byte { - if m != nil { - return m.Identity - } - return nil -} - -func (m *AclUserRemove) GetReadKeyReplaces() []*AclReadKeyReplace { - if m != nil { - return m.ReadKeyReplaces - } - return nil -} - -type AclReadKeyReplace struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptedReadKey []byte `protobuf:"bytes,2,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` -} - -func (m *AclReadKeyReplace) Reset() { *m = AclReadKeyReplace{} } -func (m *AclReadKeyReplace) String() string { return proto.CompactTextString(m) } -func (*AclReadKeyReplace) ProtoMessage() {} -func (*AclReadKeyReplace) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{12} -} -func (m *AclReadKeyReplace) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclReadKeyReplace) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclReadKeyReplace.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclReadKeyReplace) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclReadKeyReplace.Merge(m, src) -} -func (m *AclReadKeyReplace) XXX_Size() int { - return m.Size() -} -func (m *AclReadKeyReplace) XXX_DiscardUnknown() { - xxx_messageInfo_AclReadKeyReplace.DiscardUnknown(m) -} - -var xxx_messageInfo_AclReadKeyReplace proto.InternalMessageInfo - -func (m *AclReadKeyReplace) GetIdentity() []byte { - if m != nil { - return m.Identity - } - return nil -} - -func (m *AclReadKeyReplace) GetEncryptedReadKey() []byte { - if m != nil { - return m.EncryptedReadKey - } - return nil -} - -type AclUserPermissionChange struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,2,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` -} - -func (m *AclUserPermissionChange) Reset() { *m = AclUserPermissionChange{} } -func (m *AclUserPermissionChange) String() string { return proto.CompactTextString(m) } -func (*AclUserPermissionChange) ProtoMessage() {} -func (*AclUserPermissionChange) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{13} -} -func (m *AclUserPermissionChange) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclUserPermissionChange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclUserPermissionChange.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclUserPermissionChange) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclUserPermissionChange.Merge(m, src) -} -func (m *AclUserPermissionChange) XXX_Size() int { - return m.Size() -} -func (m *AclUserPermissionChange) XXX_DiscardUnknown() { - xxx_messageInfo_AclUserPermissionChange.DiscardUnknown(m) -} - -var xxx_messageInfo_AclUserPermissionChange proto.InternalMessageInfo - -func (m *AclUserPermissionChange) GetIdentity() []byte { - if m != nil { - return m.Identity - } - return nil -} - -func (m *AclUserPermissionChange) GetPermissions() AclUserPermissions { - if m != nil { - return m.Permissions - } - return AclUserPermissions_Admin -} - type AclSyncMessage struct { Content *AclSyncContentValue `protobuf:"bytes,1,opt,name=content,proto3" json:"content,omitempty"` } @@ -963,7 +999,7 @@ func (m *AclSyncMessage) Reset() { *m = AclSyncMessage{} } func (m *AclSyncMessage) String() string { return proto.CompactTextString(m) } func (*AclSyncMessage) ProtoMessage() {} func (*AclSyncMessage) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{14} + return fileDescriptor_c8e9f754f34e929b, []int{15} } func (m *AclSyncMessage) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1011,7 +1047,7 @@ func (m *AclSyncContentValue) Reset() { *m = AclSyncContentValue{} } func (m *AclSyncContentValue) String() string { return proto.CompactTextString(m) } func (*AclSyncContentValue) ProtoMessage() {} func (*AclSyncContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{15} + return fileDescriptor_c8e9f754f34e929b, []int{16} } func (m *AclSyncContentValue) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1081,7 +1117,7 @@ func (m *AclAddRecords) Reset() { *m = AclAddRecords{} } func (m *AclAddRecords) String() string { return proto.CompactTextString(m) } func (*AclAddRecords) ProtoMessage() {} func (*AclAddRecords) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{16} + return fileDescriptor_c8e9f754f34e929b, []int{17} } func (m *AclAddRecords) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1123,17 +1159,17 @@ func init() { proto.RegisterType((*RawAclRecordWithId)(nil), "aclrecord.RawAclRecordWithId") proto.RegisterType((*AclRecord)(nil), "aclrecord.AclRecord") proto.RegisterType((*AclRoot)(nil), "aclrecord.AclRoot") + proto.RegisterType((*AclAccountInvite)(nil), "aclrecord.AclAccountInvite") + proto.RegisterType((*AclAccountRequestJoin)(nil), "aclrecord.AclAccountRequestJoin") + proto.RegisterType((*AclAccountRequestAccept)(nil), "aclrecord.AclAccountRequestAccept") + proto.RegisterType((*AclAccountInviteRevoke)(nil), "aclrecord.AclAccountInviteRevoke") + proto.RegisterType((*AclReadKeys)(nil), "aclrecord.AclReadKeys") + proto.RegisterType((*AclEncryptedReadKeys)(nil), "aclrecord.AclEncryptedReadKeys") + proto.RegisterType((*AclAccountPermissionChange)(nil), "aclrecord.AclAccountPermissionChange") + proto.RegisterType((*AclReadKeyChange)(nil), "aclrecord.AclReadKeyChange") + proto.RegisterType((*AclAccountRemove)(nil), "aclrecord.AclAccountRemove") proto.RegisterType((*AclContentValue)(nil), "aclrecord.AclContentValue") proto.RegisterType((*AclData)(nil), "aclrecord.AclData") - proto.RegisterType((*AclState)(nil), "aclrecord.AclState") - proto.RegisterMapType((map[string]*AclUserInvite)(nil), "aclrecord.AclState.InvitesEntry") - proto.RegisterType((*AclUserState)(nil), "aclrecord.AclUserState") - proto.RegisterType((*AclUserAdd)(nil), "aclrecord.AclUserAdd") - proto.RegisterType((*AclUserInvite)(nil), "aclrecord.AclUserInvite") - proto.RegisterType((*AclUserJoin)(nil), "aclrecord.AclUserJoin") - proto.RegisterType((*AclUserRemove)(nil), "aclrecord.AclUserRemove") - proto.RegisterType((*AclReadKeyReplace)(nil), "aclrecord.AclReadKeyReplace") - proto.RegisterType((*AclUserPermissionChange)(nil), "aclrecord.AclUserPermissionChange") proto.RegisterType((*AclSyncMessage)(nil), "aclrecord.AclSyncMessage") proto.RegisterType((*AclSyncContentValue)(nil), "aclrecord.AclSyncContentValue") proto.RegisterType((*AclAddRecords)(nil), "aclrecord.AclAddRecords") @@ -1144,65 +1180,64 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 914 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0x1b, 0x45, - 0x14, 0xf7, 0xd8, 0x49, 0x9c, 0x7d, 0x36, 0x89, 0x33, 0x40, 0xbb, 0x8a, 0x82, 0x15, 0xad, 0x84, - 0x14, 0x55, 0x55, 0x22, 0x0c, 0x52, 0xaa, 0x08, 0x51, 0xb9, 0xa5, 0xc8, 0x6e, 0x84, 0x54, 0x4d, - 0x80, 0xa2, 0x72, 0x9a, 0xcc, 0x8e, 0xd2, 0xa5, 0xeb, 0xdd, 0xd5, 0xcc, 0xd8, 0xc8, 0x9f, 0x02, - 0x6e, 0x5c, 0xb9, 0x20, 0xf1, 0x51, 0x38, 0xf6, 0x12, 0x89, 0x23, 0x4a, 0x3e, 0x03, 0x77, 0x34, - 0x33, 0xde, 0xff, 0xce, 0x0a, 0x0e, 0x70, 0x48, 0xbc, 0xf3, 0xde, 0x6f, 0x66, 0x7e, 0xef, 0xf7, - 0xfe, 0xec, 0xc2, 0xa7, 0x2c, 0x9e, 0xcd, 0xe2, 0x48, 0x26, 0x94, 0xf1, 0x93, 0xf8, 0xf2, 0x7b, - 0xce, 0xd4, 0x09, 0x65, 0xa1, 0xfe, 0x13, 0x9c, 0xc5, 0xc2, 0x4f, 0x44, 0xac, 0xe2, 0x13, 0xf3, - 0x5f, 0xe6, 0xd6, 0x63, 0x63, 0xc0, 0x4e, 0x66, 0xf0, 0x7e, 0x41, 0xd0, 0x27, 0xf4, 0x87, 0x31, - 0x0b, 0x89, 0x31, 0x60, 0x17, 0xba, 0x09, 0x5d, 0x86, 0x31, 0xf5, 0x5d, 0x74, 0x88, 0x8e, 0xfa, - 0x24, 0x5d, 0xe2, 0x03, 0x70, 0x64, 0x70, 0x15, 0x51, 0x35, 0x17, 0xdc, 0x6d, 0x1b, 0x5f, 0x6e, - 0xc0, 0x0f, 0x60, 0x40, 0x19, 0xe3, 0x89, 0x8a, 0xc5, 0xd4, 0xe7, 0x91, 0x0a, 0xd4, 0xd2, 0xed, - 0x18, 0x50, 0xcd, 0x8e, 0x1f, 0xc2, 0x5e, 0x6a, 0xbb, 0xc8, 0x4e, 0xdc, 0x30, 0xe0, 0xba, 0xc3, - 0xfb, 0x0c, 0x70, 0x91, 0xe1, 0xcb, 0x40, 0xbd, 0x9e, 0x36, 0xf1, 0xdc, 0x81, 0x76, 0xe0, 0x1b, - 0x82, 0x0e, 0x69, 0x07, 0xbe, 0xf7, 0x23, 0x02, 0x27, 0x8f, 0xef, 0x1e, 0x6c, 0x25, 0x82, 0x2f, - 0xa6, 0x76, 0x9b, 0x43, 0x56, 0x2b, 0xbc, 0x0f, 0xdb, 0x41, 0xca, 0xdb, 0x06, 0x97, 0xad, 0x31, - 0x86, 0x0d, 0x9f, 0x2a, 0xba, 0x8a, 0xc7, 0x3c, 0x6b, 0x35, 0x04, 0xa7, 0xfe, 0x39, 0x5f, 0x4e, - 0x7d, 0xc3, 0xdd, 0x21, 0xb9, 0x41, 0x7b, 0x55, 0x30, 0xe3, 0x52, 0xd1, 0x59, 0xe2, 0x6e, 0x1e, - 0xa2, 0xa3, 0x0e, 0xc9, 0x0d, 0xde, 0x35, 0x82, 0xae, 0x66, 0x14, 0xc7, 0xaa, 0x74, 0x2f, 0xaa, - 0xdc, 0x7b, 0x00, 0xce, 0x8c, 0x4a, 0xc5, 0xc5, 0x39, 0x4f, 0x49, 0xe5, 0x06, 0xad, 0x80, 0xc9, - 0xff, 0xd4, 0x37, 0xc4, 0x1c, 0x92, 0x2e, 0x75, 0x2e, 0x78, 0xc4, 0xc4, 0x32, 0x51, 0xdc, 0x27, - 0x96, 0xd3, 0x4a, 0xde, 0x9a, 0xbd, 0x99, 0xa9, 0xce, 0x54, 0xca, 0x26, 0xcf, 0xd4, 0x96, 0xcd, - 0x54, 0xcd, 0xe1, 0x5d, 0xb7, 0x61, 0x77, 0xcc, 0xc2, 0xa7, 0x71, 0xa4, 0x78, 0xa4, 0xbe, 0xa1, - 0xe1, 0x9c, 0xe3, 0x8f, 0xa0, 0x3b, 0x97, 0x5c, 0x8c, 0x7d, 0x2b, 0x78, 0x6f, 0xf4, 0xfe, 0x71, - 0x5e, 0x8e, 0x63, 0x16, 0x7e, 0x6d, 0x9d, 0x93, 0x16, 0x49, 0x71, 0xf8, 0x0c, 0x40, 0x3f, 0x12, - 0x3e, 0x8b, 0x17, 0xb6, 0xd2, 0x7a, 0x23, 0xb7, 0xbe, 0xcb, 0xfa, 0x27, 0x2d, 0x52, 0x40, 0xe3, - 0x6f, 0xe1, 0x3d, 0xbd, 0x7a, 0xc1, 0xc5, 0x2c, 0x90, 0x32, 0x88, 0xa3, 0xa7, 0xaf, 0x69, 0x74, - 0xc5, 0x8d, 0x42, 0xbd, 0x91, 0x57, 0x3f, 0xa5, 0x8a, 0x9c, 0xb4, 0xc8, 0xda, 0x13, 0x52, 0x56, - 0xd3, 0x68, 0x11, 0x28, 0x5b, 0xad, 0x6b, 0x59, 0x59, 0x7f, 0xca, 0xca, 0xae, 0xf0, 0x27, 0xb0, - 0xad, 0x57, 0xcf, 0xe3, 0x20, 0x32, 0x1a, 0xf7, 0x46, 0xf7, 0xea, 0x3b, 0xb5, 0x77, 0xd2, 0x22, - 0x19, 0xf2, 0x49, 0x17, 0x36, 0x17, 0x5a, 0x43, 0xef, 0x99, 0x29, 0x97, 0xcf, 0x75, 0xd9, 0x9d, - 0x01, 0xd0, 0x4c, 0x61, 0x17, 0x1d, 0x76, 0x8e, 0x7a, 0xa3, 0xfd, 0xf2, 0x59, 0x45, 0xf9, 0x49, - 0x01, 0xed, 0xfd, 0x85, 0x60, 0x7b, 0xcc, 0xc2, 0x0b, 0x45, 0x15, 0xc7, 0x43, 0x80, 0xac, 0x5c, - 0xa5, 0x39, 0xc8, 0x21, 0x05, 0x0b, 0x3e, 0xb5, 0xe1, 0x1a, 0xb0, 0x74, 0xdb, 0xe6, 0xa2, 0xfb, - 0x75, 0xd2, 0xc6, 0x4f, 0x0a, 0x50, 0x7c, 0x06, 0xdd, 0xc0, 0x44, 0x2d, 0xdd, 0x8e, 0xd9, 0x75, - 0x58, 0xde, 0x65, 0x60, 0xc7, 0x56, 0x18, 0xf9, 0x2c, 0x52, 0x62, 0x49, 0xd2, 0x0d, 0xfb, 0x5f, - 0x41, 0xbf, 0xe8, 0xc0, 0x03, 0xe8, 0xbc, 0xe1, 0xcb, 0x55, 0xa7, 0xea, 0x47, 0x7c, 0xbc, 0xd2, - 0xe4, 0xee, 0xb2, 0xb0, 0x07, 0x10, 0x0b, 0x3b, 0x6b, 0x3f, 0x42, 0xde, 0x1b, 0xe8, 0x17, 0xd9, - 0x36, 0xb6, 0xdc, 0x63, 0xe8, 0x25, 0x59, 0xe6, 0xa5, 0xb9, 0x65, 0x67, 0xf4, 0x41, 0x53, 0xd9, - 0x48, 0x52, 0xdc, 0xe1, 0xfd, 0x8c, 0x00, 0xf2, 0xb2, 0x6e, 0xbc, 0xeb, 0x21, 0xec, 0x55, 0xdb, - 0xd1, 0x2a, 0xdd, 0x27, 0x75, 0x47, 0x95, 0x59, 0xe7, 0x5f, 0x33, 0xfb, 0x0d, 0xc1, 0x3b, 0x25, - 0x8d, 0xf0, 0x11, 0xec, 0xda, 0x71, 0xfb, 0x62, 0x7e, 0x19, 0x06, 0xec, 0x9c, 0xa7, 0x1c, 0xab, - 0xe6, 0xff, 0x9b, 0xea, 0xaf, 0x08, 0x7a, 0x85, 0xae, 0x68, 0x54, 0x31, 0x0b, 0xe2, 0xa2, 0xf2, - 0x72, 0xaa, 0x9a, 0xb1, 0x07, 0xfd, 0x2c, 0x2e, 0x1d, 0xab, 0x1d, 0xe7, 0x25, 0xdb, 0xfa, 0x40, - 0x37, 0xee, 0x08, 0xd4, 0x93, 0x99, 0xa2, 0xab, 0xf1, 0xd3, 0x44, 0xf4, 0x0b, 0xd8, 0x5d, 0xf5, - 0x17, 0xe1, 0x49, 0x48, 0x59, 0xd6, 0x56, 0x07, 0x65, 0x65, 0x48, 0x09, 0x44, 0xaa, 0x9b, 0xbc, - 0xef, 0x60, 0xaf, 0x86, 0x6a, 0xbc, 0x78, 0xdd, 0xeb, 0xa0, 0xbd, 0xfe, 0x75, 0xe0, 0x2d, 0xe0, - 0xfe, 0x1d, 0x83, 0xf1, 0xbf, 0x6d, 0x9b, 0xe7, 0xb0, 0xa3, 0x67, 0xc3, 0x32, 0x62, 0x5f, 0x72, - 0x29, 0xe9, 0x15, 0xc7, 0x8f, 0xa0, 0xcb, 0xb2, 0x31, 0xa7, 0x7b, 0x7d, 0x58, 0x99, 0x23, 0xcb, - 0x88, 0x95, 0x46, 0x5d, 0x0a, 0xf7, 0x5e, 0xc1, 0xbb, 0x6b, 0xfc, 0x66, 0x74, 0xfa, 0xbe, 0xfd, - 0x0c, 0x90, 0xab, 0x33, 0x2b, 0xf3, 0x63, 0x9c, 0xf9, 0xf5, 0x00, 0xcf, 0xd1, 0xf9, 0x28, 0x9e, - 0x98, 0x8c, 0xe7, 0x38, 0x7c, 0x0a, 0x5d, 0x91, 0x1d, 0xa9, 0xb3, 0x59, 0x8c, 0xba, 0xfe, 0xdd, - 0x42, 0x52, 0xf4, 0x83, 0x53, 0xc0, 0x75, 0x51, 0xb0, 0x03, 0x9b, 0x63, 0x7f, 0x16, 0x44, 0x83, - 0x16, 0x06, 0xd8, 0x7a, 0x29, 0x02, 0xc5, 0xc5, 0x00, 0xe9, 0x67, 0x9d, 0x21, 0x2e, 0x06, 0xed, - 0x27, 0x8f, 0x7f, 0xbf, 0x19, 0xa2, 0xb7, 0x37, 0x43, 0xf4, 0xe7, 0xcd, 0x10, 0xfd, 0x74, 0x3b, - 0x6c, 0xbd, 0xbd, 0x1d, 0xb6, 0xfe, 0xb8, 0x1d, 0xb6, 0x5e, 0x7d, 0xf8, 0x8f, 0xbe, 0x0a, 0x2f, - 0xb7, 0xcc, 0xcf, 0xc7, 0x7f, 0x07, 0x00, 0x00, 0xff, 0xff, 0x2e, 0x3b, 0x3f, 0x0a, 0x45, 0x0a, - 0x00, 0x00, + // 912 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45, + 0x14, 0xde, 0x75, 0x1c, 0xbb, 0x3e, 0x9b, 0xa4, 0xcb, 0x00, 0xad, 0x15, 0x8a, 0x09, 0x23, 0x15, + 0xaa, 0x0a, 0x35, 0xc8, 0x08, 0x51, 0x21, 0x44, 0xd9, 0xa6, 0x15, 0x76, 0xf8, 0xd5, 0x44, 0xa5, + 0x52, 0xaf, 0x98, 0xce, 0x8e, 0xd2, 0x85, 0xdd, 0x9d, 0xcd, 0xec, 0xc4, 0x95, 0x9f, 0x01, 0x21, + 0xf1, 0x08, 0xf0, 0x36, 0x5c, 0xf6, 0x06, 0x89, 0x4b, 0x94, 0xbc, 0x08, 0x9a, 0x99, 0x5d, 0xef, + 0x9f, 0x63, 0x21, 0x2e, 0x12, 0xcf, 0x9c, 0xf9, 0xce, 0x77, 0xbe, 0xf3, 0x33, 0x63, 0xc3, 0x67, + 0x4c, 0x24, 0x89, 0x48, 0xf3, 0x8c, 0x32, 0x7e, 0x28, 0x9e, 0xff, 0xc4, 0x99, 0x3a, 0xa4, 0x2c, + 0xd6, 0x7f, 0x92, 0x33, 0x21, 0xc3, 0x4c, 0x0a, 0x25, 0x0e, 0xcd, 0xff, 0xbc, 0xb2, 0xde, 0x33, + 0x06, 0x34, 0x5a, 0x19, 0xf0, 0xef, 0x2e, 0xec, 0x10, 0xfa, 0x32, 0x60, 0x31, 0x31, 0x06, 0x34, + 0x86, 0x61, 0x46, 0x97, 0xb1, 0xa0, 0xe1, 0xd8, 0x3d, 0x70, 0xef, 0xec, 0x90, 0x72, 0x8b, 0x6e, + 0xc1, 0x28, 0x8f, 0x4e, 0x53, 0xaa, 0xce, 0x25, 0x1f, 0xf7, 0xcc, 0x59, 0x65, 0x40, 0x77, 0xc1, + 0xa7, 0x8c, 0xf1, 0x4c, 0x09, 0x39, 0x0f, 0x79, 0xaa, 0x22, 0xb5, 0x1c, 0x6f, 0x19, 0x50, 0xc7, + 0x8e, 0x3e, 0x80, 0xd7, 0x4a, 0xdb, 0xc9, 0x8a, 0xb1, 0x6f, 0xc0, 0xdd, 0x03, 0xfc, 0x39, 0xa0, + 0xba, 0xc2, 0xa7, 0x91, 0x7a, 0x31, 0xdf, 0xa4, 0x73, 0x0f, 0x7a, 0x51, 0x68, 0x04, 0x8e, 0x48, + 0x2f, 0x0a, 0xf1, 0x19, 0x8c, 0xaa, 0xf4, 0x6e, 0xc0, 0x20, 0x93, 0x7c, 0x31, 0xb7, 0x5e, 0x23, + 0x52, 0xec, 0xd0, 0x3e, 0x5c, 0x8b, 0x4a, 0xd9, 0x36, 0xb7, 0xd5, 0x1e, 0x21, 0xe8, 0x87, 0x54, + 0xd1, 0x22, 0x1d, 0xb3, 0xd6, 0xc5, 0x50, 0x51, 0xc2, 0x73, 0x45, 0x93, 0xcc, 0x48, 0xdf, 0x22, + 0x95, 0x01, 0xff, 0xe5, 0xc2, 0x50, 0xc7, 0x14, 0x42, 0x35, 0x98, 0xdd, 0x16, 0xf3, 0x2d, 0x18, + 0x25, 0x34, 0x57, 0x5c, 0x7e, 0xc5, 0xcb, 0xb0, 0x95, 0x41, 0xa7, 0x68, 0x1a, 0x3c, 0x0f, 0x4d, + 0xe8, 0x11, 0x29, 0xb7, 0xba, 0xd8, 0x3c, 0x65, 0x72, 0x99, 0x29, 0x1e, 0x12, 0x4e, 0x43, 0xed, + 0x6e, 0xeb, 0xd7, 0xb1, 0x37, 0x95, 0x6e, 0xb7, 0x94, 0xea, 0x56, 0x94, 0x6a, 0xaa, 0x56, 0x0c, + 0x6c, 0x2b, 0x3a, 0x07, 0xf8, 0x43, 0xf0, 0x03, 0x16, 0x07, 0x8c, 0x89, 0xf3, 0x54, 0xcd, 0xd3, + 0x45, 0xa4, 0xb8, 0xe6, 0x8f, 0xcc, 0x4a, 0x8b, 0xb0, 0x09, 0x56, 0x06, 0xfc, 0x87, 0x0b, 0x6f, + 0x56, 0x2e, 0x84, 0x9f, 0x9d, 0xf3, 0x5c, 0x1d, 0x8b, 0x28, 0x45, 0xef, 0xc1, 0x9e, 0x85, 0xcd, + 0x9b, 0xd5, 0x69, 0x59, 0x2b, 0x9c, 0xed, 0xe0, 0xbc, 0x6c, 0x6d, 0xcb, 0x8a, 0xee, 0xc3, 0xcd, + 0xa6, 0x67, 0x95, 0x8f, 0x6d, 0xdc, 0x55, 0xc7, 0xf8, 0x57, 0x17, 0x6e, 0x76, 0x34, 0x06, 0x66, + 0x0e, 0x37, 0x76, 0xef, 0x0e, 0x5c, 0x97, 0x16, 0xdc, 0x92, 0xd6, 0x36, 0xeb, 0x2a, 0xb7, 0xfb, + 0x92, 0x17, 0xaa, 0xba, 0x07, 0xf8, 0x0b, 0xb8, 0xd1, 0xae, 0x32, 0xe1, 0x0b, 0xf1, 0x33, 0x5f, + 0x53, 0x0b, 0x77, 0x5d, 0x2d, 0xf0, 0xfb, 0xe0, 0x99, 0x91, 0xb7, 0x84, 0x7a, 0x90, 0x64, 0x31, + 0x25, 0xee, 0xc1, 0x96, 0xbe, 0x2b, 0xc5, 0x16, 0xff, 0x08, 0x6f, 0x04, 0x2c, 0x7e, 0xdc, 0x96, + 0xb0, 0x31, 0xed, 0xb5, 0xc9, 0xf4, 0xae, 0x4a, 0x66, 0x09, 0xfb, 0x55, 0x32, 0xdf, 0x73, 0x99, + 0x44, 0x79, 0x1e, 0x89, 0xf4, 0xe8, 0x05, 0x4d, 0x4f, 0xf9, 0xc6, 0x38, 0x0f, 0xc0, 0xcb, 0x56, + 0x78, 0x1b, 0x61, 0x6f, 0xfa, 0xf6, 0xbd, 0xea, 0x31, 0x0b, 0x58, 0xfc, 0x24, 0xe7, 0xb2, 0x22, + 0xcd, 0x49, 0xdd, 0x03, 0x3f, 0x31, 0xd3, 0x5a, 0x28, 0x29, 0x02, 0x06, 0xe0, 0x51, 0xab, 0xc5, + 0xc8, 0xd6, 0xe5, 0xf0, 0xa6, 0xef, 0x34, 0x49, 0x3b, 0xe5, 0x20, 0x75, 0x1f, 0x7c, 0x56, 0xbf, + 0x04, 0x84, 0x27, 0x62, 0xb1, 0x39, 0x8f, 0x56, 0xc8, 0xde, 0xff, 0x08, 0xf9, 0x4b, 0x1f, 0xae, + 0x07, 0x2c, 0x3e, 0x12, 0xa9, 0xe2, 0xa9, 0xfa, 0x81, 0xc6, 0xe7, 0x1c, 0x7d, 0x0c, 0x03, 0xdb, + 0x75, 0x13, 0xd0, 0x9b, 0xbe, 0xd5, 0x64, 0x6c, 0x8c, 0xcf, 0xcc, 0x21, 0x05, 0x18, 0x7d, 0x09, + 0x3b, 0x51, 0x6d, 0xa4, 0x4c, 0x59, 0xbd, 0xe9, 0xbb, 0x1b, 0x9c, 0x2d, 0x70, 0xe6, 0x90, 0x86, + 0x23, 0x7a, 0x04, 0x9e, 0xac, 0xae, 0xb3, 0x99, 0x66, 0x6f, 0x7a, 0xb0, 0x96, 0xa7, 0x76, 0xed, + 0x67, 0x0e, 0xa9, 0xbb, 0xa1, 0x63, 0xd8, 0x95, 0xf5, 0x0b, 0x67, 0x9e, 0x31, 0x6f, 0x8a, 0x37, + 0xf1, 0x58, 0xe4, 0xcc, 0x21, 0x4d, 0x57, 0x74, 0x02, 0x7e, 0xd6, 0x1a, 0x30, 0xf3, 0xe0, 0x79, + 0xd3, 0xdb, 0x6b, 0xe9, 0xda, 0xd3, 0x38, 0x73, 0x48, 0x87, 0x00, 0x1d, 0xc1, 0x2e, 0xad, 0xb7, + 0xda, 0x3c, 0x8e, 0x57, 0x55, 0xdb, 0x42, 0xb4, 0xb2, 0x86, 0x8f, 0x26, 0x91, 0xf5, 0x31, 0x1c, + 0x0f, 0xd7, 0x91, 0x34, 0x26, 0xd5, 0xa6, 0x57, 0x33, 0x3c, 0x1c, 0xc2, 0xf6, 0x42, 0x77, 0x1e, + 0x3f, 0x36, 0x5f, 0x2e, 0x8f, 0xf4, 0xd7, 0xd0, 0xa7, 0x00, 0x74, 0x35, 0x17, 0xc5, 0x34, 0xef, + 0x37, 0x59, 0xeb, 0x43, 0x43, 0x6a, 0x68, 0x7c, 0x0c, 0x7b, 0x01, 0x8b, 0x4f, 0x96, 0x29, 0xfb, + 0x86, 0xe7, 0x39, 0x3d, 0xe5, 0xe8, 0x3e, 0x0c, 0xd9, 0x8a, 0x4a, 0x0b, 0x9c, 0x34, 0xa9, 0x34, + 0xb6, 0x41, 0x57, 0xc2, 0xf1, 0x33, 0x78, 0x7d, 0xcd, 0xb9, 0x91, 0x17, 0x86, 0xf6, 0x59, 0xca, + 0x0b, 0xce, 0x71, 0xab, 0x72, 0xab, 0xf3, 0x99, 0x43, 0x6a, 0xe8, 0x2a, 0xdd, 0x19, 0xec, 0x36, + 0x70, 0xe8, 0x13, 0xfd, 0x9c, 0x95, 0x94, 0x3a, 0xe3, 0xfa, 0xa3, 0xd0, 0xfd, 0xa9, 0x40, 0x4a, + 0xf4, 0xdd, 0xaf, 0x01, 0x75, 0xdf, 0x0c, 0x74, 0x0d, 0xfa, 0xdf, 0x8a, 0x94, 0xfb, 0x0e, 0x1a, + 0xc1, 0xf6, 0x77, 0x2f, 0x53, 0x2e, 0x7d, 0x57, 0x2f, 0x83, 0x30, 0x89, 0x52, 0xbf, 0x87, 0x00, + 0x06, 0x4f, 0x65, 0xa4, 0xb8, 0xf4, 0xb7, 0xf4, 0x5a, 0x77, 0x89, 0x4b, 0xbf, 0xff, 0xf0, 0xc1, + 0x9f, 0x17, 0x13, 0xf7, 0xd5, 0xc5, 0xc4, 0xfd, 0xe7, 0x62, 0xe2, 0xfe, 0x76, 0x39, 0x71, 0x5e, + 0x5d, 0x4e, 0x9c, 0xbf, 0x2f, 0x27, 0xce, 0xb3, 0xdb, 0xff, 0xe9, 0xd7, 0xd9, 0xf3, 0x81, 0xf9, + 0xf8, 0xe8, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x51, 0x62, 0x48, 0x8d, 0xcd, 0x09, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1316,14 +1351,7 @@ func (m *AclRecord) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Timestamp != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Timestamp)) i-- - dAtA[i] = 0x28 - } - if len(m.ReadKeyId) > 0 { - i -= len(m.ReadKeyId) - copy(dAtA[i:], m.ReadKeyId) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKeyId))) - i-- - dAtA[i] = 0x22 + dAtA[i] = 0x20 } if len(m.Data) > 0 { i -= len(m.Data) @@ -1412,6 +1440,339 @@ func (m *AclRoot) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } +func (m *AclAccountInvite) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountInvite) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.InviteKey) > 0 { + i -= len(m.InviteKey) + copy(dAtA[i:], m.InviteKey) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.InviteKey))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *AclAccountRequestJoin) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountRequestJoin) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountRequestJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.InviteIdentitySignature) > 0 { + i -= len(m.InviteIdentitySignature) + copy(dAtA[i:], m.InviteIdentitySignature) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.InviteIdentitySignature))) + i-- + dAtA[i] = 0x1a + } + if len(m.InviteRecordId) > 0 { + i -= len(m.InviteRecordId) + copy(dAtA[i:], m.InviteRecordId) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.InviteRecordId))) + i-- + dAtA[i] = 0x12 + } + if len(m.InviteIdentity) > 0 { + i -= len(m.InviteIdentity) + copy(dAtA[i:], m.InviteIdentity) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.InviteIdentity))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *AclAccountRequestAccept) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountRequestAccept) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountRequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.EncryptedReadKeys) > 0 { + i -= len(m.EncryptedReadKeys) + copy(dAtA[i:], m.EncryptedReadKeys) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys))) + i-- + dAtA[i] = 0x1a + } + if len(m.RequestRecordId) > 0 { + i -= len(m.RequestRecordId) + copy(dAtA[i:], m.RequestRecordId) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.RequestRecordId))) + i-- + dAtA[i] = 0x12 + } + if len(m.Identity) > 0 { + i -= len(m.Identity) + copy(dAtA[i:], m.Identity) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *AclAccountInviteRevoke) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountInviteRevoke) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountInviteRevoke) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.InviteRecordId) > 0 { + i -= len(m.InviteRecordId) + copy(dAtA[i:], m.InviteRecordId) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.InviteRecordId))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *AclReadKeys) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclReadKeys) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.ReadKey) > 0 { + for iNdEx := len(m.ReadKey) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.ReadKey[iNdEx]) + copy(dAtA[i:], m.ReadKey[iNdEx]) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKey[iNdEx]))) + i-- + dAtA[i] = 0xa + } + } + return len(dAtA) - i, nil +} + +func (m *AclEncryptedReadKeys) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclEncryptedReadKeys) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclEncryptedReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.EncryptedReadKeys) > 0 { + i -= len(m.EncryptedReadKeys) + copy(dAtA[i:], m.EncryptedReadKeys) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys))) + i-- + dAtA[i] = 0x12 + } + if len(m.Identity) > 0 { + i -= len(m.Identity) + copy(dAtA[i:], m.Identity) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *AclAccountPermissionChange) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountPermissionChange) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountPermissionChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.Permissions != 0 { + i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) + i-- + dAtA[i] = 0x10 + } + if len(m.Identity) > 0 { + i -= len(m.Identity) + copy(dAtA[i:], m.Identity) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *AclReadKeyChange) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclReadKeyChange) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclReadKeyChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.AccountKeys) > 0 { + for iNdEx := len(m.AccountKeys) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.AccountKeys[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintAclrecord(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0xa + } + } + return len(dAtA) - i, nil +} + +func (m *AclAccountRemove) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountRemove) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountRemove) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.AccountKeys) > 0 { + for iNdEx := len(m.AccountKeys) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.AccountKeys[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintAclrecord(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + } + if len(m.Identity) > 0 { + i -= len(m.Identity) + copy(dAtA[i:], m.Identity) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + func (m *AclContentValue) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -1444,16 +1805,16 @@ func (m *AclContentValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *AclContentValue_UserAdd) MarshalTo(dAtA []byte) (int, error) { +func (m *AclContentValue_Invite) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *AclContentValue_UserAdd) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *AclContentValue_Invite) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) - if m.UserAdd != nil { + if m.Invite != nil { { - size, err := m.UserAdd.MarshalToSizedBuffer(dAtA[:i]) + size, err := m.Invite.MarshalToSizedBuffer(dAtA[:i]) if err != nil { return 0, err } @@ -1465,16 +1826,16 @@ func (m *AclContentValue_UserAdd) MarshalToSizedBuffer(dAtA []byte) (int, error) } return len(dAtA) - i, nil } -func (m *AclContentValue_UserRemove) MarshalTo(dAtA []byte) (int, error) { +func (m *AclContentValue_InviteRevoke) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *AclContentValue_UserRemove) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *AclContentValue_InviteRevoke) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) - if m.UserRemove != nil { + if m.InviteRevoke != nil { { - size, err := m.UserRemove.MarshalToSizedBuffer(dAtA[:i]) + size, err := m.InviteRevoke.MarshalToSizedBuffer(dAtA[:i]) if err != nil { return 0, err } @@ -1486,16 +1847,16 @@ func (m *AclContentValue_UserRemove) MarshalToSizedBuffer(dAtA []byte) (int, err } return len(dAtA) - i, nil } -func (m *AclContentValue_UserPermissionChange) MarshalTo(dAtA []byte) (int, error) { +func (m *AclContentValue_RequestJoin) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *AclContentValue_UserPermissionChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *AclContentValue_RequestJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) - if m.UserPermissionChange != nil { + if m.RequestJoin != nil { { - size, err := m.UserPermissionChange.MarshalToSizedBuffer(dAtA[:i]) + size, err := m.RequestJoin.MarshalToSizedBuffer(dAtA[:i]) if err != nil { return 0, err } @@ -1507,16 +1868,16 @@ func (m *AclContentValue_UserPermissionChange) MarshalToSizedBuffer(dAtA []byte) } return len(dAtA) - i, nil } -func (m *AclContentValue_UserInvite) MarshalTo(dAtA []byte) (int, error) { +func (m *AclContentValue_RequestAccept) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *AclContentValue_UserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *AclContentValue_RequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) - if m.UserInvite != nil { + if m.RequestAccept != nil { { - size, err := m.UserInvite.MarshalToSizedBuffer(dAtA[:i]) + size, err := m.RequestAccept.MarshalToSizedBuffer(dAtA[:i]) if err != nil { return 0, err } @@ -1528,16 +1889,16 @@ func (m *AclContentValue_UserInvite) MarshalToSizedBuffer(dAtA []byte) (int, err } return len(dAtA) - i, nil } -func (m *AclContentValue_UserJoin) MarshalTo(dAtA []byte) (int, error) { +func (m *AclContentValue_PermissionChange) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *AclContentValue_UserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *AclContentValue_PermissionChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) - if m.UserJoin != nil { + if m.PermissionChange != nil { { - size, err := m.UserJoin.MarshalToSizedBuffer(dAtA[:i]) + size, err := m.PermissionChange.MarshalToSizedBuffer(dAtA[:i]) if err != nil { return 0, err } @@ -1549,6 +1910,48 @@ func (m *AclContentValue_UserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error } return len(dAtA) - i, nil } +func (m *AclContentValue_AccountRemove) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclContentValue_AccountRemove) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + if m.AccountRemove != nil { + { + size, err := m.AccountRemove.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintAclrecord(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x32 + } + return len(dAtA) - i, nil +} +func (m *AclContentValue_ReadKeyChange) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclContentValue_ReadKeyChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + if m.ReadKeyChange != nil { + { + size, err := m.ReadKeyChange.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintAclrecord(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x3a + } + return len(dAtA) - i, nil +} func (m *AclData) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -1586,370 +1989,6 @@ func (m *AclData) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *AclState) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclState) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclState) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Invites) > 0 { - for k := range m.Invites { - v := m.Invites[k] - baseI := i - if v != nil { - { - size, err := v.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintAclrecord(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarintAclrecord(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarintAclrecord(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x1a - } - } - if len(m.UserStates) > 0 { - for iNdEx := len(m.UserStates) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.UserStates[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintAclrecord(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - } - if len(m.ReadKeyIds) > 0 { - for iNdEx := len(m.ReadKeyIds) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.ReadKeyIds[iNdEx]) - copy(dAtA[i:], m.ReadKeyIds[iNdEx]) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKeyIds[iNdEx]))) - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - -func (m *AclUserState) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclUserState) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclUserState) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.Permissions != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) - i-- - dAtA[i] = 0x10 - } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclUserAdd) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclUserAdd) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclUserAdd) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.Permissions != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) - i-- - dAtA[i] = 0x18 - } - if len(m.EncryptedReadKeys) > 0 { - for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.EncryptedReadKeys[iNdEx]) - copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) - i-- - dAtA[i] = 0x12 - } - } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclUserInvite) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclUserInvite) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclUserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.Permissions != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) - i-- - dAtA[i] = 0x18 - } - if len(m.EncryptedReadKeys) > 0 { - for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.EncryptedReadKeys[iNdEx]) - copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) - i-- - dAtA[i] = 0x12 - } - } - if len(m.AcceptPublicKey) > 0 { - i -= len(m.AcceptPublicKey) - copy(dAtA[i:], m.AcceptPublicKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptPublicKey))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclUserJoin) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclUserJoin) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclUserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.EncryptedReadKeys) > 0 { - for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.EncryptedReadKeys[iNdEx]) - copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) - i-- - dAtA[i] = 0x22 - } - } - if len(m.AcceptPubKey) > 0 { - i -= len(m.AcceptPubKey) - copy(dAtA[i:], m.AcceptPubKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptPubKey))) - i-- - dAtA[i] = 0x1a - } - if len(m.AcceptSignature) > 0 { - i -= len(m.AcceptSignature) - copy(dAtA[i:], m.AcceptSignature) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptSignature))) - i-- - dAtA[i] = 0x12 - } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclUserRemove) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclUserRemove) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclUserRemove) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.ReadKeyReplaces) > 0 { - for iNdEx := len(m.ReadKeyReplaces) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.ReadKeyReplaces[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintAclrecord(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclReadKeyReplace) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclReadKeyReplace) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclReadKeyReplace) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.EncryptedReadKey) > 0 { - i -= len(m.EncryptedReadKey) - copy(dAtA[i:], m.EncryptedReadKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey))) - i-- - dAtA[i] = 0x12 - } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclUserPermissionChange) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclUserPermissionChange) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclUserPermissionChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.Permissions != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) - i-- - dAtA[i] = 0x10 - } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - func (m *AclSyncMessage) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -2146,10 +2185,6 @@ func (m *AclRecord) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.ReadKeyId) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } if m.Timestamp != 0 { n += 1 + sovAclrecord(uint64(m.Timestamp)) } @@ -2188,6 +2223,156 @@ func (m *AclRoot) Size() (n int) { return n } +func (m *AclAccountInvite) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.InviteKey) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} + +func (m *AclAccountRequestJoin) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.InviteIdentity) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + l = len(m.InviteRecordId) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + l = len(m.InviteIdentitySignature) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} + +func (m *AclAccountRequestAccept) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Identity) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + l = len(m.RequestRecordId) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + l = len(m.EncryptedReadKeys) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} + +func (m *AclAccountInviteRevoke) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.InviteRecordId) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} + +func (m *AclReadKeys) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if len(m.ReadKey) > 0 { + for _, b := range m.ReadKey { + l = len(b) + n += 1 + l + sovAclrecord(uint64(l)) + } + } + return n +} + +func (m *AclEncryptedReadKeys) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Identity) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + l = len(m.EncryptedReadKeys) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} + +func (m *AclAccountPermissionChange) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Identity) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + if m.Permissions != 0 { + n += 1 + sovAclrecord(uint64(m.Permissions)) + } + return n +} + +func (m *AclReadKeyChange) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if len(m.AccountKeys) > 0 { + for _, e := range m.AccountKeys { + l = e.Size() + n += 1 + l + sovAclrecord(uint64(l)) + } + } + return n +} + +func (m *AclAccountRemove) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Identity) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + if len(m.AccountKeys) > 0 { + for _, e := range m.AccountKeys { + l = e.Size() + n += 1 + l + sovAclrecord(uint64(l)) + } + } + return n +} + func (m *AclContentValue) Size() (n int) { if m == nil { return 0 @@ -2200,62 +2385,86 @@ func (m *AclContentValue) Size() (n int) { return n } -func (m *AclContentValue_UserAdd) Size() (n int) { +func (m *AclContentValue_Invite) Size() (n int) { if m == nil { return 0 } var l int _ = l - if m.UserAdd != nil { - l = m.UserAdd.Size() + if m.Invite != nil { + l = m.Invite.Size() n += 1 + l + sovAclrecord(uint64(l)) } return n } -func (m *AclContentValue_UserRemove) Size() (n int) { +func (m *AclContentValue_InviteRevoke) Size() (n int) { if m == nil { return 0 } var l int _ = l - if m.UserRemove != nil { - l = m.UserRemove.Size() + if m.InviteRevoke != nil { + l = m.InviteRevoke.Size() n += 1 + l + sovAclrecord(uint64(l)) } return n } -func (m *AclContentValue_UserPermissionChange) Size() (n int) { +func (m *AclContentValue_RequestJoin) Size() (n int) { if m == nil { return 0 } var l int _ = l - if m.UserPermissionChange != nil { - l = m.UserPermissionChange.Size() + if m.RequestJoin != nil { + l = m.RequestJoin.Size() n += 1 + l + sovAclrecord(uint64(l)) } return n } -func (m *AclContentValue_UserInvite) Size() (n int) { +func (m *AclContentValue_RequestAccept) Size() (n int) { if m == nil { return 0 } var l int _ = l - if m.UserInvite != nil { - l = m.UserInvite.Size() + if m.RequestAccept != nil { + l = m.RequestAccept.Size() n += 1 + l + sovAclrecord(uint64(l)) } return n } -func (m *AclContentValue_UserJoin) Size() (n int) { +func (m *AclContentValue_PermissionChange) Size() (n int) { if m == nil { return 0 } var l int _ = l - if m.UserJoin != nil { - l = m.UserJoin.Size() + if m.PermissionChange != nil { + l = m.PermissionChange.Size() + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} +func (m *AclContentValue_AccountRemove) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.AccountRemove != nil { + l = m.AccountRemove.Size() + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} +func (m *AclContentValue_ReadKeyChange) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.ReadKeyChange != nil { + l = m.ReadKeyChange.Size() n += 1 + l + sovAclrecord(uint64(l)) } return n @@ -2275,179 +2484,6 @@ func (m *AclData) Size() (n int) { return n } -func (m *AclState) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.ReadKeyIds) > 0 { - for _, s := range m.ReadKeyIds { - l = len(s) - n += 1 + l + sovAclrecord(uint64(l)) - } - } - if len(m.UserStates) > 0 { - for _, e := range m.UserStates { - l = e.Size() - n += 1 + l + sovAclrecord(uint64(l)) - } - } - if len(m.Invites) > 0 { - for k, v := range m.Invites { - _ = k - _ = v - l = 0 - if v != nil { - l = v.Size() - l += 1 + sovAclrecord(uint64(l)) - } - mapEntrySize := 1 + len(k) + sovAclrecord(uint64(len(k))) + l - n += mapEntrySize + 1 + sovAclrecord(uint64(mapEntrySize)) - } - } - return n -} - -func (m *AclUserState) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - if m.Permissions != 0 { - n += 1 + sovAclrecord(uint64(m.Permissions)) - } - return n -} - -func (m *AclUserAdd) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - if len(m.EncryptedReadKeys) > 0 { - for _, b := range m.EncryptedReadKeys { - l = len(b) - n += 1 + l + sovAclrecord(uint64(l)) - } - } - if m.Permissions != 0 { - n += 1 + sovAclrecord(uint64(m.Permissions)) - } - return n -} - -func (m *AclUserInvite) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.AcceptPublicKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - if len(m.EncryptedReadKeys) > 0 { - for _, b := range m.EncryptedReadKeys { - l = len(b) - n += 1 + l + sovAclrecord(uint64(l)) - } - } - if m.Permissions != 0 { - n += 1 + sovAclrecord(uint64(m.Permissions)) - } - return n -} - -func (m *AclUserJoin) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.AcceptSignature) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.AcceptPubKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - if len(m.EncryptedReadKeys) > 0 { - for _, b := range m.EncryptedReadKeys { - l = len(b) - n += 1 + l + sovAclrecord(uint64(l)) - } - } - return n -} - -func (m *AclUserRemove) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - if len(m.ReadKeyReplaces) > 0 { - for _, e := range m.ReadKeyReplaces { - l = e.Size() - n += 1 + l + sovAclrecord(uint64(l)) - } - } - return n -} - -func (m *AclReadKeyReplace) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.EncryptedReadKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - return n -} - -func (m *AclUserPermissionChange) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - if m.Permissions != 0 { - n += 1 + sovAclrecord(uint64(m.Permissions)) - } - return n -} - func (m *AclSyncMessage) Size() (n int) { if m == nil { return 0 @@ -2938,38 +2974,6 @@ func (m *AclRecord) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyId", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ReadKeyId = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) } @@ -3246,6 +3250,977 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } return nil } +func (m *AclAccountInvite) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountInvite: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountInvite: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field InviteKey", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.InviteKey = append(m.InviteKey[:0], dAtA[iNdEx:postIndex]...) + if m.InviteKey == nil { + m.InviteKey = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclAccountRequestJoin) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountRequestJoin: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountRequestJoin: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field InviteIdentity", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.InviteIdentity = append(m.InviteIdentity[:0], dAtA[iNdEx:postIndex]...) + if m.InviteIdentity == nil { + m.InviteIdentity = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field InviteRecordId", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.InviteRecordId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field InviteIdentitySignature", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.InviteIdentitySignature = append(m.InviteIdentitySignature[:0], dAtA[iNdEx:postIndex]...) + if m.InviteIdentitySignature == nil { + m.InviteIdentitySignature = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountRequestAccept: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountRequestAccept: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) + if m.Identity == nil { + m.Identity = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RequestRecordId", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.RequestRecordId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.EncryptedReadKeys = append(m.EncryptedReadKeys[:0], dAtA[iNdEx:postIndex]...) + if m.EncryptedReadKeys == nil { + m.EncryptedReadKeys = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclAccountInviteRevoke) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountInviteRevoke: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountInviteRevoke: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field InviteRecordId", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.InviteRecordId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclReadKeys) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclReadKeys: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclReadKeys: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ReadKey", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ReadKey = append(m.ReadKey, make([]byte, postIndex-iNdEx)) + copy(m.ReadKey[len(m.ReadKey)-1], dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclEncryptedReadKeys: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclEncryptedReadKeys: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) + if m.Identity == nil { + m.Identity = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.EncryptedReadKeys = append(m.EncryptedReadKeys[:0], dAtA[iNdEx:postIndex]...) + if m.EncryptedReadKeys == nil { + m.EncryptedReadKeys = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclAccountPermissionChange) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountPermissionChange: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountPermissionChange: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) + if m.Identity == nil { + m.Identity = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) + } + m.Permissions = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Permissions |= AclUserPermissions(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclReadKeyChange) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclReadKeyChange: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclReadKeyChange: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field AccountKeys", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKeys{}) + if err := m.AccountKeys[len(m.AccountKeys)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AclAccountRemove) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountRemove: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountRemove: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) + if m.Identity == nil { + m.Identity = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field AccountKeys", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKeys{}) + if err := m.AccountKeys[len(m.AccountKeys)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func (m *AclContentValue) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 @@ -3277,7 +4252,7 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field UserAdd", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Invite", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -3304,15 +4279,15 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - v := &AclUserAdd{} + v := &AclAccountInvite{} if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } - m.Value = &AclContentValue_UserAdd{v} + m.Value = &AclContentValue_Invite{v} iNdEx = postIndex case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field UserRemove", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field InviteRevoke", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -3339,15 +4314,15 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - v := &AclUserRemove{} + v := &AclAccountInviteRevoke{} if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } - m.Value = &AclContentValue_UserRemove{v} + m.Value = &AclContentValue_InviteRevoke{v} iNdEx = postIndex case 3: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field UserPermissionChange", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field RequestJoin", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -3374,15 +4349,15 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - v := &AclUserPermissionChange{} + v := &AclAccountRequestJoin{} if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } - m.Value = &AclContentValue_UserPermissionChange{v} + m.Value = &AclContentValue_RequestJoin{v} iNdEx = postIndex case 4: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field UserInvite", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field RequestAccept", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -3409,15 +4384,15 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - v := &AclUserInvite{} + v := &AclAccountRequestAccept{} if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } - m.Value = &AclContentValue_UserInvite{v} + m.Value = &AclContentValue_RequestAccept{v} iNdEx = postIndex case 5: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field UserJoin", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field PermissionChange", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -3444,11 +4419,81 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - v := &AclUserJoin{} + v := &AclAccountPermissionChange{} if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } - m.Value = &AclContentValue_UserJoin{v} + m.Value = &AclContentValue_PermissionChange{v} + iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field AccountRemove", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &AclAccountRemove{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Value = &AclContentValue_AccountRemove{v} + iNdEx = postIndex + case 7: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyChange", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &AclReadKeyChange{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Value = &AclContentValue_ReadKeyChange{v} iNdEx = postIndex default: iNdEx = preIndex @@ -3555,1147 +4600,6 @@ func (m *AclData) Unmarshal(dAtA []byte) error { } return nil } -func (m *AclState) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclState: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclState: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyIds", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ReadKeyIds = append(m.ReadKeyIds, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field UserStates", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.UserStates = append(m.UserStates, &AclUserState{}) - if err := m.UserStates[len(m.UserStates)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Invites", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Invites == nil { - m.Invites = make(map[string]*AclUserInvite) - } - var mapkey string - var mapvalue *AclUserInvite - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthAclrecord - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthAclrecord - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var mapmsglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - mapmsglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if mapmsglen < 0 { - return ErrInvalidLengthAclrecord - } - postmsgIndex := iNdEx + mapmsglen - if postmsgIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postmsgIndex > l { - return io.ErrUnexpectedEOF - } - mapvalue = &AclUserInvite{} - if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil { - return err - } - iNdEx = postmsgIndex - } else { - iNdEx = entryPreIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Invites[mapkey] = mapvalue - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclUserState) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclUserState: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclUserState: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) - } - m.Permissions = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Permissions |= AclUserPermissions(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclUserAdd) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclUserAdd: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclUserAdd: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptedReadKeys = append(m.EncryptedReadKeys, make([]byte, postIndex-iNdEx)) - copy(m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1], dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) - } - m.Permissions = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Permissions |= AclUserPermissions(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclUserInvite) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclUserInvite: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclUserInvite: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AcceptPublicKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AcceptPublicKey = append(m.AcceptPublicKey[:0], dAtA[iNdEx:postIndex]...) - if m.AcceptPublicKey == nil { - m.AcceptPublicKey = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptedReadKeys = append(m.EncryptedReadKeys, make([]byte, postIndex-iNdEx)) - copy(m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1], dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) - } - m.Permissions = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Permissions |= AclUserPermissions(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclUserJoin) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclUserJoin: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclUserJoin: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AcceptSignature", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AcceptSignature = append(m.AcceptSignature[:0], dAtA[iNdEx:postIndex]...) - if m.AcceptSignature == nil { - m.AcceptSignature = []byte{} - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AcceptPubKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AcceptPubKey = append(m.AcceptPubKey[:0], dAtA[iNdEx:postIndex]...) - if m.AcceptPubKey == nil { - m.AcceptPubKey = []byte{} - } - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptedReadKeys = append(m.EncryptedReadKeys, make([]byte, postIndex-iNdEx)) - copy(m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1], dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclUserRemove) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclUserRemove: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclUserRemove: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyReplaces", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ReadKeyReplaces = append(m.ReadKeyReplaces, &AclReadKeyReplace{}) - if err := m.ReadKeyReplaces[len(m.ReadKeyReplaces)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclReadKeyReplace) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclReadKeyReplace: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclReadKeyReplace: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptedReadKey = append(m.EncryptedReadKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptedReadKey == nil { - m.EncryptedReadKey = []byte{} - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclUserPermissionChange) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclUserPermissionChange: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclUserPermissionChange: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) - } - m.Permissions = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Permissions |= AclUserPermissions(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} func (m *AclSyncMessage) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index c90cf116..2ca06396 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -2,6 +2,7 @@ syntax = "proto3"; package aclrecord; option go_package = "commonspace/object/acl/aclrecordproto"; +// RawAclRecord is a proto message containing the acl payload in bytes, signature of the account who added it and signature of the acceptor message RawAclRecord { bytes payload = 1; bytes signature = 2; @@ -9,19 +10,21 @@ message RawAclRecord { bytes acceptorSignature = 4; } +// RawAclRecordWithId is a raw record and the id for convenience message RawAclRecordWithId { bytes payload = 1; string id = 2; } +// AclRecord is a record containing the acl data message AclRecord { string prevId = 1; bytes identity = 2; bytes data = 3; - string readKeyId = 4; - int64 timestamp = 5; + int64 timestamp = 4; } +// AclRoot is a root of access control list message AclRoot { bytes identity = 1; bytes masterKey = 2; @@ -31,69 +34,83 @@ message AclRoot { bytes identitySignature = 6; } +// AclAccountInvite contains the public invite key, the private part of which is sent to the user directly +message AclAccountInvite { + bytes inviteKey = 1; +} + +// AclAccountRequestJoin contains the reference to the invite record and the data of the person who wants to join, confirmed by the private invite key +message AclAccountRequestJoin { + bytes inviteIdentity = 1; + string inviteRecordId = 2; + bytes inviteIdentitySignature = 3; +} + +// AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor +message AclAccountRequestAccept { + bytes identity = 1; + string requestRecordId = 2; + bytes encryptedReadKeys = 3; +} + +// AclAccountInviteRevoke revokes the invite record +message AclAccountInviteRevoke { + string inviteRecordId = 1; +} + +// AclReadKeys are all read keys in Acl +message AclReadKeys { + repeated bytes readKey = 1; +} + +// AclEncryptedReadKeys are all keys for specific identity +message AclEncryptedReadKeys { + bytes identity = 1; + bytes encryptedReadKeys = 2; +} + +// AclAccountPermissionChange changes permissions of specific account +message AclAccountPermissionChange { + bytes identity = 1; + AclUserPermissions permissions = 2; +} + +// AclReadKeyChange changes the key for a space +message AclReadKeyChange { + repeated AclEncryptedReadKeys accountKeys = 1; +} + +// AclAccountRemove removes an account and changes read key for space +message AclAccountRemove { + bytes identity = 1; + repeated AclEncryptedReadKeys accountKeys = 2; +} + +// AclContentValue contains possible values for Acl message AclContentValue { oneof value { - AclUserAdd userAdd = 1; - AclUserRemove userRemove = 2; - AclUserPermissionChange userPermissionChange = 3; - AclUserInvite userInvite = 4; - AclUserJoin userJoin = 5; + AclAccountInvite invite = 1; + AclAccountInviteRevoke inviteRevoke = 2; + AclAccountRequestJoin requestJoin = 3; + AclAccountRequestAccept requestAccept = 4; + AclAccountPermissionChange permissionChange = 5; + AclAccountRemove accountRemove = 6; + AclReadKeyChange readKeyChange = 7; } } +// AclData contains different acl content message AclData { repeated AclContentValue aclContent = 1; } -message AclState { - repeated string readKeyIds = 1; - repeated AclUserState userStates = 2; - map invites = 3; -} - -message AclUserState { - bytes identity = 1; - AclUserPermissions permissions = 2; -} - -message AclUserAdd { - bytes identity = 1; - repeated bytes encryptedReadKeys = 2; - AclUserPermissions permissions = 3; -} - -message AclUserInvite { - bytes acceptPublicKey = 1; - repeated bytes encryptedReadKeys = 2; - AclUserPermissions permissions = 3; -} - -message AclUserJoin { - bytes identity = 1; - bytes acceptSignature = 2; - bytes acceptPubKey = 3; - repeated bytes encryptedReadKeys = 4; -} - -message AclUserRemove { - bytes identity = 1; - repeated AclReadKeyReplace readKeyReplaces = 2; -} - -message AclReadKeyReplace { - bytes identity = 1; - bytes encryptedReadKey = 2; -} - -message AclUserPermissionChange { - bytes identity = 1; - AclUserPermissions permissions = 2; -} - +// AclUserPermissions contains different possible user roles enum AclUserPermissions { - Admin = 0; - Writer = 1; - Reader = 2; + None = 0; + Owner = 1; + Admin = 2; + Writer = 3; + Reader = 4; } message AclSyncMessage { diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index a780c315..dde9ae23 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -3,6 +3,7 @@ package list import ( "errors" "fmt" + "github.com/anyproto/any-sync/app/logger" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/util/crypto" @@ -23,6 +24,7 @@ var ( ErrOldInvite = errors.New("invite is too old") ErrInsufficientPermissions = errors.New("insufficient permissions") ErrNoReadKey = errors.New("acl state doesn't have a read key") + ErrNoInvite = errors.New("can't delete invite record") ErrInvalidSignature = errors.New("signature is invalid") ErrIncorrectRoot = errors.New("incorrect root") ErrIncorrectRecordSequence = errors.New("incorrect prev id of a record") @@ -39,6 +41,7 @@ type AclState struct { userReadKeys map[string]crypto.SymKey userStates map[string]AclUserState statesAtRecord map[string][]AclUserState + inviteKeys map[string]crypto.PubKey key crypto.PrivKey pubKey crypto.PubKey keyStore crypto.KeyStorage @@ -110,17 +113,18 @@ func (st *AclState) applyRecord(record *AclRecord) (err error) { err = ErrIncorrectRecordSequence return } + // if the record is root record if record.Id == st.id { err = st.applyRoot(record) if err != nil { return } st.statesAtRecord[record.Id] = []AclUserState{ - {PubKey: record.Identity, Permissions: aclrecordproto.AclUserPermissions_Admin}, + st.userStates[mapKeyFromPubKey(record.Identity)], } return } - + // if the model is not cached if record.Model == nil { aclData := &aclrecordproto.AclData{} err = proto.Unmarshal(record.Data, aclData) @@ -129,18 +133,16 @@ func (st *AclState) applyRecord(record *AclRecord) (err error) { } record.Model = aclData } - + // applying records contents err = st.applyChangeData(record) if err != nil { return } - - // getting all states for users at record + // getting all states for users at record and saving them var states []AclUserState for _, state := range st.userStates { states = append(states, state) } - st.statesAtRecord[record.Id] = states return } @@ -156,7 +158,7 @@ func (st *AclState) applyRoot(record *AclRecord) (err error) { // adding user to the list userState := AclUserState{ PubKey: record.Identity, - Permissions: aclrecordproto.AclUserPermissions_Admin, + Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Admin), } st.currentReadKeyId = record.ReadKeyId st.userStates[mapKeyFromPubKey(record.Identity)] = userState @@ -181,54 +183,35 @@ func (st *AclState) saveReadKeyFromRoot(record *AclRecord) (err error) { return } } - st.userReadKeys[record.Id] = readKey return } func (st *AclState) applyChangeData(record *AclRecord) (err error) { - defer func() { - if err != nil { - return - } - if record.ReadKeyId != st.currentReadKeyId { - st.totalReadKeys++ - st.currentReadKeyId = record.ReadKeyId - } - }() model := record.Model.(*aclrecordproto.AclData) - if !st.isUserJoin(model) { - // we check signature when we add this to the List, so no need to do it here - if _, exists := st.userStates[mapKeyFromPubKey(record.Identity)]; !exists { - err = ErrNoSuchUser - return - } - - // only Admins can do non-user join changes - if !st.HasPermission(record.Identity, aclrecordproto.AclUserPermissions_Admin) { - // TODO: add string encoding - err = fmt.Errorf("user %s must have admin permissions", record.Identity.Account()) - return - } + if !st.isUserJoin(model) && !st.Permissions(record.Identity).CanManageAccounts() { + return ErrInsufficientPermissions } - for _, ch := range model.GetAclContent() { if err = st.applyChangeContent(ch, record.Id); err != nil { log.Info("error while applying changes: %v; ignore", zap.Error(err)) return err } } - + if record.ReadKeyId != st.currentReadKeyId { + st.totalReadKeys++ + st.currentReadKeyId = record.ReadKeyId + } return nil } func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recordId string) error { switch { - case ch.GetUserPermissionChange() != nil: - return st.applyUserPermissionChange(ch.GetUserPermissionChange(), recordId) - case ch.GetUserAdd() != nil: - return st.applyUserAdd(ch.GetUserAdd(), recordId) - case ch.GetUserRemove() != nil: + case ch.GetPermissionChange() != nil: + return st.applyPermissionChange(ch.GetPermissionChange(), recordId) + case ch.GetInvite() != nil: + return st.applyInvite(ch.GetInvite(), recordId) + case ch.GetInviteRevoke() != nil: return st.applyUserRemove(ch.GetUserRemove(), recordId) case ch.GetUserInvite() != nil: return st.applyUserInvite(ch.GetUserInvite(), recordId) @@ -239,7 +222,7 @@ func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recor } } -func (st *AclState) applyUserPermissionChange(ch *aclrecordproto.AclUserPermissionChange, recordId string) error { +func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissionChange, recordId string) error { chIdentity, err := st.keyStore.PubKeyFromProto(ch.Identity) if err != nil { return err @@ -248,13 +231,22 @@ func (st *AclState) applyUserPermissionChange(ch *aclrecordproto.AclUserPermissi if !exists { return ErrNoSuchUser } - - state.Permissions = ch.Permissions + state.Permissions = AclPermissions(ch.Permissions) return nil } -func (st *AclState) applyUserInvite(ch *aclrecordproto.AclUserInvite, recordId string) error { - // TODO: check old code and bring it back :-) +func (st *AclState) applyInvite(ch *aclrecordproto.AclAccountInvite, recordId string) error { + inviteKey, err := st.keyStore.PubKeyFromProto(ch.InviteKey) + if err != nil { + return err + } + st.inviteKeys[recordId] = inviteKey + return nil +} + +func (st *AclState) applyInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, recordId string) error { + + delete(st.inviteKeys, ch.InviteRecordId) return nil } @@ -283,13 +275,12 @@ func (st *AclState) decryptReadKey(msg []byte) (crypto.SymKey, error) { return key, nil } -func (st *AclState) HasPermission(identity crypto.PubKey, permission aclrecordproto.AclUserPermissions) bool { +func (st *AclState) Permissions(identity crypto.PubKey) AclPermissions { state, exists := st.userStates[mapKeyFromPubKey(identity)] if !exists { - return false + return AclPermissions(aclrecordproto.AclUserPermissions_None) } - - return state.Permissions == permission + return state.Permissions } func (st *AclState) isUserJoin(data *aclrecordproto.AclData) bool { @@ -297,10 +288,6 @@ func (st *AclState) isUserJoin(data *aclrecordproto.AclData) bool { return data.GetAclContent() != nil && data.GetAclContent()[0].GetUserJoin() != nil } -func (st *AclState) isUserAdd(data *aclrecordproto.AclData, identity []byte) bool { - return false -} - func (st *AclState) UserStates() map[string]AclUserState { return st.userStates } diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go index 7375c7c6..97b19ac5 100644 --- a/commonspace/object/acl/list/models.go +++ b/commonspace/object/acl/list/models.go @@ -18,5 +18,31 @@ type AclRecord struct { type AclUserState struct { PubKey crypto.PubKey - Permissions aclrecordproto.AclUserPermissions + Permissions AclPermissions +} + +type AclPermissions aclrecordproto.AclUserPermissions + +func (p AclPermissions) CanWrite() bool { + switch aclrecordproto.AclUserPermissions(p) { + case aclrecordproto.AclUserPermissions_Admin: + return true + case aclrecordproto.AclUserPermissions_Writer: + return true + case aclrecordproto.AclUserPermissions_Owner: + return true + default: + return false + } +} + +func (p AclPermissions) CanManageAccounts() bool { + switch aclrecordproto.AclUserPermissions(p) { + case aclrecordproto.AclUserPermissions_Admin: + return true + case aclrecordproto.AclUserPermissions_Owner: + return true + default: + return false + } } diff --git a/commonspace/object/acl/list/validator.go b/commonspace/object/acl/list/validator.go new file mode 100644 index 00000000..b4972732 --- /dev/null +++ b/commonspace/object/acl/list/validator.go @@ -0,0 +1,5 @@ +package list + +type Validator interface { + Validate() +} diff --git a/commonspace/object/tree/objecttree/objecttree.go b/commonspace/object/tree/objecttree/objecttree.go index 56a72ff9..2733530f 100644 --- a/commonspace/object/tree/objecttree/objecttree.go +++ b/commonspace/object/tree/objecttree/objecttree.go @@ -4,11 +4,11 @@ package objecttree import ( "context" "errors" - "github.com/anyproto/any-sync/util/crypto" "sync" "time" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anyproto/any-sync/util/crypto" + "github.com/anyproto/any-sync/commonspace/object/acl/list" "github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto" "github.com/anyproto/any-sync/commonspace/object/tree/treestorage" @@ -248,9 +248,7 @@ func (ot *objectTree) prepareBuilderContent(content SignableChangeContent) (cnt pubKey = content.Key.GetPublic() readKeyId string ) - canWrite := state.HasPermission(pubKey, aclrecordproto.AclUserPermissions_Writer) || - state.HasPermission(pubKey, aclrecordproto.AclUserPermissions_Admin) - if !canWrite { + if !state.Permissions(pubKey).CanWrite() { err = list.ErrInsufficientPermissions return } diff --git a/commonspace/object/tree/objecttree/objecttreevalidator.go b/commonspace/object/tree/objecttree/objecttreevalidator.go index 59b74d58..7515042b 100644 --- a/commonspace/object/tree/objecttree/objecttreevalidator.go +++ b/commonspace/object/tree/objecttree/objecttreevalidator.go @@ -3,7 +3,7 @@ package objecttree import ( "context" "fmt" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anyproto/any-sync/commonspace/object/acl/list" "github.com/anyproto/any-sync/commonspace/object/tree/treestorage" "github.com/anyproto/any-sync/util/slice" @@ -52,20 +52,18 @@ func (v *objectTreeValidator) ValidateNewChanges(tree *Tree, aclList list.AclLis func (v *objectTreeValidator) validateChange(tree *Tree, aclList list.AclList, c *Change) (err error) { var ( - perm list.AclUserState - state = aclList.AclState() + userState list.AclUserState + state = aclList.AclState() ) // checking if the user could write - perm, err = state.StateAtRecord(c.AclHeadId, c.Identity) + userState, err = state.StateAtRecord(c.AclHeadId, c.Identity) if err != nil { return } - - if perm.Permissions != aclrecordproto.AclUserPermissions_Writer && perm.Permissions != aclrecordproto.AclUserPermissions_Admin { + if !userState.Permissions.CanWrite() { err = list.ErrInsufficientPermissions return } - if c.Id == tree.RootId() { return } diff --git a/commonspace/spacesyncproto/spacesync_drpc.pb.go b/commonspace/spacesyncproto/spacesync_drpc.pb.go index 11e5d715..f9c7abae 100644 --- a/commonspace/spacesyncproto/spacesync_drpc.pb.go +++ b/commonspace/spacesyncproto/spacesync_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.33 +// protoc-gen-go-drpc version: v0.0.32 // source: commonspace/spacesyncproto/protos/spacesync.proto package spacesyncproto @@ -103,10 +103,6 @@ type drpcSpaceSync_ObjectSyncStreamClient struct { drpc.Stream } -func (x *drpcSpaceSync_ObjectSyncStreamClient) GetStream() drpc.Stream { - return x.Stream -} - func (x *drpcSpaceSync_ObjectSyncStreamClient) Send(m *ObjectSyncMessage) error { return x.MsgSend(m, drpcEncoding_File_commonspace_spacesyncproto_protos_spacesync_proto{}) } diff --git a/coordinator/coordinatorproto/coordinator_drpc.pb.go b/coordinator/coordinatorproto/coordinator_drpc.pb.go index 0ed69ea2..75e73a7b 100644 --- a/coordinator/coordinatorproto/coordinator_drpc.pb.go +++ b/coordinator/coordinatorproto/coordinator_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.33 +// protoc-gen-go-drpc version: v0.0.32 // source: coordinator/coordinatorproto/protos/coordinator.proto package coordinatorproto diff --git a/net/peer/peer.go b/net/peer/peer.go index c8a54a43..6b6a7666 100644 --- a/net/peer/peer.go +++ b/net/peer/peer.go @@ -3,6 +3,11 @@ package peer import ( "context" + "io" + "net" + "sync" + "time" + "github.com/anyproto/any-sync/app/logger" "github.com/anyproto/any-sync/app/ocache" "github.com/anyproto/any-sync/net/connutil" @@ -11,15 +16,11 @@ import ( "github.com/anyproto/any-sync/net/secureservice/handshake/handshakeproto" "github.com/anyproto/any-sync/net/transport" "go.uber.org/zap" - "io" - "net" "storj.io/drpc" "storj.io/drpc/drpcconn" "storj.io/drpc/drpcmanager" "storj.io/drpc/drpcstream" "storj.io/drpc/drpcwire" - "sync" - "time" ) var log = logger.NewNamed("common.net.peer") @@ -200,6 +201,11 @@ func (p *peer) TryClose(objectTTL time.Duration) (res bool, err error) { return false, nil } +// 70 stream -> 1 subconn +// 62 request -> 1 subconn +// 2600 subconn (2400 non active -> 5 min) + +// 2 5min connect func (p *peer) gc(ttl time.Duration) (aliveCount int) { p.mu.Lock() defer p.mu.Unlock() diff --git a/net/streampool/testservice/testservice_drpc.pb.go b/net/streampool/testservice/testservice_drpc.pb.go index cfe5bce9..f50fdbe7 100644 --- a/net/streampool/testservice/testservice_drpc.pb.go +++ b/net/streampool/testservice/testservice_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.33 +// protoc-gen-go-drpc version: v0.0.32 // source: net/streampool/testservice/protos/testservice.proto package testservice @@ -72,10 +72,6 @@ type drpcTest_TestStreamClient struct { drpc.Stream } -func (x *drpcTest_TestStreamClient) GetStream() drpc.Stream { - return x.Stream -} - func (x *drpcTest_TestStreamClient) Send(m *StreamMessage) error { return x.MsgSend(m, drpcEncoding_File_net_streampool_testservice_protos_testservice_proto{}) } From f9bab4d51dfb06f2dab172ffd2ce4b4a8d321ad6 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Fri, 23 Jun 2023 14:50:09 +0200 Subject: [PATCH 02/17] Add content validator --- .../object/acl/aclrecordproto/aclrecord.pb.go | 444 +++++++++++++++--- .../acl/aclrecordproto/protos/aclrecord.proto | 7 + commonspace/object/acl/list/aclstate.go | 39 +- commonspace/object/acl/list/models.go | 5 + commonspace/object/acl/list/validator.go | 146 +++++- 5 files changed, 555 insertions(+), 86 deletions(-) diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index 8d185378..d7abb519 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -383,6 +383,7 @@ type AclAccountRequestJoin struct { InviteIdentity []byte `protobuf:"bytes,1,opt,name=inviteIdentity,proto3" json:"inviteIdentity,omitempty"` InviteRecordId string `protobuf:"bytes,2,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"` InviteIdentitySignature []byte `protobuf:"bytes,3,opt,name=inviteIdentitySignature,proto3" json:"inviteIdentitySignature,omitempty"` + Metadata []byte `protobuf:"bytes,4,opt,name=metadata,proto3" json:"metadata,omitempty"` } func (m *AclAccountRequestJoin) Reset() { *m = AclAccountRequestJoin{} } @@ -439,6 +440,13 @@ func (m *AclAccountRequestJoin) GetInviteIdentitySignature() []byte { return nil } +func (m *AclAccountRequestJoin) GetMetadata() []byte { + if m != nil { + return m.Metadata + } + return nil +} + // AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor type AclAccountRequestAccept struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` @@ -500,6 +508,51 @@ func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []byte { return nil } +// AclAccountRequestDecline contains the reference to join record +type AclAccountRequestDecline struct { + RequestRecordId string `protobuf:"bytes,1,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"` +} + +func (m *AclAccountRequestDecline) Reset() { *m = AclAccountRequestDecline{} } +func (m *AclAccountRequestDecline) String() string { return proto.CompactTextString(m) } +func (*AclAccountRequestDecline) ProtoMessage() {} +func (*AclAccountRequestDecline) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{7} +} +func (m *AclAccountRequestDecline) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountRequestDecline) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountRequestDecline.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountRequestDecline) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountRequestDecline.Merge(m, src) +} +func (m *AclAccountRequestDecline) XXX_Size() int { + return m.Size() +} +func (m *AclAccountRequestDecline) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountRequestDecline.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountRequestDecline proto.InternalMessageInfo + +func (m *AclAccountRequestDecline) GetRequestRecordId() string { + if m != nil { + return m.RequestRecordId + } + return "" +} + // AclAccountInviteRevoke revokes the invite record type AclAccountInviteRevoke struct { InviteRecordId string `protobuf:"bytes,1,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"` @@ -509,7 +562,7 @@ func (m *AclAccountInviteRevoke) Reset() { *m = AclAccountInviteRevoke{} func (m *AclAccountInviteRevoke) String() string { return proto.CompactTextString(m) } func (*AclAccountInviteRevoke) ProtoMessage() {} func (*AclAccountInviteRevoke) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{7} + return fileDescriptor_c8e9f754f34e929b, []int{8} } func (m *AclAccountInviteRevoke) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -554,7 +607,7 @@ func (m *AclReadKeys) Reset() { *m = AclReadKeys{} } func (m *AclReadKeys) String() string { return proto.CompactTextString(m) } func (*AclReadKeys) ProtoMessage() {} func (*AclReadKeys) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{8} + return fileDescriptor_c8e9f754f34e929b, []int{9} } func (m *AclReadKeys) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -600,7 +653,7 @@ func (m *AclEncryptedReadKeys) Reset() { *m = AclEncryptedReadKeys{} } func (m *AclEncryptedReadKeys) String() string { return proto.CompactTextString(m) } func (*AclEncryptedReadKeys) ProtoMessage() {} func (*AclEncryptedReadKeys) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{9} + return fileDescriptor_c8e9f754f34e929b, []int{10} } func (m *AclEncryptedReadKeys) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -653,7 +706,7 @@ func (m *AclAccountPermissionChange) Reset() { *m = AclAccountPermission func (m *AclAccountPermissionChange) String() string { return proto.CompactTextString(m) } func (*AclAccountPermissionChange) ProtoMessage() {} func (*AclAccountPermissionChange) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{10} + return fileDescriptor_c8e9f754f34e929b, []int{11} } func (m *AclAccountPermissionChange) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -705,7 +758,7 @@ func (m *AclReadKeyChange) Reset() { *m = AclReadKeyChange{} } func (m *AclReadKeyChange) String() string { return proto.CompactTextString(m) } func (*AclReadKeyChange) ProtoMessage() {} func (*AclReadKeyChange) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{11} + return fileDescriptor_c8e9f754f34e929b, []int{12} } func (m *AclReadKeyChange) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -751,7 +804,7 @@ func (m *AclAccountRemove) Reset() { *m = AclAccountRemove{} } func (m *AclAccountRemove) String() string { return proto.CompactTextString(m) } func (*AclAccountRemove) ProtoMessage() {} func (*AclAccountRemove) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{12} + return fileDescriptor_c8e9f754f34e929b, []int{13} } func (m *AclAccountRemove) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -805,6 +858,7 @@ type AclContentValue struct { // *AclContentValue_PermissionChange // *AclContentValue_AccountRemove // *AclContentValue_ReadKeyChange + // *AclContentValue_RequestDecline Value isAclContentValue_Value `protobuf_oneof:"value"` } @@ -812,7 +866,7 @@ func (m *AclContentValue) Reset() { *m = AclContentValue{} } func (m *AclContentValue) String() string { return proto.CompactTextString(m) } func (*AclContentValue) ProtoMessage() {} func (*AclContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{13} + return fileDescriptor_c8e9f754f34e929b, []int{14} } func (m *AclContentValue) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -868,6 +922,9 @@ type AclContentValue_AccountRemove struct { type AclContentValue_ReadKeyChange struct { ReadKeyChange *AclReadKeyChange `protobuf:"bytes,7,opt,name=readKeyChange,proto3,oneof" json:"readKeyChange,omitempty"` } +type AclContentValue_RequestDecline struct { + RequestDecline *AclAccountRequestDecline `protobuf:"bytes,8,opt,name=requestDecline,proto3,oneof" json:"requestDecline,omitempty"` +} func (*AclContentValue_Invite) isAclContentValue_Value() {} func (*AclContentValue_InviteRevoke) isAclContentValue_Value() {} @@ -876,6 +933,7 @@ func (*AclContentValue_RequestAccept) isAclContentValue_Value() {} func (*AclContentValue_PermissionChange) isAclContentValue_Value() {} func (*AclContentValue_AccountRemove) isAclContentValue_Value() {} func (*AclContentValue_ReadKeyChange) isAclContentValue_Value() {} +func (*AclContentValue_RequestDecline) isAclContentValue_Value() {} func (m *AclContentValue) GetValue() isAclContentValue_Value { if m != nil { @@ -933,6 +991,13 @@ func (m *AclContentValue) GetReadKeyChange() *AclReadKeyChange { return nil } +func (m *AclContentValue) GetRequestDecline() *AclAccountRequestDecline { + if x, ok := m.GetValue().(*AclContentValue_RequestDecline); ok { + return x.RequestDecline + } + return nil +} + // XXX_OneofWrappers is for the internal use of the proto package. func (*AclContentValue) XXX_OneofWrappers() []interface{} { return []interface{}{ @@ -943,6 +1008,7 @@ func (*AclContentValue) XXX_OneofWrappers() []interface{} { (*AclContentValue_PermissionChange)(nil), (*AclContentValue_AccountRemove)(nil), (*AclContentValue_ReadKeyChange)(nil), + (*AclContentValue_RequestDecline)(nil), } } @@ -955,7 +1021,7 @@ func (m *AclData) Reset() { *m = AclData{} } func (m *AclData) String() string { return proto.CompactTextString(m) } func (*AclData) ProtoMessage() {} func (*AclData) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{14} + return fileDescriptor_c8e9f754f34e929b, []int{15} } func (m *AclData) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -999,7 +1065,7 @@ func (m *AclSyncMessage) Reset() { *m = AclSyncMessage{} } func (m *AclSyncMessage) String() string { return proto.CompactTextString(m) } func (*AclSyncMessage) ProtoMessage() {} func (*AclSyncMessage) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{15} + return fileDescriptor_c8e9f754f34e929b, []int{16} } func (m *AclSyncMessage) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1047,7 +1113,7 @@ func (m *AclSyncContentValue) Reset() { *m = AclSyncContentValue{} } func (m *AclSyncContentValue) String() string { return proto.CompactTextString(m) } func (*AclSyncContentValue) ProtoMessage() {} func (*AclSyncContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{16} + return fileDescriptor_c8e9f754f34e929b, []int{17} } func (m *AclSyncContentValue) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1117,7 +1183,7 @@ func (m *AclAddRecords) Reset() { *m = AclAddRecords{} } func (m *AclAddRecords) String() string { return proto.CompactTextString(m) } func (*AclAddRecords) ProtoMessage() {} func (*AclAddRecords) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{17} + return fileDescriptor_c8e9f754f34e929b, []int{18} } func (m *AclAddRecords) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1162,6 +1228,7 @@ func init() { proto.RegisterType((*AclAccountInvite)(nil), "aclrecord.AclAccountInvite") proto.RegisterType((*AclAccountRequestJoin)(nil), "aclrecord.AclAccountRequestJoin") proto.RegisterType((*AclAccountRequestAccept)(nil), "aclrecord.AclAccountRequestAccept") + proto.RegisterType((*AclAccountRequestDecline)(nil), "aclrecord.AclAccountRequestDecline") proto.RegisterType((*AclAccountInviteRevoke)(nil), "aclrecord.AclAccountInviteRevoke") proto.RegisterType((*AclReadKeys)(nil), "aclrecord.AclReadKeys") proto.RegisterType((*AclEncryptedReadKeys)(nil), "aclrecord.AclEncryptedReadKeys") @@ -1180,64 +1247,67 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 912 bytes of a gzipped FileDescriptorProto + // 958 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45, - 0x14, 0xde, 0x75, 0x1c, 0xbb, 0x3e, 0x9b, 0xa4, 0xcb, 0x00, 0xad, 0x15, 0x8a, 0x09, 0x23, 0x15, - 0xaa, 0x0a, 0x35, 0xc8, 0x08, 0x51, 0x21, 0x44, 0xd9, 0xa6, 0x15, 0x76, 0xf8, 0xd5, 0x44, 0xa5, - 0x52, 0xaf, 0x98, 0xce, 0x8e, 0xd2, 0x85, 0xdd, 0x9d, 0xcd, 0xec, 0xc4, 0x95, 0x9f, 0x01, 0x21, - 0xf1, 0x08, 0xf0, 0x36, 0x5c, 0xf6, 0x06, 0x89, 0x4b, 0x94, 0xbc, 0x08, 0x9a, 0x99, 0x5d, 0xef, - 0x9f, 0x63, 0x21, 0x2e, 0x12, 0xcf, 0x9c, 0xf9, 0xce, 0x77, 0xbe, 0xf3, 0x33, 0x63, 0xc3, 0x67, - 0x4c, 0x24, 0x89, 0x48, 0xf3, 0x8c, 0x32, 0x7e, 0x28, 0x9e, 0xff, 0xc4, 0x99, 0x3a, 0xa4, 0x2c, - 0xd6, 0x7f, 0x92, 0x33, 0x21, 0xc3, 0x4c, 0x0a, 0x25, 0x0e, 0xcd, 0xff, 0xbc, 0xb2, 0xde, 0x33, - 0x06, 0x34, 0x5a, 0x19, 0xf0, 0xef, 0x2e, 0xec, 0x10, 0xfa, 0x32, 0x60, 0x31, 0x31, 0x06, 0x34, - 0x86, 0x61, 0x46, 0x97, 0xb1, 0xa0, 0xe1, 0xd8, 0x3d, 0x70, 0xef, 0xec, 0x90, 0x72, 0x8b, 0x6e, - 0xc1, 0x28, 0x8f, 0x4e, 0x53, 0xaa, 0xce, 0x25, 0x1f, 0xf7, 0xcc, 0x59, 0x65, 0x40, 0x77, 0xc1, - 0xa7, 0x8c, 0xf1, 0x4c, 0x09, 0x39, 0x0f, 0x79, 0xaa, 0x22, 0xb5, 0x1c, 0x6f, 0x19, 0x50, 0xc7, - 0x8e, 0x3e, 0x80, 0xd7, 0x4a, 0xdb, 0xc9, 0x8a, 0xb1, 0x6f, 0xc0, 0xdd, 0x03, 0xfc, 0x39, 0xa0, - 0xba, 0xc2, 0xa7, 0x91, 0x7a, 0x31, 0xdf, 0xa4, 0x73, 0x0f, 0x7a, 0x51, 0x68, 0x04, 0x8e, 0x48, - 0x2f, 0x0a, 0xf1, 0x19, 0x8c, 0xaa, 0xf4, 0x6e, 0xc0, 0x20, 0x93, 0x7c, 0x31, 0xb7, 0x5e, 0x23, - 0x52, 0xec, 0xd0, 0x3e, 0x5c, 0x8b, 0x4a, 0xd9, 0x36, 0xb7, 0xd5, 0x1e, 0x21, 0xe8, 0x87, 0x54, - 0xd1, 0x22, 0x1d, 0xb3, 0xd6, 0xc5, 0x50, 0x51, 0xc2, 0x73, 0x45, 0x93, 0xcc, 0x48, 0xdf, 0x22, - 0x95, 0x01, 0xff, 0xe5, 0xc2, 0x50, 0xc7, 0x14, 0x42, 0x35, 0x98, 0xdd, 0x16, 0xf3, 0x2d, 0x18, - 0x25, 0x34, 0x57, 0x5c, 0x7e, 0xc5, 0xcb, 0xb0, 0x95, 0x41, 0xa7, 0x68, 0x1a, 0x3c, 0x0f, 0x4d, - 0xe8, 0x11, 0x29, 0xb7, 0xba, 0xd8, 0x3c, 0x65, 0x72, 0x99, 0x29, 0x1e, 0x12, 0x4e, 0x43, 0xed, - 0x6e, 0xeb, 0xd7, 0xb1, 0x37, 0x95, 0x6e, 0xb7, 0x94, 0xea, 0x56, 0x94, 0x6a, 0xaa, 0x56, 0x0c, - 0x6c, 0x2b, 0x3a, 0x07, 0xf8, 0x43, 0xf0, 0x03, 0x16, 0x07, 0x8c, 0x89, 0xf3, 0x54, 0xcd, 0xd3, - 0x45, 0xa4, 0xb8, 0xe6, 0x8f, 0xcc, 0x4a, 0x8b, 0xb0, 0x09, 0x56, 0x06, 0xfc, 0x87, 0x0b, 0x6f, - 0x56, 0x2e, 0x84, 0x9f, 0x9d, 0xf3, 0x5c, 0x1d, 0x8b, 0x28, 0x45, 0xef, 0xc1, 0x9e, 0x85, 0xcd, - 0x9b, 0xd5, 0x69, 0x59, 0x2b, 0x9c, 0xed, 0xe0, 0xbc, 0x6c, 0x6d, 0xcb, 0x8a, 0xee, 0xc3, 0xcd, - 0xa6, 0x67, 0x95, 0x8f, 0x6d, 0xdc, 0x55, 0xc7, 0xf8, 0x57, 0x17, 0x6e, 0x76, 0x34, 0x06, 0x66, - 0x0e, 0x37, 0x76, 0xef, 0x0e, 0x5c, 0x97, 0x16, 0xdc, 0x92, 0xd6, 0x36, 0xeb, 0x2a, 0xb7, 0xfb, - 0x92, 0x17, 0xaa, 0xba, 0x07, 0xf8, 0x0b, 0xb8, 0xd1, 0xae, 0x32, 0xe1, 0x0b, 0xf1, 0x33, 0x5f, - 0x53, 0x0b, 0x77, 0x5d, 0x2d, 0xf0, 0xfb, 0xe0, 0x99, 0x91, 0xb7, 0x84, 0x7a, 0x90, 0x64, 0x31, - 0x25, 0xee, 0xc1, 0x96, 0xbe, 0x2b, 0xc5, 0x16, 0xff, 0x08, 0x6f, 0x04, 0x2c, 0x7e, 0xdc, 0x96, - 0xb0, 0x31, 0xed, 0xb5, 0xc9, 0xf4, 0xae, 0x4a, 0x66, 0x09, 0xfb, 0x55, 0x32, 0xdf, 0x73, 0x99, - 0x44, 0x79, 0x1e, 0x89, 0xf4, 0xe8, 0x05, 0x4d, 0x4f, 0xf9, 0xc6, 0x38, 0x0f, 0xc0, 0xcb, 0x56, - 0x78, 0x1b, 0x61, 0x6f, 0xfa, 0xf6, 0xbd, 0xea, 0x31, 0x0b, 0x58, 0xfc, 0x24, 0xe7, 0xb2, 0x22, - 0xcd, 0x49, 0xdd, 0x03, 0x3f, 0x31, 0xd3, 0x5a, 0x28, 0x29, 0x02, 0x06, 0xe0, 0x51, 0xab, 0xc5, - 0xc8, 0xd6, 0xe5, 0xf0, 0xa6, 0xef, 0x34, 0x49, 0x3b, 0xe5, 0x20, 0x75, 0x1f, 0x7c, 0x56, 0xbf, - 0x04, 0x84, 0x27, 0x62, 0xb1, 0x39, 0x8f, 0x56, 0xc8, 0xde, 0xff, 0x08, 0xf9, 0x4b, 0x1f, 0xae, - 0x07, 0x2c, 0x3e, 0x12, 0xa9, 0xe2, 0xa9, 0xfa, 0x81, 0xc6, 0xe7, 0x1c, 0x7d, 0x0c, 0x03, 0xdb, - 0x75, 0x13, 0xd0, 0x9b, 0xbe, 0xd5, 0x64, 0x6c, 0x8c, 0xcf, 0xcc, 0x21, 0x05, 0x18, 0x7d, 0x09, - 0x3b, 0x51, 0x6d, 0xa4, 0x4c, 0x59, 0xbd, 0xe9, 0xbb, 0x1b, 0x9c, 0x2d, 0x70, 0xe6, 0x90, 0x86, - 0x23, 0x7a, 0x04, 0x9e, 0xac, 0xae, 0xb3, 0x99, 0x66, 0x6f, 0x7a, 0xb0, 0x96, 0xa7, 0x76, 0xed, - 0x67, 0x0e, 0xa9, 0xbb, 0xa1, 0x63, 0xd8, 0x95, 0xf5, 0x0b, 0x67, 0x9e, 0x31, 0x6f, 0x8a, 0x37, - 0xf1, 0x58, 0xe4, 0xcc, 0x21, 0x4d, 0x57, 0x74, 0x02, 0x7e, 0xd6, 0x1a, 0x30, 0xf3, 0xe0, 0x79, - 0xd3, 0xdb, 0x6b, 0xe9, 0xda, 0xd3, 0x38, 0x73, 0x48, 0x87, 0x00, 0x1d, 0xc1, 0x2e, 0xad, 0xb7, - 0xda, 0x3c, 0x8e, 0x57, 0x55, 0xdb, 0x42, 0xb4, 0xb2, 0x86, 0x8f, 0x26, 0x91, 0xf5, 0x31, 0x1c, - 0x0f, 0xd7, 0x91, 0x34, 0x26, 0xd5, 0xa6, 0x57, 0x33, 0x3c, 0x1c, 0xc2, 0xf6, 0x42, 0x77, 0x1e, - 0x3f, 0x36, 0x5f, 0x2e, 0x8f, 0xf4, 0xd7, 0xd0, 0xa7, 0x00, 0x74, 0x35, 0x17, 0xc5, 0x34, 0xef, - 0x37, 0x59, 0xeb, 0x43, 0x43, 0x6a, 0x68, 0x7c, 0x0c, 0x7b, 0x01, 0x8b, 0x4f, 0x96, 0x29, 0xfb, - 0x86, 0xe7, 0x39, 0x3d, 0xe5, 0xe8, 0x3e, 0x0c, 0xd9, 0x8a, 0x4a, 0x0b, 0x9c, 0x34, 0xa9, 0x34, - 0xb6, 0x41, 0x57, 0xc2, 0xf1, 0x33, 0x78, 0x7d, 0xcd, 0xb9, 0x91, 0x17, 0x86, 0xf6, 0x59, 0xca, - 0x0b, 0xce, 0x71, 0xab, 0x72, 0xab, 0xf3, 0x99, 0x43, 0x6a, 0xe8, 0x2a, 0xdd, 0x19, 0xec, 0x36, - 0x70, 0xe8, 0x13, 0xfd, 0x9c, 0x95, 0x94, 0x3a, 0xe3, 0xfa, 0xa3, 0xd0, 0xfd, 0xa9, 0x40, 0x4a, - 0xf4, 0xdd, 0xaf, 0x01, 0x75, 0xdf, 0x0c, 0x74, 0x0d, 0xfa, 0xdf, 0x8a, 0x94, 0xfb, 0x0e, 0x1a, - 0xc1, 0xf6, 0x77, 0x2f, 0x53, 0x2e, 0x7d, 0x57, 0x2f, 0x83, 0x30, 0x89, 0x52, 0xbf, 0x87, 0x00, - 0x06, 0x4f, 0x65, 0xa4, 0xb8, 0xf4, 0xb7, 0xf4, 0x5a, 0x77, 0x89, 0x4b, 0xbf, 0xff, 0xf0, 0xc1, - 0x9f, 0x17, 0x13, 0xf7, 0xd5, 0xc5, 0xc4, 0xfd, 0xe7, 0x62, 0xe2, 0xfe, 0x76, 0x39, 0x71, 0x5e, - 0x5d, 0x4e, 0x9c, 0xbf, 0x2f, 0x27, 0xce, 0xb3, 0xdb, 0xff, 0xe9, 0xd7, 0xd9, 0xf3, 0x81, 0xf9, - 0xf8, 0xe8, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x51, 0x62, 0x48, 0x8d, 0xcd, 0x09, 0x00, 0x00, + 0x14, 0xde, 0x75, 0x1c, 0x3b, 0x3e, 0x9b, 0xb8, 0x66, 0x80, 0xd6, 0x0a, 0xc5, 0x84, 0x45, 0x85, + 0xaa, 0x42, 0x0d, 0x32, 0x42, 0x54, 0x08, 0x51, 0xb6, 0x49, 0x85, 0x1d, 0x28, 0xa0, 0x89, 0x4a, + 0xa5, 0x5e, 0x31, 0x9d, 0x1d, 0xa5, 0x0b, 0xbb, 0x3b, 0x9b, 0xd9, 0xb1, 0x2b, 0x3f, 0x04, 0x12, + 0x8f, 0xc0, 0x8b, 0x70, 0xcf, 0x65, 0x6e, 0x90, 0x10, 0x57, 0x28, 0x79, 0x11, 0x34, 0x33, 0xbb, + 0xde, 0xdf, 0x58, 0x88, 0x8b, 0xc4, 0x33, 0x67, 0xce, 0xf9, 0xce, 0x77, 0x7e, 0x6d, 0xf8, 0x9c, + 0xf2, 0x28, 0xe2, 0x71, 0x9a, 0x10, 0xca, 0x0e, 0xf9, 0x8b, 0x9f, 0x18, 0x95, 0x87, 0x84, 0x86, + 0xea, 0x4f, 0x30, 0xca, 0x85, 0x9f, 0x08, 0x2e, 0xf9, 0xa1, 0xfe, 0x9f, 0x16, 0xd2, 0xfb, 0x5a, + 0x80, 0x06, 0x6b, 0x81, 0xfb, 0x9b, 0x0d, 0xbb, 0x98, 0xbc, 0xf2, 0x68, 0x88, 0xb5, 0x00, 0x8d, + 0xa1, 0x9f, 0x90, 0x55, 0xc8, 0x89, 0x3f, 0xb6, 0x0f, 0xec, 0xbb, 0xbb, 0x38, 0xbf, 0xa2, 0xdb, + 0x30, 0x48, 0x83, 0xb3, 0x98, 0xc8, 0x85, 0x60, 0xe3, 0x8e, 0x7e, 0x2b, 0x04, 0xe8, 0x1e, 0x8c, + 0x08, 0xa5, 0x2c, 0x91, 0x5c, 0xcc, 0x7d, 0x16, 0xcb, 0x40, 0xae, 0xc6, 0x5b, 0x5a, 0xa9, 0x21, + 0x47, 0x1f, 0xc2, 0x6b, 0xb9, 0xec, 0x74, 0x8d, 0xd8, 0xd5, 0xca, 0xcd, 0x07, 0xf7, 0x0b, 0x40, + 0x65, 0x86, 0xcf, 0x02, 0xf9, 0x72, 0xbe, 0x89, 0xe7, 0x10, 0x3a, 0x81, 0xaf, 0x09, 0x0e, 0x70, + 0x27, 0xf0, 0xdd, 0x73, 0x18, 0x14, 0xe1, 0xdd, 0x84, 0x5e, 0x22, 0xd8, 0x72, 0x6e, 0xac, 0x06, + 0x38, 0xbb, 0xa1, 0x7d, 0xd8, 0x09, 0x72, 0xda, 0x26, 0xb6, 0xf5, 0x1d, 0x21, 0xe8, 0xfa, 0x44, + 0x92, 0x2c, 0x1c, 0x7d, 0x56, 0xc9, 0x90, 0x41, 0xc4, 0x52, 0x49, 0xa2, 0x44, 0x53, 0xdf, 0xc2, + 0x85, 0xc0, 0xfd, 0xd3, 0x86, 0xbe, 0xf2, 0xc9, 0xb9, 0xac, 0x20, 0xdb, 0x35, 0xe4, 0xdb, 0x30, + 0x88, 0x48, 0x2a, 0x99, 0xf8, 0x9a, 0xe5, 0x6e, 0x0b, 0x81, 0x0a, 0x51, 0x17, 0x78, 0xee, 0x6b, + 0xd7, 0x03, 0x9c, 0x5f, 0x55, 0xb2, 0x59, 0x4c, 0xc5, 0x2a, 0x91, 0xcc, 0xc7, 0x8c, 0xf8, 0xca, + 0xdc, 0xe4, 0xaf, 0x21, 0xaf, 0x32, 0xdd, 0xae, 0x31, 0x55, 0xa5, 0xc8, 0xd9, 0x14, 0xa5, 0xe8, + 0x99, 0x52, 0x34, 0x1e, 0xdc, 0x8f, 0x60, 0xe4, 0xd1, 0xd0, 0xa3, 0x94, 0x2f, 0x62, 0x39, 0x8f, + 0x97, 0x81, 0x64, 0x0a, 0x3f, 0xd0, 0x27, 0x45, 0xc2, 0x04, 0x58, 0x08, 0xdc, 0xdf, 0x6d, 0x78, + 0xb3, 0x30, 0xc1, 0xec, 0x7c, 0xc1, 0x52, 0x79, 0xc2, 0x83, 0x18, 0xbd, 0x0f, 0x43, 0xa3, 0x36, + 0xaf, 0x66, 0xa7, 0x26, 0x2d, 0xf4, 0x4c, 0x05, 0xe7, 0x79, 0x69, 0x6b, 0x52, 0xf4, 0x00, 0x6e, + 0x55, 0x2d, 0x8b, 0x78, 0x4c, 0xe1, 0xae, 0x7b, 0x56, 0x15, 0x8a, 0x98, 0x24, 0xba, 0xc6, 0x26, + 0x8b, 0xeb, 0xbb, 0xfb, 0x8b, 0x0d, 0xb7, 0x1a, 0xfc, 0x3d, 0xdd, 0xa3, 0x1b, 0x2b, 0x7b, 0x17, + 0x6e, 0x08, 0xa3, 0x5c, 0xa3, 0x5d, 0x17, 0xab, 0x0a, 0xd4, 0x6b, 0x96, 0x66, 0x8c, 0x9b, 0x0f, + 0xee, 0x31, 0x8c, 0x1b, 0x74, 0x8e, 0x19, 0x0d, 0x83, 0x98, 0xb5, 0xf9, 0xb4, 0x5b, 0x7d, 0xba, + 0x5f, 0xc2, 0xcd, 0x7a, 0x1d, 0x31, 0x5b, 0xf2, 0x9f, 0x59, 0x4b, 0xb6, 0xed, 0xb6, 0x6c, 0xbb, + 0x1f, 0x80, 0xa3, 0x87, 0xca, 0xd0, 0x52, 0xad, 0x2a, 0xb2, 0x3e, 0xb4, 0x0f, 0xb6, 0xd4, 0x34, + 0x66, 0x57, 0xf7, 0x47, 0x78, 0xc3, 0xa3, 0xe1, 0xe3, 0x7a, 0x20, 0x1b, 0x93, 0xd7, 0x9a, 0x92, + 0xce, 0x75, 0x29, 0x59, 0xc1, 0x7e, 0x11, 0xcc, 0xf7, 0x4c, 0x44, 0x41, 0x9a, 0x06, 0x3c, 0x3e, + 0x7a, 0x49, 0xe2, 0x33, 0xb6, 0xd1, 0xcf, 0x43, 0x70, 0x92, 0xb5, 0xbe, 0xf1, 0x30, 0x9c, 0xbe, + 0x7d, 0xbf, 0x58, 0x97, 0x1e, 0x0d, 0x9f, 0xa6, 0x4c, 0x14, 0xa0, 0x29, 0x2e, 0x5b, 0xb8, 0x4f, + 0xf5, 0x3c, 0x64, 0x4c, 0x32, 0x87, 0x1e, 0x38, 0xc4, 0x70, 0xd1, 0xb4, 0x55, 0x3a, 0x9c, 0xe9, + 0x3b, 0x55, 0xd0, 0x46, 0x3a, 0x70, 0xd9, 0xc6, 0x3d, 0x2f, 0x8f, 0x19, 0x66, 0x11, 0x5f, 0x6e, + 0x8e, 0xa3, 0xe6, 0xb2, 0xf3, 0x3f, 0x5c, 0xfe, 0xdd, 0x85, 0x1b, 0x1e, 0x0d, 0x8f, 0x78, 0x2c, + 0x59, 0x2c, 0x7f, 0x20, 0xe1, 0x82, 0xa1, 0x4f, 0xa0, 0x67, 0xaa, 0xae, 0x1d, 0x3a, 0xd3, 0xb7, + 0xaa, 0x88, 0x95, 0xf6, 0x99, 0x59, 0x38, 0x53, 0x46, 0x5f, 0xc1, 0x6e, 0x50, 0x6a, 0x29, 0x9d, + 0x56, 0x67, 0xfa, 0xee, 0x06, 0x63, 0xa3, 0x38, 0xb3, 0x70, 0xc5, 0x10, 0x1d, 0x83, 0x23, 0x8a, + 0x85, 0xa1, 0x67, 0xc2, 0x99, 0x1e, 0xb4, 0xe2, 0x94, 0x16, 0xcb, 0xcc, 0xc2, 0x65, 0x33, 0x74, + 0x02, 0x7b, 0xa2, 0x3c, 0xb6, 0x7a, 0xc4, 0x9d, 0xa9, 0xbb, 0x09, 0xc7, 0x68, 0xce, 0x2c, 0x5c, + 0x35, 0x45, 0xa7, 0x30, 0x4a, 0x6a, 0x0d, 0xa6, 0x57, 0xaa, 0x33, 0xbd, 0xd3, 0x0a, 0x57, 0xef, + 0xc6, 0x99, 0x85, 0x1b, 0x00, 0xe8, 0x08, 0xf6, 0x48, 0xb9, 0xd4, 0x7a, 0xfd, 0x5e, 0x97, 0x6d, + 0xa3, 0xa2, 0x98, 0x55, 0x6c, 0x14, 0x88, 0x28, 0xb7, 0xe1, 0xb8, 0xdf, 0x06, 0x52, 0xe9, 0x54, + 0x13, 0x5e, 0xb9, 0x75, 0x9f, 0xc0, 0x50, 0x54, 0x56, 0xca, 0x78, 0x47, 0xa3, 0xbc, 0xb7, 0x29, + 0x57, 0x99, 0xea, 0xcc, 0xc2, 0x35, 0xe3, 0x47, 0x7d, 0xd8, 0x5e, 0xaa, 0x46, 0x72, 0x1f, 0xeb, + 0x6f, 0xc3, 0x63, 0xf5, 0xbd, 0xf9, 0x19, 0x00, 0x59, 0xb7, 0x59, 0x36, 0x1c, 0xfb, 0x55, 0xf8, + 0x72, 0x0f, 0xe2, 0x92, 0xb6, 0x7b, 0x02, 0x43, 0x8f, 0x86, 0xa7, 0xab, 0x98, 0x3e, 0x61, 0x69, + 0x4a, 0xce, 0x18, 0x7a, 0x00, 0x7d, 0xba, 0x86, 0x52, 0x4c, 0x27, 0x55, 0x28, 0xa5, 0x5b, 0x81, + 0xcb, 0xd5, 0xdd, 0xe7, 0xf0, 0x7a, 0xcb, 0xbb, 0xa6, 0xe7, 0xfb, 0x66, 0xcb, 0xa5, 0x19, 0xe6, + 0xb8, 0x16, 0xfd, 0xfa, 0x7d, 0x66, 0xe1, 0x92, 0x76, 0x11, 0xee, 0x0c, 0xf6, 0x2a, 0x7a, 0xe8, + 0x53, 0xb5, 0x1d, 0x73, 0x48, 0x15, 0x71, 0x79, 0xc7, 0x34, 0x7f, 0xdb, 0xe0, 0x5c, 0xfb, 0xde, + 0x37, 0x80, 0x9a, 0x2b, 0x08, 0xed, 0x40, 0xf7, 0x5b, 0x1e, 0xb3, 0x91, 0x85, 0x06, 0xb0, 0xfd, + 0xdd, 0xab, 0x98, 0x89, 0x91, 0xad, 0x8e, 0x9e, 0x1f, 0x05, 0xf1, 0xa8, 0x83, 0x00, 0x7a, 0xcf, + 0x44, 0x20, 0x99, 0x18, 0x6d, 0xa9, 0xb3, 0x2a, 0x3a, 0x13, 0xa3, 0xee, 0xa3, 0x87, 0x7f, 0x5c, + 0x4e, 0xec, 0x8b, 0xcb, 0x89, 0xfd, 0xcf, 0xe5, 0xc4, 0xfe, 0xf5, 0x6a, 0x62, 0x5d, 0x5c, 0x4d, + 0xac, 0xbf, 0xae, 0x26, 0xd6, 0xf3, 0x3b, 0xff, 0xe9, 0xe7, 0xe4, 0x8b, 0x9e, 0xfe, 0xf8, 0xf8, + 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7b, 0xb3, 0x39, 0x6c, 0x7e, 0x0a, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1490,6 +1560,13 @@ func (m *AclAccountRequestJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l + if len(m.Metadata) > 0 { + i -= len(m.Metadata) + copy(dAtA[i:], m.Metadata) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Metadata))) + i-- + dAtA[i] = 0x22 + } if len(m.InviteIdentitySignature) > 0 { i -= len(m.InviteIdentitySignature) copy(dAtA[i:], m.InviteIdentitySignature) @@ -1558,6 +1635,36 @@ func (m *AclAccountRequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error) return len(dAtA) - i, nil } +func (m *AclAccountRequestDecline) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountRequestDecline) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountRequestDecline) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.RequestRecordId) > 0 { + i -= len(m.RequestRecordId) + copy(dAtA[i:], m.RequestRecordId) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.RequestRecordId))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + func (m *AclAccountInviteRevoke) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -1952,6 +2059,27 @@ func (m *AclContentValue_ReadKeyChange) MarshalToSizedBuffer(dAtA []byte) (int, } return len(dAtA) - i, nil } +func (m *AclContentValue_RequestDecline) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclContentValue_RequestDecline) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + if m.RequestDecline != nil { + { + size, err := m.RequestDecline.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintAclrecord(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x42 + } + return len(dAtA) - i, nil +} func (m *AclData) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -2254,6 +2382,10 @@ func (m *AclAccountRequestJoin) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } + l = len(m.Metadata) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } return n } @@ -2278,6 +2410,19 @@ func (m *AclAccountRequestAccept) Size() (n int) { return n } +func (m *AclAccountRequestDecline) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.RequestRecordId) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} + func (m *AclAccountInviteRevoke) Size() (n int) { if m == nil { return 0 @@ -2469,6 +2614,18 @@ func (m *AclContentValue_ReadKeyChange) Size() (n int) { } return n } +func (m *AclContentValue_RequestDecline) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.RequestDecline != nil { + l = m.RequestDecline.Size() + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} func (m *AclData) Size() (n int) { if m == nil { return 0 @@ -3463,6 +3620,40 @@ func (m *AclAccountRequestJoin) Unmarshal(dAtA []byte) error { m.InviteIdentitySignature = []byte{} } iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Metadata", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Metadata = append(m.Metadata[:0], dAtA[iNdEx:postIndex]...) + if m.Metadata == nil { + m.Metadata = []byte{} + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipAclrecord(dAtA[iNdEx:]) @@ -3634,6 +3825,88 @@ func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error { } return nil } +func (m *AclAccountRequestDecline) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountRequestDecline: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountRequestDecline: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RequestRecordId", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.RequestRecordId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func (m *AclAccountInviteRevoke) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 @@ -4495,6 +4768,41 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { } m.Value = &AclContentValue_ReadKeyChange{v} iNdEx = postIndex + case 8: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RequestDecline", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &AclAccountRequestDecline{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Value = &AclContentValue_RequestDecline{v} + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipAclrecord(dAtA[iNdEx:]) diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 2ca06396..7219aecd 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -44,6 +44,7 @@ message AclAccountRequestJoin { bytes inviteIdentity = 1; string inviteRecordId = 2; bytes inviteIdentitySignature = 3; + bytes metadata = 4; } // AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor @@ -53,6 +54,11 @@ message AclAccountRequestAccept { bytes encryptedReadKeys = 3; } +// AclAccountRequestDecline contains the reference to join record +message AclAccountRequestDecline { + string requestRecordId = 1; +} + // AclAccountInviteRevoke revokes the invite record message AclAccountInviteRevoke { string inviteRecordId = 1; @@ -96,6 +102,7 @@ message AclContentValue { AclAccountPermissionChange permissionChange = 5; AclAccountRemove accountRemove = 6; AclReadKeyChange readKeyChange = 7; + AclAccountRequestDecline requestDecline = 8; } } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index dde9ae23..496b865d 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -14,20 +14,22 @@ import ( var log = logger.NewNamedSugared("common.commonspace.acllist") var ( - ErrNoSuchUser = errors.New("no such user") - ErrFailedToDecrypt = errors.New("failed to decrypt key") - ErrUserRemoved = errors.New("user was removed from the document") - ErrDocumentForbidden = errors.New("your user was forbidden access to the document") - ErrUserAlreadyExists = errors.New("user already exists") - ErrNoSuchRecord = errors.New("no such record") - ErrNoSuchInvite = errors.New("no such invite") - ErrOldInvite = errors.New("invite is too old") - ErrInsufficientPermissions = errors.New("insufficient permissions") - ErrNoReadKey = errors.New("acl state doesn't have a read key") - ErrNoInvite = errors.New("can't delete invite record") - ErrInvalidSignature = errors.New("signature is invalid") - ErrIncorrectRoot = errors.New("incorrect root") - ErrIncorrectRecordSequence = errors.New("incorrect prev id of a record") + ErrNoSuchAccount = errors.New("no such account") + ErrIncorrectInviteKey = errors.New("incorrect invite key") + ErrIncorrectIdentity = errors.New("incorrect identity") + ErrFailedToDecrypt = errors.New("failed to decrypt key") + ErrUserRemoved = errors.New("user was removed from the document") + ErrDocumentForbidden = errors.New("your user was forbidden access to the document") + ErrUserAlreadyExists = errors.New("user already exists") + ErrNoSuchRecord = errors.New("no such record") + ErrNoSuchRequest = errors.New("no such request") + ErrNoSuchInvite = errors.New("no such invite") + ErrInsufficientPermissions = errors.New("insufficient permissions") + ErrIncorrectNumberOfAccounts = errors.New("incorrect number of accounts") + ErrNoReadKey = errors.New("acl state doesn't have a read key") + ErrInvalidSignature = errors.New("signature is invalid") + ErrIncorrectRoot = errors.New("incorrect root") + ErrIncorrectRecordSequence = errors.New("incorrect prev id of a record") ) type UserPermissionPair struct { @@ -42,6 +44,7 @@ type AclState struct { userStates map[string]AclUserState statesAtRecord map[string][]AclUserState inviteKeys map[string]crypto.PubKey + requestRecords map[string]RequestRecord key crypto.PrivKey pubKey crypto.PubKey keyStore crypto.KeyStorage @@ -60,6 +63,8 @@ func newAclStateWithKeys( userReadKeys: make(map[string]crypto.SymKey), userStates: make(map[string]AclUserState), statesAtRecord: make(map[string][]AclUserState), + inviteKeys: make(map[string]crypto.PubKey), + requestRecords: make(map[string]RequestRecord), }, nil } @@ -69,6 +74,8 @@ func newAclState(id string) *AclState { userReadKeys: make(map[string]crypto.SymKey), userStates: make(map[string]AclUserState), statesAtRecord: make(map[string][]AclUserState), + inviteKeys: make(map[string]crypto.PubKey), + requestRecords: make(map[string]RequestRecord), } } @@ -100,7 +107,7 @@ func (st *AclState) StateAtRecord(id string, pubKey crypto.PubKey) (AclUserState return perm, nil } } - return AclUserState{}, ErrNoSuchUser + return AclUserState{}, ErrNoSuchAccount } func (st *AclState) applyRecord(record *AclRecord) (err error) { @@ -229,7 +236,7 @@ func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissio } state, exists := st.userStates[mapKeyFromPubKey(chIdentity)] if !exists { - return ErrNoSuchUser + return ErrNoSuchAccount } state.Permissions = AclPermissions(ch.Permissions) return nil diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go index 97b19ac5..6ec52b28 100644 --- a/commonspace/object/acl/list/models.go +++ b/commonspace/object/acl/list/models.go @@ -16,6 +16,11 @@ type AclRecord struct { Signature []byte } +type RequestRecord struct { + RequestIdentity crypto.PubKey + RequestMetadata []byte +} + type AclUserState struct { PubKey crypto.PubKey Permissions AclPermissions diff --git a/commonspace/object/acl/list/validator.go b/commonspace/object/acl/list/validator.go index b4972732..6fa8be20 100644 --- a/commonspace/object/acl/list/validator.go +++ b/commonspace/object/acl/list/validator.go @@ -1,5 +1,147 @@ package list -type Validator interface { - Validate() +import ( + "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anyproto/any-sync/util/crypto" +) + +type ContentValidator interface { + ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error) + ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error) + ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error) + ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error) + ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error) + ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error) + ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error) + ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error) +} + +type contentValidator struct { + keyStore crypto.KeyStorage + aclState *AclState +} + +func (c *contentValidator) ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error) { + if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { + return ErrInsufficientPermissions + } + chIdentity, err := c.keyStore.PubKeyFromProto(ch.Identity) + if err != nil { + return err + } + _, exists := c.aclState.userStates[mapKeyFromPubKey(chIdentity)] + if !exists { + return ErrNoSuchAccount + } + return +} + +func (c *contentValidator) ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error) { + if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { + return ErrInsufficientPermissions + } + _, err = c.keyStore.PubKeyFromProto(ch.InviteKey) + return +} + +func (c *contentValidator) ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error) { + if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { + return ErrInsufficientPermissions + } + _, exists := c.aclState.inviteKeys[ch.InviteRecordId] + if !exists { + return ErrNoSuchInvite + } + return +} + +func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error) { + inviteKey, exists := c.aclState.inviteKeys[ch.InviteRecordId] + if !exists { + return ErrNoSuchInvite + } + inviteIdentity, err := c.keyStore.PubKeyFromProto(ch.InviteIdentity) + if err != nil { + return + } + if !authorIdentity.Equals(inviteIdentity) { + return ErrIncorrectIdentity + } + rawInviteIdentity, err := inviteIdentity.Raw() + if err != nil { + return err + } + ok, err := inviteKey.Verify(rawInviteIdentity, ch.InviteIdentitySignature) + if err != nil { + return ErrInvalidSignature + } + if !ok { + return ErrInvalidSignature + } + return +} + +func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error) { + if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { + return ErrInsufficientPermissions + } + record, exists := c.aclState.requestRecords[ch.RequestRecordId] + if !exists { + return ErrNoSuchRequest + } + acceptIdentity, err := c.keyStore.PubKeyFromProto(ch.Identity) + if err != nil { + return + } + if !acceptIdentity.Equals(record.RequestIdentity) { + return ErrIncorrectIdentity + } + return +} + +func (c *contentValidator) ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error) { + if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { + return ErrInsufficientPermissions + } + _, exists := c.aclState.requestRecords[ch.RequestRecordId] + if !exists { + return ErrNoSuchRequest + } + return +} + +func (c *contentValidator) ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error) { + if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { + return ErrInsufficientPermissions + } + identity, err := c.keyStore.PubKeyFromProto(ch.Identity) + if err != nil { + return + } + _, exists := c.aclState.userStates[mapKeyFromPubKey(identity)] + if !exists { + return ErrNoSuchAccount + } + return c.validateAccountReadKeys(ch.AccountKeys) +} + +func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error) { + return c.validateAccountReadKeys(ch.AccountKeys) +} + +func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKeys) (err error) { + if len(accountKeys) != len(c.aclState.userStates) { + return ErrIncorrectNumberOfAccounts + } + for _, encKeys := range accountKeys { + identity, err := c.keyStore.PubKeyFromProto(encKeys.Identity) + if err != nil { + return err + } + _, exists := c.aclState.userStates[mapKeyFromPubKey(identity)] + if !exists { + return ErrNoSuchAccount + } + } + return } From 7577c14d5f3570af9c9d19d2b3ec23c420c4d0e7 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Fri, 23 Jun 2023 16:16:26 +0200 Subject: [PATCH 03/17] Add state apply changes --- .../object/acl/aclrecordproto/aclrecord.pb.go | 407 ++++++++++++------ .../acl/aclrecordproto/protos/aclrecord.proto | 13 +- .../object/acl/list/aclrecordbuilder.go | 5 +- commonspace/object/acl/list/aclstate.go | 179 ++++++-- commonspace/object/acl/list/models.go | 6 +- commonspace/object/acl/list/validator.go | 5 +- 6 files changed, 428 insertions(+), 187 deletions(-) diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index d7abb519..9bb5eab4 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -449,9 +449,10 @@ func (m *AclAccountRequestJoin) GetMetadata() []byte { // AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor type AclAccountRequestAccept struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - RequestRecordId string `protobuf:"bytes,2,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"` - EncryptedReadKeys []byte `protobuf:"bytes,3,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + RequestRecordId string `protobuf:"bytes,2,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"` + EncryptedReadKeys []byte `protobuf:"bytes,3,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclAccountRequestAccept) Reset() { *m = AclAccountRequestAccept{} } @@ -508,6 +509,13 @@ func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []byte { return nil } +func (m *AclAccountRequestAccept) GetPermissions() AclUserPermissions { + if m != nil { + return m.Permissions + } + return AclUserPermissions_None +} + // AclAccountRequestDecline contains the reference to join record type AclAccountRequestDecline struct { RequestRecordId string `protobuf:"bytes,1,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"` @@ -600,7 +608,7 @@ func (m *AclAccountInviteRevoke) GetInviteRecordId() string { // AclReadKeys are all read keys in Acl type AclReadKeys struct { - ReadKey [][]byte `protobuf:"bytes,1,rep,name=readKey,proto3" json:"readKey,omitempty"` + ReadKeys map[string][]byte `protobuf:"bytes,1,rep,name=readKeys,proto3" json:"readKeys,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` } func (m *AclReadKeys) Reset() { *m = AclReadKeys{} } @@ -636,31 +644,31 @@ func (m *AclReadKeys) XXX_DiscardUnknown() { var xxx_messageInfo_AclReadKeys proto.InternalMessageInfo -func (m *AclReadKeys) GetReadKey() [][]byte { +func (m *AclReadKeys) GetReadKeys() map[string][]byte { if m != nil { - return m.ReadKey + return m.ReadKeys } return nil } -// AclEncryptedReadKeys are all keys for specific identity -type AclEncryptedReadKeys struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptedReadKeys []byte `protobuf:"bytes,2,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` +// AclEncryptedReadKeys are new key for specific identity +type AclEncryptedReadKey struct { + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + EncryptedReadKey []byte `protobuf:"bytes,2,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` } -func (m *AclEncryptedReadKeys) Reset() { *m = AclEncryptedReadKeys{} } -func (m *AclEncryptedReadKeys) String() string { return proto.CompactTextString(m) } -func (*AclEncryptedReadKeys) ProtoMessage() {} -func (*AclEncryptedReadKeys) Descriptor() ([]byte, []int) { +func (m *AclEncryptedReadKey) Reset() { *m = AclEncryptedReadKey{} } +func (m *AclEncryptedReadKey) String() string { return proto.CompactTextString(m) } +func (*AclEncryptedReadKey) ProtoMessage() {} +func (*AclEncryptedReadKey) Descriptor() ([]byte, []int) { return fileDescriptor_c8e9f754f34e929b, []int{10} } -func (m *AclEncryptedReadKeys) XXX_Unmarshal(b []byte) error { +func (m *AclEncryptedReadKey) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) } -func (m *AclEncryptedReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { +func (m *AclEncryptedReadKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { if deterministic { - return xxx_messageInfo_AclEncryptedReadKeys.Marshal(b, m, deterministic) + return xxx_messageInfo_AclEncryptedReadKey.Marshal(b, m, deterministic) } else { b = b[:cap(b)] n, err := m.MarshalToSizedBuffer(b) @@ -670,28 +678,28 @@ func (m *AclEncryptedReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte return b[:n], nil } } -func (m *AclEncryptedReadKeys) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclEncryptedReadKeys.Merge(m, src) +func (m *AclEncryptedReadKey) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclEncryptedReadKey.Merge(m, src) } -func (m *AclEncryptedReadKeys) XXX_Size() int { +func (m *AclEncryptedReadKey) XXX_Size() int { return m.Size() } -func (m *AclEncryptedReadKeys) XXX_DiscardUnknown() { - xxx_messageInfo_AclEncryptedReadKeys.DiscardUnknown(m) +func (m *AclEncryptedReadKey) XXX_DiscardUnknown() { + xxx_messageInfo_AclEncryptedReadKey.DiscardUnknown(m) } -var xxx_messageInfo_AclEncryptedReadKeys proto.InternalMessageInfo +var xxx_messageInfo_AclEncryptedReadKey proto.InternalMessageInfo -func (m *AclEncryptedReadKeys) GetIdentity() []byte { +func (m *AclEncryptedReadKey) GetIdentity() []byte { if m != nil { return m.Identity } return nil } -func (m *AclEncryptedReadKeys) GetEncryptedReadKeys() []byte { +func (m *AclEncryptedReadKey) GetEncryptedReadKey() []byte { if m != nil { - return m.EncryptedReadKeys + return m.EncryptedReadKey } return nil } @@ -751,7 +759,7 @@ func (m *AclAccountPermissionChange) GetPermissions() AclUserPermissions { // AclReadKeyChange changes the key for a space type AclReadKeyChange struct { - AccountKeys []*AclEncryptedReadKeys `protobuf:"bytes,1,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"` + AccountKeys []*AclEncryptedReadKey `protobuf:"bytes,1,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"` } func (m *AclReadKeyChange) Reset() { *m = AclReadKeyChange{} } @@ -787,7 +795,7 @@ func (m *AclReadKeyChange) XXX_DiscardUnknown() { var xxx_messageInfo_AclReadKeyChange proto.InternalMessageInfo -func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKeys { +func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKey { if m != nil { return m.AccountKeys } @@ -796,8 +804,8 @@ func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKeys { // AclAccountRemove removes an account and changes read key for space type AclAccountRemove struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - AccountKeys []*AclEncryptedReadKeys `protobuf:"bytes,2,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"` + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + AccountKeys []*AclEncryptedReadKey `protobuf:"bytes,2,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"` } func (m *AclAccountRemove) Reset() { *m = AclAccountRemove{} } @@ -840,7 +848,7 @@ func (m *AclAccountRemove) GetIdentity() []byte { return nil } -func (m *AclAccountRemove) GetAccountKeys() []*AclEncryptedReadKeys { +func (m *AclAccountRemove) GetAccountKeys() []*AclEncryptedReadKey { if m != nil { return m.AccountKeys } @@ -1231,7 +1239,8 @@ func init() { proto.RegisterType((*AclAccountRequestDecline)(nil), "aclrecord.AclAccountRequestDecline") proto.RegisterType((*AclAccountInviteRevoke)(nil), "aclrecord.AclAccountInviteRevoke") proto.RegisterType((*AclReadKeys)(nil), "aclrecord.AclReadKeys") - proto.RegisterType((*AclEncryptedReadKeys)(nil), "aclrecord.AclEncryptedReadKeys") + proto.RegisterMapType((map[string][]byte)(nil), "aclrecord.AclReadKeys.ReadKeysEntry") + proto.RegisterType((*AclEncryptedReadKey)(nil), "aclrecord.AclEncryptedReadKey") proto.RegisterType((*AclAccountPermissionChange)(nil), "aclrecord.AclAccountPermissionChange") proto.RegisterType((*AclReadKeyChange)(nil), "aclrecord.AclReadKeyChange") proto.RegisterType((*AclAccountRemove)(nil), "aclrecord.AclAccountRemove") @@ -1247,67 +1256,70 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 958 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45, - 0x14, 0xde, 0x75, 0x1c, 0x3b, 0x3e, 0x9b, 0xb8, 0x66, 0x80, 0xd6, 0x0a, 0xc5, 0x84, 0x45, 0x85, - 0xaa, 0x42, 0x0d, 0x32, 0x42, 0x54, 0x08, 0x51, 0xb6, 0x49, 0x85, 0x1d, 0x28, 0xa0, 0x89, 0x4a, - 0xa5, 0x5e, 0x31, 0x9d, 0x1d, 0xa5, 0x0b, 0xbb, 0x3b, 0x9b, 0xd9, 0xb1, 0x2b, 0x3f, 0x04, 0x12, - 0x8f, 0xc0, 0x8b, 0x70, 0xcf, 0x65, 0x6e, 0x90, 0x10, 0x57, 0x28, 0x79, 0x11, 0x34, 0x33, 0xbb, - 0xde, 0xdf, 0x58, 0x88, 0x8b, 0xc4, 0x33, 0x67, 0xce, 0xf9, 0xce, 0x77, 0x7e, 0x6d, 0xf8, 0x9c, - 0xf2, 0x28, 0xe2, 0x71, 0x9a, 0x10, 0xca, 0x0e, 0xf9, 0x8b, 0x9f, 0x18, 0x95, 0x87, 0x84, 0x86, - 0xea, 0x4f, 0x30, 0xca, 0x85, 0x9f, 0x08, 0x2e, 0xf9, 0xa1, 0xfe, 0x9f, 0x16, 0xd2, 0xfb, 0x5a, - 0x80, 0x06, 0x6b, 0x81, 0xfb, 0x9b, 0x0d, 0xbb, 0x98, 0xbc, 0xf2, 0x68, 0x88, 0xb5, 0x00, 0x8d, - 0xa1, 0x9f, 0x90, 0x55, 0xc8, 0x89, 0x3f, 0xb6, 0x0f, 0xec, 0xbb, 0xbb, 0x38, 0xbf, 0xa2, 0xdb, - 0x30, 0x48, 0x83, 0xb3, 0x98, 0xc8, 0x85, 0x60, 0xe3, 0x8e, 0x7e, 0x2b, 0x04, 0xe8, 0x1e, 0x8c, - 0x08, 0xa5, 0x2c, 0x91, 0x5c, 0xcc, 0x7d, 0x16, 0xcb, 0x40, 0xae, 0xc6, 0x5b, 0x5a, 0xa9, 0x21, - 0x47, 0x1f, 0xc2, 0x6b, 0xb9, 0xec, 0x74, 0x8d, 0xd8, 0xd5, 0xca, 0xcd, 0x07, 0xf7, 0x0b, 0x40, - 0x65, 0x86, 0xcf, 0x02, 0xf9, 0x72, 0xbe, 0x89, 0xe7, 0x10, 0x3a, 0x81, 0xaf, 0x09, 0x0e, 0x70, - 0x27, 0xf0, 0xdd, 0x73, 0x18, 0x14, 0xe1, 0xdd, 0x84, 0x5e, 0x22, 0xd8, 0x72, 0x6e, 0xac, 0x06, - 0x38, 0xbb, 0xa1, 0x7d, 0xd8, 0x09, 0x72, 0xda, 0x26, 0xb6, 0xf5, 0x1d, 0x21, 0xe8, 0xfa, 0x44, - 0x92, 0x2c, 0x1c, 0x7d, 0x56, 0xc9, 0x90, 0x41, 0xc4, 0x52, 0x49, 0xa2, 0x44, 0x53, 0xdf, 0xc2, - 0x85, 0xc0, 0xfd, 0xd3, 0x86, 0xbe, 0xf2, 0xc9, 0xb9, 0xac, 0x20, 0xdb, 0x35, 0xe4, 0xdb, 0x30, - 0x88, 0x48, 0x2a, 0x99, 0xf8, 0x9a, 0xe5, 0x6e, 0x0b, 0x81, 0x0a, 0x51, 0x17, 0x78, 0xee, 0x6b, - 0xd7, 0x03, 0x9c, 0x5f, 0x55, 0xb2, 0x59, 0x4c, 0xc5, 0x2a, 0x91, 0xcc, 0xc7, 0x8c, 0xf8, 0xca, - 0xdc, 0xe4, 0xaf, 0x21, 0xaf, 0x32, 0xdd, 0xae, 0x31, 0x55, 0xa5, 0xc8, 0xd9, 0x14, 0xa5, 0xe8, - 0x99, 0x52, 0x34, 0x1e, 0xdc, 0x8f, 0x60, 0xe4, 0xd1, 0xd0, 0xa3, 0x94, 0x2f, 0x62, 0x39, 0x8f, - 0x97, 0x81, 0x64, 0x0a, 0x3f, 0xd0, 0x27, 0x45, 0xc2, 0x04, 0x58, 0x08, 0xdc, 0xdf, 0x6d, 0x78, - 0xb3, 0x30, 0xc1, 0xec, 0x7c, 0xc1, 0x52, 0x79, 0xc2, 0x83, 0x18, 0xbd, 0x0f, 0x43, 0xa3, 0x36, - 0xaf, 0x66, 0xa7, 0x26, 0x2d, 0xf4, 0x4c, 0x05, 0xe7, 0x79, 0x69, 0x6b, 0x52, 0xf4, 0x00, 0x6e, - 0x55, 0x2d, 0x8b, 0x78, 0x4c, 0xe1, 0xae, 0x7b, 0x56, 0x15, 0x8a, 0x98, 0x24, 0xba, 0xc6, 0x26, - 0x8b, 0xeb, 0xbb, 0xfb, 0x8b, 0x0d, 0xb7, 0x1a, 0xfc, 0x3d, 0xdd, 0xa3, 0x1b, 0x2b, 0x7b, 0x17, - 0x6e, 0x08, 0xa3, 0x5c, 0xa3, 0x5d, 0x17, 0xab, 0x0a, 0xd4, 0x6b, 0x96, 0x66, 0x8c, 0x9b, 0x0f, - 0xee, 0x31, 0x8c, 0x1b, 0x74, 0x8e, 0x19, 0x0d, 0x83, 0x98, 0xb5, 0xf9, 0xb4, 0x5b, 0x7d, 0xba, - 0x5f, 0xc2, 0xcd, 0x7a, 0x1d, 0x31, 0x5b, 0xf2, 0x9f, 0x59, 0x4b, 0xb6, 0xed, 0xb6, 0x6c, 0xbb, - 0x1f, 0x80, 0xa3, 0x87, 0xca, 0xd0, 0x52, 0xad, 0x2a, 0xb2, 0x3e, 0xb4, 0x0f, 0xb6, 0xd4, 0x34, - 0x66, 0x57, 0xf7, 0x47, 0x78, 0xc3, 0xa3, 0xe1, 0xe3, 0x7a, 0x20, 0x1b, 0x93, 0xd7, 0x9a, 0x92, - 0xce, 0x75, 0x29, 0x59, 0xc1, 0x7e, 0x11, 0xcc, 0xf7, 0x4c, 0x44, 0x41, 0x9a, 0x06, 0x3c, 0x3e, - 0x7a, 0x49, 0xe2, 0x33, 0xb6, 0xd1, 0xcf, 0x43, 0x70, 0x92, 0xb5, 0xbe, 0xf1, 0x30, 0x9c, 0xbe, - 0x7d, 0xbf, 0x58, 0x97, 0x1e, 0x0d, 0x9f, 0xa6, 0x4c, 0x14, 0xa0, 0x29, 0x2e, 0x5b, 0xb8, 0x4f, - 0xf5, 0x3c, 0x64, 0x4c, 0x32, 0x87, 0x1e, 0x38, 0xc4, 0x70, 0xd1, 0xb4, 0x55, 0x3a, 0x9c, 0xe9, - 0x3b, 0x55, 0xd0, 0x46, 0x3a, 0x70, 0xd9, 0xc6, 0x3d, 0x2f, 0x8f, 0x19, 0x66, 0x11, 0x5f, 0x6e, - 0x8e, 0xa3, 0xe6, 0xb2, 0xf3, 0x3f, 0x5c, 0xfe, 0xdd, 0x85, 0x1b, 0x1e, 0x0d, 0x8f, 0x78, 0x2c, - 0x59, 0x2c, 0x7f, 0x20, 0xe1, 0x82, 0xa1, 0x4f, 0xa0, 0x67, 0xaa, 0xae, 0x1d, 0x3a, 0xd3, 0xb7, - 0xaa, 0x88, 0x95, 0xf6, 0x99, 0x59, 0x38, 0x53, 0x46, 0x5f, 0xc1, 0x6e, 0x50, 0x6a, 0x29, 0x9d, - 0x56, 0x67, 0xfa, 0xee, 0x06, 0x63, 0xa3, 0x38, 0xb3, 0x70, 0xc5, 0x10, 0x1d, 0x83, 0x23, 0x8a, - 0x85, 0xa1, 0x67, 0xc2, 0x99, 0x1e, 0xb4, 0xe2, 0x94, 0x16, 0xcb, 0xcc, 0xc2, 0x65, 0x33, 0x74, - 0x02, 0x7b, 0xa2, 0x3c, 0xb6, 0x7a, 0xc4, 0x9d, 0xa9, 0xbb, 0x09, 0xc7, 0x68, 0xce, 0x2c, 0x5c, - 0x35, 0x45, 0xa7, 0x30, 0x4a, 0x6a, 0x0d, 0xa6, 0x57, 0xaa, 0x33, 0xbd, 0xd3, 0x0a, 0x57, 0xef, - 0xc6, 0x99, 0x85, 0x1b, 0x00, 0xe8, 0x08, 0xf6, 0x48, 0xb9, 0xd4, 0x7a, 0xfd, 0x5e, 0x97, 0x6d, - 0xa3, 0xa2, 0x98, 0x55, 0x6c, 0x14, 0x88, 0x28, 0xb7, 0xe1, 0xb8, 0xdf, 0x06, 0x52, 0xe9, 0x54, - 0x13, 0x5e, 0xb9, 0x75, 0x9f, 0xc0, 0x50, 0x54, 0x56, 0xca, 0x78, 0x47, 0xa3, 0xbc, 0xb7, 0x29, - 0x57, 0x99, 0xea, 0xcc, 0xc2, 0x35, 0xe3, 0x47, 0x7d, 0xd8, 0x5e, 0xaa, 0x46, 0x72, 0x1f, 0xeb, - 0x6f, 0xc3, 0x63, 0xf5, 0xbd, 0xf9, 0x19, 0x00, 0x59, 0xb7, 0x59, 0x36, 0x1c, 0xfb, 0x55, 0xf8, - 0x72, 0x0f, 0xe2, 0x92, 0xb6, 0x7b, 0x02, 0x43, 0x8f, 0x86, 0xa7, 0xab, 0x98, 0x3e, 0x61, 0x69, - 0x4a, 0xce, 0x18, 0x7a, 0x00, 0x7d, 0xba, 0x86, 0x52, 0x4c, 0x27, 0x55, 0x28, 0xa5, 0x5b, 0x81, - 0xcb, 0xd5, 0xdd, 0xe7, 0xf0, 0x7a, 0xcb, 0xbb, 0xa6, 0xe7, 0xfb, 0x66, 0xcb, 0xa5, 0x19, 0xe6, - 0xb8, 0x16, 0xfd, 0xfa, 0x7d, 0x66, 0xe1, 0x92, 0x76, 0x11, 0xee, 0x0c, 0xf6, 0x2a, 0x7a, 0xe8, - 0x53, 0xb5, 0x1d, 0x73, 0x48, 0x15, 0x71, 0x79, 0xc7, 0x34, 0x7f, 0xdb, 0xe0, 0x5c, 0xfb, 0xde, - 0x37, 0x80, 0x9a, 0x2b, 0x08, 0xed, 0x40, 0xf7, 0x5b, 0x1e, 0xb3, 0x91, 0x85, 0x06, 0xb0, 0xfd, - 0xdd, 0xab, 0x98, 0x89, 0x91, 0xad, 0x8e, 0x9e, 0x1f, 0x05, 0xf1, 0xa8, 0x83, 0x00, 0x7a, 0xcf, - 0x44, 0x20, 0x99, 0x18, 0x6d, 0xa9, 0xb3, 0x2a, 0x3a, 0x13, 0xa3, 0xee, 0xa3, 0x87, 0x7f, 0x5c, - 0x4e, 0xec, 0x8b, 0xcb, 0x89, 0xfd, 0xcf, 0xe5, 0xc4, 0xfe, 0xf5, 0x6a, 0x62, 0x5d, 0x5c, 0x4d, - 0xac, 0xbf, 0xae, 0x26, 0xd6, 0xf3, 0x3b, 0xff, 0xe9, 0xe7, 0xe4, 0x8b, 0x9e, 0xfe, 0xf8, 0xf8, - 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7b, 0xb3, 0x39, 0x6c, 0x7e, 0x0a, 0x00, 0x00, + // 1005 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdf, 0x6e, 0x1b, 0xc5, + 0x17, 0xde, 0xb5, 0x1d, 0x3b, 0x3e, 0x9b, 0xb8, 0xfe, 0xcd, 0x0f, 0x5a, 0x2b, 0x14, 0x2b, 0x2c, + 0x14, 0x45, 0x15, 0x4a, 0x90, 0x11, 0x22, 0x2a, 0x88, 0x66, 0x9b, 0x44, 0xd8, 0x81, 0x02, 0x9a, + 0x00, 0x95, 0x2a, 0x71, 0x31, 0x9d, 0x1d, 0xa5, 0x4b, 0xf7, 0x5f, 0x67, 0x27, 0xae, 0xfc, 0x0e, + 0x5c, 0xf0, 0x08, 0xbc, 0x08, 0xf7, 0x5c, 0xa1, 0xde, 0x20, 0x21, 0xae, 0x50, 0xf2, 0x22, 0x68, + 0x66, 0xf6, 0xff, 0x6e, 0x2d, 0x7a, 0xd1, 0x66, 0xe6, 0xcc, 0x39, 0xdf, 0x7c, 0xe7, 0x7c, 0x67, + 0xce, 0x1a, 0x3e, 0xa3, 0x51, 0x10, 0x44, 0x61, 0x12, 0x13, 0xca, 0x0e, 0xa2, 0x27, 0x3f, 0x31, + 0x2a, 0x0e, 0x08, 0xf5, 0xe5, 0x3f, 0xce, 0x68, 0xc4, 0xdd, 0x98, 0x47, 0x22, 0x3a, 0x50, 0xff, + 0x27, 0x85, 0x75, 0x5f, 0x19, 0xd0, 0x30, 0x37, 0xd8, 0xbf, 0x9a, 0xb0, 0x85, 0xc9, 0x0b, 0x87, + 0xfa, 0x58, 0x19, 0xd0, 0x04, 0x06, 0x31, 0x59, 0xf9, 0x11, 0x71, 0x27, 0xe6, 0xae, 0xb9, 0xb7, + 0x85, 0xb3, 0x2d, 0xba, 0x0d, 0xc3, 0xc4, 0xbb, 0x08, 0x89, 0xb8, 0xe4, 0x6c, 0xd2, 0x51, 0x67, + 0x85, 0x01, 0xdd, 0x85, 0x31, 0xa1, 0x94, 0xc5, 0x22, 0xe2, 0x0b, 0x97, 0x85, 0xc2, 0x13, 0xab, + 0x49, 0x57, 0x39, 0x35, 0xec, 0xe8, 0x03, 0xf8, 0x5f, 0x66, 0x3b, 0xcf, 0x11, 0x7b, 0xca, 0xb9, + 0x79, 0x60, 0x7f, 0x0e, 0xa8, 0xcc, 0xf0, 0x91, 0x27, 0x9e, 0x2e, 0xd6, 0xf1, 0x1c, 0x41, 0xc7, + 0x73, 0x15, 0xc1, 0x21, 0xee, 0x78, 0xae, 0xfd, 0x1c, 0x86, 0x45, 0x7a, 0x37, 0xa1, 0x1f, 0x73, + 0xb6, 0x5c, 0xe8, 0xa8, 0x21, 0x4e, 0x77, 0x68, 0x07, 0x36, 0xbd, 0x8c, 0xb6, 0xce, 0x2d, 0xdf, + 0x23, 0x04, 0x3d, 0x97, 0x08, 0x92, 0xa6, 0xa3, 0xd6, 0xb2, 0x18, 0xc2, 0x0b, 0x58, 0x22, 0x48, + 0x10, 0x2b, 0xea, 0x5d, 0x5c, 0x18, 0xec, 0x3f, 0x4d, 0x18, 0xc8, 0x3b, 0xa3, 0x48, 0x54, 0x90, + 0xcd, 0x1a, 0xf2, 0x6d, 0x18, 0x06, 0x24, 0x11, 0x8c, 0x7f, 0xc9, 0xb2, 0x6b, 0x0b, 0x83, 0x4c, + 0x51, 0x09, 0xbc, 0x70, 0xd5, 0xd5, 0x43, 0x9c, 0x6d, 0x65, 0xb1, 0x59, 0x48, 0xf9, 0x2a, 0x16, + 0xcc, 0xc5, 0x8c, 0xb8, 0x32, 0x5c, 0xd7, 0xaf, 0x61, 0xaf, 0x32, 0xdd, 0xa8, 0x31, 0x95, 0x52, + 0x64, 0x6c, 0x0a, 0x29, 0xfa, 0x5a, 0x8a, 0xc6, 0x81, 0xfd, 0x21, 0x8c, 0x1d, 0xea, 0x3b, 0x94, + 0x46, 0x97, 0xa1, 0x58, 0x84, 0x4b, 0x4f, 0x30, 0x89, 0xef, 0xa9, 0x95, 0x24, 0xa1, 0x13, 0x2c, + 0x0c, 0xf6, 0x6f, 0x26, 0xbc, 0x59, 0x84, 0x60, 0xf6, 0xfc, 0x92, 0x25, 0xe2, 0x2c, 0xf2, 0x42, + 0xf4, 0x3e, 0x8c, 0xb4, 0xdb, 0xa2, 0x5a, 0x9d, 0x9a, 0xb5, 0xf0, 0xd3, 0x0a, 0x2e, 0x32, 0x69, + 0x6b, 0x56, 0x74, 0x08, 0xb7, 0xaa, 0x91, 0x45, 0x3e, 0x5a, 0xb8, 0x57, 0x1d, 0x4b, 0x85, 0x02, + 0x26, 0x88, 0xd2, 0x58, 0x57, 0x31, 0xdf, 0xdb, 0x7f, 0x98, 0x70, 0xab, 0xc1, 0xdf, 0x51, 0x3d, + 0xba, 0x56, 0xd9, 0x3d, 0xb8, 0xc1, 0xb5, 0x73, 0x8d, 0x76, 0xdd, 0x2c, 0x15, 0xa8, 0x6b, 0x96, + 0xa4, 0x8c, 0x9b, 0x07, 0xe8, 0x3e, 0x58, 0x31, 0xe3, 0x81, 0x97, 0x24, 0x5e, 0x14, 0x26, 0x8a, + 0xee, 0x68, 0xf6, 0xf6, 0x7e, 0xf1, 0xc2, 0x1d, 0xea, 0x7f, 0x9f, 0x30, 0xfe, 0x6d, 0xe1, 0x84, + 0xcb, 0x11, 0xf6, 0x09, 0x4c, 0x1a, 0xf9, 0x9c, 0x30, 0xea, 0x7b, 0x21, 0x6b, 0x23, 0x6d, 0xb6, + 0x92, 0xb6, 0x8f, 0xe0, 0x66, 0xbd, 0x11, 0x30, 0x5b, 0x46, 0xcf, 0x58, 0x8b, 0x5c, 0x66, 0x9b, + 0x5c, 0xf6, 0xcf, 0x26, 0x58, 0xea, 0x59, 0xa6, 0x89, 0x1d, 0xc1, 0x26, 0xcf, 0xb2, 0x37, 0x77, + 0xbb, 0x7b, 0xd6, 0xec, 0xbd, 0x6a, 0x56, 0x99, 0xe7, 0x7e, 0xb6, 0x38, 0x0d, 0x05, 0x5f, 0xe1, + 0x3c, 0x6a, 0xe7, 0x53, 0xd8, 0xae, 0x1c, 0xa1, 0x31, 0x74, 0x9f, 0xa5, 0x3d, 0x39, 0xc4, 0x72, + 0x89, 0xde, 0x80, 0x8d, 0x25, 0xf1, 0x2f, 0xb3, 0xf1, 0xa5, 0x37, 0xf7, 0x3a, 0x87, 0xa6, 0xfd, + 0x23, 0xfc, 0xdf, 0xa1, 0xfe, 0x69, 0xfd, 0xf1, 0xac, 0x93, 0xb8, 0xed, 0x11, 0x76, 0xda, 0x1f, + 0xa1, 0xbd, 0x82, 0x9d, 0xa2, 0x5e, 0x85, 0x36, 0xc7, 0x4f, 0x49, 0x78, 0xc1, 0xd6, 0xde, 0x52, + 0x13, 0xbc, 0xf3, 0xda, 0x82, 0x7f, 0xa7, 0xde, 0x6c, 0x4a, 0x24, 0xbd, 0xf0, 0x08, 0x2c, 0xa2, + 0xb9, 0x94, 0xea, 0x3d, 0xad, 0x82, 0xd6, 0x6b, 0x81, 0xcb, 0x21, 0x76, 0x5c, 0x9e, 0x04, 0x98, + 0x05, 0xd1, 0x72, 0x7d, 0x1a, 0xb5, 0x1b, 0x3b, 0xaf, 0x7f, 0xe3, 0xdf, 0x3d, 0xb8, 0xe1, 0x50, + 0xff, 0x38, 0x0a, 0x05, 0x0b, 0xc5, 0x0f, 0x52, 0x39, 0xf4, 0x31, 0xf4, 0x75, 0x5b, 0xa9, 0xfb, + 0xac, 0xd9, 0x5b, 0x55, 0xc0, 0x4a, 0x7f, 0xce, 0x0d, 0x9c, 0x3a, 0xa3, 0x2f, 0x60, 0xcb, 0x2b, + 0xf5, 0xac, 0x2a, 0xaa, 0x35, 0x7b, 0x67, 0x4d, 0xb0, 0x76, 0x9c, 0x1b, 0xb8, 0x12, 0x88, 0x4e, + 0xc0, 0xe2, 0xc5, 0x48, 0x53, 0xaf, 0xd6, 0x9a, 0xed, 0xb6, 0xe2, 0x94, 0x46, 0xdf, 0xdc, 0xc0, + 0xe5, 0x30, 0x74, 0x06, 0xdb, 0xbc, 0x3c, 0x58, 0xd4, 0xab, 0xb6, 0x66, 0xf6, 0x3a, 0x1c, 0xed, + 0x39, 0x37, 0x70, 0x35, 0x14, 0x9d, 0xc3, 0x38, 0xae, 0xb5, 0x97, 0x1a, 0xfa, 0xd6, 0xec, 0x4e, + 0x2b, 0x5c, 0xbd, 0x17, 0xe7, 0x06, 0x6e, 0x00, 0xa0, 0x63, 0xd8, 0x26, 0x65, 0xa5, 0xd5, 0x07, + 0xe2, 0x55, 0xd5, 0xd6, 0x2e, 0x92, 0x59, 0x25, 0x46, 0x82, 0xf0, 0x72, 0x13, 0x4e, 0x06, 0x6d, + 0x20, 0x95, 0x3e, 0xd5, 0xe9, 0x95, 0x1b, 0xf7, 0x21, 0x8c, 0x78, 0x65, 0x66, 0x4d, 0x36, 0x15, + 0xca, 0xbb, 0xeb, 0x6a, 0x95, 0xba, 0xce, 0x0d, 0x5c, 0x0b, 0x7e, 0x30, 0x48, 0xe7, 0x81, 0x7d, + 0xaa, 0xbe, 0xd7, 0x27, 0xf2, 0xcb, 0x7e, 0x0f, 0x80, 0xe4, 0x6d, 0x96, 0x3e, 0x8d, 0x9d, 0x2a, + 0x7c, 0xb9, 0x07, 0x71, 0xc9, 0xdb, 0x3e, 0x83, 0x91, 0x43, 0xfd, 0xf3, 0x55, 0x48, 0x1f, 0xb2, + 0x24, 0x21, 0x17, 0x0c, 0x1d, 0xc2, 0x80, 0xe6, 0x50, 0x66, 0xb3, 0xe7, 0xa5, 0x6f, 0x05, 0x2e, + 0x73, 0xb7, 0x1f, 0xab, 0x89, 0x54, 0x3f, 0x57, 0xf4, 0x5c, 0x57, 0x8f, 0xd1, 0x24, 0xc5, 0x9c, + 0xd4, 0xb2, 0xcf, 0xcf, 0xe7, 0x06, 0x2e, 0x79, 0x17, 0xe9, 0xce, 0x61, 0xbb, 0xe2, 0x87, 0x3e, + 0x81, 0x01, 0xcf, 0x21, 0x65, 0xc6, 0xe5, 0x09, 0xd3, 0xfc, 0xf5, 0x85, 0x33, 0xef, 0xbb, 0x5f, + 0x01, 0x6a, 0x0e, 0x20, 0xb4, 0x09, 0xbd, 0xaf, 0xa3, 0x90, 0x8d, 0x0d, 0x34, 0x84, 0x8d, 0x6f, + 0x5e, 0x84, 0x8c, 0x8f, 0x4d, 0xb9, 0x74, 0xdc, 0xc0, 0x0b, 0xc7, 0x1d, 0x04, 0xd0, 0x7f, 0xc4, + 0x3d, 0xc1, 0xf8, 0xb8, 0x2b, 0xd7, 0x52, 0x74, 0xc6, 0xc7, 0xbd, 0x07, 0xf7, 0x7f, 0xbf, 0x9a, + 0x9a, 0x2f, 0xaf, 0xa6, 0xe6, 0x3f, 0x57, 0x53, 0xf3, 0x97, 0xeb, 0xa9, 0xf1, 0xf2, 0x7a, 0x6a, + 0xfc, 0x75, 0x3d, 0x35, 0x1e, 0xdf, 0xf9, 0x4f, 0x3f, 0x78, 0x9f, 0xf4, 0xd5, 0x9f, 0x8f, 0xfe, + 0x0d, 0x00, 0x00, 0xff, 0xff, 0xf9, 0x8e, 0x57, 0x42, 0x20, 0x0b, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1611,6 +1623,11 @@ func (m *AclAccountRequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error) _ = i var l int _ = l + if m.Permissions != 0 { + i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) + i-- + dAtA[i] = 0x20 + } if len(m.EncryptedReadKeys) > 0 { i -= len(m.EncryptedReadKeys) copy(dAtA[i:], m.EncryptedReadKeys) @@ -1715,11 +1732,23 @@ func (m *AclReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - if len(m.ReadKey) > 0 { - for iNdEx := len(m.ReadKey) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.ReadKey[iNdEx]) - copy(dAtA[i:], m.ReadKey[iNdEx]) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKey[iNdEx]))) + if len(m.ReadKeys) > 0 { + for k := range m.ReadKeys { + v := m.ReadKeys[k] + baseI := i + if len(v) > 0 { + i -= len(v) + copy(dAtA[i:], v) + i = encodeVarintAclrecord(dAtA, i, uint64(len(v))) + i-- + dAtA[i] = 0x12 + } + i -= len(k) + copy(dAtA[i:], k) + i = encodeVarintAclrecord(dAtA, i, uint64(len(k))) + i-- + dAtA[i] = 0xa + i = encodeVarintAclrecord(dAtA, i, uint64(baseI-i)) i-- dAtA[i] = 0xa } @@ -1727,7 +1756,7 @@ func (m *AclReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *AclEncryptedReadKeys) Marshal() (dAtA []byte, err error) { +func (m *AclEncryptedReadKey) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) n, err := m.MarshalToSizedBuffer(dAtA[:size]) @@ -1737,20 +1766,20 @@ func (m *AclEncryptedReadKeys) Marshal() (dAtA []byte, err error) { return dAtA[:n], nil } -func (m *AclEncryptedReadKeys) MarshalTo(dAtA []byte) (int, error) { +func (m *AclEncryptedReadKey) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *AclEncryptedReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *AclEncryptedReadKey) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) _ = i var l int _ = l - if len(m.EncryptedReadKeys) > 0 { - i -= len(m.EncryptedReadKeys) - copy(dAtA[i:], m.EncryptedReadKeys) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys))) + if len(m.EncryptedReadKey) > 0 { + i -= len(m.EncryptedReadKey) + copy(dAtA[i:], m.EncryptedReadKey) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey))) i-- dAtA[i] = 0x12 } @@ -2407,6 +2436,9 @@ func (m *AclAccountRequestAccept) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } + if m.Permissions != 0 { + n += 1 + sovAclrecord(uint64(m.Permissions)) + } return n } @@ -2442,16 +2474,22 @@ func (m *AclReadKeys) Size() (n int) { } var l int _ = l - if len(m.ReadKey) > 0 { - for _, b := range m.ReadKey { - l = len(b) - n += 1 + l + sovAclrecord(uint64(l)) + if len(m.ReadKeys) > 0 { + for k, v := range m.ReadKeys { + _ = k + _ = v + l = 0 + if len(v) > 0 { + l = 1 + len(v) + sovAclrecord(uint64(len(v))) + } + mapEntrySize := 1 + len(k) + sovAclrecord(uint64(len(k))) + l + n += mapEntrySize + 1 + sovAclrecord(uint64(mapEntrySize)) } } return n } -func (m *AclEncryptedReadKeys) Size() (n int) { +func (m *AclEncryptedReadKey) Size() (n int) { if m == nil { return 0 } @@ -2461,7 +2499,7 @@ func (m *AclEncryptedReadKeys) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptedReadKeys) + l = len(m.EncryptedReadKey) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } @@ -3804,6 +3842,25 @@ func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error { m.EncryptedReadKeys = []byte{} } iNdEx = postIndex + case 4: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) + } + m.Permissions = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Permissions |= AclUserPermissions(b&0x7F) << shift + if b < 0x80 { + break + } + } default: iNdEx = preIndex skippy, err := skipAclrecord(dAtA[iNdEx:]) @@ -4020,9 +4077,9 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error { switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ReadKey", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field ReadKeys", wireType) } - var byteLen int + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowAclrecord @@ -4032,23 +4089,119 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= int(b&0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } } - if byteLen < 0 { + if msglen < 0 { return ErrInvalidLengthAclrecord } - postIndex := iNdEx + byteLen + postIndex := iNdEx + msglen if postIndex < 0 { return ErrInvalidLengthAclrecord } if postIndex > l { return io.ErrUnexpectedEOF } - m.ReadKey = append(m.ReadKey, make([]byte, postIndex-iNdEx)) - copy(m.ReadKey[len(m.ReadKey)-1], dAtA[iNdEx:postIndex]) + if m.ReadKeys == nil { + m.ReadKeys = make(map[string][]byte) + } + var mapkey string + mapvalue := []byte{} + for iNdEx < postIndex { + entryPreIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + if fieldNum == 1 { + var stringLenmapkey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapkey |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapkey := int(stringLenmapkey) + if intStringLenmapkey < 0 { + return ErrInvalidLengthAclrecord + } + postStringIndexmapkey := iNdEx + intStringLenmapkey + if postStringIndexmapkey < 0 { + return ErrInvalidLengthAclrecord + } + if postStringIndexmapkey > l { + return io.ErrUnexpectedEOF + } + mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) + iNdEx = postStringIndexmapkey + } else if fieldNum == 2 { + var mapbyteLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + mapbyteLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intMapbyteLen := int(mapbyteLen) + if intMapbyteLen < 0 { + return ErrInvalidLengthAclrecord + } + postbytesIndex := iNdEx + intMapbyteLen + if postbytesIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postbytesIndex > l { + return io.ErrUnexpectedEOF + } + mapvalue = make([]byte, mapbyteLen) + copy(mapvalue, dAtA[iNdEx:postbytesIndex]) + iNdEx = postbytesIndex + } else { + iNdEx = entryPreIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > postIndex { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + m.ReadKeys[mapkey] = mapvalue iNdEx = postIndex default: iNdEx = preIndex @@ -4071,7 +4224,7 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error { } return nil } -func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error { +func (m *AclEncryptedReadKey) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -4094,10 +4247,10 @@ func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: AclEncryptedReadKeys: wiretype end group for non-group") + return fmt.Errorf("proto: AclEncryptedReadKey: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: AclEncryptedReadKeys: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: AclEncryptedReadKey: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: @@ -4136,7 +4289,7 @@ func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error { iNdEx = postIndex case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType) } var byteLen int for shift := uint(0); ; shift += 7 { @@ -4163,9 +4316,9 @@ func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.EncryptedReadKeys = append(m.EncryptedReadKeys[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptedReadKeys == nil { - m.EncryptedReadKeys = []byte{} + m.EncryptedReadKey = append(m.EncryptedReadKey[:0], dAtA[iNdEx:postIndex]...) + if m.EncryptedReadKey == nil { + m.EncryptedReadKey = []byte{} } iNdEx = postIndex default: @@ -4350,7 +4503,7 @@ func (m *AclReadKeyChange) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKeys{}) + m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKey{}) if err := m.AccountKeys[len(m.AccountKeys)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } @@ -4468,7 +4621,7 @@ func (m *AclAccountRemove) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKeys{}) + m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKey{}) if err := m.AccountKeys[len(m.AccountKeys)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 7219aecd..1fa11e59 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -52,6 +52,7 @@ message AclAccountRequestAccept { bytes identity = 1; string requestRecordId = 2; bytes encryptedReadKeys = 3; + AclUserPermissions permissions = 4; } // AclAccountRequestDecline contains the reference to join record @@ -66,13 +67,13 @@ message AclAccountInviteRevoke { // AclReadKeys are all read keys in Acl message AclReadKeys { - repeated bytes readKey = 1; + map readKeys = 1; } -// AclEncryptedReadKeys are all keys for specific identity -message AclEncryptedReadKeys { +// AclEncryptedReadKeys are new key for specific identity +message AclEncryptedReadKey { bytes identity = 1; - bytes encryptedReadKeys = 2; + bytes encryptedReadKey = 2; } // AclAccountPermissionChange changes permissions of specific account @@ -83,13 +84,13 @@ message AclAccountPermissionChange { // AclReadKeyChange changes the key for a space message AclReadKeyChange { - repeated AclEncryptedReadKeys accountKeys = 1; + repeated AclEncryptedReadKey accountKeys = 1; } // AclAccountRemove removes an account and changes read key for space message AclAccountRemove { bytes identity = 1; - repeated AclEncryptedReadKeys accountKeys = 2; + repeated AclEncryptedReadKey accountKeys = 2; } // AclContentValue contains possible values for Acl diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index a1e89560..686ef3fa 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -1,11 +1,12 @@ package list import ( + "time" + "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/util/cidutil" "github.com/anyproto/any-sync/util/crypto" "github.com/gogo/protobuf/proto" - "time" ) type RootContent struct { @@ -53,7 +54,6 @@ func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWi } rec = &AclRecord{ Id: rawIdRecord.Id, - ReadKeyId: rawIdRecord.Id, Timestamp: aclRoot.Timestamp, Signature: rawRec.Signature, Identity: pubKey, @@ -72,7 +72,6 @@ func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWi rec = &AclRecord{ Id: rawIdRecord.Id, PrevId: aclRecord.PrevId, - ReadKeyId: aclRecord.ReadKeyId, Timestamp: aclRecord.Timestamp, Data: aclRecord.Data, Signature: rawRec.Signature, diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 496b865d..6f0c917b 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -2,7 +2,6 @@ package list import ( "errors" - "fmt" "github.com/anyproto/any-sync/app/logger" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" @@ -15,12 +14,9 @@ var log = logger.NewNamedSugared("common.commonspace.acllist") var ( ErrNoSuchAccount = errors.New("no such account") - ErrIncorrectInviteKey = errors.New("incorrect invite key") + ErrUnexpectedContentType = errors.New("unexpected content type") ErrIncorrectIdentity = errors.New("incorrect identity") ErrFailedToDecrypt = errors.New("failed to decrypt key") - ErrUserRemoved = errors.New("user was removed from the document") - ErrDocumentForbidden = errors.New("your user was forbidden access to the document") - ErrUserAlreadyExists = errors.New("user already exists") ErrNoSuchRecord = errors.New("no such record") ErrNoSuchRequest = errors.New("no such request") ErrNoSuchInvite = errors.New("no such invite") @@ -50,13 +46,14 @@ type AclState struct { keyStore crypto.KeyStorage totalReadKeys int - lastRecordId string + lastRecordId string + contentValidator ContentValidator } func newAclStateWithKeys( id string, key crypto.PrivKey) (*AclState, error) { - return &AclState{ + st := &AclState{ id: id, key: key, pubKey: key.GetPublic(), @@ -65,18 +62,30 @@ func newAclStateWithKeys( statesAtRecord: make(map[string][]AclUserState), inviteKeys: make(map[string]crypto.PubKey), requestRecords: make(map[string]RequestRecord), - }, nil + keyStore: crypto.NewKeyStorage(), + } + st.contentValidator = &contentValidator{ + keyStore: st.keyStore, + aclState: st, + } + return st, nil } func newAclState(id string) *AclState { - return &AclState{ + st := &AclState{ id: id, userReadKeys: make(map[string]crypto.SymKey), userStates: make(map[string]AclUserState), statesAtRecord: make(map[string][]AclUserState), inviteKeys: make(map[string]crypto.PubKey), requestRecords: make(map[string]RequestRecord), + keyStore: crypto.NewKeyStorage(), } + st.contentValidator = &contentValidator{ + keyStore: st.keyStore, + aclState: st, + } + return st } func (st *AclState) CurrentReadKeyId() string { @@ -167,7 +176,7 @@ func (st *AclState) applyRoot(record *AclRecord) (err error) { PubKey: record.Identity, Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Admin), } - st.currentReadKeyId = record.ReadKeyId + st.currentReadKeyId = record.Id st.userStates[mapKeyFromPubKey(record.Identity)] = userState st.totalReadKeys++ return @@ -196,76 +205,162 @@ func (st *AclState) saveReadKeyFromRoot(record *AclRecord) (err error) { func (st *AclState) applyChangeData(record *AclRecord) (err error) { model := record.Model.(*aclrecordproto.AclData) - if !st.isUserJoin(model) && !st.Permissions(record.Identity).CanManageAccounts() { - return ErrInsufficientPermissions - } for _, ch := range model.GetAclContent() { - if err = st.applyChangeContent(ch, record.Id); err != nil { + if err = st.applyChangeContent(ch, record.Id, record.Identity); err != nil { log.Info("error while applying changes: %v; ignore", zap.Error(err)) return err } } - if record.ReadKeyId != st.currentReadKeyId { - st.totalReadKeys++ - st.currentReadKeyId = record.ReadKeyId - } return nil } -func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recordId string) error { +func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recordId string, authorIdentity crypto.PubKey) error { switch { case ch.GetPermissionChange() != nil: - return st.applyPermissionChange(ch.GetPermissionChange(), recordId) + return st.applyPermissionChange(ch.GetPermissionChange(), recordId, authorIdentity) case ch.GetInvite() != nil: - return st.applyInvite(ch.GetInvite(), recordId) + return st.applyInvite(ch.GetInvite(), recordId, authorIdentity) case ch.GetInviteRevoke() != nil: - return st.applyUserRemove(ch.GetUserRemove(), recordId) - case ch.GetUserInvite() != nil: - return st.applyUserInvite(ch.GetUserInvite(), recordId) - case ch.GetUserJoin() != nil: - return st.applyUserJoin(ch.GetUserJoin(), recordId) + return st.applyInviteRevoke(ch.GetInviteRevoke(), recordId, authorIdentity) + case ch.GetRequestJoin() != nil: + return st.applyRequestJoin(ch.GetRequestJoin(), recordId, authorIdentity) + case ch.GetRequestAccept() != nil: + return st.applyRequestAccept(ch.GetRequestAccept(), recordId, authorIdentity) + case ch.GetRequestDecline() != nil: + return st.applyRequestDecline(ch.GetRequestDecline(), recordId, authorIdentity) + case ch.GetAccountRemove() != nil: + return st.applyAccountRemove(ch.GetAccountRemove(), recordId, authorIdentity) + case ch.GetReadKeyChange() != nil: + return st.applyReadKeyChange(ch.GetReadKeyChange(), recordId, authorIdentity) default: - return fmt.Errorf("unexpected change type: %v", ch) + return ErrUnexpectedContentType } } -func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissionChange, recordId string) error { +func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissionChange, recordId string, authorIdentity crypto.PubKey) error { chIdentity, err := st.keyStore.PubKeyFromProto(ch.Identity) if err != nil { return err } - state, exists := st.userStates[mapKeyFromPubKey(chIdentity)] - if !exists { - return ErrNoSuchAccount + err = st.contentValidator.ValidatePermissionChange(ch, recordId, authorIdentity) + if err != nil { + return err } + stringKey := mapKeyFromPubKey(chIdentity) + state, _ := st.userStates[stringKey] state.Permissions = AclPermissions(ch.Permissions) + st.userStates[stringKey] = state return nil } -func (st *AclState) applyInvite(ch *aclrecordproto.AclAccountInvite, recordId string) error { +func (st *AclState) applyInvite(ch *aclrecordproto.AclAccountInvite, recordId string, authorIdentity crypto.PubKey) error { inviteKey, err := st.keyStore.PubKeyFromProto(ch.InviteKey) if err != nil { return err } + err = st.contentValidator.ValidateInvite(ch, recordId, authorIdentity) + if err != nil { + return err + } st.inviteKeys[recordId] = inviteKey return nil } -func (st *AclState) applyInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, recordId string) error { - +func (st *AclState) applyInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateInviteRevoke(ch, recordId, authorIdentity) + if err != nil { + return err + } delete(st.inviteKeys, ch.InviteRecordId) return nil } -func (st *AclState) applyUserJoin(ch *aclrecordproto.AclUserJoin, recordId string) error { +func (st *AclState) applyRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateRequestJoin(ch, recordId, authorIdentity) + if err != nil { + return err + } + st.requestRecords[recordId] = RequestRecord{ + RequestIdentity: authorIdentity, + RequestMetadata: ch.Metadata, + } return nil } -func (st *AclState) applyUserAdd(ch *aclrecordproto.AclUserAdd, recordId string) error { +func (st *AclState) applyRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateRequestAccept(ch, recordId, authorIdentity) + if err != nil { + return err + } + acceptIdentity, err := st.keyStore.PubKeyFromProto(ch.Identity) + if err != nil { + return err + } + record, _ := st.requestRecords[ch.RequestRecordId] + st.userStates[mapKeyFromPubKey(acceptIdentity)] = AclUserState{ + PubKey: acceptIdentity, + Permissions: AclPermissions(ch.Permissions), + RequestMetadata: record.RequestMetadata, + } + if !st.pubKey.Equals(acceptIdentity) { + return nil + } + res, err := st.key.Decrypt(ch.EncryptedReadKeys) + if err != nil { + return err + } + keys := &aclrecordproto.AclReadKeys{} + err = proto.Unmarshal(res, keys) + if err != nil { + return err + } + for recordId, key := range keys.ReadKeys { + sym, err := crypto.UnmarshallAESKey(key) + if err != nil { + return err + } + st.userReadKeys[recordId] = sym + } return nil } -func (st *AclState) applyUserRemove(ch *aclrecordproto.AclUserRemove, recordId string) error { +func (st *AclState) applyRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateRequestDecline(ch, recordId, authorIdentity) + if err != nil { + return err + } + delete(st.requestRecords, ch.RequestRecordId) + return nil +} + +func (st *AclState) applyAccountRemove(ch *aclrecordproto.AclAccountRemove, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateRemove(ch, recordId, authorIdentity) + if err != nil { + return err + } + return st.updateReadKey(ch.AccountKeys, recordId) +} + +func (st *AclState) applyReadKeyChange(ch *aclrecordproto.AclReadKeyChange, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateReadKeyChange(ch, recordId, authorIdentity) + if err != nil { + return err + } + return st.updateReadKey(ch.AccountKeys, recordId) +} + +func (st *AclState) updateReadKey(keys []*aclrecordproto.AclEncryptedReadKey, recordId string) error { + for _, accKey := range keys { + identity, _ := st.keyStore.PubKeyFromProto(accKey.Identity) + if st.pubKey.Equals(identity) { + res, err := st.decryptReadKey(accKey.EncryptedReadKey) + if err != nil { + return err + } + st.userReadKeys[recordId] = res + } + } + st.currentReadKeyId = recordId return nil } @@ -274,7 +369,6 @@ func (st *AclState) decryptReadKey(msg []byte) (crypto.SymKey, error) { if err != nil { return nil, ErrFailedToDecrypt } - key, err := crypto.UnmarshallAESKey(decrypted) if err != nil { return nil, ErrFailedToDecrypt @@ -290,19 +384,10 @@ func (st *AclState) Permissions(identity crypto.PubKey) AclPermissions { return state.Permissions } -func (st *AclState) isUserJoin(data *aclrecordproto.AclData) bool { - // if we have a UserJoin, then it should always be the first one applied - return data.GetAclContent() != nil && data.GetAclContent()[0].GetUserJoin() != nil -} - func (st *AclState) UserStates() map[string]AclUserState { return st.userStates } -func (st *AclState) Invite(acceptPubKey []byte) (invite *aclrecordproto.AclUserInvite, err error) { - return -} - func (st *AclState) LastRecordId() string { return st.lastRecordId } diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go index 6ec52b28..b0583a39 100644 --- a/commonspace/object/acl/list/models.go +++ b/commonspace/object/acl/list/models.go @@ -8,7 +8,6 @@ import ( type AclRecord struct { Id string PrevId string - ReadKeyId string Timestamp int64 Data []byte Identity crypto.PubKey @@ -22,8 +21,9 @@ type RequestRecord struct { } type AclUserState struct { - PubKey crypto.PubKey - Permissions AclPermissions + PubKey crypto.PubKey + Permissions AclPermissions + RequestMetadata []byte } type AclPermissions aclrecordproto.AclUserPermissions diff --git a/commonspace/object/acl/list/validator.go b/commonspace/object/acl/list/validator.go index 6fa8be20..51dfa575 100644 --- a/commonspace/object/acl/list/validator.go +++ b/commonspace/object/acl/list/validator.go @@ -96,6 +96,9 @@ func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRe if !acceptIdentity.Equals(record.RequestIdentity) { return ErrIncorrectIdentity } + if ch.Permissions == aclrecordproto.AclUserPermissions_Owner { + return ErrInsufficientPermissions + } return } @@ -129,7 +132,7 @@ func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyCh return c.validateAccountReadKeys(ch.AccountKeys) } -func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKeys) (err error) { +func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKey) (err error) { if len(accountKeys) != len(c.aclState.userStates) { return ErrIncorrectNumberOfAccounts } From 81aadfde7e82e2aaa290ef2000d0b455e7806dd6 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 26 Jun 2023 10:10:14 +0200 Subject: [PATCH 04/17] Add validate method in list --- .../object/acl/list/aclrecordbuilder.go | 45 +++++++++++- commonspace/object/acl/list/aclstate.go | 24 ++++--- commonspace/object/acl/list/list.go | 28 ++++++-- commonspace/object/acl/list/validator.go | 70 ++++++++++++++----- 4 files changed, 133 insertions(+), 34 deletions(-) diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index 686ef3fa..f94553c1 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -17,7 +17,8 @@ type RootContent struct { } type AclRecordBuilder interface { - Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) + UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) + Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (rec *AclRecord, err error) BuildRoot(content RootContent) (rec *aclrecordproto.RawAclRecordWithId, err error) } @@ -33,7 +34,41 @@ func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage) AclRecordBuild } } -func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) { +func (a *aclRecordBuilder) Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (rec *AclRecord, err error) { + aclRecord := &aclrecordproto.AclRecord{} + err = proto.Unmarshal(rawRecord.Payload, aclRecord) + if err != nil { + return + } + pubKey, err := a.keyStorage.PubKeyFromProto(aclRecord.Identity) + if err != nil { + return + } + aclData := &aclrecordproto.AclData{} + err = proto.Unmarshal(rawRecord.Payload, aclData) + if err != nil { + return + } + rec = &AclRecord{ + PrevId: aclRecord.PrevId, + Timestamp: aclRecord.Timestamp, + Data: aclRecord.Data, + Signature: rawRecord.Signature, + Identity: pubKey, + Model: aclData, + } + res, err := pubKey.Verify(rawRecord.Payload, rawRecord.Signature) + if err != nil { + return + } + if !res { + err = ErrInvalidSignature + return + } + return +} + +func (a *aclRecordBuilder) UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) { var ( rawRec = &aclrecordproto.RawAclRecord{} pubKey crypto.PubKey @@ -69,6 +104,11 @@ func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWi if err != nil { return } + aclData := &aclrecordproto.AclData{} + err = proto.Unmarshal(rawRec.Payload, aclData) + if err != nil { + return + } rec = &AclRecord{ Id: rawIdRecord.Id, PrevId: aclRecord.PrevId, @@ -76,6 +116,7 @@ func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWi Data: aclRecord.Data, Signature: rawRec.Signature, Identity: pubKey, + Model: aclData, } } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 6f0c917b..52fe894b 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -88,6 +88,10 @@ func newAclState(id string) *AclState { return st } +func (st *AclState) Validator() ContentValidator { + return st.contentValidator +} + func (st *AclState) CurrentReadKeyId() string { return st.currentReadKeyId } @@ -242,7 +246,7 @@ func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissio if err != nil { return err } - err = st.contentValidator.ValidatePermissionChange(ch, recordId, authorIdentity) + err = st.contentValidator.ValidatePermissionChange(ch, authorIdentity) if err != nil { return err } @@ -258,7 +262,7 @@ func (st *AclState) applyInvite(ch *aclrecordproto.AclAccountInvite, recordId st if err != nil { return err } - err = st.contentValidator.ValidateInvite(ch, recordId, authorIdentity) + err = st.contentValidator.ValidateInvite(ch, authorIdentity) if err != nil { return err } @@ -267,7 +271,7 @@ func (st *AclState) applyInvite(ch *aclrecordproto.AclAccountInvite, recordId st } func (st *AclState) applyInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, recordId string, authorIdentity crypto.PubKey) error { - err := st.contentValidator.ValidateInviteRevoke(ch, recordId, authorIdentity) + err := st.contentValidator.ValidateInviteRevoke(ch, authorIdentity) if err != nil { return err } @@ -276,7 +280,7 @@ func (st *AclState) applyInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, } func (st *AclState) applyRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, recordId string, authorIdentity crypto.PubKey) error { - err := st.contentValidator.ValidateRequestJoin(ch, recordId, authorIdentity) + err := st.contentValidator.ValidateRequestJoin(ch, authorIdentity) if err != nil { return err } @@ -288,7 +292,7 @@ func (st *AclState) applyRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, r } func (st *AclState) applyRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, recordId string, authorIdentity crypto.PubKey) error { - err := st.contentValidator.ValidateRequestAccept(ch, recordId, authorIdentity) + err := st.contentValidator.ValidateRequestAccept(ch, authorIdentity) if err != nil { return err } @@ -314,18 +318,18 @@ func (st *AclState) applyRequestAccept(ch *aclrecordproto.AclAccountRequestAccep if err != nil { return err } - for recordId, key := range keys.ReadKeys { + for keyId, key := range keys.ReadKeys { sym, err := crypto.UnmarshallAESKey(key) if err != nil { return err } - st.userReadKeys[recordId] = sym + st.userReadKeys[keyId] = sym } return nil } func (st *AclState) applyRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, recordId string, authorIdentity crypto.PubKey) error { - err := st.contentValidator.ValidateRequestDecline(ch, recordId, authorIdentity) + err := st.contentValidator.ValidateRequestDecline(ch, authorIdentity) if err != nil { return err } @@ -334,7 +338,7 @@ func (st *AclState) applyRequestDecline(ch *aclrecordproto.AclAccountRequestDecl } func (st *AclState) applyAccountRemove(ch *aclrecordproto.AclAccountRemove, recordId string, authorIdentity crypto.PubKey) error { - err := st.contentValidator.ValidateRemove(ch, recordId, authorIdentity) + err := st.contentValidator.ValidateRemove(ch, authorIdentity) if err != nil { return err } @@ -342,7 +346,7 @@ func (st *AclState) applyAccountRemove(ch *aclrecordproto.AclAccountRemove, reco } func (st *AclState) applyReadKeyChange(ch *aclrecordproto.AclReadKeyChange, recordId string, authorIdentity crypto.PubKey) error { - err := st.contentValidator.ValidateReadKeyChange(ch, recordId, authorIdentity) + err := st.contentValidator.ValidateReadKeyChange(ch, authorIdentity) if err != nil { return err } diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index 6c31c9de..b3bf8cd0 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -5,11 +5,12 @@ import ( "context" "errors" "fmt" + "sync" + "github.com/anyproto/any-sync/commonspace/object/accountdata" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/liststorage" "github.com/anyproto/any-sync/util/crypto" - "sync" ) type IterFunc = func(record *AclRecord) (IsContinue bool) @@ -33,8 +34,11 @@ type AclList interface { Get(id string) (*AclRecord, error) Iterate(iterFunc IterFunc) IterateFrom(startId string, iterFunc IterFunc) - KeyStorage() crypto.KeyStorage + KeyStorage() crypto.KeyStorage + RecordBuilder() AclRecordBuilder + + ValidateRawRecord(record *aclrecordproto.RawAclRecord) (err error) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added bool, err error) Close() (err error) @@ -77,7 +81,7 @@ func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilde return } - record, err := recBuilder.Unmarshall(rawRecordWithId) + record, err := recBuilder.UnmarshallWithId(rawRecordWithId) if err != nil { return } @@ -89,7 +93,7 @@ func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilde return } - record, err = recBuilder.Unmarshall(rawRecordWithId) + record, err = recBuilder.UnmarshallWithId(rawRecordWithId) if err != nil { return } @@ -132,15 +136,27 @@ func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilde return } +func (a *aclList) RecordBuilder() AclRecordBuilder { + return a.recordBuilder +} + func (a *aclList) Records() []*AclRecord { return a.records } +func (a *aclList) ValidateRawRecord(rawRec *aclrecordproto.RawAclRecord) (err error) { + record, err := a.recordBuilder.Unmarshall(rawRec) + if err != nil { + return + } + return a.aclState.Validator().ValidateAclRecordContents(record) +} + func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added bool, err error) { if _, ok := a.indexes[rawRec.Id]; ok { return } - record, err := a.recordBuilder.Unmarshall(rawRec) + record, err := a.recordBuilder.UnmarshallWithId(rawRec) if err != nil { return } @@ -159,7 +175,7 @@ func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added } func (a *aclList) IsValidNext(rawRec *aclrecordproto.RawAclRecordWithId) (err error) { - _, err = a.recordBuilder.Unmarshall(rawRec) + _, err = a.recordBuilder.UnmarshallWithId(rawRec) if err != nil { return } diff --git a/commonspace/object/acl/list/validator.go b/commonspace/object/acl/list/validator.go index 51dfa575..75e0e251 100644 --- a/commonspace/object/acl/list/validator.go +++ b/commonspace/object/acl/list/validator.go @@ -6,14 +6,15 @@ import ( ) type ContentValidator interface { - ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error) - ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error) - ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error) - ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error) - ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error) - ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error) - ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error) - ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error) + ValidateAclRecordContents(ch *AclRecord) (err error) + ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, authorIdentity crypto.PubKey) (err error) + ValidateInvite(ch *aclrecordproto.AclAccountInvite, authorIdentity crypto.PubKey) (err error) + ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, authorIdentity crypto.PubKey) (err error) + ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, authorIdentity crypto.PubKey) (err error) + ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, authorIdentity crypto.PubKey) (err error) + ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, authorIdentity crypto.PubKey) (err error) + ValidateRemove(ch *aclrecordproto.AclAccountRemove, authorIdentity crypto.PubKey) (err error) + ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, authorIdentity crypto.PubKey) (err error) } type contentValidator struct { @@ -21,7 +22,44 @@ type contentValidator struct { aclState *AclState } -func (c *contentValidator) ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateAclRecordContents(ch *AclRecord) (err error) { + if ch.PrevId != c.aclState.lastRecordId { + return ErrIncorrectRecordSequence + } + aclData := ch.Model.(*aclrecordproto.AclData) + for _, content := range aclData.AclContent { + err = c.validateAclRecordContent(content, ch.Identity) + if err != nil { + return + } + } + return +} + +func (c *contentValidator) validateAclRecordContent(ch *aclrecordproto.AclContentValue, authorIdentity crypto.PubKey) (err error) { + switch { + case ch.GetPermissionChange() != nil: + return c.ValidatePermissionChange(ch.GetPermissionChange(), authorIdentity) + case ch.GetInvite() != nil: + return c.ValidateInvite(ch.GetInvite(), authorIdentity) + case ch.GetInviteRevoke() != nil: + return c.ValidateInviteRevoke(ch.GetInviteRevoke(), authorIdentity) + case ch.GetRequestJoin() != nil: + return c.ValidateRequestJoin(ch.GetRequestJoin(), authorIdentity) + case ch.GetRequestAccept() != nil: + return c.ValidateRequestAccept(ch.GetRequestAccept(), authorIdentity) + case ch.GetRequestDecline() != nil: + return c.ValidateRequestDecline(ch.GetRequestDecline(), authorIdentity) + case ch.GetAccountRemove() != nil: + return c.ValidateRemove(ch.GetAccountRemove(), authorIdentity) + case ch.GetReadKeyChange() != nil: + return c.ValidateReadKeyChange(ch.GetReadKeyChange(), authorIdentity) + default: + return ErrUnexpectedContentType + } +} + +func (c *contentValidator) ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, authorIdentity crypto.PubKey) (err error) { if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } @@ -36,7 +74,7 @@ func (c *contentValidator) ValidatePermissionChange(ch *aclrecordproto.AclAccoun return } -func (c *contentValidator) ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateInvite(ch *aclrecordproto.AclAccountInvite, authorIdentity crypto.PubKey) (err error) { if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } @@ -44,7 +82,7 @@ func (c *contentValidator) ValidateInvite(ch *aclrecordproto.AclAccountInvite, i return } -func (c *contentValidator) ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, authorIdentity crypto.PubKey) (err error) { if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } @@ -55,7 +93,7 @@ func (c *contentValidator) ValidateInviteRevoke(ch *aclrecordproto.AclAccountInv return } -func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, authorIdentity crypto.PubKey) (err error) { inviteKey, exists := c.aclState.inviteKeys[ch.InviteRecordId] if !exists { return ErrNoSuchInvite @@ -81,7 +119,7 @@ func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequ return } -func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, authorIdentity crypto.PubKey) (err error) { if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } @@ -102,7 +140,7 @@ func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRe return } -func (c *contentValidator) ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, authorIdentity crypto.PubKey) (err error) { if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } @@ -113,7 +151,7 @@ func (c *contentValidator) ValidateRequestDecline(ch *aclrecordproto.AclAccountR return } -func (c *contentValidator) ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateRemove(ch *aclrecordproto.AclAccountRemove, authorIdentity crypto.PubKey) (err error) { if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } @@ -128,7 +166,7 @@ func (c *contentValidator) ValidateRemove(ch *aclrecordproto.AclAccountRemove, i return c.validateAccountReadKeys(ch.AccountKeys) } -func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, authorIdentity crypto.PubKey) (err error) { return c.validateAccountReadKeys(ch.AccountKeys) } From 62f23b72298702fb33ba283bac7f2d761316c093 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 26 Jun 2023 11:43:17 +0200 Subject: [PATCH 05/17] Update record builder to build new payloads --- .../object/acl/list/aclrecordbuilder.go | 303 +++++++++++++++++- commonspace/object/acl/list/aclstate.go | 3 + commonspace/object/acl/list/list.go | 4 +- commonspace/object/acl/list/listutils.go | 2 +- commonspace/object/acl/list/models.go | 8 + 5 files changed, 312 insertions(+), 8 deletions(-) diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index f94553c1..86b94c5c 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -3,6 +3,7 @@ package list import ( "time" + "github.com/anyproto/any-sync/commonspace/object/accountdata" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/util/cidutil" "github.com/anyproto/any-sync/util/crypto" @@ -16,24 +17,316 @@ type RootContent struct { EncryptedReadKey []byte } +type RequestJoinPayload struct { + InviteRecordId string + InviteKey crypto.PrivKey + Metadata []byte +} + +type RequestAcceptPayload struct { + RequestRecordId string + Permissions AclPermissions +} + +type PermissionChangePayload struct { + Identity crypto.PubKey + Permissions AclPermissions +} + +type AccountRemovePayload struct { + Identity crypto.PubKey + ReadKey crypto.SymKey +} + +type InviteResult struct { + InviteRec *aclrecordproto.RawAclRecord + InviteKey crypto.PrivKey +} + type AclRecordBuilder interface { UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (rec *AclRecord, err error) + BuildRoot(content RootContent) (rec *aclrecordproto.RawAclRecordWithId, err error) + BuildInvite() (res InviteResult, err error) + BuildInviteRevoke(inviteRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildRequestJoin(payload RequestJoinPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildRequestAccept(payload RequestAcceptPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildRequestDecline(requestRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildPermissionChange(payload PermissionChangePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildReadKeyChange(newKey crypto.SymKey) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildAccountRemove(payload AccountRemovePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) } type aclRecordBuilder struct { - id string - keyStorage crypto.KeyStorage + id string + keyStorage crypto.KeyStorage + accountKeys *accountdata.AccountKeys + state *AclState } -func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage) AclRecordBuilder { +func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage, keys *accountdata.AccountKeys) AclRecordBuilder { return &aclRecordBuilder{ - id: id, - keyStorage: keyStorage, + id: id, + keyStorage: keyStorage, + accountKeys: keys, } } +func (a *aclRecordBuilder) buildRecord(aclContent *aclrecordproto.AclContentValue) (rawRec *aclrecordproto.RawAclRecord, err error) { + aclData := &aclrecordproto.AclData{AclContent: []*aclrecordproto.AclContentValue{ + aclContent, + }} + marshalledData, err := aclData.Marshal() + if err != nil { + return + } + protoKey, err := a.accountKeys.SignKey.GetPublic().Marshall() + if err != nil { + return + } + rec := &aclrecordproto.AclRecord{ + PrevId: a.state.lastRecordId, + Identity: protoKey, + Data: marshalledData, + Timestamp: time.Now().Unix(), + } + marshalledRec, err := rec.Marshal() + if err != nil { + return + } + signature, err := a.accountKeys.SignKey.Sign(marshalledRec) + if err != nil { + return + } + rawRec = &aclrecordproto.RawAclRecord{ + Payload: marshalledRec, + Signature: signature, + } + return +} + +func (a *aclRecordBuilder) BuildInvite() (res InviteResult, err error) { + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + err = ErrInsufficientPermissions + return + } + privKey, pubKey, err := crypto.GenerateRandomEd25519KeyPair() + if err != nil { + return + } + invitePubKey, err := pubKey.Marshall() + if err != nil { + return + } + inviteRec := &aclrecordproto.AclAccountInvite{InviteKey: invitePubKey} + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_Invite{Invite: inviteRec}} + rawRec, err := a.buildRecord(content) + if err != nil { + return + } + res.InviteKey = privKey + res.InviteRec = rawRec + return +} + +func (a *aclRecordBuilder) BuildInviteRevoke(inviteRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) { + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + err = ErrInsufficientPermissions + return + } + _, exists := a.state.inviteKeys[inviteRecordId] + if !exists { + err = ErrNoSuchInvite + return + } + revokeRec := &aclrecordproto.AclAccountInviteRevoke{InviteRecordId: inviteRecordId} + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_InviteRevoke{InviteRevoke: revokeRec}} + return a.buildRecord(content) +} + +func (a *aclRecordBuilder) BuildRequestJoin(payload RequestJoinPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { + key, exists := a.state.inviteKeys[payload.InviteRecordId] + if !exists { + err = ErrNoSuchInvite + return + } + if !payload.InviteKey.GetPublic().Equals(key) { + err = ErrIncorrectInviteKey + } + rawIdentity, err := a.accountKeys.SignKey.GetPublic().Raw() + if err != nil { + return + } + signature, err := payload.InviteKey.Sign(rawIdentity) + if err != nil { + return + } + joinRec := &aclrecordproto.AclAccountRequestJoin{ + InviteIdentity: rawIdentity, + InviteRecordId: payload.InviteRecordId, + InviteIdentitySignature: signature, + Metadata: payload.Metadata, + } + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_RequestJoin{RequestJoin: joinRec}} + return a.buildRecord(content) +} + +func (a *aclRecordBuilder) BuildRequestAccept(payload RequestAcceptPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + err = ErrInsufficientPermissions + return + } + request, exists := a.state.requestRecords[payload.RequestRecordId] + if !exists { + err = ErrNoSuchRequest + return + } + readKeys := map[string][]byte{} + for keyId, key := range a.state.userReadKeys { + rawKey, err := key.Raw() + if err != nil { + return nil, err + } + readKeys[keyId] = rawKey + } + aclKeys := &aclrecordproto.AclReadKeys{ReadKeys: readKeys} + marshalledKeys, err := aclKeys.Marshal() + if err != nil { + return + } + requestIdentityProto, err := request.RequestIdentity.Marshall() + if err != nil { + return + } + encKeys, err := request.RequestIdentity.Encrypt(marshalledKeys) + if err != nil { + return + } + acceptRec := &aclrecordproto.AclAccountRequestAccept{ + Identity: requestIdentityProto, + RequestRecordId: payload.RequestRecordId, + EncryptedReadKeys: encKeys, + Permissions: aclrecordproto.AclUserPermissions(payload.Permissions), + } + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_RequestAccept{RequestAccept: acceptRec}} + return a.buildRecord(content) +} + +func (a *aclRecordBuilder) BuildRequestDecline(requestRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) { + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + err = ErrInsufficientPermissions + return + } + _, exists := a.state.requestRecords[requestRecordId] + if !exists { + err = ErrNoSuchRequest + return + } + declineRec := &aclrecordproto.AclAccountRequestDecline{RequestRecordId: requestRecordId} + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_RequestDecline{RequestDecline: declineRec}} + return a.buildRecord(content) +} + +func (a *aclRecordBuilder) BuildPermissionChange(payload PermissionChangePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + err = ErrInsufficientPermissions + return + } + if payload.Identity.Equals(a.state.pubKey) || payload.Permissions.IsOwner() { + err = ErrIncorrectPermissions + return + } + protoIdentity, err := payload.Identity.Marshall() + if err != nil { + return + } + permissionRec := &aclrecordproto.AclAccountPermissionChange{ + Identity: protoIdentity, + Permissions: aclrecordproto.AclUserPermissions(payload.Permissions), + } + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_PermissionChange{PermissionChange: permissionRec}} + return a.buildRecord(content) +} + +func (a *aclRecordBuilder) BuildReadKeyChange(newKey crypto.SymKey) (rawRecord *aclrecordproto.RawAclRecord, err error) { + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + err = ErrInsufficientPermissions + return + } + rawKey, err := newKey.Raw() + if err != nil { + return + } + if len(rawKey) != crypto.KeyBytes { + err = ErrIncorrectReadKey + return + } + var aclReadKeys []*aclrecordproto.AclEncryptedReadKey + for _, st := range a.state.userStates { + protoIdentity, err := st.PubKey.Marshall() + if err != nil { + return nil, err + } + enc, err := st.PubKey.Encrypt(rawKey) + if err != nil { + return nil, err + } + aclReadKeys = append(aclReadKeys, &aclrecordproto.AclEncryptedReadKey{ + Identity: protoIdentity, + EncryptedReadKey: enc, + }) + } + readRec := &aclrecordproto.AclReadKeyChange{AccountKeys: aclReadKeys} + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_ReadKeyChange{ReadKeyChange: readRec}} + return a.buildRecord(content) +} + +func (a *aclRecordBuilder) BuildAccountRemove(payload AccountRemovePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { + permissions := a.state.Permissions(payload.Identity) + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() || permissions.IsOwner() { + err = ErrInsufficientPermissions + return + } + if permissions.NoPermissions() { + err = ErrNoSuchAccount + return + } + rawKey, err := payload.ReadKey.Raw() + if err != nil { + return + } + if len(rawKey) != crypto.KeyBytes { + err = ErrIncorrectReadKey + return + } + var aclReadKeys []*aclrecordproto.AclEncryptedReadKey + for _, st := range a.state.userStates { + if st.PubKey.Equals(payload.Identity) { + continue + } + protoIdentity, err := st.PubKey.Marshall() + if err != nil { + return nil, err + } + enc, err := st.PubKey.Encrypt(rawKey) + if err != nil { + return nil, err + } + aclReadKeys = append(aclReadKeys, &aclrecordproto.AclEncryptedReadKey{ + Identity: protoIdentity, + EncryptedReadKey: enc, + }) + } + protoIdentity, err := payload.Identity.Marshall() + if err != nil { + return + } + removeRec := &aclrecordproto.AclAccountRemove{AccountKeys: aclReadKeys, Identity: protoIdentity} + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_AccountRemove{AccountRemove: removeRec}} + return a.buildRecord(content) +} + func (a *aclRecordBuilder) Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (rec *AclRecord, err error) { aclRecord := &aclrecordproto.AclRecord{} err = proto.Unmarshal(rawRecord.Payload, aclRecord) diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 52fe894b..de484a13 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -16,13 +16,16 @@ var ( ErrNoSuchAccount = errors.New("no such account") ErrUnexpectedContentType = errors.New("unexpected content type") ErrIncorrectIdentity = errors.New("incorrect identity") + ErrIncorrectInviteKey = errors.New("incorrect invite key") ErrFailedToDecrypt = errors.New("failed to decrypt key") ErrNoSuchRecord = errors.New("no such record") ErrNoSuchRequest = errors.New("no such request") ErrNoSuchInvite = errors.New("no such invite") ErrInsufficientPermissions = errors.New("insufficient permissions") + ErrIncorrectPermissions = errors.New("incorrect permissions") ErrIncorrectNumberOfAccounts = errors.New("incorrect number of accounts") ErrNoReadKey = errors.New("acl state doesn't have a read key") + ErrIncorrectReadKey = errors.New("incorrect read key") ErrInvalidSignature = errors.New("signature is invalid") ErrIncorrectRoot = errors.New("incorrect root") ErrIncorrectRecordSequence = errors.New("incorrect prev id of a record") diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index b3bf8cd0..cfcd3c3f 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -62,12 +62,12 @@ type aclList struct { func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage liststorage.ListStorage) (AclList, error) { builder := newAclStateBuilderWithIdentity(acc) keyStorage := crypto.NewKeyStorage() - return build(storage.Id(), keyStorage, builder, NewAclRecordBuilder(storage.Id(), keyStorage), storage) + return build(storage.Id(), keyStorage, builder, NewAclRecordBuilder(storage.Id(), keyStorage, acc), storage) } func BuildAclList(storage liststorage.ListStorage) (AclList, error) { keyStorage := crypto.NewKeyStorage() - return build(storage.Id(), keyStorage, newAclStateBuilder(), NewAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) + return build(storage.Id(), keyStorage, newAclStateBuilder(), NewAclRecordBuilder(storage.Id(), crypto.NewKeyStorage(), nil), storage) } func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder, storage liststorage.ListStorage) (list AclList, err error) { diff --git a/commonspace/object/acl/list/listutils.go b/commonspace/object/acl/list/listutils.go index 59e87888..64e43176 100644 --- a/commonspace/object/acl/list/listutils.go +++ b/commonspace/object/acl/list/listutils.go @@ -8,7 +8,7 @@ import ( ) func NewTestDerivedAcl(spaceId string, keys *accountdata.AccountKeys) (AclList, error) { - builder := NewAclRecordBuilder("", crypto.NewKeyStorage()) + builder := NewAclRecordBuilder("", crypto.NewKeyStorage(), keys) masterKey, _, err := crypto.GenerateRandomEd25519KeyPair() if err != nil { return nil, err diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go index b0583a39..90db6e91 100644 --- a/commonspace/object/acl/list/models.go +++ b/commonspace/object/acl/list/models.go @@ -28,6 +28,14 @@ type AclUserState struct { type AclPermissions aclrecordproto.AclUserPermissions +func (p AclPermissions) NoPermissions() bool { + return aclrecordproto.AclUserPermissions(p) == aclrecordproto.AclUserPermissions_None +} + +func (p AclPermissions) IsOwner() bool { + return aclrecordproto.AclUserPermissions(p) == aclrecordproto.AclUserPermissions_Owner +} + func (p AclPermissions) CanWrite() bool { switch aclrecordproto.AclUserPermissions(p) { case aclrecordproto.AclUserPermissions_Admin: From 061522eec2709a1724862550465813a9f1a60c95 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 26 Jun 2023 19:38:54 +0200 Subject: [PATCH 06/17] Update protocol --- .../object/acl/aclrecordproto/aclrecord.pb.go | 424 ++++++++---------- .../acl/aclrecordproto/protos/aclrecord.proto | 9 +- .../object/acl/list/aclrecordbuilder.go | 19 +- commonspace/object/acl/list/aclstate.go | 19 +- net/peer/peer.go | 5 - 5 files changed, 205 insertions(+), 271 deletions(-) diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index 9bb5eab4..8ab2e12f 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -449,10 +449,10 @@ func (m *AclAccountRequestJoin) GetMetadata() []byte { // AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor type AclAccountRequestAccept struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - RequestRecordId string `protobuf:"bytes,2,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"` - EncryptedReadKeys []byte `protobuf:"bytes,3,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + RequestRecordId string `protobuf:"bytes,2,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"` + EncryptedReadKeys []*AclReadKeyWithRecord `protobuf:"bytes,3,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclAccountRequestAccept) Reset() { *m = AclAccountRequestAccept{} } @@ -502,7 +502,7 @@ func (m *AclAccountRequestAccept) GetRequestRecordId() string { return "" } -func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []byte { +func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []*AclReadKeyWithRecord { if m != nil { return m.EncryptedReadKeys } @@ -606,23 +606,24 @@ func (m *AclAccountInviteRevoke) GetInviteRecordId() string { return "" } -// AclReadKeys are all read keys in Acl -type AclReadKeys struct { - ReadKeys map[string][]byte `protobuf:"bytes,1,rep,name=readKeys,proto3" json:"readKeys,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` +// AclReadKeys are a read key with record id +type AclReadKeyWithRecord struct { + RecordId string `protobuf:"bytes,1,opt,name=recordId,proto3" json:"recordId,omitempty"` + EncryptedReadKey []byte `protobuf:"bytes,2,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` } -func (m *AclReadKeys) Reset() { *m = AclReadKeys{} } -func (m *AclReadKeys) String() string { return proto.CompactTextString(m) } -func (*AclReadKeys) ProtoMessage() {} -func (*AclReadKeys) Descriptor() ([]byte, []int) { +func (m *AclReadKeyWithRecord) Reset() { *m = AclReadKeyWithRecord{} } +func (m *AclReadKeyWithRecord) String() string { return proto.CompactTextString(m) } +func (*AclReadKeyWithRecord) ProtoMessage() {} +func (*AclReadKeyWithRecord) Descriptor() ([]byte, []int) { return fileDescriptor_c8e9f754f34e929b, []int{9} } -func (m *AclReadKeys) XXX_Unmarshal(b []byte) error { +func (m *AclReadKeyWithRecord) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) } -func (m *AclReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { +func (m *AclReadKeyWithRecord) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { if deterministic { - return xxx_messageInfo_AclReadKeys.Marshal(b, m, deterministic) + return xxx_messageInfo_AclReadKeyWithRecord.Marshal(b, m, deterministic) } else { b = b[:cap(b)] n, err := m.MarshalToSizedBuffer(b) @@ -632,21 +633,28 @@ func (m *AclReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) return b[:n], nil } } -func (m *AclReadKeys) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclReadKeys.Merge(m, src) +func (m *AclReadKeyWithRecord) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclReadKeyWithRecord.Merge(m, src) } -func (m *AclReadKeys) XXX_Size() int { +func (m *AclReadKeyWithRecord) XXX_Size() int { return m.Size() } -func (m *AclReadKeys) XXX_DiscardUnknown() { - xxx_messageInfo_AclReadKeys.DiscardUnknown(m) +func (m *AclReadKeyWithRecord) XXX_DiscardUnknown() { + xxx_messageInfo_AclReadKeyWithRecord.DiscardUnknown(m) } -var xxx_messageInfo_AclReadKeys proto.InternalMessageInfo +var xxx_messageInfo_AclReadKeyWithRecord proto.InternalMessageInfo -func (m *AclReadKeys) GetReadKeys() map[string][]byte { +func (m *AclReadKeyWithRecord) GetRecordId() string { if m != nil { - return m.ReadKeys + return m.RecordId + } + return "" +} + +func (m *AclReadKeyWithRecord) GetEncryptedReadKey() []byte { + if m != nil { + return m.EncryptedReadKey } return nil } @@ -1238,8 +1246,7 @@ func init() { proto.RegisterType((*AclAccountRequestAccept)(nil), "aclrecord.AclAccountRequestAccept") proto.RegisterType((*AclAccountRequestDecline)(nil), "aclrecord.AclAccountRequestDecline") proto.RegisterType((*AclAccountInviteRevoke)(nil), "aclrecord.AclAccountInviteRevoke") - proto.RegisterType((*AclReadKeys)(nil), "aclrecord.AclReadKeys") - proto.RegisterMapType((map[string][]byte)(nil), "aclrecord.AclReadKeys.ReadKeysEntry") + proto.RegisterType((*AclReadKeyWithRecord)(nil), "aclrecord.AclReadKeyWithRecord") proto.RegisterType((*AclEncryptedReadKey)(nil), "aclrecord.AclEncryptedReadKey") proto.RegisterType((*AclAccountPermissionChange)(nil), "aclrecord.AclAccountPermissionChange") proto.RegisterType((*AclReadKeyChange)(nil), "aclrecord.AclReadKeyChange") @@ -1256,70 +1263,69 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 1005 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdf, 0x6e, 0x1b, 0xc5, - 0x17, 0xde, 0xb5, 0x1d, 0x3b, 0x3e, 0x9b, 0xb8, 0xfe, 0xcd, 0x0f, 0x5a, 0x2b, 0x14, 0x2b, 0x2c, - 0x14, 0x45, 0x15, 0x4a, 0x90, 0x11, 0x22, 0x2a, 0x88, 0x66, 0x9b, 0x44, 0xd8, 0x81, 0x02, 0x9a, - 0x00, 0x95, 0x2a, 0x71, 0x31, 0x9d, 0x1d, 0xa5, 0x4b, 0xf7, 0x5f, 0x67, 0x27, 0xae, 0xfc, 0x0e, - 0x5c, 0xf0, 0x08, 0xbc, 0x08, 0xf7, 0x5c, 0xa1, 0xde, 0x20, 0x21, 0xae, 0x50, 0xf2, 0x22, 0x68, - 0x66, 0xf6, 0xff, 0x6e, 0x2d, 0x7a, 0xd1, 0x66, 0xe6, 0xcc, 0x39, 0xdf, 0x7c, 0xe7, 0x7c, 0x67, - 0xce, 0x1a, 0x3e, 0xa3, 0x51, 0x10, 0x44, 0x61, 0x12, 0x13, 0xca, 0x0e, 0xa2, 0x27, 0x3f, 0x31, - 0x2a, 0x0e, 0x08, 0xf5, 0xe5, 0x3f, 0xce, 0x68, 0xc4, 0xdd, 0x98, 0x47, 0x22, 0x3a, 0x50, 0xff, - 0x27, 0x85, 0x75, 0x5f, 0x19, 0xd0, 0x30, 0x37, 0xd8, 0xbf, 0x9a, 0xb0, 0x85, 0xc9, 0x0b, 0x87, - 0xfa, 0x58, 0x19, 0xd0, 0x04, 0x06, 0x31, 0x59, 0xf9, 0x11, 0x71, 0x27, 0xe6, 0xae, 0xb9, 0xb7, - 0x85, 0xb3, 0x2d, 0xba, 0x0d, 0xc3, 0xc4, 0xbb, 0x08, 0x89, 0xb8, 0xe4, 0x6c, 0xd2, 0x51, 0x67, - 0x85, 0x01, 0xdd, 0x85, 0x31, 0xa1, 0x94, 0xc5, 0x22, 0xe2, 0x0b, 0x97, 0x85, 0xc2, 0x13, 0xab, - 0x49, 0x57, 0x39, 0x35, 0xec, 0xe8, 0x03, 0xf8, 0x5f, 0x66, 0x3b, 0xcf, 0x11, 0x7b, 0xca, 0xb9, - 0x79, 0x60, 0x7f, 0x0e, 0xa8, 0xcc, 0xf0, 0x91, 0x27, 0x9e, 0x2e, 0xd6, 0xf1, 0x1c, 0x41, 0xc7, - 0x73, 0x15, 0xc1, 0x21, 0xee, 0x78, 0xae, 0xfd, 0x1c, 0x86, 0x45, 0x7a, 0x37, 0xa1, 0x1f, 0x73, - 0xb6, 0x5c, 0xe8, 0xa8, 0x21, 0x4e, 0x77, 0x68, 0x07, 0x36, 0xbd, 0x8c, 0xb6, 0xce, 0x2d, 0xdf, - 0x23, 0x04, 0x3d, 0x97, 0x08, 0x92, 0xa6, 0xa3, 0xd6, 0xb2, 0x18, 0xc2, 0x0b, 0x58, 0x22, 0x48, - 0x10, 0x2b, 0xea, 0x5d, 0x5c, 0x18, 0xec, 0x3f, 0x4d, 0x18, 0xc8, 0x3b, 0xa3, 0x48, 0x54, 0x90, - 0xcd, 0x1a, 0xf2, 0x6d, 0x18, 0x06, 0x24, 0x11, 0x8c, 0x7f, 0xc9, 0xb2, 0x6b, 0x0b, 0x83, 0x4c, - 0x51, 0x09, 0xbc, 0x70, 0xd5, 0xd5, 0x43, 0x9c, 0x6d, 0x65, 0xb1, 0x59, 0x48, 0xf9, 0x2a, 0x16, - 0xcc, 0xc5, 0x8c, 0xb8, 0x32, 0x5c, 0xd7, 0xaf, 0x61, 0xaf, 0x32, 0xdd, 0xa8, 0x31, 0x95, 0x52, - 0x64, 0x6c, 0x0a, 0x29, 0xfa, 0x5a, 0x8a, 0xc6, 0x81, 0xfd, 0x21, 0x8c, 0x1d, 0xea, 0x3b, 0x94, - 0x46, 0x97, 0xa1, 0x58, 0x84, 0x4b, 0x4f, 0x30, 0x89, 0xef, 0xa9, 0x95, 0x24, 0xa1, 0x13, 0x2c, - 0x0c, 0xf6, 0x6f, 0x26, 0xbc, 0x59, 0x84, 0x60, 0xf6, 0xfc, 0x92, 0x25, 0xe2, 0x2c, 0xf2, 0x42, - 0xf4, 0x3e, 0x8c, 0xb4, 0xdb, 0xa2, 0x5a, 0x9d, 0x9a, 0xb5, 0xf0, 0xd3, 0x0a, 0x2e, 0x32, 0x69, - 0x6b, 0x56, 0x74, 0x08, 0xb7, 0xaa, 0x91, 0x45, 0x3e, 0x5a, 0xb8, 0x57, 0x1d, 0x4b, 0x85, 0x02, - 0x26, 0x88, 0xd2, 0x58, 0x57, 0x31, 0xdf, 0xdb, 0x7f, 0x98, 0x70, 0xab, 0xc1, 0xdf, 0x51, 0x3d, - 0xba, 0x56, 0xd9, 0x3d, 0xb8, 0xc1, 0xb5, 0x73, 0x8d, 0x76, 0xdd, 0x2c, 0x15, 0xa8, 0x6b, 0x96, - 0xa4, 0x8c, 0x9b, 0x07, 0xe8, 0x3e, 0x58, 0x31, 0xe3, 0x81, 0x97, 0x24, 0x5e, 0x14, 0x26, 0x8a, - 0xee, 0x68, 0xf6, 0xf6, 0x7e, 0xf1, 0xc2, 0x1d, 0xea, 0x7f, 0x9f, 0x30, 0xfe, 0x6d, 0xe1, 0x84, - 0xcb, 0x11, 0xf6, 0x09, 0x4c, 0x1a, 0xf9, 0x9c, 0x30, 0xea, 0x7b, 0x21, 0x6b, 0x23, 0x6d, 0xb6, - 0x92, 0xb6, 0x8f, 0xe0, 0x66, 0xbd, 0x11, 0x30, 0x5b, 0x46, 0xcf, 0x58, 0x8b, 0x5c, 0x66, 0x9b, - 0x5c, 0xf6, 0xcf, 0x26, 0x58, 0xea, 0x59, 0xa6, 0x89, 0x1d, 0xc1, 0x26, 0xcf, 0xb2, 0x37, 0x77, - 0xbb, 0x7b, 0xd6, 0xec, 0xbd, 0x6a, 0x56, 0x99, 0xe7, 0x7e, 0xb6, 0x38, 0x0d, 0x05, 0x5f, 0xe1, - 0x3c, 0x6a, 0xe7, 0x53, 0xd8, 0xae, 0x1c, 0xa1, 0x31, 0x74, 0x9f, 0xa5, 0x3d, 0x39, 0xc4, 0x72, - 0x89, 0xde, 0x80, 0x8d, 0x25, 0xf1, 0x2f, 0xb3, 0xf1, 0xa5, 0x37, 0xf7, 0x3a, 0x87, 0xa6, 0xfd, - 0x23, 0xfc, 0xdf, 0xa1, 0xfe, 0x69, 0xfd, 0xf1, 0xac, 0x93, 0xb8, 0xed, 0x11, 0x76, 0xda, 0x1f, - 0xa1, 0xbd, 0x82, 0x9d, 0xa2, 0x5e, 0x85, 0x36, 0xc7, 0x4f, 0x49, 0x78, 0xc1, 0xd6, 0xde, 0x52, - 0x13, 0xbc, 0xf3, 0xda, 0x82, 0x7f, 0xa7, 0xde, 0x6c, 0x4a, 0x24, 0xbd, 0xf0, 0x08, 0x2c, 0xa2, - 0xb9, 0x94, 0xea, 0x3d, 0xad, 0x82, 0xd6, 0x6b, 0x81, 0xcb, 0x21, 0x76, 0x5c, 0x9e, 0x04, 0x98, - 0x05, 0xd1, 0x72, 0x7d, 0x1a, 0xb5, 0x1b, 0x3b, 0xaf, 0x7f, 0xe3, 0xdf, 0x3d, 0xb8, 0xe1, 0x50, - 0xff, 0x38, 0x0a, 0x05, 0x0b, 0xc5, 0x0f, 0x52, 0x39, 0xf4, 0x31, 0xf4, 0x75, 0x5b, 0xa9, 0xfb, - 0xac, 0xd9, 0x5b, 0x55, 0xc0, 0x4a, 0x7f, 0xce, 0x0d, 0x9c, 0x3a, 0xa3, 0x2f, 0x60, 0xcb, 0x2b, - 0xf5, 0xac, 0x2a, 0xaa, 0x35, 0x7b, 0x67, 0x4d, 0xb0, 0x76, 0x9c, 0x1b, 0xb8, 0x12, 0x88, 0x4e, - 0xc0, 0xe2, 0xc5, 0x48, 0x53, 0xaf, 0xd6, 0x9a, 0xed, 0xb6, 0xe2, 0x94, 0x46, 0xdf, 0xdc, 0xc0, - 0xe5, 0x30, 0x74, 0x06, 0xdb, 0xbc, 0x3c, 0x58, 0xd4, 0xab, 0xb6, 0x66, 0xf6, 0x3a, 0x1c, 0xed, - 0x39, 0x37, 0x70, 0x35, 0x14, 0x9d, 0xc3, 0x38, 0xae, 0xb5, 0x97, 0x1a, 0xfa, 0xd6, 0xec, 0x4e, - 0x2b, 0x5c, 0xbd, 0x17, 0xe7, 0x06, 0x6e, 0x00, 0xa0, 0x63, 0xd8, 0x26, 0x65, 0xa5, 0xd5, 0x07, - 0xe2, 0x55, 0xd5, 0xd6, 0x2e, 0x92, 0x59, 0x25, 0x46, 0x82, 0xf0, 0x72, 0x13, 0x4e, 0x06, 0x6d, - 0x20, 0x95, 0x3e, 0xd5, 0xe9, 0x95, 0x1b, 0xf7, 0x21, 0x8c, 0x78, 0x65, 0x66, 0x4d, 0x36, 0x15, - 0xca, 0xbb, 0xeb, 0x6a, 0x95, 0xba, 0xce, 0x0d, 0x5c, 0x0b, 0x7e, 0x30, 0x48, 0xe7, 0x81, 0x7d, - 0xaa, 0xbe, 0xd7, 0x27, 0xf2, 0xcb, 0x7e, 0x0f, 0x80, 0xe4, 0x6d, 0x96, 0x3e, 0x8d, 0x9d, 0x2a, - 0x7c, 0xb9, 0x07, 0x71, 0xc9, 0xdb, 0x3e, 0x83, 0x91, 0x43, 0xfd, 0xf3, 0x55, 0x48, 0x1f, 0xb2, - 0x24, 0x21, 0x17, 0x0c, 0x1d, 0xc2, 0x80, 0xe6, 0x50, 0x66, 0xb3, 0xe7, 0xa5, 0x6f, 0x05, 0x2e, - 0x73, 0xb7, 0x1f, 0xab, 0x89, 0x54, 0x3f, 0x57, 0xf4, 0x5c, 0x57, 0x8f, 0xd1, 0x24, 0xc5, 0x9c, - 0xd4, 0xb2, 0xcf, 0xcf, 0xe7, 0x06, 0x2e, 0x79, 0x17, 0xe9, 0xce, 0x61, 0xbb, 0xe2, 0x87, 0x3e, - 0x81, 0x01, 0xcf, 0x21, 0x65, 0xc6, 0xe5, 0x09, 0xd3, 0xfc, 0xf5, 0x85, 0x33, 0xef, 0xbb, 0x5f, - 0x01, 0x6a, 0x0e, 0x20, 0xb4, 0x09, 0xbd, 0xaf, 0xa3, 0x90, 0x8d, 0x0d, 0x34, 0x84, 0x8d, 0x6f, - 0x5e, 0x84, 0x8c, 0x8f, 0x4d, 0xb9, 0x74, 0xdc, 0xc0, 0x0b, 0xc7, 0x1d, 0x04, 0xd0, 0x7f, 0xc4, - 0x3d, 0xc1, 0xf8, 0xb8, 0x2b, 0xd7, 0x52, 0x74, 0xc6, 0xc7, 0xbd, 0x07, 0xf7, 0x7f, 0xbf, 0x9a, - 0x9a, 0x2f, 0xaf, 0xa6, 0xe6, 0x3f, 0x57, 0x53, 0xf3, 0x97, 0xeb, 0xa9, 0xf1, 0xf2, 0x7a, 0x6a, - 0xfc, 0x75, 0x3d, 0x35, 0x1e, 0xdf, 0xf9, 0x4f, 0x3f, 0x78, 0x9f, 0xf4, 0xd5, 0x9f, 0x8f, 0xfe, - 0x0d, 0x00, 0x00, 0xff, 0xff, 0xf9, 0x8e, 0x57, 0x42, 0x20, 0x0b, 0x00, 0x00, + // 977 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdd, 0x6e, 0x1b, 0x45, + 0x14, 0xde, 0x75, 0x1c, 0x3b, 0x3e, 0x9b, 0xb8, 0xee, 0x00, 0xed, 0x2a, 0x14, 0x13, 0x16, 0x15, + 0x45, 0x15, 0x6a, 0x90, 0x11, 0xa2, 0x42, 0x88, 0xd6, 0x4d, 0x2a, 0xec, 0x40, 0x00, 0x4d, 0x80, + 0x4a, 0x95, 0x40, 0x9a, 0xce, 0x8e, 0xd2, 0x85, 0xfd, 0xeb, 0xec, 0xc4, 0x95, 0xdf, 0x82, 0x47, + 0xe0, 0x45, 0xb8, 0xe7, 0xb2, 0x37, 0x48, 0x88, 0x2b, 0x94, 0x3c, 0x00, 0xaf, 0x80, 0x66, 0xc6, + 0xfb, 0x37, 0xbb, 0xb5, 0x9a, 0x8b, 0xc4, 0x3b, 0x67, 0xce, 0xf9, 0xe6, 0x9c, 0xf3, 0x7d, 0x73, + 0x76, 0xe1, 0x73, 0x9a, 0x44, 0x51, 0x12, 0x67, 0x29, 0xa1, 0xec, 0x20, 0x79, 0xfa, 0x0b, 0xa3, + 0xe2, 0x80, 0xd0, 0x50, 0xfe, 0x71, 0x46, 0x13, 0xee, 0xa7, 0x3c, 0x11, 0xc9, 0x81, 0xfa, 0x9f, + 0x95, 0xd6, 0xbb, 0xca, 0x80, 0x06, 0x85, 0xc1, 0xfb, 0xdd, 0x86, 0x6d, 0x4c, 0x5e, 0x4c, 0x69, + 0x88, 0x95, 0x01, 0xb9, 0xd0, 0x4f, 0xc9, 0x32, 0x4c, 0x88, 0xef, 0xda, 0x7b, 0xf6, 0xfe, 0x36, + 0xce, 0x97, 0xe8, 0x16, 0x0c, 0xb2, 0xe0, 0x2c, 0x26, 0xe2, 0x9c, 0x33, 0xb7, 0xa3, 0xf6, 0x4a, + 0x03, 0xba, 0x03, 0x23, 0x42, 0x29, 0x4b, 0x45, 0xc2, 0xe7, 0x3e, 0x8b, 0x45, 0x20, 0x96, 0xee, + 0x86, 0x72, 0x6a, 0xd8, 0xd1, 0x87, 0x70, 0x3d, 0xb7, 0x9d, 0x16, 0x88, 0x5d, 0xe5, 0xdc, 0xdc, + 0xf0, 0xbe, 0x00, 0x54, 0xcd, 0xf0, 0x71, 0x20, 0x9e, 0xcd, 0xd7, 0xe5, 0x39, 0x84, 0x4e, 0xe0, + 0xab, 0x04, 0x07, 0xb8, 0x13, 0xf8, 0xde, 0x73, 0x18, 0x94, 0xe5, 0xdd, 0x80, 0x5e, 0xca, 0xd9, + 0x62, 0xae, 0xa3, 0x06, 0x78, 0xb5, 0x42, 0xbb, 0xb0, 0x15, 0xe4, 0x69, 0xeb, 0xda, 0x8a, 0x35, + 0x42, 0xd0, 0xf5, 0x89, 0x20, 0xab, 0x72, 0xd4, 0xb3, 0x6c, 0x86, 0x08, 0x22, 0x96, 0x09, 0x12, + 0xa5, 0x2a, 0xf5, 0x0d, 0x5c, 0x1a, 0xbc, 0xbf, 0x6c, 0xe8, 0xcb, 0x33, 0x93, 0x44, 0xd4, 0x90, + 0x6d, 0x03, 0xf9, 0x16, 0x0c, 0x22, 0x92, 0x09, 0xc6, 0xbf, 0x62, 0xf9, 0xb1, 0xa5, 0x41, 0x96, + 0xa8, 0x08, 0x9e, 0xfb, 0xea, 0xe8, 0x01, 0xce, 0x97, 0xb2, 0xd9, 0x2c, 0xa6, 0x7c, 0x99, 0x0a, + 0xe6, 0x63, 0x46, 0x7c, 0x19, 0xae, 0xfb, 0xd7, 0xb0, 0xd7, 0x33, 0xdd, 0x34, 0x32, 0x95, 0x54, + 0xe4, 0xd9, 0x94, 0x54, 0xf4, 0x34, 0x15, 0x8d, 0x0d, 0xef, 0x23, 0x18, 0x4d, 0x69, 0x38, 0xa5, + 0x34, 0x39, 0x8f, 0xc5, 0x3c, 0x5e, 0x04, 0x82, 0x49, 0xfc, 0x40, 0x3d, 0xc9, 0x24, 0x74, 0x81, + 0xa5, 0xc1, 0xfb, 0xc3, 0x86, 0xb7, 0xca, 0x10, 0xcc, 0x9e, 0x9f, 0xb3, 0x4c, 0x1c, 0x27, 0x41, + 0x8c, 0x3e, 0x80, 0xa1, 0x76, 0x9b, 0xd7, 0xbb, 0x63, 0x58, 0x4b, 0x3f, 0xcd, 0xe0, 0x3c, 0xa7, + 0xd6, 0xb0, 0xa2, 0x7b, 0x70, 0xb3, 0x1e, 0x59, 0xd6, 0xa3, 0x89, 0x7b, 0xd5, 0xb6, 0x64, 0x28, + 0x62, 0x82, 0x28, 0x8e, 0x75, 0x17, 0x8b, 0xb5, 0xf7, 0x9f, 0x0d, 0x37, 0x1b, 0xf9, 0x4f, 0x95, + 0x46, 0xd7, 0x32, 0xbb, 0x0f, 0xd7, 0xb8, 0x76, 0x36, 0xd2, 0x36, 0xcd, 0xe8, 0x04, 0xae, 0x9b, + 0x9c, 0x65, 0xee, 0xc6, 0xde, 0xc6, 0xbe, 0x33, 0x79, 0xf7, 0x6e, 0x79, 0x73, 0x95, 0x84, 0xd5, + 0xae, 0xbc, 0x00, 0x3a, 0x1a, 0x37, 0x23, 0xd1, 0x7d, 0x70, 0x52, 0xc6, 0xa3, 0x20, 0xcb, 0x82, + 0x24, 0xce, 0x54, 0x3d, 0xc3, 0xc9, 0x3b, 0x75, 0xa0, 0x1f, 0x32, 0xc6, 0xbf, 0x2b, 0x9d, 0x70, + 0x35, 0xc2, 0x3b, 0x02, 0xb7, 0x51, 0xf0, 0x11, 0xa3, 0x61, 0x10, 0xb3, 0xb6, 0xaa, 0xec, 0xd6, + 0xaa, 0xbc, 0x07, 0x70, 0xc3, 0x54, 0x0a, 0x66, 0x8b, 0xe4, 0x57, 0xd6, 0xc2, 0xa7, 0xdd, 0xc6, + 0xa7, 0xf7, 0x33, 0xbc, 0xd9, 0x56, 0xb3, 0xec, 0x3a, 0xaf, 0x47, 0x16, 0xeb, 0xd6, 0x7b, 0xd1, + 0x69, 0xbf, 0x17, 0xde, 0x4f, 0xf0, 0xc6, 0x94, 0x86, 0x8f, 0xcc, 0xeb, 0xb2, 0x8e, 0xd4, 0xab, + 0xc0, 0x2f, 0x61, 0xb7, 0x6c, 0x40, 0xd9, 0xec, 0xc3, 0x67, 0x24, 0x3e, 0x63, 0x6b, 0x4f, 0x31, + 0x18, 0xec, 0x5c, 0x99, 0xc1, 0xef, 0xd5, 0x2d, 0x5d, 0x25, 0xb2, 0x3a, 0xf0, 0x01, 0x38, 0x44, + 0xe7, 0xa2, 0xf4, 0x65, 0x2b, 0x7d, 0x8d, 0xeb, 0xa0, 0x66, 0x2f, 0x70, 0x35, 0xc4, 0x4b, 0xab, + 0x77, 0x1f, 0xb3, 0x28, 0x59, 0xac, 0x2f, 0xc3, 0x38, 0xb1, 0x73, 0xf5, 0x13, 0xff, 0xe9, 0xc2, + 0xb5, 0x29, 0x0d, 0x0f, 0x93, 0x58, 0xb0, 0x58, 0xfc, 0x48, 0xc2, 0x73, 0x86, 0x3e, 0x81, 0x9e, + 0xd6, 0x89, 0x3a, 0xcf, 0x99, 0xbc, 0x5d, 0x07, 0xac, 0x09, 0x6e, 0x66, 0xe1, 0x95, 0x33, 0xfa, + 0x12, 0xb6, 0x83, 0x8a, 0x08, 0x55, 0x53, 0x9d, 0xc9, 0x7b, 0x6b, 0x82, 0xb5, 0xe3, 0xcc, 0xc2, + 0xb5, 0x40, 0x74, 0x04, 0x0e, 0x2f, 0x87, 0x98, 0x9a, 0x2c, 0xce, 0x64, 0xaf, 0x15, 0xa7, 0x32, + 0xec, 0x66, 0x16, 0xae, 0x86, 0xa1, 0x63, 0xd8, 0xe1, 0xd5, 0x51, 0xa2, 0xae, 0xa9, 0x33, 0xf1, + 0xd6, 0xe1, 0x68, 0xcf, 0x99, 0x85, 0xeb, 0xa1, 0xe8, 0x14, 0x46, 0xa9, 0x21, 0x2f, 0x35, 0xe6, + 0x9d, 0xc9, 0xed, 0x56, 0x38, 0x53, 0x8b, 0x33, 0x0b, 0x37, 0x00, 0xd0, 0x21, 0xec, 0x90, 0x2a, + 0xd3, 0xea, 0x95, 0xf0, 0xaa, 0x6e, 0x6b, 0x17, 0x99, 0x59, 0x2d, 0x46, 0x82, 0xf0, 0xaa, 0x08, + 0xdd, 0x7e, 0x1b, 0x48, 0x4d, 0xa7, 0xba, 0xbc, 0xaa, 0x70, 0x4f, 0x60, 0xc8, 0x6b, 0x43, 0xc8, + 0xdd, 0x52, 0x28, 0xef, 0xaf, 0xeb, 0xd5, 0xca, 0x75, 0x66, 0x61, 0x23, 0xf8, 0x61, 0x1f, 0x36, + 0x17, 0x52, 0x48, 0xde, 0x23, 0xf5, 0x86, 0x3e, 0x92, 0xef, 0xf2, 0xcf, 0x00, 0x48, 0x21, 0xb3, + 0xd5, 0xd5, 0xd8, 0xad, 0xc3, 0x57, 0x35, 0x88, 0x2b, 0xde, 0xde, 0x31, 0x0c, 0xa7, 0x34, 0x3c, + 0x5d, 0xc6, 0xf4, 0x84, 0x65, 0x19, 0x39, 0x63, 0xe8, 0x1e, 0xf4, 0x69, 0x01, 0x65, 0x37, 0x35, + 0x2f, 0x7d, 0x6b, 0x70, 0xb9, 0xbb, 0xf7, 0x44, 0x4d, 0x24, 0x73, 0x5f, 0xa5, 0xe7, 0xfb, 0x7a, + 0xfa, 0x65, 0x2b, 0x4c, 0xd7, 0xa8, 0xbe, 0xd8, 0x9f, 0x59, 0xb8, 0xe2, 0x5d, 0x96, 0x3b, 0x83, + 0x9d, 0x9a, 0x1f, 0xfa, 0x14, 0xfa, 0xbc, 0x80, 0x94, 0x15, 0x57, 0x27, 0x4c, 0xf3, 0x7b, 0x0b, + 0xe7, 0xde, 0x77, 0xbe, 0x06, 0xd4, 0x1c, 0x40, 0x68, 0x0b, 0xba, 0xdf, 0x24, 0x31, 0x1b, 0x59, + 0x68, 0x00, 0x9b, 0xdf, 0xbe, 0x88, 0x19, 0x1f, 0xd9, 0xf2, 0x71, 0xea, 0x47, 0x41, 0x3c, 0xea, + 0x20, 0x80, 0xde, 0x63, 0x1e, 0x08, 0xc6, 0x47, 0x1b, 0xf2, 0x59, 0x92, 0xce, 0xf8, 0xa8, 0xfb, + 0xf0, 0xfe, 0x9f, 0x17, 0x63, 0xfb, 0xe5, 0xc5, 0xd8, 0xfe, 0xf7, 0x62, 0x6c, 0xff, 0x76, 0x39, + 0xb6, 0x5e, 0x5e, 0x8e, 0xad, 0xbf, 0x2f, 0xc7, 0xd6, 0x93, 0xdb, 0xaf, 0xf5, 0x89, 0xfb, 0xb4, + 0xa7, 0x7e, 0x3e, 0xfe, 0x3f, 0x00, 0x00, 0xff, 0xff, 0x93, 0x1c, 0x33, 0x3f, 0x12, 0x0b, 0x00, + 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1629,11 +1635,18 @@ func (m *AclAccountRequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error) dAtA[i] = 0x20 } if len(m.EncryptedReadKeys) > 0 { - i -= len(m.EncryptedReadKeys) - copy(dAtA[i:], m.EncryptedReadKeys) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys))) - i-- - dAtA[i] = 0x1a + for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.EncryptedReadKeys[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintAclrecord(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a + } } if len(m.RequestRecordId) > 0 { i -= len(m.RequestRecordId) @@ -1712,7 +1725,7 @@ func (m *AclAccountInviteRevoke) MarshalToSizedBuffer(dAtA []byte) (int, error) return len(dAtA) - i, nil } -func (m *AclReadKeys) Marshal() (dAtA []byte, err error) { +func (m *AclReadKeyWithRecord) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) n, err := m.MarshalToSizedBuffer(dAtA[:size]) @@ -1722,36 +1735,29 @@ func (m *AclReadKeys) Marshal() (dAtA []byte, err error) { return dAtA[:n], nil } -func (m *AclReadKeys) MarshalTo(dAtA []byte) (int, error) { +func (m *AclReadKeyWithRecord) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *AclReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *AclReadKeyWithRecord) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) _ = i var l int _ = l - if len(m.ReadKeys) > 0 { - for k := range m.ReadKeys { - v := m.ReadKeys[k] - baseI := i - if len(v) > 0 { - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarintAclrecord(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - } - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarintAclrecord(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarintAclrecord(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0xa - } + if len(m.EncryptedReadKey) > 0 { + i -= len(m.EncryptedReadKey) + copy(dAtA[i:], m.EncryptedReadKey) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey))) + i-- + dAtA[i] = 0x12 + } + if len(m.RecordId) > 0 { + i -= len(m.RecordId) + copy(dAtA[i:], m.RecordId) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.RecordId))) + i-- + dAtA[i] = 0xa } return len(dAtA) - i, nil } @@ -2432,9 +2438,11 @@ func (m *AclAccountRequestAccept) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptedReadKeys) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) + if len(m.EncryptedReadKeys) > 0 { + for _, e := range m.EncryptedReadKeys { + l = e.Size() + n += 1 + l + sovAclrecord(uint64(l)) + } } if m.Permissions != 0 { n += 1 + sovAclrecord(uint64(m.Permissions)) @@ -2468,23 +2476,19 @@ func (m *AclAccountInviteRevoke) Size() (n int) { return n } -func (m *AclReadKeys) Size() (n int) { +func (m *AclReadKeyWithRecord) Size() (n int) { if m == nil { return 0 } var l int _ = l - if len(m.ReadKeys) > 0 { - for k, v := range m.ReadKeys { - _ = k - _ = v - l = 0 - if len(v) > 0 { - l = 1 + len(v) + sovAclrecord(uint64(len(v))) - } - mapEntrySize := 1 + len(k) + sovAclrecord(uint64(len(k))) + l - n += mapEntrySize + 1 + sovAclrecord(uint64(mapEntrySize)) - } + l = len(m.RecordId) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) + } + l = len(m.EncryptedReadKey) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) } return n } @@ -3812,7 +3816,7 @@ func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error { if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) } - var byteLen int + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowAclrecord @@ -3822,24 +3826,24 @@ func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= int(b&0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } } - if byteLen < 0 { + if msglen < 0 { return ErrInvalidLengthAclrecord } - postIndex := iNdEx + byteLen + postIndex := iNdEx + msglen if postIndex < 0 { return ErrInvalidLengthAclrecord } if postIndex > l { return io.ErrUnexpectedEOF } - m.EncryptedReadKeys = append(m.EncryptedReadKeys[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptedReadKeys == nil { - m.EncryptedReadKeys = []byte{} + m.EncryptedReadKeys = append(m.EncryptedReadKeys, &AclReadKeyWithRecord{}) + if err := m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err } iNdEx = postIndex case 4: @@ -4046,7 +4050,7 @@ func (m *AclAccountInviteRevoke) Unmarshal(dAtA []byte) error { } return nil } -func (m *AclReadKeys) Unmarshal(dAtA []byte) error { +func (m *AclReadKeyWithRecord) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -4069,17 +4073,17 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: AclReadKeys: wiretype end group for non-group") + return fmt.Errorf("proto: AclReadKeyWithRecord: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: AclReadKeys: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: AclReadKeyWithRecord: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ReadKeys", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field RecordId", wireType) } - var msglen int + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowAclrecord @@ -4089,119 +4093,57 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= int(b&0x7F) << shift + stringLen |= uint64(b&0x7F) << shift if b < 0x80 { break } } - if msglen < 0 { + intStringLen := int(stringLen) + if intStringLen < 0 { return ErrInvalidLengthAclrecord } - postIndex := iNdEx + msglen + postIndex := iNdEx + intStringLen if postIndex < 0 { return ErrInvalidLengthAclrecord } if postIndex > l { return io.ErrUnexpectedEOF } - if m.ReadKeys == nil { - m.ReadKeys = make(map[string][]byte) + m.RecordId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType) } - var mapkey string - mapvalue := []byte{} - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthAclrecord - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthAclrecord - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var mapbyteLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - mapbyteLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intMapbyteLen := int(mapbyteLen) - if intMapbyteLen < 0 { - return ErrInvalidLengthAclrecord - } - postbytesIndex := iNdEx + intMapbyteLen - if postbytesIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postbytesIndex > l { - return io.ErrUnexpectedEOF - } - mapvalue = make([]byte, mapbyteLen) - copy(mapvalue, dAtA[iNdEx:postbytesIndex]) - iNdEx = postbytesIndex - } else { - iNdEx = entryPreIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break } } - m.ReadKeys[mapkey] = mapvalue + if byteLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.EncryptedReadKey = append(m.EncryptedReadKey[:0], dAtA[iNdEx:postIndex]...) + if m.EncryptedReadKey == nil { + m.EncryptedReadKey = []byte{} + } iNdEx = postIndex default: iNdEx = preIndex diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 1fa11e59..5215ae7a 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -51,7 +51,7 @@ message AclAccountRequestJoin { message AclAccountRequestAccept { bytes identity = 1; string requestRecordId = 2; - bytes encryptedReadKeys = 3; + repeated AclReadKeyWithRecord encryptedReadKeys = 3; AclUserPermissions permissions = 4; } @@ -65,9 +65,10 @@ message AclAccountInviteRevoke { string inviteRecordId = 1; } -// AclReadKeys are all read keys in Acl -message AclReadKeys { - map readKeys = 1; +// AclReadKeys are a read key with record id +message AclReadKeyWithRecord { + string recordId = 1; + bytes encryptedReadKey = 2; } // AclEncryptedReadKeys are new key for specific identity diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index 86b94c5c..b038a0c5 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -182,16 +182,21 @@ func (a *aclRecordBuilder) BuildRequestAccept(payload RequestAcceptPayload) (raw err = ErrNoSuchRequest return } - readKeys := map[string][]byte{} + var encryptedReadKeys []*aclrecordproto.AclReadKeyWithRecord for keyId, key := range a.state.userReadKeys { rawKey, err := key.Raw() if err != nil { return nil, err } - readKeys[keyId] = rawKey + enc, err := request.RequestIdentity.Encrypt(rawKey) + if err != nil { + return nil, err + } + encryptedReadKeys = append(encryptedReadKeys, &aclrecordproto.AclReadKeyWithRecord{ + RecordId: keyId, + EncryptedReadKey: enc, + }) } - aclKeys := &aclrecordproto.AclReadKeys{ReadKeys: readKeys} - marshalledKeys, err := aclKeys.Marshal() if err != nil { return } @@ -199,14 +204,10 @@ func (a *aclRecordBuilder) BuildRequestAccept(payload RequestAcceptPayload) (raw if err != nil { return } - encKeys, err := request.RequestIdentity.Encrypt(marshalledKeys) - if err != nil { - return - } acceptRec := &aclrecordproto.AclAccountRequestAccept{ Identity: requestIdentityProto, RequestRecordId: payload.RequestRecordId, - EncryptedReadKeys: encKeys, + EncryptedReadKeys: encryptedReadKeys, Permissions: aclrecordproto.AclUserPermissions(payload.Permissions), } content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_RequestAccept{RequestAccept: acceptRec}} diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index de484a13..7f4c64d9 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -312,21 +312,16 @@ func (st *AclState) applyRequestAccept(ch *aclrecordproto.AclAccountRequestAccep if !st.pubKey.Equals(acceptIdentity) { return nil } - res, err := st.key.Decrypt(ch.EncryptedReadKeys) - if err != nil { - return err - } - keys := &aclrecordproto.AclReadKeys{} - err = proto.Unmarshal(res, keys) - if err != nil { - return err - } - for keyId, key := range keys.ReadKeys { - sym, err := crypto.UnmarshallAESKey(key) + for _, key := range ch.EncryptedReadKeys { + decrypted, err := st.key.Decrypt(key.EncryptedReadKey) if err != nil { return err } - st.userReadKeys[keyId] = sym + sym, err := crypto.UnmarshallAESKey(decrypted) + if err != nil { + return err + } + st.userReadKeys[key.RecordId] = sym } return nil } diff --git a/net/peer/peer.go b/net/peer/peer.go index 6b6a7666..5bd81a8b 100644 --- a/net/peer/peer.go +++ b/net/peer/peer.go @@ -201,11 +201,6 @@ func (p *peer) TryClose(objectTTL time.Duration) (res bool, err error) { return false, nil } -// 70 stream -> 1 subconn -// 62 request -> 1 subconn -// 2600 subconn (2400 non active -> 5 min) - -// 2 5min connect func (p *peer) gc(ttl time.Duration) (aliveCount int) { p.mu.Lock() defer p.mu.Unlock() From 0ffbb6fa5ae94f625993c7f50fd8d37248aebd4e Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Tue, 27 Jun 2023 19:44:44 +0200 Subject: [PATCH 07/17] Rework ACL structures --- .../object/acl/aclrecordproto/aclrecord.pb.go | 390 +++++++++++++----- .../acl/aclrecordproto/protos/aclrecord.proto | 7 +- .../object/acl/list/aclrecordbuilder.go | 59 ++- commonspace/object/acl/list/aclstate.go | 91 ++-- commonspace/object/acl/list/list.go | 61 ++- commonspace/object/acl/list/listutils.go | 2 +- commonspace/object/acl/list/models.go | 7 + commonspace/object/acl/list/validator.go | 41 +- commonspace/object/acl/syncacl/syncacl.go | 3 +- .../object/tree/exporter/treeimport.go | 2 +- commonspace/payloads.go | 15 +- util/crypto/ed25519_test.go | 3 +- util/strkey/strkey_test.go | 3 +- 13 files changed, 516 insertions(+), 168 deletions(-) diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index 8ab2e12f..2d264f05 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -812,7 +812,7 @@ func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKey { // AclAccountRemove removes an account and changes read key for space type AclAccountRemove struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + Identities [][]byte `protobuf:"bytes,1,rep,name=identities,proto3" json:"identities,omitempty"` AccountKeys []*AclEncryptedReadKey `protobuf:"bytes,2,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"` } @@ -849,9 +849,9 @@ func (m *AclAccountRemove) XXX_DiscardUnknown() { var xxx_messageInfo_AclAccountRemove proto.InternalMessageInfo -func (m *AclAccountRemove) GetIdentity() []byte { +func (m *AclAccountRemove) GetIdentities() [][]byte { if m != nil { - return m.Identity + return m.Identities } return nil } @@ -863,6 +863,43 @@ func (m *AclAccountRemove) GetAccountKeys() []*AclEncryptedReadKey { return nil } +// AclAccountRequestRemove adds a request to remove an account +type AclAccountRequestRemove struct { +} + +func (m *AclAccountRequestRemove) Reset() { *m = AclAccountRequestRemove{} } +func (m *AclAccountRequestRemove) String() string { return proto.CompactTextString(m) } +func (*AclAccountRequestRemove) ProtoMessage() {} +func (*AclAccountRequestRemove) Descriptor() ([]byte, []int) { + return fileDescriptor_c8e9f754f34e929b, []int{14} +} +func (m *AclAccountRequestRemove) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AclAccountRequestRemove) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AclAccountRequestRemove.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AclAccountRequestRemove) XXX_Merge(src proto.Message) { + xxx_messageInfo_AclAccountRequestRemove.Merge(m, src) +} +func (m *AclAccountRequestRemove) XXX_Size() int { + return m.Size() +} +func (m *AclAccountRequestRemove) XXX_DiscardUnknown() { + xxx_messageInfo_AclAccountRequestRemove.DiscardUnknown(m) +} + +var xxx_messageInfo_AclAccountRequestRemove proto.InternalMessageInfo + // AclContentValue contains possible values for Acl type AclContentValue struct { // Types that are valid to be assigned to Value: @@ -875,6 +912,7 @@ type AclContentValue struct { // *AclContentValue_AccountRemove // *AclContentValue_ReadKeyChange // *AclContentValue_RequestDecline + // *AclContentValue_AccountRequestRemove Value isAclContentValue_Value `protobuf_oneof:"value"` } @@ -882,7 +920,7 @@ func (m *AclContentValue) Reset() { *m = AclContentValue{} } func (m *AclContentValue) String() string { return proto.CompactTextString(m) } func (*AclContentValue) ProtoMessage() {} func (*AclContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{14} + return fileDescriptor_c8e9f754f34e929b, []int{15} } func (m *AclContentValue) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -941,15 +979,19 @@ type AclContentValue_ReadKeyChange struct { type AclContentValue_RequestDecline struct { RequestDecline *AclAccountRequestDecline `protobuf:"bytes,8,opt,name=requestDecline,proto3,oneof" json:"requestDecline,omitempty"` } +type AclContentValue_AccountRequestRemove struct { + AccountRequestRemove *AclAccountRequestRemove `protobuf:"bytes,9,opt,name=accountRequestRemove,proto3,oneof" json:"accountRequestRemove,omitempty"` +} -func (*AclContentValue_Invite) isAclContentValue_Value() {} -func (*AclContentValue_InviteRevoke) isAclContentValue_Value() {} -func (*AclContentValue_RequestJoin) isAclContentValue_Value() {} -func (*AclContentValue_RequestAccept) isAclContentValue_Value() {} -func (*AclContentValue_PermissionChange) isAclContentValue_Value() {} -func (*AclContentValue_AccountRemove) isAclContentValue_Value() {} -func (*AclContentValue_ReadKeyChange) isAclContentValue_Value() {} -func (*AclContentValue_RequestDecline) isAclContentValue_Value() {} +func (*AclContentValue_Invite) isAclContentValue_Value() {} +func (*AclContentValue_InviteRevoke) isAclContentValue_Value() {} +func (*AclContentValue_RequestJoin) isAclContentValue_Value() {} +func (*AclContentValue_RequestAccept) isAclContentValue_Value() {} +func (*AclContentValue_PermissionChange) isAclContentValue_Value() {} +func (*AclContentValue_AccountRemove) isAclContentValue_Value() {} +func (*AclContentValue_ReadKeyChange) isAclContentValue_Value() {} +func (*AclContentValue_RequestDecline) isAclContentValue_Value() {} +func (*AclContentValue_AccountRequestRemove) isAclContentValue_Value() {} func (m *AclContentValue) GetValue() isAclContentValue_Value { if m != nil { @@ -1014,6 +1056,13 @@ func (m *AclContentValue) GetRequestDecline() *AclAccountRequestDecline { return nil } +func (m *AclContentValue) GetAccountRequestRemove() *AclAccountRequestRemove { + if x, ok := m.GetValue().(*AclContentValue_AccountRequestRemove); ok { + return x.AccountRequestRemove + } + return nil +} + // XXX_OneofWrappers is for the internal use of the proto package. func (*AclContentValue) XXX_OneofWrappers() []interface{} { return []interface{}{ @@ -1025,6 +1074,7 @@ func (*AclContentValue) XXX_OneofWrappers() []interface{} { (*AclContentValue_AccountRemove)(nil), (*AclContentValue_ReadKeyChange)(nil), (*AclContentValue_RequestDecline)(nil), + (*AclContentValue_AccountRequestRemove)(nil), } } @@ -1037,7 +1087,7 @@ func (m *AclData) Reset() { *m = AclData{} } func (m *AclData) String() string { return proto.CompactTextString(m) } func (*AclData) ProtoMessage() {} func (*AclData) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{15} + return fileDescriptor_c8e9f754f34e929b, []int{16} } func (m *AclData) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1081,7 +1131,7 @@ func (m *AclSyncMessage) Reset() { *m = AclSyncMessage{} } func (m *AclSyncMessage) String() string { return proto.CompactTextString(m) } func (*AclSyncMessage) ProtoMessage() {} func (*AclSyncMessage) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{16} + return fileDescriptor_c8e9f754f34e929b, []int{17} } func (m *AclSyncMessage) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1129,7 +1179,7 @@ func (m *AclSyncContentValue) Reset() { *m = AclSyncContentValue{} } func (m *AclSyncContentValue) String() string { return proto.CompactTextString(m) } func (*AclSyncContentValue) ProtoMessage() {} func (*AclSyncContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{17} + return fileDescriptor_c8e9f754f34e929b, []int{18} } func (m *AclSyncContentValue) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1199,7 +1249,7 @@ func (m *AclAddRecords) Reset() { *m = AclAddRecords{} } func (m *AclAddRecords) String() string { return proto.CompactTextString(m) } func (*AclAddRecords) ProtoMessage() {} func (*AclAddRecords) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{18} + return fileDescriptor_c8e9f754f34e929b, []int{19} } func (m *AclAddRecords) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1251,6 +1301,7 @@ func init() { proto.RegisterType((*AclAccountPermissionChange)(nil), "aclrecord.AclAccountPermissionChange") proto.RegisterType((*AclReadKeyChange)(nil), "aclrecord.AclReadKeyChange") proto.RegisterType((*AclAccountRemove)(nil), "aclrecord.AclAccountRemove") + proto.RegisterType((*AclAccountRequestRemove)(nil), "aclrecord.AclAccountRequestRemove") proto.RegisterType((*AclContentValue)(nil), "aclrecord.AclContentValue") proto.RegisterType((*AclData)(nil), "aclrecord.AclData") proto.RegisterType((*AclSyncMessage)(nil), "aclrecord.AclSyncMessage") @@ -1263,69 +1314,70 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 977 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdd, 0x6e, 0x1b, 0x45, - 0x14, 0xde, 0x75, 0x1c, 0x3b, 0x3e, 0x9b, 0xb8, 0xee, 0x00, 0xed, 0x2a, 0x14, 0x13, 0x16, 0x15, - 0x45, 0x15, 0x6a, 0x90, 0x11, 0xa2, 0x42, 0x88, 0xd6, 0x4d, 0x2a, 0xec, 0x40, 0x00, 0x4d, 0x80, - 0x4a, 0x95, 0x40, 0x9a, 0xce, 0x8e, 0xd2, 0x85, 0xfd, 0xeb, 0xec, 0xc4, 0x95, 0xdf, 0x82, 0x47, - 0xe0, 0x45, 0xb8, 0xe7, 0xb2, 0x37, 0x48, 0x88, 0x2b, 0x94, 0x3c, 0x00, 0xaf, 0x80, 0x66, 0xc6, - 0xfb, 0x37, 0xbb, 0xb5, 0x9a, 0x8b, 0xc4, 0x3b, 0x67, 0xce, 0xf9, 0xe6, 0x9c, 0xf3, 0x7d, 0x73, - 0x76, 0xe1, 0x73, 0x9a, 0x44, 0x51, 0x12, 0x67, 0x29, 0xa1, 0xec, 0x20, 0x79, 0xfa, 0x0b, 0xa3, - 0xe2, 0x80, 0xd0, 0x50, 0xfe, 0x71, 0x46, 0x13, 0xee, 0xa7, 0x3c, 0x11, 0xc9, 0x81, 0xfa, 0x9f, - 0x95, 0xd6, 0xbb, 0xca, 0x80, 0x06, 0x85, 0xc1, 0xfb, 0xdd, 0x86, 0x6d, 0x4c, 0x5e, 0x4c, 0x69, - 0x88, 0x95, 0x01, 0xb9, 0xd0, 0x4f, 0xc9, 0x32, 0x4c, 0x88, 0xef, 0xda, 0x7b, 0xf6, 0xfe, 0x36, - 0xce, 0x97, 0xe8, 0x16, 0x0c, 0xb2, 0xe0, 0x2c, 0x26, 0xe2, 0x9c, 0x33, 0xb7, 0xa3, 0xf6, 0x4a, - 0x03, 0xba, 0x03, 0x23, 0x42, 0x29, 0x4b, 0x45, 0xc2, 0xe7, 0x3e, 0x8b, 0x45, 0x20, 0x96, 0xee, - 0x86, 0x72, 0x6a, 0xd8, 0xd1, 0x87, 0x70, 0x3d, 0xb7, 0x9d, 0x16, 0x88, 0x5d, 0xe5, 0xdc, 0xdc, - 0xf0, 0xbe, 0x00, 0x54, 0xcd, 0xf0, 0x71, 0x20, 0x9e, 0xcd, 0xd7, 0xe5, 0x39, 0x84, 0x4e, 0xe0, - 0xab, 0x04, 0x07, 0xb8, 0x13, 0xf8, 0xde, 0x73, 0x18, 0x94, 0xe5, 0xdd, 0x80, 0x5e, 0xca, 0xd9, - 0x62, 0xae, 0xa3, 0x06, 0x78, 0xb5, 0x42, 0xbb, 0xb0, 0x15, 0xe4, 0x69, 0xeb, 0xda, 0x8a, 0x35, - 0x42, 0xd0, 0xf5, 0x89, 0x20, 0xab, 0x72, 0xd4, 0xb3, 0x6c, 0x86, 0x08, 0x22, 0x96, 0x09, 0x12, - 0xa5, 0x2a, 0xf5, 0x0d, 0x5c, 0x1a, 0xbc, 0xbf, 0x6c, 0xe8, 0xcb, 0x33, 0x93, 0x44, 0xd4, 0x90, - 0x6d, 0x03, 0xf9, 0x16, 0x0c, 0x22, 0x92, 0x09, 0xc6, 0xbf, 0x62, 0xf9, 0xb1, 0xa5, 0x41, 0x96, - 0xa8, 0x08, 0x9e, 0xfb, 0xea, 0xe8, 0x01, 0xce, 0x97, 0xb2, 0xd9, 0x2c, 0xa6, 0x7c, 0x99, 0x0a, - 0xe6, 0x63, 0x46, 0x7c, 0x19, 0xae, 0xfb, 0xd7, 0xb0, 0xd7, 0x33, 0xdd, 0x34, 0x32, 0x95, 0x54, - 0xe4, 0xd9, 0x94, 0x54, 0xf4, 0x34, 0x15, 0x8d, 0x0d, 0xef, 0x23, 0x18, 0x4d, 0x69, 0x38, 0xa5, - 0x34, 0x39, 0x8f, 0xc5, 0x3c, 0x5e, 0x04, 0x82, 0x49, 0xfc, 0x40, 0x3d, 0xc9, 0x24, 0x74, 0x81, - 0xa5, 0xc1, 0xfb, 0xc3, 0x86, 0xb7, 0xca, 0x10, 0xcc, 0x9e, 0x9f, 0xb3, 0x4c, 0x1c, 0x27, 0x41, - 0x8c, 0x3e, 0x80, 0xa1, 0x76, 0x9b, 0xd7, 0xbb, 0x63, 0x58, 0x4b, 0x3f, 0xcd, 0xe0, 0x3c, 0xa7, - 0xd6, 0xb0, 0xa2, 0x7b, 0x70, 0xb3, 0x1e, 0x59, 0xd6, 0xa3, 0x89, 0x7b, 0xd5, 0xb6, 0x64, 0x28, - 0x62, 0x82, 0x28, 0x8e, 0x75, 0x17, 0x8b, 0xb5, 0xf7, 0x9f, 0x0d, 0x37, 0x1b, 0xf9, 0x4f, 0x95, - 0x46, 0xd7, 0x32, 0xbb, 0x0f, 0xd7, 0xb8, 0x76, 0x36, 0xd2, 0x36, 0xcd, 0xe8, 0x04, 0xae, 0x9b, - 0x9c, 0x65, 0xee, 0xc6, 0xde, 0xc6, 0xbe, 0x33, 0x79, 0xf7, 0x6e, 0x79, 0x73, 0x95, 0x84, 0xd5, - 0xae, 0xbc, 0x00, 0x3a, 0x1a, 0x37, 0x23, 0xd1, 0x7d, 0x70, 0x52, 0xc6, 0xa3, 0x20, 0xcb, 0x82, - 0x24, 0xce, 0x54, 0x3d, 0xc3, 0xc9, 0x3b, 0x75, 0xa0, 0x1f, 0x32, 0xc6, 0xbf, 0x2b, 0x9d, 0x70, - 0x35, 0xc2, 0x3b, 0x02, 0xb7, 0x51, 0xf0, 0x11, 0xa3, 0x61, 0x10, 0xb3, 0xb6, 0xaa, 0xec, 0xd6, - 0xaa, 0xbc, 0x07, 0x70, 0xc3, 0x54, 0x0a, 0x66, 0x8b, 0xe4, 0x57, 0xd6, 0xc2, 0xa7, 0xdd, 0xc6, - 0xa7, 0xf7, 0x33, 0xbc, 0xd9, 0x56, 0xb3, 0xec, 0x3a, 0xaf, 0x47, 0x16, 0xeb, 0xd6, 0x7b, 0xd1, - 0x69, 0xbf, 0x17, 0xde, 0x4f, 0xf0, 0xc6, 0x94, 0x86, 0x8f, 0xcc, 0xeb, 0xb2, 0x8e, 0xd4, 0xab, - 0xc0, 0x2f, 0x61, 0xb7, 0x6c, 0x40, 0xd9, 0xec, 0xc3, 0x67, 0x24, 0x3e, 0x63, 0x6b, 0x4f, 0x31, - 0x18, 0xec, 0x5c, 0x99, 0xc1, 0xef, 0xd5, 0x2d, 0x5d, 0x25, 0xb2, 0x3a, 0xf0, 0x01, 0x38, 0x44, - 0xe7, 0xa2, 0xf4, 0x65, 0x2b, 0x7d, 0x8d, 0xeb, 0xa0, 0x66, 0x2f, 0x70, 0x35, 0xc4, 0x4b, 0xab, - 0x77, 0x1f, 0xb3, 0x28, 0x59, 0xac, 0x2f, 0xc3, 0x38, 0xb1, 0x73, 0xf5, 0x13, 0xff, 0xe9, 0xc2, - 0xb5, 0x29, 0x0d, 0x0f, 0x93, 0x58, 0xb0, 0x58, 0xfc, 0x48, 0xc2, 0x73, 0x86, 0x3e, 0x81, 0x9e, - 0xd6, 0x89, 0x3a, 0xcf, 0x99, 0xbc, 0x5d, 0x07, 0xac, 0x09, 0x6e, 0x66, 0xe1, 0x95, 0x33, 0xfa, - 0x12, 0xb6, 0x83, 0x8a, 0x08, 0x55, 0x53, 0x9d, 0xc9, 0x7b, 0x6b, 0x82, 0xb5, 0xe3, 0xcc, 0xc2, - 0xb5, 0x40, 0x74, 0x04, 0x0e, 0x2f, 0x87, 0x98, 0x9a, 0x2c, 0xce, 0x64, 0xaf, 0x15, 0xa7, 0x32, - 0xec, 0x66, 0x16, 0xae, 0x86, 0xa1, 0x63, 0xd8, 0xe1, 0xd5, 0x51, 0xa2, 0xae, 0xa9, 0x33, 0xf1, - 0xd6, 0xe1, 0x68, 0xcf, 0x99, 0x85, 0xeb, 0xa1, 0xe8, 0x14, 0x46, 0xa9, 0x21, 0x2f, 0x35, 0xe6, - 0x9d, 0xc9, 0xed, 0x56, 0x38, 0x53, 0x8b, 0x33, 0x0b, 0x37, 0x00, 0xd0, 0x21, 0xec, 0x90, 0x2a, - 0xd3, 0xea, 0x95, 0xf0, 0xaa, 0x6e, 0x6b, 0x17, 0x99, 0x59, 0x2d, 0x46, 0x82, 0xf0, 0xaa, 0x08, - 0xdd, 0x7e, 0x1b, 0x48, 0x4d, 0xa7, 0xba, 0xbc, 0xaa, 0x70, 0x4f, 0x60, 0xc8, 0x6b, 0x43, 0xc8, - 0xdd, 0x52, 0x28, 0xef, 0xaf, 0xeb, 0xd5, 0xca, 0x75, 0x66, 0x61, 0x23, 0xf8, 0x61, 0x1f, 0x36, - 0x17, 0x52, 0x48, 0xde, 0x23, 0xf5, 0x86, 0x3e, 0x92, 0xef, 0xf2, 0xcf, 0x00, 0x48, 0x21, 0xb3, - 0xd5, 0xd5, 0xd8, 0xad, 0xc3, 0x57, 0x35, 0x88, 0x2b, 0xde, 0xde, 0x31, 0x0c, 0xa7, 0x34, 0x3c, - 0x5d, 0xc6, 0xf4, 0x84, 0x65, 0x19, 0x39, 0x63, 0xe8, 0x1e, 0xf4, 0x69, 0x01, 0x65, 0x37, 0x35, - 0x2f, 0x7d, 0x6b, 0x70, 0xb9, 0xbb, 0xf7, 0x44, 0x4d, 0x24, 0x73, 0x5f, 0xa5, 0xe7, 0xfb, 0x7a, - 0xfa, 0x65, 0x2b, 0x4c, 0xd7, 0xa8, 0xbe, 0xd8, 0x9f, 0x59, 0xb8, 0xe2, 0x5d, 0x96, 0x3b, 0x83, - 0x9d, 0x9a, 0x1f, 0xfa, 0x14, 0xfa, 0xbc, 0x80, 0x94, 0x15, 0x57, 0x27, 0x4c, 0xf3, 0x7b, 0x0b, - 0xe7, 0xde, 0x77, 0xbe, 0x06, 0xd4, 0x1c, 0x40, 0x68, 0x0b, 0xba, 0xdf, 0x24, 0x31, 0x1b, 0x59, - 0x68, 0x00, 0x9b, 0xdf, 0xbe, 0x88, 0x19, 0x1f, 0xd9, 0xf2, 0x71, 0xea, 0x47, 0x41, 0x3c, 0xea, - 0x20, 0x80, 0xde, 0x63, 0x1e, 0x08, 0xc6, 0x47, 0x1b, 0xf2, 0x59, 0x92, 0xce, 0xf8, 0xa8, 0xfb, - 0xf0, 0xfe, 0x9f, 0x17, 0x63, 0xfb, 0xe5, 0xc5, 0xd8, 0xfe, 0xf7, 0x62, 0x6c, 0xff, 0x76, 0x39, - 0xb6, 0x5e, 0x5e, 0x8e, 0xad, 0xbf, 0x2f, 0xc7, 0xd6, 0x93, 0xdb, 0xaf, 0xf5, 0x89, 0xfb, 0xb4, - 0xa7, 0x7e, 0x3e, 0xfe, 0x3f, 0x00, 0x00, 0xff, 0xff, 0x93, 0x1c, 0x33, 0x3f, 0x12, 0x0b, 0x00, - 0x00, + // 1008 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdd, 0x6e, 0xdc, 0x44, + 0x14, 0xb6, 0x37, 0xc9, 0x6e, 0x7c, 0x9c, 0x6c, 0xb7, 0x43, 0x69, 0x4d, 0x28, 0x4b, 0x30, 0x2a, + 0x8a, 0x2a, 0xd4, 0xa0, 0x45, 0x88, 0x0a, 0x21, 0xda, 0x6d, 0x52, 0xb1, 0x1b, 0x08, 0xa0, 0x09, + 0x50, 0x54, 0x09, 0xa4, 0xe9, 0x78, 0x94, 0x1a, 0xfc, 0xd7, 0xf1, 0x64, 0xab, 0x7d, 0x0b, 0x1e, + 0x81, 0x87, 0xe0, 0x96, 0x7b, 0x2e, 0x7b, 0x83, 0xc4, 0x25, 0x4a, 0x1e, 0x80, 0x57, 0x40, 0x33, + 0xe3, 0x7f, 0xbb, 0x4b, 0x73, 0x91, 0xac, 0xe7, 0xcc, 0x39, 0xdf, 0xf9, 0xfb, 0xce, 0xb1, 0xe1, + 0x53, 0x1a, 0x87, 0x61, 0x1c, 0xa5, 0x09, 0xa1, 0x6c, 0x3f, 0x7e, 0xf2, 0x33, 0xa3, 0x62, 0x9f, + 0xd0, 0x40, 0xfe, 0x71, 0x46, 0x63, 0xee, 0x25, 0x3c, 0x16, 0xf1, 0xbe, 0xfa, 0x9f, 0x96, 0xd2, + 0x3b, 0x4a, 0x80, 0xac, 0x42, 0xe0, 0xfe, 0x66, 0xc2, 0x16, 0x26, 0xcf, 0xa7, 0x34, 0xc0, 0x4a, + 0x80, 0x1c, 0x18, 0x24, 0x64, 0x19, 0xc4, 0xc4, 0x73, 0xcc, 0x5d, 0x73, 0x6f, 0x0b, 0xe7, 0x47, + 0x74, 0x13, 0xac, 0xd4, 0x3f, 0x8d, 0x88, 0x38, 0xe3, 0xcc, 0xe9, 0xa9, 0xbb, 0x52, 0x80, 0x6e, + 0xc3, 0x88, 0x50, 0xca, 0x12, 0x11, 0xf3, 0xb9, 0xc7, 0x22, 0xe1, 0x8b, 0xa5, 0xb3, 0xa6, 0x94, + 0x5a, 0x72, 0xf4, 0x3e, 0x5c, 0xcd, 0x65, 0x27, 0x05, 0xe2, 0xba, 0x52, 0x6e, 0x5f, 0xb8, 0x9f, + 0x01, 0xaa, 0x46, 0xf8, 0xc8, 0x17, 0x4f, 0xe7, 0xab, 0xe2, 0x1c, 0x42, 0xcf, 0xf7, 0x54, 0x80, + 0x16, 0xee, 0xf9, 0x9e, 0xfb, 0x0c, 0xac, 0x32, 0xbd, 0xeb, 0xd0, 0x4f, 0x38, 0x5b, 0xcc, 0xb5, + 0x95, 0x85, 0xb3, 0x13, 0xda, 0x81, 0x4d, 0x3f, 0x0f, 0x5b, 0xe7, 0x56, 0x9c, 0x11, 0x82, 0x75, + 0x8f, 0x08, 0x92, 0xa5, 0xa3, 0x9e, 0x65, 0x31, 0x84, 0x1f, 0xb2, 0x54, 0x90, 0x30, 0x51, 0xa1, + 0xaf, 0xe1, 0x52, 0xe0, 0xfe, 0x65, 0xc2, 0x40, 0xfa, 0x8c, 0x63, 0x51, 0x43, 0x36, 0x1b, 0xc8, + 0x37, 0xc1, 0x0a, 0x49, 0x2a, 0x18, 0xff, 0x82, 0xe5, 0x6e, 0x4b, 0x81, 0x4c, 0x51, 0x35, 0x78, + 0xee, 0x29, 0xd7, 0x16, 0xce, 0x8f, 0xb2, 0xd8, 0x2c, 0xa2, 0x7c, 0x99, 0x08, 0xe6, 0x61, 0x46, + 0x3c, 0x69, 0xae, 0xeb, 0xd7, 0x92, 0xd7, 0x23, 0xdd, 0x68, 0x44, 0x2a, 0x5b, 0x91, 0x47, 0x53, + 0xb6, 0xa2, 0xaf, 0x5b, 0xd1, 0xba, 0x70, 0x3f, 0x80, 0xd1, 0x94, 0x06, 0x53, 0x4a, 0xe3, 0xb3, + 0x48, 0xcc, 0xa3, 0x85, 0x2f, 0x98, 0xc4, 0xf7, 0xd5, 0x93, 0x0c, 0x42, 0x27, 0x58, 0x0a, 0xdc, + 0x3f, 0x4c, 0x78, 0xbd, 0x34, 0xc1, 0xec, 0xd9, 0x19, 0x4b, 0xc5, 0x51, 0xec, 0x47, 0xe8, 0x3d, + 0x18, 0x6a, 0xb5, 0x79, 0xbd, 0x3a, 0x0d, 0x69, 0xa9, 0xa7, 0x3b, 0x38, 0xcf, 0x5b, 0xdb, 0x90, + 0xa2, 0xbb, 0x70, 0xa3, 0x6e, 0x59, 0xe6, 0xa3, 0x1b, 0xf7, 0xb2, 0x6b, 0xd9, 0xa1, 0x90, 0x09, + 0xa2, 0x7a, 0xac, 0xab, 0x58, 0x9c, 0xdd, 0x7f, 0x4d, 0xb8, 0xd1, 0x8a, 0x7f, 0xaa, 0x38, 0xba, + 0xb2, 0xb3, 0x7b, 0x70, 0x85, 0x6b, 0xe5, 0x46, 0xd8, 0x4d, 0x31, 0x3a, 0x86, 0xab, 0xcd, 0x9e, + 0xa5, 0xce, 0xda, 0xee, 0xda, 0x9e, 0x3d, 0x79, 0xfb, 0x4e, 0x39, 0xb9, 0x8a, 0xc2, 0xea, 0x56, + 0x0e, 0x80, 0xb6, 0xc6, 0x6d, 0x4b, 0x74, 0x0f, 0xec, 0x84, 0xf1, 0xd0, 0x4f, 0x53, 0x3f, 0x8e, + 0x52, 0x95, 0xcf, 0x70, 0xf2, 0x56, 0x1d, 0xe8, 0xbb, 0x94, 0xf1, 0x6f, 0x4a, 0x25, 0x5c, 0xb5, + 0x70, 0x0f, 0xc1, 0x69, 0x25, 0x7c, 0xc8, 0x68, 0xe0, 0x47, 0xac, 0x2b, 0x2b, 0xb3, 0x33, 0x2b, + 0xf7, 0x3e, 0x5c, 0x6f, 0x32, 0x05, 0xb3, 0x45, 0xfc, 0x0b, 0xeb, 0xe8, 0xa7, 0xd9, 0xd5, 0x4f, + 0xf7, 0x27, 0xb8, 0xd6, 0x95, 0xb3, 0xac, 0x3a, 0xaf, 0x5b, 0x16, 0xe7, 0xce, 0xb9, 0xe8, 0x75, + 0xcf, 0x85, 0xfb, 0x23, 0xbc, 0x36, 0xa5, 0xc1, 0xc3, 0xe6, 0xb8, 0xac, 0x6a, 0xea, 0x65, 0xe0, + 0x97, 0xb0, 0x53, 0x16, 0xa0, 0x2c, 0xf6, 0xc1, 0x53, 0x12, 0x9d, 0xb2, 0x95, 0x5e, 0x1a, 0x1d, + 0xec, 0x5d, 0xba, 0x83, 0xdf, 0xaa, 0x29, 0xcd, 0x02, 0xc9, 0x1c, 0xde, 0x07, 0x9b, 0xe8, 0x58, + 0x14, 0xbf, 0x4c, 0xc5, 0xaf, 0x71, 0x1d, 0xb4, 0x59, 0x0b, 0x5c, 0x35, 0x71, 0x45, 0x75, 0xf6, + 0x31, 0x0b, 0xe3, 0x05, 0x43, 0x63, 0x80, 0x2c, 0x6c, 0x9f, 0x69, 0xd0, 0x2d, 0x5c, 0x91, 0x34, + 0xbd, 0xf6, 0x2e, 0xef, 0xf5, 0x8d, 0x8e, 0xf1, 0xd3, 0xce, 0xdd, 0xdf, 0x37, 0xe0, 0xca, 0x94, + 0x06, 0x07, 0x71, 0x24, 0x58, 0x24, 0xbe, 0x27, 0xc1, 0x19, 0x43, 0x1f, 0x41, 0x5f, 0xd3, 0x48, + 0x55, 0xd5, 0x9e, 0xbc, 0x59, 0xf7, 0x55, 0xe3, 0xe3, 0xcc, 0xc0, 0x99, 0x32, 0xfa, 0x1c, 0xb6, + 0xfc, 0x0a, 0x47, 0x55, 0xcd, 0xed, 0xc9, 0x3b, 0x2b, 0x8c, 0xb5, 0xe2, 0xcc, 0xc0, 0x35, 0x43, + 0x74, 0x08, 0x36, 0x2f, 0x77, 0x9c, 0x5a, 0x3c, 0xf6, 0x64, 0xb7, 0x13, 0xa7, 0xb2, 0x0b, 0x67, + 0x06, 0xae, 0x9a, 0xa1, 0x23, 0xd8, 0xe6, 0xd5, 0x4d, 0xa3, 0xa6, 0xd8, 0x9e, 0xb8, 0xab, 0x70, + 0xb4, 0xe6, 0xcc, 0xc0, 0x75, 0x53, 0x74, 0x02, 0xa3, 0xa4, 0xc1, 0x3e, 0xf5, 0x16, 0xb0, 0x27, + 0xb7, 0x3a, 0xe1, 0x9a, 0x54, 0x9d, 0x19, 0xb8, 0x05, 0x80, 0x0e, 0x60, 0x9b, 0x54, 0x89, 0xa0, + 0xde, 0x18, 0x2f, 0xab, 0xb6, 0x56, 0x91, 0x91, 0xd5, 0x6c, 0x24, 0x08, 0xaf, 0x72, 0xd4, 0x19, + 0x74, 0x81, 0xd4, 0x68, 0xac, 0xd3, 0xab, 0xf2, 0xfa, 0x18, 0x86, 0xbc, 0xb6, 0xa3, 0x9c, 0x4d, + 0x85, 0xf2, 0xee, 0xaa, 0x5a, 0x65, 0xaa, 0x33, 0x03, 0x37, 0x8c, 0xd1, 0x0f, 0x70, 0x8d, 0x74, + 0x70, 0xcd, 0xb1, 0xfe, 0xbf, 0x01, 0x45, 0x9a, 0x9d, 0x08, 0x0f, 0x06, 0xb0, 0xb1, 0x90, 0x14, + 0x75, 0x1f, 0xaa, 0x4f, 0x83, 0x43, 0xf9, 0x11, 0xf1, 0x09, 0x00, 0x29, 0x08, 0x9c, 0xcd, 0xe4, + 0x4e, 0xdd, 0x47, 0x95, 0xdd, 0xb8, 0xa2, 0xed, 0x1e, 0xc1, 0x70, 0x4a, 0x83, 0x93, 0x65, 0x44, + 0x8f, 0x59, 0x9a, 0x92, 0x53, 0x86, 0xee, 0xc2, 0x80, 0x16, 0x50, 0x66, 0x7b, 0xd0, 0xa4, 0x6e, + 0x0d, 0x2e, 0x57, 0x77, 0x1f, 0xab, 0x55, 0xd8, 0xbc, 0x57, 0xe1, 0x79, 0x9e, 0x5e, 0xbb, 0x69, + 0x86, 0xe9, 0x34, 0x4a, 0x50, 0xdc, 0xcf, 0x0c, 0x5c, 0xd1, 0x2e, 0xd3, 0x9d, 0xc1, 0x76, 0x4d, + 0x0f, 0x7d, 0x0c, 0x03, 0x5e, 0x40, 0xca, 0x8c, 0xab, 0xab, 0xad, 0xfd, 0xa1, 0x87, 0x73, 0xed, + 0xdb, 0x5f, 0x02, 0x6a, 0x6f, 0x3e, 0xb4, 0x09, 0xeb, 0x5f, 0xc5, 0x11, 0x1b, 0x19, 0xc8, 0x82, + 0x8d, 0xaf, 0x9f, 0x47, 0x8c, 0x8f, 0x4c, 0xf9, 0x38, 0xf5, 0x42, 0x3f, 0x1a, 0xf5, 0x10, 0x40, + 0xff, 0x11, 0xf7, 0x05, 0xe3, 0xa3, 0x35, 0xf9, 0x2c, 0xe9, 0xc4, 0xf8, 0x68, 0xfd, 0xc1, 0xbd, + 0x3f, 0xcf, 0xc7, 0xe6, 0x8b, 0xf3, 0xb1, 0xf9, 0xcf, 0xf9, 0xd8, 0xfc, 0xf5, 0x62, 0x6c, 0xbc, + 0xb8, 0x18, 0x1b, 0x7f, 0x5f, 0x8c, 0x8d, 0xc7, 0xb7, 0x5e, 0xe9, 0xdb, 0xfa, 0x49, 0x5f, 0xfd, + 0x7c, 0xf8, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x1d, 0x52, 0x8e, 0xdb, 0x8b, 0x0b, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1905,16 +1957,41 @@ func (m *AclAccountRemove) MarshalToSizedBuffer(dAtA []byte) (int, error) { dAtA[i] = 0x12 } } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0xa + if len(m.Identities) > 0 { + for iNdEx := len(m.Identities) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.Identities[iNdEx]) + copy(dAtA[i:], m.Identities[iNdEx]) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identities[iNdEx]))) + i-- + dAtA[i] = 0xa + } } return len(dAtA) - i, nil } +func (m *AclAccountRequestRemove) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AclAccountRequestRemove) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclAccountRequestRemove) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + return len(dAtA) - i, nil +} + func (m *AclContentValue) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -2115,6 +2192,27 @@ func (m *AclContentValue_RequestDecline) MarshalToSizedBuffer(dAtA []byte) (int, } return len(dAtA) - i, nil } +func (m *AclContentValue_AccountRequestRemove) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AclContentValue_AccountRequestRemove) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + if m.AccountRequestRemove != nil { + { + size, err := m.AccountRequestRemove.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintAclrecord(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x4a + } + return len(dAtA) - i, nil +} func (m *AclData) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -2547,9 +2645,11 @@ func (m *AclAccountRemove) Size() (n int) { } var l int _ = l - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) + if len(m.Identities) > 0 { + for _, b := range m.Identities { + l = len(b) + n += 1 + l + sovAclrecord(uint64(l)) + } } if len(m.AccountKeys) > 0 { for _, e := range m.AccountKeys { @@ -2560,6 +2660,15 @@ func (m *AclAccountRemove) Size() (n int) { return n } +func (m *AclAccountRequestRemove) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + return n +} + func (m *AclContentValue) Size() (n int) { if m == nil { return 0 @@ -2668,6 +2777,18 @@ func (m *AclContentValue_RequestDecline) Size() (n int) { } return n } +func (m *AclContentValue_AccountRequestRemove) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.AccountRequestRemove != nil { + l = m.AccountRequestRemove.Size() + n += 1 + l + sovAclrecord(uint64(l)) + } + return n +} func (m *AclData) Size() (n int) { if m == nil { return 0 @@ -4502,7 +4623,7 @@ func (m *AclAccountRemove) Unmarshal(dAtA []byte) error { switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Identities", wireType) } var byteLen int for shift := uint(0); ; shift += 7 { @@ -4529,10 +4650,8 @@ func (m *AclAccountRemove) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } + m.Identities = append(m.Identities, make([]byte, postIndex-iNdEx)) + copy(m.Identities[len(m.Identities)-1], dAtA[iNdEx:postIndex]) iNdEx = postIndex case 2: if wireType != 2 { @@ -4589,6 +4708,56 @@ func (m *AclAccountRemove) Unmarshal(dAtA []byte) error { } return nil } +func (m *AclAccountRequestRemove) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AclAccountRequestRemove: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AclAccountRequestRemove: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + default: + iNdEx = preIndex + skippy, err := skipAclrecord(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAclrecord + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func (m *AclContentValue) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 @@ -4898,6 +5067,41 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error { } m.Value = &AclContentValue_RequestDecline{v} iNdEx = postIndex + case 9: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field AccountRequestRemove", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &AclAccountRequestRemove{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Value = &AclContentValue_AccountRequestRemove{v} + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipAclrecord(dAtA[iNdEx:]) diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 5215ae7a..a1f2c49c 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -90,10 +90,14 @@ message AclReadKeyChange { // AclAccountRemove removes an account and changes read key for space message AclAccountRemove { - bytes identity = 1; + repeated bytes identities = 1; repeated AclEncryptedReadKey accountKeys = 2; } +// AclAccountRequestRemove adds a request to remove an account +message AclAccountRequestRemove { +} + // AclContentValue contains possible values for Acl message AclContentValue { oneof value { @@ -105,6 +109,7 @@ message AclContentValue { AclAccountRemove accountRemove = 6; AclReadKeyChange readKeyChange = 7; AclAccountRequestDecline requestDecline = 8; + AclAccountRequestRemove accountRequestRemove = 9; } } diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index b038a0c5..cae3a2b8 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -34,8 +34,8 @@ type PermissionChangePayload struct { } type AccountRemovePayload struct { - Identity crypto.PubKey - ReadKey crypto.SymKey + Identities []crypto.PubKey + ReadKey crypto.SymKey } type InviteResult struct { @@ -53,6 +53,7 @@ type AclRecordBuilder interface { BuildRequestJoin(payload RequestJoinPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) BuildRequestAccept(payload RequestAcceptPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) BuildRequestDecline(requestRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildRequestRemove() (rawRecord *aclrecordproto.RawAclRecord, err error) BuildPermissionChange(payload PermissionChangePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) BuildReadKeyChange(newKey crypto.SymKey) (rawRecord *aclrecordproto.RawAclRecord, err error) BuildAccountRemove(payload AccountRemovePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) @@ -230,12 +231,13 @@ func (a *aclRecordBuilder) BuildRequestDecline(requestRecordId string) (rawRecor } func (a *aclRecordBuilder) BuildPermissionChange(payload PermissionChangePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { - if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + permissions := a.state.Permissions(a.state.pubKey) + if !permissions.CanManageAccounts() || payload.Identity.Equals(a.state.pubKey) { err = ErrInsufficientPermissions return } - if payload.Identity.Equals(a.state.pubKey) || payload.Permissions.IsOwner() { - err = ErrIncorrectPermissions + if payload.Permissions.IsOwner() { + err = ErrIsOwner return } protoIdentity, err := payload.Identity.Marshall() @@ -284,13 +286,19 @@ func (a *aclRecordBuilder) BuildReadKeyChange(newKey crypto.SymKey) (rawRecord * } func (a *aclRecordBuilder) BuildAccountRemove(payload AccountRemovePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { - permissions := a.state.Permissions(payload.Identity) - if !a.state.Permissions(a.state.pubKey).CanManageAccounts() || permissions.IsOwner() { - err = ErrInsufficientPermissions - return + deletedMap := map[string]struct{}{} + for _, key := range payload.Identities { + permissions := a.state.Permissions(key) + if permissions.IsOwner() { + return nil, ErrInsufficientPermissions + } + if permissions.NoPermissions() { + return nil, ErrNoSuchAccount + } + deletedMap[mapKeyFromPubKey(key)] = struct{}{} } - if permissions.NoPermissions() { - err = ErrNoSuchAccount + if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { + err = ErrInsufficientPermissions return } rawKey, err := payload.ReadKey.Raw() @@ -303,7 +311,7 @@ func (a *aclRecordBuilder) BuildAccountRemove(payload AccountRemovePayload) (raw } var aclReadKeys []*aclrecordproto.AclEncryptedReadKey for _, st := range a.state.userStates { - if st.PubKey.Equals(payload.Identity) { + if _, exists := deletedMap[mapKeyFromPubKey(st.PubKey)]; exists { continue } protoIdentity, err := st.PubKey.Marshall() @@ -319,12 +327,31 @@ func (a *aclRecordBuilder) BuildAccountRemove(payload AccountRemovePayload) (raw EncryptedReadKey: enc, }) } - protoIdentity, err := payload.Identity.Marshall() - if err != nil { + var marshalledIdentities [][]byte + for _, key := range payload.Identities { + protoIdentity, err := key.Marshall() + if err != nil { + return nil, err + } + marshalledIdentities = append(marshalledIdentities, protoIdentity) + } + removeRec := &aclrecordproto.AclAccountRemove{AccountKeys: aclReadKeys, Identities: marshalledIdentities} + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_AccountRemove{AccountRemove: removeRec}} + return a.buildRecord(content) +} + +func (a *aclRecordBuilder) BuildRequestRemove() (rawRecord *aclrecordproto.RawAclRecord, err error) { + permissions := a.state.Permissions(a.state.pubKey) + if permissions.NoPermissions() { + err = ErrNoSuchAccount return } - removeRec := &aclrecordproto.AclAccountRemove{AccountKeys: aclReadKeys, Identity: protoIdentity} - content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_AccountRemove{AccountRemove: removeRec}} + if permissions.IsOwner() { + err = ErrIsOwner + return + } + removeRec := &aclrecordproto.AclAccountRequestRemove{} + content := &aclrecordproto.AclContentValue{Value: &aclrecordproto.AclContentValue_AccountRequestRemove{AccountRequestRemove: removeRec}} return a.buildRecord(content) } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 7f4c64d9..44336458 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -14,6 +14,7 @@ var log = logger.NewNamedSugared("common.commonspace.acllist") var ( ErrNoSuchAccount = errors.New("no such account") + ErrPendingRequest = errors.New("already exists pending request") ErrUnexpectedContentType = errors.New("unexpected content type") ErrIncorrectIdentity = errors.New("incorrect identity") ErrIncorrectInviteKey = errors.New("incorrect invite key") @@ -22,7 +23,7 @@ var ( ErrNoSuchRequest = errors.New("no such request") ErrNoSuchInvite = errors.New("no such invite") ErrInsufficientPermissions = errors.New("insufficient permissions") - ErrIncorrectPermissions = errors.New("incorrect permissions") + ErrIsOwner = errors.New("can't be made by owner") ErrIncorrectNumberOfAccounts = errors.New("incorrect number of accounts") ErrNoReadKey = errors.New("acl state doesn't have a read key") ErrIncorrectReadKey = errors.New("incorrect read key") @@ -39,15 +40,24 @@ type UserPermissionPair struct { type AclState struct { id string currentReadKeyId string - userReadKeys map[string]crypto.SymKey - userStates map[string]AclUserState - statesAtRecord map[string][]AclUserState - inviteKeys map[string]crypto.PubKey - requestRecords map[string]RequestRecord - key crypto.PrivKey - pubKey crypto.PubKey - keyStore crypto.KeyStorage - totalReadKeys int + // userReadKeys is a map recordId -> read key which tells us about every read key + userReadKeys map[string]crypto.SymKey + // userStates is a map pubKey -> state which defines current user state + userStates map[string]AclUserState + // statesAtRecord is a map recordId -> state which define user state at particular record + // probably this can grow rather large at some point, so we can maybe optimise later to have: + // - map pubKey -> []recordIds (where recordIds is an array where such identity permissions were changed) + statesAtRecord map[string][]AclUserState + // inviteKeys is a map recordId -> invite + inviteKeys map[string]crypto.PubKey + // requestRecords is a map recordId -> RequestRecord + requestRecords map[string]RequestRecord + // pendingRequests is a map pubKey -> RequestType + pendingRequests map[string]RequestType + key crypto.PrivKey + pubKey crypto.PubKey + keyStore crypto.KeyStorage + totalReadKeys int lastRecordId string contentValidator ContentValidator @@ -57,15 +67,16 @@ func newAclStateWithKeys( id string, key crypto.PrivKey) (*AclState, error) { st := &AclState{ - id: id, - key: key, - pubKey: key.GetPublic(), - userReadKeys: make(map[string]crypto.SymKey), - userStates: make(map[string]AclUserState), - statesAtRecord: make(map[string][]AclUserState), - inviteKeys: make(map[string]crypto.PubKey), - requestRecords: make(map[string]RequestRecord), - keyStore: crypto.NewKeyStorage(), + id: id, + key: key, + pubKey: key.GetPublic(), + userReadKeys: make(map[string]crypto.SymKey), + userStates: make(map[string]AclUserState), + statesAtRecord: make(map[string][]AclUserState), + inviteKeys: make(map[string]crypto.PubKey), + requestRecords: make(map[string]RequestRecord), + pendingRequests: make(map[string]RequestType), + keyStore: crypto.NewKeyStorage(), } st.contentValidator = &contentValidator{ keyStore: st.keyStore, @@ -76,13 +87,14 @@ func newAclStateWithKeys( func newAclState(id string) *AclState { st := &AclState{ - id: id, - userReadKeys: make(map[string]crypto.SymKey), - userStates: make(map[string]AclUserState), - statesAtRecord: make(map[string][]AclUserState), - inviteKeys: make(map[string]crypto.PubKey), - requestRecords: make(map[string]RequestRecord), - keyStore: crypto.NewKeyStorage(), + id: id, + userReadKeys: make(map[string]crypto.SymKey), + userStates: make(map[string]AclUserState), + statesAtRecord: make(map[string][]AclUserState), + inviteKeys: make(map[string]crypto.PubKey), + requestRecords: make(map[string]RequestRecord), + pendingRequests: make(map[string]RequestType), + keyStore: crypto.NewKeyStorage(), } st.contentValidator = &contentValidator{ keyStore: st.keyStore, @@ -239,6 +251,8 @@ func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recor return st.applyAccountRemove(ch.GetAccountRemove(), recordId, authorIdentity) case ch.GetReadKeyChange() != nil: return st.applyReadKeyChange(ch.GetReadKeyChange(), recordId, authorIdentity) + case ch.GetAccountRequestRemove() != nil: + return st.applyRequestRemove(ch.GetAccountRequestRemove(), recordId, authorIdentity) default: return ErrUnexpectedContentType } @@ -287,6 +301,7 @@ func (st *AclState) applyRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, r if err != nil { return err } + st.pendingRequests[mapKeyFromPubKey(authorIdentity)] = RequestTypeJoin st.requestRecords[recordId] = RequestRecord{ RequestIdentity: authorIdentity, RequestMetadata: ch.Metadata, @@ -309,6 +324,7 @@ func (st *AclState) applyRequestAccept(ch *aclrecordproto.AclAccountRequestAccep Permissions: AclPermissions(ch.Permissions), RequestMetadata: record.RequestMetadata, } + delete(st.pendingRequests, mapKeyFromPubKey(st.requestRecords[ch.RequestRecordId].RequestIdentity)) if !st.pubKey.Equals(acceptIdentity) { return nil } @@ -331,15 +347,34 @@ func (st *AclState) applyRequestDecline(ch *aclrecordproto.AclAccountRequestDecl if err != nil { return err } + delete(st.pendingRequests, mapKeyFromPubKey(st.requestRecords[ch.RequestRecordId].RequestIdentity)) delete(st.requestRecords, ch.RequestRecordId) return nil } -func (st *AclState) applyAccountRemove(ch *aclrecordproto.AclAccountRemove, recordId string, authorIdentity crypto.PubKey) error { - err := st.contentValidator.ValidateRemove(ch, authorIdentity) +func (st *AclState) applyRequestRemove(ch *aclrecordproto.AclAccountRequestRemove, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateRequestRemove(ch, authorIdentity) if err != nil { return err } + st.pendingRequests[mapKeyFromPubKey(authorIdentity)] = RequestTypeRemove + return nil +} + +func (st *AclState) applyAccountRemove(ch *aclrecordproto.AclAccountRemove, recordId string, authorIdentity crypto.PubKey) error { + err := st.contentValidator.ValidateAccountRemove(ch, authorIdentity) + if err != nil { + return err + } + for _, rawIdentity := range ch.Identities { + identity, err := st.keyStore.PubKeyFromProto(rawIdentity) + if err != nil { + return err + } + idKey := mapKeyFromPubKey(identity) + delete(st.userStates, idKey) + delete(st.pendingRequests, idKey) + } return st.updateReadKey(ch.AccountKeys, recordId) } diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index cfcd3c3f..5ae2af33 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -23,6 +23,17 @@ type RWLocker interface { RUnlock() } +type AcceptorVerifier interface { + VerifyAcceptor(rec *aclrecordproto.RawAclRecord) (err error) +} + +type NoOpAcceptorVerifier struct { +} + +func (n NoOpAcceptorVerifier) VerifyAcceptor(rec *aclrecordproto.RawAclRecord) (err error) { + return nil +} + type AclList interface { RWLocker Id() string @@ -32,6 +43,7 @@ type AclList interface { IsAfter(first string, second string) (bool, error) Head() *AclRecord Get(id string) (*AclRecord, error) + GetIndex(idx int) (*AclRecord, error) Iterate(iterFunc IterFunc) IterateFrom(startId string, iterFunc IterFunc) @@ -59,18 +71,43 @@ type aclList struct { sync.RWMutex } -func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage liststorage.ListStorage) (AclList, error) { - builder := newAclStateBuilderWithIdentity(acc) - keyStorage := crypto.NewKeyStorage() - return build(storage.Id(), keyStorage, builder, NewAclRecordBuilder(storage.Id(), keyStorage, acc), storage) +type internalDeps struct { + storage liststorage.ListStorage + keyStorage crypto.KeyStorage + stateBuilder *aclStateBuilder + recordBuilder AclRecordBuilder + acceptorVerifier AcceptorVerifier } -func BuildAclList(storage liststorage.ListStorage) (AclList, error) { +func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage liststorage.ListStorage, verifier AcceptorVerifier) (AclList, error) { keyStorage := crypto.NewKeyStorage() - return build(storage.Id(), keyStorage, newAclStateBuilder(), NewAclRecordBuilder(storage.Id(), crypto.NewKeyStorage(), nil), storage) + deps := internalDeps{ + storage: storage, + keyStorage: keyStorage, + stateBuilder: newAclStateBuilderWithIdentity(acc), + recordBuilder: NewAclRecordBuilder(storage.Id(), keyStorage, acc), + } + return build(deps) } -func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder, storage liststorage.ListStorage) (list AclList, err error) { +func BuildAclList(storage liststorage.ListStorage, verifier AcceptorVerifier) (AclList, error) { + keyStorage := crypto.NewKeyStorage() + deps := internalDeps{ + storage: storage, + keyStorage: keyStorage, + stateBuilder: newAclStateBuilder(), + recordBuilder: NewAclRecordBuilder(storage.Id(), keyStorage, nil), + } + return build(deps) +} + +func build(deps internalDeps) (list AclList, err error) { + var ( + storage = deps.storage + id = deps.storage.Id() + recBuilder = deps.recordBuilder + stateBuilder = deps.stateBuilder + ) head, err := storage.Head() if err != nil { return @@ -215,11 +252,19 @@ func (a *aclList) Head() *AclRecord { func (a *aclList) Get(id string) (*AclRecord, error) { recIdx, ok := a.indexes[id] if !ok { - return nil, fmt.Errorf("no such record") + return nil, ErrNoSuchRecord } return a.records[recIdx], nil } +func (a *aclList) GetIndex(idx int) (*AclRecord, error) { + // TODO: when we add snapshots we will have to monitor record num in snapshots + if idx < 0 || idx >= len(a.records) { + return nil, ErrNoSuchRecord + } + return a.records[idx], nil +} + func (a *aclList) Iterate(iterFunc IterFunc) { for _, rec := range a.records { if !iterFunc(rec) { diff --git a/commonspace/object/acl/list/listutils.go b/commonspace/object/acl/list/listutils.go index 64e43176..9f7d7331 100644 --- a/commonspace/object/acl/list/listutils.go +++ b/commonspace/object/acl/list/listutils.go @@ -27,5 +27,5 @@ func NewTestDerivedAcl(spaceId string, keys *accountdata.AccountKeys) (AclList, if err != nil { return nil, err } - return BuildAclListWithIdentity(keys, st) + return BuildAclListWithIdentity(keys, st, NoOpAcceptorVerifier{}) } diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go index 90db6e91..27238202 100644 --- a/commonspace/object/acl/list/models.go +++ b/commonspace/object/acl/list/models.go @@ -26,6 +26,13 @@ type AclUserState struct { RequestMetadata []byte } +type RequestType int + +const ( + RequestTypeRemove RequestType = iota + RequestTypeJoin +) + type AclPermissions aclrecordproto.AclUserPermissions func (p AclPermissions) NoPermissions() bool { diff --git a/commonspace/object/acl/list/validator.go b/commonspace/object/acl/list/validator.go index 75e0e251..9b667fda 100644 --- a/commonspace/object/acl/list/validator.go +++ b/commonspace/object/acl/list/validator.go @@ -13,7 +13,8 @@ type ContentValidator interface { ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, authorIdentity crypto.PubKey) (err error) ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, authorIdentity crypto.PubKey) (err error) ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, authorIdentity crypto.PubKey) (err error) - ValidateRemove(ch *aclrecordproto.AclAccountRemove, authorIdentity crypto.PubKey) (err error) + ValidateAccountRemove(ch *aclrecordproto.AclAccountRemove, authorIdentity crypto.PubKey) (err error) + ValidateRequestRemove(ch *aclrecordproto.AclAccountRequestRemove, authorIdentity crypto.PubKey) (err error) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, authorIdentity crypto.PubKey) (err error) } @@ -51,7 +52,9 @@ func (c *contentValidator) validateAclRecordContent(ch *aclrecordproto.AclConten case ch.GetRequestDecline() != nil: return c.ValidateRequestDecline(ch.GetRequestDecline(), authorIdentity) case ch.GetAccountRemove() != nil: - return c.ValidateRemove(ch.GetAccountRemove(), authorIdentity) + return c.ValidateAccountRemove(ch.GetAccountRemove(), authorIdentity) + case ch.GetAccountRequestRemove() != nil: + return c.ValidateRequestRemove(ch.GetAccountRequestRemove(), authorIdentity) case ch.GetReadKeyChange() != nil: return c.ValidateReadKeyChange(ch.GetReadKeyChange(), authorIdentity) default: @@ -102,6 +105,9 @@ func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequ if err != nil { return } + if _, exists := c.aclState.pendingRequests[mapKeyFromPubKey(inviteIdentity)]; exists { + return ErrPendingRequest + } if !authorIdentity.Equals(inviteIdentity) { return ErrIncorrectIdentity } @@ -151,21 +157,36 @@ func (c *contentValidator) ValidateRequestDecline(ch *aclrecordproto.AclAccountR return } -func (c *contentValidator) ValidateRemove(ch *aclrecordproto.AclAccountRemove, authorIdentity crypto.PubKey) (err error) { +func (c *contentValidator) ValidateAccountRemove(ch *aclrecordproto.AclAccountRemove, authorIdentity crypto.PubKey) (err error) { if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } - identity, err := c.keyStore.PubKeyFromProto(ch.Identity) - if err != nil { - return - } - _, exists := c.aclState.userStates[mapKeyFromPubKey(identity)] - if !exists { - return ErrNoSuchAccount + for _, rawIdentity := range ch.Identities { + identity, err := c.keyStore.PubKeyFromProto(rawIdentity) + if err != nil { + return err + } + permissions := c.aclState.Permissions(identity) + if permissions.NoPermissions() { + return ErrNoSuchAccount + } + if permissions.IsOwner() { + return ErrInsufficientPermissions + } } return c.validateAccountReadKeys(ch.AccountKeys) } +func (c *contentValidator) ValidateRequestRemove(ch *aclrecordproto.AclAccountRequestRemove, authorIdentity crypto.PubKey) (err error) { + if c.aclState.Permissions(authorIdentity).NoPermissions() { + return ErrInsufficientPermissions + } + if _, exists := c.aclState.pendingRequests[mapKeyFromPubKey(authorIdentity)]; exists { + return ErrPendingRequest + } + return +} + func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, authorIdentity crypto.PubKey) (err error) { return c.validateAccountReadKeys(ch.AccountKeys) } diff --git a/commonspace/object/acl/syncacl/syncacl.go b/commonspace/object/acl/syncacl/syncacl.go index 426b16cd..360e0646 100644 --- a/commonspace/object/acl/syncacl/syncacl.go +++ b/commonspace/object/acl/syncacl/syncacl.go @@ -2,6 +2,7 @@ package syncacl import ( "context" + "github.com/anyproto/any-sync/accountservice" "github.com/anyproto/any-sync/app" "github.com/anyproto/any-sync/commonspace/object/acl/list" @@ -34,7 +35,7 @@ func (s *SyncAcl) Init(a *app.App) (err error) { return err } acc := a.MustComponent(accountservice.CName).(accountservice.Service) - s.AclList, err = list.BuildAclListWithIdentity(acc.Account(), aclStorage) + s.AclList, err = list.BuildAclListWithIdentity(acc.Account(), aclStorage, list.NoOpAcceptorVerifier{}) return err } diff --git a/commonspace/object/tree/exporter/treeimport.go b/commonspace/object/tree/exporter/treeimport.go index 2e83ab11..25ffa499 100644 --- a/commonspace/object/tree/exporter/treeimport.go +++ b/commonspace/object/tree/exporter/treeimport.go @@ -15,7 +15,7 @@ type TreeImportParams struct { } func ImportHistoryTree(params TreeImportParams) (tree objecttree.ReadableObjectTree, err error) { - aclList, err := list.BuildAclList(params.ListStorage) + aclList, err := list.BuildAclList(params.ListStorage, list.NoOpAcceptorVerifier{}) if err != nil { return } diff --git a/commonspace/payloads.go b/commonspace/payloads.go index 8d1c334c..6cc572be 100644 --- a/commonspace/payloads.go +++ b/commonspace/payloads.go @@ -2,6 +2,12 @@ package commonspace import ( "errors" + "hash/fnv" + "math/rand" + "strconv" + "strings" + "time" + "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/list" "github.com/anyproto/any-sync/commonspace/object/tree/objecttree" @@ -11,11 +17,6 @@ import ( "github.com/anyproto/any-sync/util/cidutil" "github.com/anyproto/any-sync/util/crypto" "github.com/gogo/protobuf/proto" - "hash/fnv" - "math/rand" - "strconv" - "strings" - "time" ) const ( @@ -71,7 +72,7 @@ func storagePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload sp // building acl root keyStorage := crypto.NewKeyStorage() - aclBuilder := list.NewAclRecordBuilder("", keyStorage) + aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil) aclRoot, err := aclBuilder.BuildRoot(list.RootContent{ PrivKey: payload.SigningKey, MasterKey: payload.MasterKey, @@ -158,7 +159,7 @@ func storagePayloadForSpaceDerive(payload SpaceDerivePayload) (storagePayload sp // building acl root keyStorage := crypto.NewKeyStorage() - aclBuilder := list.NewAclRecordBuilder("", keyStorage) + aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil) aclRoot, err := aclBuilder.BuildRoot(list.RootContent{ PrivKey: payload.SigningKey, MasterKey: payload.MasterKey, diff --git a/util/crypto/ed25519_test.go b/util/crypto/ed25519_test.go index 92565723..6b571699 100644 --- a/util/crypto/ed25519_test.go +++ b/util/crypto/ed25519_test.go @@ -2,8 +2,9 @@ package crypto import ( "crypto/rand" - "github.com/stretchr/testify/require" "testing" + + "github.com/stretchr/testify/require" ) func Test_EncryptDecrypt(t *testing.T) { diff --git a/util/strkey/strkey_test.go b/util/strkey/strkey_test.go index 07fc2a64..d33f49d8 100644 --- a/util/strkey/strkey_test.go +++ b/util/strkey/strkey_test.go @@ -1,9 +1,10 @@ package strkey import ( + "testing" + "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "testing" ) func TestDecode(t *testing.T) { From ffd613a5fc4f26f77abb34037f1018b5a816bc12 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Wed, 28 Jun 2023 11:59:13 +0200 Subject: [PATCH 08/17] Fix requestmanager test --- commonspace/requestmanager/requestmanager_test.go | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/commonspace/requestmanager/requestmanager_test.go b/commonspace/requestmanager/requestmanager_test.go index 35d497fc..68c0e78c 100644 --- a/commonspace/requestmanager/requestmanager_test.go +++ b/commonspace/requestmanager/requestmanager_test.go @@ -2,6 +2,10 @@ package requestmanager import ( "context" + "sync" + "testing" + "time" + "github.com/anyproto/any-sync/commonspace/objectsync" "github.com/anyproto/any-sync/commonspace/objectsync/mock_objectsync" "github.com/anyproto/any-sync/commonspace/spacesyncproto" @@ -13,9 +17,6 @@ import ( "github.com/stretchr/testify/require" "storj.io/drpc" "storj.io/drpc/drpcconn" - "sync" - "testing" - "time" ) type fixture struct { @@ -146,6 +147,7 @@ func TestRequestManager_QueueRequest(t *testing.T) { _, ok = msgs.Load("otherId1") require.True(t, ok) close(msgRelease) + fx.requestManager.Close(context.Background()) }) t.Run("no requests after close", func(t *testing.T) { @@ -181,9 +183,9 @@ func TestRequestManager_QueueRequest(t *testing.T) { close(msgRelease) // waiting to know if the second one is not taken // because the manager is now closed - time.Sleep(100 * time.Millisecond) + time.Sleep(200 * time.Millisecond) _, ok = msgs.Load("id2") require.False(t, ok) - + fx.requestManager.Close(context.Background()) }) } From 39f41c52d103659f1cd427b86d424ad0002502fb Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Wed, 28 Jun 2023 14:55:17 +0200 Subject: [PATCH 09/17] Add invite test --- .../object/acl/list/aclrecordbuilder.go | 8 +- commonspace/object/acl/list/aclstate.go | 2 +- commonspace/object/acl/list/list.go | 14 ++- commonspace/object/acl/list/list_test.go | 99 ++++++++++++++++++- commonspace/object/acl/list/listutils.go | 10 ++ 5 files changed, 123 insertions(+), 10 deletions(-) diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index cae3a2b8..3fe15ff2 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -163,8 +163,12 @@ func (a *aclRecordBuilder) BuildRequestJoin(payload RequestJoinPayload) (rawReco if err != nil { return } + protoIdentity, err := a.accountKeys.SignKey.GetPublic().Marshall() + if err != nil { + return + } joinRec := &aclrecordproto.AclAccountRequestJoin{ - InviteIdentity: rawIdentity, + InviteIdentity: protoIdentity, InviteRecordId: payload.InviteRecordId, InviteIdentitySignature: signature, Metadata: payload.Metadata, @@ -426,7 +430,7 @@ func (a *aclRecordBuilder) UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRe return } aclData := &aclrecordproto.AclData{} - err = proto.Unmarshal(rawRec.Payload, aclData) + err = proto.Unmarshal(aclRecord.Data, aclData) if err != nil { return } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 44336458..0e2a6568 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -193,7 +193,7 @@ func (st *AclState) applyRoot(record *AclRecord) (err error) { // adding user to the list userState := AclUserState{ PubKey: record.Identity, - Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Admin), + Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Owner), } st.currentReadKeyId = record.Id st.userStates[mapKeyFromPubKey(record.Identity)] = userState diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index 5ae2af33..86ee570f 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -15,7 +15,10 @@ import ( type IterFunc = func(record *AclRecord) (IsContinue bool) -var ErrIncorrectCID = errors.New("incorrect CID") +var ( + ErrIncorrectCID = errors.New("incorrect CID") + ErrRecordAlreadyExists = errors.New("record already exists") +) type RWLocker interface { sync.Locker @@ -51,7 +54,7 @@ type AclList interface { RecordBuilder() AclRecordBuilder ValidateRawRecord(record *aclrecordproto.RawAclRecord) (err error) - AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added bool, err error) + AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (err error) Close() (err error) } @@ -160,6 +163,7 @@ func build(deps internalDeps) (list AclList, err error) { return } + recBuilder.(*aclRecordBuilder).state = state list = &aclList{ root: rootWithId, records: records, @@ -189,9 +193,9 @@ func (a *aclList) ValidateRawRecord(rawRec *aclrecordproto.RawAclRecord) (err er return a.aclState.Validator().ValidateAclRecordContents(record) } -func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added bool, err error) { +func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (err error) { if _, ok := a.indexes[rawRec.Id]; ok { - return + return ErrRecordAlreadyExists } record, err := a.recordBuilder.UnmarshallWithId(rawRec) if err != nil { @@ -208,7 +212,7 @@ func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added if err = a.storage.SetHead(rawRec.Id); err != nil { return } - return true, nil + return } func (a *aclList) IsValidNext(rawRec *aclrecordproto.RawAclRecordWithId) (err error) { diff --git a/commonspace/object/acl/list/list_test.go b/commonspace/object/acl/list/list_test.go index 19229ace..9f1ca77d 100644 --- a/commonspace/object/acl/list/list_test.go +++ b/commonspace/object/acl/list/list_test.go @@ -2,11 +2,56 @@ package list import ( "fmt" - "github.com/anyproto/any-sync/commonspace/object/accountdata" - "github.com/stretchr/testify/require" "testing" + + "github.com/anyproto/any-sync/commonspace/object/accountdata" + "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anyproto/any-sync/util/cidutil" + "github.com/stretchr/testify/require" ) +func wrapRecord(rawRec *aclrecordproto.RawAclRecord) *aclrecordproto.RawAclRecordWithId { + payload, err := rawRec.Marshal() + if err != nil { + panic(err) + } + id, err := cidutil.NewCidFromBytes(payload) + if err != nil { + panic(err) + } + return &aclrecordproto.RawAclRecordWithId{ + Payload: payload, + Id: id, + } +} + +type aclFixture struct { + ownerKeys *accountdata.AccountKeys + accountKeys *accountdata.AccountKeys + ownerAcl *aclList + accountAcl *aclList + spaceId string +} + +func newFixture(t *testing.T) *aclFixture { + ownerKeys, err := accountdata.NewRandom() + require.NoError(t, err) + accountKeys, err := accountdata.NewRandom() + require.NoError(t, err) + spaceId := "spaceId" + ownerAcl, err := NewTestDerivedAcl(spaceId, ownerKeys) + require.NoError(t, err) + accountAcl, err := NewTestAclWithRoot(accountKeys, ownerAcl.Root()) + require.NoError(t, err) + return &aclFixture{ + ownerKeys: ownerKeys, + accountKeys: accountKeys, + ownerAcl: ownerAcl.(*aclList), + accountAcl: accountAcl.(*aclList), + spaceId: spaceId, + } +} + func TestAclList_BuildRoot(t *testing.T) { randomKeys, err := accountdata.NewRandom() require.NoError(t, err) @@ -14,3 +59,53 @@ func TestAclList_BuildRoot(t *testing.T) { require.NoError(t, err) fmt.Println(randomAcl.Id()) } + +func TestAclList_InvitePipeline(t *testing.T) { + fx := newFixture(t) + var ( + ownerAcl = fx.ownerAcl + ownerState = fx.ownerAcl.aclState + accountAcl = fx.accountAcl + accountState = fx.accountAcl.aclState + ) + // building invite + inv, err := ownerAcl.RecordBuilder().BuildInvite() + require.NoError(t, err) + inviteRec := wrapRecord(inv.InviteRec) + err = ownerAcl.AddRawRecord(inviteRec) + require.NoError(t, err) + err = accountAcl.AddRawRecord(inviteRec) + require.NoError(t, err) + + // building request join + requestJoin, err := accountAcl.RecordBuilder().BuildRequestJoin(RequestJoinPayload{ + InviteRecordId: inviteRec.Id, + InviteKey: inv.InviteKey, + }) + require.NoError(t, err) + requestJoinRec := wrapRecord(requestJoin) + err = ownerAcl.AddRawRecord(requestJoinRec) + require.NoError(t, err) + err = accountAcl.AddRawRecord(requestJoinRec) + require.NoError(t, err) + + // building request accept + requestAccept, err := ownerAcl.RecordBuilder().BuildRequestAccept(RequestAcceptPayload{ + RequestRecordId: requestJoinRec.Id, + Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Writer), + }) + require.NoError(t, err) + requestAcceptRec := wrapRecord(requestAccept) + err = ownerAcl.AddRawRecord(requestAcceptRec) + require.NoError(t, err) + err = accountAcl.AddRawRecord(requestAcceptRec) + require.NoError(t, err) + + // checking acl state + require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, ownerState.Permissions(accountState.pubKey).CanWrite()) + require.Equal(t, 0, len(ownerState.pendingRequests)) + require.Equal(t, 0, len(accountState.pendingRequests)) + require.True(t, accountState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, accountState.Permissions(accountState.pubKey).CanWrite()) +} diff --git a/commonspace/object/acl/list/listutils.go b/commonspace/object/acl/list/listutils.go index 9f7d7331..10513ecb 100644 --- a/commonspace/object/acl/list/listutils.go +++ b/commonspace/object/acl/list/listutils.go @@ -29,3 +29,13 @@ func NewTestDerivedAcl(spaceId string, keys *accountdata.AccountKeys) (AclList, } return BuildAclListWithIdentity(keys, st, NoOpAcceptorVerifier{}) } + +func NewTestAclWithRoot(keys *accountdata.AccountKeys, root *aclrecordproto.RawAclRecordWithId) (AclList, error) { + st, err := liststorage.NewInMemoryAclListStorage(root.Id, []*aclrecordproto.RawAclRecordWithId{ + root, + }) + if err != nil { + return nil, err + } + return BuildAclListWithIdentity(keys, st, NoOpAcceptorVerifier{}) +} From 3f08fcb5559ded9ee2ceee8e5479eb805b2d4165 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Wed, 28 Jun 2023 15:43:35 +0200 Subject: [PATCH 10/17] Add account remove test --- .../object/acl/list/aclrecordbuilder.go | 8 ++- commonspace/object/acl/list/aclstate.go | 1 + commonspace/object/acl/list/list.go | 27 +++---- commonspace/object/acl/list/list_test.go | 71 ++++++++++++++----- commonspace/object/acl/list/listutils.go | 2 +- commonspace/object/acl/list/validator.go | 17 +++-- commonspace/payloads.go | 4 +- 7 files changed, 86 insertions(+), 44 deletions(-) diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index 3fe15ff2..1c0e0dd3 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -63,14 +63,16 @@ type aclRecordBuilder struct { id string keyStorage crypto.KeyStorage accountKeys *accountdata.AccountKeys + verifier AcceptorVerifier state *AclState } -func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage, keys *accountdata.AccountKeys) AclRecordBuilder { +func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage, keys *accountdata.AccountKeys, verifier AcceptorVerifier) AclRecordBuilder { return &aclRecordBuilder{ id: id, keyStorage: keyStorage, accountKeys: keys, + verifier: verifier, } } @@ -420,6 +422,10 @@ func (a *aclRecordBuilder) UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRe Model: aclRoot, } } else { + err = a.verifier.VerifyAcceptor(rawRec) + if err != nil { + return + } aclRecord := &aclrecordproto.AclRecord{} err = proto.Unmarshal(rawRec.Payload, aclRecord) if err != nil { diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 0e2a6568..65dfea0a 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -25,6 +25,7 @@ var ( ErrInsufficientPermissions = errors.New("insufficient permissions") ErrIsOwner = errors.New("can't be made by owner") ErrIncorrectNumberOfAccounts = errors.New("incorrect number of accounts") + ErrDuplicateAccounts = errors.New("duplicate accounts") ErrNoReadKey = errors.New("acl state doesn't have a read key") ErrIncorrectReadKey = errors.New("incorrect read key") ErrInvalidSignature = errors.New("signature is invalid") diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index 86ee570f..cedf772c 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -85,10 +85,11 @@ type internalDeps struct { func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage liststorage.ListStorage, verifier AcceptorVerifier) (AclList, error) { keyStorage := crypto.NewKeyStorage() deps := internalDeps{ - storage: storage, - keyStorage: keyStorage, - stateBuilder: newAclStateBuilderWithIdentity(acc), - recordBuilder: NewAclRecordBuilder(storage.Id(), keyStorage, acc), + storage: storage, + keyStorage: keyStorage, + stateBuilder: newAclStateBuilderWithIdentity(acc), + recordBuilder: NewAclRecordBuilder(storage.Id(), keyStorage, acc, verifier), + acceptorVerifier: verifier, } return build(deps) } @@ -96,10 +97,11 @@ func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage liststorage. func BuildAclList(storage liststorage.ListStorage, verifier AcceptorVerifier) (AclList, error) { keyStorage := crypto.NewKeyStorage() deps := internalDeps{ - storage: storage, - keyStorage: keyStorage, - stateBuilder: newAclStateBuilder(), - recordBuilder: NewAclRecordBuilder(storage.Id(), keyStorage, nil), + storage: storage, + keyStorage: keyStorage, + stateBuilder: newAclStateBuilder(), + recordBuilder: NewAclRecordBuilder(storage.Id(), keyStorage, nil, verifier), + acceptorVerifier: verifier, } return build(deps) } @@ -215,15 +217,6 @@ func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (err e return } -func (a *aclList) IsValidNext(rawRec *aclrecordproto.RawAclRecordWithId) (err error) { - _, err = a.recordBuilder.UnmarshallWithId(rawRec) - if err != nil { - return - } - // TODO: change state and add "check" method for records - return -} - func (a *aclList) Id() string { return a.id } diff --git a/commonspace/object/acl/list/list_test.go b/commonspace/object/acl/list/list_test.go index 9f1ca77d..070e97d6 100644 --- a/commonspace/object/acl/list/list_test.go +++ b/commonspace/object/acl/list/list_test.go @@ -7,6 +7,7 @@ import ( "github.com/anyproto/any-sync/commonspace/object/accountdata" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/util/cidutil" + "github.com/anyproto/any-sync/util/crypto" "github.com/stretchr/testify/require" ) @@ -52,16 +53,14 @@ func newFixture(t *testing.T) *aclFixture { } } -func TestAclList_BuildRoot(t *testing.T) { - randomKeys, err := accountdata.NewRandom() +func (fx *aclFixture) addRec(t *testing.T, rec *aclrecordproto.RawAclRecordWithId) { + err := fx.ownerAcl.AddRawRecord(rec) require.NoError(t, err) - randomAcl, err := NewTestDerivedAcl("spaceId", randomKeys) + err = fx.accountAcl.AddRawRecord(rec) require.NoError(t, err) - fmt.Println(randomAcl.Id()) } -func TestAclList_InvitePipeline(t *testing.T) { - fx := newFixture(t) +func (fx *aclFixture) inviteAccount(t *testing.T, perms AclPermissions) { var ( ownerAcl = fx.ownerAcl ownerState = fx.ownerAcl.aclState @@ -72,10 +71,7 @@ func TestAclList_InvitePipeline(t *testing.T) { inv, err := ownerAcl.RecordBuilder().BuildInvite() require.NoError(t, err) inviteRec := wrapRecord(inv.InviteRec) - err = ownerAcl.AddRawRecord(inviteRec) - require.NoError(t, err) - err = accountAcl.AddRawRecord(inviteRec) - require.NoError(t, err) + fx.addRec(t, inviteRec) // building request join requestJoin, err := accountAcl.RecordBuilder().BuildRequestJoin(RequestJoinPayload{ @@ -84,22 +80,16 @@ func TestAclList_InvitePipeline(t *testing.T) { }) require.NoError(t, err) requestJoinRec := wrapRecord(requestJoin) - err = ownerAcl.AddRawRecord(requestJoinRec) - require.NoError(t, err) - err = accountAcl.AddRawRecord(requestJoinRec) - require.NoError(t, err) + fx.addRec(t, requestJoinRec) // building request accept requestAccept, err := ownerAcl.RecordBuilder().BuildRequestAccept(RequestAcceptPayload{ RequestRecordId: requestJoinRec.Id, - Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Writer), + Permissions: perms, }) require.NoError(t, err) requestAcceptRec := wrapRecord(requestAccept) - err = ownerAcl.AddRawRecord(requestAcceptRec) - require.NoError(t, err) - err = accountAcl.AddRawRecord(requestAcceptRec) - require.NoError(t, err) + fx.addRec(t, requestAcceptRec) // checking acl state require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) @@ -109,3 +99,46 @@ func TestAclList_InvitePipeline(t *testing.T) { require.True(t, accountState.Permissions(ownerState.pubKey).IsOwner()) require.True(t, accountState.Permissions(accountState.pubKey).CanWrite()) } + +func TestAclList_BuildRoot(t *testing.T) { + randomKeys, err := accountdata.NewRandom() + require.NoError(t, err) + randomAcl, err := NewTestDerivedAcl("spaceId", randomKeys) + require.NoError(t, err) + fmt.Println(randomAcl.Id()) +} + +func TestAclList_InvitePipeline(t *testing.T) { + fx := newFixture(t) + fx.inviteAccount(t, AclPermissions(aclrecordproto.AclUserPermissions_Writer)) +} + +func TestAclList_Remove(t *testing.T) { + fx := newFixture(t) + var ( + ownerState = fx.ownerAcl.aclState + accountState = fx.accountAcl.aclState + ) + fx.inviteAccount(t, AclPermissions(aclrecordproto.AclUserPermissions_Writer)) + + newReadKey := crypto.NewAES() + remove, err := fx.ownerAcl.RecordBuilder().BuildAccountRemove(AccountRemovePayload{ + Identities: []crypto.PubKey{fx.accountKeys.SignKey.GetPublic()}, + ReadKey: newReadKey, + }) + require.NoError(t, err) + removeRec := wrapRecord(remove) + fx.addRec(t, removeRec) + + // checking acl state + require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, ownerState.Permissions(accountState.pubKey).NoPermissions()) + require.True(t, ownerState.userReadKeys[removeRec.Id].Equals(newReadKey)) + require.NotNil(t, ownerState.userReadKeys[fx.ownerAcl.Id()]) + require.Equal(t, 0, len(ownerState.pendingRequests)) + require.Equal(t, 0, len(accountState.pendingRequests)) + require.True(t, accountState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, accountState.Permissions(accountState.pubKey).NoPermissions()) + require.Nil(t, accountState.userReadKeys[removeRec.Id]) + require.NotNil(t, accountState.userReadKeys[fx.ownerAcl.Id()]) +} diff --git a/commonspace/object/acl/list/listutils.go b/commonspace/object/acl/list/listutils.go index 10513ecb..d337dcc5 100644 --- a/commonspace/object/acl/list/listutils.go +++ b/commonspace/object/acl/list/listutils.go @@ -8,7 +8,7 @@ import ( ) func NewTestDerivedAcl(spaceId string, keys *accountdata.AccountKeys) (AclList, error) { - builder := NewAclRecordBuilder("", crypto.NewKeyStorage(), keys) + builder := NewAclRecordBuilder("", crypto.NewKeyStorage(), keys, NoOpAcceptorVerifier{}) masterKey, _, err := crypto.GenerateRandomEd25519KeyPair() if err != nil { return nil, err diff --git a/commonspace/object/acl/list/validator.go b/commonspace/object/acl/list/validator.go index 9b667fda..1296789c 100644 --- a/commonspace/object/acl/list/validator.go +++ b/commonspace/object/acl/list/validator.go @@ -161,11 +161,15 @@ func (c *contentValidator) ValidateAccountRemove(ch *aclrecordproto.AclAccountRe if !c.aclState.Permissions(authorIdentity).CanManageAccounts() { return ErrInsufficientPermissions } + seenIdentities := map[string]struct{}{} for _, rawIdentity := range ch.Identities { identity, err := c.keyStore.PubKeyFromProto(rawIdentity) if err != nil { return err } + if identity.Equals(authorIdentity) { + return ErrInsufficientPermissions + } permissions := c.aclState.Permissions(identity) if permissions.NoPermissions() { return ErrNoSuchAccount @@ -173,8 +177,13 @@ func (c *contentValidator) ValidateAccountRemove(ch *aclrecordproto.AclAccountRe if permissions.IsOwner() { return ErrInsufficientPermissions } + idKey := mapKeyFromPubKey(identity) + if _, exists := seenIdentities[idKey]; exists { + return ErrDuplicateAccounts + } + seenIdentities[mapKeyFromPubKey(identity)] = struct{}{} } - return c.validateAccountReadKeys(ch.AccountKeys) + return c.validateAccountReadKeys(ch.AccountKeys, len(c.aclState.userStates)-len(ch.Identities)) } func (c *contentValidator) ValidateRequestRemove(ch *aclrecordproto.AclAccountRequestRemove, authorIdentity crypto.PubKey) (err error) { @@ -188,11 +197,11 @@ func (c *contentValidator) ValidateRequestRemove(ch *aclrecordproto.AclAccountRe } func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, authorIdentity crypto.PubKey) (err error) { - return c.validateAccountReadKeys(ch.AccountKeys) + return c.validateAccountReadKeys(ch.AccountKeys, len(c.aclState.userStates)) } -func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKey) (err error) { - if len(accountKeys) != len(c.aclState.userStates) { +func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKey, usersNum int) (err error) { + if len(accountKeys) != usersNum { return ErrIncorrectNumberOfAccounts } for _, encKeys := range accountKeys { diff --git a/commonspace/payloads.go b/commonspace/payloads.go index 6cc572be..b3c9835b 100644 --- a/commonspace/payloads.go +++ b/commonspace/payloads.go @@ -72,7 +72,7 @@ func storagePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload sp // building acl root keyStorage := crypto.NewKeyStorage() - aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil) + aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil, list.NoOpAcceptorVerifier{}) aclRoot, err := aclBuilder.BuildRoot(list.RootContent{ PrivKey: payload.SigningKey, MasterKey: payload.MasterKey, @@ -159,7 +159,7 @@ func storagePayloadForSpaceDerive(payload SpaceDerivePayload) (storagePayload sp // building acl root keyStorage := crypto.NewKeyStorage() - aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil) + aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil, list.NoOpAcceptorVerifier{}) aclRoot, err := aclBuilder.BuildRoot(list.RootContent{ PrivKey: payload.SigningKey, MasterKey: payload.MasterKey, From e5b4f62e487b9c6799026221ddba272dfccef56f Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Wed, 28 Jun 2023 17:35:45 +0200 Subject: [PATCH 11/17] fix nodes online --- commonspace/syncstatus/syncstatus.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/commonspace/syncstatus/syncstatus.go b/commonspace/syncstatus/syncstatus.go index 32c287fa..9c580fe6 100644 --- a/commonspace/syncstatus/syncstatus.go +++ b/commonspace/syncstatus/syncstatus.go @@ -3,11 +3,12 @@ package syncstatus import ( "context" "fmt" - "github.com/anyproto/any-sync/app" - "github.com/anyproto/any-sync/commonspace/spacestate" "sync" "time" + "github.com/anyproto/any-sync/app" + "github.com/anyproto/any-sync/commonspace/spacestate" + "github.com/anyproto/any-sync/app/logger" "github.com/anyproto/any-sync/commonspace/object/tree/treestorage" "github.com/anyproto/any-sync/commonspace/spacestorage" @@ -178,8 +179,9 @@ func (s *syncStatusService) update(ctx context.Context) (err error) { } s.treeStatusBuf = append(s.treeStatusBuf, treeStatus{treeId, treeHeads.syncStatus, treeHeads.heads}) } + nodesOnline := s.nodesOnline s.Unlock() - s.updateReceiver.UpdateNodeConnection(s.nodesOnline) + s.updateReceiver.UpdateNodeConnection(nodesOnline) for _, entry := range s.treeStatusBuf { err = s.updateReceiver.UpdateTree(ctx, entry.treeId, entry.status) if err != nil { From f4cbbfa37464e3c632033bd9c534f00a1e70b861 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Thu, 29 Jun 2023 00:57:24 +0200 Subject: [PATCH 12/17] Update tests --- .../object/acl/list/aclrecordbuilder.go | 2 +- .../object/acl/list/aclrecordbuilder_test.go | 9 - commonspace/object/acl/list/aclstate.go | 39 ++++- commonspace/object/acl/list/list_test.go | 164 ++++++++++++++++++ commonspace/object/acl/list/models.go | 1 + 5 files changed, 196 insertions(+), 19 deletions(-) delete mode 100644 commonspace/object/acl/list/aclrecordbuilder_test.go diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index 1c0e0dd3..a949bd99 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -372,7 +372,7 @@ func (a *aclRecordBuilder) Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (r return } aclData := &aclrecordproto.AclData{} - err = proto.Unmarshal(rawRecord.Payload, aclData) + err = proto.Unmarshal(aclRecord.Data, aclData) if err != nil { return } diff --git a/commonspace/object/acl/list/aclrecordbuilder_test.go b/commonspace/object/acl/list/aclrecordbuilder_test.go deleted file mode 100644 index 27a75a28..00000000 --- a/commonspace/object/acl/list/aclrecordbuilder_test.go +++ /dev/null @@ -1,9 +0,0 @@ -package list - -import ( - "testing" -) - -func TestAclRecordBuilder_BuildUserJoin(t *testing.T) { - return -} diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 65dfea0a..f11a99bd 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -53,8 +53,8 @@ type AclState struct { inviteKeys map[string]crypto.PubKey // requestRecords is a map recordId -> RequestRecord requestRecords map[string]RequestRecord - // pendingRequests is a map pubKey -> RequestType - pendingRequests map[string]RequestType + // pendingRequests is a map pubKey -> recordId + pendingRequests map[string]string key crypto.PrivKey pubKey crypto.PubKey keyStore crypto.KeyStorage @@ -76,7 +76,7 @@ func newAclStateWithKeys( statesAtRecord: make(map[string][]AclUserState), inviteKeys: make(map[string]crypto.PubKey), requestRecords: make(map[string]RequestRecord), - pendingRequests: make(map[string]RequestType), + pendingRequests: make(map[string]string), keyStore: crypto.NewKeyStorage(), } st.contentValidator = &contentValidator{ @@ -94,7 +94,7 @@ func newAclState(id string) *AclState { statesAtRecord: make(map[string][]AclUserState), inviteKeys: make(map[string]crypto.PubKey), requestRecords: make(map[string]RequestRecord), - pendingRequests: make(map[string]RequestType), + pendingRequests: make(map[string]string), keyStore: crypto.NewKeyStorage(), } st.contentValidator = &contentValidator{ @@ -113,7 +113,7 @@ func (st *AclState) CurrentReadKeyId() string { } func (st *AclState) CurrentReadKey() (crypto.SymKey, error) { - key, exists := st.userReadKeys[st.currentReadKeyId] + key, exists := st.userReadKeys[st.CurrentReadKeyId()] if !exists { return nil, ErrNoReadKey } @@ -302,10 +302,11 @@ func (st *AclState) applyRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, r if err != nil { return err } - st.pendingRequests[mapKeyFromPubKey(authorIdentity)] = RequestTypeJoin + st.pendingRequests[mapKeyFromPubKey(authorIdentity)] = recordId st.requestRecords[recordId] = RequestRecord{ RequestIdentity: authorIdentity, RequestMetadata: ch.Metadata, + Type: RequestTypeJoin, } return nil } @@ -358,7 +359,11 @@ func (st *AclState) applyRequestRemove(ch *aclrecordproto.AclAccountRequestRemov if err != nil { return err } - st.pendingRequests[mapKeyFromPubKey(authorIdentity)] = RequestTypeRemove + st.requestRecords[recordId] = RequestRecord{ + RequestIdentity: authorIdentity, + Type: RequestTypeRemove, + } + st.pendingRequests[mapKeyFromPubKey(authorIdentity)] = recordId return nil } @@ -422,8 +427,24 @@ func (st *AclState) Permissions(identity crypto.PubKey) AclPermissions { return state.Permissions } -func (st *AclState) UserStates() map[string]AclUserState { - return st.userStates +func (st *AclState) JoinRecords() (records []RequestRecord) { + for _, recId := range st.pendingRequests { + rec := st.requestRecords[recId] + if rec.Type == RequestTypeJoin { + records = append(records, rec) + } + } + return +} + +func (st *AclState) RemoveRecords() (records []RequestRecord) { + for _, recId := range st.pendingRequests { + rec := st.requestRecords[recId] + if rec.Type == RequestTypeRemove { + records = append(records, rec) + } + } + return } func (st *AclState) LastRecordId() string { diff --git a/commonspace/object/acl/list/list_test.go b/commonspace/object/acl/list/list_test.go index 070e97d6..17a4a9ec 100644 --- a/commonspace/object/acl/list/list_test.go +++ b/commonspace/object/acl/list/list_test.go @@ -88,6 +88,9 @@ func (fx *aclFixture) inviteAccount(t *testing.T, perms AclPermissions) { Permissions: perms, }) require.NoError(t, err) + // validate + err = ownerAcl.ValidateRawRecord(requestAccept) + require.NoError(t, err) requestAcceptRec := wrapRecord(requestAccept) fx.addRec(t, requestAcceptRec) @@ -98,6 +101,12 @@ func (fx *aclFixture) inviteAccount(t *testing.T, perms AclPermissions) { require.Equal(t, 0, len(accountState.pendingRequests)) require.True(t, accountState.Permissions(ownerState.pubKey).IsOwner()) require.True(t, accountState.Permissions(accountState.pubKey).CanWrite()) + + _, err = ownerState.StateAtRecord(requestJoinRec.Id, accountState.pubKey) + require.Equal(t, ErrNoSuchAccount, err) + stateAtRec, err := ownerState.StateAtRecord(requestAcceptRec.Id, accountState.pubKey) + require.NoError(t, err) + require.True(t, stateAtRec.Permissions == perms) } func TestAclList_BuildRoot(t *testing.T) { @@ -113,6 +122,67 @@ func TestAclList_InvitePipeline(t *testing.T) { fx.inviteAccount(t, AclPermissions(aclrecordproto.AclUserPermissions_Writer)) } +func TestAclList_InviteRevoke(t *testing.T) { + fx := newFixture(t) + var ( + ownerState = fx.ownerAcl.aclState + accountState = fx.accountAcl.aclState + ) + // building invite + inv, err := fx.ownerAcl.RecordBuilder().BuildInvite() + require.NoError(t, err) + inviteRec := wrapRecord(inv.InviteRec) + fx.addRec(t, inviteRec) + + // building invite revoke + inviteRevoke, err := fx.ownerAcl.RecordBuilder().BuildInviteRevoke(ownerState.lastRecordId) + require.NoError(t, err) + inviteRevokeRec := wrapRecord(inviteRevoke) + fx.addRec(t, inviteRevokeRec) + + // checking acl state + require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, ownerState.Permissions(accountState.pubKey).NoPermissions()) + require.Empty(t, ownerState.inviteKeys) + require.Empty(t, accountState.inviteKeys) +} + +func TestAclList_RequestDecline(t *testing.T) { + fx := newFixture(t) + var ( + ownerAcl = fx.ownerAcl + ownerState = fx.ownerAcl.aclState + accountAcl = fx.accountAcl + accountState = fx.accountAcl.aclState + ) + // building invite + inv, err := ownerAcl.RecordBuilder().BuildInvite() + require.NoError(t, err) + inviteRec := wrapRecord(inv.InviteRec) + fx.addRec(t, inviteRec) + + // building request join + requestJoin, err := accountAcl.RecordBuilder().BuildRequestJoin(RequestJoinPayload{ + InviteRecordId: inviteRec.Id, + InviteKey: inv.InviteKey, + }) + require.NoError(t, err) + requestJoinRec := wrapRecord(requestJoin) + fx.addRec(t, requestJoinRec) + + // building request decline + requestDecline, err := ownerAcl.RecordBuilder().BuildRequestDecline(ownerState.lastRecordId) + require.NoError(t, err) + requestDeclineRec := wrapRecord(requestDecline) + fx.addRec(t, requestDeclineRec) + + // checking acl state + require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, ownerState.Permissions(accountState.pubKey).NoPermissions()) + require.Empty(t, ownerState.pendingRequests) + require.Empty(t, accountState.pendingRequests) +} + func TestAclList_Remove(t *testing.T) { fx := newFixture(t) var ( @@ -142,3 +212,97 @@ func TestAclList_Remove(t *testing.T) { require.Nil(t, accountState.userReadKeys[removeRec.Id]) require.NotNil(t, accountState.userReadKeys[fx.ownerAcl.Id()]) } + +func TestAclList_ReadKeyChange(t *testing.T) { + fx := newFixture(t) + var ( + ownerState = fx.ownerAcl.aclState + accountState = fx.accountAcl.aclState + ) + fx.inviteAccount(t, AclPermissions(aclrecordproto.AclUserPermissions_Admin)) + + newReadKey := crypto.NewAES() + readKeyChange, err := fx.ownerAcl.RecordBuilder().BuildReadKeyChange(newReadKey) + require.NoError(t, err) + readKeyRec := wrapRecord(readKeyChange) + fx.addRec(t, readKeyRec) + + // checking acl state + require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, ownerState.Permissions(accountState.pubKey).CanManageAccounts()) + require.True(t, ownerState.userReadKeys[readKeyRec.Id].Equals(newReadKey)) + require.True(t, accountState.userReadKeys[readKeyRec.Id].Equals(newReadKey)) + require.NotNil(t, ownerState.userReadKeys[fx.ownerAcl.Id()]) + require.NotNil(t, accountState.userReadKeys[fx.ownerAcl.Id()]) + readKey, err := ownerState.CurrentReadKey() + require.NoError(t, err) + require.True(t, newReadKey.Equals(readKey)) + require.Equal(t, 0, len(ownerState.pendingRequests)) + require.Equal(t, 0, len(accountState.pendingRequests)) +} + +func TestAclList_PermissionChange(t *testing.T) { + fx := newFixture(t) + var ( + ownerState = fx.ownerAcl.aclState + accountState = fx.accountAcl.aclState + ) + fx.inviteAccount(t, AclPermissions(aclrecordproto.AclUserPermissions_Admin)) + + permissionChange, err := fx.ownerAcl.RecordBuilder().BuildPermissionChange(PermissionChangePayload{ + Identity: fx.accountKeys.SignKey.GetPublic(), + Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Writer), + }) + require.NoError(t, err) + permissionChangeRec := wrapRecord(permissionChange) + fx.addRec(t, permissionChangeRec) + + // checking acl state + require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, ownerState.Permissions(accountState.pubKey) == AclPermissions(aclrecordproto.AclUserPermissions_Writer)) + require.True(t, accountState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, accountState.Permissions(accountState.pubKey) == AclPermissions(aclrecordproto.AclUserPermissions_Writer)) + require.NotNil(t, ownerState.userReadKeys[fx.ownerAcl.Id()]) + require.NotNil(t, accountState.userReadKeys[fx.ownerAcl.Id()]) + require.Equal(t, 0, len(ownerState.pendingRequests)) + require.Equal(t, 0, len(accountState.pendingRequests)) +} + +func TestAclList_RequestRemove(t *testing.T) { + fx := newFixture(t) + var ( + ownerState = fx.ownerAcl.aclState + accountState = fx.accountAcl.aclState + ) + fx.inviteAccount(t, AclPermissions(aclrecordproto.AclUserPermissions_Writer)) + + removeRequest, err := fx.accountAcl.RecordBuilder().BuildRequestRemove() + require.NoError(t, err) + removeRequestRec := wrapRecord(removeRequest) + fx.addRec(t, removeRequestRec) + + recs := fx.accountAcl.AclState().RemoveRecords() + require.Len(t, recs, 1) + require.True(t, accountState.pubKey.Equals(recs[0].RequestIdentity)) + + newReadKey := crypto.NewAES() + remove, err := fx.ownerAcl.RecordBuilder().BuildAccountRemove(AccountRemovePayload{ + Identities: []crypto.PubKey{recs[0].RequestIdentity}, + ReadKey: newReadKey, + }) + require.NoError(t, err) + removeRec := wrapRecord(remove) + fx.addRec(t, removeRec) + + // checking acl state + require.True(t, ownerState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, ownerState.Permissions(accountState.pubKey).NoPermissions()) + require.True(t, ownerState.userReadKeys[removeRec.Id].Equals(newReadKey)) + require.NotNil(t, ownerState.userReadKeys[fx.ownerAcl.Id()]) + require.Equal(t, 0, len(ownerState.pendingRequests)) + require.Equal(t, 0, len(accountState.pendingRequests)) + require.True(t, accountState.Permissions(ownerState.pubKey).IsOwner()) + require.True(t, accountState.Permissions(accountState.pubKey).NoPermissions()) + require.Nil(t, accountState.userReadKeys[removeRec.Id]) + require.NotNil(t, accountState.userReadKeys[fx.ownerAcl.Id()]) +} diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go index 27238202..1f958303 100644 --- a/commonspace/object/acl/list/models.go +++ b/commonspace/object/acl/list/models.go @@ -18,6 +18,7 @@ type AclRecord struct { type RequestRecord struct { RequestIdentity crypto.PubKey RequestMetadata []byte + Type RequestType } type AclUserState struct { From 68cda47ede5a682a5783d4eb83fdc3c12d65067b Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Thu, 29 Jun 2023 01:00:52 +0200 Subject: [PATCH 13/17] Update list mock --- .../object/acl/list/mock_list/mock_list.go | 50 +++++++++++++++++-- 1 file changed, 46 insertions(+), 4 deletions(-) diff --git a/commonspace/object/acl/list/mock_list/mock_list.go b/commonspace/object/acl/list/mock_list/mock_list.go index b81f0f80..84ad11c1 100644 --- a/commonspace/object/acl/list/mock_list/mock_list.go +++ b/commonspace/object/acl/list/mock_list/mock_list.go @@ -51,12 +51,11 @@ func (mr *MockAclListMockRecorder) AclState() *gomock.Call { } // AddRawRecord mocks base method. -func (m *MockAclList) AddRawRecord(arg0 *aclrecordproto.RawAclRecordWithId) (bool, error) { +func (m *MockAclList) AddRawRecord(arg0 *aclrecordproto.RawAclRecordWithId) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "AddRawRecord", arg0) - ret0, _ := ret[0].(bool) - ret1, _ := ret[1].(error) - return ret0, ret1 + ret0, _ := ret[0].(error) + return ret0 } // AddRawRecord indicates an expected call of AddRawRecord. @@ -94,6 +93,21 @@ func (mr *MockAclListMockRecorder) Get(arg0 interface{}) *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Get", reflect.TypeOf((*MockAclList)(nil).Get), arg0) } +// GetIndex mocks base method. +func (m *MockAclList) GetIndex(arg0 int) (*list.AclRecord, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetIndex", arg0) + ret0, _ := ret[0].(*list.AclRecord) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetIndex indicates an expected call of GetIndex. +func (mr *MockAclListMockRecorder) GetIndex(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetIndex", reflect.TypeOf((*MockAclList)(nil).GetIndex), arg0) +} + // Head mocks base method. func (m *MockAclList) Head() *list.AclRecord { m.ctrl.T.Helper() @@ -211,6 +225,20 @@ func (mr *MockAclListMockRecorder) RUnlock() *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RUnlock", reflect.TypeOf((*MockAclList)(nil).RUnlock)) } +// RecordBuilder mocks base method. +func (m *MockAclList) RecordBuilder() list.AclRecordBuilder { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RecordBuilder") + ret0, _ := ret[0].(list.AclRecordBuilder) + return ret0 +} + +// RecordBuilder indicates an expected call of RecordBuilder. +func (mr *MockAclListMockRecorder) RecordBuilder() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RecordBuilder", reflect.TypeOf((*MockAclList)(nil).RecordBuilder)) +} + // Records mocks base method. func (m *MockAclList) Records() []*list.AclRecord { m.ctrl.T.Helper() @@ -250,3 +278,17 @@ func (mr *MockAclListMockRecorder) Unlock() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Unlock", reflect.TypeOf((*MockAclList)(nil).Unlock)) } + +// ValidateRawRecord mocks base method. +func (m *MockAclList) ValidateRawRecord(arg0 *aclrecordproto.RawAclRecord) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ValidateRawRecord", arg0) + ret0, _ := ret[0].(error) + return ret0 +} + +// ValidateRawRecord indicates an expected call of ValidateRawRecord. +func (mr *MockAclListMockRecorder) ValidateRawRecord(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ValidateRawRecord", reflect.TypeOf((*MockAclList)(nil).ValidateRawRecord), arg0) +} From 5ffc175f4f3e153e52b0021f0ee4dff747ea22bd Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Thu, 29 Jun 2023 01:05:43 +0200 Subject: [PATCH 14/17] Remove time from test --- commonspace/requestmanager/requestmanager_test.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/commonspace/requestmanager/requestmanager_test.go b/commonspace/requestmanager/requestmanager_test.go index 68c0e78c..f04a4407 100644 --- a/commonspace/requestmanager/requestmanager_test.go +++ b/commonspace/requestmanager/requestmanager_test.go @@ -4,7 +4,6 @@ import ( "context" "sync" "testing" - "time" "github.com/anyproto/any-sync/commonspace/objectsync" "github.com/anyproto/any-sync/commonspace/objectsync/mock_objectsync" @@ -181,11 +180,7 @@ func TestRequestManager_QueueRequest(t *testing.T) { fx.requestManager.Close(context.Background()) close(msgRelease) - // waiting to know if the second one is not taken - // because the manager is now closed - time.Sleep(200 * time.Millisecond) _, ok = msgs.Load("id2") require.False(t, ok) - fx.requestManager.Close(context.Background()) }) } From 822e7f374d7e5220685e7871c452279a7c009a55 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Sat, 1 Jul 2023 13:17:18 +0200 Subject: [PATCH 15/17] Change to consensus proto --- commonfile/fileproto/file_drpc.pb.go | 2 +- commonspace/headsync/diffsyncer_test.go | 9 +- .../object/acl/aclrecordproto/aclrecord.pb.go | 1611 +---------------- .../acl/aclrecordproto/protos/aclrecord.proto | 37 - .../object/acl/list/aclrecordbuilder.go | 69 +- commonspace/object/acl/list/list.go | 20 +- commonspace/object/acl/list/list_test.go | 7 +- commonspace/object/acl/list/listutils.go | 8 +- .../object/acl/list/mock_list/mock_list.go | 10 +- .../object/acl/liststorage/inmemory.go | 18 +- .../object/acl/liststorage/liststorage.go | 11 +- .../mock_liststorage/mock_liststorage.go | 12 +- .../object/acl/syncacl/syncaclhandler.go | 19 +- commonspace/payloads.go | 5 +- commonspace/payloads_test.go | 28 +- commonspace/spaceservice.go | 9 +- commonspace/spacestorage/inmemorystorage.go | 6 +- commonspace/spacestorage/spacestorage.go | 5 +- .../spacesyncproto/spacesync_drpc.pb.go | 6 +- .../coordinatorproto/coordinator_drpc.pb.go | 2 +- .../testservice/testservice_drpc.pb.go | 6 +- 21 files changed, 197 insertions(+), 1703 deletions(-) diff --git a/commonfile/fileproto/file_drpc.pb.go b/commonfile/fileproto/file_drpc.pb.go index 2f9ee69d..a03c22cd 100644 --- a/commonfile/fileproto/file_drpc.pb.go +++ b/commonfile/fileproto/file_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.32 +// protoc-gen-go-drpc version: v0.0.33 // source: commonfile/fileproto/protos/file.proto package fileproto diff --git a/commonspace/headsync/diffsyncer_test.go b/commonspace/headsync/diffsyncer_test.go index 7cdb870a..6603dd98 100644 --- a/commonspace/headsync/diffsyncer_test.go +++ b/commonspace/headsync/diffsyncer_test.go @@ -4,18 +4,19 @@ import ( "bytes" "context" "fmt" + "testing" + "time" + "github.com/anyproto/any-sync/app/ldiff" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/liststorage/mock_liststorage" "github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto" "github.com/anyproto/any-sync/commonspace/object/tree/treestorage/mock_treestorage" "github.com/anyproto/any-sync/commonspace/spacesyncproto" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/net/peer" "github.com/golang/mock/gomock" "github.com/stretchr/testify/require" "storj.io/drpc" - "testing" - "time" ) type pushSpaceRequestMatcher struct { @@ -169,7 +170,7 @@ func TestDiffSyncer(t *testing.T) { settingsStorage := mock_treestorage.NewMockTreeStorage(fx.ctrl) settingsId := "settingsId" aclRootId := "aclRootId" - aclRoot := &aclrecordproto.RawAclRecordWithId{ + aclRoot := &consensusproto.RawRecordWithId{ Id: aclRootId, } settingsRoot := &treechangeproto.RawTreeChangeWithId{ diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index 2d264f05..4c2d4333 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -57,197 +57,6 @@ func (AclUserPermissions) EnumDescriptor() ([]byte, []int) { return fileDescriptor_c8e9f754f34e929b, []int{0} } -// RawAclRecord is a proto message containing the acl payload in bytes, signature of the account who added it and signature of the acceptor -type RawAclRecord struct { - Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3" json:"payload,omitempty"` - Signature []byte `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"` - AcceptorIdentity []byte `protobuf:"bytes,3,opt,name=acceptorIdentity,proto3" json:"acceptorIdentity,omitempty"` - AcceptorSignature []byte `protobuf:"bytes,4,opt,name=acceptorSignature,proto3" json:"acceptorSignature,omitempty"` -} - -func (m *RawAclRecord) Reset() { *m = RawAclRecord{} } -func (m *RawAclRecord) String() string { return proto.CompactTextString(m) } -func (*RawAclRecord) ProtoMessage() {} -func (*RawAclRecord) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{0} -} -func (m *RawAclRecord) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RawAclRecord) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_RawAclRecord.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *RawAclRecord) XXX_Merge(src proto.Message) { - xxx_messageInfo_RawAclRecord.Merge(m, src) -} -func (m *RawAclRecord) XXX_Size() int { - return m.Size() -} -func (m *RawAclRecord) XXX_DiscardUnknown() { - xxx_messageInfo_RawAclRecord.DiscardUnknown(m) -} - -var xxx_messageInfo_RawAclRecord proto.InternalMessageInfo - -func (m *RawAclRecord) GetPayload() []byte { - if m != nil { - return m.Payload - } - return nil -} - -func (m *RawAclRecord) GetSignature() []byte { - if m != nil { - return m.Signature - } - return nil -} - -func (m *RawAclRecord) GetAcceptorIdentity() []byte { - if m != nil { - return m.AcceptorIdentity - } - return nil -} - -func (m *RawAclRecord) GetAcceptorSignature() []byte { - if m != nil { - return m.AcceptorSignature - } - return nil -} - -// RawAclRecordWithId is a raw record and the id for convenience -type RawAclRecordWithId struct { - Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3" json:"payload,omitempty"` - Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` -} - -func (m *RawAclRecordWithId) Reset() { *m = RawAclRecordWithId{} } -func (m *RawAclRecordWithId) String() string { return proto.CompactTextString(m) } -func (*RawAclRecordWithId) ProtoMessage() {} -func (*RawAclRecordWithId) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{1} -} -func (m *RawAclRecordWithId) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RawAclRecordWithId) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_RawAclRecordWithId.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *RawAclRecordWithId) XXX_Merge(src proto.Message) { - xxx_messageInfo_RawAclRecordWithId.Merge(m, src) -} -func (m *RawAclRecordWithId) XXX_Size() int { - return m.Size() -} -func (m *RawAclRecordWithId) XXX_DiscardUnknown() { - xxx_messageInfo_RawAclRecordWithId.DiscardUnknown(m) -} - -var xxx_messageInfo_RawAclRecordWithId proto.InternalMessageInfo - -func (m *RawAclRecordWithId) GetPayload() []byte { - if m != nil { - return m.Payload - } - return nil -} - -func (m *RawAclRecordWithId) GetId() string { - if m != nil { - return m.Id - } - return "" -} - -// AclRecord is a record containing the acl data -type AclRecord struct { - PrevId string `protobuf:"bytes,1,opt,name=prevId,proto3" json:"prevId,omitempty"` - Identity []byte `protobuf:"bytes,2,opt,name=identity,proto3" json:"identity,omitempty"` - Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` - Timestamp int64 `protobuf:"varint,4,opt,name=timestamp,proto3" json:"timestamp,omitempty"` -} - -func (m *AclRecord) Reset() { *m = AclRecord{} } -func (m *AclRecord) String() string { return proto.CompactTextString(m) } -func (*AclRecord) ProtoMessage() {} -func (*AclRecord) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{2} -} -func (m *AclRecord) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclRecord) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclRecord.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclRecord) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclRecord.Merge(m, src) -} -func (m *AclRecord) XXX_Size() int { - return m.Size() -} -func (m *AclRecord) XXX_DiscardUnknown() { - xxx_messageInfo_AclRecord.DiscardUnknown(m) -} - -var xxx_messageInfo_AclRecord proto.InternalMessageInfo - -func (m *AclRecord) GetPrevId() string { - if m != nil { - return m.PrevId - } - return "" -} - -func (m *AclRecord) GetIdentity() []byte { - if m != nil { - return m.Identity - } - return nil -} - -func (m *AclRecord) GetData() []byte { - if m != nil { - return m.Data - } - return nil -} - -func (m *AclRecord) GetTimestamp() int64 { - if m != nil { - return m.Timestamp - } - return 0 -} - // AclRoot is a root of access control list type AclRoot struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` @@ -262,7 +71,7 @@ func (m *AclRoot) Reset() { *m = AclRoot{} } func (m *AclRoot) String() string { return proto.CompactTextString(m) } func (*AclRoot) ProtoMessage() {} func (*AclRoot) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{3} + return fileDescriptor_c8e9f754f34e929b, []int{0} } func (m *AclRoot) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -342,7 +151,7 @@ func (m *AclAccountInvite) Reset() { *m = AclAccountInvite{} } func (m *AclAccountInvite) String() string { return proto.CompactTextString(m) } func (*AclAccountInvite) ProtoMessage() {} func (*AclAccountInvite) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{4} + return fileDescriptor_c8e9f754f34e929b, []int{1} } func (m *AclAccountInvite) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -390,7 +199,7 @@ func (m *AclAccountRequestJoin) Reset() { *m = AclAccountRequestJoin{} } func (m *AclAccountRequestJoin) String() string { return proto.CompactTextString(m) } func (*AclAccountRequestJoin) ProtoMessage() {} func (*AclAccountRequestJoin) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{5} + return fileDescriptor_c8e9f754f34e929b, []int{2} } func (m *AclAccountRequestJoin) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -459,7 +268,7 @@ func (m *AclAccountRequestAccept) Reset() { *m = AclAccountRequestAccept func (m *AclAccountRequestAccept) String() string { return proto.CompactTextString(m) } func (*AclAccountRequestAccept) ProtoMessage() {} func (*AclAccountRequestAccept) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{6} + return fileDescriptor_c8e9f754f34e929b, []int{3} } func (m *AclAccountRequestAccept) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -525,7 +334,7 @@ func (m *AclAccountRequestDecline) Reset() { *m = AclAccountRequestDecli func (m *AclAccountRequestDecline) String() string { return proto.CompactTextString(m) } func (*AclAccountRequestDecline) ProtoMessage() {} func (*AclAccountRequestDecline) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{7} + return fileDescriptor_c8e9f754f34e929b, []int{4} } func (m *AclAccountRequestDecline) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -570,7 +379,7 @@ func (m *AclAccountInviteRevoke) Reset() { *m = AclAccountInviteRevoke{} func (m *AclAccountInviteRevoke) String() string { return proto.CompactTextString(m) } func (*AclAccountInviteRevoke) ProtoMessage() {} func (*AclAccountInviteRevoke) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{8} + return fileDescriptor_c8e9f754f34e929b, []int{5} } func (m *AclAccountInviteRevoke) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -616,7 +425,7 @@ func (m *AclReadKeyWithRecord) Reset() { *m = AclReadKeyWithRecord{} } func (m *AclReadKeyWithRecord) String() string { return proto.CompactTextString(m) } func (*AclReadKeyWithRecord) ProtoMessage() {} func (*AclReadKeyWithRecord) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{9} + return fileDescriptor_c8e9f754f34e929b, []int{6} } func (m *AclReadKeyWithRecord) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -669,7 +478,7 @@ func (m *AclEncryptedReadKey) Reset() { *m = AclEncryptedReadKey{} } func (m *AclEncryptedReadKey) String() string { return proto.CompactTextString(m) } func (*AclEncryptedReadKey) ProtoMessage() {} func (*AclEncryptedReadKey) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{10} + return fileDescriptor_c8e9f754f34e929b, []int{7} } func (m *AclEncryptedReadKey) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -722,7 +531,7 @@ func (m *AclAccountPermissionChange) Reset() { *m = AclAccountPermission func (m *AclAccountPermissionChange) String() string { return proto.CompactTextString(m) } func (*AclAccountPermissionChange) ProtoMessage() {} func (*AclAccountPermissionChange) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{11} + return fileDescriptor_c8e9f754f34e929b, []int{8} } func (m *AclAccountPermissionChange) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -774,7 +583,7 @@ func (m *AclReadKeyChange) Reset() { *m = AclReadKeyChange{} } func (m *AclReadKeyChange) String() string { return proto.CompactTextString(m) } func (*AclReadKeyChange) ProtoMessage() {} func (*AclReadKeyChange) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{12} + return fileDescriptor_c8e9f754f34e929b, []int{9} } func (m *AclReadKeyChange) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -820,7 +629,7 @@ func (m *AclAccountRemove) Reset() { *m = AclAccountRemove{} } func (m *AclAccountRemove) String() string { return proto.CompactTextString(m) } func (*AclAccountRemove) ProtoMessage() {} func (*AclAccountRemove) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{13} + return fileDescriptor_c8e9f754f34e929b, []int{10} } func (m *AclAccountRemove) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -871,7 +680,7 @@ func (m *AclAccountRequestRemove) Reset() { *m = AclAccountRequestRemove func (m *AclAccountRequestRemove) String() string { return proto.CompactTextString(m) } func (*AclAccountRequestRemove) ProtoMessage() {} func (*AclAccountRequestRemove) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{14} + return fileDescriptor_c8e9f754f34e929b, []int{11} } func (m *AclAccountRequestRemove) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -920,7 +729,7 @@ func (m *AclContentValue) Reset() { *m = AclContentValue{} } func (m *AclContentValue) String() string { return proto.CompactTextString(m) } func (*AclContentValue) ProtoMessage() {} func (*AclContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{15} + return fileDescriptor_c8e9f754f34e929b, []int{12} } func (m *AclContentValue) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1087,7 +896,7 @@ func (m *AclData) Reset() { *m = AclData{} } func (m *AclData) String() string { return proto.CompactTextString(m) } func (*AclData) ProtoMessage() {} func (*AclData) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{16} + return fileDescriptor_c8e9f754f34e929b, []int{13} } func (m *AclData) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1123,173 +932,8 @@ func (m *AclData) GetAclContent() []*AclContentValue { return nil } -type AclSyncMessage struct { - Content *AclSyncContentValue `protobuf:"bytes,1,opt,name=content,proto3" json:"content,omitempty"` -} - -func (m *AclSyncMessage) Reset() { *m = AclSyncMessage{} } -func (m *AclSyncMessage) String() string { return proto.CompactTextString(m) } -func (*AclSyncMessage) ProtoMessage() {} -func (*AclSyncMessage) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{17} -} -func (m *AclSyncMessage) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclSyncMessage) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclSyncMessage.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclSyncMessage) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclSyncMessage.Merge(m, src) -} -func (m *AclSyncMessage) XXX_Size() int { - return m.Size() -} -func (m *AclSyncMessage) XXX_DiscardUnknown() { - xxx_messageInfo_AclSyncMessage.DiscardUnknown(m) -} - -var xxx_messageInfo_AclSyncMessage proto.InternalMessageInfo - -func (m *AclSyncMessage) GetContent() *AclSyncContentValue { - if m != nil { - return m.Content - } - return nil -} - -// AclSyncContentValue provides different types for acl sync -type AclSyncContentValue struct { - // Types that are valid to be assigned to Value: - // - // *AclSyncContentValue_AddRecords - Value isAclSyncContentValue_Value `protobuf_oneof:"value"` -} - -func (m *AclSyncContentValue) Reset() { *m = AclSyncContentValue{} } -func (m *AclSyncContentValue) String() string { return proto.CompactTextString(m) } -func (*AclSyncContentValue) ProtoMessage() {} -func (*AclSyncContentValue) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{18} -} -func (m *AclSyncContentValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclSyncContentValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclSyncContentValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclSyncContentValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclSyncContentValue.Merge(m, src) -} -func (m *AclSyncContentValue) XXX_Size() int { - return m.Size() -} -func (m *AclSyncContentValue) XXX_DiscardUnknown() { - xxx_messageInfo_AclSyncContentValue.DiscardUnknown(m) -} - -var xxx_messageInfo_AclSyncContentValue proto.InternalMessageInfo - -type isAclSyncContentValue_Value interface { - isAclSyncContentValue_Value() - MarshalTo([]byte) (int, error) - Size() int -} - -type AclSyncContentValue_AddRecords struct { - AddRecords *AclAddRecords `protobuf:"bytes,1,opt,name=addRecords,proto3,oneof" json:"addRecords,omitempty"` -} - -func (*AclSyncContentValue_AddRecords) isAclSyncContentValue_Value() {} - -func (m *AclSyncContentValue) GetValue() isAclSyncContentValue_Value { - if m != nil { - return m.Value - } - return nil -} - -func (m *AclSyncContentValue) GetAddRecords() *AclAddRecords { - if x, ok := m.GetValue().(*AclSyncContentValue_AddRecords); ok { - return x.AddRecords - } - return nil -} - -// XXX_OneofWrappers is for the internal use of the proto package. -func (*AclSyncContentValue) XXX_OneofWrappers() []interface{} { - return []interface{}{ - (*AclSyncContentValue_AddRecords)(nil), - } -} - -type AclAddRecords struct { - Records []*RawAclRecordWithId `protobuf:"bytes,1,rep,name=records,proto3" json:"records,omitempty"` -} - -func (m *AclAddRecords) Reset() { *m = AclAddRecords{} } -func (m *AclAddRecords) String() string { return proto.CompactTextString(m) } -func (*AclAddRecords) ProtoMessage() {} -func (*AclAddRecords) Descriptor() ([]byte, []int) { - return fileDescriptor_c8e9f754f34e929b, []int{19} -} -func (m *AclAddRecords) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *AclAddRecords) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_AclAddRecords.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *AclAddRecords) XXX_Merge(src proto.Message) { - xxx_messageInfo_AclAddRecords.Merge(m, src) -} -func (m *AclAddRecords) XXX_Size() int { - return m.Size() -} -func (m *AclAddRecords) XXX_DiscardUnknown() { - xxx_messageInfo_AclAddRecords.DiscardUnknown(m) -} - -var xxx_messageInfo_AclAddRecords proto.InternalMessageInfo - -func (m *AclAddRecords) GetRecords() []*RawAclRecordWithId { - if m != nil { - return m.Records - } - return nil -} - func init() { proto.RegisterEnum("aclrecord.AclUserPermissions", AclUserPermissions_name, AclUserPermissions_value) - proto.RegisterType((*RawAclRecord)(nil), "aclrecord.RawAclRecord") - proto.RegisterType((*RawAclRecordWithId)(nil), "aclrecord.RawAclRecordWithId") - proto.RegisterType((*AclRecord)(nil), "aclrecord.AclRecord") proto.RegisterType((*AclRoot)(nil), "aclrecord.AclRoot") proto.RegisterType((*AclAccountInvite)(nil), "aclrecord.AclAccountInvite") proto.RegisterType((*AclAccountRequestJoin)(nil), "aclrecord.AclAccountRequestJoin") @@ -1304,9 +948,6 @@ func init() { proto.RegisterType((*AclAccountRequestRemove)(nil), "aclrecord.AclAccountRequestRemove") proto.RegisterType((*AclContentValue)(nil), "aclrecord.AclContentValue") proto.RegisterType((*AclData)(nil), "aclrecord.AclData") - proto.RegisterType((*AclSyncMessage)(nil), "aclrecord.AclSyncMessage") - proto.RegisterType((*AclSyncContentValue)(nil), "aclrecord.AclSyncContentValue") - proto.RegisterType((*AclAddRecords)(nil), "aclrecord.AclAddRecords") } func init() { @@ -1314,207 +955,60 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 1008 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdd, 0x6e, 0xdc, 0x44, - 0x14, 0xb6, 0x37, 0xc9, 0x6e, 0x7c, 0x9c, 0x6c, 0xb7, 0x43, 0x69, 0x4d, 0x28, 0x4b, 0x30, 0x2a, - 0x8a, 0x2a, 0xd4, 0xa0, 0x45, 0x88, 0x0a, 0x21, 0xda, 0x6d, 0x52, 0xb1, 0x1b, 0x08, 0xa0, 0x09, - 0x50, 0x54, 0x09, 0xa4, 0xe9, 0x78, 0x94, 0x1a, 0xfc, 0xd7, 0xf1, 0x64, 0xab, 0x7d, 0x0b, 0x1e, - 0x81, 0x87, 0xe0, 0x96, 0x7b, 0x2e, 0x7b, 0x83, 0xc4, 0x25, 0x4a, 0x1e, 0x80, 0x57, 0x40, 0x33, - 0xe3, 0x7f, 0xbb, 0x4b, 0x73, 0x91, 0xac, 0xe7, 0xcc, 0x39, 0xdf, 0xf9, 0xfb, 0xce, 0xb1, 0xe1, - 0x53, 0x1a, 0x87, 0x61, 0x1c, 0xa5, 0x09, 0xa1, 0x6c, 0x3f, 0x7e, 0xf2, 0x33, 0xa3, 0x62, 0x9f, - 0xd0, 0x40, 0xfe, 0x71, 0x46, 0x63, 0xee, 0x25, 0x3c, 0x16, 0xf1, 0xbe, 0xfa, 0x9f, 0x96, 0xd2, - 0x3b, 0x4a, 0x80, 0xac, 0x42, 0xe0, 0xfe, 0x66, 0xc2, 0x16, 0x26, 0xcf, 0xa7, 0x34, 0xc0, 0x4a, - 0x80, 0x1c, 0x18, 0x24, 0x64, 0x19, 0xc4, 0xc4, 0x73, 0xcc, 0x5d, 0x73, 0x6f, 0x0b, 0xe7, 0x47, - 0x74, 0x13, 0xac, 0xd4, 0x3f, 0x8d, 0x88, 0x38, 0xe3, 0xcc, 0xe9, 0xa9, 0xbb, 0x52, 0x80, 0x6e, - 0xc3, 0x88, 0x50, 0xca, 0x12, 0x11, 0xf3, 0xb9, 0xc7, 0x22, 0xe1, 0x8b, 0xa5, 0xb3, 0xa6, 0x94, - 0x5a, 0x72, 0xf4, 0x3e, 0x5c, 0xcd, 0x65, 0x27, 0x05, 0xe2, 0xba, 0x52, 0x6e, 0x5f, 0xb8, 0x9f, - 0x01, 0xaa, 0x46, 0xf8, 0xc8, 0x17, 0x4f, 0xe7, 0xab, 0xe2, 0x1c, 0x42, 0xcf, 0xf7, 0x54, 0x80, - 0x16, 0xee, 0xf9, 0x9e, 0xfb, 0x0c, 0xac, 0x32, 0xbd, 0xeb, 0xd0, 0x4f, 0x38, 0x5b, 0xcc, 0xb5, - 0x95, 0x85, 0xb3, 0x13, 0xda, 0x81, 0x4d, 0x3f, 0x0f, 0x5b, 0xe7, 0x56, 0x9c, 0x11, 0x82, 0x75, - 0x8f, 0x08, 0x92, 0xa5, 0xa3, 0x9e, 0x65, 0x31, 0x84, 0x1f, 0xb2, 0x54, 0x90, 0x30, 0x51, 0xa1, - 0xaf, 0xe1, 0x52, 0xe0, 0xfe, 0x65, 0xc2, 0x40, 0xfa, 0x8c, 0x63, 0x51, 0x43, 0x36, 0x1b, 0xc8, - 0x37, 0xc1, 0x0a, 0x49, 0x2a, 0x18, 0xff, 0x82, 0xe5, 0x6e, 0x4b, 0x81, 0x4c, 0x51, 0x35, 0x78, - 0xee, 0x29, 0xd7, 0x16, 0xce, 0x8f, 0xb2, 0xd8, 0x2c, 0xa2, 0x7c, 0x99, 0x08, 0xe6, 0x61, 0x46, - 0x3c, 0x69, 0xae, 0xeb, 0xd7, 0x92, 0xd7, 0x23, 0xdd, 0x68, 0x44, 0x2a, 0x5b, 0x91, 0x47, 0x53, - 0xb6, 0xa2, 0xaf, 0x5b, 0xd1, 0xba, 0x70, 0x3f, 0x80, 0xd1, 0x94, 0x06, 0x53, 0x4a, 0xe3, 0xb3, - 0x48, 0xcc, 0xa3, 0x85, 0x2f, 0x98, 0xc4, 0xf7, 0xd5, 0x93, 0x0c, 0x42, 0x27, 0x58, 0x0a, 0xdc, - 0x3f, 0x4c, 0x78, 0xbd, 0x34, 0xc1, 0xec, 0xd9, 0x19, 0x4b, 0xc5, 0x51, 0xec, 0x47, 0xe8, 0x3d, - 0x18, 0x6a, 0xb5, 0x79, 0xbd, 0x3a, 0x0d, 0x69, 0xa9, 0xa7, 0x3b, 0x38, 0xcf, 0x5b, 0xdb, 0x90, - 0xa2, 0xbb, 0x70, 0xa3, 0x6e, 0x59, 0xe6, 0xa3, 0x1b, 0xf7, 0xb2, 0x6b, 0xd9, 0xa1, 0x90, 0x09, - 0xa2, 0x7a, 0xac, 0xab, 0x58, 0x9c, 0xdd, 0x7f, 0x4d, 0xb8, 0xd1, 0x8a, 0x7f, 0xaa, 0x38, 0xba, - 0xb2, 0xb3, 0x7b, 0x70, 0x85, 0x6b, 0xe5, 0x46, 0xd8, 0x4d, 0x31, 0x3a, 0x86, 0xab, 0xcd, 0x9e, - 0xa5, 0xce, 0xda, 0xee, 0xda, 0x9e, 0x3d, 0x79, 0xfb, 0x4e, 0x39, 0xb9, 0x8a, 0xc2, 0xea, 0x56, - 0x0e, 0x80, 0xb6, 0xc6, 0x6d, 0x4b, 0x74, 0x0f, 0xec, 0x84, 0xf1, 0xd0, 0x4f, 0x53, 0x3f, 0x8e, - 0x52, 0x95, 0xcf, 0x70, 0xf2, 0x56, 0x1d, 0xe8, 0xbb, 0x94, 0xf1, 0x6f, 0x4a, 0x25, 0x5c, 0xb5, - 0x70, 0x0f, 0xc1, 0x69, 0x25, 0x7c, 0xc8, 0x68, 0xe0, 0x47, 0xac, 0x2b, 0x2b, 0xb3, 0x33, 0x2b, - 0xf7, 0x3e, 0x5c, 0x6f, 0x32, 0x05, 0xb3, 0x45, 0xfc, 0x0b, 0xeb, 0xe8, 0xa7, 0xd9, 0xd5, 0x4f, - 0xf7, 0x27, 0xb8, 0xd6, 0x95, 0xb3, 0xac, 0x3a, 0xaf, 0x5b, 0x16, 0xe7, 0xce, 0xb9, 0xe8, 0x75, - 0xcf, 0x85, 0xfb, 0x23, 0xbc, 0x36, 0xa5, 0xc1, 0xc3, 0xe6, 0xb8, 0xac, 0x6a, 0xea, 0x65, 0xe0, - 0x97, 0xb0, 0x53, 0x16, 0xa0, 0x2c, 0xf6, 0xc1, 0x53, 0x12, 0x9d, 0xb2, 0x95, 0x5e, 0x1a, 0x1d, - 0xec, 0x5d, 0xba, 0x83, 0xdf, 0xaa, 0x29, 0xcd, 0x02, 0xc9, 0x1c, 0xde, 0x07, 0x9b, 0xe8, 0x58, - 0x14, 0xbf, 0x4c, 0xc5, 0xaf, 0x71, 0x1d, 0xb4, 0x59, 0x0b, 0x5c, 0x35, 0x71, 0x45, 0x75, 0xf6, - 0x31, 0x0b, 0xe3, 0x05, 0x43, 0x63, 0x80, 0x2c, 0x6c, 0x9f, 0x69, 0xd0, 0x2d, 0x5c, 0x91, 0x34, - 0xbd, 0xf6, 0x2e, 0xef, 0xf5, 0x8d, 0x8e, 0xf1, 0xd3, 0xce, 0xdd, 0xdf, 0x37, 0xe0, 0xca, 0x94, - 0x06, 0x07, 0x71, 0x24, 0x58, 0x24, 0xbe, 0x27, 0xc1, 0x19, 0x43, 0x1f, 0x41, 0x5f, 0xd3, 0x48, - 0x55, 0xd5, 0x9e, 0xbc, 0x59, 0xf7, 0x55, 0xe3, 0xe3, 0xcc, 0xc0, 0x99, 0x32, 0xfa, 0x1c, 0xb6, - 0xfc, 0x0a, 0x47, 0x55, 0xcd, 0xed, 0xc9, 0x3b, 0x2b, 0x8c, 0xb5, 0xe2, 0xcc, 0xc0, 0x35, 0x43, - 0x74, 0x08, 0x36, 0x2f, 0x77, 0x9c, 0x5a, 0x3c, 0xf6, 0x64, 0xb7, 0x13, 0xa7, 0xb2, 0x0b, 0x67, - 0x06, 0xae, 0x9a, 0xa1, 0x23, 0xd8, 0xe6, 0xd5, 0x4d, 0xa3, 0xa6, 0xd8, 0x9e, 0xb8, 0xab, 0x70, - 0xb4, 0xe6, 0xcc, 0xc0, 0x75, 0x53, 0x74, 0x02, 0xa3, 0xa4, 0xc1, 0x3e, 0xf5, 0x16, 0xb0, 0x27, - 0xb7, 0x3a, 0xe1, 0x9a, 0x54, 0x9d, 0x19, 0xb8, 0x05, 0x80, 0x0e, 0x60, 0x9b, 0x54, 0x89, 0xa0, - 0xde, 0x18, 0x2f, 0xab, 0xb6, 0x56, 0x91, 0x91, 0xd5, 0x6c, 0x24, 0x08, 0xaf, 0x72, 0xd4, 0x19, - 0x74, 0x81, 0xd4, 0x68, 0xac, 0xd3, 0xab, 0xf2, 0xfa, 0x18, 0x86, 0xbc, 0xb6, 0xa3, 0x9c, 0x4d, - 0x85, 0xf2, 0xee, 0xaa, 0x5a, 0x65, 0xaa, 0x33, 0x03, 0x37, 0x8c, 0xd1, 0x0f, 0x70, 0x8d, 0x74, - 0x70, 0xcd, 0xb1, 0xfe, 0xbf, 0x01, 0x45, 0x9a, 0x9d, 0x08, 0x0f, 0x06, 0xb0, 0xb1, 0x90, 0x14, - 0x75, 0x1f, 0xaa, 0x4f, 0x83, 0x43, 0xf9, 0x11, 0xf1, 0x09, 0x00, 0x29, 0x08, 0x9c, 0xcd, 0xe4, - 0x4e, 0xdd, 0x47, 0x95, 0xdd, 0xb8, 0xa2, 0xed, 0x1e, 0xc1, 0x70, 0x4a, 0x83, 0x93, 0x65, 0x44, - 0x8f, 0x59, 0x9a, 0x92, 0x53, 0x86, 0xee, 0xc2, 0x80, 0x16, 0x50, 0x66, 0x7b, 0xd0, 0xa4, 0x6e, - 0x0d, 0x2e, 0x57, 0x77, 0x1f, 0xab, 0x55, 0xd8, 0xbc, 0x57, 0xe1, 0x79, 0x9e, 0x5e, 0xbb, 0x69, - 0x86, 0xe9, 0x34, 0x4a, 0x50, 0xdc, 0xcf, 0x0c, 0x5c, 0xd1, 0x2e, 0xd3, 0x9d, 0xc1, 0x76, 0x4d, - 0x0f, 0x7d, 0x0c, 0x03, 0x5e, 0x40, 0xca, 0x8c, 0xab, 0xab, 0xad, 0xfd, 0xa1, 0x87, 0x73, 0xed, - 0xdb, 0x5f, 0x02, 0x6a, 0x6f, 0x3e, 0xb4, 0x09, 0xeb, 0x5f, 0xc5, 0x11, 0x1b, 0x19, 0xc8, 0x82, - 0x8d, 0xaf, 0x9f, 0x47, 0x8c, 0x8f, 0x4c, 0xf9, 0x38, 0xf5, 0x42, 0x3f, 0x1a, 0xf5, 0x10, 0x40, - 0xff, 0x11, 0xf7, 0x05, 0xe3, 0xa3, 0x35, 0xf9, 0x2c, 0xe9, 0xc4, 0xf8, 0x68, 0xfd, 0xc1, 0xbd, - 0x3f, 0xcf, 0xc7, 0xe6, 0x8b, 0xf3, 0xb1, 0xf9, 0xcf, 0xf9, 0xd8, 0xfc, 0xf5, 0x62, 0x6c, 0xbc, - 0xb8, 0x18, 0x1b, 0x7f, 0x5f, 0x8c, 0x8d, 0xc7, 0xb7, 0x5e, 0xe9, 0xdb, 0xfa, 0x49, 0x5f, 0xfd, - 0x7c, 0xf8, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x1d, 0x52, 0x8e, 0xdb, 0x8b, 0x0b, 0x00, 0x00, -} - -func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *RawAclRecord) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *RawAclRecord) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.AcceptorSignature) > 0 { - i -= len(m.AcceptorSignature) - copy(dAtA[i:], m.AcceptorSignature) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptorSignature))) - i-- - dAtA[i] = 0x22 - } - if len(m.AcceptorIdentity) > 0 { - i -= len(m.AcceptorIdentity) - copy(dAtA[i:], m.AcceptorIdentity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptorIdentity))) - i-- - dAtA[i] = 0x1a - } - if len(m.Signature) > 0 { - i -= len(m.Signature) - copy(dAtA[i:], m.Signature) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Signature))) - i-- - dAtA[i] = 0x12 - } - if len(m.Payload) > 0 { - i -= len(m.Payload) - copy(dAtA[i:], m.Payload) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Payload))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *RawAclRecordWithId) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *RawAclRecordWithId) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *RawAclRecordWithId) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Id) > 0 { - i -= len(m.Id) - copy(dAtA[i:], m.Id) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Id))) - i-- - dAtA[i] = 0x12 - } - if len(m.Payload) > 0 { - i -= len(m.Payload) - copy(dAtA[i:], m.Payload) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Payload))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclRecord) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclRecord) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclRecord) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.Timestamp != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.Timestamp)) - i-- - dAtA[i] = 0x20 - } - if len(m.Data) > 0 { - i -= len(m.Data) - copy(dAtA[i:], m.Data) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Data))) - i-- - dAtA[i] = 0x1a - } - if len(m.Identity) > 0 { - i -= len(m.Identity) - copy(dAtA[i:], m.Identity) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Identity))) - i-- - dAtA[i] = 0x12 - } - if len(m.PrevId) > 0 { - i -= len(m.PrevId) - copy(dAtA[i:], m.PrevId) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.PrevId))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil + // 835 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0x5f, 0x4f, 0xdb, 0x56, + 0x14, 0xb7, 0x13, 0x92, 0x90, 0x63, 0xfe, 0x98, 0x3b, 0x36, 0x3c, 0xb6, 0x79, 0x99, 0x27, 0xa6, + 0x08, 0x4d, 0x30, 0x65, 0x9a, 0x34, 0x4d, 0x93, 0x20, 0x10, 0xb4, 0x84, 0x8d, 0x6d, 0xba, 0x6c, + 0x63, 0xaa, 0xd4, 0x4a, 0x17, 0xfb, 0x08, 0xdc, 0xc6, 0x76, 0x7a, 0x7d, 0x93, 0x2a, 0xdf, 0xa2, + 0x1f, 0xa6, 0xaf, 0x7d, 0xef, 0x23, 0x2f, 0x95, 0xfa, 0x58, 0xc1, 0x07, 0xe8, 0x57, 0xa8, 0x7c, + 0x1d, 0xe2, 0x3f, 0x31, 0x69, 0x79, 0x80, 0xd8, 0xe7, 0x9e, 0xdf, 0xef, 0xfc, 0xfb, 0x9d, 0x9b, + 0xc0, 0xaf, 0x76, 0xe0, 0x79, 0x81, 0x1f, 0x0e, 0x98, 0x8d, 0xbb, 0xc1, 0xf9, 0x63, 0xb4, 0xc5, + 0x2e, 0xb3, 0xfb, 0xd1, 0x1f, 0x47, 0x3b, 0xe0, 0xce, 0x80, 0x07, 0x22, 0xd8, 0x95, 0xff, 0xc3, + 0xc4, 0xba, 0x23, 0x0d, 0xa4, 0x3e, 0x35, 0x58, 0xaf, 0x55, 0xa8, 0xb5, 0xed, 0x3e, 0x0d, 0x02, + 0x41, 0x36, 0x61, 0xd1, 0x75, 0xd0, 0x17, 0xae, 0x18, 0x1b, 0x6a, 0x43, 0x6d, 0x2e, 0xd1, 0xe9, + 0x3b, 0xf9, 0x12, 0xea, 0x1e, 0x0b, 0x05, 0xf2, 0xdf, 0x71, 0x6c, 0x94, 0xe4, 0x61, 0x62, 0x20, + 0x06, 0xd4, 0x64, 0x2a, 0x3d, 0xc7, 0x28, 0x37, 0xd4, 0x66, 0x9d, 0xde, 0xbe, 0x92, 0x6d, 0xd0, + 0xd1, 0xb7, 0xf9, 0x78, 0x20, 0xd0, 0xa1, 0xc8, 0x9c, 0x08, 0xbe, 0x20, 0xe1, 0x33, 0xf6, 0x28, + 0x86, 0x70, 0x3d, 0x0c, 0x05, 0xf3, 0x06, 0x46, 0xa5, 0xa1, 0x36, 0xcb, 0x34, 0x31, 0x90, 0xef, + 0x61, 0xed, 0x36, 0x9b, 0x53, 0xf7, 0xc2, 0x67, 0x62, 0xc8, 0xd1, 0xa8, 0x4a, 0xaa, 0xd9, 0x03, + 0xeb, 0x07, 0xd0, 0xdb, 0x76, 0xbf, 0x6d, 0xdb, 0xc1, 0xd0, 0x17, 0x3d, 0x7f, 0xe4, 0x0a, 0x8c, + 0xf8, 0x5d, 0xf9, 0x14, 0x25, 0x11, 0x17, 0x98, 0x18, 0xac, 0x97, 0x2a, 0x7c, 0x9a, 0x40, 0x28, + 0x3e, 0x1d, 0x62, 0x28, 0x8e, 0x03, 0xd7, 0x27, 0xdf, 0xc1, 0x4a, 0xec, 0xd6, 0xcb, 0x76, 0x27, + 0x67, 0x4d, 0xfc, 0xa8, 0xec, 0x6d, 0xcf, 0x91, 0x8d, 0xaa, 0xd3, 0x9c, 0x95, 0xfc, 0x0c, 0x1b, + 0x59, 0x64, 0x52, 0x4f, 0x59, 0x12, 0xdf, 0x75, 0x1c, 0x4d, 0xc8, 0x43, 0xc1, 0x1c, 0x26, 0xd8, + 0xa4, 0x8b, 0xd3, 0x77, 0xeb, 0x9d, 0x0a, 0x1b, 0x33, 0xf9, 0xb7, 0x6d, 0x1b, 0x07, 0xf3, 0x27, + 0xdb, 0x84, 0x55, 0x1e, 0x3b, 0xe7, 0xd2, 0xce, 0x9b, 0xc9, 0x09, 0xac, 0xe5, 0x67, 0x16, 0x1a, + 0xe5, 0x46, 0xb9, 0xa9, 0xb5, 0xbe, 0xde, 0x49, 0x34, 0x16, 0xc9, 0x29, 0x3e, 0x3d, 0x73, 0xc5, + 0x65, 0x8c, 0xa6, 0xb3, 0x48, 0xb2, 0x07, 0xda, 0x00, 0xb9, 0xe7, 0x86, 0xa1, 0x1b, 0xf8, 0xa1, + 0xac, 0x67, 0xa5, 0xf5, 0x55, 0x96, 0xe8, 0xdf, 0x10, 0xf9, 0xdf, 0x89, 0x13, 0x4d, 0x23, 0xac, + 0x0e, 0x18, 0x33, 0x05, 0x77, 0xd0, 0xee, 0xbb, 0x3e, 0x16, 0x55, 0xa5, 0x16, 0x56, 0x65, 0xed, + 0xc3, 0x67, 0x79, 0xa5, 0x50, 0x1c, 0x05, 0x4f, 0xb0, 0x60, 0x9e, 0x6a, 0xd1, 0x3c, 0xad, 0x47, + 0xb0, 0x5e, 0x54, 0x73, 0xd4, 0x75, 0x9e, 0x45, 0x4e, 0xdf, 0x0b, 0xf7, 0xa2, 0x54, 0xbc, 0x17, + 0xd6, 0x43, 0xf8, 0xa4, 0x6d, 0xf7, 0x8f, 0xf2, 0xeb, 0x32, 0x6f, 0xa8, 0xf7, 0xa1, 0x1f, 0xc3, + 0x66, 0xd2, 0x80, 0xa4, 0xd9, 0x87, 0x97, 0xcc, 0xbf, 0xc0, 0xb9, 0x51, 0x72, 0x13, 0x2c, 0xdd, + 0x7b, 0x82, 0xff, 0xc8, 0x2d, 0x9d, 0x24, 0x32, 0x09, 0xb8, 0x0f, 0x1a, 0x8b, 0x73, 0x91, 0xfa, + 0x52, 0xa5, 0xbe, 0xcc, 0x2c, 0x69, 0xbe, 0x17, 0x34, 0x0d, 0xb1, 0x44, 0x7a, 0xf7, 0x29, 0x7a, + 0xc1, 0x08, 0x89, 0x09, 0x30, 0x49, 0xdb, 0xc5, 0x98, 0x74, 0x89, 0xa6, 0x2c, 0xf9, 0xa8, 0xa5, + 0xfb, 0x47, 0xfd, 0xbc, 0x60, 0xfd, 0xe2, 0xe0, 0xd6, 0x8b, 0x0a, 0xac, 0xb6, 0xed, 0xfe, 0x61, + 0xe0, 0x0b, 0xf4, 0xc5, 0x7f, 0xac, 0x3f, 0x44, 0xf2, 0x13, 0x54, 0x63, 0x19, 0xc9, 0xae, 0x6a, + 0xad, 0x2f, 0xb2, 0xb1, 0x32, 0x7a, 0xec, 0x2a, 0x74, 0xe2, 0x4c, 0x7e, 0x83, 0x25, 0x37, 0xa5, + 0x51, 0xd9, 0x73, 0xad, 0xf5, 0xcd, 0x1c, 0x70, 0xec, 0xd8, 0x55, 0x68, 0x06, 0x48, 0x3a, 0xa0, + 0xf1, 0xe4, 0x8e, 0x93, 0x17, 0x8f, 0xd6, 0x6a, 0x14, 0xf2, 0xa4, 0xee, 0xc2, 0xae, 0x42, 0xd3, + 0x30, 0x72, 0x0c, 0xcb, 0x3c, 0x7d, 0xd3, 0xc8, 0x2d, 0xd6, 0x5a, 0xd6, 0x3c, 0x9e, 0xd8, 0xb3, + 0xab, 0xd0, 0x2c, 0x94, 0x9c, 0x82, 0x3e, 0xc8, 0xa9, 0x4f, 0x7e, 0x0b, 0x68, 0xad, 0xad, 0x42, + 0xba, 0xbc, 0x54, 0xbb, 0x0a, 0x9d, 0x21, 0x20, 0x87, 0xb0, 0xcc, 0xd2, 0x42, 0x90, 0xdf, 0x18, + 0x77, 0x75, 0x3b, 0x76, 0x89, 0x32, 0xcb, 0x60, 0x22, 0x12, 0x9e, 0xd6, 0xa8, 0x51, 0x2b, 0x22, + 0xc9, 0xc8, 0x38, 0x2e, 0x2f, 0xad, 0xeb, 0x13, 0x58, 0xe1, 0x99, 0x3b, 0xca, 0x58, 0x94, 0x2c, + 0xdf, 0xce, 0xeb, 0xd5, 0xc4, 0xb5, 0xab, 0xd0, 0x1c, 0x98, 0xfc, 0x0f, 0xeb, 0xac, 0x40, 0x6b, + 0x46, 0xfd, 0xc3, 0x03, 0x98, 0x96, 0x59, 0xc8, 0x70, 0x50, 0x83, 0xca, 0x28, 0x92, 0xa8, 0x75, + 0x24, 0x7f, 0x1a, 0x74, 0x98, 0x60, 0xe4, 0x17, 0x00, 0x36, 0x15, 0xf0, 0x64, 0x27, 0x37, 0xb3, + 0x31, 0xd2, 0xea, 0xa6, 0x29, 0xef, 0xed, 0x3f, 0x80, 0xcc, 0xde, 0x03, 0x64, 0x11, 0x16, 0xfe, + 0x0c, 0x7c, 0xd4, 0x15, 0x52, 0x87, 0xca, 0x5f, 0xcf, 0x7c, 0xe4, 0xba, 0x1a, 0x3d, 0xb6, 0x1d, + 0xcf, 0xf5, 0xf5, 0x12, 0x01, 0xa8, 0x9e, 0x71, 0x57, 0x20, 0xd7, 0xcb, 0xd1, 0x73, 0xd4, 0x5c, + 0xe4, 0xfa, 0xc2, 0xc1, 0xde, 0xab, 0x6b, 0x53, 0xbd, 0xba, 0x36, 0xd5, 0xb7, 0xd7, 0xa6, 0xfa, + 0xfc, 0xc6, 0x54, 0xae, 0x6e, 0x4c, 0xe5, 0xcd, 0x8d, 0xa9, 0x3c, 0xd8, 0xfa, 0xa8, 0xdf, 0x44, + 0xe7, 0x55, 0xf9, 0xf1, 0xe3, 0xfb, 0x00, 0x00, 0x00, 0xff, 0xff, 0xd0, 0xe7, 0x8e, 0xa9, 0x43, + 0x09, 0x00, 0x00, } func (m *AclRoot) Marshal() (dAtA []byte, err error) { @@ -2250,131 +1744,6 @@ func (m *AclData) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *AclSyncMessage) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclSyncMessage) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclSyncMessage) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.Content != nil { - { - size, err := m.Content.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintAclrecord(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AclSyncContentValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclSyncContentValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclSyncContentValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.Value != nil { - { - size := m.Value.Size() - i -= size - if _, err := m.Value.MarshalTo(dAtA[i:]); err != nil { - return 0, err - } - } - } - return len(dAtA) - i, nil -} - -func (m *AclSyncContentValue_AddRecords) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclSyncContentValue_AddRecords) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - if m.AddRecords != nil { - { - size, err := m.AddRecords.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintAclrecord(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} -func (m *AclAddRecords) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AclAddRecords) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *AclAddRecords) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Records) > 0 { - for iNdEx := len(m.Records) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Records[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintAclrecord(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - func encodeVarintAclrecord(dAtA []byte, offset int, v uint64) int { offset -= sovAclrecord(v) base := offset @@ -2386,72 +1755,6 @@ func encodeVarintAclrecord(dAtA []byte, offset int, v uint64) int { dAtA[offset] = uint8(v) return base } -func (m *RawAclRecord) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Payload) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.Signature) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.AcceptorIdentity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.AcceptorSignature) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - return n -} - -func (m *RawAclRecordWithId) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Payload) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.Id) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - return n -} - -func (m *AclRecord) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.PrevId) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.Identity) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - l = len(m.Data) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } - if m.Timestamp != 0 { - n += 1 + sovAclrecord(uint64(m.Timestamp)) - } - return n -} - func (m *AclRoot) Size() (n int) { if m == nil { return 0 @@ -2804,535 +2107,12 @@ func (m *AclData) Size() (n int) { return n } -func (m *AclSyncMessage) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Content != nil { - l = m.Content.Size() - n += 1 + l + sovAclrecord(uint64(l)) - } - return n -} - -func (m *AclSyncContentValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value != nil { - n += m.Value.Size() - } - return n -} - -func (m *AclSyncContentValue_AddRecords) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.AddRecords != nil { - l = m.AddRecords.Size() - n += 1 + l + sovAclrecord(uint64(l)) - } - return n -} -func (m *AclAddRecords) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.Records) > 0 { - for _, e := range m.Records { - l = e.Size() - n += 1 + l + sovAclrecord(uint64(l)) - } - } - return n -} - func sovAclrecord(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } func sozAclrecord(x uint64) (n int) { return sovAclrecord(uint64((x << 1) ^ uint64((int64(x) >> 63)))) } -func (m *RawAclRecord) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: RawAclRecord: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: RawAclRecord: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Payload", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Payload = append(m.Payload[:0], dAtA[iNdEx:postIndex]...) - if m.Payload == nil { - m.Payload = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Signature", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Signature = append(m.Signature[:0], dAtA[iNdEx:postIndex]...) - if m.Signature == nil { - m.Signature = []byte{} - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AcceptorIdentity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AcceptorIdentity = append(m.AcceptorIdentity[:0], dAtA[iNdEx:postIndex]...) - if m.AcceptorIdentity == nil { - m.AcceptorIdentity = []byte{} - } - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AcceptorSignature", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AcceptorSignature = append(m.AcceptorSignature[:0], dAtA[iNdEx:postIndex]...) - if m.AcceptorSignature == nil { - m.AcceptorSignature = []byte{} - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *RawAclRecordWithId) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: RawAclRecordWithId: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: RawAclRecordWithId: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Payload", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Payload = append(m.Payload[:0], dAtA[iNdEx:postIndex]...) - if m.Payload == nil { - m.Payload = []byte{} - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Id", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Id = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclRecord) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclRecord: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclRecord: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field PrevId", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.PrevId = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Identity", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Identity = append(m.Identity[:0], dAtA[iNdEx:postIndex]...) - if m.Identity == nil { - m.Identity = []byte{} - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Data", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Data = append(m.Data[:0], dAtA[iNdEx:postIndex]...) - if m.Data == nil { - m.Data = []byte{} - } - iNdEx = postIndex - case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) - } - m.Timestamp = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Timestamp |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} func (m *AclRoot) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 @@ -5207,261 +3987,6 @@ func (m *AclData) Unmarshal(dAtA []byte) error { } return nil } -func (m *AclSyncMessage) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclSyncMessage: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclSyncMessage: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Content", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Content == nil { - m.Content = &AclSyncContentValue{} - } - if err := m.Content.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclSyncContentValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclSyncContentValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclSyncContentValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AddRecords", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - v := &AclAddRecords{} - if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - m.Value = &AclSyncContentValue_AddRecords{v} - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AclAddRecords) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AclAddRecords: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AclAddRecords: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Records", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Records = append(m.Records, &RawAclRecordWithId{}) - if err := m.Records[len(m.Records)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAclrecord(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAclrecord - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} func skipAclrecord(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index a1f2c49c..4b6f2b5e 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -2,28 +2,6 @@ syntax = "proto3"; package aclrecord; option go_package = "commonspace/object/acl/aclrecordproto"; -// RawAclRecord is a proto message containing the acl payload in bytes, signature of the account who added it and signature of the acceptor -message RawAclRecord { - bytes payload = 1; - bytes signature = 2; - bytes acceptorIdentity = 3; - bytes acceptorSignature = 4; -} - -// RawAclRecordWithId is a raw record and the id for convenience -message RawAclRecordWithId { - bytes payload = 1; - string id = 2; -} - -// AclRecord is a record containing the acl data -message AclRecord { - string prevId = 1; - bytes identity = 2; - bytes data = 3; - int64 timestamp = 4; -} - // AclRoot is a root of access control list message AclRoot { bytes identity = 1; @@ -126,18 +104,3 @@ enum AclUserPermissions { Writer = 3; Reader = 4; } - -message AclSyncMessage { - AclSyncContentValue content = 1; -} - -// AclSyncContentValue provides different types for acl sync -message AclSyncContentValue { - oneof value { - AclAddRecords addRecords = 1; - } -} - -message AclAddRecords { - repeated RawAclRecordWithId records = 1; -} \ No newline at end of file diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index a949bd99..28c3c1f6 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -5,6 +5,7 @@ import ( "github.com/anyproto/any-sync/commonspace/object/accountdata" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/util/cidutil" "github.com/anyproto/any-sync/util/crypto" "github.com/gogo/protobuf/proto" @@ -39,24 +40,24 @@ type AccountRemovePayload struct { } type InviteResult struct { - InviteRec *aclrecordproto.RawAclRecord + InviteRec *consensusproto.RawRecord InviteKey crypto.PrivKey } type AclRecordBuilder interface { - UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) - Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (rec *AclRecord, err error) + UnmarshallWithId(rawIdRecord *consensusproto.RawRecordWithId) (rec *AclRecord, err error) + Unmarshall(rawRecord *consensusproto.RawRecord) (rec *AclRecord, err error) - BuildRoot(content RootContent) (rec *aclrecordproto.RawAclRecordWithId, err error) + BuildRoot(content RootContent) (rec *consensusproto.RawRecordWithId, err error) BuildInvite() (res InviteResult, err error) - BuildInviteRevoke(inviteRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) - BuildRequestJoin(payload RequestJoinPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) - BuildRequestAccept(payload RequestAcceptPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) - BuildRequestDecline(requestRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) - BuildRequestRemove() (rawRecord *aclrecordproto.RawAclRecord, err error) - BuildPermissionChange(payload PermissionChangePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) - BuildReadKeyChange(newKey crypto.SymKey) (rawRecord *aclrecordproto.RawAclRecord, err error) - BuildAccountRemove(payload AccountRemovePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) + BuildInviteRevoke(inviteRecordId string) (rawRecord *consensusproto.RawRecord, err error) + BuildRequestJoin(payload RequestJoinPayload) (rawRecord *consensusproto.RawRecord, err error) + BuildRequestAccept(payload RequestAcceptPayload) (rawRecord *consensusproto.RawRecord, err error) + BuildRequestDecline(requestRecordId string) (rawRecord *consensusproto.RawRecord, err error) + BuildRequestRemove() (rawRecord *consensusproto.RawRecord, err error) + BuildPermissionChange(payload PermissionChangePayload) (rawRecord *consensusproto.RawRecord, err error) + BuildReadKeyChange(newKey crypto.SymKey) (rawRecord *consensusproto.RawRecord, err error) + BuildAccountRemove(payload AccountRemovePayload) (rawRecord *consensusproto.RawRecord, err error) } type aclRecordBuilder struct { @@ -76,7 +77,7 @@ func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage, keys *accountd } } -func (a *aclRecordBuilder) buildRecord(aclContent *aclrecordproto.AclContentValue) (rawRec *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) buildRecord(aclContent *aclrecordproto.AclContentValue) (rawRec *consensusproto.RawRecord, err error) { aclData := &aclrecordproto.AclData{AclContent: []*aclrecordproto.AclContentValue{ aclContent, }} @@ -88,7 +89,7 @@ func (a *aclRecordBuilder) buildRecord(aclContent *aclrecordproto.AclContentValu if err != nil { return } - rec := &aclrecordproto.AclRecord{ + rec := &consensusproto.Record{ PrevId: a.state.lastRecordId, Identity: protoKey, Data: marshalledData, @@ -102,7 +103,7 @@ func (a *aclRecordBuilder) buildRecord(aclContent *aclrecordproto.AclContentValu if err != nil { return } - rawRec = &aclrecordproto.RawAclRecord{ + rawRec = &consensusproto.RawRecord{ Payload: marshalledRec, Signature: signature, } @@ -133,7 +134,7 @@ func (a *aclRecordBuilder) BuildInvite() (res InviteResult, err error) { return } -func (a *aclRecordBuilder) BuildInviteRevoke(inviteRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildInviteRevoke(inviteRecordId string) (rawRecord *consensusproto.RawRecord, err error) { if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { err = ErrInsufficientPermissions return @@ -148,7 +149,7 @@ func (a *aclRecordBuilder) BuildInviteRevoke(inviteRecordId string) (rawRecord * return a.buildRecord(content) } -func (a *aclRecordBuilder) BuildRequestJoin(payload RequestJoinPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildRequestJoin(payload RequestJoinPayload) (rawRecord *consensusproto.RawRecord, err error) { key, exists := a.state.inviteKeys[payload.InviteRecordId] if !exists { err = ErrNoSuchInvite @@ -179,7 +180,7 @@ func (a *aclRecordBuilder) BuildRequestJoin(payload RequestJoinPayload) (rawReco return a.buildRecord(content) } -func (a *aclRecordBuilder) BuildRequestAccept(payload RequestAcceptPayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildRequestAccept(payload RequestAcceptPayload) (rawRecord *consensusproto.RawRecord, err error) { if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { err = ErrInsufficientPermissions return @@ -221,7 +222,7 @@ func (a *aclRecordBuilder) BuildRequestAccept(payload RequestAcceptPayload) (raw return a.buildRecord(content) } -func (a *aclRecordBuilder) BuildRequestDecline(requestRecordId string) (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildRequestDecline(requestRecordId string) (rawRecord *consensusproto.RawRecord, err error) { if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { err = ErrInsufficientPermissions return @@ -236,7 +237,7 @@ func (a *aclRecordBuilder) BuildRequestDecline(requestRecordId string) (rawRecor return a.buildRecord(content) } -func (a *aclRecordBuilder) BuildPermissionChange(payload PermissionChangePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildPermissionChange(payload PermissionChangePayload) (rawRecord *consensusproto.RawRecord, err error) { permissions := a.state.Permissions(a.state.pubKey) if !permissions.CanManageAccounts() || payload.Identity.Equals(a.state.pubKey) { err = ErrInsufficientPermissions @@ -258,7 +259,7 @@ func (a *aclRecordBuilder) BuildPermissionChange(payload PermissionChangePayload return a.buildRecord(content) } -func (a *aclRecordBuilder) BuildReadKeyChange(newKey crypto.SymKey) (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildReadKeyChange(newKey crypto.SymKey) (rawRecord *consensusproto.RawRecord, err error) { if !a.state.Permissions(a.state.pubKey).CanManageAccounts() { err = ErrInsufficientPermissions return @@ -291,7 +292,7 @@ func (a *aclRecordBuilder) BuildReadKeyChange(newKey crypto.SymKey) (rawRecord * return a.buildRecord(content) } -func (a *aclRecordBuilder) BuildAccountRemove(payload AccountRemovePayload) (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildAccountRemove(payload AccountRemovePayload) (rawRecord *consensusproto.RawRecord, err error) { deletedMap := map[string]struct{}{} for _, key := range payload.Identities { permissions := a.state.Permissions(key) @@ -346,7 +347,7 @@ func (a *aclRecordBuilder) BuildAccountRemove(payload AccountRemovePayload) (raw return a.buildRecord(content) } -func (a *aclRecordBuilder) BuildRequestRemove() (rawRecord *aclrecordproto.RawAclRecord, err error) { +func (a *aclRecordBuilder) BuildRequestRemove() (rawRecord *consensusproto.RawRecord, err error) { permissions := a.state.Permissions(a.state.pubKey) if permissions.NoPermissions() { err = ErrNoSuchAccount @@ -361,8 +362,8 @@ func (a *aclRecordBuilder) BuildRequestRemove() (rawRecord *aclrecordproto.RawAc return a.buildRecord(content) } -func (a *aclRecordBuilder) Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (rec *AclRecord, err error) { - aclRecord := &aclrecordproto.AclRecord{} +func (a *aclRecordBuilder) Unmarshall(rawRecord *consensusproto.RawRecord) (rec *AclRecord, err error) { + aclRecord := &consensusproto.Record{} err = proto.Unmarshal(rawRecord.Payload, aclRecord) if err != nil { return @@ -395,9 +396,9 @@ func (a *aclRecordBuilder) Unmarshall(rawRecord *aclrecordproto.RawAclRecord) (r return } -func (a *aclRecordBuilder) UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) { +func (a *aclRecordBuilder) UnmarshallWithId(rawIdRecord *consensusproto.RawRecordWithId) (rec *AclRecord, err error) { var ( - rawRec = &aclrecordproto.RawAclRecord{} + rawRec = &consensusproto.RawRecord{} pubKey crypto.PubKey ) err = proto.Unmarshal(rawIdRecord.Payload, rawRec) @@ -426,7 +427,7 @@ func (a *aclRecordBuilder) UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRe if err != nil { return } - aclRecord := &aclrecordproto.AclRecord{} + aclRecord := &consensusproto.Record{} err = proto.Unmarshal(rawRec.Payload, aclRecord) if err != nil { return @@ -455,7 +456,7 @@ func (a *aclRecordBuilder) UnmarshallWithId(rawIdRecord *aclrecordproto.RawAclRe return } -func (a *aclRecordBuilder) BuildRoot(content RootContent) (rec *aclrecordproto.RawAclRecordWithId, err error) { +func (a *aclRecordBuilder) BuildRoot(content RootContent) (rec *consensusproto.RawRecordWithId, err error) { rawIdentity, err := content.PrivKey.GetPublic().Raw() if err != nil { return @@ -489,8 +490,8 @@ func (a *aclRecordBuilder) BuildRoot(content RootContent) (rec *aclrecordproto.R func verifyRaw( pubKey crypto.PubKey, - rawRec *aclrecordproto.RawAclRecord, - recWithId *aclrecordproto.RawAclRecordWithId) (err error) { + rawRec *consensusproto.RawRecord, + recWithId *consensusproto.RawRecordWithId) (err error) { // verifying signature res, err := pubKey.Verify(rawRec.Payload, rawRec.Signature) if err != nil { @@ -508,7 +509,7 @@ func verifyRaw( return } -func marshalAclRoot(aclRoot *aclrecordproto.AclRoot, key crypto.PrivKey) (rawWithId *aclrecordproto.RawAclRecordWithId, err error) { +func marshalAclRoot(aclRoot *aclrecordproto.AclRoot, key crypto.PrivKey) (rawWithId *consensusproto.RawRecordWithId, err error) { marshalledRoot, err := aclRoot.Marshal() if err != nil { return @@ -517,7 +518,7 @@ func marshalAclRoot(aclRoot *aclrecordproto.AclRoot, key crypto.PrivKey) (rawWit if err != nil { return } - raw := &aclrecordproto.RawAclRecord{ + raw := &consensusproto.RawRecord{ Payload: marshalledRoot, Signature: signature, } @@ -529,7 +530,7 @@ func marshalAclRoot(aclRoot *aclrecordproto.AclRoot, key crypto.PrivKey) (rawWit if err != nil { return } - rawWithId = &aclrecordproto.RawAclRecordWithId{ + rawWithId = &consensusproto.RawRecordWithId{ Payload: marshalledRaw, Id: aclHeadId, } diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index cedf772c..f336f823 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -8,8 +8,8 @@ import ( "sync" "github.com/anyproto/any-sync/commonspace/object/accountdata" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/liststorage" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/util/crypto" ) @@ -27,20 +27,20 @@ type RWLocker interface { } type AcceptorVerifier interface { - VerifyAcceptor(rec *aclrecordproto.RawAclRecord) (err error) + VerifyAcceptor(rec *consensusproto.RawRecord) (err error) } type NoOpAcceptorVerifier struct { } -func (n NoOpAcceptorVerifier) VerifyAcceptor(rec *aclrecordproto.RawAclRecord) (err error) { +func (n NoOpAcceptorVerifier) VerifyAcceptor(rec *consensusproto.RawRecord) (err error) { return nil } type AclList interface { RWLocker Id() string - Root() *aclrecordproto.RawAclRecordWithId + Root() *consensusproto.RawRecordWithId Records() []*AclRecord AclState() *AclState IsAfter(first string, second string) (bool, error) @@ -53,14 +53,14 @@ type AclList interface { KeyStorage() crypto.KeyStorage RecordBuilder() AclRecordBuilder - ValidateRawRecord(record *aclrecordproto.RawAclRecord) (err error) - AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (err error) + ValidateRawRecord(record *consensusproto.RawRecord) (err error) + AddRawRecord(rawRec *consensusproto.RawRecordWithId) (err error) Close() (err error) } type aclList struct { - root *aclrecordproto.RawAclRecordWithId + root *consensusproto.RawRecordWithId records []*AclRecord indexes map[string]int id string @@ -187,7 +187,7 @@ func (a *aclList) Records() []*AclRecord { return a.records } -func (a *aclList) ValidateRawRecord(rawRec *aclrecordproto.RawAclRecord) (err error) { +func (a *aclList) ValidateRawRecord(rawRec *consensusproto.RawRecord) (err error) { record, err := a.recordBuilder.Unmarshall(rawRec) if err != nil { return @@ -195,7 +195,7 @@ func (a *aclList) ValidateRawRecord(rawRec *aclrecordproto.RawAclRecord) (err er return a.aclState.Validator().ValidateAclRecordContents(record) } -func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (err error) { +func (a *aclList) AddRawRecord(rawRec *consensusproto.RawRecordWithId) (err error) { if _, ok := a.indexes[rawRec.Id]; ok { return ErrRecordAlreadyExists } @@ -221,7 +221,7 @@ func (a *aclList) Id() string { return a.id } -func (a *aclList) Root() *aclrecordproto.RawAclRecordWithId { +func (a *aclList) Root() *consensusproto.RawRecordWithId { return a.root } diff --git a/commonspace/object/acl/list/list_test.go b/commonspace/object/acl/list/list_test.go index 17a4a9ec..b1dda008 100644 --- a/commonspace/object/acl/list/list_test.go +++ b/commonspace/object/acl/list/list_test.go @@ -6,12 +6,13 @@ import ( "github.com/anyproto/any-sync/commonspace/object/accountdata" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/util/cidutil" "github.com/anyproto/any-sync/util/crypto" "github.com/stretchr/testify/require" ) -func wrapRecord(rawRec *aclrecordproto.RawAclRecord) *aclrecordproto.RawAclRecordWithId { +func wrapRecord(rawRec *consensusproto.RawRecord) *consensusproto.RawRecordWithId { payload, err := rawRec.Marshal() if err != nil { panic(err) @@ -20,7 +21,7 @@ func wrapRecord(rawRec *aclrecordproto.RawAclRecord) *aclrecordproto.RawAclRecor if err != nil { panic(err) } - return &aclrecordproto.RawAclRecordWithId{ + return &consensusproto.RawRecordWithId{ Payload: payload, Id: id, } @@ -53,7 +54,7 @@ func newFixture(t *testing.T) *aclFixture { } } -func (fx *aclFixture) addRec(t *testing.T, rec *aclrecordproto.RawAclRecordWithId) { +func (fx *aclFixture) addRec(t *testing.T, rec *consensusproto.RawRecordWithId) { err := fx.ownerAcl.AddRawRecord(rec) require.NoError(t, err) err = fx.accountAcl.AddRawRecord(rec) diff --git a/commonspace/object/acl/list/listutils.go b/commonspace/object/acl/list/listutils.go index d337dcc5..d512f748 100644 --- a/commonspace/object/acl/list/listutils.go +++ b/commonspace/object/acl/list/listutils.go @@ -2,8 +2,8 @@ package list import ( "github.com/anyproto/any-sync/commonspace/object/accountdata" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/liststorage" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/util/crypto" ) @@ -21,7 +21,7 @@ func NewTestDerivedAcl(spaceId string, keys *accountdata.AccountKeys) (AclList, if err != nil { return nil, err } - st, err := liststorage.NewInMemoryAclListStorage(root.Id, []*aclrecordproto.RawAclRecordWithId{ + st, err := liststorage.NewInMemoryAclListStorage(root.Id, []*consensusproto.RawRecordWithId{ root, }) if err != nil { @@ -30,8 +30,8 @@ func NewTestDerivedAcl(spaceId string, keys *accountdata.AccountKeys) (AclList, return BuildAclListWithIdentity(keys, st, NoOpAcceptorVerifier{}) } -func NewTestAclWithRoot(keys *accountdata.AccountKeys, root *aclrecordproto.RawAclRecordWithId) (AclList, error) { - st, err := liststorage.NewInMemoryAclListStorage(root.Id, []*aclrecordproto.RawAclRecordWithId{ +func NewTestAclWithRoot(keys *accountdata.AccountKeys, root *consensusproto.RawRecordWithId) (AclList, error) { + st, err := liststorage.NewInMemoryAclListStorage(root.Id, []*consensusproto.RawRecordWithId{ root, }) if err != nil { diff --git a/commonspace/object/acl/list/mock_list/mock_list.go b/commonspace/object/acl/list/mock_list/mock_list.go index 84ad11c1..012c71c6 100644 --- a/commonspace/object/acl/list/mock_list/mock_list.go +++ b/commonspace/object/acl/list/mock_list/mock_list.go @@ -7,8 +7,8 @@ package mock_list import ( reflect "reflect" - aclrecordproto "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" list "github.com/anyproto/any-sync/commonspace/object/acl/list" + consensusproto "github.com/anyproto/any-sync/consensus/consensusproto" crypto "github.com/anyproto/any-sync/util/crypto" gomock "github.com/golang/mock/gomock" ) @@ -51,7 +51,7 @@ func (mr *MockAclListMockRecorder) AclState() *gomock.Call { } // AddRawRecord mocks base method. -func (m *MockAclList) AddRawRecord(arg0 *aclrecordproto.RawAclRecordWithId) error { +func (m *MockAclList) AddRawRecord(arg0 *consensusproto.RawRecordWithId) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "AddRawRecord", arg0) ret0, _ := ret[0].(error) @@ -254,10 +254,10 @@ func (mr *MockAclListMockRecorder) Records() *gomock.Call { } // Root mocks base method. -func (m *MockAclList) Root() *aclrecordproto.RawAclRecordWithId { +func (m *MockAclList) Root() *consensusproto.RawRecordWithId { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Root") - ret0, _ := ret[0].(*aclrecordproto.RawAclRecordWithId) + ret0, _ := ret[0].(*consensusproto.RawRecordWithId) return ret0 } @@ -280,7 +280,7 @@ func (mr *MockAclListMockRecorder) Unlock() *gomock.Call { } // ValidateRawRecord mocks base method. -func (m *MockAclList) ValidateRawRecord(arg0 *aclrecordproto.RawAclRecord) error { +func (m *MockAclList) ValidateRawRecord(arg0 *consensusproto.RawRecord) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "ValidateRawRecord", arg0) ret0, _ := ret[0].(error) diff --git a/commonspace/object/acl/liststorage/inmemory.go b/commonspace/object/acl/liststorage/inmemory.go index 615fe948..276d4f78 100644 --- a/commonspace/object/acl/liststorage/inmemory.go +++ b/commonspace/object/acl/liststorage/inmemory.go @@ -3,24 +3,26 @@ package liststorage import ( "context" "fmt" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + + "github.com/anyproto/any-sync/consensus/consensusproto" + "sync" ) type inMemoryAclListStorage struct { id string - root *aclrecordproto.RawAclRecordWithId + root *consensusproto.RawRecordWithId head string - records map[string]*aclrecordproto.RawAclRecordWithId + records map[string]*consensusproto.RawRecordWithId sync.RWMutex } func NewInMemoryAclListStorage( id string, - records []*aclrecordproto.RawAclRecordWithId) (ListStorage, error) { + records []*consensusproto.RawRecordWithId) (ListStorage, error) { - allRecords := make(map[string]*aclrecordproto.RawAclRecordWithId) + allRecords := make(map[string]*consensusproto.RawRecordWithId) for _, ch := range records { allRecords[ch.Id] = ch } @@ -41,7 +43,7 @@ func (t *inMemoryAclListStorage) Id() string { return t.id } -func (t *inMemoryAclListStorage) Root() (*aclrecordproto.RawAclRecordWithId, error) { +func (t *inMemoryAclListStorage) Root() (*consensusproto.RawRecordWithId, error) { t.RLock() defer t.RUnlock() return t.root, nil @@ -60,7 +62,7 @@ func (t *inMemoryAclListStorage) SetHead(head string) error { return nil } -func (t *inMemoryAclListStorage) AddRawRecord(ctx context.Context, record *aclrecordproto.RawAclRecordWithId) error { +func (t *inMemoryAclListStorage) AddRawRecord(ctx context.Context, record *consensusproto.RawRecordWithId) error { t.Lock() defer t.Unlock() // TODO: better to do deep copy @@ -68,7 +70,7 @@ func (t *inMemoryAclListStorage) AddRawRecord(ctx context.Context, record *aclre return nil } -func (t *inMemoryAclListStorage) GetRawRecord(ctx context.Context, recordId string) (*aclrecordproto.RawAclRecordWithId, error) { +func (t *inMemoryAclListStorage) GetRawRecord(ctx context.Context, recordId string) (*consensusproto.RawRecordWithId, error) { t.RLock() defer t.RUnlock() if res, exists := t.records[recordId]; exists { diff --git a/commonspace/object/acl/liststorage/liststorage.go b/commonspace/object/acl/liststorage/liststorage.go index 416fe100..f17e201f 100644 --- a/commonspace/object/acl/liststorage/liststorage.go +++ b/commonspace/object/acl/liststorage/liststorage.go @@ -4,7 +4,8 @@ package liststorage import ( "context" "errors" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + + "github.com/anyproto/any-sync/consensus/consensusproto" ) var ( @@ -14,15 +15,15 @@ var ( ) type Exporter interface { - ListStorage(root *aclrecordproto.RawAclRecordWithId) (ListStorage, error) + ListStorage(root *consensusproto.RawRecordWithId) (ListStorage, error) } type ListStorage interface { Id() string - Root() (*aclrecordproto.RawAclRecordWithId, error) + Root() (*consensusproto.RawRecordWithId, error) Head() (string, error) SetHead(headId string) error - GetRawRecord(ctx context.Context, id string) (*aclrecordproto.RawAclRecordWithId, error) - AddRawRecord(ctx context.Context, rec *aclrecordproto.RawAclRecordWithId) error + GetRawRecord(ctx context.Context, id string) (*consensusproto.RawRecordWithId, error) + AddRawRecord(ctx context.Context, rec *consensusproto.RawRecordWithId) error } diff --git a/commonspace/object/acl/liststorage/mock_liststorage/mock_liststorage.go b/commonspace/object/acl/liststorage/mock_liststorage/mock_liststorage.go index ce0a8bbf..ef4781e6 100644 --- a/commonspace/object/acl/liststorage/mock_liststorage/mock_liststorage.go +++ b/commonspace/object/acl/liststorage/mock_liststorage/mock_liststorage.go @@ -8,7 +8,7 @@ import ( context "context" reflect "reflect" - aclrecordproto "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + consensusproto "github.com/anyproto/any-sync/consensus/consensusproto" gomock "github.com/golang/mock/gomock" ) @@ -36,7 +36,7 @@ func (m *MockListStorage) EXPECT() *MockListStorageMockRecorder { } // AddRawRecord mocks base method. -func (m *MockListStorage) AddRawRecord(arg0 context.Context, arg1 *aclrecordproto.RawAclRecordWithId) error { +func (m *MockListStorage) AddRawRecord(arg0 context.Context, arg1 *consensusproto.RawRecordWithId) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "AddRawRecord", arg0, arg1) ret0, _ := ret[0].(error) @@ -50,10 +50,10 @@ func (mr *MockListStorageMockRecorder) AddRawRecord(arg0, arg1 interface{}) *gom } // GetRawRecord mocks base method. -func (m *MockListStorage) GetRawRecord(arg0 context.Context, arg1 string) (*aclrecordproto.RawAclRecordWithId, error) { +func (m *MockListStorage) GetRawRecord(arg0 context.Context, arg1 string) (*consensusproto.RawRecordWithId, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "GetRawRecord", arg0, arg1) - ret0, _ := ret[0].(*aclrecordproto.RawAclRecordWithId) + ret0, _ := ret[0].(*consensusproto.RawRecordWithId) ret1, _ := ret[1].(error) return ret0, ret1 } @@ -94,10 +94,10 @@ func (mr *MockListStorageMockRecorder) Id() *gomock.Call { } // Root mocks base method. -func (m *MockListStorage) Root() (*aclrecordproto.RawAclRecordWithId, error) { +func (m *MockListStorage) Root() (*consensusproto.RawRecordWithId, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Root") - ret0, _ := ret[0].(*aclrecordproto.RawAclRecordWithId) + ret0, _ := ret[0].(*consensusproto.RawRecordWithId) ret1, _ := ret[1].(error) return ret0, ret1 } diff --git a/commonspace/object/acl/syncacl/syncaclhandler.go b/commonspace/object/acl/syncacl/syncaclhandler.go index 5880f70f..357a4bc2 100644 --- a/commonspace/object/acl/syncacl/syncaclhandler.go +++ b/commonspace/object/acl/syncacl/syncaclhandler.go @@ -2,8 +2,7 @@ package syncacl import ( "context" - "fmt" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anyproto/any-sync/commonspace/object/acl/list" "github.com/anyproto/any-sync/commonspace/spacesyncproto" ) @@ -13,19 +12,5 @@ type syncAclHandler struct { } func (s *syncAclHandler) HandleMessage(ctx context.Context, senderId string, req *spacesyncproto.ObjectSyncMessage) (err error) { - aclMsg := &aclrecordproto.AclSyncMessage{} - if err = aclMsg.Unmarshal(req.Payload); err != nil { - return - } - content := aclMsg.GetContent() - switch { - case content.GetAddRecords() != nil: - return s.handleAddRecords(ctx, senderId, content.GetAddRecords()) - default: - return fmt.Errorf("unexpected aclSync message: %T", content.Value) - } -} - -func (s *syncAclHandler) handleAddRecords(ctx context.Context, senderId string, addRecord *aclrecordproto.AclAddRecords) (err error) { - return + return nil } diff --git a/commonspace/payloads.go b/commonspace/payloads.go index b3c9835b..4fb5c59c 100644 --- a/commonspace/payloads.go +++ b/commonspace/payloads.go @@ -14,6 +14,7 @@ import ( "github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto" "github.com/anyproto/any-sync/commonspace/spacestorage" "github.com/anyproto/any-sync/commonspace/spacesyncproto" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/util/cidutil" "github.com/anyproto/any-sync/util/crypto" "github.com/gogo/protobuf/proto" @@ -255,12 +256,12 @@ func ValidateSpaceHeader(rawHeaderWithId *spacesyncproto.RawSpaceHeaderWithId, i return } -func validateCreateSpaceAclPayload(rawWithId *aclrecordproto.RawAclRecordWithId) (spaceId string, err error) { +func validateCreateSpaceAclPayload(rawWithId *consensusproto.RawRecordWithId) (spaceId string, err error) { if !cidutil.VerifyCid(rawWithId.Payload, rawWithId.Id) { err = objecttree.ErrIncorrectCid return } - var rawAcl aclrecordproto.RawAclRecord + var rawAcl consensusproto.RawRecord err = proto.Unmarshal(rawWithId.Payload, &rawAcl) if err != nil { return diff --git a/commonspace/payloads_test.go b/commonspace/payloads_test.go index f144f623..fbfe0f10 100644 --- a/commonspace/payloads_test.go +++ b/commonspace/payloads_test.go @@ -2,20 +2,22 @@ package commonspace import ( "fmt" + "math/rand" + "strconv" + "testing" + "time" + "github.com/anyproto/any-sync/commonspace/object/accountdata" "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/tree/objecttree" "github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto" "github.com/anyproto/any-sync/commonspace/spacestorage" "github.com/anyproto/any-sync/commonspace/spacesyncproto" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/util/cidutil" "github.com/anyproto/any-sync/util/crypto" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "math/rand" - "strconv" - "testing" - "time" ) func TestSuccessHeaderPayloadForSpaceCreate(t *testing.T) { @@ -188,14 +190,14 @@ func TestFailAclPayloadSpace_IncorrectCid(t *testing.T) { marshalled, err := aclRoot.Marshal() require.NoError(t, err) signature, err := accountKeys.SignKey.Sign(marshalled) - rawAclRecord := &aclrecordproto.RawAclRecord{ + rawAclRecord := &consensusproto.RawRecord{ Payload: marshalled, Signature: signature, } marshalledRaw, err := rawAclRecord.Marshal() require.NoError(t, err) aclHeadId := "rand" - rawWithId := &aclrecordproto.RawAclRecordWithId{ + rawWithId := &consensusproto.RawRecordWithId{ Payload: marshalledRaw, Id: aclHeadId, } @@ -230,7 +232,7 @@ func TestFailedAclPayloadSpace_IncorrectSignature(t *testing.T) { } marshalled, err := aclRoot.Marshal() require.NoError(t, err) - rawAclRecord := &aclrecordproto.RawAclRecord{ + rawAclRecord := &consensusproto.RawRecord{ Payload: marshalled, Signature: marshalled, } @@ -238,7 +240,7 @@ func TestFailedAclPayloadSpace_IncorrectSignature(t *testing.T) { require.NoError(t, err) aclHeadId, err := cidutil.NewCidFromBytes(marshalledRaw) require.NoError(t, err) - rawWithId := &aclrecordproto.RawAclRecordWithId{ + rawWithId := &consensusproto.RawRecordWithId{ Payload: marshalledRaw, Id: aclHeadId, } @@ -286,7 +288,7 @@ func TestFailedAclPayloadSpace_IncorrectIdentitySignature(t *testing.T) { return } signature, err := accountKeys.SignKey.Sign(marshalled) - rawAclRecord := &aclrecordproto.RawAclRecord{ + rawAclRecord := &consensusproto.RawRecord{ Payload: marshalled, Signature: signature, } @@ -298,7 +300,7 @@ func TestFailedAclPayloadSpace_IncorrectIdentitySignature(t *testing.T) { if err != nil { return } - rawWithId := &aclrecordproto.RawAclRecordWithId{ + rawWithId := &consensusproto.RawRecordWithId{ Payload: marshalledRaw, Id: aclHeadId, } @@ -540,7 +542,7 @@ func rawSettingsPayload(accountKeys *accountdata.AccountKeys, spaceId, aclHeadId return } -func rawAclWithId(accountKeys *accountdata.AccountKeys, spaceId string) (aclHeadId string, rawWithId *aclrecordproto.RawAclRecordWithId, err error) { +func rawAclWithId(accountKeys *accountdata.AccountKeys, spaceId string) (aclHeadId string, rawWithId *consensusproto.RawRecordWithId, err error) { // TODO: use same storage creation methods as we use in spaces readKeyBytes := make([]byte, 32) _, err = rand.Read(readKeyBytes) @@ -582,7 +584,7 @@ func rawAclWithId(accountKeys *accountdata.AccountKeys, spaceId string) (aclHead return } signature, err := accountKeys.SignKey.Sign(marshalled) - rawAclRecord := &aclrecordproto.RawAclRecord{ + rawAclRecord := &consensusproto.RawRecord{ Payload: marshalled, Signature: signature, } @@ -594,7 +596,7 @@ func rawAclWithId(accountKeys *accountdata.AccountKeys, spaceId string) (aclHead if err != nil { return } - rawWithId = &aclrecordproto.RawAclRecordWithId{ + rawWithId = &consensusproto.RawRecordWithId{ Payload: marshalledRaw, Id: aclHeadId, } diff --git a/commonspace/spaceservice.go b/commonspace/spaceservice.go index 3e441aea..3397e212 100644 --- a/commonspace/spaceservice.go +++ b/commonspace/spaceservice.go @@ -2,6 +2,8 @@ package commonspace import ( "context" + "sync/atomic" + "github.com/anyproto/any-sync/accountservice" "github.com/anyproto/any-sync/app" "github.com/anyproto/any-sync/app/logger" @@ -9,7 +11,6 @@ import ( "github.com/anyproto/any-sync/commonspace/credentialprovider" "github.com/anyproto/any-sync/commonspace/deletionstate" "github.com/anyproto/any-sync/commonspace/headsync" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/syncacl" "github.com/anyproto/any-sync/commonspace/object/tree/objecttree" "github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto" @@ -24,13 +25,13 @@ import ( "github.com/anyproto/any-sync/commonspace/spacestorage" "github.com/anyproto/any-sync/commonspace/spacesyncproto" "github.com/anyproto/any-sync/commonspace/syncstatus" + "github.com/anyproto/any-sync/consensus/consensusproto" "github.com/anyproto/any-sync/metric" "github.com/anyproto/any-sync/net/peer" "github.com/anyproto/any-sync/net/pool" "github.com/anyproto/any-sync/net/rpc/rpcerr" "github.com/anyproto/any-sync/nodeconf" "storj.io/drpc" - "sync/atomic" ) const CName = "common.commonspace" @@ -193,7 +194,7 @@ func (s *spaceService) NewSpace(ctx context.Context, id string) (Space, error) { func (s *spaceService) addSpaceStorage(ctx context.Context, spaceDescription SpaceDescription) (st spacestorage.SpaceStorage, err error) { payload := spacestorage.SpaceStorageCreatePayload{ - AclWithId: &aclrecordproto.RawAclRecordWithId{ + AclWithId: &consensusproto.RawRecordWithId{ Payload: spaceDescription.AclPayload, Id: spaceDescription.AclId, }, @@ -240,7 +241,7 @@ func (s *spaceService) getSpaceStorageFromRemote(ctx context.Context, id string) } st, err = s.createSpaceStorage(spacestorage.SpaceStorageCreatePayload{ - AclWithId: &aclrecordproto.RawAclRecordWithId{ + AclWithId: &consensusproto.RawRecordWithId{ Payload: res.Payload.AclPayload, Id: res.Payload.AclPayloadId, }, diff --git a/commonspace/spacestorage/inmemorystorage.go b/commonspace/spacestorage/inmemorystorage.go index 096f5a84..0550ffbc 100644 --- a/commonspace/spacestorage/inmemorystorage.go +++ b/commonspace/spacestorage/inmemorystorage.go @@ -2,12 +2,14 @@ package spacestorage import ( "context" + "github.com/anyproto/any-sync/app" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/liststorage" "github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto" "github.com/anyproto/any-sync/commonspace/object/tree/treestorage" "github.com/anyproto/any-sync/commonspace/spacesyncproto" + "github.com/anyproto/any-sync/consensus/consensusproto" + "sync" ) @@ -40,7 +42,7 @@ func (i *InMemorySpaceStorage) Name() (name string) { } func NewInMemorySpaceStorage(payload SpaceStorageCreatePayload) (SpaceStorage, error) { - aclStorage, err := liststorage.NewInMemoryAclListStorage(payload.AclWithId.Id, []*aclrecordproto.RawAclRecordWithId{payload.AclWithId}) + aclStorage, err := liststorage.NewInMemoryAclListStorage(payload.AclWithId.Id, []*consensusproto.RawRecordWithId{payload.AclWithId}) if err != nil { return nil, err } diff --git a/commonspace/spacestorage/spacestorage.go b/commonspace/spacestorage/spacestorage.go index e2807f5a..a0976f3e 100644 --- a/commonspace/spacestorage/spacestorage.go +++ b/commonspace/spacestorage/spacestorage.go @@ -4,12 +4,13 @@ package spacestorage import ( "context" "errors" + "github.com/anyproto/any-sync/app" - "github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anyproto/any-sync/commonspace/object/acl/liststorage" "github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto" "github.com/anyproto/any-sync/commonspace/object/tree/treestorage" "github.com/anyproto/any-sync/commonspace/spacesyncproto" + "github.com/anyproto/any-sync/consensus/consensusproto" ) const CName = "common.commonspace.spacestorage" @@ -47,7 +48,7 @@ type SpaceStorage interface { } type SpaceStorageCreatePayload struct { - AclWithId *aclrecordproto.RawAclRecordWithId + AclWithId *consensusproto.RawRecordWithId SpaceHeaderWithId *spacesyncproto.RawSpaceHeaderWithId SpaceSettingsWithId *treechangeproto.RawTreeChangeWithId } diff --git a/commonspace/spacesyncproto/spacesync_drpc.pb.go b/commonspace/spacesyncproto/spacesync_drpc.pb.go index f9c7abae..11e5d715 100644 --- a/commonspace/spacesyncproto/spacesync_drpc.pb.go +++ b/commonspace/spacesyncproto/spacesync_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.32 +// protoc-gen-go-drpc version: v0.0.33 // source: commonspace/spacesyncproto/protos/spacesync.proto package spacesyncproto @@ -103,6 +103,10 @@ type drpcSpaceSync_ObjectSyncStreamClient struct { drpc.Stream } +func (x *drpcSpaceSync_ObjectSyncStreamClient) GetStream() drpc.Stream { + return x.Stream +} + func (x *drpcSpaceSync_ObjectSyncStreamClient) Send(m *ObjectSyncMessage) error { return x.MsgSend(m, drpcEncoding_File_commonspace_spacesyncproto_protos_spacesync_proto{}) } diff --git a/coordinator/coordinatorproto/coordinator_drpc.pb.go b/coordinator/coordinatorproto/coordinator_drpc.pb.go index 75e73a7b..0ed69ea2 100644 --- a/coordinator/coordinatorproto/coordinator_drpc.pb.go +++ b/coordinator/coordinatorproto/coordinator_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.32 +// protoc-gen-go-drpc version: v0.0.33 // source: coordinator/coordinatorproto/protos/coordinator.proto package coordinatorproto diff --git a/net/streampool/testservice/testservice_drpc.pb.go b/net/streampool/testservice/testservice_drpc.pb.go index f50fdbe7..cfe5bce9 100644 --- a/net/streampool/testservice/testservice_drpc.pb.go +++ b/net/streampool/testservice/testservice_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.32 +// protoc-gen-go-drpc version: v0.0.33 // source: net/streampool/testservice/protos/testservice.proto package testservice @@ -72,6 +72,10 @@ type drpcTest_TestStreamClient struct { drpc.Stream } +func (x *drpcTest_TestStreamClient) GetStream() drpc.Stream { + return x.Stream +} + func (x *drpcTest_TestStreamClient) Send(m *StreamMessage) error { return x.MsgSend(m, drpcEncoding_File_net_streampool_testservice_protos_testservice_proto{}) } From ab34ff4bc92871d3c93493cb97ccba494f74d8eb Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Tue, 4 Jul 2023 08:07:55 +0200 Subject: [PATCH 16/17] Fix not sending correct connection and incoming count --- net/peer/peer.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/peer/peer.go b/net/peer/peer.go index 25ffbb20..d0226823 100644 --- a/net/peer/peer.go +++ b/net/peer/peer.go @@ -189,7 +189,7 @@ func (p *peer) openDrpcConn(ctx context.Context) (dconn *subConn, err error) { tconn := connutil.NewLastUsageConn(conn) bufSize := p.ctrl.DrpcConfig().Stream.MaxMsgSizeMb * (1 << 20) return &subConn{ - Conn: drpcconn.NewWithOptions(conn, drpcconn.Options{ + Conn: drpcconn.NewWithOptions(tconn, drpcconn.Options{ Manager: drpcmanager.Options{ Reader: drpcwire.ReaderOptions{MaximumBufferSize: bufSize}, Stream: drpcstream.Options{MaximumBufferSize: bufSize}, @@ -296,7 +296,7 @@ func (p *peer) gc(ttl time.Duration) (aliveCount int) { continue } } - return len(p.active) + len(p.inactive) + return len(p.active) + len(p.inactive) + int(p.incomingCount.Load()) } func (p *peer) Close() (err error) { From fe31afc3376ecd32925f040c66cb02a532a43829 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Tue, 4 Jul 2023 16:51:14 +0200 Subject: [PATCH 17/17] Remove cancel with deadline --- commonspace/objectsync/objectsync.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/commonspace/objectsync/objectsync.go b/commonspace/objectsync/objectsync.go index f8125aa8..c98bf8db 100644 --- a/commonspace/objectsync/objectsync.go +++ b/commonspace/objectsync/objectsync.go @@ -149,9 +149,6 @@ func (s *objectSync) processHandleMessage(msg HandleMessage) { err = context.DeadlineExceeded return } - var cancel context.CancelFunc - ctx, cancel = context.WithDeadline(ctx, msg.Deadline) - defer cancel() } if err = s.handleMessage(ctx, msg.SenderId, msg.Message); err != nil { if msg.Message.ObjectId != "" {