Add state apply changes

commonspace/object/acl/aclrecordproto/aclrecord.pb.go

@@ -452,6 +452,7 @@ type AclAccountRequestAccept struct {
 	Identity          []byte             `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
 	RequestRecordId   string             `protobuf:"bytes,2,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"`
 	EncryptedReadKeys []byte             `protobuf:"bytes,3,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"`
+	Permissions       AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"`
 }
 
 func (m *AclAccountRequestAccept) Reset()         { *m = AclAccountRequestAccept{} }
@@ -508,6 +509,13 @@ func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []byte {
 	return nil
 }
 
+func (m *AclAccountRequestAccept) GetPermissions() AclUserPermissions {
+	if m != nil {
+		return m.Permissions
+	}
+	return AclUserPermissions_None
+}
+
 // AclAccountRequestDecline contains the reference to join record
 type AclAccountRequestDecline struct {
 	RequestRecordId string `protobuf:"bytes,1,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"`
@@ -600,7 +608,7 @@ func (m *AclAccountInviteRevoke) GetInviteRecordId() string {
 
 // AclReadKeys are all read keys in Acl
 type AclReadKeys struct {
-	ReadKey [][]byte `protobuf:"bytes,1,rep,name=readKey,proto3" json:"readKey,omitempty"`
+	ReadKeys map[string][]byte `protobuf:"bytes,1,rep,name=readKeys,proto3" json:"readKeys,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
 }
 
 func (m *AclReadKeys) Reset()         { *m = AclReadKeys{} }
@@ -636,31 +644,31 @@ func (m *AclReadKeys) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_AclReadKeys proto.InternalMessageInfo
 
-func (m *AclReadKeys) GetReadKey() [][]byte {
+func (m *AclReadKeys) GetReadKeys() map[string][]byte {
 	if m != nil {
-		return m.ReadKey
+		return m.ReadKeys
 	}
 	return nil
 }
 
-// AclEncryptedReadKeys are all keys for specific identity
+// AclEncryptedReadKeys are new key for specific identity
-type AclEncryptedReadKeys struct {
+type AclEncryptedReadKey struct {
 	Identity         []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
-	EncryptedReadKeys []byte `protobuf:"bytes,2,opt,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"`
+	EncryptedReadKey []byte `protobuf:"bytes,2,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"`
 }
 
-func (m *AclEncryptedReadKeys) Reset()         { *m = AclEncryptedReadKeys{} }
+func (m *AclEncryptedReadKey) Reset()         { *m = AclEncryptedReadKey{} }
-func (m *AclEncryptedReadKeys) String() string { return proto.CompactTextString(m) }
+func (m *AclEncryptedReadKey) String() string { return proto.CompactTextString(m) }
-func (*AclEncryptedReadKeys) ProtoMessage()    {}
+func (*AclEncryptedReadKey) ProtoMessage()    {}
-func (*AclEncryptedReadKeys) Descriptor() ([]byte, []int) {
+func (*AclEncryptedReadKey) Descriptor() ([]byte, []int) {
 	return fileDescriptor_c8e9f754f34e929b, []int{10}
 }
-func (m *AclEncryptedReadKeys) XXX_Unmarshal(b []byte) error {
+func (m *AclEncryptedReadKey) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
 }
-func (m *AclEncryptedReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+func (m *AclEncryptedReadKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
 	if deterministic {
-		return xxx_messageInfo_AclEncryptedReadKeys.Marshal(b, m, deterministic)
+		return xxx_messageInfo_AclEncryptedReadKey.Marshal(b, m, deterministic)
 	} else {
 		b = b[:cap(b)]
 		n, err := m.MarshalToSizedBuffer(b)
@@ -670,28 +678,28 @@ func (m *AclEncryptedReadKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte
 		return b[:n], nil
 	}
 }
-func (m *AclEncryptedReadKeys) XXX_Merge(src proto.Message) {
+func (m *AclEncryptedReadKey) XXX_Merge(src proto.Message) {
-	xxx_messageInfo_AclEncryptedReadKeys.Merge(m, src)
+	xxx_messageInfo_AclEncryptedReadKey.Merge(m, src)
 }
-func (m *AclEncryptedReadKeys) XXX_Size() int {
+func (m *AclEncryptedReadKey) XXX_Size() int {
 	return m.Size()
 }
-func (m *AclEncryptedReadKeys) XXX_DiscardUnknown() {
+func (m *AclEncryptedReadKey) XXX_DiscardUnknown() {
-	xxx_messageInfo_AclEncryptedReadKeys.DiscardUnknown(m)
+	xxx_messageInfo_AclEncryptedReadKey.DiscardUnknown(m)
 }
 
-var xxx_messageInfo_AclEncryptedReadKeys proto.InternalMessageInfo
+var xxx_messageInfo_AclEncryptedReadKey proto.InternalMessageInfo
 
-func (m *AclEncryptedReadKeys) GetIdentity() []byte {
+func (m *AclEncryptedReadKey) GetIdentity() []byte {
 	if m != nil {
 		return m.Identity
 	}
 	return nil
 }
 
-func (m *AclEncryptedReadKeys) GetEncryptedReadKeys() []byte {
+func (m *AclEncryptedReadKey) GetEncryptedReadKey() []byte {
 	if m != nil {
-		return m.EncryptedReadKeys
+		return m.EncryptedReadKey
 	}
 	return nil
 }
@@ -751,7 +759,7 @@ func (m *AclAccountPermissionChange) GetPermissions() AclUserPermissions {
 
 // AclReadKeyChange changes the key for a space
 type AclReadKeyChange struct {
-	AccountKeys []*AclEncryptedReadKeys `protobuf:"bytes,1,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"`
+	AccountKeys []*AclEncryptedReadKey `protobuf:"bytes,1,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"`
 }
 
 func (m *AclReadKeyChange) Reset()         { *m = AclReadKeyChange{} }
@@ -787,7 +795,7 @@ func (m *AclReadKeyChange) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_AclReadKeyChange proto.InternalMessageInfo
 
-func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKeys {
+func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKey {
 	if m != nil {
 		return m.AccountKeys
 	}
@@ -797,7 +805,7 @@ func (m *AclReadKeyChange) GetAccountKeys() []*AclEncryptedReadKeys {
 // AclAccountRemove removes an account and changes read key for space
 type AclAccountRemove struct {
 	Identity    []byte                 `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
-	AccountKeys []*AclEncryptedReadKeys `protobuf:"bytes,2,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"`
+	AccountKeys []*AclEncryptedReadKey `protobuf:"bytes,2,rep,name=accountKeys,proto3" json:"accountKeys,omitempty"`
 }
 
 func (m *AclAccountRemove) Reset()         { *m = AclAccountRemove{} }
@@ -840,7 +848,7 @@ func (m *AclAccountRemove) GetIdentity() []byte {
 	return nil
 }
 
-func (m *AclAccountRemove) GetAccountKeys() []*AclEncryptedReadKeys {
+func (m *AclAccountRemove) GetAccountKeys() []*AclEncryptedReadKey {
 	if m != nil {
 		return m.AccountKeys
 	}
@@ -1231,7 +1239,8 @@ func init() {
 	proto.RegisterType((*AclAccountRequestDecline)(nil), "aclrecord.AclAccountRequestDecline")
 	proto.RegisterType((*AclAccountInviteRevoke)(nil), "aclrecord.AclAccountInviteRevoke")
 	proto.RegisterType((*AclReadKeys)(nil), "aclrecord.AclReadKeys")
-	proto.RegisterType((*AclEncryptedReadKeys)(nil), "aclrecord.AclEncryptedReadKeys")
+	proto.RegisterMapType((map[string][]byte)(nil), "aclrecord.AclReadKeys.ReadKeysEntry")
+	proto.RegisterType((*AclEncryptedReadKey)(nil), "aclrecord.AclEncryptedReadKey")
 	proto.RegisterType((*AclAccountPermissionChange)(nil), "aclrecord.AclAccountPermissionChange")
 	proto.RegisterType((*AclReadKeyChange)(nil), "aclrecord.AclReadKeyChange")
 	proto.RegisterType((*AclAccountRemove)(nil), "aclrecord.AclAccountRemove")
@@ -1247,67 +1256,70 @@ func init() {
 }
 
 var fileDescriptor_c8e9f754f34e929b = []byte{
-	// 958 bytes of a gzipped FileDescriptorProto
+	// 1005 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdf, 0x6e, 0x1b, 0xc5,
-	0x14, 0xde, 0x75, 0x1c, 0x3b, 0x3e, 0x9b, 0xb8, 0x66, 0x80, 0xd6, 0x0a, 0xc5, 0x84, 0x45, 0x85,
+	0x17, 0xde, 0xb5, 0x1d, 0x3b, 0x3e, 0x9b, 0xb8, 0xfe, 0xcd, 0x0f, 0x5a, 0x2b, 0x14, 0x2b, 0x2c,
-	0xaa, 0x42, 0x0d, 0x32, 0x42, 0x54, 0x08, 0x51, 0xb6, 0x49, 0x85, 0x1d, 0x28, 0xa0, 0x89, 0x4a,
+	0x14, 0x45, 0x15, 0x4a, 0x90, 0x11, 0x22, 0x2a, 0x88, 0x66, 0x9b, 0x44, 0xd8, 0x81, 0x02, 0x9a,
-	0xa5, 0x5e, 0x31, 0x9d, 0x1d, 0xa5, 0x0b, 0xbb, 0x3b, 0x9b, 0xd9, 0xb1, 0x2b, 0x3f, 0x04, 0x12,
+	0x00, 0x95, 0x2a, 0x71, 0x31, 0x9d, 0x1d, 0xa5, 0x4b, 0xf7, 0x5f, 0x67, 0x27, 0xae, 0xfc, 0x0e,
-	0x8f, 0xc0, 0x8b, 0x70, 0xcf, 0x65, 0x6e, 0x90, 0x10, 0x57, 0x28, 0x79, 0x11, 0x34, 0x33, 0xbb,
+	0x5c, 0xf0, 0x08, 0xbc, 0x08, 0xf7, 0x5c, 0xa1, 0xde, 0x20, 0x21, 0xae, 0x50, 0xf2, 0x22, 0x68,
-	0xde, 0xdf, 0x58, 0x88, 0x8b, 0xc4, 0x33, 0x67, 0xce, 0xf9, 0xce, 0x77, 0x7e, 0x6d, 0xf8, 0x9c,
+	0x66, 0xf6, 0xff, 0x6e, 0x2d, 0x7a, 0xd1, 0x66, 0xe6, 0xcc, 0x39, 0xdf, 0x7c, 0xe7, 0x7c, 0x67,
-	0xf2, 0x28, 0xe2, 0x71, 0x9a, 0x10, 0xca, 0x0e, 0xf9, 0x8b, 0x9f, 0x18, 0x95, 0x87, 0x84, 0x86,
+	0xce, 0x1a, 0x3e, 0xa3, 0x51, 0x10, 0x44, 0x61, 0x12, 0x13, 0xca, 0x0e, 0xa2, 0x27, 0x3f, 0x31,
-	0xea, 0x4f, 0x30, 0xca, 0x85, 0x9f, 0x08, 0x2e, 0xf9, 0xa1, 0xfe, 0x9f, 0x16, 0xd2, 0xfb, 0x5a,
+	0x2a, 0x0e, 0x08, 0xf5, 0xe5, 0x3f, 0xce, 0x68, 0xc4, 0xdd, 0x98, 0x47, 0x22, 0x3a, 0x50, 0xff,
-	0x80, 0x06, 0x6b, 0x81, 0xfb, 0x9b, 0x0d, 0xbb, 0x98, 0xbc, 0xf2, 0x68, 0x88, 0xb5, 0x00, 0x8d,
+	0x27, 0x85, 0x75, 0x5f, 0x19, 0xd0, 0x30, 0x37, 0xd8, 0xbf, 0x9a, 0xb0, 0x85, 0xc9, 0x0b, 0x87,
-	0xa1, 0x9f, 0x90, 0x55, 0xc8, 0x89, 0x3f, 0xb6, 0x0f, 0xec, 0xbb, 0xbb, 0x38, 0xbf, 0xa2, 0xdb,
+	0xfa, 0x58, 0x19, 0xd0, 0x04, 0x06, 0x31, 0x59, 0xf9, 0x11, 0x71, 0x27, 0xe6, 0xae, 0xb9, 0xb7,
-	0x30, 0x48, 0x83, 0xb3, 0x98, 0xc8, 0x85, 0x60, 0xe3, 0x8e, 0x7e, 0x2b, 0x04, 0xe8, 0x1e, 0x8c,
+	0x85, 0xb3, 0x2d, 0xba, 0x0d, 0xc3, 0xc4, 0xbb, 0x08, 0x89, 0xb8, 0xe4, 0x6c, 0xd2, 0x51, 0x67,
-	0x08, 0xa5, 0x2c, 0x91, 0x5c, 0xcc, 0x7d, 0x16, 0xcb, 0x40, 0xae, 0xc6, 0x5b, 0x5a, 0xa9, 0x21,
+	0x85, 0x01, 0xdd, 0x85, 0x31, 0xa1, 0x94, 0xc5, 0x22, 0xe2, 0x0b, 0x97, 0x85, 0xc2, 0x13, 0xab,
-	0x47, 0x1f, 0xc2, 0x6b, 0xb9, 0xec, 0x74, 0x8d, 0xd8, 0xd5, 0xca, 0xcd, 0x07, 0xf7, 0x0b, 0x40,
+	0x49, 0x57, 0x39, 0x35, 0xec, 0xe8, 0x03, 0xf8, 0x5f, 0x66, 0x3b, 0xcf, 0x11, 0x7b, 0xca, 0xb9,
-	0x65, 0x86, 0xcf, 0x02, 0xf9, 0x72, 0xbe, 0x89, 0xe7, 0x10, 0x3a, 0x81, 0xaf, 0x09, 0x0e, 0x70,
+	0x79, 0x60, 0x7f, 0x0e, 0xa8, 0xcc, 0xf0, 0x91, 0x27, 0x9e, 0x2e, 0xd6, 0xf1, 0x1c, 0x41, 0xc7,
-	0x27, 0xf0, 0xdd, 0x73, 0x18, 0x14, 0xe1, 0xdd, 0x84, 0x5e, 0x22, 0xd8, 0x72, 0x6e, 0xac, 0x06,
+	0x73, 0x15, 0xc1, 0x21, 0xee, 0x78, 0xae, 0xfd, 0x1c, 0x86, 0x45, 0x7a, 0x37, 0xa1, 0x1f, 0x73,
-	0x38, 0xbb, 0xa1, 0x7d, 0xd8, 0x09, 0x72, 0xda, 0x26, 0xb6, 0xf5, 0x1d, 0x21, 0xe8, 0xfa, 0x44,
+	0xb6, 0x5c, 0xe8, 0xa8, 0x21, 0x4e, 0x77, 0x68, 0x07, 0x36, 0xbd, 0x8c, 0xb6, 0xce, 0x2d, 0xdf,
-	0x92, 0x2c, 0x1c, 0x7d, 0x56, 0xc9, 0x90, 0x41, 0xc4, 0x52, 0x49, 0xa2, 0x44, 0x53, 0xdf, 0xc2,
+	0x23, 0x04, 0x3d, 0x97, 0x08, 0x92, 0xa6, 0xa3, 0xd6, 0xb2, 0x18, 0xc2, 0x0b, 0x58, 0x22, 0x48,
-	0x85, 0xc0, 0xfd, 0xd3, 0x86, 0xbe, 0xf2, 0xc9, 0xb9, 0xac, 0x20, 0xdb, 0x35, 0xe4, 0xdb, 0x30,
+	0x10, 0x2b, 0xea, 0x5d, 0x5c, 0x18, 0xec, 0x3f, 0x4d, 0x18, 0xc8, 0x3b, 0xa3, 0x48, 0x54, 0x90,
-	0x88, 0x48, 0x2a, 0x99, 0xf8, 0x9a, 0xe5, 0x6e, 0x0b, 0x81, 0x0a, 0x51, 0x17, 0x78, 0xee, 0x6b,
+	0xcd, 0x1a, 0xf2, 0x6d, 0x18, 0x06, 0x24, 0x11, 0x8c, 0x7f, 0xc9, 0xb2, 0x6b, 0x0b, 0x83, 0x4c,
-	0xd7, 0x03, 0x9c, 0x5f, 0x55, 0xb2, 0x59, 0x4c, 0xc5, 0x2a, 0x91, 0xcc, 0xc7, 0x8c, 0xf8, 0xca,
+	0x51, 0x09, 0xbc, 0x70, 0xd5, 0xd5, 0x43, 0x9c, 0x6d, 0x65, 0xb1, 0x59, 0x48, 0xf9, 0x2a, 0x16,
-	0xdc, 0xe4, 0xaf, 0x21, 0xaf, 0x32, 0xdd, 0xae, 0x31, 0x55, 0xa5, 0xc8, 0xd9, 0x14, 0xa5, 0xe8,
+	0xcc, 0xc5, 0x8c, 0xb8, 0x32, 0x5c, 0xd7, 0xaf, 0x61, 0xaf, 0x32, 0xdd, 0xa8, 0x31, 0x95, 0x52,
-	0x99, 0x52, 0x34, 0x1e, 0xdc, 0x8f, 0x60, 0xe4, 0xd1, 0xd0, 0xa3, 0x94, 0x2f, 0x62, 0x39, 0x8f,
+	0x64, 0x6c, 0x0a, 0x29, 0xfa, 0x5a, 0x8a, 0xc6, 0x81, 0xfd, 0x21, 0x8c, 0x1d, 0xea, 0x3b, 0x94,
-	0x97, 0x81, 0x64, 0x0a, 0x3f, 0xd0, 0x27, 0x45, 0xc2, 0x04, 0x58, 0x08, 0xdc, 0xdf, 0x6d, 0x78,
+	0x46, 0x97, 0xa1, 0x58, 0x84, 0x4b, 0x4f, 0x30, 0x89, 0xef, 0xa9, 0x95, 0x24, 0xa1, 0x13, 0x2c,
-	0xb3, 0x30, 0xc1, 0xec, 0x7c, 0xc1, 0x52, 0x79, 0xc2, 0x83, 0x18, 0xbd, 0x0f, 0x43, 0xa3, 0x36,
+	0x0c, 0xf6, 0x6f, 0x26, 0xbc, 0x59, 0x84, 0x60, 0xf6, 0xfc, 0x92, 0x25, 0xe2, 0x2c, 0xf2, 0x42,
-	0xaf, 0x66, 0xa7, 0x26, 0x2d, 0xf4, 0x4c, 0x05, 0xe7, 0x79, 0x69, 0x6b, 0x52, 0xf4, 0x00, 0x6e,
+	0xf4, 0x3e, 0x8c, 0xb4, 0xdb, 0xa2, 0x5a, 0x9d, 0x9a, 0xb5, 0xf0, 0xd3, 0x0a, 0x2e, 0x32, 0x69,
-	0x55, 0x2d, 0x8b, 0x78, 0x4c, 0xe1, 0xae, 0x7b, 0x56, 0x15, 0x8a, 0x98, 0x24, 0xba, 0xc6, 0x26,
+	0x6b, 0x56, 0x74, 0x08, 0xb7, 0xaa, 0x91, 0x45, 0x3e, 0x5a, 0xb8, 0x57, 0x1d, 0x4b, 0x85, 0x02,
-	0x8b, 0xeb, 0xbb, 0xfb, 0x8b, 0x0d, 0xb7, 0x1a, 0xfc, 0x3d, 0xdd, 0xa3, 0x1b, 0x2b, 0x7b, 0x17,
+	0x26, 0x88, 0xd2, 0x58, 0x57, 0x31, 0xdf, 0xdb, 0x7f, 0x98, 0x70, 0xab, 0xc1, 0xdf, 0x51, 0x3d,
-	0x6e, 0x08, 0xa3, 0x5c, 0xa3, 0x5d, 0x17, 0xab, 0x0a, 0xd4, 0x6b, 0x96, 0x66, 0x8c, 0x9b, 0x0f,
+	0xba, 0x56, 0xd9, 0x3d, 0xb8, 0xc1, 0xb5, 0x73, 0x8d, 0x76, 0xdd, 0x2c, 0x15, 0xa8, 0x6b, 0x96,
-	0xee, 0x31, 0x8c, 0x1b, 0x74, 0x8e, 0x19, 0x0d, 0x83, 0x98, 0xb5, 0xf9, 0xb4, 0x5b, 0x7d, 0xba,
+	0xa4, 0x8c, 0x9b, 0x07, 0xe8, 0x3e, 0x58, 0x31, 0xe3, 0x81, 0x97, 0x24, 0x5e, 0x14, 0x26, 0x8a,
-	0x5f, 0xc2, 0xcd, 0x7a, 0x1d, 0x31, 0x5b, 0xf2, 0x9f, 0x59, 0x4b, 0xb6, 0xed, 0xb6, 0x6c, 0xbb,
+	0xee, 0x68, 0xf6, 0xf6, 0x7e, 0xf1, 0xc2, 0x1d, 0xea, 0x7f, 0x9f, 0x30, 0xfe, 0x6d, 0xe1, 0x84,
-	0x1f, 0x80, 0xa3, 0x87, 0xca, 0xd0, 0x52, 0xad, 0x2a, 0xb2, 0x3e, 0xb4, 0x0f, 0xb6, 0xd4, 0x34,
+	0xcb, 0x11, 0xf6, 0x09, 0x4c, 0x1a, 0xf9, 0x9c, 0x30, 0xea, 0x7b, 0x21, 0x6b, 0x23, 0x6d, 0xb6,
-	0x66, 0x57, 0xf7, 0x47, 0x78, 0xc3, 0xa3, 0xe1, 0xe3, 0x7a, 0x20, 0x1b, 0x93, 0xd7, 0x9a, 0x92,
+	0x92, 0xb6, 0x8f, 0xe0, 0x66, 0xbd, 0x11, 0x30, 0x5b, 0x46, 0xcf, 0x58, 0x8b, 0x5c, 0x66, 0x9b,
-	0xce, 0x75, 0x29, 0x59, 0xc1, 0x7e, 0x11, 0xcc, 0xf7, 0x4c, 0x44, 0x41, 0x9a, 0x06, 0x3c, 0x3e,
+	0x5c, 0xf6, 0xcf, 0x26, 0x58, 0xea, 0x59, 0xa6, 0x89, 0x1d, 0xc1, 0x26, 0xcf, 0xb2, 0x37, 0x77,
-	0x7a, 0x49, 0xe2, 0x33, 0xb6, 0xd1, 0xcf, 0x43, 0x70, 0x92, 0xb5, 0xbe, 0xf1, 0x30, 0x9c, 0xbe,
+	0xbb, 0x7b, 0xd6, 0xec, 0xbd, 0x6a, 0x56, 0x99, 0xe7, 0x7e, 0xb6, 0x38, 0x0d, 0x05, 0x5f, 0xe1,
-	0x7d, 0xbf, 0x58, 0x97, 0x1e, 0x0d, 0x9f, 0xa6, 0x4c, 0x14, 0xa0, 0x29, 0x2e, 0x5b, 0xb8, 0x4f,
+	0x3c, 0x6a, 0xe7, 0x53, 0xd8, 0xae, 0x1c, 0xa1, 0x31, 0x74, 0x9f, 0xa5, 0x3d, 0x39, 0xc4, 0x72,
-	0xf5, 0x3c, 0x64, 0x4c, 0x32, 0x87, 0x1e, 0x38, 0xc4, 0x70, 0xd1, 0xb4, 0x55, 0x3a, 0x9c, 0xe9,
+	0x89, 0xde, 0x80, 0x8d, 0x25, 0xf1, 0x2f, 0xb3, 0xf1, 0xa5, 0x37, 0xf7, 0x3a, 0x87, 0xa6, 0xfd,
-	0x3b, 0x55, 0xd0, 0x46, 0x3a, 0x70, 0xd9, 0xc6, 0x3d, 0x2f, 0x8f, 0x19, 0x66, 0x11, 0x5f, 0x6e,
+	0x23, 0xfc, 0xdf, 0xa1, 0xfe, 0x69, 0xfd, 0xf1, 0xac, 0x93, 0xb8, 0xed, 0x11, 0x76, 0xda, 0x1f,
-	0x8e, 0xa3, 0xe6, 0xb2, 0xf3, 0x3f, 0x5c, 0xfe, 0xdd, 0x85, 0x1b, 0x1e, 0x0d, 0x8f, 0x78, 0x2c,
+	0xa1, 0xbd, 0x82, 0x9d, 0xa2, 0x5e, 0x85, 0x36, 0xc7, 0x4f, 0x49, 0x78, 0xc1, 0xd6, 0xde, 0x52,
-	0x59, 0x2c, 0x7f, 0x20, 0xe1, 0x82, 0xa1, 0x4f, 0xa0, 0x67, 0xaa, 0xae, 0x1d, 0x3a, 0xd3, 0xb7,
+	0x13, 0xbc, 0xf3, 0xda, 0x82, 0x7f, 0xa7, 0xde, 0x6c, 0x4a, 0x24, 0xbd, 0xf0, 0x08, 0x2c, 0xa2,
-	0xaa, 0x88, 0x95, 0xf6, 0x99, 0x59, 0x38, 0x53, 0x46, 0x5f, 0xc1, 0x6e, 0x50, 0x6a, 0x29, 0x9d,
+	0xb9, 0x94, 0xea, 0x3d, 0xad, 0x82, 0xd6, 0x6b, 0x81, 0xcb, 0x21, 0x76, 0x5c, 0x9e, 0x04, 0x98,
-	0x56, 0x67, 0xfa, 0xee, 0x06, 0x63, 0xa3, 0x38, 0xb3, 0x70, 0xc5, 0x10, 0x1d, 0x83, 0x23, 0x8a,
+	0x05, 0xd1, 0x72, 0x7d, 0x1a, 0xb5, 0x1b, 0x3b, 0xaf, 0x7f, 0xe3, 0xdf, 0x3d, 0xb8, 0xe1, 0x50,
-	0x85, 0xa1, 0x67, 0xc2, 0x99, 0x1e, 0xb4, 0xe2, 0x94, 0x16, 0xcb, 0xcc, 0xc2, 0x65, 0x33, 0x74,
+	0xff, 0x38, 0x0a, 0x05, 0x0b, 0xc5, 0x0f, 0x52, 0x39, 0xf4, 0x31, 0xf4, 0x75, 0x5b, 0xa9, 0xfb,
-	0x02, 0x7b, 0xa2, 0x3c, 0xb6, 0x7a, 0xc4, 0x9d, 0xa9, 0xbb, 0x09, 0xc7, 0x68, 0xce, 0x2c, 0x5c,
+	0xac, 0xd9, 0x5b, 0x55, 0xc0, 0x4a, 0x7f, 0xce, 0x0d, 0x9c, 0x3a, 0xa3, 0x2f, 0x60, 0xcb, 0x2b,
-	0x35, 0x45, 0xa7, 0x30, 0x4a, 0x6a, 0x0d, 0xa6, 0x57, 0xaa, 0x33, 0xbd, 0xd3, 0x0a, 0x57, 0xef,
+	0xf5, 0xac, 0x2a, 0xaa, 0x35, 0x7b, 0x67, 0x4d, 0xb0, 0x76, 0x9c, 0x1b, 0xb8, 0x12, 0x88, 0x4e,
-	0xc6, 0x99, 0x85, 0x1b, 0x00, 0xe8, 0x08, 0xf6, 0x48, 0xb9, 0xd4, 0x7a, 0xfd, 0x5e, 0x97, 0x6d,
+	0xc0, 0xe2, 0xc5, 0x48, 0x53, 0xaf, 0xd6, 0x9a, 0xed, 0xb6, 0xe2, 0x94, 0x46, 0xdf, 0xdc, 0xc0,
-	0xa3, 0xa2, 0x98, 0x55, 0x6c, 0x14, 0x88, 0x28, 0xb7, 0xe1, 0xb8, 0xdf, 0x06, 0x52, 0xe9, 0x54,
+	0xe5, 0x30, 0x74, 0x06, 0xdb, 0xbc, 0x3c, 0x58, 0xd4, 0xab, 0xb6, 0x66, 0xf6, 0x3a, 0x1c, 0xed,
-	0x13, 0x5e, 0xb9, 0x75, 0x9f, 0xc0, 0x50, 0x54, 0x56, 0xca, 0x78, 0x47, 0xa3, 0xbc, 0xb7, 0x29,
+	0x39, 0x37, 0x70, 0x35, 0x14, 0x9d, 0xc3, 0x38, 0xae, 0xb5, 0x97, 0x1a, 0xfa, 0xd6, 0xec, 0x4e,
-	0x57, 0x99, 0xea, 0xcc, 0xc2, 0x35, 0xe3, 0x47, 0x7d, 0xd8, 0x5e, 0xaa, 0x46, 0x72, 0x1f, 0xeb,
+	0x2b, 0x5c, 0xbd, 0x17, 0xe7, 0x06, 0x6e, 0x00, 0xa0, 0x63, 0xd8, 0x26, 0x65, 0xa5, 0xd5, 0x07,
-	0x6f, 0xc3, 0x63, 0xf5, 0xbd, 0xf9, 0x19, 0x00, 0x59, 0xb7, 0x59, 0x36, 0x1c, 0xfb, 0x55, 0xf8,
+	0xe2, 0x55, 0xd5, 0xd6, 0x2e, 0x92, 0x59, 0x25, 0x46, 0x82, 0xf0, 0x72, 0x13, 0x4e, 0x06, 0x6d,
-	0x72, 0x0f, 0xe2, 0x92, 0xb6, 0x7b, 0x02, 0x43, 0x8f, 0x86, 0xa7, 0xab, 0x98, 0x3e, 0x61, 0x69,
+	0x20, 0x95, 0x3e, 0xd5, 0xe9, 0x95, 0x1b, 0xf7, 0x21, 0x8c, 0x78, 0x65, 0x66, 0x4d, 0x36, 0x15,
-	0x4a, 0xce, 0x18, 0x7a, 0x00, 0x7d, 0xba, 0x86, 0x52, 0x4c, 0x27, 0x55, 0x28, 0xa5, 0x5b, 0x81,
+	0xca, 0xbb, 0xeb, 0x6a, 0x95, 0xba, 0xce, 0x0d, 0x5c, 0x0b, 0x7e, 0x30, 0x48, 0xe7, 0x81, 0x7d,
-	0xcb, 0xd5, 0xdd, 0xe7, 0xf0, 0x7a, 0xcb, 0xbb, 0xa6, 0xe7, 0xfb, 0x66, 0xcb, 0xa5, 0x19, 0xe6,
+	0xaa, 0xbe, 0xd7, 0x27, 0xf2, 0xcb, 0x7e, 0x0f, 0x80, 0xe4, 0x6d, 0x96, 0x3e, 0x8d, 0x9d, 0x2a,
-	0xb8, 0x16, 0xfd, 0xfa, 0x7d, 0x66, 0xe1, 0x92, 0x76, 0x11, 0xee, 0x0c, 0xf6, 0x2a, 0x7a, 0xe8,
+	0x7c, 0xb9, 0x07, 0x71, 0xc9, 0xdb, 0x3e, 0x83, 0x91, 0x43, 0xfd, 0xf3, 0x55, 0x48, 0x1f, 0xb2,
-	0x53, 0xb5, 0x1d, 0x73, 0x48, 0x15, 0x71, 0x79, 0xc7, 0x34, 0x7f, 0xdb, 0xe0, 0x5c, 0xfb, 0xde,
+	0x24, 0x21, 0x17, 0x0c, 0x1d, 0xc2, 0x80, 0xe6, 0x50, 0x66, 0xb3, 0xe7, 0xa5, 0x6f, 0x05, 0x2e,
-	0x37, 0x80, 0x9a, 0x2b, 0x08, 0xed, 0x40, 0xf7, 0x5b, 0x1e, 0xb3, 0x91, 0x85, 0x06, 0xb0, 0xfd,
+	0x73, 0xb7, 0x1f, 0xab, 0x89, 0x54, 0x3f, 0x57, 0xf4, 0x5c, 0x57, 0x8f, 0xd1, 0x24, 0xc5, 0x9c,
-	0xdd, 0xab, 0x98, 0x89, 0x91, 0xad, 0x8e, 0x9e, 0x1f, 0x05, 0xf1, 0xa8, 0x83, 0x00, 0x7a, 0xcf,
+	0xd4, 0xb2, 0xcf, 0xcf, 0xe7, 0x06, 0x2e, 0x79, 0x17, 0xe9, 0xce, 0x61, 0xbb, 0xe2, 0x87, 0x3e,
-	0x44, 0x20, 0x99, 0x18, 0x6d, 0xa9, 0xb3, 0x2a, 0x3a, 0x13, 0xa3, 0xee, 0xa3, 0x87, 0x7f, 0x5c,
+	0x81, 0x01, 0xcf, 0x21, 0x65, 0xc6, 0xe5, 0x09, 0xd3, 0xfc, 0xf5, 0x85, 0x33, 0xef, 0xbb, 0x5f,
-	0x4e, 0xec, 0x8b, 0xcb, 0x89, 0xfd, 0xcf, 0xe5, 0xc4, 0xfe, 0xf5, 0x6a, 0x62, 0x5d, 0x5c, 0x4d,
+	0x01, 0x6a, 0x0e, 0x20, 0xb4, 0x09, 0xbd, 0xaf, 0xa3, 0x90, 0x8d, 0x0d, 0x34, 0x84, 0x8d, 0x6f,
-	0xac, 0xbf, 0xae, 0x26, 0xd6, 0xf3, 0x3b, 0xff, 0xe9, 0xe7, 0xe4, 0x8b, 0x9e, 0xfe, 0xf8, 0xf8,
+	0x5e, 0x84, 0x8c, 0x8f, 0x4d, 0xb9, 0x74, 0xdc, 0xc0, 0x0b, 0xc7, 0x1d, 0x04, 0xd0, 0x7f, 0xc4,
-	0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7b, 0xb3, 0x39, 0x6c, 0x7e, 0x0a, 0x00, 0x00,
+	0x3d, 0xc1, 0xf8, 0xb8, 0x2b, 0xd7, 0x52, 0x74, 0xc6, 0xc7, 0xbd, 0x07, 0xf7, 0x7f, 0xbf, 0x9a,
+	0x9a, 0x2f, 0xaf, 0xa6, 0xe6, 0x3f, 0x57, 0x53, 0xf3, 0x97, 0xeb, 0xa9, 0xf1, 0xf2, 0x7a, 0x6a,
+	0xfc, 0x75, 0x3d, 0x35, 0x1e, 0xdf, 0xf9, 0x4f, 0x3f, 0x78, 0x9f, 0xf4, 0xd5, 0x9f, 0x8f, 0xfe,
+	0x0d, 0x00, 0x00, 0xff, 0xff, 0xf9, 0x8e, 0x57, 0x42, 0x20, 0x0b, 0x00, 0x00,
 }
 
 func (m *RawAclRecord) Marshal() (dAtA []byte, err error) {
@@ -1611,6 +1623,11 @@ func (m *AclAccountRequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error)
 	_ = i
 	var l int
 	_ = l
+	if m.Permissions != 0 {
+		i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions))
+		i--
+		dAtA[i] = 0x20
+	}
 	if len(m.EncryptedReadKeys) > 0 {
 		i -= len(m.EncryptedReadKeys)
 		copy(dAtA[i:], m.EncryptedReadKeys)
@@ -1715,11 +1732,23 @@ func (m *AclReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
-	if len(m.ReadKey) > 0 {
+	if len(m.ReadKeys) > 0 {
-		for iNdEx := len(m.ReadKey) - 1; iNdEx >= 0; iNdEx-- {
+		for k := range m.ReadKeys {
-			i -= len(m.ReadKey[iNdEx])
+			v := m.ReadKeys[k]
-			copy(dAtA[i:], m.ReadKey[iNdEx])
+			baseI := i
-			i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKey[iNdEx])))
+			if len(v) > 0 {
+				i -= len(v)
+				copy(dAtA[i:], v)
+				i = encodeVarintAclrecord(dAtA, i, uint64(len(v)))
+				i--
+				dAtA[i] = 0x12
+			}
+			i -= len(k)
+			copy(dAtA[i:], k)
+			i = encodeVarintAclrecord(dAtA, i, uint64(len(k)))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintAclrecord(dAtA, i, uint64(baseI-i))
 			i--
 			dAtA[i] = 0xa
 		}
@@ -1727,7 +1756,7 @@ func (m *AclReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *AclEncryptedReadKeys) Marshal() (dAtA []byte, err error) {
+func (m *AclEncryptedReadKey) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -1737,20 +1766,20 @@ func (m *AclEncryptedReadKeys) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *AclEncryptedReadKeys) MarshalTo(dAtA []byte) (int, error) {
+func (m *AclEncryptedReadKey) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *AclEncryptedReadKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *AclEncryptedReadKey) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	if len(m.EncryptedReadKeys) > 0 {
+	if len(m.EncryptedReadKey) > 0 {
-		i -= len(m.EncryptedReadKeys)
+		i -= len(m.EncryptedReadKey)
-		copy(dAtA[i:], m.EncryptedReadKeys)
+		copy(dAtA[i:], m.EncryptedReadKey)
-		i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys)))
+		i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey)))
 		i--
 		dAtA[i] = 0x12
 	}
@@ -2407,6 +2436,9 @@ func (m *AclAccountRequestAccept) Size() (n int) {
 	if l > 0 {
 		n += 1 + l + sovAclrecord(uint64(l))
 	}
+	if m.Permissions != 0 {
+		n += 1 + sovAclrecord(uint64(m.Permissions))
+	}
 	return n
 }
 
@@ -2442,16 +2474,22 @@ func (m *AclReadKeys) Size() (n int) {
 	}
 	var l int
 	_ = l
-	if len(m.ReadKey) > 0 {
+	if len(m.ReadKeys) > 0 {
-		for _, b := range m.ReadKey {
+		for k, v := range m.ReadKeys {
-			l = len(b)
+			_ = k
-			n += 1 + l + sovAclrecord(uint64(l))
+			_ = v
+			l = 0
+			if len(v) > 0 {
+				l = 1 + len(v) + sovAclrecord(uint64(len(v)))
+			}
+			mapEntrySize := 1 + len(k) + sovAclrecord(uint64(len(k))) + l
+			n += mapEntrySize + 1 + sovAclrecord(uint64(mapEntrySize))
 		}
 	}
 	return n
 }
 
-func (m *AclEncryptedReadKeys) Size() (n int) {
+func (m *AclEncryptedReadKey) Size() (n int) {
 	if m == nil {
 		return 0
 	}
@@ -2461,7 +2499,7 @@ func (m *AclEncryptedReadKeys) Size() (n int) {
 	if l > 0 {
 		n += 1 + l + sovAclrecord(uint64(l))
 	}
-	l = len(m.EncryptedReadKeys)
+	l = len(m.EncryptedReadKey)
 	if l > 0 {
 		n += 1 + l + sovAclrecord(uint64(l))
 	}
@@ -3804,6 +3842,25 @@ func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error {
 				m.EncryptedReadKeys = []byte{}
 			}
 			iNdEx = postIndex
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType)
+			}
+			m.Permissions = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowAclrecord
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Permissions |= AclUserPermissions(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
 		default:
 			iNdEx = preIndex
 			skippy, err := skipAclrecord(dAtA[iNdEx:])
@@ -4020,9 +4077,9 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error {
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ReadKey", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ReadKeys", wireType)
 			}
-			var byteLen int
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowAclrecord
@@ -4032,23 +4089,119 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				byteLen |= int(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if byteLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthAclrecord
 			}
-			postIndex := iNdEx + byteLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthAclrecord
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.ReadKey = append(m.ReadKey, make([]byte, postIndex-iNdEx))
+			if m.ReadKeys == nil {
-			copy(m.ReadKey[len(m.ReadKey)-1], dAtA[iNdEx:postIndex])
+				m.ReadKeys = make(map[string][]byte)
+			}
+			var mapkey string
+			mapvalue := []byte{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowAclrecord
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowAclrecord
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthAclrecord
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthAclrecord
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapbyteLen uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowAclrecord
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapbyteLen |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intMapbyteLen := int(mapbyteLen)
+					if intMapbyteLen < 0 {
+						return ErrInvalidLengthAclrecord
+					}
+					postbytesIndex := iNdEx + intMapbyteLen
+					if postbytesIndex < 0 {
+						return ErrInvalidLengthAclrecord
+					}
+					if postbytesIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = make([]byte, mapbyteLen)
+					copy(mapvalue, dAtA[iNdEx:postbytesIndex])
+					iNdEx = postbytesIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipAclrecord(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthAclrecord
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.ReadKeys[mapkey] = mapvalue
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -4071,7 +4224,7 @@ func (m *AclReadKeys) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error {
+func (m *AclEncryptedReadKey) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4094,10 +4247,10 @@ func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: AclEncryptedReadKeys: wiretype end group for non-group")
+			return fmt.Errorf("proto: AclEncryptedReadKey: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: AclEncryptedReadKeys: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: AclEncryptedReadKey: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
@@ -4136,7 +4289,7 @@ func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error {
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType)
 			}
 			var byteLen int
 			for shift := uint(0); ; shift += 7 {
@@ -4163,9 +4316,9 @@ func (m *AclEncryptedReadKeys) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.EncryptedReadKeys = append(m.EncryptedReadKeys[:0], dAtA[iNdEx:postIndex]...)
+			m.EncryptedReadKey = append(m.EncryptedReadKey[:0], dAtA[iNdEx:postIndex]...)
-			if m.EncryptedReadKeys == nil {
+			if m.EncryptedReadKey == nil {
-				m.EncryptedReadKeys = []byte{}
+				m.EncryptedReadKey = []byte{}
 			}
 			iNdEx = postIndex
 		default:
@@ -4350,7 +4503,7 @@ func (m *AclReadKeyChange) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKeys{})
+			m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKey{})
 			if err := m.AccountKeys[len(m.AccountKeys)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
@@ -4468,7 +4621,7 @@ func (m *AclAccountRemove) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKeys{})
+			m.AccountKeys = append(m.AccountKeys, &AclEncryptedReadKey{})
 			if err := m.AccountKeys[len(m.AccountKeys)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}

commonspace/object/acl/aclrecordproto/protos/aclrecord.proto

@@ -52,6 +52,7 @@ message AclAccountRequestAccept {
     bytes identity = 1;
     string requestRecordId = 2;
     bytes encryptedReadKeys = 3;
+    AclUserPermissions permissions = 4;
 }
 
 // AclAccountRequestDecline contains the reference to join record
@@ -66,13 +67,13 @@ message AclAccountInviteRevoke {
 
 // AclReadKeys are all read keys in Acl
 message AclReadKeys {
-    repeated bytes readKey = 1;
+    map<string,bytes> readKeys = 1;
 }
 
-// AclEncryptedReadKeys are all keys for specific identity
+// AclEncryptedReadKeys are new key for specific identity
-message AclEncryptedReadKeys {
+message AclEncryptedReadKey {
     bytes identity = 1;
-    bytes encryptedReadKeys = 2;
+    bytes encryptedReadKey = 2;
 }
 
 // AclAccountPermissionChange changes permissions of specific account
@@ -83,13 +84,13 @@ message AclAccountPermissionChange {
 
 // AclReadKeyChange changes the key for a space
 message AclReadKeyChange {
-    repeated AclEncryptedReadKeys accountKeys = 1;
+    repeated AclEncryptedReadKey accountKeys = 1;
 }
 
 // AclAccountRemove removes an account and changes read key for space
 message AclAccountRemove {
     bytes identity = 1;
-    repeated AclEncryptedReadKeys accountKeys = 2;
+    repeated AclEncryptedReadKey accountKeys = 2;
 }
 
 // AclContentValue contains possible values for Acl

commonspace/object/acl/list/aclrecordbuilder.go

@@ -1,11 +1,12 @@
 package list
 
 import (
+	"time"
+
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
 	"github.com/anyproto/any-sync/util/cidutil"
 	"github.com/anyproto/any-sync/util/crypto"
 	"github.com/gogo/protobuf/proto"
-	"time"
 )
 
 type RootContent struct {
@@ -53,7 +54,6 @@ func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWi
 		}
 		rec = &AclRecord{
 			Id:        rawIdRecord.Id,
-			ReadKeyId: rawIdRecord.Id,
 			Timestamp: aclRoot.Timestamp,
 			Signature: rawRec.Signature,
 			Identity:  pubKey,
@@ -72,7 +72,6 @@ func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWi
 		rec = &AclRecord{
 			Id:        rawIdRecord.Id,
 			PrevId:    aclRecord.PrevId,
-			ReadKeyId: aclRecord.ReadKeyId,
 			Timestamp: aclRecord.Timestamp,
 			Data:      aclRecord.Data,
 			Signature: rawRec.Signature,

commonspace/object/acl/list/aclstate.go

@@ -2,7 +2,6 @@ package list
 
 import (
 	"errors"
-	"fmt"
 
 	"github.com/anyproto/any-sync/app/logger"
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
@@ -15,12 +14,9 @@ var log = logger.NewNamedSugared("common.commonspace.acllist")
 
 var (
 	ErrNoSuchAccount             = errors.New("no such account")
-	ErrIncorrectInviteKey        = errors.New("incorrect invite key")
+	ErrUnexpectedContentType     = errors.New("unexpected content type")
 	ErrIncorrectIdentity         = errors.New("incorrect identity")
 	ErrFailedToDecrypt           = errors.New("failed to decrypt key")
-	ErrUserRemoved               = errors.New("user was removed from the document")
-	ErrDocumentForbidden         = errors.New("your user was forbidden access to the document")
-	ErrUserAlreadyExists         = errors.New("user already exists")
 	ErrNoSuchRecord              = errors.New("no such record")
 	ErrNoSuchRequest             = errors.New("no such request")
 	ErrNoSuchInvite              = errors.New("no such invite")
@@ -51,12 +47,13 @@ type AclState struct {
 	totalReadKeys    int
 
 	lastRecordId     string
+	contentValidator ContentValidator
 }
 
 func newAclStateWithKeys(
 	id string,
 	key crypto.PrivKey) (*AclState, error) {
-	return &AclState{
+	st := &AclState{
 		id:             id,
 		key:            key,
 		pubKey:         key.GetPublic(),
@@ -65,18 +62,30 @@ func newAclStateWithKeys(
 		statesAtRecord: make(map[string][]AclUserState),
 		inviteKeys:     make(map[string]crypto.PubKey),
 		requestRecords: make(map[string]RequestRecord),
-	}, nil
+		keyStore:       crypto.NewKeyStorage(),
+	}
+	st.contentValidator = &contentValidator{
+		keyStore: st.keyStore,
+		aclState: st,
+	}
+	return st, nil
 }
 
 func newAclState(id string) *AclState {
-	return &AclState{
+	st := &AclState{
 		id:             id,
 		userReadKeys:   make(map[string]crypto.SymKey),
 		userStates:     make(map[string]AclUserState),
 		statesAtRecord: make(map[string][]AclUserState),
 		inviteKeys:     make(map[string]crypto.PubKey),
 		requestRecords: make(map[string]RequestRecord),
+		keyStore:       crypto.NewKeyStorage(),
 	}
+	st.contentValidator = &contentValidator{
+		keyStore: st.keyStore,
+		aclState: st,
+	}
+	return st
 }
 
 func (st *AclState) CurrentReadKeyId() string {
@@ -167,7 +176,7 @@ func (st *AclState) applyRoot(record *AclRecord) (err error) {
 		PubKey:      record.Identity,
 		Permissions: AclPermissions(aclrecordproto.AclUserPermissions_Admin),
 	}
-	st.currentReadKeyId = record.ReadKeyId
+	st.currentReadKeyId = record.Id
 	st.userStates[mapKeyFromPubKey(record.Identity)] = userState
 	st.totalReadKeys++
 	return
@@ -196,76 +205,162 @@ func (st *AclState) saveReadKeyFromRoot(record *AclRecord) (err error) {
 
 func (st *AclState) applyChangeData(record *AclRecord) (err error) {
 	model := record.Model.(*aclrecordproto.AclData)
-	if !st.isUserJoin(model) && !st.Permissions(record.Identity).CanManageAccounts() {
-		return ErrInsufficientPermissions
-	}
 	for _, ch := range model.GetAclContent() {
-		if err = st.applyChangeContent(ch, record.Id); err != nil {
+		if err = st.applyChangeContent(ch, record.Id, record.Identity); err != nil {
 			log.Info("error while applying changes: %v; ignore", zap.Error(err))
 			return err
 		}
 	}
-	if record.ReadKeyId != st.currentReadKeyId {
-		st.totalReadKeys++
-		st.currentReadKeyId = record.ReadKeyId
-	}
 	return nil
 }
 
-func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recordId string) error {
+func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recordId string, authorIdentity crypto.PubKey) error {
 	switch {
 	case ch.GetPermissionChange() != nil:
-		return st.applyPermissionChange(ch.GetPermissionChange(), recordId)
+		return st.applyPermissionChange(ch.GetPermissionChange(), recordId, authorIdentity)
 	case ch.GetInvite() != nil:
-		return st.applyInvite(ch.GetInvite(), recordId)
+		return st.applyInvite(ch.GetInvite(), recordId, authorIdentity)
 	case ch.GetInviteRevoke() != nil:
-		return st.applyUserRemove(ch.GetUserRemove(), recordId)
+		return st.applyInviteRevoke(ch.GetInviteRevoke(), recordId, authorIdentity)
-	case ch.GetUserInvite() != nil:
+	case ch.GetRequestJoin() != nil:
-		return st.applyUserInvite(ch.GetUserInvite(), recordId)
+		return st.applyRequestJoin(ch.GetRequestJoin(), recordId, authorIdentity)
-	case ch.GetUserJoin() != nil:
+	case ch.GetRequestAccept() != nil:
-		return st.applyUserJoin(ch.GetUserJoin(), recordId)
+		return st.applyRequestAccept(ch.GetRequestAccept(), recordId, authorIdentity)
+	case ch.GetRequestDecline() != nil:
+		return st.applyRequestDecline(ch.GetRequestDecline(), recordId, authorIdentity)
+	case ch.GetAccountRemove() != nil:
+		return st.applyAccountRemove(ch.GetAccountRemove(), recordId, authorIdentity)
+	case ch.GetReadKeyChange() != nil:
+		return st.applyReadKeyChange(ch.GetReadKeyChange(), recordId, authorIdentity)
 	default:
-		return fmt.Errorf("unexpected change type: %v", ch)
+		return ErrUnexpectedContentType
 	}
 }
 
-func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissionChange, recordId string) error {
+func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissionChange, recordId string, authorIdentity crypto.PubKey) error {
 	chIdentity, err := st.keyStore.PubKeyFromProto(ch.Identity)
 	if err != nil {
 		return err
 	}
-	state, exists := st.userStates[mapKeyFromPubKey(chIdentity)]
+	err = st.contentValidator.ValidatePermissionChange(ch, recordId, authorIdentity)
-	if !exists {
+	if err != nil {
-		return ErrNoSuchAccount
+		return err
 	}
+	stringKey := mapKeyFromPubKey(chIdentity)
+	state, _ := st.userStates[stringKey]
 	state.Permissions = AclPermissions(ch.Permissions)
+	st.userStates[stringKey] = state
 	return nil
 }
 
-func (st *AclState) applyInvite(ch *aclrecordproto.AclAccountInvite, recordId string) error {
+func (st *AclState) applyInvite(ch *aclrecordproto.AclAccountInvite, recordId string, authorIdentity crypto.PubKey) error {
 	inviteKey, err := st.keyStore.PubKeyFromProto(ch.InviteKey)
 	if err != nil {
 		return err
 	}
+	err = st.contentValidator.ValidateInvite(ch, recordId, authorIdentity)
+	if err != nil {
+		return err
+	}
 	st.inviteKeys[recordId] = inviteKey
 	return nil
 }
 
-func (st *AclState) applyInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, recordId string) error {
+func (st *AclState) applyInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, recordId string, authorIdentity crypto.PubKey) error {
-
+	err := st.contentValidator.ValidateInviteRevoke(ch, recordId, authorIdentity)
+	if err != nil {
+		return err
+	}
 	delete(st.inviteKeys, ch.InviteRecordId)
 	return nil
 }
 
-func (st *AclState) applyUserJoin(ch *aclrecordproto.AclUserJoin, recordId string) error {
+func (st *AclState) applyRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, recordId string, authorIdentity crypto.PubKey) error {
+	err := st.contentValidator.ValidateRequestJoin(ch, recordId, authorIdentity)
+	if err != nil {
+		return err
+	}
+	st.requestRecords[recordId] = RequestRecord{
+		RequestIdentity: authorIdentity,
+		RequestMetadata: ch.Metadata,
+	}
 	return nil
 }
 
-func (st *AclState) applyUserAdd(ch *aclrecordproto.AclUserAdd, recordId string) error {
+func (st *AclState) applyRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, recordId string, authorIdentity crypto.PubKey) error {
+	err := st.contentValidator.ValidateRequestAccept(ch, recordId, authorIdentity)
+	if err != nil {
+		return err
+	}
+	acceptIdentity, err := st.keyStore.PubKeyFromProto(ch.Identity)
+	if err != nil {
+		return err
+	}
+	record, _ := st.requestRecords[ch.RequestRecordId]
+	st.userStates[mapKeyFromPubKey(acceptIdentity)] = AclUserState{
+		PubKey:          acceptIdentity,
+		Permissions:     AclPermissions(ch.Permissions),
+		RequestMetadata: record.RequestMetadata,
+	}
+	if !st.pubKey.Equals(acceptIdentity) {
+		return nil
+	}
+	res, err := st.key.Decrypt(ch.EncryptedReadKeys)
+	if err != nil {
+		return err
+	}
+	keys := &aclrecordproto.AclReadKeys{}
+	err = proto.Unmarshal(res, keys)
+	if err != nil {
+		return err
+	}
+	for recordId, key := range keys.ReadKeys {
+		sym, err := crypto.UnmarshallAESKey(key)
+		if err != nil {
+			return err
+		}
+		st.userReadKeys[recordId] = sym
+	}
 	return nil
 }
 
-func (st *AclState) applyUserRemove(ch *aclrecordproto.AclUserRemove, recordId string) error {
+func (st *AclState) applyRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, recordId string, authorIdentity crypto.PubKey) error {
+	err := st.contentValidator.ValidateRequestDecline(ch, recordId, authorIdentity)
+	if err != nil {
+		return err
+	}
+	delete(st.requestRecords, ch.RequestRecordId)
+	return nil
+}
+
+func (st *AclState) applyAccountRemove(ch *aclrecordproto.AclAccountRemove, recordId string, authorIdentity crypto.PubKey) error {
+	err := st.contentValidator.ValidateRemove(ch, recordId, authorIdentity)
+	if err != nil {
+		return err
+	}
+	return st.updateReadKey(ch.AccountKeys, recordId)
+}
+
+func (st *AclState) applyReadKeyChange(ch *aclrecordproto.AclReadKeyChange, recordId string, authorIdentity crypto.PubKey) error {
+	err := st.contentValidator.ValidateReadKeyChange(ch, recordId, authorIdentity)
+	if err != nil {
+		return err
+	}
+	return st.updateReadKey(ch.AccountKeys, recordId)
+}
+
+func (st *AclState) updateReadKey(keys []*aclrecordproto.AclEncryptedReadKey, recordId string) error {
+	for _, accKey := range keys {
+		identity, _ := st.keyStore.PubKeyFromProto(accKey.Identity)
+		if st.pubKey.Equals(identity) {
+			res, err := st.decryptReadKey(accKey.EncryptedReadKey)
+			if err != nil {
+				return err
+			}
+			st.userReadKeys[recordId] = res
+		}
+	}
+	st.currentReadKeyId = recordId
 	return nil
 }
 
@@ -274,7 +369,6 @@ func (st *AclState) decryptReadKey(msg []byte) (crypto.SymKey, error) {
 	if err != nil {
 		return nil, ErrFailedToDecrypt
 	}
-
 	key, err := crypto.UnmarshallAESKey(decrypted)
 	if err != nil {
 		return nil, ErrFailedToDecrypt
@@ -290,19 +384,10 @@ func (st *AclState) Permissions(identity crypto.PubKey) AclPermissions {
 	return state.Permissions
 }
 
-func (st *AclState) isUserJoin(data *aclrecordproto.AclData) bool {
-	// if we have a UserJoin, then it should always be the first one applied
-	return data.GetAclContent() != nil && data.GetAclContent()[0].GetUserJoin() != nil
-}
-
 func (st *AclState) UserStates() map[string]AclUserState {
 	return st.userStates
 }
 
-func (st *AclState) Invite(acceptPubKey []byte) (invite *aclrecordproto.AclUserInvite, err error) {
-	return
-}
-
 func (st *AclState) LastRecordId() string {
 	return st.lastRecordId
 }

commonspace/object/acl/list/models.go

@@ -8,7 +8,6 @@ import (
 type AclRecord struct {
 	Id        string
 	PrevId    string
-	ReadKeyId string
 	Timestamp int64
 	Data      []byte
 	Identity  crypto.PubKey
@@ -24,6 +23,7 @@ type RequestRecord struct {
 type AclUserState struct {
 	PubKey          crypto.PubKey
 	Permissions     AclPermissions
+	RequestMetadata []byte
 }
 
 type AclPermissions aclrecordproto.AclUserPermissions

commonspace/object/acl/list/validator.go

@@ -96,6 +96,9 @@ func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRe
 	if !acceptIdentity.Equals(record.RequestIdentity) {
 		return ErrIncorrectIdentity
 	}
+	if ch.Permissions == aclrecordproto.AclUserPermissions_Owner {
+		return ErrInsufficientPermissions
+	}
 	return
 }
 
@@ -129,7 +132,7 @@ func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyCh
 	return c.validateAccountReadKeys(ch.AccountKeys)
 }
 
-func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKeys) (err error) {
+func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKey) (err error) {
 	if len(accountKeys) != len(c.aclState.userStates) {
 		return ErrIncorrectNumberOfAccounts
 	}