diff --git a/pkg/acl/list/list_test.go b/pkg/acl/list/list_test.go index 60804186..8ca208be 100644 --- a/pkg/acl/list/list_test.go +++ b/pkg/acl/list/list_test.go @@ -23,10 +23,11 @@ func TestAclList_ACLState_UserInviteAndJoin(t *testing.T) { idC := keychain.GetIdentity("C") // checking final state - assert.Equal(t, aclList.ACLState().GetUserStates()[idA].Permissions, aclpb.ACLChange_Admin) - assert.Equal(t, aclList.ACLState().GetUserStates()[idB].Permissions, aclpb.ACLChange_Writer) - assert.Equal(t, aclList.ACLState().GetUserStates()[idC].Permissions, aclpb.ACLChange_Reader) - assert.Equal(t, aclList.ACLState().CurrentReadKeyHash(), aclList.Head().Content.CurrentReadKeyHash) + assert.Equal(t, aclpb.ACLChange_Admin, aclList.ACLState().GetUserStates()[idA].Permissions) + assert.Equal(t, aclpb.ACLChange_Writer, aclList.ACLState().GetUserStates()[idB].Permissions) + assert.Equal(t, aclpb.ACLChange_Reader, aclList.ACLState().GetUserStates()[idC].Permissions) + assert.Equal(t, aclList.Head().Content.CurrentReadKeyHash, aclList.ACLState().CurrentReadKeyHash()) + var records []*Record aclList.Iterate(func(record *Record) (IsContinue bool) { records = append(records, record) @@ -35,12 +36,57 @@ func TestAclList_ACLState_UserInviteAndJoin(t *testing.T) { // checking permissions at specific records assert.Equal(t, 3, len(records)) + _, err = aclList.ACLState().PermissionsAtRecord(records[1].Id, idB) assert.Error(t, err, "B should have no permissions at record 1") + perm, err := aclList.ACLState().PermissionsAtRecord(records[2].Id, idB) assert.NoError(t, err, "should have no error with permissions of B in the record 2") - assert.Equal(t, perm, UserPermissionPair{ + assert.Equal(t, UserPermissionPair{ Identity: idB, Permission: aclpb.ACLChange_Writer, - }) + }, perm) +} + +func TestAclList_ACLState_UserJoinAndRemove(t *testing.T) { + st, err := acllistbuilder.NewListStorageWithTestName("userremoveexample.yml") + require.NoError(t, err, "building storage should not result in error") + + keychain := st.(*acllistbuilder.ACLListStorageBuilder).GetKeychain() + + aclList, err := BuildACLList(signingkey.NewEDPubKeyDecoder(), st) + require.NoError(t, err, "building acl list should be without error") + + idA := keychain.GetIdentity("A") + idB := keychain.GetIdentity("B") + idC := keychain.GetIdentity("C") + + // checking final state + assert.Equal(t, aclpb.ACLChange_Admin, aclList.ACLState().GetUserStates()[idA].Permissions) + assert.Equal(t, aclpb.ACLChange_Reader, aclList.ACLState().GetUserStates()[idC].Permissions) + assert.Equal(t, aclList.Head().Content.CurrentReadKeyHash, aclList.ACLState().CurrentReadKeyHash()) + + _, exists := aclList.ACLState().GetUserStates()[idB] + assert.Equal(t, false, exists) + + var records []*Record + aclList.Iterate(func(record *Record) (IsContinue bool) { + records = append(records, record) + return true + }) + + // checking permissions at specific records + assert.Equal(t, 4, len(records)) + + assert.NotEqual(t, records[2].Content.CurrentReadKeyHash, aclList.ACLState().CurrentReadKeyHash()) + + perm, err := aclList.ACLState().PermissionsAtRecord(records[2].Id, idB) + assert.NoError(t, err, "should have no error with permissions of B in the record 2") + assert.Equal(t, UserPermissionPair{ + Identity: idB, + Permission: aclpb.ACLChange_Writer, + }, perm) + + _, err = aclList.ACLState().PermissionsAtRecord(records[3].Id, idB) + assert.Error(t, err, "B should have no permissions at record 3, because user should be removed") } diff --git a/pkg/acl/testutils/yamltests/userremovebeforeexample.yml b/pkg/acl/testutils/yamltests/userremovebeforeexample.yml deleted file mode 100644 index 2cd58df4..00000000 --- a/pkg/acl/testutils/yamltests/userremovebeforeexample.yml +++ /dev/null @@ -1,109 +0,0 @@ -tree: - author: A -changes: - - id: A.1.1 - identity: A - aclSnapshot: - userStates: - - identity: A - encryptionKey: key.Enc.A - encryptedReadKeys: [key.Read.1] - permission: admin - - identity: B - encryptionKey: key.Enc.B - encryptedReadKeys: [key.Read.1] - permission: admin - snapshot: - text: "some text" - aclChanges: - - userAdd: - identity: A - permission: admin - encryptionKey: key.Enc.A - encryptedReadKeys: [key.Read.1] - - userAdd: - identity: B - permission: admin - encryptionKey: key.Enc.B - encryptedReadKeys: [key.Read.1] - changes: - - textAppend: - text: "some text" - readKey: key.Read.1 - - id: A.1.2 - identity: A - aclChanges: - - userRemove: - removedIdentity: B - newReadKey: key.Read.2 - identitiesLeft: [A, C] - readKey: key.Read.2 - - id: A.1.3 - identity: A - aclChanges: - - userAdd: - identity: E - permission: admin - encryptionKey: key.Enc.E - encryptedReadKeys: [key.Read.1, key.Read.2] - readKey: key.Read.2 - - id: B.1.1 - identity: B - aclChanges: - - userAdd: - identity: C - permission: admin - encryptionKey: key.Enc.C - encryptedReadKeys: [ key.Read.1 ] - readKey: key.Read.1 - - id: B.1.2 - identity: B - aclChanges: - - userAdd: - identity: D - permission: admin - encryptionKey: key.Enc.D - encryptedReadKeys: [ key.Read.1 ] - readKey: key.Read.1 -keys: - Enc: - - A - - B - - C - - D - - E - Sign: - - A - - B - - C - - D - - E - Read: - - 1 - - 2 -graph: - - id: A.1.1 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - - id: A.1.2 - baseSnapshot: A.1.1 - aclHeads: [B.1.1] - treeHeads: [B.1.1] - - id: B.1.1 - baseSnapshot: A.1.1 - aclHeads: [A.1.1] - treeHeads: [A.1.1] - - id: B.1.2 - baseSnapshot: A.1.1 - aclHeads: [B.1.1] - treeHeads: [B.1.1] - - id: A.1.3 - baseSnapshot: A.1.1 - aclHeads: [A.1.2] - treeHeads: [A.1.2] -orphans: - - "A.1.3" - - "B.1.2" -header: - firstChangeId: A.1.1 - isWorkspace: false diff --git a/pkg/acl/testutils/yamltests/userremoveexample.yml b/pkg/acl/testutils/yamltests/userremoveexample.yml index c3da9fe2..9d90468c 100644 --- a/pkg/acl/testutils/yamltests/userremoveexample.yml +++ b/pkg/acl/testutils/yamltests/userremoveexample.yml @@ -1,28 +1,13 @@ -tree: - author: A -changes: - - id: A.1.1 - identity: A - aclSnapshot: - userStates: - - identity: A - encryptionKey: key.Enc.A - encryptedReadKeys: [key.Read.1] - permission: admin - snapshot: - text: "some text" +records: + - identity: A aclChanges: - userAdd: identity: A permission: admin encryptionKey: key.Enc.A encryptedReadKeys: [key.Read.1] - changes: - - textAppend: - text: "some text" readKey: key.Read.1 - - id: A.1.2 - identity: A + - identity: A aclChanges: - userInvite: acceptKey: key.Sign.Onetime1 @@ -30,23 +15,13 @@ changes: encryptedReadKeys: [key.Read.1] permissions: writer inviteId: A.1.2 + - userAdd: + identity: C + permission: reader + encryptionKey: key.Enc.C + encryptedReadKeys: [key.Read.1] readKey: key.Read.1 - - id: A.1.3 - identity: A - aclChanges: - - userRemove: - removedIdentity: B - newReadKey: key.Read.2 - identitiesLeft: [A] - readKey: key.Read.2 - - id: A.1.4 - identity: A - changes: - - textAppend: - text: "first" - readKey: key.Read.2 - - id: B.1.1 - identity: B + - identity: B aclChanges: - userJoin: identity: B @@ -55,56 +30,34 @@ changes: inviteId: A.1.2 encryptedReadKeys: [key.Read.1] readKey: key.Read.1 - - id: B.1.2 - identity: B - changes: - - textAppend: - text: "second" - readKey: key.Read.1 + - identity: A + aclChanges: + - userRemove: + removedIdentity: B + newReadKey: key.Read.2 + identitiesLeft: [A, C] + readKey: key.Read.2 keys: Enc: - - A - - B - - Onetime1 + - name: A + value: generated + - name: B + value: generated + - name: C + value: generated + - name: Onetime1 + value: generated Sign: - - A - - B - - Onetime1 + - name: A + value: generated + - name: B + value: generated + - name: C + value: generated + - name: Onetime1 + value: generated Read: - - 1 - - 2 -graph: - - id: A.1.1 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - - id: A.1.2 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - aclHeads: [A.1.1] - treeHeads: [A.1.1] - - id: B.1.1 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - aclHeads: [A.1.2] - treeHeads: [A.1.2] - - id: B.1.2 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - aclHeads: [B.1.1] - treeHeads: [B.1.1] - - id: A.1.3 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - aclHeads: [B.1.1] - treeHeads: [B.1.1] - - id: A.1.4 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - aclHeads: [A.1.3] - treeHeads: [A.1.3] -orphans: - - "A.1.4" - - "B.1.2" -header: - firstChangeId: A.1.1 - isWorkspace: false + - name: 1 + value: generated + - name: 2 + value: generated diff --git a/pkg/acl/testutils/yamltests/validsnapshotexample.yml b/pkg/acl/testutils/yamltests/validsnapshotexample.yml deleted file mode 100644 index c75cda0a..00000000 --- a/pkg/acl/testutils/yamltests/validsnapshotexample.yml +++ /dev/null @@ -1,133 +0,0 @@ -tree: - author: A -changes: - - id: A.1.1 - identity: A - aclSnapshot: - userStates: - - identity: A - encryptionKey: key.Enc.A - encryptedReadKeys: [key.Read.1] - permission: admin - - identity: B - encryptionKey: key.Enc.B - encryptedReadKeys: [key.Read.1] - permission: admin - snapshot: - text: "some text" - aclChanges: - - userAdd: - identity: A - permission: admin - encryptionKey: key.Enc.A - encryptedReadKeys: [key.Read.1] - - userAdd: - identity: B - permission: admin - encryptionKey: key.Enc.B - encryptedReadKeys: [key.Read.1] - readKey: key.Read.1 - changes: - - textAppend: - text: "some text" - - id: A.1.2 - identity: A - aclSnapshot: - userStates: - - identity: A - encryptionKey: key.Enc.A - encryptedReadKeys: [key.Read.1] - permission: admin - - identity: B - encryptionKey: key.Enc.B - encryptedReadKeys: [key.Read.1] - permission: admin - - identity: C - encryptionKey: key.Enc.C - encryptedReadKeys: [ key.Read.1 ] - permission: admin - - identity: D - encryptionKey: key.Enc.D - encryptedReadKeys: [ key.Read.1 ] - permission: admin - snapshot: - text: "some text" - aclChanges: - - userAdd: - identity: D - permission: admin - encryptionKey: key.Enc.D - encryptedReadKeys: [key.Read.1] - readKey: key.Read.1 - - id: A.1.3 - identity: A - aclChanges: - - userAdd: - identity: E - permission: admin - encryptionKey: key.Enc.E - encryptedReadKeys: [key.Read.1] - readKey: key.Read.1 - - id: B.1.1 - identity: B - aclChanges: - - userAdd: - identity: C - permission: admin - encryptionKey: key.Enc.C - encryptedReadKeys: [ key.Read.1 ] - readKey: key.Read.1 - - id: B.1.2 - identity: B - aclChanges: - - userAdd: - identity: F - permission: admin - encryptionKey: key.Enc.F - encryptedReadKeys: [ key.Read.1 ] - readKey: key.Read.1 -keys: - Enc: - - A - - B - - C - - D - - E - - F - Sign: - - A - - B - - C - - D - - E - - F - Read: - - 1 - - 2 -graph: - - id: A.1.1 - baseSnapshot: A.1.1 - aclSnapshot: A.1.1 - - id: A.1.2 - baseSnapshot: A.1.1 - aclHeads: [B.1.1] - treeHeads: [B.1.1] - - id: B.1.1 - baseSnapshot: A.1.1 - aclHeads: [A.1.1] - treeHeads: [A.1.1] - - id: B.1.2 - baseSnapshot: A.1.2 - aclHeads: [A.1.2] - treeHeads: [A.1.2] - - id: A.1.3 - baseSnapshot: A.1.2 - aclHeads: [A.1.2] - treeHeads: [A.1.2] -orphans: - - "A.1.3" - - "B.1.2" -header: - firstChangeId: A.1.1 - isWorkspace: false - diff --git a/service/sync/requesthandler/requesthandler.go b/service/sync/requesthandler/requesthandler.go index e4938554..2ccfb9aa 100644 --- a/service/sync/requesthandler/requesthandler.go +++ b/service/sync/requesthandler/requesthandler.go @@ -2,7 +2,6 @@ package requesthandler import ( "context" - "errors" "github.com/anytypeio/go-anytype-infrastructure-experiments/app" "github.com/anytypeio/go-anytype-infrastructure-experiments/app/logger" "github.com/anytypeio/go-anytype-infrastructure-experiments/pkg/acl/aclchanges/aclpb" @@ -24,8 +23,6 @@ type requestHandler struct { var log = logger.NewNamed("requesthandler") -var ErrIncorrectDocType = errors.New("incorrec doc type") - func New() app.Component { return &requestHandler{} }