benjamyn/any-sync
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add content validator

Browse Source
This commit is contained in:
mcrakhman 2023-06-23 14:50:09 +02:00
parent 1fada6f336
commit f9bab4d51d
No known key found for this signature in database
GPG Key ID: DED12CFEF5B8396B
5 changed files with 555 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

444
commonspace/object/acl/aclrecordproto/aclrecord.pb.go
View File

@ -383,6 +383,7 @@ type AclAccountRequestJoin struct {
InviteIdentity []byte `protobuf:"bytes,1,opt,name=inviteIdentity,proto3" json:"inviteIdentity,omitempty"`
InviteRecordId string `protobuf:"bytes,2,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"`
InviteIdentitySignature []byte `protobuf:"bytes,3,opt,name=inviteIdentitySignature,proto3" json:"inviteIdentitySignature,omitempty"`
Metadata []byte `protobuf:"bytes,4,opt,name=metadata,proto3" json:"metadata,omitempty"`
}
func (m *AclAccountRequestJoin) Reset() { *m = AclAccountRequestJoin{} }
@ -439,6 +440,13 @@ func (m *AclAccountRequestJoin) GetInviteIdentitySignature() []byte {
return nil
}
func (m *AclAccountRequestJoin) GetMetadata() []byte {
if m != nil {
return m.Metadata
}
return nil
}
// AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor
type AclAccountRequestAccept struct {
Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
@ -500,6 +508,51 @@ func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []byte {
return nil
}
// AclAccountRequestDecline contains the reference to join record
type AclAccountRequestDecline struct {
RequestRecordId string `protobuf:"bytes,1,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"`
}
func (m *AclAccountRequestDecline) Reset() { *m = AclAccountRequestDecline{} }
func (m *AclAccountRequestDecline) String() string { return proto.CompactTextString(m) }
func (*AclAccountRequestDecline) ProtoMessage() {}
func (*AclAccountRequestDecline) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{7}
}
func (m *AclAccountRequestDecline) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
}
func (m *AclAccountRequestDecline) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
if deterministic {
return xxx_messageInfo_AclAccountRequestDecline.Marshal(b, m, deterministic)
} else {
b = b[:cap(b)]
n, err := m.MarshalToSizedBuffer(b)
if err != nil {
return nil, err
}
return b[:n], nil
}
}
func (m *AclAccountRequestDecline) XXX_Merge(src proto.Message) {
xxx_messageInfo_AclAccountRequestDecline.Merge(m, src)
}
func (m *AclAccountRequestDecline) XXX_Size() int {
return m.Size()
}
func (m *AclAccountRequestDecline) XXX_DiscardUnknown() {
xxx_messageInfo_AclAccountRequestDecline.DiscardUnknown(m)
}
var xxx_messageInfo_AclAccountRequestDecline proto.InternalMessageInfo
func (m *AclAccountRequestDecline) GetRequestRecordId() string {
if m != nil {
return m.RequestRecordId
}
return ""
}
// AclAccountInviteRevoke revokes the invite record
type AclAccountInviteRevoke struct {
InviteRecordId string `protobuf:"bytes,1,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"`
@ -509,7 +562,7 @@ func (m *AclAccountInviteRevoke) Reset() { *m = AclAccountInviteRevoke{}
func (m *AclAccountInviteRevoke) String() string { return proto.CompactTextString(m) }
func (*AclAccountInviteRevoke) ProtoMessage() {}
func (*AclAccountInviteRevoke) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{7}
return fileDescriptor_c8e9f754f34e929b, []int{8}
}
func (m *AclAccountInviteRevoke) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -554,7 +607,7 @@ func (m *AclReadKeys) Reset() { *m = AclReadKeys{} }
func (m *AclReadKeys) String() string { return proto.CompactTextString(m) }
func (*AclReadKeys) ProtoMessage() {}
func (*AclReadKeys) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{8}
return fileDescriptor_c8e9f754f34e929b, []int{9}
}
func (m *AclReadKeys) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -600,7 +653,7 @@ func (m *AclEncryptedReadKeys) Reset() { *m = AclEncryptedReadKeys{} }
func (m *AclEncryptedReadKeys) String() string { return proto.CompactTextString(m) }
func (*AclEncryptedReadKeys) ProtoMessage() {}
func (*AclEncryptedReadKeys) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{9}
return fileDescriptor_c8e9f754f34e929b, []int{10}
}
func (m *AclEncryptedReadKeys) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -653,7 +706,7 @@ func (m *AclAccountPermissionChange) Reset() { *m = AclAccountPermission
func (m *AclAccountPermissionChange) String() string { return proto.CompactTextString(m) }
func (*AclAccountPermissionChange) ProtoMessage() {}
func (*AclAccountPermissionChange) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{10}
return fileDescriptor_c8e9f754f34e929b, []int{11}
}
func (m *AclAccountPermissionChange) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -705,7 +758,7 @@ func (m *AclReadKeyChange) Reset() { *m = AclReadKeyChange{} }
func (m *AclReadKeyChange) String() string { return proto.CompactTextString(m) }
func (*AclReadKeyChange) ProtoMessage() {}
func (*AclReadKeyChange) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{11}
return fileDescriptor_c8e9f754f34e929b, []int{12}
}
func (m *AclReadKeyChange) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -751,7 +804,7 @@ func (m *AclAccountRemove) Reset() { *m = AclAccountRemove{} }
func (m *AclAccountRemove) String() string { return proto.CompactTextString(m) }
func (*AclAccountRemove) ProtoMessage() {}
func (*AclAccountRemove) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{12}
return fileDescriptor_c8e9f754f34e929b, []int{13}
}
func (m *AclAccountRemove) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -805,6 +858,7 @@ type AclContentValue struct {
// *AclContentValue_PermissionChange
// *AclContentValue_AccountRemove
// *AclContentValue_ReadKeyChange
// *AclContentValue_RequestDecline
Value isAclContentValue_Value `protobuf_oneof:"value"`
}
@ -812,7 +866,7 @@ func (m *AclContentValue) Reset() { *m = AclContentValue{} }
func (m *AclContentValue) String() string { return proto.CompactTextString(m) }
func (*AclContentValue) ProtoMessage() {}
func (*AclContentValue) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{13}
return fileDescriptor_c8e9f754f34e929b, []int{14}
}
func (m *AclContentValue) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -868,6 +922,9 @@ type AclContentValue_AccountRemove struct {
type AclContentValue_ReadKeyChange struct {
ReadKeyChange *AclReadKeyChange `protobuf:"bytes,7,opt,name=readKeyChange,proto3,oneof" json:"readKeyChange,omitempty"`
}
type AclContentValue_RequestDecline struct {
RequestDecline *AclAccountRequestDecline `protobuf:"bytes,8,opt,name=requestDecline,proto3,oneof" json:"requestDecline,omitempty"`
}
func (*AclContentValue_Invite) isAclContentValue_Value() {}
func (*AclContentValue_InviteRevoke) isAclContentValue_Value() {}
@ -876,6 +933,7 @@ func (*AclContentValue_RequestAccept) isAclContentValue_Value() {}
func (*AclContentValue_PermissionChange) isAclContentValue_Value() {}
func (*AclContentValue_AccountRemove) isAclContentValue_Value() {}
func (*AclContentValue_ReadKeyChange) isAclContentValue_Value() {}
func (*AclContentValue_RequestDecline) isAclContentValue_Value() {}
func (m *AclContentValue) GetValue() isAclContentValue_Value {
if m != nil {
@ -933,6 +991,13 @@ func (m *AclContentValue) GetReadKeyChange() *AclReadKeyChange {
return nil
}
func (m *AclContentValue) GetRequestDecline() *AclAccountRequestDecline {
if x, ok := m.GetValue().(*AclContentValue_RequestDecline); ok {
return x.RequestDecline
}
return nil
}
// XXX_OneofWrappers is for the internal use of the proto package.
func (*AclContentValue) XXX_OneofWrappers() []interface{} {
return []interface{}{
@ -943,6 +1008,7 @@ func (*AclContentValue) XXX_OneofWrappers() []interface{} {
(*AclContentValue_PermissionChange)(nil),
(*AclContentValue_AccountRemove)(nil),
(*AclContentValue_ReadKeyChange)(nil),
(*AclContentValue_RequestDecline)(nil),
}
}
@ -955,7 +1021,7 @@ func (m *AclData) Reset() { *m = AclData{} }
func (m *AclData) String() string { return proto.CompactTextString(m) }
func (*AclData) ProtoMessage() {}
func (*AclData) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{14}
return fileDescriptor_c8e9f754f34e929b, []int{15}
}
func (m *AclData) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -999,7 +1065,7 @@ func (m *AclSyncMessage) Reset() { *m = AclSyncMessage{} }
func (m *AclSyncMessage) String() string { return proto.CompactTextString(m) }
func (*AclSyncMessage) ProtoMessage() {}
func (*AclSyncMessage) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{15}
return fileDescriptor_c8e9f754f34e929b, []int{16}
}
func (m *AclSyncMessage) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -1047,7 +1113,7 @@ func (m *AclSyncContentValue) Reset() { *m = AclSyncContentValue{} }
func (m *AclSyncContentValue) String() string { return proto.CompactTextString(m) }
func (*AclSyncContentValue) ProtoMessage() {}
func (*AclSyncContentValue) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{16}
return fileDescriptor_c8e9f754f34e929b, []int{17}
}
func (m *AclSyncContentValue) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -1117,7 +1183,7 @@ func (m *AclAddRecords) Reset() { *m = AclAddRecords{} }
func (m *AclAddRecords) String() string { return proto.CompactTextString(m) }
func (*AclAddRecords) ProtoMessage() {}
func (*AclAddRecords) Descriptor() ([]byte, []int) {
return fileDescriptor_c8e9f754f34e929b, []int{17}
return fileDescriptor_c8e9f754f34e929b, []int{18}
}
func (m *AclAddRecords) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -1162,6 +1228,7 @@ func init() {
proto.RegisterType((*AclAccountInvite)(nil), "aclrecord.AclAccountInvite")
proto.RegisterType((*AclAccountRequestJoin)(nil), "aclrecord.AclAccountRequestJoin")
proto.RegisterType((*AclAccountRequestAccept)(nil), "aclrecord.AclAccountRequestAccept")
proto.RegisterType((*AclAccountRequestDecline)(nil), "aclrecord.AclAccountRequestDecline")
proto.RegisterType((*AclAccountInviteRevoke)(nil), "aclrecord.AclAccountInviteRevoke")
proto.RegisterType((*AclReadKeys)(nil), "aclrecord.AclReadKeys")
proto.RegisterType((*AclEncryptedReadKeys)(nil), "aclrecord.AclEncryptedReadKeys")
@ -1180,64 +1247,67 @@ func init() {
}
var fileDescriptor_c8e9f754f34e929b = []byte{
// 912 bytes of a gzipped FileDescriptorProto
// 958 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45,
0x14, 0xde, 0x75, 0x1c, 0xbb, 0x3e, 0x9b, 0xa4, 0xcb, 0x00, 0xad, 0x15, 0x8a, 0x09, 0x23, 0x15,
0xaa, 0x0a, 0x35, 0xc8, 0x08, 0x51, 0x21, 0x44, 0xd9, 0xa6, 0x15, 0x76, 0xf8, 0xd5, 0x44, 0xa5,
0x52, 0xaf, 0x98, 0xce, 0x8e, 0xd2, 0x85, 0xdd, 0x9d, 0xcd, 0xec, 0xc4, 0x95, 0x9f, 0x01, 0x21,
0xf1, 0x08, 0xf0, 0x36, 0x5c, 0xf6, 0x06, 0x89, 0x4b, 0x94, 0xbc, 0x08, 0x9a, 0x99, 0x5d, 0xef,
0x9f, 0x63, 0x21, 0x2e, 0x12, 0xcf, 0x9c, 0xf9, 0xce, 0x77, 0xbe, 0xf3, 0x33, 0x63, 0xc3, 0x67,
0x4c, 0x24, 0x89, 0x48, 0xf3, 0x8c, 0x32, 0x7e, 0x28, 0x9e, 0xff, 0xc4, 0x99, 0x3a, 0xa4, 0x2c,
0xd6, 0x7f, 0x92, 0x33, 0x21, 0xc3, 0x4c, 0x0a, 0x25, 0x0e, 0xcd, 0xff, 0xbc, 0xb2, 0xde, 0x33,
0x06, 0x34, 0x5a, 0x19, 0xf0, 0xef, 0x2e, 0xec, 0x10, 0xfa, 0x32, 0x60, 0x31, 0x31, 0x06, 0x34,
0x86, 0x61, 0x46, 0x97, 0xb1, 0xa0, 0xe1, 0xd8, 0x3d, 0x70, 0xef, 0xec, 0x90, 0x72, 0x8b, 0x6e,
0xc1, 0x28, 0x8f, 0x4e, 0x53, 0xaa, 0xce, 0x25, 0x1f, 0xf7, 0xcc, 0x59, 0x65, 0x40, 0x77, 0xc1,
0xa7, 0x8c, 0xf1, 0x4c, 0x09, 0x39, 0x0f, 0x79, 0xaa, 0x22, 0xb5, 0x1c, 0x6f, 0x19, 0x50, 0xc7,
0x8e, 0x3e, 0x80, 0xd7, 0x4a, 0xdb, 0xc9, 0x8a, 0xb1, 0x6f, 0xc0, 0xdd, 0x03, 0xfc, 0x39, 0xa0,
0xba, 0xc2, 0xa7, 0x91, 0x7a, 0x31, 0xdf, 0xa4, 0x73, 0x0f, 0x7a, 0x51, 0x68, 0x04, 0x8e, 0x48,
0x2f, 0x0a, 0xf1, 0x19, 0x8c, 0xaa, 0xf4, 0x6e, 0xc0, 0x20, 0x93, 0x7c, 0x31, 0xb7, 0x5e, 0x23,
0x52, 0xec, 0xd0, 0x3e, 0x5c, 0x8b, 0x4a, 0xd9, 0x36, 0xb7, 0xd5, 0x1e, 0x21, 0xe8, 0x87, 0x54,
0xd1, 0x22, 0x1d, 0xb3, 0xd6, 0xc5, 0x50, 0x51, 0xc2, 0x73, 0x45, 0x93, 0xcc, 0x48, 0xdf, 0x22,
0x95, 0x01, 0xff, 0xe5, 0xc2, 0x50, 0xc7, 0x14, 0x42, 0x35, 0x98, 0xdd, 0x16, 0xf3, 0x2d, 0x18,
0x25, 0x34, 0x57, 0x5c, 0x7e, 0xc5, 0xcb, 0xb0, 0x95, 0x41, 0xa7, 0x68, 0x1a, 0x3c, 0x0f, 0x4d,
0xe8, 0x11, 0x29, 0xb7, 0xba, 0xd8, 0x3c, 0x65, 0x72, 0x99, 0x29, 0x1e, 0x12, 0x4e, 0x43, 0xed,
0x6e, 0xeb, 0xd7, 0xb1, 0x37, 0x95, 0x6e, 0xb7, 0x94, 0xea, 0x56, 0x94, 0x6a, 0xaa, 0x56, 0x0c,
0x6c, 0x2b, 0x3a, 0x07, 0xf8, 0x43, 0xf0, 0x03, 0x16, 0x07, 0x8c, 0x89, 0xf3, 0x54, 0xcd, 0xd3,
0x45, 0xa4, 0xb8, 0xe6, 0x8f, 0xcc, 0x4a, 0x8b, 0xb0, 0x09, 0x56, 0x06, 0xfc, 0x87, 0x0b, 0x6f,
0x56, 0x2e, 0x84, 0x9f, 0x9d, 0xf3, 0x5c, 0x1d, 0x8b, 0x28, 0x45, 0xef, 0xc1, 0x9e, 0x85, 0xcd,
0x9b, 0xd5, 0x69, 0x59, 0x2b, 0x9c, 0xed, 0xe0, 0xbc, 0x6c, 0x6d, 0xcb, 0x8a, 0xee, 0xc3, 0xcd,
0xa6, 0x67, 0x95, 0x8f, 0x6d, 0xdc, 0x55, 0xc7, 0xf8, 0x57, 0x17, 0x6e, 0x76, 0x34, 0x06, 0x66,
0x0e, 0x37, 0x76, 0xef, 0x0e, 0x5c, 0x97, 0x16, 0xdc, 0x92, 0xd6, 0x36, 0xeb, 0x2a, 0xb7, 0xfb,
0x92, 0x17, 0xaa, 0xba, 0x07, 0xf8, 0x0b, 0xb8, 0xd1, 0xae, 0x32, 0xe1, 0x0b, 0xf1, 0x33, 0x5f,
0x53, 0x0b, 0x77, 0x5d, 0x2d, 0xf0, 0xfb, 0xe0, 0x99, 0x91, 0xb7, 0x84, 0x7a, 0x90, 0x64, 0x31,
0x25, 0xee, 0xc1, 0x96, 0xbe, 0x2b, 0xc5, 0x16, 0xff, 0x08, 0x6f, 0x04, 0x2c, 0x7e, 0xdc, 0x96,
0xb0, 0x31, 0xed, 0xb5, 0xc9, 0xf4, 0xae, 0x4a, 0x66, 0x09, 0xfb, 0x55, 0x32, 0xdf, 0x73, 0x99,
0x44, 0x79, 0x1e, 0x89, 0xf4, 0xe8, 0x05, 0x4d, 0x4f, 0xf9, 0xc6, 0x38, 0x0f, 0xc0, 0xcb, 0x56,
0x78, 0x1b, 0x61, 0x6f, 0xfa, 0xf6, 0xbd, 0xea, 0x31, 0x0b, 0x58, 0xfc, 0x24, 0xe7, 0xb2, 0x22,
0xcd, 0x49, 0xdd, 0x03, 0x3f, 0x31, 0xd3, 0x5a, 0x28, 0x29, 0x02, 0x06, 0xe0, 0x51, 0xab, 0xc5,
0xc8, 0xd6, 0xe5, 0xf0, 0xa6, 0xef, 0x34, 0x49, 0x3b, 0xe5, 0x20, 0x75, 0x1f, 0x7c, 0x56, 0xbf,
0x04, 0x84, 0x27, 0x62, 0xb1, 0x39, 0x8f, 0x56, 0xc8, 0xde, 0xff, 0x08, 0xf9, 0x4b, 0x1f, 0xae,
0x07, 0x2c, 0x3e, 0x12, 0xa9, 0xe2, 0xa9, 0xfa, 0x81, 0xc6, 0xe7, 0x1c, 0x7d, 0x0c, 0x03, 0xdb,
0x75, 0x13, 0xd0, 0x9b, 0xbe, 0xd5, 0x64, 0x6c, 0x8c, 0xcf, 0xcc, 0x21, 0x05, 0x18, 0x7d, 0x09,
0x3b, 0x51, 0x6d, 0xa4, 0x4c, 0x59, 0xbd, 0xe9, 0xbb, 0x1b, 0x9c, 0x2d, 0x70, 0xe6, 0x90, 0x86,
0x23, 0x7a, 0x04, 0x9e, 0xac, 0xae, 0xb3, 0x99, 0x66, 0x6f, 0x7a, 0xb0, 0x96, 0xa7, 0x76, 0xed,
0x67, 0x0e, 0xa9, 0xbb, 0xa1, 0x63, 0xd8, 0x95, 0xf5, 0x0b, 0x67, 0x9e, 0x31, 0x6f, 0x8a, 0x37,
0xf1, 0x58, 0xe4, 0xcc, 0x21, 0x4d, 0x57, 0x74, 0x02, 0x7e, 0xd6, 0x1a, 0x30, 0xf3, 0xe0, 0x79,
0xd3, 0xdb, 0x6b, 0xe9, 0xda, 0xd3, 0x38, 0x73, 0x48, 0x87, 0x00, 0x1d, 0xc1, 0x2e, 0xad, 0xb7,
0xda, 0x3c, 0x8e, 0x57, 0x55, 0xdb, 0x42, 0xb4, 0xb2, 0x86, 0x8f, 0x26, 0x91, 0xf5, 0x31, 0x1c,
0x0f, 0xd7, 0x91, 0x34, 0x26, 0xd5, 0xa6, 0x57, 0x33, 0x3c, 0x1c, 0xc2, 0xf6, 0x42, 0x77, 0x1e,
0x3f, 0x36, 0x5f, 0x2e, 0x8f, 0xf4, 0xd7, 0xd0, 0xa7, 0x00, 0x74, 0x35, 0x17, 0xc5, 0x34, 0xef,
0x37, 0x59, 0xeb, 0x43, 0x43, 0x6a, 0x68, 0x7c, 0x0c, 0x7b, 0x01, 0x8b, 0x4f, 0x96, 0x29, 0xfb,
0x86, 0xe7, 0x39, 0x3d, 0xe5, 0xe8, 0x3e, 0x0c, 0xd9, 0x8a, 0x4a, 0x0b, 0x9c, 0x34, 0xa9, 0x34,
0xb6, 0x41, 0x57, 0xc2, 0xf1, 0x33, 0x78, 0x7d, 0xcd, 0xb9, 0x91, 0x17, 0x86, 0xf6, 0x59, 0xca,
0x0b, 0xce, 0x71, 0xab, 0x72, 0xab, 0xf3, 0x99, 0x43, 0x6a, 0xe8, 0x2a, 0xdd, 0x19, 0xec, 0x36,
0x70, 0xe8, 0x13, 0xfd, 0x9c, 0x95, 0x94, 0x3a, 0xe3, 0xfa, 0xa3, 0xd0, 0xfd, 0xa9, 0x40, 0x4a,
0xf4, 0xdd, 0xaf, 0x01, 0x75, 0xdf, 0x0c, 0x74, 0x0d, 0xfa, 0xdf, 0x8a, 0x94, 0xfb, 0x0e, 0x1a,
0xc1, 0xf6, 0x77, 0x2f, 0x53, 0x2e, 0x7d, 0x57, 0x2f, 0x83, 0x30, 0x89, 0x52, 0xbf, 0x87, 0x00,
0x06, 0x4f, 0x65, 0xa4, 0xb8, 0xf4, 0xb7, 0xf4, 0x5a, 0x77, 0x89, 0x4b, 0xbf, 0xff, 0xf0, 0xc1,
0x9f, 0x17, 0x13, 0xf7, 0xd5, 0xc5, 0xc4, 0xfd, 0xe7, 0x62, 0xe2, 0xfe, 0x76, 0x39, 0x71, 0x5e,
0x5d, 0x4e, 0x9c, 0xbf, 0x2f, 0x27, 0xce, 0xb3, 0xdb, 0xff, 0xe9, 0xd7, 0xd9, 0xf3, 0x81, 0xf9,
0xf8, 0xe8, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x51, 0x62, 0x48, 0x8d, 0xcd, 0x09, 0x00, 0x00,
0x14, 0xde, 0x75, 0x1c, 0x3b, 0x3e, 0x9b, 0xb8, 0x66, 0x80, 0xd6, 0x0a, 0xc5, 0x84, 0x45, 0x85,
0xaa, 0x42, 0x0d, 0x32, 0x42, 0x54, 0x08, 0x51, 0xb6, 0x49, 0x85, 0x1d, 0x28, 0xa0, 0x89, 0x4a,
0xa5, 0x5e, 0x31, 0x9d, 0x1d, 0xa5, 0x0b, 0xbb, 0x3b, 0x9b, 0xd9, 0xb1, 0x2b, 0x3f, 0x04, 0x12,
0x8f, 0xc0, 0x8b, 0x70, 0xcf, 0x65, 0x6e, 0x90, 0x10, 0x57, 0x28, 0x79, 0x11, 0x34, 0x33, 0xbb,
0xde, 0xdf, 0x58, 0x88, 0x8b, 0xc4, 0x33, 0x67, 0xce, 0xf9, 0xce, 0x77, 0x7e, 0x6d, 0xf8, 0x9c,
0xf2, 0x28, 0xe2, 0x71, 0x9a, 0x10, 0xca, 0x0e, 0xf9, 0x8b, 0x9f, 0x18, 0x95, 0x87, 0x84, 0x86,
0xea, 0x4f, 0x30, 0xca, 0x85, 0x9f, 0x08, 0x2e, 0xf9, 0xa1, 0xfe, 0x9f, 0x16, 0xd2, 0xfb, 0x5a,
0x80, 0x06, 0x6b, 0x81, 0xfb, 0x9b, 0x0d, 0xbb, 0x98, 0xbc, 0xf2, 0x68, 0x88, 0xb5, 0x00, 0x8d,
0xa1, 0x9f, 0x90, 0x55, 0xc8, 0x89, 0x3f, 0xb6, 0x0f, 0xec, 0xbb, 0xbb, 0x38, 0xbf, 0xa2, 0xdb,
0x30, 0x48, 0x83, 0xb3, 0x98, 0xc8, 0x85, 0x60, 0xe3, 0x8e, 0x7e, 0x2b, 0x04, 0xe8, 0x1e, 0x8c,
0x08, 0xa5, 0x2c, 0x91, 0x5c, 0xcc, 0x7d, 0x16, 0xcb, 0x40, 0xae, 0xc6, 0x5b, 0x5a, 0xa9, 0x21,
0x47, 0x1f, 0xc2, 0x6b, 0xb9, 0xec, 0x74, 0x8d, 0xd8, 0xd5, 0xca, 0xcd, 0x07, 0xf7, 0x0b, 0x40,
0x65, 0x86, 0xcf, 0x02, 0xf9, 0x72, 0xbe, 0x89, 0xe7, 0x10, 0x3a, 0x81, 0xaf, 0x09, 0x0e, 0x70,
0x27, 0xf0, 0xdd, 0x73, 0x18, 0x14, 0xe1, 0xdd, 0x84, 0x5e, 0x22, 0xd8, 0x72, 0x6e, 0xac, 0x06,
0x38, 0xbb, 0xa1, 0x7d, 0xd8, 0x09, 0x72, 0xda, 0x26, 0xb6, 0xf5, 0x1d, 0x21, 0xe8, 0xfa, 0x44,
0x92, 0x2c, 0x1c, 0x7d, 0x56, 0xc9, 0x90, 0x41, 0xc4, 0x52, 0x49, 0xa2, 0x44, 0x53, 0xdf, 0xc2,
0x85, 0xc0, 0xfd, 0xd3, 0x86, 0xbe, 0xf2, 0xc9, 0xb9, 0xac, 0x20, 0xdb, 0x35, 0xe4, 0xdb, 0x30,
0x88, 0x48, 0x2a, 0x99, 0xf8, 0x9a, 0xe5, 0x6e, 0x0b, 0x81, 0x0a, 0x51, 0x17, 0x78, 0xee, 0x6b,
0xd7, 0x03, 0x9c, 0x5f, 0x55, 0xb2, 0x59, 0x4c, 0xc5, 0x2a, 0x91, 0xcc, 0xc7, 0x8c, 0xf8, 0xca,
0xdc, 0xe4, 0xaf, 0x21, 0xaf, 0x32, 0xdd, 0xae, 0x31, 0x55, 0xa5, 0xc8, 0xd9, 0x14, 0xa5, 0xe8,
0x99, 0x52, 0x34, 0x1e, 0xdc, 0x8f, 0x60, 0xe4, 0xd1, 0xd0, 0xa3, 0x94, 0x2f, 0x62, 0x39, 0x8f,
0x97, 0x81, 0x64, 0x0a, 0x3f, 0xd0, 0x27, 0x45, 0xc2, 0x04, 0x58, 0x08, 0xdc, 0xdf, 0x6d, 0x78,
0xb3, 0x30, 0xc1, 0xec, 0x7c, 0xc1, 0x52, 0x79, 0xc2, 0x83, 0x18, 0xbd, 0x0f, 0x43, 0xa3, 0x36,
0xaf, 0x66, 0xa7, 0x26, 0x2d, 0xf4, 0x4c, 0x05, 0xe7, 0x79, 0x69, 0x6b, 0x52, 0xf4, 0x00, 0x6e,
0x55, 0x2d, 0x8b, 0x78, 0x4c, 0xe1, 0xae, 0x7b, 0x56, 0x15, 0x8a, 0x98, 0x24, 0xba, 0xc6, 0x26,
0x8b, 0xeb, 0xbb, 0xfb, 0x8b, 0x0d, 0xb7, 0x1a, 0xfc, 0x3d, 0xdd, 0xa3, 0x1b, 0x2b, 0x7b, 0x17,
0x6e, 0x08, 0xa3, 0x5c, 0xa3, 0x5d, 0x17, 0xab, 0x0a, 0xd4, 0x6b, 0x96, 0x66, 0x8c, 0x9b, 0x0f,
0xee, 0x31, 0x8c, 0x1b, 0x74, 0x8e, 0x19, 0x0d, 0x83, 0x98, 0xb5, 0xf9, 0xb4, 0x5b, 0x7d, 0xba,
0x5f, 0xc2, 0xcd, 0x7a, 0x1d, 0x31, 0x5b, 0xf2, 0x9f, 0x59, 0x4b, 0xb6, 0xed, 0xb6, 0x6c, 0xbb,
0x1f, 0x80, 0xa3, 0x87, 0xca, 0xd0, 0x52, 0xad, 0x2a, 0xb2, 0x3e, 0xb4, 0x0f, 0xb6, 0xd4, 0x34,
0x66, 0x57, 0xf7, 0x47, 0x78, 0xc3, 0xa3, 0xe1, 0xe3, 0x7a, 0x20, 0x1b, 0x93, 0xd7, 0x9a, 0x92,
0xce, 0x75, 0x29, 0x59, 0xc1, 0x7e, 0x11, 0xcc, 0xf7, 0x4c, 0x44, 0x41, 0x9a, 0x06, 0x3c, 0x3e,
0x7a, 0x49, 0xe2, 0x33, 0xb6, 0xd1, 0xcf, 0x43, 0x70, 0x92, 0xb5, 0xbe, 0xf1, 0x30, 0x9c, 0xbe,
0x7d, 0xbf, 0x58, 0x97, 0x1e, 0x0d, 0x9f, 0xa6, 0x4c, 0x14, 0xa0, 0x29, 0x2e, 0x5b, 0xb8, 0x4f,
0xf5, 0x3c, 0x64, 0x4c, 0x32, 0x87, 0x1e, 0x38, 0xc4, 0x70, 0xd1, 0xb4, 0x55, 0x3a, 0x9c, 0xe9,
0x3b, 0x55, 0xd0, 0x46, 0x3a, 0x70, 0xd9, 0xc6, 0x3d, 0x2f, 0x8f, 0x19, 0x66, 0x11, 0x5f, 0x6e,
0x8e, 0xa3, 0xe6, 0xb2, 0xf3, 0x3f, 0x5c, 0xfe, 0xdd, 0x85, 0x1b, 0x1e, 0x0d, 0x8f, 0x78, 0x2c,
0x59, 0x2c, 0x7f, 0x20, 0xe1, 0x82, 0xa1, 0x4f, 0xa0, 0x67, 0xaa, 0xae, 0x1d, 0x3a, 0xd3, 0xb7,
0xaa, 0x88, 0x95, 0xf6, 0x99, 0x59, 0x38, 0x53, 0x46, 0x5f, 0xc1, 0x6e, 0x50, 0x6a, 0x29, 0x9d,
0x56, 0x67, 0xfa, 0xee, 0x06, 0x63, 0xa3, 0x38, 0xb3, 0x70, 0xc5, 0x10, 0x1d, 0x83, 0x23, 0x8a,
0x85, 0xa1, 0x67, 0xc2, 0x99, 0x1e, 0xb4, 0xe2, 0x94, 0x16, 0xcb, 0xcc, 0xc2, 0x65, 0x33, 0x74,
0x02, 0x7b, 0xa2, 0x3c, 0xb6, 0x7a, 0xc4, 0x9d, 0xa9, 0xbb, 0x09, 0xc7, 0x68, 0xce, 0x2c, 0x5c,
0x35, 0x45, 0xa7, 0x30, 0x4a, 0x6a, 0x0d, 0xa6, 0x57, 0xaa, 0x33, 0xbd, 0xd3, 0x0a, 0x57, 0xef,
0xc6, 0x99, 0x85, 0x1b, 0x00, 0xe8, 0x08, 0xf6, 0x48, 0xb9, 0xd4, 0x7a, 0xfd, 0x5e, 0x97, 0x6d,
0xa3, 0xa2, 0x98, 0x55, 0x6c, 0x14, 0x88, 0x28, 0xb7, 0xe1, 0xb8, 0xdf, 0x06, 0x52, 0xe9, 0x54,
0x13, 0x5e, 0xb9, 0x75, 0x9f, 0xc0, 0x50, 0x54, 0x56, 0xca, 0x78, 0x47, 0xa3, 0xbc, 0xb7, 0x29,
0x57, 0x99, 0xea, 0xcc, 0xc2, 0x35, 0xe3, 0x47, 0x7d, 0xd8, 0x5e, 0xaa, 0x46, 0x72, 0x1f, 0xeb,
0x6f, 0xc3, 0x63, 0xf5, 0xbd, 0xf9, 0x19, 0x00, 0x59, 0xb7, 0x59, 0x36, 0x1c, 0xfb, 0x55, 0xf8,
0x72, 0x0f, 0xe2, 0x92, 0xb6, 0x7b, 0x02, 0x43, 0x8f, 0x86, 0xa7, 0xab, 0x98, 0x3e, 0x61, 0x69,
0x4a, 0xce, 0x18, 0x7a, 0x00, 0x7d, 0xba, 0x86, 0x52, 0x4c, 0x27, 0x55, 0x28, 0xa5, 0x5b, 0x81,
0xcb, 0xd5, 0xdd, 0xe7, 0xf0, 0x7a, 0xcb, 0xbb, 0xa6, 0xe7, 0xfb, 0x66, 0xcb, 0xa5, 0x19, 0xe6,
0xb8, 0x16, 0xfd, 0xfa, 0x7d, 0x66, 0xe1, 0x92, 0x76, 0x11, 0xee, 0x0c, 0xf6, 0x2a, 0x7a, 0xe8,
0x53, 0xb5, 0x1d, 0x73, 0x48, 0x15, 0x71, 0x79, 0xc7, 0x34, 0x7f, 0xdb, 0xe0, 0x5c, 0xfb, 0xde,
0x37, 0x80, 0x9a, 0x2b, 0x08, 0xed, 0x40, 0xf7, 0x5b, 0x1e, 0xb3, 0x91, 0x85, 0x06, 0xb0, 0xfd,
0xdd, 0xab, 0x98, 0x89, 0x91, 0xad, 0x8e, 0x9e, 0x1f, 0x05, 0xf1, 0xa8, 0x83, 0x00, 0x7a, 0xcf,
0x44, 0x20, 0x99, 0x18, 0x6d, 0xa9, 0xb3, 0x2a, 0x3a, 0x13, 0xa3, 0xee, 0xa3, 0x87, 0x7f, 0x5c,
0x4e, 0xec, 0x8b, 0xcb, 0x89, 0xfd, 0xcf, 0xe5, 0xc4, 0xfe, 0xf5, 0x6a, 0x62, 0x5d, 0x5c, 0x4d,
0xac, 0xbf, 0xae, 0x26, 0xd6, 0xf3, 0x3b, 0xff, 0xe9, 0xe7, 0xe4, 0x8b, 0x9e, 0xfe, 0xf8, 0xf8,
0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7b, 0xb3, 0x39, 0x6c, 0x7e, 0x0a, 0x00, 0x00,
}
func (m *RawAclRecord) Marshal() (dAtA []byte, err error) {
@ -1490,6 +1560,13 @@ func (m *AclAccountRequestJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) {
_ = i
var l int
_ = l
if len(m.Metadata) > 0 {
i -= len(m.Metadata)
copy(dAtA[i:], m.Metadata)
i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Metadata)))
i--
dAtA[i] = 0x22
}
if len(m.InviteIdentitySignature) > 0 {
i -= len(m.InviteIdentitySignature)
copy(dAtA[i:], m.InviteIdentitySignature)
@ -1558,6 +1635,36 @@ func (m *AclAccountRequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error)
return len(dAtA) - i, nil
}
func (m *AclAccountRequestDecline) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
n, err := m.MarshalToSizedBuffer(dAtA[:size])
if err != nil {
return nil, err
}
return dAtA[:n], nil
}
func (m *AclAccountRequestDecline) MarshalTo(dAtA []byte) (int, error) {
size := m.Size()
return m.MarshalToSizedBuffer(dAtA[:size])
}
func (m *AclAccountRequestDecline) MarshalToSizedBuffer(dAtA []byte) (int, error) {
i := len(dAtA)
_ = i
var l int
_ = l
if len(m.RequestRecordId) > 0 {
i -= len(m.RequestRecordId)
copy(dAtA[i:], m.RequestRecordId)
i = encodeVarintAclrecord(dAtA, i, uint64(len(m.RequestRecordId)))
i--
dAtA[i] = 0xa
}
return len(dAtA) - i, nil
}
func (m *AclAccountInviteRevoke) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
@ -1952,6 +2059,27 @@ func (m *AclContentValue_ReadKeyChange) MarshalToSizedBuffer(dAtA []byte) (int,
}
return len(dAtA) - i, nil
}
func (m *AclContentValue_RequestDecline) MarshalTo(dAtA []byte) (int, error) {
size := m.Size()
return m.MarshalToSizedBuffer(dAtA[:size])
}
func (m *AclContentValue_RequestDecline) MarshalToSizedBuffer(dAtA []byte) (int, error) {
i := len(dAtA)
if m.RequestDecline != nil {
{
size, err := m.RequestDecline.MarshalToSizedBuffer(dAtA[:i])
if err != nil {
return 0, err
}
i -= size
i = encodeVarintAclrecord(dAtA, i, uint64(size))
}
i--
dAtA[i] = 0x42
}
return len(dAtA) - i, nil
}
func (m *AclData) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
@ -2254,6 +2382,10 @@ func (m *AclAccountRequestJoin) Size() (n int) {
if l > 0 {
n += 1 + l + sovAclrecord(uint64(l))
}
l = len(m.Metadata)
if l > 0 {
n += 1 + l + sovAclrecord(uint64(l))
}
return n
}
@ -2278,6 +2410,19 @@ func (m *AclAccountRequestAccept) Size() (n int) {
return n
}
func (m *AclAccountRequestDecline) Size() (n int) {
if m == nil {
return 0
}
var l int
_ = l
l = len(m.RequestRecordId)
if l > 0 {
n += 1 + l + sovAclrecord(uint64(l))
}
return n
}
func (m *AclAccountInviteRevoke) Size() (n int) {
if m == nil {
return 0
@ -2469,6 +2614,18 @@ func (m *AclContentValue_ReadKeyChange) Size() (n int) {
}
return n
}
func (m *AclContentValue_RequestDecline) Size() (n int) {
if m == nil {
return 0
}
var l int
_ = l
if m.RequestDecline != nil {
l = m.RequestDecline.Size()
n += 1 + l + sovAclrecord(uint64(l))
}
return n
}
func (m *AclData) Size() (n int) {
if m == nil {
return 0
@ -3463,6 +3620,40 @@ func (m *AclAccountRequestJoin) Unmarshal(dAtA []byte) error {
m.InviteIdentitySignature = []byte{}
}
iNdEx = postIndex
case 4:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Metadata", wireType)
}
var byteLen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowAclrecord
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
byteLen |= int(b&0x7F) << shift
if b < 0x80 {
break
}
}
if byteLen < 0 {
return ErrInvalidLengthAclrecord
}
postIndex := iNdEx + byteLen
if postIndex < 0 {
return ErrInvalidLengthAclrecord
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.Metadata = append(m.Metadata[:0], dAtA[iNdEx:postIndex]...)
if m.Metadata == nil {
m.Metadata = []byte{}
}
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipAclrecord(dAtA[iNdEx:])
@ -3634,6 +3825,88 @@ func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error {
}
return nil
}
func (m *AclAccountRequestDecline) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
for iNdEx < l {
preIndex := iNdEx
var wire uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowAclrecord
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
wire |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
fieldNum := int32(wire >> 3)
wireType := int(wire & 0x7)
if wireType == 4 {
return fmt.Errorf("proto: AclAccountRequestDecline: wiretype end group for non-group")
}
if fieldNum <= 0 {
return fmt.Errorf("proto: AclAccountRequestDecline: illegal tag %d (wire type %d)", fieldNum, wire)
}
switch fieldNum {
case 1:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field RequestRecordId", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowAclrecord
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthAclrecord
}
postIndex := iNdEx + intStringLen
if postIndex < 0 {
return ErrInvalidLengthAclrecord
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.RequestRecordId = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipAclrecord(dAtA[iNdEx:])
if err != nil {
return err
}
if (skippy < 0) || (iNdEx+skippy) < 0 {
return ErrInvalidLengthAclrecord
}
if (iNdEx + skippy) > l {
return io.ErrUnexpectedEOF
}
iNdEx += skippy
}
}
if iNdEx > l {
return io.ErrUnexpectedEOF
}
return nil
}
func (m *AclAccountInviteRevoke) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
@ -4495,6 +4768,41 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error {
}
m.Value = &AclContentValue_ReadKeyChange{v}
iNdEx = postIndex
case 8:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field RequestDecline", wireType)
}
var msglen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowAclrecord
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
msglen |= int(b&0x7F) << shift
if b < 0x80 {
break
}
}
if msglen < 0 {
return ErrInvalidLengthAclrecord
}
postIndex := iNdEx + msglen
if postIndex < 0 {
return ErrInvalidLengthAclrecord
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
v := &AclAccountRequestDecline{}
if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
return err
}
m.Value = &AclContentValue_RequestDecline{v}
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipAclrecord(dAtA[iNdEx:])

7
commonspace/object/acl/aclrecordproto/protos/aclrecord.proto
View File

@ -44,6 +44,7 @@ message AclAccountRequestJoin {
bytes inviteIdentity = 1;
string inviteRecordId = 2;
bytes inviteIdentitySignature = 3;
bytes metadata = 4;
}
// AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor
@ -53,6 +54,11 @@ message AclAccountRequestAccept {
bytes encryptedReadKeys = 3;
}
// AclAccountRequestDecline contains the reference to join record
message AclAccountRequestDecline {
string requestRecordId = 1;
}
// AclAccountInviteRevoke revokes the invite record
message AclAccountInviteRevoke {
string inviteRecordId = 1;
@ -96,6 +102,7 @@ message AclContentValue {
AclAccountPermissionChange permissionChange = 5;
AclAccountRemove accountRemove = 6;
AclReadKeyChange readKeyChange = 7;
AclAccountRequestDecline requestDecline = 8;
}
}

17
commonspace/object/acl/list/aclstate.go
View File

@ -14,17 +14,19 @@ import (
var log = logger.NewNamedSugared("common.commonspace.acllist")
var (
ErrNoSuchUser = errors.New("no such user")
ErrNoSuchAccount = errors.New("no such account")
ErrIncorrectInviteKey = errors.New("incorrect invite key")
ErrIncorrectIdentity = errors.New("incorrect identity")
ErrFailedToDecrypt = errors.New("failed to decrypt key")
ErrUserRemoved = errors.New("user was removed from the document")
ErrDocumentForbidden = errors.New("your user was forbidden access to the document")
ErrUserAlreadyExists = errors.New("user already exists")
ErrNoSuchRecord = errors.New("no such record")
ErrNoSuchRequest = errors.New("no such request")
ErrNoSuchInvite = errors.New("no such invite")
ErrOldInvite = errors.New("invite is too old")
ErrInsufficientPermissions = errors.New("insufficient permissions")
ErrIncorrectNumberOfAccounts = errors.New("incorrect number of accounts")
ErrNoReadKey = errors.New("acl state doesn't have a read key")
ErrNoInvite = errors.New("can't delete invite record")
ErrInvalidSignature = errors.New("signature is invalid")
ErrIncorrectRoot = errors.New("incorrect root")
ErrIncorrectRecordSequence = errors.New("incorrect prev id of a record")
@ -42,6 +44,7 @@ type AclState struct {
userStates map[string]AclUserState
statesAtRecord map[string][]AclUserState
inviteKeys map[string]crypto.PubKey
requestRecords map[string]RequestRecord
key crypto.PrivKey
pubKey crypto.PubKey
keyStore crypto.KeyStorage
@ -60,6 +63,8 @@ func newAclStateWithKeys(
userReadKeys: make(map[string]crypto.SymKey),
userStates: make(map[string]AclUserState),
statesAtRecord: make(map[string][]AclUserState),
inviteKeys: make(map[string]crypto.PubKey),
requestRecords: make(map[string]RequestRecord),
}, nil
}
@ -69,6 +74,8 @@ func newAclState(id string) *AclState {
userReadKeys: make(map[string]crypto.SymKey),
userStates: make(map[string]AclUserState),
statesAtRecord: make(map[string][]AclUserState),
inviteKeys: make(map[string]crypto.PubKey),
requestRecords: make(map[string]RequestRecord),
}
}
@ -100,7 +107,7 @@ func (st *AclState) StateAtRecord(id string, pubKey crypto.PubKey) (AclUserState
return perm, nil
}
}
return AclUserState{}, ErrNoSuchUser
return AclUserState{}, ErrNoSuchAccount
}
func (st *AclState) applyRecord(record *AclRecord) (err error) {
@ -229,7 +236,7 @@ func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissio
}
state, exists := st.userStates[mapKeyFromPubKey(chIdentity)]
if !exists {
return ErrNoSuchUser
return ErrNoSuchAccount
}
state.Permissions = AclPermissions(ch.Permissions)
return nil

5
commonspace/object/acl/list/models.go
View File

@ -16,6 +16,11 @@ type AclRecord struct {
Signature []byte
}
type RequestRecord struct {
RequestIdentity crypto.PubKey
RequestMetadata []byte
}
type AclUserState struct {
PubKey crypto.PubKey
Permissions AclPermissions

146
commonspace/object/acl/list/validator.go
View File

@ -1,5 +1,147 @@
package list
type Validator interface {
Validate()
import (
"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
"github.com/anyproto/any-sync/util/crypto"
)
type ContentValidator interface {
ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error)
ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error)
ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error)
ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error)
ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error)
ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error)
ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error)
ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error)
}
type contentValidator struct {
keyStore crypto.KeyStorage
aclState *AclState
}
func (c *contentValidator) ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error) {
if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
return ErrInsufficientPermissions
}
chIdentity, err := c.keyStore.PubKeyFromProto(ch.Identity)
if err != nil {
return err
}
_, exists := c.aclState.userStates[mapKeyFromPubKey(chIdentity)]
if !exists {
return ErrNoSuchAccount
}
return
}
func (c *contentValidator) ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error) {
if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
return ErrInsufficientPermissions
}
_, err = c.keyStore.PubKeyFromProto(ch.InviteKey)
return
}
func (c *contentValidator) ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error) {
if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
return ErrInsufficientPermissions
}
_, exists := c.aclState.inviteKeys[ch.InviteRecordId]
if !exists {
return ErrNoSuchInvite
}
return
}
func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error) {
inviteKey, exists := c.aclState.inviteKeys[ch.InviteRecordId]
if !exists {
return ErrNoSuchInvite
}
inviteIdentity, err := c.keyStore.PubKeyFromProto(ch.InviteIdentity)
if err != nil {
return
}
if !authorIdentity.Equals(inviteIdentity) {
return ErrIncorrectIdentity
}
rawInviteIdentity, err := inviteIdentity.Raw()
if err != nil {
return err
}
ok, err := inviteKey.Verify(rawInviteIdentity, ch.InviteIdentitySignature)
if err != nil {
return ErrInvalidSignature
}
if !ok {
return ErrInvalidSignature
}
return
}
func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error) {
if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
return ErrInsufficientPermissions
}
record, exists := c.aclState.requestRecords[ch.RequestRecordId]
if !exists {
return ErrNoSuchRequest
}
acceptIdentity, err := c.keyStore.PubKeyFromProto(ch.Identity)
if err != nil {
return
}
if !acceptIdentity.Equals(record.RequestIdentity) {
return ErrIncorrectIdentity
}
return
}
func (c *contentValidator) ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error) {
if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
return ErrInsufficientPermissions
}
_, exists := c.aclState.requestRecords[ch.RequestRecordId]
if !exists {
return ErrNoSuchRequest
}
return
}
func (c *contentValidator) ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error) {
if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
return ErrInsufficientPermissions
}
identity, err := c.keyStore.PubKeyFromProto(ch.Identity)
if err != nil {
return
}
_, exists := c.aclState.userStates[mapKeyFromPubKey(identity)]
if !exists {
return ErrNoSuchAccount
}
return c.validateAccountReadKeys(ch.AccountKeys)
}
func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error) {
return c.validateAccountReadKeys(ch.AccountKeys)
}
func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKeys) (err error) {
if len(accountKeys) != len(c.aclState.userStates) {
return ErrIncorrectNumberOfAccounts
}
for _, encKeys := range accountKeys {
identity, err := c.keyStore.PubKeyFromProto(encKeys.Identity)
if err != nil {
return err
}
_, exists := c.aclState.userStates[mapKeyFromPubKey(identity)]
if !exists {
return ErrNoSuchAccount
}
}
return
}