Jaseci-Labs · ypkang · Aug 28, 2024
diff --git a/jaclang/cli/cli.py b/jaclang/cli/cli.py
@@ -250,7 +250,6 @@ def enter(
     base, mod = os.path.split(filename)
     base = base if base else "./"
     mod = mod[:-4]
-
     if filename.endswith(".jac"):
         ret_module = jac_import(
             target=mod,
@@ -275,13 +274,14 @@ def enter(
 
     jctx = ExecutionContext.create(session=session, root=root, entry=node)
 
+
     if ret_module:
         (loaded_mod,) = ret_module
         if not loaded_mod:
             print("Errors occurred while importing the module.")
         else:
             architype = getattr(loaded_mod, entrypoint)(*args)
-            if isinstance(architype, WalkerArchitype):
+            if isinstance(architype, WalkerArchitype) and jctx.validate_access():
                 Jac.spawn_call(jctx.entry.architype, architype)
 
     jctx.close()

diff --git a/jaclang/plugin/default.py b/jaclang/plugin/default.py
@@ -483,18 +483,22 @@ def disconnect(
                     (source := anchor.source)
                     and (target := anchor.target)
                     and (not filter_func or filter_func([anchor.architype]))
+                    and source.architype
+                    and target.architype
                 ):
                     if (
                         dir in [EdgeDir.OUT, EdgeDir.ANY]
                         and node == source
                         and target.architype in right
+                        and source.has_write_access(target)
                     ):
                         anchor.destroy() if anchor.persistent else anchor.detach()
                         disconnect_occurred = True
                     if (
                         dir in [EdgeDir.IN, EdgeDir.ANY]
                         and node == target
                         and source.architype in right
+                        and target.has_write_access(source)
                     ):
                         anchor.destroy() if anchor.persistent else anchor.detach()
                         disconnect_occurred = True

diff --git a/jaclang/plugin/tests/fixtures/other_root_access.jac b/jaclang/plugin/tests/fixtures/other_root_access.jac
@@ -0,0 +1,82 @@
+import:py from jaclang.runtimelib.architype {Anchor}
+import:py from uuid {UUID}
+
+node A {
+    has val: int;
+}
+
+walker check_node {
+    can enter with `root entry {
+        visit [-->];
+    }
+
+    can enter2 with A entry {
+        print(here);
+    }
+}
+
+walker update_node {
+    has val: int;
+
+    can enter2 with A entry {
+        here.val = self.val;
+    }
+}
+
+walker create_node {
+    has val: int;
+
+    can enter with `root entry {
+        a = A(val=self.val);
+        here ++> a;
+        print(a.__jac__.id);
+    }
+}
+
+walker create_other_root {
+    can enter with `root entry {
+        other_root = `root().__jac__;
+        other_root.save();
+        print(other_root.id);
+    }
+}
+
+walker allow_other_root_access {
+    has root_id: str, level: int | str = 1, via_all: bool = False;
+
+    can enter_root with `root entry {
+        if self.via_all {
+            here.__jac__.unrestrict(self.level);
+        } else {
+            here.__jac__.allow_root(UUID(self.root_id), self.level);
+        }
+    }
+
+    can enter_nested with A entry {
+        if self.via_all {
+            here.__jac__.unrestrict(self.level);
+        } else {
+            here.__jac__.allow_root(UUID(self.root_id), self.level);
+        }
+    }
+}
+
+walker disallow_other_root_access {
+    has root_id: str, via_all: bool = False;
+
+    can enter_root with `root entry {
+        if self.via_all {
+            here.__jac__.restrict();
+        } else {
+            here.__jac__.disallow_root(UUID(self.root_id));
+        }
+    }
+
+    can enter_nested with A entry {
+        if self.via_all {
+            here.__jac__.restrict();
+        } else {
+            here.__jac__.disallow_root(UUID(self.root_id));
+        }
+    }
+}