Require Subject on get_chain

fission-codes · Mar 26, 2024 · 1b8382a · 1b8382a
1 parent 96b0fe1
commit 1b8382a
Show file tree

Hide file tree

Showing 6 changed files with 62 additions and 83 deletions.
diff --git a/src/delegation/agent.rs b/src/delegation/agent.rs
@@ -62,7 +62,7 @@ where
     pub fn delegate(
         &self,
         audience: DID,
-        subject: Option<DID>,
+        subject: &DID,
         via: Option<DID>,
         command: String,
         new_policy: Vec<Predicate>,
@@ -75,25 +75,21 @@ where
         let mut salt = self.did.clone().to_string().into_bytes();
         let nonce = Nonce::generate_12(&mut salt);
 
-        if let Some(ref sub) = subject {
-            if sub == &self.did {
-                let payload: Payload<DID> = Payload {
-                    issuer: self.did.clone(),
-                    audience,
-                    subject,
-                    via,
-                    command,
-                    metadata,
-                    nonce,
-                    expiration: expiration.into(),
-                    not_before: not_before.map(Into::into),
-                    policy: new_policy,
-                };
-
-                return Ok(
-                    Delegation::try_sign(&self.signer, varsig_header, payload).expect("FIXME")
-                );
-            }
+        if *subject == self.did {
+            let payload: Payload<DID> = Payload {
+                issuer: self.did.clone(),
+                audience,
+                subject: Some(subject.clone()),
+                via,
+                command,
+                metadata,
+                nonce,
+                expiration: expiration.into(),
+                not_before: not_before.map(Into::into),
+                policy: new_policy,
+            };
+
+            return Ok(Delegation::try_sign(&self.signer, varsig_header, payload).expect("FIXME"));
         }
 
         let proofs = &self
@@ -109,7 +105,7 @@ where
         let payload: Payload<DID> = Payload {
             issuer: self.did.clone(),
             audience,
-            subject,
+            subject: Some(subject.clone()),
             via,
             command,
             policy,

diff --git a/src/delegation/policy/selector/filter.rs b/src/delegation/policy/selector/filter.rs
@@ -297,7 +297,7 @@ mod tests {
         use super::*;
 
         proptest! {
-            #[test_log::test]
+            #[test]
             fn test_filter_round_trip(filter: Filter) {
                 let serialized = filter.to_string();
                 let deserialized = serialized.parse();

diff --git a/src/delegation/policy/selector/select.rs b/src/delegation/policy/selector/select.rs
@@ -1,6 +1,7 @@
-use super::Selector;
+use super::Selector; // FIXME cycle?
 use super::{error::SelectorErrorReason, filter::Filter, Selectable, SelectorError};
 use libipld_core::ipld::Ipld;
+use serde::{Deserialize, Serialize};
 use std::cmp::Ordering;
 use std::fmt;
 use std::str::FromStr;
@@ -199,35 +200,27 @@ mod tests {
     use proptest::prelude::*;
     use testresult::TestResult;
 
-    fn simple() -> Ipld {
-        libipld::ipld!({
-            "foo": 42,
-            "bar": "baz",
-            "qux": true
-        })
-    }
-
-    fn email() -> Ipld {
-        libipld::ipld!({
-            "from": "[email protected]",
-            "to": ["[email protected]", "[email protected]"],
-            "cc": ["[email protected]"],
-            "subject": "Quarterly Reports",
-            "body": "Here's Q2 the reports ..."
-        })
-    }
-
-    fn nested_data() -> Ipld {
-        libipld::ipld!({
-            "name": "Alice",
-            "age": 42,
-            "friends": ["Bob", "Charlie"]
-        })
-    }
-
     mod get {
         use super::*;
 
+        fn nested_data() -> Ipld {
+            Ipld::Map(
+                vec![
+                    ("name".to_string(), Ipld::String("Alice".to_string())),
+                    ("age".to_string(), Ipld::Integer(42)),
+                    (
+                        "friends".to_string(),
+                        Ipld::List(vec![
+                            Ipld::String("Bob".to_string()),
+                            Ipld::String("Charlie".to_string()),
+                        ]),
+                    ),
+                ]
+                .into_iter()
+                .collect(),
+            )
+        }
+
         proptest! {
             #[test_log::test]
             fn test_identity(data: ipld::Newtype) {
@@ -255,19 +248,13 @@ mod tests {
                 let selector: Select<Ipld> = Select::new(filters);
 
                 let cleaned_data = match data.0.clone() {
-                    Ipld::Map(mut m) => m.remove("foo").map_or(Ipld::Null, |v| v),
-                    ipld => ipld,
+                    Ipld::Map(mut m) => {
+                        m.remove("foo").map_or(Ipld::Null, |v| v)
+                    }
+                    ipld => ipld
                 };
                 prop_assert_eq!(selector.get(&cleaned_data)?, Ipld::Null);
             }
         }
-
-        #[test_log::test]
-        fn test_eq_dot_field_ending_try_null() -> TestResult {
-            let s = Select::from_str(".from.not?")?;
-
-            pretty::assert_eq!(s.get(&email()), Ok(Ipld::Null));
-            Ok(())
-        }
     }
 }
diff --git a/src/delegation/store/memory.rs b/src/delegation/store/memory.rs
@@ -198,11 +198,10 @@ where
         Ok(())
     }
 
-    // FIXME take a PayloadBuilder
     fn get_chain(
         &self,
         aud: &DID,
-        subject: &Option<DID>,
+        subject: &DID,
         command: String,
         policy: Vec<Predicate>,
         now: SystemTime,
@@ -213,7 +212,10 @@ where
         let read_tx = self.read();
 
         let all_powerlines = read_tx.index.get(&None).unwrap_or(&blank_map);
-        let all_aud_for_subject = read_tx.index.get(subject).unwrap_or(&blank_map);
+        let all_aud_for_subject = read_tx
+            .index
+            .get(&Some(subject.clone()))
+            .unwrap_or(&blank_map);
         let powerline_candidates = all_powerlines.get(aud).unwrap_or(&blank_set);
         let sub_candidates = all_aud_for_subject.get(aud).unwrap_or(&blank_set);
 
@@ -411,13 +413,14 @@ mod tests {
         #[test_log::test]
         fn test_simple_fail() -> TestResult {
             let (server, _server_signer) = gen_did();
+            let (nope, _nope_signer) = gen_did();
 
             let store = MemoryStore::<
                 did::preset::Verifier,
                 varsig::header::Preset,
                 varsig::encoding::Preset,
             >::default();
-            let got = store.get_chain(&server, &None, "/".into(), vec![], SystemTime::now())?;
+            let got = store.get_chain(&server, &nope, "/".into(), vec![], SystemTime::now())?;
 
             pretty::assert_eq!(got, None);
             Ok(())
@@ -449,7 +452,7 @@ mod tests {
 
             store.insert(deleg.clone())?;
 
-            let got = store.get_chain(&bob, &Some(alice), "/".into(), vec![], SystemTime::now())?;
+            let got = store.get_chain(&bob, &alice, "/".into(), vec![], SystemTime::now())?;
             pretty::assert_eq!(got, Some(nonempty![(deleg.cid()?, Arc::new(deleg))].into()));
             Ok(())
         }
@@ -509,7 +512,7 @@ mod tests {
 
             store.insert(more_noise.clone())?;
 
-            let got = store.get_chain(&bob, &Some(alice), "/".into(), vec![], SystemTime::now())?;
+            let got = store.get_chain(&bob, &alice, "/".into(), vec![], SystemTime::now())?;
             pretty::assert_eq!(got, Some(nonempty![(deleg.cid()?, Arc::new(deleg))].into()));
             Ok(())
         }
@@ -555,8 +558,7 @@ mod tests {
 
             store.insert(deleg_2.clone())?;
 
-            let got =
-                store.get_chain(&carol, &Some(alice), "/".into(), vec![], SystemTime::now())?;
+            let got = store.get_chain(&carol, &alice, "/".into(), vec![], SystemTime::now())?;
 
             pretty::assert_eq!(
                 got,
@@ -614,7 +616,7 @@ mod tests {
 
             let got = store.get_chain(
                 &carol,
-                &Some(alice),
+                &alice,
                 "/test/me/now".into(),
                 vec![],
                 SystemTime::now(),
@@ -677,7 +679,7 @@ mod tests {
 
             let got = store.get_chain(
                 &carol,
-                &Some(alice),
+                &alice,
                 "/test/me/now".into(),
                 vec![],
                 SystemTime::now(),
@@ -751,7 +753,7 @@ mod tests {
             store.insert(alice_to_bob.clone())?;
 
             let got: Vec<Cid> = store
-                .get_chain(&dave, &Some(alice), "/".into(), vec![], SystemTime::now())
+                .get_chain(&dave, &alice, "/".into(), vec![], SystemTime::now())
                 .map_err(|e| e.to_string())?
                 .ok_or("failed during proof lookup")?
                 .iter()
@@ -835,13 +837,7 @@ mod tests {
             store.insert(alice_to_bob.clone())?;
 
             let got: Vec<Cid> = store
-                .get_chain(
-                    &dave,
-                    &Some(alice.clone()),
-                    "/".into(),
-                    vec![],
-                    SystemTime::now(),
-                )
+                .get_chain(&dave, &alice.clone(), "/".into(), vec![], SystemTime::now())
                 .map_err(|e| e.to_string())?
                 .ok_or("failed during proof lookup")?
                 .iter()

diff --git a/src/delegation/store/traits.rs b/src/delegation/store/traits.rs
@@ -49,7 +49,7 @@ where
     fn get_chain(
         &self,
         audience: &DID,
-        subject: &Option<DID>,
+        subject: &DID,
         command: String,
         policy: Vec<Predicate>,
         now: SystemTime,
@@ -58,7 +58,7 @@ where
     fn get_chain_cids(
         &self,
         audience: &DID,
-        subject: &Option<DID>,
+        subject: &DID,
         command: String,
         policy: Vec<Predicate>,
         now: SystemTime,
@@ -75,7 +75,7 @@ where
         policy: Vec<Predicate>,
         now: SystemTime,
     ) -> Result<bool, Self::DelegationStoreError> {
-        self.get_chain(audience, &Some(issuer), command, policy, now)
+        self.get_chain(audience, &issuer, command, policy, now)
             .map(|chain| chain.is_some())
     }
 
@@ -124,7 +124,7 @@ where
     fn get_chain(
         &self,
         audience: &DID,
-        subject: &Option<DID>,
+        subject: &DID,
         command: String,
         policy: Vec<Predicate>,
         now: SystemTime,

diff --git a/src/invocation/agent.rs b/src/invocation/agent.rs
@@ -104,7 +104,7 @@ where
             self.delegation_store
                 .get_chain(
                     &self.did,
-                    &Some(subject.clone()),
+                    &subject.clone(),
                     ability.to_command(),
                     vec![],
                     now,
@@ -695,7 +695,7 @@ mod tests {
             let chain_for_dnslink: Vec<Cid> = del_store
                 .get_chain(
                     &device,
-                    &Some(dnslink.clone()),
+                    &dnslink.clone(),
                     "/".into(),
                     vec![],
                     SystemTime::now(),