feat: Enable sec. indexes with ACP (sourcenetwork#2602)

## Relevant issue(s)

Resolves sourcenetwork#2365

## Description

Enable secondary indexes with ACP.

internal/db/collection_index.go

@@ -256,12 +256,6 @@ func (c *collection) createIndex(
 	ctx context.Context,
 	desc client.IndexDescription,
 ) (CollectionIndex, error) {
-	// Don't allow creating index on a permissioned collection, until following is implemented.
-	// TODO-ACP: ACP <> INDEX https://github.com/sourcenetwork/defradb/issues/2365
-	if c.Description().Policy.HasValue() {
-		return nil, ErrCanNotCreateIndexOnCollectionWithPolicy
-	}
-
 	if desc.Name != "" && !schema.IsValidIndexName(desc.Name) {
 		return nil, schema.NewErrIndexWithInvalidName("!")
 	}

internal/db/errors.go

@@ -97,7 +97,6 @@ const (
 
 var (
 	ErrFailedToGetCollection                    = errors.New(errFailedToGetCollection)
-	ErrCanNotCreateIndexOnCollectionWithPolicy  = errors.New("can not create index on a collection with a policy")
 	ErrSubscriptionsNotAllowed                  = errors.New("server does not accept subscriptions")
 	ErrInvalidFilter                            = errors.New("invalid filter")
 	ErrCollectionAlreadyExists                  = errors.New(errCollectionAlreadyExists)

tests/integration/acp/index/create_test.go

@@ -17,46 +17,14 @@ import (
 	acpUtils "github.com/sourcenetwork/defradb/tests/integration/acp"
 )
 
-// This test documents that we don't allow creating indexes on collections that have policy
-// until the following is implemented:
-// TODO-ACP: ACP <> P2P https://github.com/sourcenetwork/defradb/issues/2365
-func TestACP_IndexCreateWithSeparateRequest_OnCollectionWithPolicy_ReturnError(t *testing.T) {
+func TestACP_IndexCreateWithSeparateRequest_OnCollectionWithPolicy_NoError(t *testing.T) {
 	test := testUtils.TestCase{
-		Description: "Test acp, with creating new index using separate request on permissioned collection, error",
+		Description: "Test acp, with creating new index using separate request on permissioned collection, no error",
 		Actions: []any{
 
 			testUtils.AddPolicy{
-
-				Identity: acpUtils.Actor1Identity,
-
-				Policy: `
-                    description: a test policy which marks a collection in a database as a resource
-
-                    actor:
-                      name: actor
-
-                    resources:
-                      users:
-                        permissions:
-                          read:
-                            expr: owner + reader
-                          write:
-                            expr: owner
-
-                        relations:
-                          owner:
-                            types:
-                              - actor
-                          reader:
-                            types:
-                              - actor
-                          admin:
-                            manages:
-                              - reader
-                            types:
-                              - actor
-                `,
-
+				Identity:         acpUtils.Actor1Identity,
+				Policy:           userPolicy,
 				ExpectedPolicyID: "53980e762616fcffbe76307995895e862f87ef3f21d509325d1dc772a770b001",
 			},
 
@@ -74,12 +42,8 @@ func TestACP_IndexCreateWithSeparateRequest_OnCollectionWithPolicy_ReturnError(t
 
 			testUtils.CreateIndex{
 				CollectionID: 0,
-
-				IndexName: "some_index",
-
-				FieldName: "name",
-
-				ExpectedError: "can not create index on a collection with a policy",
+				IndexName:    "some_index",
+				FieldName:    "name",
 			},
 
 			testUtils.Request{
@@ -99,46 +63,14 @@ func TestACP_IndexCreateWithSeparateRequest_OnCollectionWithPolicy_ReturnError(t
 	testUtils.ExecuteTestCase(t, test)
 }
 
-// This test documents that we don't allow creating indexes on collections that have policy
-// until the following is implemented:
-// TODO-ACP: ACP <> P2P https://github.com/sourcenetwork/defradb/issues/2365
-func TestACP_IndexCreateWithDirective_OnCollectionWithPolicy_ReturnError(t *testing.T) {
+func TestACP_IndexCreateWithDirective_OnCollectionWithPolicy_NoError(t *testing.T) {
 	test := testUtils.TestCase{
-		Description: "Test acp, with creating new index using directive on permissioned collection, error",
+		Description: "Test acp, with creating new index using directive on permissioned collection, no error",
 		Actions: []any{
 
 			testUtils.AddPolicy{
-
-				Identity: acpUtils.Actor1Identity,
-
-				Policy: `
-                    description: a test policy which marks a collection in a database as a resource
-
-                    actor:
-                      name: actor
-
-                    resources:
-                      users:
-                        permissions:
-                          read:
-                            expr: owner + reader
-                          write:
-                            expr: owner
-
-                        relations:
-                          owner:
-                            types:
-                              - actor
-                          reader:
-                            types:
-                              - actor
-                          admin:
-                            manages:
-                              - reader
-                            types:
-                              - actor
-                `,
-
+				Identity:         acpUtils.Actor1Identity,
+				Policy:           userPolicy,
 				ExpectedPolicyID: "53980e762616fcffbe76307995895e862f87ef3f21d509325d1dc772a770b001",
 			},
 
@@ -152,8 +84,6 @@ func TestACP_IndexCreateWithDirective_OnCollectionWithPolicy_ReturnError(t *test
 						age: Int
 					}
 				`,
-
-				ExpectedError: "can not create index on a collection with a policy",
 			},
 
 			testUtils.Request{
@@ -164,8 +94,6 @@ func TestACP_IndexCreateWithDirective_OnCollectionWithPolicy_ReturnError(t *test
 							age
 						}
 					}`,
-
-				ExpectedError: `Cannot query field "Users" on type "Query"`,
 			},
 		},
 	}

tests/integration/acp/index/fixture.go

@@ -0,0 +1,89 @@
+// Copyright 2024 Democratized Data Foundation
+//
+// Use of this software is governed by the Business Source License
+// included in the file licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with
+// the Business Source License, use of this software will be governed
+// by the Apache License, Version 2.0, included in the file
+// licenses/APL.txt.
+
+package test_acp_index
+
+// policy id: "53980e762616fcffbe76307995895e862f87ef3f21d509325d1dc772a770b001"
+const userPolicy = `
+description: a test policy which marks a collection in a database as a resource
+
+actor:
+  name: actor
+
+resources:
+  users:
+    permissions:
+      read:
+        expr: owner + reader
+      write:
+        expr: owner
+
+    relations:
+      owner:
+        types:
+          - actor
+      reader:
+        types:
+          - actor
+      admin:
+        manages:
+          - reader
+        types:
+          - actor
+`
+
+// policy id: "68a4e64d5034b8a0565a90cd36483de0d61e0ea2450cf57c1fa8d27cbbf17c2c"
+const bookAuthorPolicy = `
+description: a test policy which marks a collection in a database as a resource
+
+actor:
+  name: actor
+
+resources:
+  author:
+    permissions:
+      read:
+        expr: owner + reader
+      write:
+        expr: owner
+
+    relations:
+      owner:
+        types:
+          - actor
+      reader:
+        types:
+          - actor
+      admin:
+        manages:
+          - reader
+        types:
+          - actor
+
+  book:
+    permissions:
+      read:
+        expr: owner + reader
+      write:
+        expr: owner
+
+    relations:
+      owner:
+        types:
+          - actor
+      reader:
+        types:
+          - actor
+      admin:
+        manages:
+          - reader
+        types:
+          - actor
+`