From 3a9df124f67c110898c8d016fd8262e7900c712f Mon Sep 17 00:00:00 2001 From: Andre Staltz Date: Mon, 28 Aug 2023 17:04:23 +0300 Subject: [PATCH] refactor account msg validation --- lib/index.js | 43 +++++++++++++++++++++++++--------------- test/account-add.test.js | 2 +- 2 files changed, 28 insertions(+), 17 deletions(-) diff --git a/lib/index.js b/lib/index.js index 1ec88a1..d806198 100644 --- a/lib/index.js +++ b/lib/index.js @@ -25,6 +25,7 @@ const { decrypt } = require('./encryption') * @typedef {import('./msg-v3').AccountData} AccountData * @typedef {import('./msg-v3').AccountPower} AccountPower * @typedef {import('./encryption').EncryptionFormat} EncryptionFormat + * @typedef {import('./msg-v3/tangle')} Tangle * * @typedef {Buffer | Uint8Array} B4A */ @@ -259,7 +260,7 @@ function initDB(peer, config) { * Find which pubkeys are authorized to sign this msg given the account. * * @private - * @param {DBTangle | null} accountTangle + * @param {Tangle | null} accountTangle * @returns {Set} */ function getPubkeysInAccount(accountTangle) { @@ -310,7 +311,7 @@ function initDB(peer, config) { // Identify the account and its pubkeys: const accountID = getAccountID(rec) - let accountTangle = /** @type {DBTangle | null} */ (null) + let accountTangle = /** @type {Tangle | null} */ (null) if (accountID) { accountTangle = new DBTangle(accountID, records()) if (msgID === accountID) { @@ -329,11 +330,27 @@ function initDB(peer, config) { } // Account tangle related validations - if ( - msg.metadata.account === ACCOUNT_SELF && - accountTangle && - !MsgV3.isRoot(msg) - ) { + if (msg.metadata.account === ACCOUNT_SELF) { + if ((err = validateAccountMsg(msg, accountTangle))) { + // prettier-ignore + return cb(new Error('add() failed msg account validation', { cause: err })) + } + } + + logAppend(msgID, msg, (err, rec) => { + if (err) return cb(new Error('add() failed in the log', { cause: err })) + onRecordAdded.set(rec) + cb(null, rec) + }) + } + + /** + * @param {Msg} msg + * @param {Tangle | null} accountTangle + * @returns {string | undefined} + */ + function validateAccountMsg(msg, accountTangle) { + if (accountTangle && !MsgV3.isRoot(msg)) { /** @type {AccountData} */ const data = msg.data if (data.action === 'add') { @@ -342,17 +359,11 @@ function initDB(peer, config) { const powers = getAccountPowers(accountTangle, keypair) if (!powers.has('add')) { // prettier-ignore - return cb(new Error('add() failed because this msg.pubkey does not have "add" power')) + return `invalid message: pubkey "${msg.pubkey}" does not have "add" power` } } // TODO validate 'del' } - - logAppend(msgID, msg, (err, rec) => { - if (err) return cb(new Error('add() failed in the log', { cause: err })) - onRecordAdded.set(rec) - cb(null, rec) - }) } /** @@ -522,7 +533,7 @@ function initDB(peer, config) { } /** - * @param {DBTangle} accountTangle + * @param {Tangle} accountTangle * @param {KeypairPublicSlice} keypair * @returns {Set} */ @@ -848,7 +859,7 @@ function initDB(peer, config) { /** * @param {string} tangleID - * @returns {DBTangle} + * @returns {Tangle} */ function getTangle(tangleID) { return new DBTangle(tangleID, records()) diff --git a/test/account-add.test.js b/test/account-add.test.js index da50a19..9eef631 100644 --- a/test/account-add.test.js +++ b/test/account-add.test.js @@ -144,7 +144,7 @@ test('keypair with no "add" powers cannot account.add()', async (t) => { // Test replicator-side power validation assert.rejects( p(peer1again.db.add)(msg3, id), - /msg\.pubkey does not have "add" power/ + /add\(\) failed msg account validation/ ) await p(peer1again.close)()