refactor account msg validation

2023-08-28 17:04:23 +03:00 · 2023-08-28 17:04:23 +03:00 · 3a9df124f6
parent f1a13eee80
commit 3a9df124f6
2 changed files with 28 additions and 17 deletions
--- a/lib/index.js
+++ b/lib/index.js
@ -25,6 +25,7 @@ const { decrypt } = require('./encryption')
 * @typedef {import('./msg-v3').AccountData} AccountData
 * @typedef {import('./msg-v3').AccountPower} AccountPower
 * @typedef {import('./encryption').EncryptionFormat} EncryptionFormat
+ * @typedef {import('./msg-v3/tangle')} Tangle
 *
 * @typedef {Buffer | Uint8Array} B4A
 */
@ -259,7 +260,7 @@ function initDB(peer, config) {
   * Find which pubkeys are authorized to sign this msg given the account.
   *
   * @private
-   * @param {DBTangle | null} accountTangle
+   * @param {Tangle | null} accountTangle
   * @returns {Set<string>}
   */
  function getPubkeysInAccount(accountTangle) {
@ -310,7 +311,7 @@ function initDB(peer, config) {

    // Identify the account and its pubkeys:
    const accountID = getAccountID(rec)
-    let accountTangle = /** @type {DBTangle | null} */ (null)
+    let accountTangle = /** @type {Tangle | null} */ (null)
    if (accountID) {
      accountTangle = new DBTangle(accountID, records())
      if (msgID === accountID) {
@ -329,11 +330,27 @@ function initDB(peer, config) {
    }

    // Account tangle related validations
-    if (
-      msg.metadata.account === ACCOUNT_SELF &&
-      accountTangle &&
-      !MsgV3.isRoot(msg)
-    ) {
+    if (msg.metadata.account === ACCOUNT_SELF) {
+      if ((err = validateAccountMsg(msg, accountTangle))) {
+        // prettier-ignore
+        return cb(new Error('add() failed msg account validation', { cause: err }))
+      }
+    }
+
+    logAppend(msgID, msg, (err, rec) => {
+      if (err) return cb(new Error('add() failed in the log', { cause: err }))
+      onRecordAdded.set(rec)
+      cb(null, rec)
+    })
+  }
+
+  /**
+   * @param {Msg} msg
+   * @param {Tangle | null} accountTangle
+   * @returns {string | undefined}
+   */
+  function validateAccountMsg(msg, accountTangle) {
+    if (accountTangle && !MsgV3.isRoot(msg)) {
      /** @type {AccountData} */
      const data = msg.data
      if (data.action === 'add') {
@ -342,17 +359,11 @@ function initDB(peer, config) {
        const powers = getAccountPowers(accountTangle, keypair)
        if (!powers.has('add')) {
          // prettier-ignore
-          return cb(new Error('add() failed because this msg.pubkey does not have "add" power'))
+          return `invalid message: pubkey "${msg.pubkey}" does not have "add" power`
        }
      }
      // TODO validate 'del'
    }
-
-    logAppend(msgID, msg, (err, rec) => {
-      if (err) return cb(new Error('add() failed in the log', { cause: err }))
-      onRecordAdded.set(rec)
-      cb(null, rec)
-    })
  }

  /**
@ -522,7 +533,7 @@ function initDB(peer, config) {
  }

  /**
-   * @param {DBTangle} accountTangle
+   * @param {Tangle} accountTangle
   * @param {KeypairPublicSlice} keypair
   * @returns {Set<AccountPower>}
   */
@ -848,7 +859,7 @@ function initDB(peer, config) {

  /**
   * @param {string} tangleID
-   * @returns {DBTangle}
+   * @returns {Tangle}
   */
  function getTangle(tangleID) {
    return new DBTangle(tangleID, records())
--- a/test/account-add.test.js
+++ b/test/account-add.test.js
@ -144,7 +144,7 @@ test('keypair with no "add" powers cannot account.add()', async (t) => {
  // Test replicator-side power validation
  assert.rejects(
    p(peer1again.db.add)(msg3, id),
-    /msg\.pubkey does not have "add" power/
+    /add\(\) failed msg account validation/
  )

  await p(peer1again.close)()