wip, separate acl for notifications

2024-04-10 06:42:27 +03:00 · 2024-04-10 06:42:27 +03:00 · a294f19aa3
parent 6884bfe33f
commit a294f19aa3
4 changed files with 14 additions and 7 deletions
--- a/hbs2-peer/app/RefChan.hs
+++ b/hbs2-peer/app/RefChan.hs
@ -945,7 +945,7 @@ logMergeProcess penv env q = withPeerM penv do
                    hd <- MaybeT $ lift $ getHead menv headRef

                    let quo = view refChanHeadQuorum hd & fromIntegral
-                    guard $ checkACL hd (Just pk) ak
+                    guard $ checkACL ACLUpdate hd (Just pk) ak
                    pure [(href, (quo,mempty))]

                  Accept  _ box -> do
--- a/hbs2-peer/lib/HBS2/Peer/Proto/RefChan/RefChanNotify.hs
+++ b/hbs2-peer/lib/HBS2/Peer/Proto/RefChan/RefChanNotify.hs
@ -79,7 +79,7 @@ refChanNotifyProto self adapter msg@(Notify rchan box) = do
      let refchanKey = RefChanHeadKey @s rchan
      headBlock <- MaybeT $ getActualRefChanHead @e refchanKey

-      guard $ checkACL headBlock Nothing authorKey
+      guard $ checkACL ACLNotify headBlock Nothing authorKey

      -- FIXME: garbage-collection-required
      liftIO $ putBlock sto (serialise msg)
--- a/hbs2-peer/lib/HBS2/Peer/Proto/RefChan/RefChanUpdate.hs
+++ b/hbs2-peer/lib/HBS2/Peer/Proto/RefChan/RefChanUpdate.hs
@ -295,7 +295,7 @@ refChanUpdateProto self pc adapter msg = do

        let pips = view refChanHeadPeers headBlock

-        guard $ checkACL headBlock (Just peerKey) authorKey
+        guard $ checkACL ACLUpdate headBlock (Just peerKey) authorKey

        debug $ "OMG!!! TRANS AUTHORIZED" <+> pretty (AsBase58 peerKey)  <+> pretty (AsBase58 authorKey)

@ -453,7 +453,7 @@ refChanUpdateProto self pc adapter msg = do
             (authorKey, _) <- MaybeT $ pure $ unboxSignedBox0 pbox

             -- может, и не надо второй раз проверять
-             guard $ checkACL headBlock (Just peerKey) authorKey
+             guard $ checkACL ACLUpdate headBlock (Just peerKey) authorKey

             debug $ "JUST GOT TRANSACTION FROM STORAGE! ABOUT TO CHECK IT" <+> pretty hashRef

--- a/hbs2-peer/lib/HBS2/Peer/Proto/RefChan/Types.hs
+++ b/hbs2-peer/lib/HBS2/Peer/Proto/RefChan/Types.hs
@ -46,6 +46,9 @@ type RefChanAuthor e = PubKey 'Sign (Encryption e)

 type Weight = Integer

+data ACLType = ACLUpdate | ACLNotify
+              deriving stock (Eq,Ord,Generic,Data,Show)
+
 data RefChanHeadBlock e =
  RefChanHeadBlockSmall
   { _refChanHeadVersion     :: Integer
@ -363,15 +366,19 @@ getRefChanHead sto k = runMaybeT do


 checkACL :: forall e s . (Encryption e ~ s, ForRefChans e)
-         => RefChanHeadBlock e
+         => ACLType
+         -> RefChanHeadBlock e
         -> Maybe (PubKey 'Sign s)
         -> PubKey 'Sign s
         -> Bool

-checkACL theHead mbPeerKey authorKey = match
+checkACL acl theHead mbPeerKey authorKey = match
  where
    pips = view refChanHeadPeers theHead
    aus  = view refChanHeadAuthors theHead
+    notifiers = view refChanHeadNotifiers theHead
    match = maybe True (`HashMap.member` pips) mbPeerKey
-           && authorKey `HashSet.member` aus
+           && ( authorKey `HashSet.member` aus
+              || acl == ACLNotify && authorKey `HashSet.member` notifiers
+              )