voidlizard
/
hbs2
mirror of https://github.com/voidlizard/hbs2
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wip, separate acl for notifications

This commit is contained in:
Dmitry Zuikov 2024-04-10 06:42:27 +03:00
parent 6884bfe33f
commit a294f19aa3
4 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hbs2-peer/app/RefChan.hs
View File

@ -945,7 +945,7 @@ logMergeProcess penv env q = withPeerM penv do
hd <- MaybeT $ lift $ getHead menv headRef hd <- MaybeT $ lift $ getHead menv headRef
let quo = view refChanHeadQuorum hd & fromIntegral let quo = view refChanHeadQuorum hd & fromIntegral
guard $ checkACL hd (Just pk) ak guard $ checkACL ACLUpdate hd (Just pk) ak
pure [(href, (quo,mempty))] pure [(href, (quo,mempty))]
Accept _ box -> do Accept _ box -> do

2
hbs2-peer/lib/HBS2/Peer/Proto/RefChan/RefChanNotify.hs
View File

@ -79,7 +79,7 @@ refChanNotifyProto self adapter msg@(Notify rchan box) = do
let refchanKey = RefChanHeadKey @s rchan let refchanKey = RefChanHeadKey @s rchan
headBlock <- MaybeT $ getActualRefChanHead @e refchanKey headBlock <- MaybeT $ getActualRefChanHead @e refchanKey
guard $ checkACL headBlock Nothing authorKey guard $ checkACL ACLNotify headBlock Nothing authorKey
-- FIXME: garbage-collection-required -- FIXME: garbage-collection-required
liftIO $ putBlock sto (serialise msg) liftIO $ putBlock sto (serialise msg)

4
hbs2-peer/lib/HBS2/Peer/Proto/RefChan/RefChanUpdate.hs
View File

@ -295,7 +295,7 @@ refChanUpdateProto self pc adapter msg = do
let pips = view refChanHeadPeers headBlock let pips = view refChanHeadPeers headBlock
guard $ checkACL headBlock (Just peerKey) authorKey guard $ checkACL ACLUpdate headBlock (Just peerKey) authorKey
debug $ "OMG!!! TRANS AUTHORIZED" <+> pretty (AsBase58 peerKey) <+> pretty (AsBase58 authorKey) debug $ "OMG!!! TRANS AUTHORIZED" <+> pretty (AsBase58 peerKey) <+> pretty (AsBase58 authorKey)
@ -453,7 +453,7 @@ refChanUpdateProto self pc adapter msg = do
(authorKey, _) <- MaybeT $ pure $ unboxSignedBox0 pbox (authorKey, _) <- MaybeT $ pure $ unboxSignedBox0 pbox
-- может, и не надо второй раз проверять -- может, и не надо второй раз проверять
guard $ checkACL headBlock (Just peerKey) authorKey guard $ checkACL ACLUpdate headBlock (Just peerKey) authorKey
debug $ "JUST GOT TRANSACTION FROM STORAGE! ABOUT TO CHECK IT" <+> pretty hashRef debug $ "JUST GOT TRANSACTION FROM STORAGE! ABOUT TO CHECK IT" <+> pretty hashRef

13
hbs2-peer/lib/HBS2/Peer/Proto/RefChan/Types.hs
View File

@ -46,6 +46,9 @@ type RefChanAuthor e = PubKey 'Sign (Encryption e)
type Weight = Integer type Weight = Integer
data ACLType = ACLUpdate | ACLNotify
deriving stock (Eq,Ord,Generic,Data,Show)
data RefChanHeadBlock e = data RefChanHeadBlock e =
RefChanHeadBlockSmall RefChanHeadBlockSmall
{ _refChanHeadVersion :: Integer { _refChanHeadVersion :: Integer
@ -363,15 +366,19 @@ getRefChanHead sto k = runMaybeT do
checkACL :: forall e s . (Encryption e ~ s, ForRefChans e) checkACL :: forall e s . (Encryption e ~ s, ForRefChans e)
=> RefChanHeadBlock e => ACLType
-> RefChanHeadBlock e
-> Maybe (PubKey 'Sign s) -> Maybe (PubKey 'Sign s)
-> PubKey 'Sign s -> PubKey 'Sign s
-> Bool -> Bool
checkACL theHead mbPeerKey authorKey = match checkACL acl theHead mbPeerKey authorKey = match
where where
pips = view refChanHeadPeers theHead pips = view refChanHeadPeers theHead
aus = view refChanHeadAuthors theHead aus = view refChanHeadAuthors theHead
notifiers = view refChanHeadNotifiers theHead
match = maybe True (`HashMap.member` pips) mbPeerKey match = maybe True (`HashMap.member` pips) mbPeerKey
&& authorKey `HashSet.member` aus && ( authorKey `HashSet.member` aus
|| acl == ACLNotify && authorKey `HashSet.member` notifiers
)