diff --git a/README.md b/README.md index fd93db1d6f..3f8276b5cb 100644 --- a/README.md +++ b/README.md @@ -67,13 +67,16 @@ The following keys are loaded from the keyring on start: - `peer-key` Ed25519 private key (required) - `encryption-key` AES-128, AES-192, or AES-256 key (optional) +- `node-identity-key` Secp256k1 private key (optional). This key is used for node's identity. A secret to unlock the keyring is required on start and must be provided via the `DEFRA_KEYRING_SECRET` environment variable. If a `.env` file is available in the working directory, the secret can be stored there or via a file at a path defined by the `--secret-file` flag. -The keys will be randomly generated on the inital start of the node if they are not found. +The keys will be randomly generated on the initial start of the node if they are not found. Alternatively, to randomly generate the required keys, run the following command: +Node identity is an identity assigned to the node. It is used to exchange encryption keys with other nodes. + ``` defradb keyring generate ``` diff --git a/acp/identity/context.go b/acp/identity/context.go new file mode 100644 index 0000000000..6947bb49e3 --- /dev/null +++ b/acp/identity/context.go @@ -0,0 +1,41 @@ +// Copyright 2024 Democratized Data Foundation +// +// Use of this software is governed by the Business Source License +// included in the file licenses/BSL.txt. +// +// As of the Change Date specified in that file, in accordance with +// the Business Source License, use of this software will be governed +// by the Apache License, Version 2.0, included in the file +// licenses/APL.txt. + +package identity + +import ( + "context" + + "github.com/sourcenetwork/immutable" +) + +// identityContextKey is the key type for ACP identity context values. +type identityContextKey struct{} + +// FromContext returns the identity from the given context. +// +// If an identity does not exist `NoIdentity` is returned. +func FromContext(ctx context.Context) immutable.Option[Identity] { + identity, ok := ctx.Value(identityContextKey{}).(Identity) + if ok { + return immutable.Some(identity) + } + return None +} + +// WithContext returns a new context with the identity value set. +// +// This will overwrite any previously set identity value. +func WithContext(ctx context.Context, identity immutable.Option[Identity]) context.Context { + if identity.HasValue() { + return context.WithValue(ctx, identityContextKey{}, identity.Value()) + } + return context.WithValue(ctx, identityContextKey{}, nil) +} diff --git a/acp/identity/generate.go b/acp/identity/generate.go index d19ee6b2cb..4ea7e94fc8 100644 --- a/acp/identity/generate.go +++ b/acp/identity/generate.go @@ -11,24 +11,9 @@ package identity import ( - "encoding/hex" - "github.com/sourcenetwork/defradb/crypto" ) -// RawIdentity holds the raw bytes that make up an actor's identity. -type RawIdentity struct { - // PrivateKey is a secp256k1 private key that is a 256-bit big-endian - // binary-encoded number, padded to a length of 32 bytes in HEX format. - PrivateKey string - - // PublicKey is a compressed 33-byte secp256k1 public key in HEX format. - PublicKey string - - // DID is `did:key` key generated from the public key address. - DID string -} - // Generate generates a new identity. func Generate() (RawIdentity, error) { privateKey, err := crypto.GenerateSecp256k1() @@ -43,9 +28,5 @@ func Generate() (RawIdentity, error) { return RawIdentity{}, err } - return RawIdentity{ - PrivateKey: hex.EncodeToString(privateKey.Serialize()), - PublicKey: hex.EncodeToString(publicKey.SerializeCompressed()), - DID: did, - }, nil + return newRawIdentity(privateKey, publicKey, did), nil } diff --git a/acp/identity/identity.go b/acp/identity/identity.go index db022b8c74..4dee93deba 100644 --- a/acp/identity/identity.go +++ b/acp/identity/identity.go @@ -50,72 +50,22 @@ type Identity struct { } // FromPrivateKey returns a new identity using the given private key. -// -// - duration: The [time.Duration] that this identity is valid for. -// - audience: The audience that this identity is valid for. This is required -// by the Defra http client. For example `github.com/sourcenetwork/defradb` -// - authorizedAccount: An account that this identity is authorizing to make -// SourceHub calls on behalf of this actor. This is currently required when -// using SourceHub ACP. -// - skipTokenGeneration: If true, BearerToken will not be set. This parameter is -// provided as generating and signing the token is relatively slow, and only required -// by remote Defra clients (CLI, http), or if using SourceHub ACP. -func FromPrivateKey( - privateKey *secp256k1.PrivateKey, - duration time.Duration, - audience immutable.Option[string], - authorizedAccount immutable.Option[string], - skipTokenGeneration bool, -) (Identity, error) { +// In order to generate a fresh token for this identity, use the [UpdateToken] +func FromPrivateKey(privateKey *secp256k1.PrivateKey) (Identity, error) { publicKey := privateKey.PubKey() did, err := DIDFromPublicKey(publicKey) if err != nil { return Identity{}, err } - var signedToken []byte - if !skipTokenGeneration { - subject := hex.EncodeToString(publicKey.SerializeCompressed()) - now := time.Now() - - jwtBuilder := jwt.NewBuilder() - jwtBuilder = jwtBuilder.Subject(subject) - jwtBuilder = jwtBuilder.Expiration(now.Add(duration)) - jwtBuilder = jwtBuilder.NotBefore(now) - jwtBuilder = jwtBuilder.Issuer(did) - jwtBuilder = jwtBuilder.IssuedAt(now) - - if audience.HasValue() { - jwtBuilder = jwtBuilder.Audience([]string{audience.Value()}) - } - - token, err := jwtBuilder.Build() - if err != nil { - return Identity{}, err - } - - if authorizedAccount.HasValue() { - err = token.Set(acptypes.AuthorizedAccountClaim, authorizedAccount.Value()) - if err != nil { - return Identity{}, err - } - } - - signedToken, err = jwt.Sign(token, jwt.WithKey(BearerTokenSignatureScheme, privateKey.ToECDSA())) - if err != nil { - return Identity{}, err - } - } - return Identity{ - DID: did, - PrivateKey: privateKey, - PublicKey: publicKey, - BearerToken: string(signedToken), + DID: did, + PrivateKey: privateKey, + PublicKey: publicKey, }, nil } -// FromToken constructs a new `Indentity` from a bearer token. +// FromToken constructs a new `Identity` from a bearer token. func FromToken(data []byte) (Identity, error) { token, err := jwt.Parse(data, jwt.WithVerify(false)) if err != nil { @@ -158,3 +108,57 @@ func didFromPublicKey(publicKey *secp256k1.PublicKey, producer didProducer) (str } return did.String(), nil } + +// IntoRawIdentity converts an `Identity` into a `RawIdentity`. +func (identity Identity) IntoRawIdentity() RawIdentity { + return newRawIdentity(identity.PrivateKey, identity.PublicKey, identity.DID) +} + +// UpdateToken updates the `BearerToken` field of the `Identity`. +// +// - duration: The [time.Duration] that this identity is valid for. +// - audience: The audience that this identity is valid for. This is required +// by the Defra http client. For example `github.com/sourcenetwork/defradb` +// - authorizedAccount: An account that this identity is authorizing to make +// SourceHub calls on behalf of this actor. This is currently required when +// using SourceHub ACP. +func (identity *Identity) UpdateToken( + duration time.Duration, + audience immutable.Option[string], + authorizedAccount immutable.Option[string], +) error { + var signedToken []byte + subject := hex.EncodeToString(identity.PublicKey.SerializeCompressed()) + now := time.Now() + + jwtBuilder := jwt.NewBuilder() + jwtBuilder = jwtBuilder.Subject(subject) + jwtBuilder = jwtBuilder.Expiration(now.Add(duration)) + jwtBuilder = jwtBuilder.NotBefore(now) + jwtBuilder = jwtBuilder.Issuer(identity.DID) + jwtBuilder = jwtBuilder.IssuedAt(now) + + if audience.HasValue() { + jwtBuilder = jwtBuilder.Audience([]string{audience.Value()}) + } + + token, err := jwtBuilder.Build() + if err != nil { + return err + } + + if authorizedAccount.HasValue() { + err = token.Set(acptypes.AuthorizedAccountClaim, authorizedAccount.Value()) + if err != nil { + return err + } + } + + signedToken, err = jwt.Sign(token, jwt.WithKey(BearerTokenSignatureScheme, identity.PrivateKey.ToECDSA())) + if err != nil { + return err + } + + identity.BearerToken = string(signedToken) + return nil +} diff --git a/acp/identity/raw_identity.go b/acp/identity/raw_identity.go new file mode 100644 index 0000000000..88beeb7b96 --- /dev/null +++ b/acp/identity/raw_identity.go @@ -0,0 +1,73 @@ +// Copyright 2024 Democratized Data Foundation +// +// Use of this software is governed by the Business Source License +// included in the file licenses/BSL.txt. +// +// As of the Change Date specified in that file, in accordance with +// the Business Source License, use of this software will be governed +// by the Apache License, Version 2.0, included in the file +// licenses/APL.txt. + +package identity + +import ( + "encoding/hex" + + "github.com/decred/dcrd/dcrec/secp256k1/v4" +) + +// RawIdentity holds the raw bytes that make up an actor's identity. +type RawIdentity struct { + // PrivateKey is a secp256k1 private key that is a 256-bit big-endian + // binary-encoded number, padded to a length of 32 bytes in HEX format. + PrivateKey string + + // PublicKey is a compressed 33-byte secp256k1 public key in HEX format. + PublicKey string + + // DID is `did:key` key generated from the public key address. + DID string +} + +// PublicRawIdentity holds the raw bytes that make up an actor's identity that can be shared publicly. +type PublicRawIdentity struct { + // PublicKey is a compressed 33-byte secp256k1 public key in HEX format. + PublicKey string + + // DID is `did:key` key generated from the public key address. + DID string +} + +func newRawIdentity(privateKey *secp256k1.PrivateKey, publicKey *secp256k1.PublicKey, did string) RawIdentity { + res := RawIdentity{ + PublicKey: hex.EncodeToString(publicKey.SerializeCompressed()), + DID: did, + } + if privateKey != nil { + res.PrivateKey = hex.EncodeToString(privateKey.Serialize()) + } + return res +} + +func (r RawIdentity) Public() PublicRawIdentity { + return PublicRawIdentity{ + PublicKey: r.PublicKey, + DID: r.DID, + } +} + +// IntoIdentity converts a RawIdentity into an Identity. +func (r RawIdentity) IntoIdentity() (Identity, error) { + privateKeyBytes, err := hex.DecodeString(r.PrivateKey) + if err != nil { + return Identity{}, err + } + + privateKey := secp256k1.PrivKeyFromBytes(privateKeyBytes) + + return Identity{ + PublicKey: privateKey.PubKey(), + PrivateKey: privateKey, + DID: r.DID, + }, nil +} diff --git a/cli/acp_relationship_add.go b/cli/acp_relationship_add.go index 59b5c3cd32..c0838a2ce2 100644 --- a/cli/acp_relationship_add.go +++ b/cli/acp_relationship_add.go @@ -41,7 +41,7 @@ func MakeACPRelationshipAddCommand() *cobra.Command { Long: `Add new relationship To share a document (or grant a more restricted access) with another actor, we must add a relationship between the -actor and the document. Inorder to make the relationship we require all of the following: +actor and the document. In order to make the relationship we require all of the following: 1) Target DocID: The docID of the document we want to make a relationship for. 2) Collection Name: The name of the collection that has the Target DocID. 3) Relation Name: The type of relation (name must be defined within the linked policy on collection). @@ -52,7 +52,7 @@ Notes: - ACP must be available (i.e. ACP can not be disabled). - The target document must be registered with ACP already (policy & resource specified). - The requesting identity MUST either be the owner OR the manager (manages the relation) of the resource. - - If the specified relation was not granted the miminum DPI permissions (read or write) within the policy, + - If the specified relation was not granted the minimum DPI permissions (read or write) within the policy, and a relationship is formed, the subject/actor will still not be able to access (read or write) the resource. - Learn more about [ACP & DPI Rules](/acp/README.md) @@ -64,7 +64,7 @@ Example: Let another actor (4d092126012ebaf56161716018a71630d99443d9d5217e9d8502 --actor did:key:z7r8os2G88XXBNBTLj3kFR5rzUJ4VAesbX7PgsA68ak9B5RYcXF5EZEmjRzzinZndPSSwujXb4XKHG6vmKEFG6ZfsfcQn \ --identity e3b722906ee4e56368f581cd8b18ab0f48af1ea53e635e3f7b8acd076676f6ac -Example: Creating a dummy relationship does nothing (from database prespective): +Example: Creating a dummy relationship does nothing (from database perspective): defradb client acp relationship add \ -c Users \ --docID bae-ff3ceb1c-b5c0-5e86-a024-dd1b16a4261c \ diff --git a/cli/acp_relationship_delete.go b/cli/acp_relationship_delete.go index 7e0852e301..116ff49702 100644 --- a/cli/acp_relationship_delete.go +++ b/cli/acp_relationship_delete.go @@ -41,7 +41,7 @@ func MakeACPRelationshipDeleteCommand() *cobra.Command { Long: `Delete relationship To revoke access to a document for an actor, we must delete the relationship between the -actor and the document. Inorder to delete the relationship we require all of the following: +actor and the document. In order to delete the relationship we require all of the following: 1) Target DocID: The docID of the document we want to delete a relationship for. 2) Collection Name: The name of the collection that has the Target DocID. diff --git a/cli/cli.go b/cli/cli.go index f6950225a6..8f9d3fcbd1 100644 --- a/cli/cli.go +++ b/cli/cli.go @@ -121,6 +121,7 @@ func NewDefraCommand() *cobra.Command { MakePurgeCommand(), MakeDumpCommand(), MakeRequestCommand(), + MakeNodeIdentityCommand(), schema, acp, view, diff --git a/cli/node_identity.go b/cli/node_identity.go new file mode 100644 index 0000000000..d4e6c8969a --- /dev/null +++ b/cli/node_identity.go @@ -0,0 +1,50 @@ +// Copyright 2024 Democratized Data Foundation +// +// Use of this software is governed by the Business Source License +// included in the file licenses/BSL.txt. +// +// As of the Change Date specified in that file, in accordance with +// the Business Source License, use of this software will be governed +// by the Apache License, Version 2.0, included in the file +// licenses/APL.txt. + +package cli + +import ( + "github.com/spf13/cobra" +) + +func MakeNodeIdentityCommand() *cobra.Command { + var cmd = &cobra.Command{ + Use: "node-identity", + Short: "Get the public information about the node's identity", + Long: `Get the public information about the node's identity. + +Node uses the identity to be able to exchange encryption keys with other nodes. + +A public identity contains: +- A compressed 33-byte secp256k1 public key in HEX format. +- A "did:key" generated from the public key. + +Example to get the identity of the node: + defradb client node-identity + +`, + RunE: func(cmd *cobra.Command, args []string) error { + db := mustGetContextDB(cmd) + identity, err := db.GetNodeIdentity(cmd.Context()) + if err != nil { + return err + } + + if identity.HasValue() { + return writeJSON(cmd, identity.Value()) + } + + out := cmd.OutOrStdout() + _, err = out.Write([]byte("Node has no identity assigned to it\n")) + return err + }, + } + return cmd +} diff --git a/cli/start.go b/cli/start.go index 168e2a525c..0bd1510008 100644 --- a/cli/start.go +++ b/cli/start.go @@ -15,9 +15,12 @@ import ( "os/signal" "syscall" + "github.com/decred/dcrd/dcrec/secp256k1/v4" "github.com/sourcenetwork/immutable" "github.com/spf13/cobra" + "github.com/spf13/viper" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/crypto" "github.com/sourcenetwork/defradb/errors" "github.com/sourcenetwork/defradb/event" @@ -39,6 +42,11 @@ const devModeBanner = ` ` +const developmentDescription = `Enables a set of features that make development easier but should not be enabled ` + + `in production: + - allows purging of all persisted data + - generates temporary node identity if keyring is disabled` + func MakeStartCommand() *cobra.Command { var cmd = &cobra.Command{ Use: "start", @@ -100,39 +108,21 @@ func MakeStartCommand() *cobra.Command { if err != nil { return err } - // load the required peer key or generate one if it doesn't exist - peerKey, err := kr.Get(peerKeyName) - if err != nil && errors.Is(err, keyring.ErrNotFound) { - peerKey, err = crypto.GenerateEd25519() - if err != nil { - return err - } - err = kr.Set(peerKeyName, peerKey) - if err != nil { - return err - } - log.Info("generated peer key") - } else if err != nil { + opts, err = getOrCreatePeerKey(kr, opts) + if err != nil { return err } - opts = append(opts, net.WithPrivateKey(peerKey)) - // load the optional encryption key - encryptionKey, err := kr.Get(encryptionKeyName) - if err != nil && errors.Is(err, keyring.ErrNotFound) && !cfg.GetBool("datastore.noencryption") { - encryptionKey, err = crypto.GenerateAES256() - if err != nil { - return err - } - err = kr.Set(encryptionKeyName, encryptionKey) - if err != nil { - return err - } - log.Info("generated encryption key") - } else if err != nil && !errors.Is(err, keyring.ErrNotFound) { + opts, err = getOrCreateEncryptionKey(kr, cfg, opts) + if err != nil { + return err + } + + opts, err = getOrCreateIdentity(kr, opts) + if err != nil { return err } - opts = append(opts, node.WithBadgerEncryptionKey(encryptionKey)) + // setup the sourcehub transaction signer sourceHubKeyName := cfg.GetString("acp.sourceHub.KeyName") if sourceHubKeyName != "" { @@ -147,6 +137,15 @@ func MakeStartCommand() *cobra.Command { isDevMode := cfg.GetBool("development") if isDevMode { cmd.Printf(devModeBanner) + if cfg.GetBool("keyring.disabled") { + var err error + // TODO: we want to persist this identity so we can restart the node with the same identity + // even in development mode. https://github.com/sourcenetwork/defradb/issues/3148 + opts, err = addEphemeralIdentity(opts) + if err != nil { + return err + } + } } signalCh := make(chan os.Signal, 1) @@ -244,7 +243,7 @@ func MakeStartCommand() *cobra.Command { cmd.PersistentFlags().Bool( "development", cfg.GetBool(configFlags["development"]), - "Enables a set of features that make development easier but should not be enabled in production", + developmentDescription, ) cmd.Flags().Bool( "no-encryption", @@ -252,3 +251,79 @@ func MakeStartCommand() *cobra.Command { "Skip generating an encryption key. Encryption at rest will be disabled. WARNING: This cannot be undone.") return cmd } + +func getOrCreateEncryptionKey(kr keyring.Keyring, cfg *viper.Viper, opts []node.Option) ([]node.Option, error) { + encryptionKey, err := kr.Get(encryptionKeyName) + if err != nil && errors.Is(err, keyring.ErrNotFound) && !cfg.GetBool("datastore.noencryption") { + encryptionKey, err = crypto.GenerateAES256() + if err != nil { + return nil, err + } + err = kr.Set(encryptionKeyName, encryptionKey) + if err != nil { + return nil, err + } + log.Info("generated encryption key") + } else if err != nil && !errors.Is(err, keyring.ErrNotFound) { + return nil, err + } + opts = append(opts, node.WithBadgerEncryptionKey(encryptionKey)) + return opts, nil +} + +func getOrCreatePeerKey(kr keyring.Keyring, opts []node.Option) ([]node.Option, error) { + peerKey, err := kr.Get(peerKeyName) + if err != nil && errors.Is(err, keyring.ErrNotFound) { + peerKey, err = crypto.GenerateEd25519() + if err != nil { + return nil, err + } + err = kr.Set(peerKeyName, peerKey) + if err != nil { + return nil, err + } + log.Info("generated peer key") + } else if err != nil { + return nil, err + } + return append(opts, net.WithPrivateKey(peerKey)), nil +} + +func getOrCreateIdentity(kr keyring.Keyring, opts []node.Option) ([]node.Option, error) { + identityBytes, err := kr.Get(nodeIdentityKeyName) + if err != nil { + if !errors.Is(err, keyring.ErrNotFound) { + return nil, err + } + privateKey, err := crypto.GenerateSecp256k1() + if err != nil { + return nil, err + } + identityBytes := privateKey.Serialize() + err = kr.Set(nodeIdentityKeyName, identityBytes) + if err != nil { + return nil, err + } + } + + nodeIdentity, err := identity.FromPrivateKey(secp256k1.PrivKeyFromBytes(identityBytes)) + if err != nil { + return nil, err + } + + return append(opts, db.WithNodeIdentity(nodeIdentity)), nil +} + +func addEphemeralIdentity(opts []node.Option) ([]node.Option, error) { + privateKey, err := crypto.GenerateSecp256k1() + if err != nil { + return nil, err + } + + nodeIdentity, err := identity.FromPrivateKey(secp256k1.PrivKeyFromBytes(privateKey.Serialize())) + if err != nil { + return nil, err + } + + return append(opts, db.WithNodeIdentity(nodeIdentity)), nil +} diff --git a/cli/utils.go b/cli/utils.go index fb9b5a6d3f..4e1cf14cc5 100644 --- a/cli/utils.go +++ b/cli/utils.go @@ -23,6 +23,7 @@ import ( "github.com/spf13/cobra" "github.com/spf13/viper" + "github.com/sourcenetwork/defradb/acp/identity" acpIdentity "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/http" @@ -31,8 +32,9 @@ import ( ) const ( - peerKeyName = "peer-key" - encryptionKeyName = "encryption-key" + peerKeyName = "peer-key" + encryptionKeyName = "encryption-key" + nodeIdentityKeyName = "node-identity-key" ) type contextKey string @@ -163,18 +165,19 @@ func setContextIdentity(cmd *cobra.Command, privateKeyHex string) error { } privKey := secp256k1.PrivKeyFromBytes(data) - identity, err := acpIdentity.FromPrivateKey( - privKey, + ident, err := acpIdentity.FromPrivateKey(privKey) + if err != nil { + return err + } + err = ident.UpdateToken( authTokenExpiration, immutable.Some(cfg.GetString("api.address")), - sourcehubAddress, - false, - ) + sourcehubAddress) if err != nil { return err } - ctx := db.SetContextIdentity(cmd.Context(), immutable.Some(identity)) + ctx := identity.WithContext(cmd.Context(), immutable.Some(ident)) cmd.SetContext(ctx) return nil } @@ -185,11 +188,11 @@ func setContextRootDir(cmd *cobra.Command) error { if err != nil { return err } - home, err := os.UserHomeDir() - if err != nil { - return err - } if rootdir == "" { + home, err := os.UserHomeDir() + if err != nil { + return err + } rootdir = filepath.Join(home, ".defradb") } ctx := context.WithValue(cmd.Context(), rootDirContextKey, rootdir) diff --git a/client/db.go b/client/db.go index 30f123d286..e8942e8501 100644 --- a/client/db.go +++ b/client/db.go @@ -19,6 +19,7 @@ import ( "github.com/lens-vm/lens/host-go/config/model" "github.com/sourcenetwork/immutable" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/datastore" "github.com/sourcenetwork/defradb/event" ) @@ -135,6 +136,9 @@ type DB interface { relation string, targetActor string, ) (DeleteDocActorRelationshipResult, error) + + // GetNodeIdentity returns the identity of the node. + GetNodeIdentity(context.Context) (immutable.Option[identity.PublicRawIdentity], error) } // Store contains the core DefraDB read-write operations. diff --git a/client/mocks/db.go b/client/mocks/db.go index 7925c3c850..63fa0b5950 100644 --- a/client/mocks/db.go +++ b/client/mocks/db.go @@ -13,6 +13,8 @@ import ( go_datastore "github.com/ipfs/go-datastore" + identity "github.com/sourcenetwork/defradb/acp/identity" + immutable "github.com/sourcenetwork/immutable" mock "github.com/stretchr/testify/mock" @@ -1049,6 +1051,62 @@ func (_c *DB_GetCollections_Call) RunAndReturn(run func(context.Context, client. return _c } +// GetNodeIdentity provides a mock function with given fields: _a0 +func (_m *DB) GetNodeIdentity(_a0 context.Context) (immutable.Option[identity.PublicRawIdentity], error) { + ret := _m.Called(_a0) + + if len(ret) == 0 { + panic("no return value specified for GetNodeIdentity") + } + + var r0 immutable.Option[identity.PublicRawIdentity] + var r1 error + if rf, ok := ret.Get(0).(func(context.Context) (immutable.Option[identity.PublicRawIdentity], error)); ok { + return rf(_a0) + } + if rf, ok := ret.Get(0).(func(context.Context) immutable.Option[identity.PublicRawIdentity]); ok { + r0 = rf(_a0) + } else { + r0 = ret.Get(0).(immutable.Option[identity.PublicRawIdentity]) + } + + if rf, ok := ret.Get(1).(func(context.Context) error); ok { + r1 = rf(_a0) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// DB_GetNodeIdentity_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetNodeIdentity' +type DB_GetNodeIdentity_Call struct { + *mock.Call +} + +// GetNodeIdentity is a helper method to define mock.On call +// - _a0 context.Context +func (_e *DB_Expecter) GetNodeIdentity(_a0 interface{}) *DB_GetNodeIdentity_Call { + return &DB_GetNodeIdentity_Call{Call: _e.mock.On("GetNodeIdentity", _a0)} +} + +func (_c *DB_GetNodeIdentity_Call) Run(run func(_a0 context.Context)) *DB_GetNodeIdentity_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context)) + }) + return _c +} + +func (_c *DB_GetNodeIdentity_Call) Return(_a0 immutable.Option[identity.PublicRawIdentity], _a1 error) *DB_GetNodeIdentity_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *DB_GetNodeIdentity_Call) RunAndReturn(run func(context.Context) (immutable.Option[identity.PublicRawIdentity], error)) *DB_GetNodeIdentity_Call { + _c.Call.Return(run) + return _c +} + // GetSchemaByVersionID provides a mock function with given fields: _a0, _a1 func (_m *DB) GetSchemaByVersionID(_a0 context.Context, _a1 string) (client.SchemaDescription, error) { ret := _m.Called(_a0, _a1) diff --git a/docs/website/references/cli/defradb_client.md b/docs/website/references/cli/defradb_client.md index adbbb4eeaa..c23547e6ce 100644 --- a/docs/website/references/cli/defradb_client.md +++ b/docs/website/references/cli/defradb_client.md @@ -43,6 +43,7 @@ Execute queries, add schema types, obtain node info, etc. * [defradb client collection](defradb_client_collection.md) - Interact with a collection. * [defradb client dump](defradb_client_dump.md) - Dump the contents of DefraDB node-side * [defradb client index](defradb_client_index.md) - Manage collections' indexes of a running DefraDB instance +* [defradb client node-identity](defradb_client_node-identity.md) - Get the public information about the node's identity * [defradb client p2p](defradb_client_p2p.md) - Interact with the DefraDB P2P system * [defradb client purge](defradb_client_purge.md) - Delete all persisted data and restart * [defradb client query](defradb_client_query.md) - Send a DefraDB GraphQL query request diff --git a/docs/website/references/cli/defradb_client_acp_relationship_add.md b/docs/website/references/cli/defradb_client_acp_relationship_add.md index ba5647c163..1251ffb74e 100644 --- a/docs/website/references/cli/defradb_client_acp_relationship_add.md +++ b/docs/website/references/cli/defradb_client_acp_relationship_add.md @@ -7,7 +7,7 @@ Add new relationship Add new relationship To share a document (or grant a more restricted access) with another actor, we must add a relationship between the -actor and the document. Inorder to make the relationship we require all of the following: +actor and the document. In order to make the relationship we require all of the following: 1) Target DocID: The docID of the document we want to make a relationship for. 2) Collection Name: The name of the collection that has the Target DocID. 3) Relation Name: The type of relation (name must be defined within the linked policy on collection). @@ -18,7 +18,7 @@ Notes: - ACP must be available (i.e. ACP can not be disabled). - The target document must be registered with ACP already (policy & resource specified). - The requesting identity MUST either be the owner OR the manager (manages the relation) of the resource. - - If the specified relation was not granted the miminum DPI permissions (read or write) within the policy, + - If the specified relation was not granted the minimum DPI permissions (read or write) within the policy, and a relationship is formed, the subject/actor will still not be able to access (read or write) the resource. - Learn more about [ACP & DPI Rules](/acp/README.md) @@ -30,7 +30,7 @@ Example: Let another actor (4d092126012ebaf56161716018a71630d99443d9d5217e9d8502 --actor did:key:z7r8os2G88XXBNBTLj3kFR5rzUJ4VAesbX7PgsA68ak9B5RYcXF5EZEmjRzzinZndPSSwujXb4XKHG6vmKEFG6ZfsfcQn \ --identity e3b722906ee4e56368f581cd8b18ab0f48af1ea53e635e3f7b8acd076676f6ac -Example: Creating a dummy relationship does nothing (from database prespective): +Example: Creating a dummy relationship does nothing (from database perspective): defradb client acp relationship add \ -c Users \ --docID bae-ff3ceb1c-b5c0-5e86-a024-dd1b16a4261c \ diff --git a/docs/website/references/cli/defradb_client_acp_relationship_delete.md b/docs/website/references/cli/defradb_client_acp_relationship_delete.md index 501f5fb242..8da5e6a8ee 100644 --- a/docs/website/references/cli/defradb_client_acp_relationship_delete.md +++ b/docs/website/references/cli/defradb_client_acp_relationship_delete.md @@ -7,7 +7,7 @@ Delete relationship Delete relationship To revoke access to a document for an actor, we must delete the relationship between the -actor and the document. Inorder to delete the relationship we require all of the following: +actor and the document. In order to delete the relationship we require all of the following: 1) Target DocID: The docID of the document we want to delete a relationship for. 2) Collection Name: The name of the collection that has the Target DocID. diff --git a/docs/website/references/cli/defradb_client_node-identity.md b/docs/website/references/cli/defradb_client_node-identity.md new file mode 100644 index 0000000000..907a95990d --- /dev/null +++ b/docs/website/references/cli/defradb_client_node-identity.md @@ -0,0 +1,55 @@ +## defradb client node-identity + +Get the public information about the node's identity + +### Synopsis + +Get the public information about the node's identity. + +Node uses the identity to be able to exchange encryption keys with other nodes. + +A public identity contains: +- A compressed 33-byte secp256k1 public key in HEX format. +- A "did:key" generated from the public key. + +Example to get the identity of the node: + defradb client node-identity + + + +``` +defradb client node-identity [flags] +``` + +### Options + +``` + -h, --help help for node-identity +``` + +### Options inherited from parent commands + +``` + -i, --identity string Hex formatted private key used to authenticate with ACP + --keyring-backend string Keyring backend to use. Options are file or system (default "file") + --keyring-namespace string Service name to use when using the system backend (default "defradb") + --keyring-path string Path to store encrypted keys when using the file backend (default "keys") + --log-format string Log format to use. Options are text or json (default "text") + --log-level string Log level to use. Options are debug, info, error, fatal (default "info") + --log-output string Log output path. Options are stderr or stdout. (default "stderr") + --log-overrides string Logger config overrides. Format ,=,...;,... + --log-source Include source location in logs + --log-stacktrace Include stacktrace in error and fatal logs + --no-keyring Disable the keyring and generate ephemeral keys + --no-log-color Disable colored log output + --rootdir string Directory for persistent data (default: $HOME/.defradb) + --secret-file string Path to the file containing secrets (default ".env") + --source-hub-address string The SourceHub address authorized by the client to make SourceHub transactions on behalf of the actor + --tx uint Transaction ID + --url string URL of HTTP endpoint to listen on or connect to (default "127.0.0.1:9181") +``` + +### SEE ALSO + +* [defradb client](defradb_client.md) - Interact with a DefraDB node + diff --git a/docs/website/references/cli/defradb_start.md b/docs/website/references/cli/defradb_start.md index 79560ac62b..5aea7e8ed0 100644 --- a/docs/website/references/cli/defradb_start.md +++ b/docs/website/references/cli/defradb_start.md @@ -14,7 +14,9 @@ defradb start [flags] ``` --allowed-origins stringArray List of origins to allow for CORS requests - --development Enables a set of features that make development easier but should not be enabled in production + --development Enables a set of features that make development easier but should not be enabled in production: + - allows purging of all persisted data + - generates temporary node identity if keyring is disabled -h, --help help for start --max-txn-retries int Specify the maximum number of retries per transaction (default 5) --no-encryption Skip generating an encryption key. Encryption at rest will be disabled. WARNING: This cannot be undone. diff --git a/docs/website/references/http/openapi.json b/docs/website/references/http/openapi.json index d4cfdc830c..a6795d6959 100644 --- a/docs/website/references/http/openapi.json +++ b/docs/website/references/http/openapi.json @@ -395,6 +395,17 @@ }, "type": "object" }, + "identity": { + "properties": { + "DID": { + "type": "string" + }, + "PublicKey": { + "type": "string" + } + }, + "type": "object" + }, "index": { "properties": { "Fields": { @@ -1700,6 +1711,34 @@ ] } }, + "/node/identity": { + "get": { + "description": "Get node's public identity", + "operationId": "node_identity", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/identity" + } + } + }, + "description": "Identity" + }, + "400": { + "$ref": "#/components/responses/error" + }, + "default": { + "description": "" + } + }, + "tags": [ + "node", + "identity" + ] + } + }, "/p2p/collections": { "delete": { "description": "Remove peer collections", diff --git a/http/auth.go b/http/auth.go index 0c2d6ae28d..79f4262252 100644 --- a/http/auth.go +++ b/http/auth.go @@ -19,7 +19,6 @@ import ( "github.com/sourcenetwork/immutable" acpIdentity "github.com/sourcenetwork/defradb/acp/identity" - "github.com/sourcenetwork/defradb/internal/db" ) const ( @@ -58,19 +57,19 @@ func AuthMiddleware(next http.Handler) http.Handler { return } - identity, err := acpIdentity.FromToken([]byte(token)) + ident, err := acpIdentity.FromToken([]byte(token)) if err != nil { http.Error(rw, "forbidden", http.StatusForbidden) return } - err = verifyAuthToken(identity, strings.ToLower(req.Host)) + err = verifyAuthToken(ident, strings.ToLower(req.Host)) if err != nil { http.Error(rw, "forbidden", http.StatusForbidden) return } - ctx := db.SetContextIdentity(req.Context(), immutable.Some(identity)) + ctx := acpIdentity.WithContext(req.Context(), immutable.Some(ident)) next.ServeHTTP(rw, req.WithContext(ctx)) }) } diff --git a/http/auth_test.go b/http/auth_test.go index 7e7489e862..365ed98c89 100644 --- a/http/auth_test.go +++ b/http/auth_test.go @@ -28,13 +28,10 @@ func TestVerifyAuthToken(t *testing.T) { privKey, err := crypto.GenerateSecp256k1() require.NoError(t, err) - identity, err := acpIdentity.FromPrivateKey( - privKey, - time.Hour, - immutable.Some(audience), - immutable.None[string](), - false, - ) + identity, err := acpIdentity.FromPrivateKey(privKey) + require.NoError(t, err) + + err = identity.UpdateToken(time.Hour, immutable.Some(audience), immutable.None[string]()) require.NoError(t, err) err = verifyAuthToken(identity, audience) @@ -45,13 +42,10 @@ func TestVerifyAuthTokenErrorsWithNonMatchingAudience(t *testing.T) { privKey, err := crypto.GenerateSecp256k1() require.NoError(t, err) - identity, err := acpIdentity.FromPrivateKey( - privKey, - time.Hour, - immutable.Some("valid"), - immutable.None[string](), - false, - ) + identity, err := acpIdentity.FromPrivateKey(privKey) + require.NoError(t, err) + + err = identity.UpdateToken(time.Hour, immutable.Some("valid"), immutable.None[string]()) require.NoError(t, err) err = verifyAuthToken(identity, "invalid") @@ -64,14 +58,11 @@ func TestVerifyAuthTokenErrorsWithExpired(t *testing.T) { privKey, err := crypto.GenerateSecp256k1() require.NoError(t, err) - identity, err := acpIdentity.FromPrivateKey( - privKey, - // negative expiration - -time.Hour, - immutable.Some(audience), - immutable.None[string](), - false, - ) + identity, err := acpIdentity.FromPrivateKey(privKey) + require.NoError(t, err) + + // negative expiration + err = identity.UpdateToken(-time.Hour, immutable.Some(audience), immutable.None[string]()) require.NoError(t, err) err = verifyAuthToken(identity, "123abc") diff --git a/http/client.go b/http/client.go index ca43181c3c..2e57c017da 100644 --- a/http/client.go +++ b/http/client.go @@ -26,6 +26,7 @@ import ( "github.com/sourcenetwork/immutable" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/datastore" "github.com/sourcenetwork/defradb/event" @@ -508,3 +509,17 @@ func (c *Client) Events() *event.Bus { func (c *Client) MaxTxnRetries() int { panic("client side database") } + +func (c *Client) GetNodeIdentity(ctx context.Context) (immutable.Option[identity.PublicRawIdentity], error) { + methodURL := c.http.baseURL.JoinPath("node", "identity") + + req, err := http.NewRequestWithContext(ctx, http.MethodGet, methodURL.String(), nil) + if err != nil { + return immutable.None[identity.PublicRawIdentity](), err + } + var ident immutable.Option[identity.PublicRawIdentity] + if err := c.http.requestJson(req, &ident); err != nil { + return immutable.None[identity.PublicRawIdentity](), err + } + return ident, err +} diff --git a/http/errors.go b/http/errors.go index aa6d6537ac..f1e03d5882 100644 --- a/http/errors.go +++ b/http/errors.go @@ -29,17 +29,16 @@ const ( // This list is incomplete. Undefined errors may also be returned. // Errors returned from this package may be tested against these errors with errors.Is. var ( - ErrNoListener = errors.New("cannot serve with no listener") - ErrNoEmail = errors.New("email address must be specified for tls with autocert") - ErrInvalidRequestBody = errors.New("invalid request body") - ErrStreamingNotSupported = errors.New("streaming not supported") - ErrMigrationNotFound = errors.New("migration not found") - ErrMissingRequest = errors.New("missing request") - ErrInvalidTransactionId = errors.New("invalid transaction id") - ErrP2PDisabled = errors.New("p2p network is disabled") - ErrMethodIsNotImplemented = errors.New(errMethodIsNotImplemented) - ErrMissingIdentityPrivateKey = errors.New("identity has no private key") - ErrMissingIdentityPublicKey = errors.New("identity has no public key") + ErrNoListener = errors.New("cannot serve with no listener") + ErrNoEmail = errors.New("email address must be specified for tls with autocert") + ErrInvalidRequestBody = errors.New("invalid request body") + ErrStreamingNotSupported = errors.New("streaming not supported") + ErrMigrationNotFound = errors.New("migration not found") + ErrMissingRequest = errors.New("missing request") + ErrInvalidTransactionId = errors.New("invalid transaction id") + ErrP2PDisabled = errors.New("p2p network is disabled") + ErrMethodIsNotImplemented = errors.New(errMethodIsNotImplemented) + ErrMissingIdentity = errors.New("required identity is missing") ) type errorResponse struct { diff --git a/http/handler_store.go b/http/handler_store.go index 86ab9aeb2d..35436f3762 100644 --- a/http/handler_store.go +++ b/http/handler_store.go @@ -342,6 +342,17 @@ func (s *storeHandler) ExecRequest(rw http.ResponseWriter, req *http.Request) { } } +func (s *storeHandler) GetNodeIdentity(rw http.ResponseWriter, req *http.Request) { + db := mustGetContextClientDB(req) + + identity, err := db.GetNodeIdentity(req.Context()) + if err != nil { + responseJSON(rw, http.StatusBadRequest, errorResponse{err}) + return + } + responseJSON(rw, http.StatusOK, identity) +} + func (h *storeHandler) bindRoutes(router *Router) { successResponse := &openapi3.ResponseRef{ Ref: "#/components/responses/success", @@ -373,6 +384,9 @@ func (h *storeHandler) bindRoutes(router *Router) { patchSchemaRequestSchema := &openapi3.SchemaRef{ Ref: "#/components/schemas/patch_schema_request", } + identitySchema := &openapi3.SchemaRef{ + Ref: "#/components/schemas/identity", + } graphQLResponseSchema := openapi3.NewObjectSchema(). WithProperties(map[string]*openapi3.Schema{ @@ -518,13 +532,13 @@ func (h *storeHandler) bindRoutes(router *Router) { patchCollection.Responses.Set("200", successResponse) patchCollection.Responses.Set("400", errorResponse) - collectionDefintionsSchema := openapi3.NewArraySchema() - collectionDefintionsSchema.Items = collectionDefinitionSchema + collectionDefinitionsSchema := openapi3.NewArraySchema() + collectionDefinitionsSchema.Items = collectionDefinitionSchema addViewResponseSchema := openapi3.NewOneOfSchema() addViewResponseSchema.OneOf = openapi3.SchemaRefs{ collectionDefinitionSchema, - openapi3.NewSchemaRef("", collectionDefintionsSchema), + openapi3.NewSchemaRef("", collectionDefinitionsSchema), } addViewResponse := openapi3.NewResponse(). @@ -629,6 +643,17 @@ func (h *storeHandler) bindRoutes(router *Router) { debugDump.Responses.Set("200", successResponse) debugDump.Responses.Set("400", errorResponse) + identityResponse := openapi3.NewResponse(). + WithDescription("Identity"). + WithJSONSchemaRef(identitySchema) + + nodeIdentity := openapi3.NewOperation() + nodeIdentity.OperationID = "node_identity" + nodeIdentity.Description = "Get node's public identity" + nodeIdentity.Tags = []string{"node", "identity"} + nodeIdentity.AddResponse(200, identityResponse) + nodeIdentity.Responses.Set("400", errorResponse) + router.AddRoute("/backup/export", http.MethodPost, backupExport, h.BasicExport) router.AddRoute("/backup/import", http.MethodPost, backupImport, h.BasicImport) router.AddRoute("/collections", http.MethodGet, collectionDescribe, h.GetCollection) @@ -643,4 +668,5 @@ func (h *storeHandler) bindRoutes(router *Router) { router.AddRoute("/schema", http.MethodGet, schemaDescribe, h.GetSchema) router.AddRoute("/schema/default", http.MethodPost, setActiveSchemaVersion, h.SetActiveSchemaVersion) router.AddRoute("/lens", http.MethodPost, setMigration, h.SetMigration) + router.AddRoute("/node/identity", http.MethodGet, nodeIdentity, h.GetNodeIdentity) } diff --git a/http/http_client.go b/http/http_client.go index 5b7b75577d..aa020222c2 100644 --- a/http/http_client.go +++ b/http/http_client.go @@ -18,6 +18,7 @@ import ( "net/url" "strings" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/internal/db" ) @@ -48,7 +49,7 @@ func (c *httpClient) setDefaultHeaders(req *http.Request) error { if ok { req.Header.Set(txHeaderName, fmt.Sprintf("%d", txn.ID())) } - id := db.GetContextIdentity(req.Context()) + id := identity.FromContext(req.Context()) if !id.HasValue() { return nil } diff --git a/http/openapi.go b/http/openapi.go index b3c82d1662..850ce081f4 100644 --- a/http/openapi.go +++ b/http/openapi.go @@ -15,6 +15,7 @@ import ( "github.com/getkin/kin-openapi/openapi3gen" "github.com/libp2p/go-libp2p/core/peer" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" ) @@ -47,6 +48,7 @@ var openApiSchemas = map[string]any{ "acp_relationship_add_result": &client.AddDocActorRelationshipResult{}, "acp_relationship_delete_request": &deleteDocActorRelationshipRequest{}, "acp_relationship_delete_result": &client.DeleteDocActorRelationshipResult{}, + "identity": &identity.PublicRawIdentity{}, } func NewOpenAPISpec() (*openapi3.T, error) { diff --git a/internal/db/backup_test.go b/internal/db/backup_test.go index 033f95bcd7..b76a42bfd6 100644 --- a/internal/db/backup_test.go +++ b/internal/db/backup_test.go @@ -18,6 +18,7 @@ import ( "github.com/stretchr/testify/require" + "github.com/sourcenetwork/defradb/acp/identity" acpIdentity "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" ) @@ -66,7 +67,7 @@ func TestBasicExport_WithNormalFormatting_NoError(t *testing.T) { require.NoError(t, err) defer txn.Discard(ctx) - ctx = SetContextIdentity(ctx, acpIdentity.None) + ctx = identity.WithContext(ctx, acpIdentity.None) ctx = SetContextTxn(ctx, txn) filepath := t.TempDir() + "/test.json" @@ -131,7 +132,7 @@ func TestBasicExport_WithPrettyFormatting_NoError(t *testing.T) { require.NoError(t, err) defer txn.Discard(ctx) - ctx = SetContextIdentity(ctx, acpIdentity.None) + ctx = identity.WithContext(ctx, acpIdentity.None) ctx = SetContextTxn(ctx, txn) filepath := t.TempDir() + "/test.json" @@ -196,7 +197,7 @@ func TestBasicExport_WithSingleCollection_NoError(t *testing.T) { require.NoError(t, err) defer txn.Discard(ctx) - ctx = SetContextIdentity(ctx, acpIdentity.None) + ctx = identity.WithContext(ctx, acpIdentity.None) ctx = SetContextTxn(ctx, txn) filepath := t.TempDir() + "/test.json" @@ -273,7 +274,7 @@ func TestBasicExport_WithMultipleCollectionsAndUpdate_NoError(t *testing.T) { require.NoError(t, err) defer txn.Discard(ctx) - ctx = SetContextIdentity(ctx, acpIdentity.None) + ctx = identity.WithContext(ctx, acpIdentity.None) ctx = SetContextTxn(ctx, txn) filepath := t.TempDir() + "/test.json" @@ -338,7 +339,7 @@ func TestBasicExport_EnsureFileOverwrite_NoError(t *testing.T) { require.NoError(t, err) defer txn.Discard(ctx) - ctx = SetContextIdentity(ctx, acpIdentity.None) + ctx = identity.WithContext(ctx, acpIdentity.None) ctx = SetContextTxn(ctx, txn) filepath := t.TempDir() + "/test.json" @@ -386,7 +387,7 @@ func TestBasicImport_WithMultipleCollectionsAndObjects_NoError(t *testing.T) { txn, err := db.NewTxn(ctx, false) require.NoError(t, err) - ctx = SetContextIdentity(ctx, acpIdentity.None) + ctx = identity.WithContext(ctx, acpIdentity.None) ctx = SetContextTxn(ctx, txn) filepath := t.TempDir() + "/test.json" @@ -406,7 +407,7 @@ func TestBasicImport_WithMultipleCollectionsAndObjects_NoError(t *testing.T) { txn, err = db.NewTxn(ctx, true) require.NoError(t, err) - ctx = SetContextIdentity(ctx, acpIdentity.None) + ctx = identity.WithContext(ctx, acpIdentity.None) ctx = SetContextTxn(ctx, txn) col1, err := db.getCollectionByName(ctx, "Address") diff --git a/internal/db/collection_acp.go b/internal/db/collection_acp.go index 9ca432f9aa..fa263c7aeb 100644 --- a/internal/db/collection_acp.go +++ b/internal/db/collection_acp.go @@ -14,6 +14,7 @@ import ( "context" "github.com/sourcenetwork/defradb/acp" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/internal/db/permission" ) @@ -36,10 +37,9 @@ func (c *collection) registerDocWithACP( if !c.db.acp.HasValue() { return nil } - identity := GetContextIdentity(ctx) return permission.RegisterDocOnCollectionWithACP( ctx, - identity, + identity.FromContext(ctx), c.db.acp.Value(), c, docID, @@ -55,10 +55,9 @@ func (c *collection) checkAccessOfDocWithACP( if !c.db.acp.HasValue() { return true, nil } - identity := GetContextIdentity(ctx) return permission.CheckAccessOfDocOnCollectionWithACP( ctx, - identity, + identity.FromContext(ctx), c.db.acp.Value(), c, dpiPermission, diff --git a/internal/db/collection_get.go b/internal/db/collection_get.go index 87c8ccbca6..05e6d43308 100644 --- a/internal/db/collection_get.go +++ b/internal/db/collection_get.go @@ -13,6 +13,7 @@ package db import ( "context" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/internal/core" "github.com/sourcenetwork/defradb/internal/db/base" @@ -59,11 +60,10 @@ func (c *collection) get( showDeleted bool, ) (*client.Document, error) { txn := mustGetContextTxn(ctx) - identity := GetContextIdentity(ctx) // create a new document fetcher df := c.newFetcher() // initialize it with the primary index - err := df.Init(ctx, identity, txn, c.db.acp, c, fields, nil, nil, false, showDeleted) + err := df.Init(ctx, identity.FromContext(ctx), txn, c.db.acp, c, fields, nil, nil, false, showDeleted) if err != nil { _ = df.Close() return nil, err diff --git a/internal/db/collection_index.go b/internal/db/collection_index.go index a0786eb8c8..eb2b1b8d4c 100644 --- a/internal/db/collection_index.go +++ b/internal/db/collection_index.go @@ -20,6 +20,7 @@ import ( "github.com/sourcenetwork/immutable" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/client/request" "github.com/sourcenetwork/defradb/datastore" @@ -297,12 +298,11 @@ func (c *collection) iterateAllDocs( exec func(doc *client.Document) error, ) error { txn := mustGetContextTxn(ctx) - identity := GetContextIdentity(ctx) df := c.newFetcher() err := df.Init( ctx, - identity, + identity.FromContext(ctx), txn, c.db.acp, c, diff --git a/internal/db/collection_update.go b/internal/db/collection_update.go index 2348095500..29619c48cc 100644 --- a/internal/db/collection_update.go +++ b/internal/db/collection_update.go @@ -16,6 +16,7 @@ import ( "github.com/sourcenetwork/immutable" "github.com/valyala/fastjson" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/client/request" "github.com/sourcenetwork/defradb/internal/planner" @@ -163,10 +164,9 @@ func (c *collection) makeSelectionPlan( } txn := mustGetContextTxn(ctx) - identity := GetContextIdentity(ctx) planner := planner.New( ctx, - identity, + identity.FromContext(ctx), c.db.acp, c.db, txn, diff --git a/internal/db/config.go b/internal/db/config.go index f2fc942ae2..03fd9df7d9 100644 --- a/internal/db/config.go +++ b/internal/db/config.go @@ -14,6 +14,8 @@ import ( "time" "github.com/sourcenetwork/immutable" + + "github.com/sourcenetwork/defradb/acp/identity" ) const ( @@ -24,6 +26,7 @@ const ( type dbOptions struct { maxTxnRetries immutable.Option[int] RetryIntervals []time.Duration + identity immutable.Option[identity.Identity] } // defaultOptions returns the default db options. @@ -59,3 +62,9 @@ func WithRetryInterval(interval []time.Duration) Option { } } } + +func WithNodeIdentity(ident identity.Identity) Option { + return func(opts *dbOptions) { + opts.identity = immutable.Some(ident) + } +} diff --git a/internal/db/context.go b/internal/db/context.go index a2fa50507f..2af3d95a22 100644 --- a/internal/db/context.go +++ b/internal/db/context.go @@ -13,18 +13,12 @@ package db import ( "context" - "github.com/sourcenetwork/immutable" - - acpIdentity "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/datastore" ) // txnContextKey is the key type for transaction context values. type txnContextKey struct{} -// identityContextKey is the key type for ACP identity context values. -type identityContextKey struct{} - // explicitTxn is a transaction that is managed outside of a db operation. type explicitTxn struct { datastore.Txn @@ -85,24 +79,3 @@ func TryGetContextTxn(ctx context.Context) (datastore.Txn, bool) { func SetContextTxn(ctx context.Context, txn datastore.Txn) context.Context { return context.WithValue(ctx, txnContextKey{}, txn) } - -// GetContextIdentity returns the identity from the given context. -// -// If an identity does not exist `NoIdentity` is returned. -func GetContextIdentity(ctx context.Context) immutable.Option[acpIdentity.Identity] { - identity, ok := ctx.Value(identityContextKey{}).(acpIdentity.Identity) - if ok { - return immutable.Some(identity) - } - return acpIdentity.None -} - -// SetContextTxn returns a new context with the identity value set. -// -// This will overwrite any previously set identity value. -func SetContextIdentity(ctx context.Context, identity immutable.Option[acpIdentity.Identity]) context.Context { - if identity.HasValue() { - return context.WithValue(ctx, identityContextKey{}, identity.Value()) - } - return context.WithValue(ctx, identityContextKey{}, nil) -} diff --git a/internal/db/db.go b/internal/db/db.go index 1e52b16437..2e5363b94b 100644 --- a/internal/db/db.go +++ b/internal/db/db.go @@ -27,6 +27,7 @@ import ( "github.com/sourcenetwork/immutable" "github.com/sourcenetwork/defradb/acp" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/datastore" "github.com/sourcenetwork/defradb/errors" @@ -75,6 +76,9 @@ type db struct { // The ID of the last transaction created. previousTxnID atomic.Uint64 + // The identity of the current node + nodeIdentity immutable.Option[identity.Identity] + // Contains ACP if it exists acp immutable.Option[acp.ACP] @@ -140,6 +144,8 @@ func newDB( db.maxTxnRetries = opts.maxTxnRetries } + db.nodeIdentity = opts.identity + if lens != nil { lens.Init(db) } @@ -208,11 +214,9 @@ func (db *db) AddPolicy( return client.AddPolicyResult{}, client.ErrACPOperationButACPNotAvailable } - identity := GetContextIdentity(ctx) - policyID, err := db.acp.Value().AddPolicy( ctx, - identity.Value(), + identity.FromContext(ctx).Value(), policy, ) if err != nil { @@ -243,15 +247,13 @@ func (db *db) AddDocActorRelationship( return client.AddDocActorRelationshipResult{}, client.ErrACPOperationButCollectionHasNoPolicy } - identity := GetContextIdentity(ctx) - exists, err := db.acp.Value().AddDocActorRelationship( ctx, policyID, resourceName, docID, relation, - identity.Value(), + identity.FromContext(ctx).Value(), targetActor, ) @@ -283,15 +285,13 @@ func (db *db) DeleteDocActorRelationship( return client.DeleteDocActorRelationshipResult{}, client.ErrACPOperationButCollectionHasNoPolicy } - identity := GetContextIdentity(ctx) - recordFound, err := db.acp.Value().DeleteDocActorRelationship( ctx, policyID, resourceName, docID, relation, - identity.Value(), + identity.FromContext(ctx).Value(), targetActor, ) @@ -302,6 +302,13 @@ func (db *db) DeleteDocActorRelationship( return client.DeleteDocActorRelationshipResult{RecordFound: recordFound}, nil } +func (db *db) GetNodeIdentity(context.Context) (immutable.Option[identity.PublicRawIdentity], error) { + if db.nodeIdentity.HasValue() { + return immutable.Some(db.nodeIdentity.Value().IntoRawIdentity().Public()), nil + } + return immutable.None[identity.PublicRawIdentity](), nil +} + // Initialize is called when a database is first run and creates all the db global meta data // like Collection ID counters. func (db *db) initialize(ctx context.Context) error { diff --git a/internal/db/request.go b/internal/db/request.go index 560e270d0b..611382d6c2 100644 --- a/internal/db/request.go +++ b/internal/db/request.go @@ -13,6 +13,7 @@ package db import ( "context" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/internal/planner" ) @@ -47,8 +48,7 @@ func (db *db) execRequest(ctx context.Context, request string, options *client.G } txn := mustGetContextTxn(ctx) - identity := GetContextIdentity(ctx) - planner := planner.New(ctx, identity, db.acp, db, txn) + planner := planner.New(ctx, identity.FromContext(ctx), db.acp, db, txn) results, err := planner.RunRequest(ctx, parsedRequest) if err != nil { diff --git a/internal/db/subscriptions.go b/internal/db/subscriptions.go index b876d6c90c..4b92b127fc 100644 --- a/internal/db/subscriptions.go +++ b/internal/db/subscriptions.go @@ -13,6 +13,7 @@ package db import ( "context" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/client/request" "github.com/sourcenetwork/defradb/event" @@ -65,9 +66,8 @@ func (db *db) handleSubscription(ctx context.Context, r *request.Request) (<-cha } ctx := SetContextTxn(ctx, txn) - identity := GetContextIdentity(ctx) - p := planner.New(ctx, identity, db.acp, db, txn) + p := planner.New(ctx, identity.FromContext(ctx), db.acp, db, txn) s := subRequest.ToSelect(evt.DocID, evt.Cid.String()) result, err := p.RunSelection(ctx, s) diff --git a/internal/db/view.go b/internal/db/view.go index 8fb54ccb24..9c1e5eaafd 100644 --- a/internal/db/view.go +++ b/internal/db/view.go @@ -20,6 +20,7 @@ import ( "github.com/lens-vm/lens/host-go/config/model" "github.com/sourcenetwork/immutable" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/client/request" "github.com/sourcenetwork/defradb/internal/core" @@ -144,9 +145,8 @@ func (db *db) getViews(ctx context.Context, opts client.CollectionFetchOptions) func (db *db) buildViewCache(ctx context.Context, col client.CollectionDefinition) (err error) { txn := mustGetContextTxn(ctx) - identity := GetContextIdentity(ctx) - p := planner.New(ctx, identity, db.acp, db, txn) + p := planner.New(ctx, identity.FromContext(ctx), db.acp, db, txn) // temporarily disable the cache in order to query without using it col.Description.IsMaterialized = false diff --git a/node/node.go b/node/node.go index d5e62bc1bb..0a1b813862 100644 --- a/node/node.go +++ b/node/node.go @@ -136,14 +136,17 @@ func (n *Node) Start(ctx context.Context) error { if err != nil { return err } + acp, err := NewACP(ctx, n.acpOpts...) if err != nil { return err } + lens, err := NewLens(ctx, n.lensOpts...) if err != nil { return err } + n.DB, err = db.NewDB(ctx, rootstore, acp, lens, n.dbOpts...) if err != nil { return err diff --git a/tests/clients/cli/wrapper.go b/tests/clients/cli/wrapper.go index f468cec0f9..70ee022261 100644 --- a/tests/clients/cli/wrapper.go +++ b/tests/clients/cli/wrapper.go @@ -26,6 +26,7 @@ import ( "github.com/sourcenetwork/immutable" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/cli" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/datastore" @@ -550,7 +551,10 @@ func (w *Wrapper) MaxTxnRetries() int { } func (w *Wrapper) PrintDump(ctx context.Context) error { - return w.node.DB.PrintDump(ctx) + args := []string{"dump"} + + _, err := w.cmd.execute(ctx, args) + return err } func (w *Wrapper) Connect(ctx context.Context, addr peer.AddrInfo) error { @@ -560,3 +564,17 @@ func (w *Wrapper) Connect(ctx context.Context, addr peer.AddrInfo) error { func (w *Wrapper) Host() string { return w.httpServer.URL } + +func (w *Wrapper) GetNodeIdentity(ctx context.Context) (immutable.Option[identity.PublicRawIdentity], error) { + args := []string{"client", "node-identity"} + + data, err := w.cmd.execute(ctx, args) + if err != nil { + return immutable.None[identity.PublicRawIdentity](), err + } + var res identity.PublicRawIdentity + if err := json.Unmarshal(data, &res); err != nil { + return immutable.None[identity.PublicRawIdentity](), err + } + return immutable.Some(res), nil +} diff --git a/tests/clients/cli/wrapper_cli.go b/tests/clients/cli/wrapper_cli.go index 39e5ef6290..65865d4cbb 100644 --- a/tests/clients/cli/wrapper_cli.go +++ b/tests/clients/cli/wrapper_cli.go @@ -17,6 +17,7 @@ import ( "io" "strings" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/cli" "github.com/sourcenetwork/defradb/internal/db" ) @@ -60,7 +61,7 @@ func (w *cliWrapper) executeStream(ctx context.Context, args []string) (io.ReadC if ok { args = append(args, "--tx", fmt.Sprintf("%d", tx.ID())) } - id := db.GetContextIdentity(ctx) + id := identity.FromContext(ctx) if id.HasValue() && id.Value().PrivateKey != nil { args = append(args, "--identity", hex.EncodeToString(id.Value().PrivateKey.Serialize())) args = append(args, "--source-hub-address", w.sourceHubAddress) diff --git a/tests/clients/http/wrapper.go b/tests/clients/http/wrapper.go index 7438fa8cce..2e7b6885e0 100644 --- a/tests/clients/http/wrapper.go +++ b/tests/clients/http/wrapper.go @@ -20,6 +20,7 @@ import ( "github.com/sourcenetwork/immutable" + "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/datastore" "github.com/sourcenetwork/defradb/event" @@ -281,3 +282,7 @@ func (w *Wrapper) Connect(ctx context.Context, addr peer.AddrInfo) error { func (w *Wrapper) Host() string { return w.httpServer.URL } + +func (w *Wrapper) GetNodeIdentity(ctx context.Context) (immutable.Option[identity.PublicRawIdentity], error) { + return w.client.GetNodeIdentity(ctx) +} diff --git a/tests/integration/acp.go b/tests/integration/acp.go index f58f1963d8..8269245757 100644 --- a/tests/integration/acp.go +++ b/tests/integration/acp.go @@ -29,8 +29,6 @@ import ( "github.com/sourcenetwork/immutable" "github.com/stretchr/testify/require" - acpIdentity "github.com/sourcenetwork/defradb/acp/identity" - "github.com/sourcenetwork/defradb/internal/db" "github.com/sourcenetwork/defradb/keyring" "github.com/sourcenetwork/defradb/node" "github.com/sourcenetwork/defradb/tests/clients/cli" @@ -90,7 +88,7 @@ type AddPolicy struct { Policy string // The policy creator identity, i.e. actor creating the policy. - Identity immutable.Option[int] + Identity immutable.Option[identityRef] // The expected policyID generated based on the Policy loaded in to the ACP system. ExpectedPolicyID string @@ -114,9 +112,7 @@ func addPolicyACP( nodeIDs, nodes := getNodesWithIDs(action.NodeID, s.nodes) for index, node := range nodes { - nodeID := nodeIDs[index] - identity := getIdentity(s, nodeID, action.Identity) - ctx := db.SetContextIdentity(s.ctx, identity) + ctx := getContextWithIdentity(s.ctx, s, action.Identity, nodeIDs[index]) policyResult, err := node.AddPolicy(ctx, action.Policy) expectedErrorRaised := AssertError(s.t, s.testCase.Description, err, action.ExpectedError) @@ -162,14 +158,14 @@ type AddDocActorRelationship struct { // The target public identity, i.e. the identity of the actor to tie the document's relation with. // - // This is a required field. To test the invalid usage of not having this arg, use -1 index. - TargetIdentity int + // This is a required field. To test the invalid usage of not having this arg, use NoIdentity() or leave default. + TargetIdentity immutable.Option[identityRef] // The requestor identity, i.e. identity of the actor creating the relationship. // Note: This identity must either own or have managing access defined in the policy. // - // This is a required field. To test the invalid usage of not having this arg, use -1 index. - RequestorIdentity int + // This is a required field. To test the invalid usage of not having this arg, use NoIdentity() or leave default. + RequestorIdentity immutable.Option[identityRef] // Result returns true if it was a no-op due to existing before, and false if a new relationship was made. ExpectedExistence bool @@ -189,52 +185,14 @@ func addDocActorRelationshipACP( for index, node := range nodes { nodeID := nodeIDs[index] - var collectionName string - if action.CollectionID == -1 { - collectionName = "" - } else { - collection := s.collections[nodeID][action.CollectionID] - if !collection.Description().Name.HasValue() { - require.Fail(s.t, "Expected non-empty collection name, but it was empty.", s.testCase.Description) - } - collectionName = collection.Description().Name.Value() - } - - var docID string - if action.DocID == -1 || action.CollectionID == -1 { - docID = "" - } else { - docID = s.docIDs[action.CollectionID][action.DocID].String() - } - - var targetIdentity string - if action.TargetIdentity == -1 { - targetIdentity = "" - } else { - optionalTargetIdentity := getIdentity(s, nodeID, immutable.Some(action.TargetIdentity)) - if !optionalTargetIdentity.HasValue() { - require.Fail(s.t, "Expected non-empty target identity, but it was empty.", s.testCase.Description) - } - targetIdentity = optionalTargetIdentity.Value().DID - } - - var requestorIdentity immutable.Option[acpIdentity.Identity] - if action.RequestorIdentity == -1 { - requestorIdentity = acpIdentity.None - } else { - requestorIdentity = getIdentity(s, nodeID, immutable.Some(action.RequestorIdentity)) - if !requestorIdentity.HasValue() { - require.Fail(s.t, "Expected non-empty requestor identity, but it was empty.", s.testCase.Description) - } - } - ctx := db.SetContextIdentity(s.ctx, requestorIdentity) + collectionName, docID := getCollectionAndDocInfo(s, action.CollectionID, action.DocID, nodeID) exists, err := node.AddDocActorRelationship( - ctx, + getContextWithIdentity(s.ctx, s, action.RequestorIdentity, nodeID), collectionName, docID, action.Relation, - targetIdentity, + getIdentityDID(s, action.TargetIdentity), ) expectedErrorRaised := AssertError(s.t, s.testCase.Description, err, action.ExpectedError) @@ -280,14 +238,14 @@ type DeleteDocActorRelationship struct { // The target public identity, i.e. the identity of the actor with whom the relationship is with. // - // This is a required field. To test the invalid usage of not having this arg, use -1 index. - TargetIdentity int + // This is a required field. To test the invalid usage of not having this arg, use NoIdentity() or leave default. + TargetIdentity immutable.Option[identityRef] // The requestor identity, i.e. identity of the actor deleting the relationship. // Note: This identity must either own or have managing access defined in the policy. // - // This is a required field. To test the invalid usage of not having this arg, use -1 index. - RequestorIdentity int + // This is a required field. To test the invalid usage of not having this arg, use NoIdentity() or leave default. + RequestorIdentity immutable.Option[identityRef] // Result returns true if the relationship record was expected to be found and deleted, // and returns false if no matching relationship record was found (no-op). @@ -308,52 +266,14 @@ func deleteDocActorRelationshipACP( for index, node := range nodes { nodeID := nodeIDs[index] - var collectionName string - if action.CollectionID == -1 { - collectionName = "" - } else { - collection := s.collections[nodeID][action.CollectionID] - if !collection.Description().Name.HasValue() { - require.Fail(s.t, "Expected non-empty collection name, but it was empty.", s.testCase.Description) - } - collectionName = collection.Description().Name.Value() - } - - var docID string - if action.DocID == -1 || action.CollectionID == -1 { - docID = "" - } else { - docID = s.docIDs[action.CollectionID][action.DocID].String() - } - - var targetIdentity string - if action.TargetIdentity == -1 { - targetIdentity = "" - } else { - optionalTargetIdentity := getIdentity(s, nodeID, immutable.Some(action.TargetIdentity)) - if !optionalTargetIdentity.HasValue() { - require.Fail(s.t, "Expected non-empty target identity, but it was empty.", s.testCase.Description) - } - targetIdentity = optionalTargetIdentity.Value().DID - } - - var requestorIdentity immutable.Option[acpIdentity.Identity] - if action.RequestorIdentity == -1 { - requestorIdentity = acpIdentity.None - } else { - requestorIdentity = getIdentity(s, nodeID, immutable.Some(action.RequestorIdentity)) - if !requestorIdentity.HasValue() { - require.Fail(s.t, "Expected non-empty requestor identity, but it was empty.", s.testCase.Description) - } - } - ctx := db.SetContextIdentity(s.ctx, requestorIdentity) + collectionName, docID := getCollectionAndDocInfo(s, action.CollectionID, action.DocID, nodeID) deleteDocActorRelationshipResult, err := node.DeleteDocActorRelationship( - ctx, + getContextWithIdentity(s.ctx, s, action.RequestorIdentity, nodeID), collectionName, docID, action.Relation, - targetIdentity, + getIdentityDID(s, action.TargetIdentity), ) expectedErrorRaised := AssertError(s.t, s.testCase.Description, err, action.ExpectedError) @@ -372,6 +292,23 @@ func deleteDocActorRelationshipACP( } } +func getCollectionAndDocInfo(s *state, collectionID, docInd, nodeID int) (string, string) { + collectionName := "" + docID := "" + if collectionID != -1 { + collection := s.collections[nodeID][collectionID] + if !collection.Description().Name.HasValue() { + require.Fail(s.t, "Expected non-empty collection name, but it was empty.", s.testCase.Description) + } + collectionName = collection.Description().Name.Value() + + if docInd != -1 { + docID = s.docIDs[collectionID][docInd].String() + } + } + return collectionName, docID +} + func setupSourceHub(s *state) ([]node.ACPOpt, error) { var isACPTest bool for _, a := range s.testCase.Actions { @@ -473,7 +410,7 @@ func setupSourceHub(s *state) ([]node.ACPOpt, error) { return nil, err } - // The result is suffexed with a newline char so we must trim the whitespace + // The result is suffixed with a newline char so we must trim the whitespace validatorAddress := strings.TrimSpace(string(out)) s.sourcehubAddress = validatorAddress @@ -508,7 +445,7 @@ func setupSourceHub(s *state) ([]node.ACPOpt, error) { // process involves finding free ports, dropping them, and then assigning them to the source hub node. // // We have to do this because source hub (cosmos) annoyingly does not support automatic port assignment - // (appart from the p2p port which we just manage here for consistency). + // (apart from the p2p port which we just manage here for consistency). // // We need to lock before getting the ports, otherwise they may try and use the port we use for locking. // We can only unlock after the source hub node has started and begun listening on the assigned ports. @@ -581,7 +518,7 @@ cmdReaderLoop: // can safely unlock here. unlock() } - // This is guarenteed to be logged after the gRPC server has been spun up + // This is guaranteed to be logged after the gRPC server has been spun up // so we can be sure that the lock has been unlocked. if strings.Contains(line, "committed state") { break cmdReaderLoop @@ -648,66 +585,18 @@ func crossLock(port uint16) (func(), error) { nil } -// Generate the keys using the index as the seed so that multiple -// runs yield the same private key. This is important for stuff like -// the change detector. -func generateIdentity(s *state, seedIndex int, nodeIndex int) (acpIdentity.Identity, error) { - var audience immutable.Option[string] +func getNodeAudience(s *state, nodeIndex int) immutable.Option[string] { + if nodeIndex >= len(s.nodes) { + return immutable.None[string]() + } switch client := s.nodes[nodeIndex].(type) { case *http.Wrapper: - audience = immutable.Some(strings.TrimPrefix(client.Host(), "http://")) + return immutable.Some(strings.TrimPrefix(client.Host(), "http://")) case *cli.Wrapper: - audience = immutable.Some(strings.TrimPrefix(client.Host(), "http://")) - } - - source := rand.NewSource(int64(seedIndex)) - r := rand.New(source) - - privateKey, err := secp256k1.GeneratePrivateKeyFromRand(r) - require.NoError(s.t, err) - - identity, err := acpIdentity.FromPrivateKey( - privateKey, - authTokenExpiration, - audience, - immutable.Some(s.sourcehubAddress), - // Creating and signing the bearer token is slow, so we skip it if it not - // required. - !(acpType == SourceHubACPType || audience.HasValue()), - ) - - return identity, err -} - -func getIdentity(s *state, nodeIndex int, index immutable.Option[int]) immutable.Option[acpIdentity.Identity] { - if !index.HasValue() { - return immutable.None[acpIdentity.Identity]() + return immutable.Some(strings.TrimPrefix(client.Host(), "http://")) } - if len(s.identities) <= nodeIndex { - identities := make([][]acpIdentity.Identity, nodeIndex+1) - copy(identities, s.identities) - s.identities = identities - } - nodeIdentities := s.identities[nodeIndex] - - if len(nodeIdentities) <= index.Value() { - identities := make([]acpIdentity.Identity, index.Value()+1) - // Fill any empty identities up to the index. - for i := range identities { - if i < len(nodeIdentities) && nodeIdentities[i] != (acpIdentity.Identity{}) { - identities[i] = nodeIdentities[i] - continue - } - newIdentity, err := generateIdentity(s, i, nodeIndex) - require.NoError(s.t, err) - identities[i] = newIdentity - } - s.identities[nodeIndex] = identities - return immutable.Some(identities[index.Value()]) - } else { - return immutable.Some(nodeIdentities[index.Value()]) - } + return immutable.None[string]() } // testBuffer is a very simple, thread-safe (--race flag friendly), io.Writer diff --git a/tests/integration/acp/add_policy/basic_test.go b/tests/integration/acp/add_policy/basic_test.go index a96a073e5c..48aa649f3b 100644 --- a/tests/integration/acp/add_policy/basic_test.go +++ b/tests/integration/acp/add_policy/basic_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_BasicYAML_ValidPolicyID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -64,7 +62,7 @@ func TestACP_AddPolicy_BasicJSON_ValidPolicyID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` { diff --git a/tests/integration/acp/add_policy/with_empty_args_test.go b/tests/integration/acp/add_policy/with_empty_args_test.go index 1af4a5c1f3..3c392117c7 100644 --- a/tests/integration/acp/add_policy/with_empty_args_test.go +++ b/tests/integration/acp/add_policy/with_empty_args_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_EmptyPolicyData_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: "", @@ -44,7 +42,7 @@ func TestACP_AddPolicy_EmptyPolicyCreator_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.None[int](), + Identity: testUtils.NoIdentity(), Policy: ` name: test @@ -83,7 +81,7 @@ func TestACP_AddPolicy_EmptyCreatorAndPolicyArgs_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.None[int](), + Identity: testUtils.NoIdentity(), Policy: "", diff --git a/tests/integration/acp/add_policy/with_extra_perms_and_relations_test.go b/tests/integration/acp/add_policy/with_extra_perms_and_relations_test.go index 1db26e639e..9bf36b88dd 100644 --- a/tests/integration/acp/add_policy/with_extra_perms_and_relations_test.go +++ b/tests/integration/acp/add_policy/with_extra_perms_and_relations_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_ExtraPermissionsAndExtraRelations_ValidPolicyID(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/add_policy/with_extra_perms_test.go b/tests/integration/acp/add_policy/with_extra_perms_test.go index 963101356f..2de8d0da6a 100644 --- a/tests/integration/acp/add_policy/with_extra_perms_test.go +++ b/tests/integration/acp/add_policy/with_extra_perms_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_ExtraPermissions_ValidPolicyID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy @@ -65,7 +63,7 @@ func TestACP_AddPolicy_ExtraDuplicatePermissions_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy diff --git a/tests/integration/acp/add_policy/with_extra_relations_test.go b/tests/integration/acp/add_policy/with_extra_relations_test.go index f4bec6479c..36f7694e52 100644 --- a/tests/integration/acp/add_policy/with_extra_relations_test.go +++ b/tests/integration/acp/add_policy/with_extra_relations_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_ExtraRelations_ValidPolicyID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy @@ -69,7 +67,7 @@ func TestACP_AddPolicy_ExtraDuplicateRelations_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy diff --git a/tests/integration/acp/add_policy/with_invalid_relations_test.go b/tests/integration/acp/add_policy/with_invalid_relations_test.go index 1cf3d8315b..09a26a4685 100644 --- a/tests/integration/acp/add_policy/with_invalid_relations_test.go +++ b/tests/integration/acp/add_policy/with_invalid_relations_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_NoRelations_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy @@ -60,7 +58,7 @@ func TestACP_AddPolicy_NoRelationsLabel_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy diff --git a/tests/integration/acp/add_policy/with_invalid_required_relation_test.go b/tests/integration/acp/add_policy/with_invalid_required_relation_test.go index 122d1011a5..12242298d4 100644 --- a/tests/integration/acp/add_policy/with_invalid_required_relation_test.go +++ b/tests/integration/acp/add_policy/with_invalid_required_relation_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_MissingRequiredOwnerRelation_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy @@ -63,7 +61,7 @@ func TestACP_AddPolicy_DuplicateOwnerRelation_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy diff --git a/tests/integration/acp/add_policy/with_invalid_resource_test.go b/tests/integration/acp/add_policy/with_invalid_resource_test.go index 79e627e888..1acf9cf8ca 100644 --- a/tests/integration/acp/add_policy/with_invalid_resource_test.go +++ b/tests/integration/acp/add_policy/with_invalid_resource_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_OneResourceThatIsEmpty_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy diff --git a/tests/integration/acp/add_policy/with_managed_relation_test.go b/tests/integration/acp/add_policy/with_managed_relation_test.go index bff8f86fb2..a41a8713a3 100644 --- a/tests/integration/acp/add_policy/with_managed_relation_test.go +++ b/tests/integration/acp/add_policy/with_managed_relation_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -24,7 +22,7 @@ func TestACP_AddPolicy_WithRelationManagingOtherRelation_ValidPolicyID(t *testin Description: "Test acp, where a relation is managing another relation, valid policy id", Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy diff --git a/tests/integration/acp/add_policy/with_multi_policies_test.go b/tests/integration/acp/add_policy/with_multi_policies_test.go index e413a5872a..4ca02aeb64 100644 --- a/tests/integration/acp/add_policy/with_multi_policies_test.go +++ b/tests/integration/acp/add_policy/with_multi_policies_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_AddMultipleDifferentPolicies_ValidPolicyIDs(t *testing.T) Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy @@ -53,7 +51,7 @@ func TestACP_AddPolicy_AddMultipleDifferentPolicies_ValidPolicyIDs(t *testing.T) }, testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: a policy @@ -99,7 +97,7 @@ func TestACP_AddPolicy_AddMultipleDifferentPoliciesInDifferentFmts_ValidPolicyID Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` { @@ -134,7 +132,7 @@ func TestACP_AddPolicy_AddMultipleDifferentPoliciesInDifferentFmts_ValidPolicyID }, testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test2 @@ -201,7 +199,7 @@ func TestACP_AddPolicy_AddDuplicatePolicyByOtherCreator_ValidPolicyIDs(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: policyUsedByBoth, @@ -209,7 +207,7 @@ func TestACP_AddPolicy_AddDuplicatePolicyByOtherCreator_ValidPolicyIDs(t *testin }, testUtils.AddPolicy{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Policy: policyUsedByBoth, @@ -228,7 +226,7 @@ func TestACP_AddPolicy_AddMultipleDuplicatePolicies_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -256,7 +254,7 @@ func TestACP_AddPolicy_AddMultipleDuplicatePolicies_Error(t *testing.T) { }, testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -295,7 +293,7 @@ func TestACP_AddPolicy_AddMultipleDuplicatePoliciesDifferentFmts_ProducesDiffere Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -322,7 +320,7 @@ func TestACP_AddPolicy_AddMultipleDuplicatePoliciesDifferentFmts_ProducesDiffere }, testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` { diff --git a/tests/integration/acp/add_policy/with_multiple_resources_test.go b/tests/integration/acp/add_policy/with_multiple_resources_test.go index fed7ac9888..161e2d27fb 100644 --- a/tests/integration/acp/add_policy/with_multiple_resources_test.go +++ b/tests/integration/acp/add_policy/with_multiple_resources_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_MultipleResources_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -80,7 +78,7 @@ func TestACP_AddPolicy_MultipleResourcesUsingRelationDefinedInOther_Error(t *tes Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -132,7 +130,7 @@ func TestACP_AddPolicy_SecondResourcesMissingRequiredOwner_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/add_policy/with_no_perms_test.go b/tests/integration/acp/add_policy/with_no_perms_test.go index 7bd55bd9d0..57cec65ee7 100644 --- a/tests/integration/acp/add_policy/with_no_perms_test.go +++ b/tests/integration/acp/add_policy/with_no_perms_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -33,7 +31,7 @@ func TestACP_AddPolicy_NoPermissionsOnlyOwner_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -68,7 +66,7 @@ func TestACP_AddPolicy_NoPermissionsMultiRelations_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -106,7 +104,7 @@ func TestACP_AddPolicy_NoPermissionsLabelOnlyOwner_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -139,7 +137,7 @@ func TestACP_AddPolicy_NoPermissionsLabelMultiRelations_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/add_policy/with_no_resources_test.go b/tests/integration/acp/add_policy/with_no_resources_test.go index 5bcf3f141b..26e09a76b6 100644 --- a/tests/integration/acp/add_policy/with_no_resources_test.go +++ b/tests/integration/acp/add_policy/with_no_resources_test.go @@ -27,7 +27,7 @@ func TestACP_AddPolicy_NoResource_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -56,7 +56,7 @@ func TestACP_AddPolicy_NoResourceLabel_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -85,7 +85,7 @@ func TestACP_AddPolicy_PolicyWithOnlySpace_NameIsRequired(t *testing.T) { }), Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: " ", diff --git a/tests/integration/acp/add_policy/with_perm_expr_test.go b/tests/integration/acp/add_policy/with_perm_expr_test.go index 2329fadfe9..b058a2e652 100644 --- a/tests/integration/acp/add_policy/with_perm_expr_test.go +++ b/tests/integration/acp/add_policy/with_perm_expr_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_PermissionExprWithOwnerInTheEndWithMinus_ValidID(t *testi Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -67,7 +65,7 @@ func TestACP_AddPolicy_PermissionExprWithOwnerInTheEndWithMinusNoSpace_ValidID(t Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/add_policy/with_perm_invalid_expr_test.go b/tests/integration/acp/add_policy/with_perm_invalid_expr_test.go index 592c14e56d..2f3d20ee51 100644 --- a/tests/integration/acp/add_policy/with_perm_invalid_expr_test.go +++ b/tests/integration/acp/add_policy/with_perm_invalid_expr_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_EmptyExpressionInPermission_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -66,7 +64,7 @@ func TestACP_AddPolicy_PermissionExprWithOwnerInTheEndWithInocorrectSymbol_Error Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -107,7 +105,7 @@ func TestACP_AddPolicy_PermissionExprWithOwnerInTheEndWithInocorrectSymbolNoSpac Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/add_policy/with_permissionless_owner_test.go b/tests/integration/acp/add_policy/with_permissionless_owner_test.go index 84e76736be..822c56907e 100644 --- a/tests/integration/acp/add_policy/with_permissionless_owner_test.go +++ b/tests/integration/acp/add_policy/with_permissionless_owner_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -32,7 +30,7 @@ func TestACP_AddPolicy_PermissionlessOwnerWrite_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -73,7 +71,7 @@ func TestACP_AddPolicy_PermissionlessOwnerRead_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -114,7 +112,7 @@ func TestACP_AddPolicy_PermissionlessOwnerReadWrite_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/add_policy/with_unused_relations_test.go b/tests/integration/acp/add_policy/with_unused_relations_test.go index dd610150ee..2189048ab0 100644 --- a/tests/integration/acp/add_policy/with_unused_relations_test.go +++ b/tests/integration/acp/add_policy/with_unused_relations_test.go @@ -13,8 +13,6 @@ package test_acp_add_policy import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -25,7 +23,7 @@ func TestACP_AddPolicy_UnusedRelation_ValidID(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/index/create_test.go b/tests/integration/acp/index/create_test.go index da9e9b96b9..8a3388878c 100644 --- a/tests/integration/acp/index/create_test.go +++ b/tests/integration/acp/index/create_test.go @@ -13,8 +13,6 @@ package test_acp_index import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -24,7 +22,7 @@ func TestACP_IndexCreateWithSeparateRequest_OnCollectionWithPolicy_NoError(t *te Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: userPolicy, ExpectedPolicyID: "94eb195c0e459aa79e02a1986c7e731c5015721c18a373f2b2a0ed140a04b454", }, @@ -72,7 +70,7 @@ func TestACP_IndexCreateWithDirective_OnCollectionWithPolicy_NoError(t *testing. Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: userPolicy, ExpectedPolicyID: "94eb195c0e459aa79e02a1986c7e731c5015721c18a373f2b2a0ed140a04b454", }, diff --git a/tests/integration/acp/index/query_test.go b/tests/integration/acp/index/query_test.go index 3fafeb4b10..06edc45065 100644 --- a/tests/integration/acp/index/query_test.go +++ b/tests/integration/acp/index/query_test.go @@ -13,8 +13,6 @@ package test_acp_index import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -23,7 +21,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithoutIdentity_ShouldNotFetch(t *te Description: "Test acp, querying private doc without identity should not fetch", Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: userPolicy, ExpectedPolicyID: "94eb195c0e459aa79e02a1986c7e731c5015721c18a373f2b2a0ed140a04b454", }, @@ -46,7 +44,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithoutIdentity_ShouldNotFetch(t *te `, }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { "name": "Islam" @@ -77,7 +75,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithIdentity_ShouldFetch(t *testing. Description: "Test acp, querying private doc with identity should fetch", Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: userPolicy, ExpectedPolicyID: "94eb195c0e459aa79e02a1986c7e731c5015721c18a373f2b2a0ed140a04b454", }, @@ -100,7 +98,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithIdentity_ShouldFetch(t *testing. `, }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { "name": "Islam" @@ -108,7 +106,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithIdentity_ShouldFetch(t *testing. `, }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Users { @@ -137,7 +135,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithWrongIdentity_ShouldNotFetch(t * Description: "Test acp, querying private doc with wrong identity should not fetch", Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: userPolicy, ExpectedPolicyID: "94eb195c0e459aa79e02a1986c7e731c5015721c18a373f2b2a0ed140a04b454", }, @@ -160,7 +158,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithWrongIdentity_ShouldNotFetch(t * `, }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { "name": "Islam" @@ -168,7 +166,7 @@ func TestACPWithIndex_UponQueryingPrivateDocWithWrongIdentity_ShouldNotFetch(t * `, }, testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Users { diff --git a/tests/integration/acp/index/query_with_relation_test.go b/tests/integration/acp/index/query_with_relation_test.go index 5a406e6575..01a09db435 100644 --- a/tests/integration/acp/index/query_with_relation_test.go +++ b/tests/integration/acp/index/query_with_relation_test.go @@ -13,15 +13,13 @@ package test_acp_index import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) func createAuthorBooksSchemaWithPolicyAndCreateDocs() []any { return []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: bookAuthorPolicy, ExpectedPolicyID: "f6927e8861f91122a5e3e333249297e4315b672298b5cb93ee3f49facc1e0d11", }, @@ -56,7 +54,7 @@ func createAuthorBooksSchemaWithPolicyAndCreateDocs() []any { }`, }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, // bae-b769708d-f552-5c3d-a402-ccfd7ac7fb04 Doc: `{ @@ -74,7 +72,7 @@ func createAuthorBooksSchemaWithPolicyAndCreateDocs() []any { }, }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 1, DocMap: map[string]any{ "name": "A Time for Mercy", @@ -83,7 +81,7 @@ func createAuthorBooksSchemaWithPolicyAndCreateDocs() []any { }, }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 1, DocMap: map[string]any{ "name": "Theif Lord", @@ -136,7 +134,7 @@ func TestACPWithIndex_UponQueryingPrivateOneToManyRelatedDocWithIdentity_ShouldF Actions: []any{ createAuthorBooksSchemaWithPolicyAndCreateDocs(), testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Author(filter: { @@ -184,7 +182,7 @@ func TestACPWithIndex_UponQueryingPrivateOneToManyRelatedDocWithWrongIdentity_Sh Actions: []any{ createAuthorBooksSchemaWithPolicyAndCreateDocs(), testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Author(filter: { @@ -255,7 +253,7 @@ func TestACPWithIndex_UponQueryingPrivateManyToOneRelatedDocWithIdentity_ShouldF Actions: []any{ createAuthorBooksSchemaWithPolicyAndCreateDocs(), testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Book(filter: { @@ -302,7 +300,7 @@ func TestACPWithIndex_UponQueryingPrivateManyToOneRelatedDocWithWrongIdentity_Sh Actions: []any{ createAuthorBooksSchemaWithPolicyAndCreateDocs(), testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Book(filter: { diff --git a/tests/integration/acp/p2p/create_test.go b/tests/integration/acp/p2p/create_test.go index 8775a553d7..db3d5a4508 100644 --- a/tests/integration/acp/p2p/create_test.go +++ b/tests/integration/acp/p2p/create_test.go @@ -39,7 +39,7 @@ func TestACP_P2PCreatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -103,7 +103,7 @@ func TestACP_P2PCreatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(0), @@ -115,7 +115,7 @@ func TestACP_P2PCreatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(1), diff --git a/tests/integration/acp/p2p/delete_test.go b/tests/integration/acp/p2p/delete_test.go index 59cae4cde9..2f45fbcf43 100644 --- a/tests/integration/acp/p2p/delete_test.go +++ b/tests/integration/acp/p2p/delete_test.go @@ -39,7 +39,7 @@ func TestACP_P2PDeletePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -108,7 +108,7 @@ func TestACP_P2PDeletePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(0), @@ -120,7 +120,7 @@ func TestACP_P2PDeletePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(1), @@ -134,7 +134,7 @@ func TestACP_P2PDeletePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T testUtils.WaitForSync{}, testUtils.DeleteDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(0), @@ -144,7 +144,7 @@ func TestACP_P2PDeletePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.DeleteDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(1), diff --git a/tests/integration/acp/p2p/replicator_test.go b/tests/integration/acp/p2p/replicator_test.go index 8afaafebc0..2f7f69ceca 100644 --- a/tests/integration/acp/p2p/replicator_test.go +++ b/tests/integration/acp/p2p/replicator_test.go @@ -29,7 +29,7 @@ func TestACP_P2POneToOneReplicatorWithPermissionedCollection_LocalACP(t *testing testUtils.RandomNetworkingConfig(), testUtils.RandomNetworkingConfig(), testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test description: a test policy which marks a collection in a database as a resource @@ -93,7 +93,7 @@ func TestACP_P2POneToOneReplicatorWithPermissionedCollection_SourceHubACP(t *tes testUtils.RandomNetworkingConfig(), testUtils.RandomNetworkingConfig(), testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test description: a test policy which marks a collection in a database as a resource @@ -141,7 +141,7 @@ func TestACP_P2POneToOneReplicatorWithPermissionedCollection_SourceHubACP(t *tes }, testUtils.CreateDoc{ NodeID: immutable.Some(0), - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocMap: map[string]any{ "name": "John", }, @@ -149,7 +149,7 @@ func TestACP_P2POneToOneReplicatorWithPermissionedCollection_SourceHubACP(t *tes testUtils.WaitForSync{}, testUtils.Request{ // Ensure that the document is accessible on all nodes to authorized actors - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Users { @@ -180,7 +180,7 @@ func TestACP_P2POneToOneReplicatorWithPermissionedCollection_SourceHubACP(t *tes }, testUtils.Request{ // Ensure that the document is hidden on all nodes to unauthorized actors - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Users { diff --git a/tests/integration/acp/p2p/replicator_with_doc_actor_relationship_test.go b/tests/integration/acp/p2p/replicator_with_doc_actor_relationship_test.go index cdefe70a46..46d01c8616 100644 --- a/tests/integration/acp/p2p/replicator_with_doc_actor_relationship_test.go +++ b/tests/integration/acp/p2p/replicator_with_doc_actor_relationship_test.go @@ -39,7 +39,7 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -109,7 +109,7 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(0), @@ -124,7 +124,7 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.Request{ // Ensure that the document is hidden on all nodes to an unauthorized actor - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -142,9 +142,9 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.AddDocActorRelationship{ NodeID: immutable.Some(0), - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -158,9 +158,9 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.AddDocActorRelationship{ NodeID: immutable.Some(1), // Note: Different node than the previous - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -173,7 +173,7 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.Request{ // Ensure that the document is now accessible on all nodes to the newly authorized actor. - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -194,7 +194,7 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.Request{ // Ensure that the document is still accessible on all nodes to the owner. - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -216,9 +216,9 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.DeleteDocActorRelationship{ NodeID: immutable.Some(1), - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -232,9 +232,9 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.DeleteDocActorRelationship{ NodeID: immutable.Some(0), // Note: Different node than the previous - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -247,7 +247,7 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.Request{ // Ensure that the document is now inaccessible on all nodes to the actor we revoked access from. - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -264,7 +264,7 @@ func TestACP_P2PReplicatorWithPermissionedCollectionCreateDocActorRelationship_S testUtils.Request{ // Ensure that the document is still accessible on all nodes to the owner. - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { diff --git a/tests/integration/acp/p2p/subscribe_test.go b/tests/integration/acp/p2p/subscribe_test.go index e95fbaca97..e776ae4fb2 100644 --- a/tests/integration/acp/p2p/subscribe_test.go +++ b/tests/integration/acp/p2p/subscribe_test.go @@ -32,7 +32,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollection_LocalACP(t *test testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -110,7 +110,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollection_SourceHubACP(t * testUtils.RandomNetworkingConfig(), testUtils.RandomNetworkingConfig(), testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test description: a test policy which marks a collection in a database as a resource @@ -163,7 +163,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollection_SourceHubACP(t * }, testUtils.CreateDoc{ NodeID: immutable.Some(0), - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocMap: map[string]any{ "name": "John", }, @@ -171,7 +171,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollection_SourceHubACP(t * testUtils.WaitForSync{}, testUtils.Request{ // Ensure that the document is accessible on all nodes to authorized actors - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Users { @@ -202,7 +202,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollection_SourceHubACP(t * }, testUtils.Request{ // Ensure that the document is hidden on all nodes to unauthorized actors - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Users { diff --git a/tests/integration/acp/p2p/subscribe_with_doc_actor_relationship_test.go b/tests/integration/acp/p2p/subscribe_with_doc_actor_relationship_test.go index b9f3f8edd3..52038b8d5b 100644 --- a/tests/integration/acp/p2p/subscribe_with_doc_actor_relationship_test.go +++ b/tests/integration/acp/p2p/subscribe_with_doc_actor_relationship_test.go @@ -39,7 +39,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -115,7 +115,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(0), @@ -130,7 +130,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.Request{ // Ensure that the document is hidden on all nodes to an unauthorized actor - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -148,9 +148,9 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.AddDocActorRelationship{ NodeID: immutable.Some(0), - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -164,9 +164,9 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.AddDocActorRelationship{ NodeID: immutable.Some(1), // Note: Different node than the previous - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -179,7 +179,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.Request{ // Ensure that the document is now accessible on all nodes to the newly authorized actor. - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -200,7 +200,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.Request{ // Ensure that the document is still accessible on all nodes to the owner. - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -222,9 +222,9 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.DeleteDocActorRelationship{ NodeID: immutable.Some(1), - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -238,9 +238,9 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.DeleteDocActorRelationship{ NodeID: immutable.Some(0), // Note: Different node than the previous - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -253,7 +253,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.Request{ // Ensure that the document is now inaccessible on all nodes to the actor we revoked access from. - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -270,7 +270,7 @@ func TestACP_P2PSubscribeAddGetSingleWithPermissionedCollectionCreateDocActorRel testUtils.Request{ // Ensure that the document is still accessible on all nodes to the owner. - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { diff --git a/tests/integration/acp/p2p/update_test.go b/tests/integration/acp/p2p/update_test.go index 339babee10..df26fe4e9a 100644 --- a/tests/integration/acp/p2p/update_test.go +++ b/tests/integration/acp/p2p/update_test.go @@ -39,7 +39,7 @@ func TestACP_P2PUpdatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -108,7 +108,7 @@ func TestACP_P2PUpdatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(0), @@ -120,7 +120,7 @@ func TestACP_P2PUpdatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(1), @@ -134,7 +134,7 @@ func TestACP_P2PUpdatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T testUtils.WaitForSync{}, testUtils.UpdateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(0), @@ -150,7 +150,7 @@ func TestACP_P2PUpdatePrivateDocumentsOnDifferentNodes_SourceHubACP(t *testing.T }, testUtils.UpdateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), NodeID: immutable.Some(1), diff --git a/tests/integration/acp/query/avg_test.go b/tests/integration/acp/query/avg_test.go index 34b03de6ea..f7804a3474 100644 --- a/tests/integration/acp/query/avg_test.go +++ b/tests/integration/acp/query/avg_test.go @@ -13,8 +13,6 @@ package test_acp import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -50,7 +48,7 @@ func TestACP_QueryAverageWithIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { _avg(Employee: {field: salary}) @@ -75,7 +73,7 @@ func TestACP_QueryAverageWithWrongIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { _avg(Employee: {field: salary}) diff --git a/tests/integration/acp/query/count_test.go b/tests/integration/acp/query/count_test.go index e5f867b3d5..1b0e450148 100644 --- a/tests/integration/acp/query/count_test.go +++ b/tests/integration/acp/query/count_test.go @@ -13,8 +13,6 @@ package test_acp import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -79,7 +77,7 @@ func TestACP_QueryCountDocumentsWithIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { _count(Employee: {}) @@ -103,7 +101,7 @@ func TestACP_QueryCountRelatedObjectsWithIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Company { @@ -136,7 +134,7 @@ func TestACP_QueryCountDocumentsWithWrongIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { _count(Employee: {}) @@ -160,7 +158,7 @@ func TestACP_QueryCountRelatedObjectsWithWrongIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Company { diff --git a/tests/integration/acp/query/fixture.go b/tests/integration/acp/query/fixture.go index d526a218d3..7b9394cd27 100644 --- a/tests/integration/acp/query/fixture.go +++ b/tests/integration/acp/query/fixture.go @@ -11,8 +11,6 @@ package test_acp import ( - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -58,7 +56,7 @@ resources: func getSetupEmployeeCompanyActions() []any { return []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: employeeCompanyPolicy, ExpectedPolicyID: "9d6c19007a894746c3f45f7fe45513a88a20ad77637948228869546197bb1b05", }, @@ -96,7 +94,7 @@ func getSetupEmployeeCompanyActions() []any { }, testUtils.CreateDoc{ CollectionID: 1, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { "name": "Private Company", @@ -122,7 +120,7 @@ func getSetupEmployeeCompanyActions() []any { }, testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocMap: map[string]any{ "name": "PrivateEmp in PubCompany", "salary": 30000, @@ -131,7 +129,7 @@ func getSetupEmployeeCompanyActions() []any { }, testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocMap: map[string]any{ "name": "PrivateEmp in PrivateCompany", "salary": 40000, diff --git a/tests/integration/acp/query/relation_objects_test.go b/tests/integration/acp/query/relation_objects_test.go index afbc014c08..eed0ff7351 100644 --- a/tests/integration/acp/query/relation_objects_test.go +++ b/tests/integration/acp/query/relation_objects_test.go @@ -13,8 +13,6 @@ package test_acp import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -98,7 +96,7 @@ func TestACP_QueryManyToOneRelationObjectsWithIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Employee { @@ -144,7 +142,7 @@ func TestACP_QueryOneToManyRelationObjectsWithIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { Company { @@ -188,7 +186,7 @@ func TestACP_QueryManyToOneRelationObjectsWithWrongIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Employee { @@ -226,7 +224,7 @@ func TestACP_QueryOneToManyRelationObjectsWithWrongIdentity(t *testing.T) { getSetupEmployeeCompanyActions(), testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { Company { diff --git a/tests/integration/acp/register_and_delete_test.go b/tests/integration/acp/register_and_delete_test.go index e30388bd76..4c4dead596 100644 --- a/tests/integration/acp/register_and_delete_test.go +++ b/tests/integration/acp/register_and_delete_test.go @@ -13,8 +13,6 @@ package test_acp import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_CreateWithoutIdentityAndDeleteWithoutIdentity_CanDelete(t *testing. Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -126,7 +124,7 @@ func TestACP_CreateWithoutIdentityAndDeleteWithIdentity_CanDelete(t *testing.T) Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -186,7 +184,7 @@ func TestACP_CreateWithoutIdentityAndDeleteWithIdentity_CanDelete(t *testing.T) testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocID: 0, }, @@ -219,7 +217,7 @@ func TestACP_CreateWithIdentityAndDeleteWithIdentity_CanDelete(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -268,7 +266,7 @@ func TestACP_CreateWithIdentityAndDeleteWithIdentity_CanDelete(t *testing.T) { testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -281,13 +279,13 @@ func TestACP_CreateWithIdentityAndDeleteWithIdentity_CanDelete(t *testing.T) { testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocID: 0, }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -316,7 +314,7 @@ func TestACP_CreateWithIdentityAndDeleteWithoutIdentity_CanNotDelete(t *testing. Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -365,7 +363,7 @@ func TestACP_CreateWithIdentityAndDeleteWithoutIdentity_CanNotDelete(t *testing. testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -384,7 +382,7 @@ func TestACP_CreateWithIdentityAndDeleteWithoutIdentity_CanNotDelete(t *testing. }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -419,7 +417,7 @@ func TestACP_CreateWithIdentityAndDeleteWithWrongIdentity_CanNotDelete(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -468,7 +466,7 @@ func TestACP_CreateWithIdentityAndDeleteWithWrongIdentity_CanNotDelete(t *testin testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -481,7 +479,7 @@ func TestACP_CreateWithIdentityAndDeleteWithWrongIdentity_CanNotDelete(t *testin testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -489,7 +487,7 @@ func TestACP_CreateWithIdentityAndDeleteWithWrongIdentity_CanNotDelete(t *testin }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { diff --git a/tests/integration/acp/register_and_read_test.go b/tests/integration/acp/register_and_read_test.go index 83d0819f54..62d041d061 100644 --- a/tests/integration/acp/register_and_read_test.go +++ b/tests/integration/acp/register_and_read_test.go @@ -13,8 +13,6 @@ package test_acp import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -26,7 +24,7 @@ func TestACP_CreateWithoutIdentityAndReadWithoutIdentity_CanRead(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -117,7 +115,7 @@ func TestACP_CreateWithoutIdentityAndReadWithIdentity_CanRead(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -175,7 +173,7 @@ func TestACP_CreateWithoutIdentityAndReadWithIdentity_CanRead(t *testing.T) { }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -210,7 +208,7 @@ func TestACP_CreateWithIdentityAndReadWithIdentity_CanRead(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -259,7 +257,7 @@ func TestACP_CreateWithIdentityAndReadWithIdentity_CanRead(t *testing.T) { testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -270,7 +268,7 @@ func TestACP_CreateWithIdentityAndReadWithIdentity_CanRead(t *testing.T) { }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -305,7 +303,7 @@ func TestACP_CreateWithIdentityAndReadWithoutIdentity_CanNotRead(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -354,7 +352,7 @@ func TestACP_CreateWithIdentityAndReadWithoutIdentity_CanNotRead(t *testing.T) { testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -392,7 +390,7 @@ func TestACP_CreateWithIdentityAndReadWithWrongIdentity_CanNotRead(t *testing.T) Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -441,7 +439,7 @@ func TestACP_CreateWithIdentityAndReadWithWrongIdentity_CanNotRead(t *testing.T) testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -452,7 +450,7 @@ func TestACP_CreateWithIdentityAndReadWithWrongIdentity_CanNotRead(t *testing.T) }, testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { diff --git a/tests/integration/acp/register_and_update_test.go b/tests/integration/acp/register_and_update_test.go index 4bf39a0508..4cbb186e19 100644 --- a/tests/integration/acp/register_and_update_test.go +++ b/tests/integration/acp/register_and_update_test.go @@ -30,7 +30,7 @@ func TestACP_CreateWithoutIdentityAndUpdateWithoutIdentity_CanUpdate(t *testing. Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -138,7 +138,7 @@ func TestACP_CreateWithoutIdentityAndUpdateWithIdentity_CanUpdate(t *testing.T) Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -198,7 +198,7 @@ func TestACP_CreateWithoutIdentityAndUpdateWithIdentity_CanUpdate(t *testing.T) testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocID: 0, @@ -243,7 +243,7 @@ func TestACP_CreateWithIdentityAndUpdateWithIdentity_CanUpdate(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -292,7 +292,7 @@ func TestACP_CreateWithIdentityAndUpdateWithIdentity_CanUpdate(t *testing.T) { testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -305,7 +305,7 @@ func TestACP_CreateWithIdentityAndUpdateWithIdentity_CanUpdate(t *testing.T) { testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), DocID: 0, @@ -317,7 +317,7 @@ func TestACP_CreateWithIdentityAndUpdateWithIdentity_CanUpdate(t *testing.T) { }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -358,7 +358,7 @@ func TestACP_CreateWithIdentityAndUpdateWithoutIdentity_CanNotUpdate(t *testing. Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -407,7 +407,7 @@ func TestACP_CreateWithIdentityAndUpdateWithoutIdentity_CanNotUpdate(t *testing. testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -432,7 +432,7 @@ func TestACP_CreateWithIdentityAndUpdateWithoutIdentity_CanNotUpdate(t *testing. }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -473,7 +473,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentity_CanNotUpdate(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -522,7 +522,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentity_CanNotUpdate(t *testin testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -535,7 +535,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentity_CanNotUpdate(t *testin testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -549,7 +549,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentity_CanNotUpdate(t *testin }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -591,7 +591,7 @@ func TestACP_CreateWithIdentityAndUpdateWithoutIdentityGQL_CanNotUpdate(t *testi Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -640,7 +640,7 @@ func TestACP_CreateWithIdentityAndUpdateWithoutIdentityGQL_CanNotUpdate(t *testi testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -665,7 +665,7 @@ func TestACP_CreateWithIdentityAndUpdateWithoutIdentityGQL_CanNotUpdate(t *testi }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -707,7 +707,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentityGQL_CanNotUpdate(t *tes Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -756,7 +756,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentityGQL_CanNotUpdate(t *tes testUtils.CreateDoc{ CollectionID: 0, - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Doc: ` { @@ -769,7 +769,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentityGQL_CanNotUpdate(t *tes testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -783,7 +783,7 @@ func TestACP_CreateWithIdentityAndUpdateWithWrongIdentityGQL_CanNotUpdate(t *tes }, testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/add/invalid_test.go b/tests/integration/acp/relationship/doc_actor/add/invalid_test.go index d9f96d9c21..0742151493 100644 --- a/tests/integration/acp/relationship/doc_actor/add/invalid_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/invalid_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_AddDocActorRelationshipMissingDocID_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_AddDocActorRelationshipMissingDocID_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,9 +104,9 @@ func TestACP_AddDocActorRelationshipMissingDocID_Error(t *testing.T) { }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -134,7 +132,7 @@ func TestACP_AddDocActorRelationshipMissingCollection_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -198,7 +196,7 @@ func TestACP_AddDocActorRelationshipMissingCollection_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -211,9 +209,9 @@ func TestACP_AddDocActorRelationshipMissingCollection_Error(t *testing.T) { }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: -1, @@ -239,7 +237,7 @@ func TestACP_AddDocActorRelationshipMissingRelationName_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -303,7 +301,7 @@ func TestACP_AddDocActorRelationshipMissingRelationName_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -316,9 +314,9 @@ func TestACP_AddDocActorRelationshipMissingRelationName_Error(t *testing.T) { }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -344,7 +342,7 @@ func TestACP_AddDocActorRelationshipMissingTargetActorName_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -408,7 +406,7 @@ func TestACP_AddDocActorRelationshipMissingTargetActorName_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -421,9 +419,9 @@ func TestACP_AddDocActorRelationshipMissingTargetActorName_Error(t *testing.T) { }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: -1, + TargetIdentity: testUtils.NoIdentity(), CollectionID: 0, @@ -449,7 +447,7 @@ func TestACP_AddDocActorRelationshipMissingReqestingIdentityName_Error(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -513,7 +511,7 @@ func TestACP_AddDocActorRelationshipMissingReqestingIdentityName_Error(t *testin }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -526,9 +524,9 @@ func TestACP_AddDocActorRelationshipMissingReqestingIdentityName_Error(t *testin }, testUtils.AddDocActorRelationship{ - RequestorIdentity: -1, + RequestorIdentity: testUtils.NoIdentity(), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/add/with_delete_test.go b/tests/integration/acp/relationship/doc_actor/add/with_delete_test.go index c87c3c0a8f..b75fb41ef3 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_delete_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_delete_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorTwice_ShowThatTheRelations Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,7 +104,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -126,7 +124,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorTwice_ShowThatTheRelations testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not delete yet. + Identity: testUtils.ClientIdentity(2), // This identity can not delete yet. DocID: 0, @@ -134,9 +132,9 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -148,9 +146,9 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -176,7 +174,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDelete(t *te Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -240,7 +238,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDelete(t *te }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -253,7 +251,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDelete(t *te }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -273,7 +271,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDelete(t *te testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not delete yet. + Identity: testUtils.ClientIdentity(2), // This identity can not delete yet. DocID: 0, @@ -281,9 +279,9 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDelete(t *te }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -295,7 +293,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDelete(t *te }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can now read. + Identity: testUtils.ClientIdentity(2), // This identity can now read. Request: ` query { @@ -321,13 +319,13 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDelete(t *te testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can now delete. + Identity: testUtils.ClientIdentity(2), // This identity can now delete. DocID: 0, }, testUtils.Request{ - Identity: immutable.Some(2), // Check if actually deleted. + Identity: testUtils.ClientIdentity(2), // Check if actually deleted. Request: ` query { @@ -359,7 +357,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDeleteSoCanT Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -423,7 +421,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDeleteSoCanT }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -436,9 +434,9 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDeleteSoCanT }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -450,7 +448,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDeleteSoCanT }, testUtils.Request{ - Identity: immutable.Some(1), // Owner can still also delete (ownership not transferred) + Identity: testUtils.ClientIdentity(1), // Owner can still also delete (ownership not transferred) Request: ` query { @@ -476,13 +474,13 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActor_OtherActorCanDeleteSoCanT testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(1), // Owner can still also delete. + Identity: testUtils.ClientIdentity(1), // Owner can still also delete. DocID: 0, }, testUtils.Request{ - Identity: immutable.Some(1), // Check if actually deleted. + Identity: testUtils.ClientIdentity(1), // Check if actually deleted. Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/add/with_dummy_relation_test.go b/tests/integration/acp/relationship/doc_actor/add/with_dummy_relation_test.go index 79cc4639e2..7bfe6c2ff2 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_dummy_relation_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_dummy_relation_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingChan Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingChan }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,7 +104,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingChan }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -124,9 +122,9 @@ func TestACP_AddDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingChan }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -138,7 +136,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingChan }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can still not read. + Identity: testUtils.ClientIdentity(2), // This identity can still not read. Request: ` query { @@ -170,7 +168,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error(t Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -234,7 +232,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error(t }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -247,7 +245,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error(t }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -265,9 +263,9 @@ func TestACP_AddDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error(t }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -279,7 +277,7 @@ func TestACP_AddDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error(t }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can still not read. + Identity: testUtils.ClientIdentity(2), // This identity can still not read. Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/add/with_manager_gql_test.go b/tests/integration/acp/relationship/doc_actor/add/with_manager_gql_test.go index 1881979c32..757053f365 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_manager_gql_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_manager_gql_test.go @@ -34,7 +34,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -99,7 +99,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -112,7 +112,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR }, testUtils.Request{ - Identity: immutable.Some(2), // This identity (to be manager) can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity (to be manager) can not read yet. Request: ` query { @@ -132,7 +132,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can't update yet. + Identity: testUtils.ClientIdentity(2), // Manager can't update yet. DocID: 0, @@ -148,7 +148,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can't delete yet. + Identity: testUtils.ClientIdentity(2), // Manager can't delete yet. DocID: 0, @@ -156,9 +156,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -170,9 +170,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR }, testUtils.AddDocActorRelationship{ // Manager makes itself a writer - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -185,9 +185,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR // Note: It is not neccesary to make itself a reader, as becoming a writer allows reading. testUtils.AddDocActorRelationship{ // Manager makes itself a reader - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -201,7 +201,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can now update. + Identity: testUtils.ClientIdentity(2), // Manager can now update. DocID: 0, @@ -213,7 +213,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR }, testUtils.Request{ - Identity: immutable.Some(2), // Manager can read now + Identity: testUtils.ClientIdentity(2), // Manager can read now Request: ` query { @@ -239,13 +239,13 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_GQL_ManagerCanR testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can now delete. + Identity: testUtils.ClientIdentity(2), // Manager can now delete. DocID: 0, }, testUtils.Request{ - Identity: immutable.Some(2), // Make sure manager was able to delete the document. + Identity: testUtils.ClientIdentity(2), // Make sure manager was able to delete the document. Request: ` query { @@ -282,7 +282,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_GQL_ManagerCantR Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -346,7 +346,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_GQL_ManagerCantR }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -359,9 +359,9 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_GQL_ManagerCantR }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -373,7 +373,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_GQL_ManagerCantR }, testUtils.Request{ - Identity: immutable.Some(2), // Manager can not read + Identity: testUtils.ClientIdentity(2), // Manager can not read Request: ` query { @@ -393,7 +393,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_GQL_ManagerCantR testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can not update. + Identity: testUtils.ClientIdentity(2), // Manager can not update. DocID: 0, @@ -409,7 +409,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_GQL_ManagerCantR testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can not delete. + Identity: testUtils.ClientIdentity(2), // Manager can not delete. DocID: 0, @@ -417,9 +417,9 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_GQL_ManagerCantR }, testUtils.AddDocActorRelationship{ // Manager can manage only. - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -450,7 +450,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -514,7 +514,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -527,9 +527,9 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -541,9 +541,9 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.AddDocActorRelationship{ // Admin tries to make another actor a writer - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -555,7 +555,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.Request{ - Identity: immutable.Some(3), // The other actor can't read + Identity: testUtils.ClientIdentity(3), // The other actor can't read Request: ` query { @@ -575,7 +575,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can not update + Identity: testUtils.ClientIdentity(3), // The other actor can not update DocID: 0, @@ -591,7 +591,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can not delete + Identity: testUtils.ClientIdentity(3), // The other actor can not delete DocID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/add/with_manager_test.go b/tests/integration/acp/relationship/doc_actor/add/with_manager_test.go index f07971589c..485c130805 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_manager_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_manager_test.go @@ -29,7 +29,7 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +93,7 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,7 +106,7 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T }, testUtils.Request{ - Identity: immutable.Some(3), // This identity can not read yet. + Identity: testUtils.ClientIdentity(3), // This identity can not read yet. Request: ` query { @@ -124,9 +124,9 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -138,9 +138,9 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T }, testUtils.AddDocActorRelationship{ // Admin makes another actor a reader - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -152,7 +152,7 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T }, testUtils.Request{ - Identity: immutable.Some(3), // The other actor can read + Identity: testUtils.ClientIdentity(3), // The other actor can read Request: ` query { @@ -178,7 +178,7 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can not update + Identity: testUtils.ClientIdentity(3), // The other actor can not update DocID: 0, @@ -194,7 +194,7 @@ func TestACP_ManagerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can not delete + Identity: testUtils.ClientIdentity(3), // The other actor can not delete DocID: 0, @@ -216,7 +216,7 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -280,7 +280,7 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -293,7 +293,7 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing }, testUtils.Request{ - Identity: immutable.Some(3), // This identity can not read yet. + Identity: testUtils.ClientIdentity(3), // This identity can not read yet. Request: ` query { @@ -311,9 +311,9 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -325,9 +325,9 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing }, testUtils.AddDocActorRelationship{ // Admin makes another actor a writer - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -341,7 +341,7 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can update + Identity: testUtils.ClientIdentity(3), // The other actor can update DocID: 0, @@ -353,7 +353,7 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing }, testUtils.Request{ - Identity: immutable.Some(3), // The other actor can read + Identity: testUtils.ClientIdentity(3), // The other actor can read Request: ` query { @@ -379,13 +379,13 @@ func TestACP_ManagerGivesWriteAccessToAnotherActor_OtherActorCanWrite(t *testing testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can delete + Identity: testUtils.ClientIdentity(3), // The other actor can delete DocID: 0, }, testUtils.Request{ - Identity: immutable.Some(3), + Identity: testUtils.ClientIdentity(3), Request: ` query { @@ -417,7 +417,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -481,7 +481,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -494,7 +494,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi }, testUtils.Request{ - Identity: immutable.Some(2), // This identity (to be manager) can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity (to be manager) can not read yet. Request: ` query { @@ -512,9 +512,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -526,9 +526,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi }, testUtils.AddDocActorRelationship{ // Manager makes itself a reader - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -540,7 +540,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi }, testUtils.Request{ - Identity: immutable.Some(2), // Manager can read now + Identity: testUtils.ClientIdentity(2), // Manager can read now Request: ` query { @@ -566,7 +566,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager still can't update + Identity: testUtils.ClientIdentity(2), // Manager still can't update DocID: 0, @@ -582,7 +582,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAccess_ManagerCanRead(t *testi testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager still can't delete + Identity: testUtils.ClientIdentity(2), // Manager still can't delete DocID: 0, @@ -609,7 +609,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -674,7 +674,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -687,7 +687,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA }, testUtils.Request{ - Identity: immutable.Some(2), // This identity (to be manager) can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity (to be manager) can not read yet. Request: ` query { @@ -707,7 +707,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can't update yet. + Identity: testUtils.ClientIdentity(2), // Manager can't update yet. DocID: 0, @@ -723,7 +723,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can't delete yet. + Identity: testUtils.ClientIdentity(2), // Manager can't delete yet. DocID: 0, @@ -731,9 +731,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -745,9 +745,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA }, testUtils.AddDocActorRelationship{ // Manager makes itself a writer - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -760,9 +760,9 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA // Note: It is not neccesary to make itself a reader, as becoming a writer allows reading. testUtils.AddDocActorRelationship{ // Manager makes itself a reader - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -776,7 +776,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can now update. + Identity: testUtils.ClientIdentity(2), // Manager can now update. DocID: 0, @@ -788,7 +788,7 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA }, testUtils.Request{ - Identity: immutable.Some(2), // Manager can read now + Identity: testUtils.ClientIdentity(2), // Manager can read now Request: ` query { @@ -814,13 +814,13 @@ func TestACP_OwnerMakesAManagerThatGivesItSelfReadAndWriteAccess_ManagerCanReadA testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can now delete. + Identity: testUtils.ClientIdentity(2), // Manager can now delete. DocID: 0, }, testUtils.Request{ - Identity: immutable.Some(2), // Make sure manager was able to delete the document. + Identity: testUtils.ClientIdentity(2), // Make sure manager was able to delete the document. Request: ` query { @@ -857,7 +857,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -921,7 +921,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -934,9 +934,9 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -948,9 +948,9 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.AddDocActorRelationship{ // Admin tries to make another actor a writer - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -962,7 +962,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy }, testUtils.Request{ - Identity: immutable.Some(3), // The other actor can't read + Identity: testUtils.ClientIdentity(3), // The other actor can't read Request: ` query { @@ -982,7 +982,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can not update + Identity: testUtils.ClientIdentity(3), // The other actor can not update DocID: 0, @@ -998,7 +998,7 @@ func TestACP_ManagerAddsRelationshipWithRelationItDoesNotManageAccordingToPolicy testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(3), // The other actor can not delete + Identity: testUtils.ClientIdentity(3), // The other actor can not delete DocID: 0, @@ -1025,7 +1025,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_ManagerCantReadO Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -1089,7 +1089,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_ManagerCantReadO }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -1102,9 +1102,9 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_ManagerCantReadO }, testUtils.AddDocActorRelationship{ // Make admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -1116,7 +1116,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_ManagerCantReadO }, testUtils.Request{ - Identity: immutable.Some(2), // Manager can not read + Identity: testUtils.ClientIdentity(2), // Manager can not read Request: ` query { @@ -1136,7 +1136,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_ManagerCantReadO testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can not update. + Identity: testUtils.ClientIdentity(2), // Manager can not update. DocID: 0, @@ -1152,7 +1152,7 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_ManagerCantReadO testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // Manager can not delete. + Identity: testUtils.ClientIdentity(2), // Manager can not delete. DocID: 0, @@ -1160,9 +1160,9 @@ func TestACP_OwnerMakesManagerButManagerCanNotPerformOperations_ManagerCantReadO }, testUtils.AddDocActorRelationship{ // Manager can manage only. - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -1188,7 +1188,7 @@ func TestACP_CantMakeRelationshipIfNotOwnerOrManager_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -1252,7 +1252,7 @@ func TestACP_CantMakeRelationshipIfNotOwnerOrManager_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -1265,9 +1265,9 @@ func TestACP_CantMakeRelationshipIfNotOwnerOrManager_Error(t *testing.T) { }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 2, // This identity can not manage as not an admin yet + RequestorIdentity: testUtils.ClientIdentity(2), // This identity can not manage as not an admin yet - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/add/with_no_policy_on_collection_test.go b/tests/integration/acp/relationship/doc_actor/add/with_no_policy_on_collection_test.go index a7ad53db41..1f2d7eb1da 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_no_policy_on_collection_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_no_policy_on_collection_test.go @@ -13,8 +13,6 @@ package test_acp_relationship_doc_actor_add import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -34,7 +32,7 @@ func TestACP_AddDocActorRelationshipWithCollectionThatHasNoPolicy_NotAllowedErro }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -47,9 +45,9 @@ func TestACP_AddDocActorRelationshipWithCollectionThatHasNoPolicy_NotAllowedErro }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/add/with_only_write_gql_test.go b/tests/integration/acp/relationship/doc_actor/add/with_only_write_gql_test.go index 9c6649c2c1..6a3f02f4ba 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_only_write_gql_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_only_write_gql_test.go @@ -34,7 +34,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQ Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -98,7 +98,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQ }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -111,7 +111,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQ }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -131,7 +131,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQ testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not update yet. + Identity: testUtils.ClientIdentity(2), // This identity can not update yet. DocID: 0, @@ -145,9 +145,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQ }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -161,7 +161,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQ testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can now update. + Identity: testUtils.ClientIdentity(2), // This identity can now update. DocID: 0, @@ -173,7 +173,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQ }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can now also read. + Identity: testUtils.ClientIdentity(2), // This identity can now also read. Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/add/with_only_write_test.go b/tests/integration/acp/relationship/doc_actor/add/with_only_write_test.go index 8333790f3d..ccac9cd232 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_only_write_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_only_write_test.go @@ -34,7 +34,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -98,7 +98,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -111,7 +111,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -131,7 +131,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not update yet. + Identity: testUtils.ClientIdentity(2), // This identity can not update yet. DocID: 0, @@ -145,9 +145,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -161,7 +161,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can now update. + Identity: testUtils.ClientIdentity(2), // This identity can now update. DocID: 0, @@ -173,7 +173,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can now also read. + Identity: testUtils.ClientIdentity(2), // This identity can now also read. Request: ` query { @@ -211,7 +211,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -275,7 +275,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -288,7 +288,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -308,7 +308,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not delete yet. + Identity: testUtils.ClientIdentity(2), // This identity can not delete yet. DocID: 0, @@ -316,9 +316,9 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -330,7 +330,7 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can now read. + Identity: testUtils.ClientIdentity(2), // This identity can now read. Request: ` query { @@ -356,13 +356,13 @@ func TestACP_OwnerGivesDeleteWriteAccessToAnotherActorWithoutExplicitReadPerm_Ot testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can now delete. + Identity: testUtils.ClientIdentity(2), // This identity can now delete. DocID: 0, }, testUtils.Request{ - Identity: immutable.Some(2), // Check if actually deleted. + Identity: testUtils.ClientIdentity(2), // Check if actually deleted. Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/add/with_public_document_test.go b/tests/integration/acp/relationship/doc_actor/add/with_public_document_test.go index 30c299e222..3a8a11087c 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_public_document_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_public_document_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_AddDocActorRelationshipWithPublicDocument_CanAlreadyAccess_Error(t Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -104,7 +102,7 @@ func TestACP_AddDocActorRelationshipWithPublicDocument_CanAlreadyAccess_Error(t }, testUtils.Request{ - Identity: immutable.Some(2), // Can read as it is a public document + Identity: testUtils.ClientIdentity(2), // Can read as it is a public document Request: ` query { @@ -128,9 +126,9 @@ func TestACP_AddDocActorRelationshipWithPublicDocument_CanAlreadyAccess_Error(t }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/add/with_reader_gql_test.go b/tests/integration/acp/relationship/doc_actor/add/with_reader_gql_test.go index e40661cede..f51861ec5c 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_reader_gql_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_reader_gql_test.go @@ -34,7 +34,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_GQL_OtherActorCanReadButNotU Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -98,7 +98,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_GQL_OtherActorCanReadButNotU }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -111,7 +111,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_GQL_OtherActorCanReadButNotU }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -131,7 +131,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_GQL_OtherActorCanReadButNotU testUtils.UpdateDoc{ // Since it can't read, it can't update either. CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -145,9 +145,9 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_GQL_OtherActorCanReadButNotU }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -159,7 +159,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_GQL_OtherActorCanReadButNotU }, testUtils.Request{ - Identity: immutable.Some(2), // Now this identity can read. + Identity: testUtils.ClientIdentity(2), // Now this identity can read. Request: ` query { @@ -185,7 +185,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_GQL_OtherActorCanReadButNotU testUtils.UpdateDoc{ // But this actor still can't update. CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/add/with_reader_test.go b/tests/integration/acp/relationship/doc_actor/add/with_reader_test.go index bac553d553..fd452c2d7d 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_reader_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_reader_test.go @@ -29,7 +29,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActorTwice_ShowThatTheRelationshipAlre Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +93,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActorTwice_ShowThatTheRelationshipAlre }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,7 +106,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActorTwice_ShowThatTheRelationshipAlre }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -124,9 +124,9 @@ func TestACP_OwnerGivesReadAccessToAnotherActorTwice_ShowThatTheRelationshipAlre }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -138,9 +138,9 @@ func TestACP_OwnerGivesReadAccessToAnotherActorTwice_ShowThatTheRelationshipAlre }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -166,7 +166,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T) Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -230,7 +230,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T) }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -243,7 +243,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T) }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -261,9 +261,9 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T) }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -275,7 +275,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanRead(t *testing.T) }, testUtils.Request{ - Identity: immutable.Some(2), // Now this identity can read. + Identity: testUtils.ClientIdentity(2), // Now this identity can read. Request: ` query { @@ -315,7 +315,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanReadSoCanTheOwner(t Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -379,7 +379,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanReadSoCanTheOwner(t }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -392,9 +392,9 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanReadSoCanTheOwner(t }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -406,7 +406,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanReadSoCanTheOwner(t }, testUtils.Request{ - Identity: immutable.Some(2), // Now this identity can read. + Identity: testUtils.ClientIdentity(2), // Now this identity can read. Request: ` query { @@ -430,7 +430,7 @@ func TestACP_OwnerGivesReadAccessToAnotherActor_OtherActorCanReadSoCanTheOwner(t }, testUtils.Request{ - Identity: immutable.Some(1), // And so can the owner (ownership not transferred). + Identity: testUtils.ClientIdentity(1), // And so can the owner (ownership not transferred). Request: ` query { @@ -473,7 +473,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotUpdat Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -537,7 +537,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotUpdat }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -550,7 +550,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotUpdat }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -570,7 +570,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotUpdat testUtils.UpdateDoc{ // Since it can't read, it can't update either. CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -584,9 +584,9 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotUpdat }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -598,7 +598,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotUpdat }, testUtils.Request{ - Identity: immutable.Some(2), // Now this identity can read. + Identity: testUtils.ClientIdentity(2), // Now this identity can read. Request: ` query { @@ -624,7 +624,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotUpdat testUtils.UpdateDoc{ // But this actor still can't update. CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -652,7 +652,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotDelet Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -716,7 +716,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotDelet }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -729,7 +729,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotDelet }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -749,7 +749,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotDelet testUtils.DeleteDoc{ // Since it can't read, it can't delete either. CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -757,9 +757,9 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotDelet }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -771,7 +771,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotDelet }, testUtils.Request{ - Identity: immutable.Some(2), // Now this identity can read. + Identity: testUtils.ClientIdentity(2), // Now this identity can read. Request: ` query { @@ -797,7 +797,7 @@ func TestACP_OwnerGivesOnlyReadAccessToAnotherActor_OtherActorCanReadButNotDelet testUtils.DeleteDoc{ // But this actor still can't delete. CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/add/with_update_gql_test.go b/tests/integration/acp/relationship/doc_actor/add/with_update_gql_test.go index d265b448c3..eff2be0f7d 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_update_gql_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_update_gql_test.go @@ -34,7 +34,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_GQL_ShowThatTheRelat Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -98,7 +98,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_GQL_ShowThatTheRelat }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -111,7 +111,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_GQL_ShowThatTheRelat }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -131,7 +131,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_GQL_ShowThatTheRelat testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not update yet. + Identity: testUtils.ClientIdentity(2), // This identity can not update yet. DocID: 0, @@ -145,9 +145,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_GQL_ShowThatTheRelat }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -159,9 +159,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_GQL_ShowThatTheRelat }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -192,7 +192,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_GQL_OtherActorCanUpdate(t Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -256,7 +256,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_GQL_OtherActorCanUpdate(t }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -269,7 +269,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_GQL_OtherActorCanUpdate(t }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -289,7 +289,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_GQL_OtherActorCanUpdate(t testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not update yet. + Identity: testUtils.ClientIdentity(2), // This identity can not update yet. DocID: 0, @@ -303,9 +303,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_GQL_OtherActorCanUpdate(t }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -319,7 +319,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_GQL_OtherActorCanUpdate(t testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can now update. + Identity: testUtils.ClientIdentity(2), // This identity can now update. DocID: 0, @@ -331,7 +331,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_GQL_OtherActorCanUpdate(t }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can now also read. + Identity: testUtils.ClientIdentity(2), // This identity can now also read. Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/add/with_update_test.go b/tests/integration/acp/relationship/doc_actor/add/with_update_test.go index de98f32b53..f6bf553356 100644 --- a/tests/integration/acp/relationship/doc_actor/add/with_update_test.go +++ b/tests/integration/acp/relationship/doc_actor/add/with_update_test.go @@ -34,7 +34,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_ShowThatTheRelations Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -98,7 +98,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -111,7 +111,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -131,7 +131,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_ShowThatTheRelations testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not update yet. + Identity: testUtils.ClientIdentity(2), // This identity can not update yet. DocID: 0, @@ -145,9 +145,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -159,9 +159,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorTwice_ShowThatTheRelations }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -192,7 +192,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdate(t *te Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -256,7 +256,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdate(t *te }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -269,7 +269,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdate(t *te }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -289,7 +289,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdate(t *te testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can not update yet. + Identity: testUtils.ClientIdentity(2), // This identity can not update yet. DocID: 0, @@ -303,9 +303,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdate(t *te }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -319,7 +319,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdate(t *te testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can now update. + Identity: testUtils.ClientIdentity(2), // This identity can now update. DocID: 0, @@ -331,7 +331,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdate(t *te }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can now also read. + Identity: testUtils.ClientIdentity(2), // This identity can now also read. Request: ` query { @@ -369,7 +369,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdateSoCanT Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -433,7 +433,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdateSoCanT }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -446,9 +446,9 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdateSoCanT }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -462,7 +462,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdateSoCanT testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can now update. + Identity: testUtils.ClientIdentity(2), // This identity can now update. DocID: 0, @@ -474,7 +474,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdateSoCanT }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can now also read. + Identity: testUtils.ClientIdentity(2), // This identity can now also read. Request: ` query { @@ -500,7 +500,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdateSoCanT testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(1), // Owner can still also update (ownership not transferred) + Identity: testUtils.ClientIdentity(1), // Owner can still also update (ownership not transferred) DocID: 0, @@ -512,7 +512,7 @@ func TestACP_OwnerGivesUpdateWriteAccessToAnotherActor_OtherActorCanUpdateSoCanT }, testUtils.Request{ - Identity: immutable.Some(2), // Owner can still also read (ownership not transferred) + Identity: testUtils.ClientIdentity(2), // Owner can still also read (ownership not transferred) Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/delete/invalid_test.go b/tests/integration/acp/relationship/doc_actor/delete/invalid_test.go index 41cb6e4921..71bdcc9094 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/invalid_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/invalid_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_DeleteDocActorRelationshipMissingDocID_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_DeleteDocActorRelationshipMissingDocID_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,9 +104,9 @@ func TestACP_DeleteDocActorRelationshipMissingDocID_Error(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -134,7 +132,7 @@ func TestACP_DeleteDocActorRelationshipMissingCollection_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -198,7 +196,7 @@ func TestACP_DeleteDocActorRelationshipMissingCollection_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -211,9 +209,9 @@ func TestACP_DeleteDocActorRelationshipMissingCollection_Error(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: -1, @@ -239,7 +237,7 @@ func TestACP_DeleteDocActorRelationshipMissingRelationName_Error(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -303,7 +301,7 @@ func TestACP_DeleteDocActorRelationshipMissingRelationName_Error(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -316,9 +314,9 @@ func TestACP_DeleteDocActorRelationshipMissingRelationName_Error(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -344,7 +342,7 @@ func TestACP_DeleteDocActorRelationshipMissingTargetActorName_Error(t *testing.T Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -408,7 +406,7 @@ func TestACP_DeleteDocActorRelationshipMissingTargetActorName_Error(t *testing.T }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -421,9 +419,9 @@ func TestACP_DeleteDocActorRelationshipMissingTargetActorName_Error(t *testing.T }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: -1, + TargetIdentity: testUtils.NoIdentity(), CollectionID: 0, @@ -449,7 +447,7 @@ func TestACP_DeleteDocActorRelationshipMissingReqestingIdentityName_Error(t *tes Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -513,7 +511,7 @@ func TestACP_DeleteDocActorRelationshipMissingReqestingIdentityName_Error(t *tes }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -526,9 +524,9 @@ func TestACP_DeleteDocActorRelationshipMissingReqestingIdentityName_Error(t *tes }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: -1, + RequestorIdentity: testUtils.NoIdentity(), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_delete_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_delete_test.go index d931a7049b..6857f4de16 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_delete_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_delete_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -94,7 +92,7 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin // Creating two documents because need one to do the test on after one is deleted. testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,7 +104,7 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin `, }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -120,9 +118,9 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin // Give access to the other actor to delete and read both documents. testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -133,9 +131,9 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin ExpectedExistence: false, }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -148,7 +146,7 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin // Now the other identity can read both and delete both of those documents testUtils.Request{ - Identity: immutable.Some(2), // This identity can read. + Identity: testUtils.ClientIdentity(2), // This identity can read. Request: ` query { @@ -176,15 +174,15 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can also delete. + Identity: testUtils.ClientIdentity(2), // This identity can also delete. DocID: 1, }, testUtils.DeleteDocActorRelationship{ // Revoke access from being able to delete (and read) the document. - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -197,7 +195,7 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin // The other identity can neither delete nor read the other document anymore. testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -216,7 +214,7 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin testUtils.DeleteDoc{ CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -225,7 +223,7 @@ func TestACP_OwnerRevokesDeleteWriteAccess_OtherActorCanNoLongerDelete(t *testin // Ensure document was not accidentally deleted using owner identity. testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_dummy_relation_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_dummy_relation_test.go index 190850dfdd..e9e42b9f42 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_dummy_relation_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_dummy_relation_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingC Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingC }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,7 +104,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingC }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -124,9 +122,9 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingC }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -138,7 +136,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationDefinedOnPolicy_NothingC }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can still not read. + Identity: testUtils.ClientIdentity(2), // This identity can still not read. Request: ` query { @@ -170,7 +168,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -234,7 +232,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -247,7 +245,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read yet. + Identity: testUtils.ClientIdentity(2), // This identity can not read yet. Request: ` query { @@ -265,9 +263,9 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -279,7 +277,7 @@ func TestACP_DeleteDocActorRelationshipWithDummyRelationNotDefinedOnPolicy_Error }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can still not read. + Identity: testUtils.ClientIdentity(2), // This identity can still not read. Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_manager_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_manager_test.go index fd841c562a..779e2d6e62 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_manager_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_manager_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_ManagerRevokesReadAccess_OtherActorCanNoLongerRead(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_ManagerRevokesReadAccess_OtherActorCanNoLongerRead(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,9 +104,9 @@ func TestACP_ManagerRevokesReadAccess_OtherActorCanNoLongerRead(t *testing.T) { }, testUtils.AddDocActorRelationship{ // Owner makes admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -120,9 +118,9 @@ func TestACP_ManagerRevokesReadAccess_OtherActorCanNoLongerRead(t *testing.T) { }, testUtils.AddDocActorRelationship{ // Owner gives an actor read access - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -134,7 +132,7 @@ func TestACP_ManagerRevokesReadAccess_OtherActorCanNoLongerRead(t *testing.T) { }, testUtils.Request{ - Identity: immutable.Some(3), // The other actor can read + Identity: testUtils.ClientIdentity(3), // The other actor can read Request: ` query { @@ -156,9 +154,9 @@ func TestACP_ManagerRevokesReadAccess_OtherActorCanNoLongerRead(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ // Admin revokes access of the other actor that could read. - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -171,7 +169,7 @@ func TestACP_ManagerRevokesReadAccess_OtherActorCanNoLongerRead(t *testing.T) { // The other actor can no longer read. testUtils.Request{ - Identity: immutable.Some(3), + Identity: testUtils.ClientIdentity(3), Request: ` query { @@ -202,7 +200,7 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -266,7 +264,7 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -279,9 +277,9 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin }, testUtils.AddDocActorRelationship{ // Owner makes admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -293,9 +291,9 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin }, testUtils.AddDocActorRelationship{ // Manager gives an actor read access - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -307,7 +305,7 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin }, testUtils.Request{ - Identity: immutable.Some(3), // The other actor can read + Identity: testUtils.ClientIdentity(3), // The other actor can read Request: ` query { @@ -329,9 +327,9 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin }, testUtils.DeleteDocActorRelationship{ // Admin revokes access of the admin. - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -343,9 +341,9 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin }, testUtils.AddDocActorRelationship{ // Manager can no longer grant read access. - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 4, // This identity has no access previously. + TargetIdentity: testUtils.ClientIdentity(4), // This identity has no access previously. CollectionID: 0, @@ -357,7 +355,7 @@ func TestACP_OwnerRevokesManagersAccess_ManagerCanNoLongerManageOthers(t *testin }, testUtils.Request{ - Identity: immutable.Some(4), // The other actor can ofcourse still not read. + Identity: testUtils.ClientIdentity(4), // The other actor can ofcourse still not read. Request: ` query { @@ -388,7 +386,7 @@ func TestACP_AdminTriesToRevokeOwnersAccess_NotAllowedError(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -452,7 +450,7 @@ func TestACP_AdminTriesToRevokeOwnersAccess_NotAllowedError(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -465,9 +463,9 @@ func TestACP_AdminTriesToRevokeOwnersAccess_NotAllowedError(t *testing.T) { }, testUtils.AddDocActorRelationship{ // Owner makes admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -479,9 +477,9 @@ func TestACP_AdminTriesToRevokeOwnersAccess_NotAllowedError(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ // Admin tries to revoke owners `owner` relation. - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 1, + TargetIdentity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -493,9 +491,9 @@ func TestACP_AdminTriesToRevokeOwnersAccess_NotAllowedError(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ // Owner can still perform owner operations, like restrict admin. - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -507,7 +505,7 @@ func TestACP_AdminTriesToRevokeOwnersAccess_NotAllowedError(t *testing.T) { }, testUtils.Request{ - Identity: immutable.Some(1), // The owner can still read + Identity: testUtils.ClientIdentity(1), // The owner can still read Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_no_policy_on_collection_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_no_policy_on_collection_test.go index 3039d32e5f..467759f4fd 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_no_policy_on_collection_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_no_policy_on_collection_test.go @@ -13,8 +13,6 @@ package test_acp_relationship_doc_actor_delete import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -34,7 +32,7 @@ func TestACP_DeleteDocActorRelationshipWithCollectionThatHasNoPolicy_NotAllowedE }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -47,9 +45,9 @@ func TestACP_DeleteDocActorRelationshipWithCollectionThatHasNoPolicy_NotAllowedE }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_public_document_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_public_document_test.go index fa071c6806..906055c89b 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_public_document_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_public_document_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_DeleteDocActorRelationshipWithPublicDocument_CanAlreadyAccess_Error Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -104,7 +102,7 @@ func TestACP_DeleteDocActorRelationshipWithPublicDocument_CanAlreadyAccess_Error }, testUtils.Request{ - Identity: immutable.Some(2), // Can read as it is a public document + Identity: testUtils.ClientIdentity(2), // Can read as it is a public document Request: ` query { @@ -128,9 +126,9 @@ func TestACP_DeleteDocActorRelationshipWithPublicDocument_CanAlreadyAccess_Error }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_reader_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_reader_test.go index 58b74e4dc1..52472ea897 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_reader_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_reader_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_OwnerRevokesReadAccessTwice_ShowThatTheRecordWasNotFoundSecondTime( Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_OwnerRevokesReadAccessTwice_ShowThatTheRecordWasNotFoundSecondTime( }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,9 +104,9 @@ func TestACP_OwnerRevokesReadAccessTwice_ShowThatTheRecordWasNotFoundSecondTime( }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -120,9 +118,9 @@ func TestACP_OwnerRevokesReadAccessTwice_ShowThatTheRecordWasNotFoundSecondTime( }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -134,9 +132,9 @@ func TestACP_OwnerRevokesReadAccessTwice_ShowThatTheRecordWasNotFoundSecondTime( }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -162,7 +160,7 @@ func TestACP_OwnerRevokesGivenReadAccess_OtherActorCanNoLongerRead(t *testing.T) Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -226,7 +224,7 @@ func TestACP_OwnerRevokesGivenReadAccess_OtherActorCanNoLongerRead(t *testing.T) }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -239,9 +237,9 @@ func TestACP_OwnerRevokesGivenReadAccess_OtherActorCanNoLongerRead(t *testing.T) }, testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -253,7 +251,7 @@ func TestACP_OwnerRevokesGivenReadAccess_OtherActorCanNoLongerRead(t *testing.T) }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can read. + Identity: testUtils.ClientIdentity(2), // This identity can read. Request: ` query { @@ -277,9 +275,9 @@ func TestACP_OwnerRevokesGivenReadAccess_OtherActorCanNoLongerRead(t *testing.T) }, testUtils.DeleteDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -291,7 +289,7 @@ func TestACP_OwnerRevokesGivenReadAccess_OtherActorCanNoLongerRead(t *testing.T) }, testUtils.Request{ - Identity: immutable.Some(2), // This identity can not read anymore. + Identity: testUtils.ClientIdentity(2), // This identity can not read anymore. Request: ` query { diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_self_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_self_test.go index 563359fcd4..a732284a0c 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_self_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_self_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_AdminTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -93,7 +91,7 @@ func TestACP_AdminTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -106,9 +104,9 @@ func TestACP_AdminTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { }, testUtils.AddDocActorRelationship{ // Owner makes admin / manager - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -120,9 +118,9 @@ func TestACP_AdminTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ // Admin tries to revoke it's own relation. - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -134,9 +132,9 @@ func TestACP_AdminTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { }, testUtils.AddDocActorRelationship{ // Admin can still perform admin operations. - RequestorIdentity: 2, + RequestorIdentity: testUtils.ClientIdentity(2), - TargetIdentity: 3, + TargetIdentity: testUtils.ClientIdentity(3), CollectionID: 0, @@ -162,7 +160,7 @@ func TestACP_OwnerTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -226,7 +224,7 @@ func TestACP_OwnerTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -239,9 +237,9 @@ func TestACP_OwnerTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { }, testUtils.DeleteDocActorRelationship{ // Owner tries to revoke it's own relation. - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 1, + TargetIdentity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -253,9 +251,9 @@ func TestACP_OwnerTriesToRevokeItsOwnAccess_NotAllowedError(t *testing.T) { }, testUtils.AddDocActorRelationship{ // Owner can still perform admin operations. - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, diff --git a/tests/integration/acp/relationship/doc_actor/delete/with_update_test.go b/tests/integration/acp/relationship/doc_actor/delete/with_update_test.go index e51edc22ca..22777e240d 100644 --- a/tests/integration/acp/relationship/doc_actor/delete/with_update_test.go +++ b/tests/integration/acp/relationship/doc_actor/delete/with_update_test.go @@ -34,7 +34,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -98,7 +98,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -112,9 +112,9 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin // Give access to the other actor to update and read the document. testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -128,7 +128,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can update. + Identity: testUtils.ClientIdentity(2), // This identity can update. DocID: 0, @@ -141,7 +141,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin // Ensure the other identity can read and update the document. testUtils.Request{ - Identity: immutable.Some(2), // This identity can also read. + Identity: testUtils.ClientIdentity(2), // This identity can also read. Request: ` query { @@ -163,9 +163,9 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin }, testUtils.DeleteDocActorRelationship{ // Revoke access from being able to update (and read) the document. - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -178,7 +178,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin // The other identity can neither update nor read the other document anymore. testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -197,7 +197,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -212,7 +212,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_OtherActorCanNoLongerUpdate(t *testin // Ensure document was not accidentally updated using owner identity. testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { @@ -253,7 +253,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: Test Policy @@ -317,7 +317,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te }, testUtils.CreateDoc{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), CollectionID: 0, @@ -331,9 +331,9 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te // Give access to the other actor to update and read the document. testUtils.AddDocActorRelationship{ - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -347,7 +347,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), // This identity can update. + Identity: testUtils.ClientIdentity(2), // This identity can update. DocID: 0, @@ -360,7 +360,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te // Ensure the other identity can read and update the document. testUtils.Request{ - Identity: immutable.Some(2), // This identity can also read. + Identity: testUtils.ClientIdentity(2), // This identity can also read. Request: ` query { @@ -382,9 +382,9 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te }, testUtils.DeleteDocActorRelationship{ // Revoke access from being able to update (and read) the document. - RequestorIdentity: 1, + RequestorIdentity: testUtils.ClientIdentity(1), - TargetIdentity: 2, + TargetIdentity: testUtils.ClientIdentity(2), CollectionID: 0, @@ -397,7 +397,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te // The other identity can neither update nor read the other document anymore. testUtils.Request{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Request: ` query { @@ -416,7 +416,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te testUtils.UpdateDoc{ CollectionID: 0, - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), DocID: 0, @@ -431,7 +431,7 @@ func TestACP_OwnerRevokesUpdateWriteAccess_GQL_OtherActorCanNoLongerUpdate(t *te // Ensure document was not accidentally updated using owner identity. testUtils.Request{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Request: ` query { diff --git a/tests/integration/acp/schema/add_dpi/accept_basic_dpi_fmts_test.go b/tests/integration/acp/schema/add_dpi/accept_basic_dpi_fmts_test.go index 5104309f22..6249dbb77b 100644 --- a/tests/integration/acp/schema/add_dpi/accept_basic_dpi_fmts_test.go +++ b/tests/integration/acp/schema/add_dpi/accept_basic_dpi_fmts_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" schemaUtils "github.com/sourcenetwork/defradb/tests/integration/schema" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_BasicYAML_SchemaAccepted(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -125,7 +123,7 @@ func TestACP_AddDPISchema_BasicJSON_SchemaAccepted(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` { diff --git a/tests/integration/acp/schema/add_dpi/accept_extra_permissions_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/accept_extra_permissions_on_dpi_test.go index 4d6409c026..3b4c7d711c 100644 --- a/tests/integration/acp/schema/add_dpi/accept_extra_permissions_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/accept_extra_permissions_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" schemaUtils "github.com/sourcenetwork/defradb/tests/integration/schema" ) @@ -31,7 +29,7 @@ func TestACP_AddDPISchema_WithExtraPermsHavingRequiredRelation_AcceptSchema(t *t testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -131,7 +129,7 @@ func TestACP_AddDPISchema_WithExtraPermsHavingRequiredRelationInTheEnd_AcceptSch testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -231,7 +229,7 @@ func TestACP_AddDPISchema_WithExtraPermsHavingNoRequiredRelation_AcceptSchema(t testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/accept_managed_relation_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/accept_managed_relation_on_dpi_test.go index 42eed6b876..83b92a8721 100644 --- a/tests/integration/acp/schema/add_dpi/accept_managed_relation_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/accept_managed_relation_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" schemaUtils "github.com/sourcenetwork/defradb/tests/integration/schema" ) @@ -31,7 +29,7 @@ func TestACP_AddDPISchema_WithManagedRelation_AcceptSchemas(t *testing.T) { testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/accept_mixed_resources_on_partial_dpi_test.go b/tests/integration/acp/schema/add_dpi/accept_mixed_resources_on_partial_dpi_test.go index 288e3ecfa3..40b62afef9 100644 --- a/tests/integration/acp/schema/add_dpi/accept_mixed_resources_on_partial_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/accept_mixed_resources_on_partial_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" schemaUtils "github.com/sourcenetwork/defradb/tests/integration/schema" ) @@ -31,7 +29,7 @@ func TestACP_AddDPISchema_PartialValidDPIButUseOnlyValidDPIResource_AcceptSchema testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/accept_multi_dpis_test.go b/tests/integration/acp/schema/add_dpi/accept_multi_dpis_test.go index db64e70e8d..b7aa43d22c 100644 --- a/tests/integration/acp/schema/add_dpi/accept_multi_dpis_test.go +++ b/tests/integration/acp/schema/add_dpi/accept_multi_dpis_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" schemaUtils "github.com/sourcenetwork/defradb/tests/integration/schema" ) @@ -56,7 +54,7 @@ func TestACP_AddDPISchema_AddDuplicateDPIsByOtherCreatorsUseBoth_AcceptSchema(t Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: validDPIUsedByBoth, @@ -65,7 +63,7 @@ func TestACP_AddDPISchema_AddDuplicateDPIsByOtherCreatorsUseBoth_AcceptSchema(t testUtils.AddPolicy{ - Identity: immutable.Some(2), + Identity: testUtils.ClientIdentity(2), Policy: validDPIUsedByBoth, diff --git a/tests/integration/acp/schema/add_dpi/accept_multi_resources_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/accept_multi_resources_on_dpi_test.go index a8da38040e..2e9a74a32e 100644 --- a/tests/integration/acp/schema/add_dpi/accept_multi_resources_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/accept_multi_resources_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" schemaUtils "github.com/sourcenetwork/defradb/tests/integration/schema" ) @@ -31,7 +29,7 @@ func TestACP_AddDPISchema_WithMultipleResources_AcceptSchema(t *testing.T) { testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -141,7 +139,7 @@ func TestACP_AddDPISchema_WithMultipleResourcesBothBeingUsed_AcceptSchema(t *tes testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/accept_same_resource_on_diff_schemas_test.go b/tests/integration/acp/schema/add_dpi/accept_same_resource_on_diff_schemas_test.go index 812b5ba154..f296d98eee 100644 --- a/tests/integration/acp/schema/add_dpi/accept_same_resource_on_diff_schemas_test.go +++ b/tests/integration/acp/schema/add_dpi/accept_same_resource_on_diff_schemas_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" schemaUtils "github.com/sourcenetwork/defradb/tests/integration/schema" ) @@ -32,7 +30,7 @@ func TestACP_AddDPISchema_UseSameResourceOnDifferentSchemas_AcceptSchemas(t *tes testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_empty_arg_on_schema_test.go b/tests/integration/acp/schema/add_dpi/reject_empty_arg_on_schema_test.go index bde886d7de..7a40c69bc5 100644 --- a/tests/integration/acp/schema/add_dpi/reject_empty_arg_on_schema_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_empty_arg_on_schema_test.go @@ -13,8 +13,6 @@ package test_acp_schema_add_dpi import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_AddDPISchema_NoArgWasSpecifiedOnSchema_SchemaRejected(t *testing.T) testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -104,7 +102,7 @@ func TestACP_AddDPISchema_SpecifiedArgsAreEmptyOnSchema_SchemaRejected(t *testin testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_invalid_arg_type_on_schema_test.go b/tests/integration/acp/schema/add_dpi/reject_invalid_arg_type_on_schema_test.go index efb05fca7b..0d8b8c8e60 100644 --- a/tests/integration/acp/schema/add_dpi/reject_invalid_arg_type_on_schema_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_invalid_arg_type_on_schema_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_InvalidPolicyIDArgTypeWasSpecifiedOnSchema_SchemaRejec testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -105,7 +103,7 @@ func TestACP_AddDPISchema_InvalidResourceArgTypeWasSpecifiedOnSchema_SchemaRejec testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_on_dpi_test.go index 74747b9fb3..c56f6a8f8a 100644 --- a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_OwnerMissingRequiredReadPermissionOnDPI_SchemaRejected testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -115,7 +113,7 @@ func TestACP_AddDPISchema_OwnerMissingRequiredReadPermissionLabelOnDPI_SchemaRej testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -199,7 +197,7 @@ func TestACP_AddDPISchema_OwnerSpecifiedIncorrectlyOnReadPermissionExprOnDPI_Sch testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -284,7 +282,7 @@ func TestACP_AddDPISchema_OwnerSpecifiedIncorrectlyOnReadPermissionNoSpaceExprOn testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -369,7 +367,7 @@ func TestACP_AddDPISchema_MaliciousOwnerSpecifiedOnReadPermissionExprOnDPI_Schem testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_symbol_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_symbol_on_dpi_test.go index 5c52c37aeb..a540b98ddd 100644 --- a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_symbol_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_read_perm_symbol_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_OwnerRelationWithDifferenceSetOpOnReadPermissionExprOn testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -116,7 +114,7 @@ func TestACP_AddDPISchema_OwnerRelationWithIntersectionSetOpOnReadPermissionExpr testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -202,7 +200,7 @@ func TestACP_AddDPISchema_OwnerRelationWithInvalidSetOpOnReadPermissionExprOnDPI testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_on_dpi_test.go index a2cf05fc27..c203ed6eb0 100644 --- a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_OwnerMissingRequiredWritePermissionOnDPI_SchemaRejecte testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -115,7 +113,7 @@ func TestACP_AddDPISchema_OwnerMissingRequiredWritePermissionLabelOnDPI_SchemaRe testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -199,7 +197,7 @@ func TestACP_AddDPISchema_OwnerSpecifiedIncorrectlyOnWritePermissionExprOnDPI_Sc testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -284,7 +282,7 @@ func TestACP_AddDPISchema_OwnerSpecifiedIncorrectlyOnWritePermissionNoSpaceExprO testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -369,7 +367,7 @@ func TestACP_AddDPISchema_MaliciousOwnerSpecifiedOnWritePermissionExprOnDPI_Sche testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_symbol_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_symbol_on_dpi_test.go index 1c523eeb68..cb5c898c75 100644 --- a/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_symbol_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_invalid_owner_write_perm_symbol_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_OwnerRelationWithDifferenceSetOpOnWritePermissionExprO testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -116,7 +114,7 @@ func TestACP_AddDPISchema_OwnerRelationWithIntersectionSetOpOnWritePermissionExp testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -202,7 +200,7 @@ func TestACP_AddDPISchema_OwnerRelationWithInvalidSetOpOnWritePermissionExprOnDP testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_missing_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_missing_dpi_test.go index df40f3b202..7c2bf74406 100644 --- a/tests/integration/acp/schema/add_dpi/reject_missing_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_missing_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -81,7 +79,7 @@ func TestACP_AddDPISchema_WhereAPolicyWasAddedButLinkedPolicyWasNotAdded_SchemaR testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_missing_id_arg_on_schema_test.go b/tests/integration/acp/schema/add_dpi/reject_missing_id_arg_on_schema_test.go index 7a5dc39f3a..2dd775a84f 100644 --- a/tests/integration/acp/schema/add_dpi/reject_missing_id_arg_on_schema_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_missing_id_arg_on_schema_test.go @@ -13,8 +13,6 @@ package test_acp_schema_add_dpi import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -29,7 +27,7 @@ func TestACP_AddDPISchema_NoPolicyIDWasSpecifiedOnSchema_SchemaRejected(t *testi testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -104,7 +102,7 @@ func TestACP_AddDPISchema_SpecifiedPolicyIDArgIsEmptyOnSchema_SchemaRejected(t * testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_missing_perms_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_missing_perms_on_dpi_test.go index 0b93b6df16..8afbced697 100644 --- a/tests/integration/acp/schema/add_dpi/reject_missing_perms_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_missing_perms_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_MissingRequiredReadPermissionOnDPI_SchemaRejected(t *t testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_missing_resource_arg_on_schema_test.go b/tests/integration/acp/schema/add_dpi/reject_missing_resource_arg_on_schema_test.go index 2013b93225..1a88260ec5 100644 --- a/tests/integration/acp/schema/add_dpi/reject_missing_resource_arg_on_schema_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_missing_resource_arg_on_schema_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_NoResourceWasSpecifiedOnSchema_SchemaRejected(t *testi testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test @@ -107,7 +105,7 @@ func TestACP_AddDPISchema_SpecifiedResourceArgIsEmptyOnSchema_SchemaRejected(t * testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_missing_resource_on_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_missing_resource_on_dpi_test.go index 0c8354a625..1be8d6bd97 100644 --- a/tests/integration/acp/schema/add_dpi/reject_missing_resource_on_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_missing_resource_on_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_SpecifiedResourceDoesNotExistOnDPI_SchemaRejected(t *t testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/acp/schema/add_dpi/reject_mixed_resources_on_partial_dpi_test.go b/tests/integration/acp/schema/add_dpi/reject_mixed_resources_on_partial_dpi_test.go index e346da3536..97c3a6f215 100644 --- a/tests/integration/acp/schema/add_dpi/reject_mixed_resources_on_partial_dpi_test.go +++ b/tests/integration/acp/schema/add_dpi/reject_mixed_resources_on_partial_dpi_test.go @@ -14,8 +14,6 @@ import ( "fmt" "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -30,7 +28,7 @@ func TestACP_AddDPISchema_PartialValidDPIButUseInValidDPIResource_RejectSchema(t testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/collection_description/updates/remove/policy_test.go b/tests/integration/collection_description/updates/remove/policy_test.go index 0c498016a4..d0341e0958 100644 --- a/tests/integration/collection_description/updates/remove/policy_test.go +++ b/tests/integration/collection_description/updates/remove/policy_test.go @@ -13,8 +13,6 @@ package remove import ( "testing" - "github.com/sourcenetwork/immutable" - testUtils "github.com/sourcenetwork/defradb/tests/integration" ) @@ -23,7 +21,7 @@ func TestColDescrUpdateRemovePolicy_Errors(t *testing.T) { Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test diff --git a/tests/integration/collection_description/updates/replace/view_policy_test.go b/tests/integration/collection_description/updates/replace/view_policy_test.go index db24ff2148..20d61b664a 100644 --- a/tests/integration/collection_description/updates/replace/view_policy_test.go +++ b/tests/integration/collection_description/updates/replace/view_policy_test.go @@ -27,7 +27,7 @@ func TestColDescrUpdateReplaceIsMaterialized_GivenPolicyOnNonMAterializedView_Er }), Actions: []any{ testUtils.AddPolicy{ - Identity: immutable.Some(1), + Identity: testUtils.ClientIdentity(1), Policy: ` name: test description: a test policy which marks a collection in a database as a resource diff --git a/tests/integration/identity.go b/tests/integration/identity.go new file mode 100644 index 0000000000..7c56d81375 --- /dev/null +++ b/tests/integration/identity.go @@ -0,0 +1,147 @@ +// Copyright 2024 Democratized Data Foundation +// +// Use of this software is governed by the Business Source License +// included in the file licenses/BSL.txt. +// +// As of the Change Date specified in that file, in accordance with +// the Business Source License, use of this software will be governed +// by the Apache License, Version 2.0, included in the file +// licenses/APL.txt. + +package tests + +import ( + "context" + "math/rand" + + "github.com/decred/dcrd/dcrec/secp256k1/v4" + "github.com/sourcenetwork/immutable" + "github.com/stretchr/testify/require" + + acpIdentity "github.com/sourcenetwork/defradb/acp/identity" +) + +// identityRef is a type that refers to a specific identity of a certain type. +type identityRef struct { + isClient bool + index int +} + +// NoIdentity returns an reference to an identity that represents no identity. +func NoIdentity() immutable.Option[identityRef] { + return immutable.None[identityRef]() +} + +// ClientIdentity returns a reference to a user identity with a given index. +func ClientIdentity(index int) immutable.Option[identityRef] { + return immutable.Some(identityRef{ + isClient: true, + index: index, + }) +} + +// NodeIdentity returns a reference to a node identity with a given index. +func NodeIdentity(index int) immutable.Option[identityRef] { + return immutable.Some(identityRef{ + isClient: false, + index: index, + }) +} + +// identityHolder holds an identity and the generated tokens for each target node. +// This is used to cache the generated tokens for each node. +type identityHolder struct { + // Identity is the identity. + Identity acpIdentity.Identity + // NodeTokens is a map of node index to the generated token for that node. + NodeTokens map[int]string +} + +func newIdentityHolder(ident acpIdentity.Identity) *identityHolder { + return &identityHolder{ + Identity: ident, + NodeTokens: make(map[int]string), + } +} + +// getIdentity returns the identity for the given reference. +// If the identity does not exist, it will be generated. +func getIdentity(s *state, ref immutable.Option[identityRef]) acpIdentity.Identity { + if !ref.HasValue() { + return acpIdentity.Identity{} + } + return getIdentityHolder(s, ref.Value()).Identity +} + +// getIdentityHolder returns the identity holder for the given reference. +// If the identity does not exist, it will be generated. +func getIdentityHolder(s *state, ref identityRef) *identityHolder { + ident, ok := s.identities[ref] + if ok { + return ident + } + + s.identities[ref] = newIdentityHolder(generateIdentity(s)) + return s.identities[ref] +} + +// getIdentityForRequest returns the identity for the given reference and node index. +// It prepares the identity for a request by generating a token if needed, i.e. it will +// return an identity with [Identity.BearerToken] set. +func getIdentityForRequest(s *state, ref identityRef, nodeIndex int) acpIdentity.Identity { + identHolder := getIdentityHolder(s, ref) + ident := identHolder.Identity + + token, ok := identHolder.NodeTokens[nodeIndex] + if ok { + ident.BearerToken = token + } else { + audience := getNodeAudience(s, nodeIndex) + if acpType == SourceHubACPType || audience.HasValue() { + err := ident.UpdateToken(authTokenExpiration, audience, immutable.Some(s.sourcehubAddress)) + require.NoError(s.t, err) + identHolder.NodeTokens[nodeIndex] = ident.BearerToken + } + } + return ident +} + +// Generate the keys using predefined seed so that multiple runs yield the same private key. +// This is important for stuff like the change detector. +func generateIdentity(s *state) acpIdentity.Identity { + source := rand.NewSource(int64(s.nextIdentityGenSeed)) + r := rand.New(source) + + privateKey, err := secp256k1.GeneratePrivateKeyFromRand(r) + require.NoError(s.t, err) + + s.nextIdentityGenSeed++ + + identity, err := acpIdentity.FromPrivateKey(privateKey) + require.NoError(s.t, err) + + return identity +} + +// getContextWithIdentity returns a context with the identity for the given reference and node index. +// If the identity does not exist, it will be generated. +// The identity added to the context is prepared for a request, i.e. its [Identity.BearerToken] is set. +func getContextWithIdentity( + ctx context.Context, + s *state, + ref immutable.Option[identityRef], + nodeIndex int, +) context.Context { + if !ref.HasValue() { + return ctx + } + ident := getIdentityForRequest(s, ref.Value(), nodeIndex) + return acpIdentity.WithContext(ctx, immutable.Some(ident)) +} + +func getIdentityDID(s *state, ref immutable.Option[identityRef]) string { + if ref.HasValue() { + return getIdentity(s, ref).DID + } + return "" +} diff --git a/tests/integration/node/identity_test.go b/tests/integration/node/identity_test.go new file mode 100644 index 0000000000..38c065e1b9 --- /dev/null +++ b/tests/integration/node/identity_test.go @@ -0,0 +1,36 @@ +// Copyright 2024 Democratized Data Foundation +// +// Use of this software is governed by the Business Source License +// included in the file licenses/BSL.txt. +// +// As of the Change Date specified in that file, in accordance with +// the Business Source License, use of this software will be governed +// by the Apache License, Version 2.0, included in the file +// licenses/APL.txt. + +package node + +import ( + "testing" + + testUtils "github.com/sourcenetwork/defradb/tests/integration" +) + +func TestNodeIdentity_NodeIdentity_Succeed(t *testing.T) { + test := testUtils.TestCase{ + Actions: []any{ + testUtils.RandomNetworkingConfig(), + testUtils.RandomNetworkingConfig(), + testUtils.GetNodeIdentity{ + NodeID: 0, + ExpectedIdentity: testUtils.NodeIdentity(0), + }, + testUtils.GetNodeIdentity{ + NodeID: 1, + ExpectedIdentity: testUtils.NodeIdentity(1), + }, + }, + } + + testUtils.ExecuteTestCase(t, test) +} diff --git a/tests/integration/state.go b/tests/integration/state.go index 9e65458531..77fe2e52cd 100644 --- a/tests/integration/state.go +++ b/tests/integration/state.go @@ -17,7 +17,6 @@ import ( "github.com/ipfs/go-cid" "github.com/libp2p/go-libp2p/core/peer" - identity "github.com/sourcenetwork/defradb/acp/identity" "github.com/sourcenetwork/defradb/client" "github.com/sourcenetwork/defradb/datastore" "github.com/sourcenetwork/defradb/event" @@ -129,13 +128,20 @@ type state struct { // This is order dependent and the property is accessed by index. txns []datastore.Txn - // Identities by node index, by identity index. - identities [][]identity.Identity + // identities contains all identities created in this test. + // The map key is the identity reference that uniquely identifies identities of different + // types. See [identRef]. + // The map value is the identity holder that contains the identity itself and token + // generated for different target nodes. See [identityHolder]. + identities map[identityRef]*identityHolder - // Will recieve an item once all actions have finished processing. + // The seed for the next identity generation. We want identities to be deterministic. + nextIdentityGenSeed int + + // Will receive an item once all actions have finished processing. allActionsDone chan struct{} - // These channels will recieve a function which asserts results of any subscription requests. + // These channels will receive a function which asserts results of any subscription requests. subscriptionResultsChans []chan func() // nodeEvents contains all event node subscriptions. @@ -161,7 +167,7 @@ type state struct { collections [][]client.Collection // The names of the collections active in this test. - // Indexes matches that of inital collections. + // Indexes matches that of initial collections. collectionNames []string // A map of the collection indexes by their Root, this allows easier @@ -207,6 +213,7 @@ func newState( clientType: clientType, txns: []datastore.Txn{}, allActionsDone: make(chan struct{}), + identities: map[identityRef]*identityHolder{}, subscriptionResultsChans: []chan func(){}, nodeEvents: []*eventState{}, nodeAddresses: []peer.AddrInfo{}, diff --git a/tests/integration/test_case.go b/tests/integration/test_case.go index 3103d674ca..e1c9b0b6f1 100644 --- a/tests/integration/test_case.go +++ b/tests/integration/test_case.go @@ -293,7 +293,10 @@ type CreateDoc struct { // // If an Identity is provided and the collection has a policy, then the // created document(s) will be owned by this Identity. - Identity immutable.Option[int] + // + // Use `UserIdentity` to create a user identity and `NodeIdentity` to create a node identity. + // Default value is `NoIdentity()`. + Identity immutable.Option[identityRef] // Specifies whether the document should be encrypted. IsDocEncrypted bool @@ -362,7 +365,10 @@ type DeleteDoc struct { // // If an Identity is provided and the collection has a policy, then // can also delete private document(s) that are owned by this Identity. - Identity immutable.Option[int] + // + // Use `UserIdentity` to create a user identity and `NodeIdentity` to create a node identity. + // Default value is `NoIdentity()`. + Identity immutable.Option[identityRef] // The collection in which this document should be deleted. CollectionID int @@ -392,7 +398,10 @@ type UpdateDoc struct { // // If an Identity is provided and the collection has a policy, then // can also update private document(s) that are owned by this Identity. - Identity immutable.Option[int] + // + // Use `UserIdentity` to create a user identity and `NodeIdentity` to create a node identity. + // Default value is `NoIdentity()`. + Identity immutable.Option[identityRef] // The collection in which this document exists. CollectionID int @@ -432,7 +441,10 @@ type UpdateWithFilter struct { // // If an Identity is provided and the collection has a policy, then // can also update private document(s) that are owned by this Identity. - Identity immutable.Option[int] + // + // Use `UserIdentity` to create a user identity and `NodeIdentity` to create a node identity. + // Default value is `NoIdentity()`. + Identity immutable.Option[identityRef] // The collection in which this document exists. CollectionID int @@ -586,7 +598,10 @@ type Request struct { // // If an Identity is provided and the collection has a policy, then can // operate over private document(s) that are owned by this Identity. - Identity immutable.Option[int] + // + // Use `UserIdentity` to create a user identity and `NodeIdentity` to create a node identity. + // Default value is `NoIdentity()`. + Identity immutable.Option[identityRef] // Used to identify the transaction for this to run against. Optional. TransactionID immutable.Option[int] @@ -778,3 +793,16 @@ type BackupImport struct { // contains this string. ExpectedError string } + +// GetNodeIdentity is an action that calls the [DB.GetNodeIdentity] method and asserts the result. +// It checks if a node at the given index has an identity matching another identity under the same index. +type GetNodeIdentity struct { + // NodeID holds the ID (index) of a node to get the identity from. + NodeID int + + // ExpectedIdentity holds the identity that is expected to be found. + // + // Use `UserIdentity` to create a user identity and `NodeIdentity` to create a node identity. + // Default value is `NoIdentity()`. + ExpectedIdentity immutable.Option[identityRef] +} diff --git a/tests/integration/utils.go b/tests/integration/utils.go index 05698e9a39..3bf34d1138 100644 --- a/tests/integration/utils.go +++ b/tests/integration/utils.go @@ -115,6 +115,7 @@ func init() { // mutation type. mutationType = CollectionSaveMutationType } + mutationType = GQLRequestMutationType if value, ok := os.LookupEnv(viewTypeEnvName); ok { viewType = ViewType(value) @@ -141,7 +142,7 @@ func AssertPanic(t *testing.T, f assert.PanicTestFunc) bool { } if httpClient || cliClient { - // The http / cli client will return an error instead of panicing at the moment. + // The http / cli client will return an error instead of panicking at the moment. t.Skip("Assert panic with the http client is not currently supported.") } @@ -410,6 +411,9 @@ func performAction( case CreatePredefinedDocs: generatePredefinedDocs(s, action) + case GetNodeIdentity: + performGetNodeIdentityAction(s, action) + case SetupComplete: // no-op, just continue. @@ -543,7 +547,7 @@ func getCollectionNames(testCase TestCase) []string { func getCollectionNamesFromSchema(result map[string]int, schema string, nextIndex int) int { // WARNING: This will not work with schemas ending in `type`, e.g. `user_type` splitByType := strings.Split(schema, "type ") - // Skip the first, as that preceeds `type ` if `type ` is present, + // Skip the first, as that precede `type ` if `type ` is present, // else there are no types. for i := 1; i < len(splitByType); i++ { wipSplit := strings.TrimLeft(splitByType[i], " ") @@ -688,7 +692,7 @@ ActionLoop: } else { // if we don't have any non-mutation actions and the change detector is enabled // skip this test as we will not gain anything from running (change detector would - // run an idential profile to a normal test run) + // run an identical profile to a normal test run) t.Skipf("no actions to execute") } } @@ -739,7 +743,7 @@ func startNodes(s *state, action Start) { } originalPath := databaseDir databaseDir = s.dbPaths[nodeIndex] - node, _, err := setupNode(s) + node, _, err := setupNode(s, db.WithNodeIdentity(getIdentity(s, NodeIdentity(nodeIndex)))) require.NoError(s.t, err) databaseDir = originalPath @@ -757,7 +761,7 @@ func startNodes(s *state, action Start) { } // We need to make sure the node is configured with its old address, otherwise - // a new one may be selected and reconnnection to it will fail. + // a new one may be selected and reconnection to it will fail. var addresses []string for _, addr := range s.nodeAddresses[nodeIndex].Addrs { addresses = append(addresses, addr.String()) @@ -817,8 +821,8 @@ func refreshCollections( if _, ok := s.collectionIndexesByRoot[collection.Description().RootID]; !ok { // If the root is not found here this is likely the first refreshCollections // call of the test, we map it by root in case the collection is renamed - - // we still wish to preserve the original index so test maintainers can refrence - // them in a convienient manner. + // we still wish to preserve the original index so test maintainers can reference + // them in a convenient manner. s.collectionIndexesByRoot[collection.Description().RootID] = i } break @@ -858,7 +862,9 @@ func configureNode( for _, opt := range netNodeOpts { nodeOpts = append(nodeOpts, opt) } - node, path, err := setupNode(s, nodeOpts...) //disable change dector, or allow it? + nodeOpts = append(nodeOpts, db.WithNodeIdentity(getIdentity(s, NodeIdentity(len(s.nodes))))) + + node, path, err := setupNode(s, nodeOpts...) //disable change detector, or allow it? require.NoError(s.t, err) s.nodeAddresses = append(s.nodeAddresses, node.Peer.PeerInfo()) @@ -1305,8 +1311,7 @@ func createDocViaColSave( } func makeContextForDocCreate(s *state, ctx context.Context, nodeIndex int, action *CreateDoc) context.Context { - identity := getIdentity(s, nodeIndex, action.Identity) - ctx = db.SetContextIdentity(ctx, identity) + ctx = getContextWithIdentity(ctx, s, action.Identity, nodeIndex) ctx = encryption.SetContextConfigFromParams(ctx, action.IsDocEncrypted, action.EncryptedFields) return ctx } @@ -1385,7 +1390,7 @@ func createDocViaGQL( req := fmt.Sprintf(`mutation { %s(%s) { _docID } }`, key, params) txn := getTransaction(s, node, immutable.None[int](), action.ExpectedError) - ctx := db.SetContextIdentity(db.SetContextTxn(s.ctx, txn), getIdentity(s, nodeIndex, action.Identity)) + ctx := getContextWithIdentity(db.SetContextTxn(s.ctx, txn), s, action.Identity, nodeIndex) result := node.ExecRequest(ctx, req) if len(result.GQL.Errors) > 0 { @@ -1439,8 +1444,7 @@ func deleteDoc( for index, node := range nodes { nodeID := nodeIDs[index] collection := s.collections[nodeID][action.CollectionID] - identity := getIdentity(s, nodeID, action.Identity) - ctx := db.SetContextIdentity(s.ctx, identity) + ctx := getContextWithIdentity(s.ctx, s, action.Identity, nodeID) err := withRetryOnNode( node, func() error { @@ -1513,8 +1517,7 @@ func updateDocViaColSave( nodeIndex int, collection client.Collection, ) error { - identity := getIdentity(s, nodeIndex, action.Identity) - ctx := db.SetContextIdentity(s.ctx, identity) + ctx := getContextWithIdentity(s.ctx, s, action.Identity, nodeIndex) doc, err := collection.Get(ctx, s.docIDs[action.CollectionID][action.DocID], true) if err != nil { @@ -1534,8 +1537,7 @@ func updateDocViaColUpdate( nodeIndex int, collection client.Collection, ) error { - identity := getIdentity(s, nodeIndex, action.Identity) - ctx := db.SetContextIdentity(s.ctx, identity) + ctx := getContextWithIdentity(s.ctx, s, action.Identity, nodeIndex) doc, err := collection.Get(ctx, s.docIDs[action.CollectionID][action.DocID], true) if err != nil { @@ -1571,8 +1573,7 @@ func updateDocViaGQL( input, ) - identity := getIdentity(s, nodeIndex, action.Identity) - ctx := db.SetContextIdentity(s.ctx, identity) + ctx := getContextWithIdentity(s.ctx, s, action.Identity, nodeIndex) result := node.ExecRequest(ctx, request) if len(result.GQL.Errors) > 0 { @@ -1590,8 +1591,7 @@ func updateWithFilter(s *state, action UpdateWithFilter) { for index, node := range nodes { nodeID := nodeIDs[index] collection := s.collections[nodeID][action.CollectionID] - identity := getIdentity(s, nodeID, action.Identity) - ctx := db.SetContextIdentity(s.ctx, identity) + ctx := getContextWithIdentity(s.ctx, s, action.Identity, nodeID) err := withRetryOnNode( node, func() error { @@ -1832,9 +1832,7 @@ func executeRequest( nodeID := nodeIDs[index] txn := getTransaction(s, node, action.TransactionID, action.ExpectedError) - ctx := db.SetContextTxn(s.ctx, txn) - identity := getIdentity(s, nodeID, action.Identity) - ctx = db.SetContextIdentity(ctx, identity) + ctx := getContextWithIdentity(db.SetContextTxn(s.ctx, txn), s, action.Identity, nodeID) var options []client.RequestOption if action.OperationName.HasValue() { @@ -2316,10 +2314,10 @@ func skipIfClientTypeUnsupported( return filteredClients } -func skipIfACPTypeUnsupported(t testing.TB, supporteACPTypes immutable.Option[[]ACPType]) { - if supporteACPTypes.HasValue() { +func skipIfACPTypeUnsupported(t testing.TB, supportedACPTypes immutable.Option[[]ACPType]) { + if supportedACPTypes.HasValue() { var isTypeSupported bool - for _, supportedType := range supporteACPTypes.Value() { + for _, supportedType := range supportedACPTypes.Value() { if supportedType == acpType { isTypeSupported = true break @@ -2335,13 +2333,13 @@ func skipIfACPTypeUnsupported(t testing.TB, supporteACPTypes immutable.Option[[] func skipIfDatabaseTypeUnsupported( t testing.TB, databases []DatabaseType, - supporteDatabaseTypes immutable.Option[[]DatabaseType], + supportedDatabaseTypes immutable.Option[[]DatabaseType], ) []DatabaseType { - if !supporteDatabaseTypes.HasValue() { + if !supportedDatabaseTypes.HasValue() { return databases } filteredDatabases := []DatabaseType{} - for _, supportedType := range supporteDatabaseTypes.Value() { + for _, supportedType := range supportedDatabaseTypes.Value() { for _, database := range databases { if supportedType == database { filteredDatabases = append(filteredDatabases, database) @@ -2425,3 +2423,16 @@ func parseCreateDocs(action CreateDoc, collection client.Collection) ([]*client. return []*client.Document{val}, nil } } + +func performGetNodeIdentityAction(s *state, action GetNodeIdentity) { + if action.NodeID >= len(s.nodes) { + s.t.Fatalf("invalid nodeID: %v", action.NodeID) + } + + actualIdent, err := s.nodes[action.NodeID].GetNodeIdentity(s.ctx) + require.NoError(s.t, err, s.testCase.Description) + + expectedIdent := getIdentity(s, action.ExpectedIdentity) + expectedRawIdent := immutable.Some(expectedIdent.IntoRawIdentity().Public()) + require.Equal(s.t, expectedRawIdent, actualIdent, "raw identity at %d mismatch", action.NodeID) +}