Changed acl from using SignalType to Action, and added Permission() method to Signal interface that returns the Action the signal is trying to take

2023-07-28 00:39:27 -06:00 · 2023-07-28 00:39:27 -06:00 · 27687add1b
parent a16cf6bb38
commit 27687add1b
5 changed files with 18 additions and 12 deletions
--- a/graph_test.go
+++ b/graph_test.go
@ -84,7 +84,7 @@ func (t * GraphTester) CheckForNone(listener *ListenerExt, str string) {
 const SimpleListenerNodeType = NodeType("SIMPLE_LISTENER")

 func NewSimpleListener(ctx *Context, buffer int) (*Node, *ListenerExt) {
-  policy := NewAllNodesPolicy([]SignalType{SignalType("status")})
+  policy := NewAllNodesPolicy([]Action{Action("status")})
  listener_extension := NewListenerExt(buffer)
  listener := NewNode(ctx,
                      RandID(),
--- a/lockable_test.go
+++ b/lockable_test.go
@ -16,8 +16,8 @@ func lockableTestContext(t *testing.T, logs []string) *Context {
 }


-var link_policy = NewAllNodesPolicy([]SignalType{LinkSignalType, StatusSignalType})
-var lock_policy = NewAllNodesPolicy([]SignalType{LockSignalType})
+var link_policy = NewAllNodesPolicy([]Action{Action(LinkSignalType), Action(StatusSignalType)})
+var lock_policy = NewAllNodesPolicy([]Action{Action(LockSignalType)})

 func TestLink(t *testing.T) {
  ctx := lockableTestContext(t, []string{"lockable"})
--- a/node.go
+++ b/node.go
@ -155,7 +155,7 @@ func nodeLoop(ctx *Context, node *Node) error {
    case msg := <- node.MsgChan:
      signal = msg.Signal
      source = msg.Source
-      err := Allowed(ctx, msg.Source, signal.Type(), node)
+      err := Allowed(ctx, msg.Source, signal.Permission(), node)
      if err != nil {
        ctx.Log.Logf("signal", "SIGNAL_POLICY_ERR: %s", err)
        continue
@ -309,7 +309,7 @@ func NewNode(ctx *Context, id NodeID, node_type NodeType, queued_signals []Queue
  return node
 }

-func Allowed(ctx *Context, principal_id NodeID, action SignalType, node *Node) error {
+func Allowed(ctx *Context, principal_id NodeID, action Action, node *Node) error {
  ctx.Log.Logf("policy", "POLICY_CHECK: %s %s.%s", principal_id, node.ID, action)
  // Nodes are allowed to perform all actions on themselves regardless of whether or not they have an ACL extension
  if principal_id == node.ID {
--- a/policy.go
+++ b/policy.go
@ -17,17 +17,17 @@ const (

 type Policy interface {
  Serializable[PolicyType]
-  Allows(principal_id NodeID, action SignalType, node *Node) error
+  Allows(principal_id NodeID, action Action, node *Node) error
  // Merge with another policy of the same underlying type
  Merge(Policy) Policy
 }

 //TODO: Update with change from principal *Node to principal_id so sane policies can still be made
-func (policy *AllNodesPolicy) Allows(principal_id NodeID, action SignalType, node *Node) error {
+func (policy *AllNodesPolicy) Allows(principal_id NodeID, action Action, node *Node) error {
  return policy.Actions.Allows(action)
 }

-func (policy *PerNodePolicy) Allows(principal_id NodeID, action SignalType, node *Node) error {
+func (policy *PerNodePolicy) Allows(principal_id NodeID, action Action, node *Node) error {
  for id, actions := range(policy.NodeActions) {
    if id != principal_id {
      continue
@ -41,7 +41,7 @@ func (policy *PerNodePolicy) Allows(principal_id NodeID, action SignalType, node
  return fmt.Errorf("%s is not in per node policy of %s", principal_id, node.ID)
 }

-func (policy *RequirementOfPolicy) Allows(principal_id NodeID, action SignalType, node *Node) error {
+func (policy *RequirementOfPolicy) Allows(principal_id NodeID, action Action, node *Node) error {
  lockable_ext, err := GetExt[*LockableExt](node)
  if err != nil {
    return err
@ -114,9 +114,10 @@ func (policy *RequirementOfPolicy) Merge(p Policy) Policy {
  return policy
 }

-type Actions []SignalType
+type Action string
+type Actions []Action

-func (actions Actions) Allows(action SignalType) error {
+func (actions Actions) Allows(action Action) error {
  for _, a := range(actions) {
    if a == action {
      return nil
@ -320,7 +321,7 @@ func (ext *ACLExt) Type() ExtType {
 }

 // Check if the extension allows the principal to perform action on node
-func (ext *ACLExt) Allows(ctx *Context, principal_id NodeID, action SignalType, node *Node) error {
+func (ext *ACLExt) Allows(ctx *Context, principal_id NodeID, action Action, node *Node) error {
  ctx.Log.Logf("policy", "POLICY_EXT_ALLOWED: %+v", ext)
  errs := []error{}
  for _, policy := range(ext.Policies) {
--- a/signal.go
+++ b/signal.go
@ -16,6 +16,7 @@ type SignalType string
 type Signal interface {
  Serializable[SignalType]
  Direction() SignalDirection
+  Permission() Action
 }

 type BaseSignal struct {
@ -27,6 +28,10 @@ func (signal BaseSignal) Type() SignalType {
  return signal.SignalType
 }

+func (signal BaseSignal) Permission() Action {
+  return Action(signal.Type())
+}
+
 func (signal BaseSignal) Direction() SignalDirection {
  return signal.SignalDirection
 }