Added helper function to create base gql server

2023-07-27 00:57:18 -06:00 · 2023-07-27 00:57:18 -06:00 · cc807b3982
parent 186123ce01
commit cc807b3982
3 changed files with 29 additions and 12 deletions
--- a/gql.go
+++ b/gql.go
@ -33,6 +33,21 @@ import (
 const GQLThreadType = ThreadType("GQL")
 const GQLNodeType = NodeType("GQL")

+// Initializes a new GQL node without an ACLPolicyExt(which needs to be added)
+func NewGQLNode(ctx *Context, gql_ext *GQLExt) (*Node, error) {
+  node := NewNode(ctx, RandID(), GQLNodeType)
+  node.Extensions[GroupExtType] = NewGroupExt(nil)
+  var err error
+  node.Extensions[ThreadExtType], err = NewThreadExt(ctx, GQLThreadType, nil, nil, "init", nil)
+  if err != nil {
+    return nil, err
+  }
+  node.Extensions[LockableExtType] = NewLockableExt(nil, nil, nil, nil)
+  node.Extensions[GQLExtType] = gql_ext
+
+  return node, nil
+}
+
 type AuthReqJSON struct {
  Time time.Time `json:"time"`
  Pubkey []byte `json:"pubkey"`
--- a/gql_test.go
+++ b/gql_test.go
@ -61,24 +61,20 @@ func TestGQLDB(t * testing.T) {
  key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
  fatalErr(t, err)

-  gql := NewNode(ctx, RandID(), TestGQLNodeType)
+  gql, err := NewGQLNode(ctx, NewGQLExt(":0", ecdh.P256(), key, nil, nil))
+  fatalErr(t, err)
  gql_policy := NewChildOfPolicy(NodeActions{
    gql.ID: Actions{"signal.status"},
  })
-  gql.Extensions[ACLExtType] = NewACLExt(NodeList(u1))
  gql.Extensions[ACLPolicyExtType] = NewACLPolicyExt(map[PolicyType]Policy{
    ChildOfPolicyType: &gql_policy,
  })
-  gql.Extensions[GroupExtType] = NewGroupExt(nil)
-  gql.Extensions[GQLExtType] = NewGQLExt(":0", ecdh.P256(), key, nil, nil)
-  gql.Extensions[ThreadExtType], err = NewThreadExt(ctx, GQLThreadType, nil, nil, "ini", nil)
-  fatalErr(t, err)
-  gql.Extensions[LockableExtType] = NewLockableExt(nil, nil, nil, nil)

  ctx.Log.Logf("test", "GQL_ID: %s", gql.ID)
+
  info := ParentInfo{true, "start", "restore"}
  context := NewWriteContext(ctx)
-  err = UpdateStates(context, u1, NewACLInfo(gql, []string{"users"}), func(context *StateContext) error {
+  err = UpdateStates(context, u1, ACLMap{}, func(context *StateContext) error {
    err := LinkThreads(context, u1, gql, ChildInfo{t1, map[InfoType]Info{
      ParentInfoType: &info,
    }})
--- a/node.go
+++ b/node.go
@ -171,16 +171,22 @@ func Allowed(context *StateContext, principal *Node, action string, node *Node)

  // Check if the node has a policy extension itself, and check against the policies in it
  policy_ext, err := GetExt[*ACLPolicyExt](node)
+  self_tried := false
  if err == nil {
    if policy_ext.Allows(context, principal, action, node) == true {
      return nil
    }
+    self_tried = true
  }

  acl_ext, err := GetExt[*ACLExt](node)
  if err != nil {
+    if self_tried == true {
+      return fmt.Errorf("POLICY_SELF: policies on %s do not allow %s to perform %s", node.ID, principal.ID, action)
+    } else {
      return err
    }
+  }

  for _, policy_node := range(acl_ext.Delegations) {
    context.Graph.Log.Logf("policy", "POLICY_DELEGATION_CHECK: %s->%s", node.ID, policy_node.ID)
@ -211,10 +217,10 @@ func SendSignal(context *StateContext, node *Node, princ *Node, signal Signal) e
    return err
  }

-  for _, ext := range(node.Extensions) {
+  for ext_type, ext := range(node.Extensions) {
    err = ext.Process(context, node, signal)
    if err != nil {
-      return err
+      context.Graph.Log.Logf("signal", "EXTENSION_SIGNAL_ERR: %s/%s - %s", node.ID, ext_type, err)
    }
  }

@ -460,7 +466,7 @@ func LoadNode(ctx * Context, id NodeID) (*Node, error) {
  }

  if len(extra_extensions) > 0 {
-    return nil, fmt.Errorf("DB_LOAD_EXTRA_EXTENSIONS: %s - %+v - %+v", id, node_type, extra_extensions)
+    ctx.Log.Logf("db", "DB_LOAD_EXTRA_EXTENSIONS: %s - %+v - %+v", id, node_type, extra_extensions)
  }

  ctx.Log.Logf("db", "DB_NODE_LOADED: %s", id)