Skip to content

Commit

Permalink
wip
Browse files Browse the repository at this point in the history
  • Loading branch information
@MichaelSquires
MichaelSquires committed Jun 16, 2024
1 parent bda77cb commit eee5289
Show file tree
Hide file tree
Showing 3 changed files with 150 additions and 37 deletions.
58 changes: 27 additions & 31 deletions synapse/lib/layer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4605,62 +4605,58 @@ async def confirmLayerEditPerms(self, user, gateiden, delete=False):

# nodes & props
if not allow_forms or not allow_props:
async for byts, abrv in s_coro.pause(self.propabrv.slab.scanByFull(db=self.propabrv.name2abrv)):
form, prop = s_msgpack.un(byts)
async for form, prop in s_coro.pause(self.getFormProps()):
if form is None: # pragma: no cover
continue

if self.layrslab.prefexists(abrv, db=self.byprop):
if prop and not allow_props:
realform = self.core.model.form(form)
if not realform: # pragma: no cover
mesg = f'Invalid form: {form}'
raise s_exc.NoSuchForm(mesg=mesg, form=form)
if prop and not allow_props:
realform = self.core.model.form(form)
if not realform: # pragma: no cover
mesg = f'Invalid form: {form}'
raise s_exc.NoSuchForm(mesg=mesg, form=form)

realprop = realform.prop(prop)
if not realprop: # pragma: no cover
mesg = f'Invalid prop: {form}:{prop}'
raise s_exc.NoSuchProp(mesg=mesg, form=form, prop=prop)
realprop = realform.prop(prop)
if not realprop: # pragma: no cover
mesg = f'Invalid prop: {form}:{prop}'
raise s_exc.NoSuchProp(mesg=mesg, form=form, prop=prop)

if delete:
self.core.confirmPropDel(user, realprop, gateiden)
else:
self.core.confirmPropSet(user, realprop, gateiden)
if delete:
self.core.confirmPropDel(user, realprop, gateiden)
else:
self.core.confirmPropSet(user, realprop, gateiden)

elif not prop and not allow_forms:
user.confirm(perm_forms + (form,), gateiden=gateiden)
elif not prop and not allow_forms:
user.confirm(perm_forms + (form,), gateiden=gateiden)

# tagprops
if not allow_tags:
async for byts, abrv in s_coro.pause(self.tagpropabrv.slab.scanByFull(db=self.tagpropabrv.name2abrv)):
info = s_msgpack.un(byts)
if None in info or len(info) != 3:
continue

if self.layrslab.prefexists(abrv, db=self.bytagprop):
perm = perm_tags + tuple(info[1].split('.'))
user.confirm(perm, gateiden=gateiden)
async for tagprop in s_coro.pause(self.getTagProps()):
perm = perm_tags + tuple(tagprop[1].split('.'))
user.confirm(perm, gateiden=gateiden)

# nodedata
if not allow_ndata:
async for abrv in s_coro.pause(self.dataslab.scanKeys(db=self.dataname)):
name, _ = self.getAbrvProp(abrv)
perm = perm_ndata + (name,)
key = self.core.getAbrvIndx(abrv[:8])
perm = perm_ndata + key
user.confirm(perm, gateiden=gateiden)

# edges
if not allow_edges:
async for verb in s_coro.pause(self.layrslab.scanKeys(db=self.byverb)):
perm = perm_edges + (verb.decode(),)
async for _, verbabrv, _, _ in s_coro.pause(self.getEdges()):
verb = self.core.getAbrvIndx(verbabrv)
perm = perm_edges + verb
user.confirm(perm, gateiden=gateiden)

# FIXME: tombstones??

# tags
# NB: tag perms should be yielded for every leaf on every node in the layer
if not allow_tags:
async with self.core.getSpooledDict() as tags:

# Collect all tag abrvs for all nodes in the layer
async for lkey, buid in s_coro.pause(self.layrslab.scanByFull(db=self.bytag)):
async for lkey, buid in s_coro.pause(self.layrslab.scanByPref(INDX_TAG, db=self.indxdb)):
abrv = lkey[:8]
abrvs = list(tags.get(buid, []))
abrvs.append(abrv)
Expand Down
6 changes: 3 additions & 3 deletions synapse/lib/storm.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2180,7 +2180,7 @@ def allowedReason(self, perms, gateiden=None, default=None):
if self.asroot:
return self._admin_reason

return self.snap.core._propAllowedReason(self.user, perms, gateiden=gateiden, default=default)
return self.view.core._propAllowedReason(self.user, perms, gateiden=gateiden, default=default)

def confirmPropSet(self, prop, layriden=None):
if self.asroot:
Expand All @@ -2189,7 +2189,7 @@ def confirmPropSet(self, prop, layriden=None):
if layriden is None:
layriden = self.view.wlyr.iden

return self.snap.core.confirmPropSet(self.user, prop, layriden=layriden)
return self.view.core.confirmPropSet(self.user, prop, layriden=layriden)

def confirmPropDel(self, prop, layriden=None):
if self.asroot:
Expand All @@ -2198,7 +2198,7 @@ def confirmPropDel(self, prop, layriden=None):
if layriden is None:
layriden = self.view.wlyr.iden

return self.snap.core.confirmPropDel(self.user, prop, layriden=layriden)
return self.view.core.confirmPropDel(self.user, prop, layriden=layriden)

def confirmEasyPerm(self, item, perm, mesg=None):
if not self.asroot:
Expand Down
123 changes: 120 additions & 3 deletions synapse/tests/test_lib_layer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,16 @@

import synapse.exc as s_exc
import synapse.common as s_common
import synapse.cortex as s_cortex
import synapse.telepath as s_telepath

import synapse.lib.time as s_time
import synapse.lib.layer as s_layer
import synapse.lib.msgpack as s_msgpack
import synapse.lib.spooled as s_spooled

import synapse.lib.hiveauth as s_hiveauth

import synapse.tools.backup as s_tools_backup

import synapse.tests.utils as s_t_utils
Expand Down Expand Up @@ -1918,6 +1921,8 @@ async def __anit__(self, dirn=None, size=1, cell=None):
with mock.patch('synapse.lib.spooled.Dict', Dict):
async with self.getTestCore() as core:

user = await core.auth.addUser('[email protected]')

viewiden = await core.callStorm('''
$lyr = $lib.layer.add()
$view = $lib.view.add(($lyr.iden,))
Expand All @@ -1944,7 +1949,60 @@ async def __anit__(self, dirn=None, size=1, cell=None):
''', opts=opts)

parent = core.view.layers[0]
await layr.confirmLayerEditPerms(core.auth.rootuser, parent.iden)

seen = set()
def confirm(self, perm, default=None, gateiden=None):
seen.add(perm)
return True

def confirmPropSet(self, user, prop, layriden):
seen.add(prop.setperms[0])
seen.add(prop.setperms[1])

def confirmPropDel(self, user, prop, layriden):
seen.add(prop.delperms[0])
seen.add(prop.delperms[1])

with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
await layr.confirmLayerEditPerms(user, parent.iden)

self.eq(seen, {
# Node add
('node', 'add', 'syn:tag'),
('node', 'add', 'test:str'),

# Old style prop set
('node', 'prop', 'set', 'test:str:hehe'),
('node', 'prop', 'set', 'test:str.created'),

('node', 'prop', 'set', 'syn:tag:up'),
('node', 'prop', 'set', 'syn:tag:base'),
('node', 'prop', 'set', 'syn:tag:depth'),
('node', 'prop', 'set', 'syn:tag.created'),

# New style prop set
('node', 'prop', 'set', 'test:str', 'hehe'),
('node', 'prop', 'set', 'test:str', '.created'),

('node', 'prop', 'set', 'syn:tag', 'up'),
('node', 'prop', 'set', 'syn:tag', 'base'),
('node', 'prop', 'set', 'syn:tag', 'depth'),
('node', 'prop', 'set', 'syn:tag', '.created'),

# Tag/tagprop add
('node', 'tag', 'add', 'foo'),
('node', 'tag', 'add', 'bar'),
('node', 'tag', 'add', 'foo', 'bar'),
('node', 'tag', 'add', 'foo', 'bar', 'baz'),

# Nodedata set
('node', 'data', 'set', 'foo'),

# Edge add
('node', 'edge', 'add', 'refs'),
})

await core.nodes('''
test:str=foo
Expand All @@ -1953,8 +2011,67 @@ async def __anit__(self, dirn=None, size=1, cell=None):
| delnode
''', opts=opts)

await layr.confirmLayerEditPerms(core.auth.rootuser, parent.iden)
await layr.confirmLayerEditPerms(core.auth.rootuser, layr.iden, delete=True)
seen.clear()
with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
await layr.confirmLayerEditPerms(user, parent.iden)

self.eq(seen, {
# Node add
('node', 'add', 'syn:tag'),
('node', 'add', 'test:str'),

# Old style prop set
('node', 'prop', 'set', 'test:str.created'),

('node', 'prop', 'set', 'syn:tag:up'),
('node', 'prop', 'set', 'syn:tag:base'),
('node', 'prop', 'set', 'syn:tag:depth'),
('node', 'prop', 'set', 'syn:tag.created'),

# New style prop set
('node', 'prop', 'set', 'test:str', '.created'),

('node', 'prop', 'set', 'syn:tag', 'up'),
('node', 'prop', 'set', 'syn:tag', 'base'),
('node', 'prop', 'set', 'syn:tag', 'depth'),
('node', 'prop', 'set', 'syn:tag', '.created'),

# Tag/tagprop add
('node', 'tag', 'add', 'foo', 'bar'),
})

seen.clear()
with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
await layr.confirmLayerEditPerms(user, layr.iden, delete=True)

self.eq(seen, {
# Node del
('node', 'del', 'syn:tag'),
('node', 'del', 'test:str'),

# Old style prop del
('node', 'prop', 'del', 'test:str.created'),

('node', 'prop', 'del', 'syn:tag:up'),
('node', 'prop', 'del', 'syn:tag:base'),
('node', 'prop', 'del', 'syn:tag:depth'),
('node', 'prop', 'del', 'syn:tag.created'),

# New style prop del
('node', 'prop', 'del', 'test:str', '.created'),

('node', 'prop', 'del', 'syn:tag', 'up'),
('node', 'prop', 'del', 'syn:tag', 'base'),
('node', 'prop', 'del', 'syn:tag', 'depth'),
('node', 'prop', 'del', 'syn:tag', '.created'),

# Tag/tagprop del
('node', 'tag', 'del', 'foo', 'bar'),
})

async def test_layer_fromfuture(self):
with self.raises(s_exc.BadStorageVersion):
Expand Down

0 comments on commit eee5289

Please sign in to comment.