Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Make requests with no identity work with "*" target #3278

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
Open

fix: Make requests with no identity work with "*" target #3278

wants to merge 4 commits into from
+586 −8

Conversation

shahzadlone
Copy link
Member

Relevant issue(s)

Resolves #3276

Description

  • Fix the bug where a request without an identity still wouldn't be able to access a document even if there was a "*" relationship

Tasks

  • I made sure the code is well commented, particularly hard-to-understand areas.
  • I made sure the repository-held documentation is changed accordingly.
  • I made sure the pull request title adheres to the conventional commit style (the subset used in the project can be found in tools/configs/chglog/config.yml).
  • I made sure to discuss its limitations such as threats to validity, vulnerability to mistake and misuse, robustness to invalidation of assumptions, resource requirements, ...

How has this been tested?

  • Added tests

Specify the platform(s) on which this was tested:

  • WSL2 (Manjaro)

@shahzadlone shahzadlone added bug Something isn't working area/acp Related to the acp (access control) system labels Nov 27, 2024
@shahzadlone shahzadlone added this to the DefraDB v0.15 milestone Nov 27, 2024
@shahzadlone shahzadlone requested a review from a team November 27, 2024 22:13
@shahzadlone shahzadlone self-assigned this Nov 27, 2024
@codecov Codecov
Copy link

codecov bot commented Nov 27, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 78.07%. Comparing base (8509211) to head (ef4df0a).

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #3278      +/-   ##
===========================================
+ Coverage    77.95%   78.07%   +0.11%     
===========================================
  Files          382      382              
  Lines        35364    35371       +7     
===========================================
+ Hits         27568    27614      +46     
+ Misses        6148     6122      -26     
+ Partials      1648     1635      -13
Flag Coverage Δ
all-tests 78.07% <100.00%> (+0.11%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
internal/db/permission/check.go 86.05% <100.00%> (+2.71%) ⬆️

... and 12 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8509211...ef4df0a. Read the comment docs.

@shahzadlone shahzadlone force-pushed the lone/test/add-tests-for-non-identity-actors-after-any-actor-request branch 4 times, most recently from 22b2dfa to 1ceda7a Compare November 27, 2024 23:17
@shahzadlone shahzadlone force-pushed the lone/test/add-tests-for-non-identity-actors-after-any-actor-request branch from 1ceda7a to ef4df0a Compare November 27, 2024 23:17
islamaliev
islamaliev reviewed Nov 28, 2024
View reviewed changes
internal/db/permission/check.go
// We can't assume that there is no-access just because there is no identity even if the document
// is registed with acp, this is because it is possible that acp has a registered relation targeting
// "*" (any) actor which would mean that even a request without an identity might be able to access
// a document registered with acp. So we pass an empty `did` to accommodate that case.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

praise: very descriptive comment

tests/integration/acp/relationship/doc_actor/add/with_target_all_actors_gql_test.go
Comment on lines +271 to +313
Policy: `
name: Test Policy

description: A Policy

actor:
name: actor

resources:
users:
permissions:
read:
expr: owner + reader + writer

write:
expr: owner + writer

nothing:
expr: dummy

relations:
owner:
types:
- actor

reader:
types:
- actor

writer:
types:
- actor

admin:
manages:
- reader
types:
- actor

dummy:
types:
- actor
`,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nitpick: I almost never read this part. It's just noise in tests

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haha we have discussed the fixture vs non-fixture multiple times now. Leaving as is.

tests/integration/acp/relationship/doc_actor/add/with_target_all_actors_gql_test.go
Comment on lines +345 to +387
testUtils.Request{
Identity: testUtils.NoIdentity(), // Can not read without an identity.

Request: `
query {
Users {
_docID
name
age
}
}
`,

Results: map[string]any{
"Users": []map[string]any{}, // Can't see the documents yet
},
},

testUtils.DeleteDoc{ // Since can't read without identity, can't delete either.
CollectionID: 0,

Identity: testUtils.NoIdentity(),

DocID: 0,

ExpectedError: "document not found or not authorized to access",
},

testUtils.UpdateDoc{ // Since can't read without identity, can't update either.
CollectionID: 0,

Identity: testUtils.NoIdentity(),

DocID: 0,

Doc: `
{
"name": "Shahzad Lone"
}
`,

SkipLocalUpdateEvent: true,
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: this has been tested already many times. There is no point in doing it every time.
It's better for reading to have the test focused specifically on the relevant actions.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The one with Identity: testUtils.NoIdentity() not as many times tbh, + this is testing is for specifically with gql.

Even if one or two other one exists, I like that it presents the full story to a new user reading only this test, the state before and after our action we are testing.

tests/integration/acp/relationship/doc_actor/add/with_target_all_actors_test.go

SupportedMutationTypes: immutable.Some(
[]testUtils.MutationType{
testUtils.CollectionNamedMutationType,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nitpick: might worth also to leave here a small comment

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Document

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@islamaliev islamaliev islamaliev left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@shahzadlone shahzadlone

Labels
area/acp Related to the acp (access control) system bug Something isn't working
Projects
None yet
Milestone
DefraDB v0.15
Development

Successfully merging this pull request may close these issues.

No identity after a "*" actor relationship still can't' access the document
2 participants
@shahzadlone @islamaliev