#259 Adding share/unshare/get methods back into the VaultManager

src/PolykeyAgent.ts

@@ -328,6 +328,8 @@ class PolykeyAgent {
           keyManager,
           nodeConnectionManager,
           notificationsManager,
+          gestaltGraph,
+          acl,
           db,
           fs,
           logger: logger.getChild(VaultManager.name),

src/bootstrap/utils.ts

@@ -171,7 +171,9 @@ async function bootstrapState({
         fresh,
       });
     const vaultManager = await VaultManager.createVaultManager({
+      acl,
       db,
+      gestaltGraph,
       keyManager,
       nodeConnectionManager,
       vaultsPath,

src/vaults/VaultManager.ts

@@ -2,6 +2,7 @@ import type { DB, DBDomain, DBLevel } from '@matrixai/db';
 import type {
   VaultId,
   VaultName,
+  VaultActions,
   VaultIdString,
   VaultIdEncoded,
 } from './types';
@@ -11,6 +12,7 @@ import type { PolykeyWorkerManagerInterface } from '../workers/types';
 import type { NodeId } from '../nodes/types';
 import type { KeyManager } from '../keys';
 import type NodeConnectionManager from '../nodes/NodeConnectionManager';
+import type GestaltGraph from '../gestalts/GestaltGraph';
 import type NotificationsManager from '../notifications/NotificationsManager';
 import type ACL from '../acl/ACL';
 
@@ -66,8 +68,10 @@ class VaultManager {
   static async createVaultManager({
     vaultsPath,
     db,
+    acl,
     keyManager,
     nodeConnectionManager,
+    gestaltGraph,
     notificationsManager,
     keyBits = 256,
     fs = require('fs'),
@@ -76,8 +80,10 @@ class VaultManager {
   }: {
     vaultsPath: string;
     db: DB;
+    acl: ACL;
     keyManager: KeyManager;
     nodeConnectionManager: NodeConnectionManager;
+    gestaltGraph: GestaltGraph;
     notificationsManager: NotificationsManager;
     keyBits?: 128 | 192 | 256;
     fs?: FileSystem;
@@ -89,8 +95,10 @@ class VaultManager {
     const vaultManager = new VaultManager({
       vaultsPath,
       db,
+      acl,
       keyManager,
       nodeConnectionManager,
+      gestaltGraph,
       notificationsManager,
       keyBits,
       fs,
@@ -108,8 +116,10 @@ class VaultManager {
   protected fs: FileSystem;
   protected logger: Logger;
   protected db: DB;
+  protected acl: ACL;
   protected keyManager: KeyManager;
   protected nodeConnectionManager: NodeConnectionManager;
+  protected gestaltGraph: GestaltGraph;
   protected notificationsManager: NotificationsManager;
   protected vaultsDbDomain: DBDomain = [this.constructor.name];
   protected vaultsDb: DBLevel;
@@ -124,17 +134,21 @@ class VaultManager {
   constructor({
     vaultsPath,
     db,
+    acl,
     keyManager,
     nodeConnectionManager,
+    gestaltGraph,
     notificationsManager,
     keyBits,
     fs,
     logger,
   }: {
     vaultsPath: string;
     db: DB;
+    acl: ACL;
     keyManager: KeyManager;
     nodeConnectionManager: NodeConnectionManager;
+    gestaltGraph: GestaltGraph;
     notificationsManager: NotificationsManager;
     keyBits: 128 | 192 | 256;
     fs: FileSystem;
@@ -144,8 +158,10 @@ class VaultManager {
     this.vaultsPath = vaultsPath;
     this.efsPath = path.join(this.vaultsPath, config.defaults.efsBase);
     this.db = db;
+    this.acl = acl;
     this.keyManager = keyManager;
     this.nodeConnectionManager = nodeConnectionManager;
+    this.gestaltGraph = gestaltGraph;
     this.notificationsManager = notificationsManager;
     this.keyBits = keyBits;
     this.fs = fs;
@@ -489,6 +505,60 @@ class VaultManager {
     return metadata?.vaultName;
   }
 
+  /**
+   * Returns a dictionary of VaultActions for each node.
+   * @param vaultId
+   */
+  @ready(new vaultsErrors.ErrorVaultManagerNotRunning())
+  public async getVaultPermission(
+    vaultId: VaultId,
+  ): Promise<Record<NodeId, VaultActions>> {
+    const rawPermissions = await this.acl.getVaultPerm(vaultId);
+    const permissions: Record<NodeId, VaultActions> = {};
+    // Getting the relevant information.
+    for (const nodeId in rawPermissions) {
+      permissions[nodeId] = rawPermissions[nodeId].vaults[vaultId];
+    }
+    return permissions;
+  }
+
+  /**
+   * Sets clone, pull and scan permissions of a vault for a
+   * gestalt and send a notification to this gestalt
+   */
+  @ready(new vaultsErrors.ErrorVaultManagerNotRunning())
+  public async shareVault(vaultId: VaultId, nodeId: NodeId): Promise<void> {
+    const vaultMeta = await this.getVaultMeta(vaultId);
+    if (!vaultMeta) throw new vaultsErrors.ErrorVaultsVaultUndefined();
+    // Node Id permissions translated to other nodes in
+    // a gestalt by other domains
+    await this.gestaltGraph.setGestaltActionByNode(nodeId, 'scan');
+    await this.acl.setVaultAction(vaultId, nodeId, 'pull');
+    await this.acl.setVaultAction(vaultId, nodeId, 'clone');
+    await this.notificationsManager.sendNotification(nodeId, {
+      type: 'VaultShare',
+      vaultId: vaultsUtils.encodeVaultId(vaultId),
+      vaultName: vaultMeta.vaultName,
+      actions: {
+        clone: null,
+        pull: null,
+      },
+    });
+  }
+
+  /**
+   * Unsets clone, pull and scan permissions of a vault for a
+   * gestalt
+   */
+  @ready(new vaultsErrors.ErrorVaultManagerNotRunning())
+  public async unshareVault(vaultId: VaultId, nodeId: NodeId): Promise<void> {
+    const vaultMeta = await this.getVaultMeta(vaultId);
+    if (!vaultMeta) throw new vaultsErrors.ErrorVaultsVaultUndefined();
+    await this.gestaltGraph.unsetGestaltActionByNode(nodeId, 'scan');
+    await this.acl.unsetVaultAction(vaultId, nodeId, 'pull');
+    await this.acl.unsetVaultAction(vaultId, nodeId, 'clone');
+  }
+
   /**
    * Clones the contents of a remote vault into a new local
    * vault instance

tests/agent/GRPCClientAgent.test.ts

@@ -148,6 +148,8 @@ describe(GRPCClientAgent.name, () => {
       vaultsPath: vaultsPath,
       nodeConnectionManager: nodeConnectionManager,
       db: db,
+      acl: acl,
+      gestaltGraph: gestaltGraph,
       notificationsManager: notificationsManager,
       fs: fs,
       logger: logger,

tests/nodes/NodeConnection.test.ts

@@ -256,6 +256,8 @@ describe(`${NodeConnection.name} test`, () => {
       nodeConnectionManager: dummyNodeConnectionManager,
       notificationsManager: serverNotificationsManager,
       db: serverDb,
+      acl: serverACL,
+      gestaltGraph: serverGestaltGraph,
       fs: fs,
       logger: logger,
     });