WIP - #259 expanded the tests

src/PolykeyAgent.ts

@@ -328,8 +328,6 @@ class PolykeyAgent {
           keyManager,
           nodeConnectionManager,
           notificationsManager,
-          gestaltGraph,
-          acl,
           db,
           fs,
           logger: logger.getChild(VaultManager.name),

src/acl/types.ts

@@ -1,14 +1,14 @@
 import type { Opaque } from '../types';
 import type { GestaltAction } from '../gestalts/types';
-import type { VaultActions, VaultId } from '../vaults/types';
+import type { VaultActions, VaultIdString } from '../vaults/types';
 import type { Id } from '@matrixai/id';
 
 type PermissionId = Opaque<'PermissionId', Id>;
 type PermissionIdString = Opaque<'PermissionIdString', string>;
 
 type Permission = {
   gestalt: GestaltActions;
-  vaults: Record<VaultId, VaultActions>;
+  vaults: Record<VaultIdString, VaultActions>;
 };
 
 type GestaltActions = Partial<Record<GestaltAction, null>>;

src/agent/service/vaultsGitInfoGet.ts

@@ -62,7 +62,7 @@ function vaultsGitInfoGet({
       return;
     }
     const vaultPerms = permissions.vaults[vaultId];
-    if (vaultPerms[actionType] !== null) {
+    if (vaultPerms?.[actionType] !== null) {
       await genWritable.throw(
         new vaultsErrors.ErrorVaultsPermissionDenied(
           `${nodeIdEncoded} does not have permission to ${actionType} from vault ${vaultsUtils.encodeVaultId(

src/bin/vaults/CommandPermissions.ts

@@ -12,7 +12,6 @@ class CommandPermissions extends CommandPolykey {
     this.alias('perms');
     this.description('Sets the permissions of a vault for Node Ids');
     this.argument('<vaultName>', 'Name or ID of the vault');
-    // This.argument('[nodeId]', '(optional) nodeId to check permission on');
     this.addOption(binOptions.nodeId);
     this.addOption(binOptions.clientHost);
     this.addOption(binOptions.clientPort);

src/bootstrap/utils.ts

@@ -171,9 +171,7 @@ async function bootstrapState({
         fresh,
       });
     const vaultManager = await VaultManager.createVaultManager({
-      acl,
       db,
-      gestaltGraph,
       keyManager,
       nodeConnectionManager,
       vaultsPath,

src/client/service/vaultsPermissionGet.ts

@@ -2,6 +2,9 @@ import type { Authenticate } from '../types';
 import type { VaultManager } from '../../vaults';
 import type { VaultName } from '../../vaults/types';
 import type * as grpc from '@grpc/grpc-js';
+import type { VaultActions } from '../../vaults/types';
+import type ACL from '../../acl/ACL';
+import type { NodeId } from 'nodes/types';
 import { utils as grpcUtils } from '../../grpc';
 import * as nodesPB from '../../proto/js/polykey/v1/nodes/nodes_pb';
 import * as vaultsPB from '../../proto/js/polykey/v1/vaults/vaults_pb';
@@ -10,9 +13,11 @@ import * as validationUtils from '../../validation/utils';
 function vaultsPermissionGet({
   authenticate,
   vaultManager,
+  acl,
 }: {
   authenticate: Authenticate;
   vaultManager: VaultManager;
+  acl: ACL;
 }) {
   return async (
     call: grpc.ServerWritableStream<vaultsPB.Vault, vaultsPB.Permissions>,
@@ -27,7 +32,14 @@ function vaultsPermissionGet({
       let vaultId = await vaultManager.getVaultId(nameOrId as VaultName);
       vaultId = vaultId ?? validationUtils.parseVaultId(nameOrId);
 
-      const permissionList = await vaultManager.getVaultPermission(vaultId);
+      // Getting permissions
+      const rawPermissions = await acl.getVaultPerm(vaultId);
+      const permissionList: Record<NodeId, VaultActions> = {};
+      // Getting the relevant information.
+      for (const nodeId in rawPermissions) {
+        permissionList[nodeId] = rawPermissions[nodeId].vaults[vaultId];
+      }
+
       const vaultPermissionsMessage = new vaultsPB.Permissions();
       vaultPermissionsMessage.setVault(vaultMessage);
       const nodeMessage = new nodesPB.Node();

src/client/service/vaultsPermissionSet.ts

@@ -55,8 +55,8 @@ function vaultsPermissionSet({
       const vaultMeta = await vaultManager.getVaultMeta(vaultId);
       if (!vaultMeta) throw new vaultsErrors.ErrorVaultsVaultUndefined();
       // Setting permissions
-      await gestaltGraph.setGestaltActionByNode(nodeId, 'scan');
       const actionsSet: VaultActions = {};
+      await gestaltGraph.setGestaltActionByNode(nodeId, 'scan');
       for (const action of actions) {
         await acl.setVaultAction(vaultId, nodeId, action);
         actionsSet[action] = null;

src/client/service/vaultsPermissionUnset.ts

@@ -57,11 +57,15 @@ function vaultsPermissionUnset({
       // We need to check if there are still shared vaults.
       const nodePermissions = await acl.getNodePerm(nodeId);
       // Remove scan permissions if no more shared vaults
-      if (
-        nodePermissions != null &&
-        Object.keys(nodePermissions.vaults).length === 0
-      ) {
-        await gestaltGraph.unsetGestaltActionByNode(nodeId, 'scan');
+      if (nodePermissions != null) {
+        // Counting total number of permissions
+        const totalPermissions = Object.keys(nodePermissions.vaults)
+          .map((key) => Object.keys(nodePermissions.vaults[key]).length)
+          .reduce((prev, current) => current + prev);
+        // If no permissions are left then we remove the scan permission
+        if (totalPermissions === 0) {
+          await gestaltGraph.unsetGestaltActionByNode(nodeId, 'scan');
+        }
       }
       // Formatting response
       const response = new utilsPB.StatusMessage().setSuccess(true);

src/vaults/VaultManager.ts

@@ -2,7 +2,6 @@ import type { DB, DBDomain, DBLevel } from '@matrixai/db';
 import type {
   VaultId,
   VaultName,
-  VaultActions,
   VaultIdString,
   VaultIdEncoded,
 } from './types';
@@ -12,8 +11,6 @@ import type { PolykeyWorkerManagerInterface } from '../workers/types';
 import type { NodeId } from '../nodes/types';
 import type { KeyManager } from '../keys';
 import type NodeConnectionManager from '../nodes/NodeConnectionManager';
-import type GestaltGraph from '../gestalts/GestaltGraph';
-import type ACL from '../acl/ACL';
 import type NotificationsManager from '../notifications/NotificationsManager';
 import type ACL from '../acl/ACL';
 
@@ -69,10 +66,8 @@ class VaultManager {
   static async createVaultManager({
     vaultsPath,
     db,
-    acl,
     keyManager,
     nodeConnectionManager,
-    gestaltGraph,
     notificationsManager,
     keyBits = 256,
     fs = require('fs'),
@@ -81,10 +76,8 @@ class VaultManager {
   }: {
     vaultsPath: string;
     db: DB;
-    acl: ACL;
     keyManager: KeyManager;
     nodeConnectionManager: NodeConnectionManager;
-    gestaltGraph: GestaltGraph;
     notificationsManager: NotificationsManager;
     keyBits?: 128 | 192 | 256;
     fs?: FileSystem;
@@ -96,10 +89,8 @@ class VaultManager {
     const vaultManager = new VaultManager({
       vaultsPath,
       db,
-      acl,
       keyManager,
       nodeConnectionManager,
-      gestaltGraph,
       notificationsManager,
       keyBits,
       fs,
@@ -117,10 +108,8 @@ class VaultManager {
   protected fs: FileSystem;
   protected logger: Logger;
   protected db: DB;
-  protected acl: ACL;
   protected keyManager: KeyManager;
   protected nodeConnectionManager: NodeConnectionManager;
-  protected gestaltGraph: GestaltGraph;
   protected notificationsManager: NotificationsManager;
   protected vaultsDbDomain: DBDomain = [this.constructor.name];
   protected vaultsDb: DBLevel;
@@ -135,21 +124,17 @@ class VaultManager {
   constructor({
     vaultsPath,
     db,
-    acl,
     keyManager,
     nodeConnectionManager,
-    gestaltGraph,
     notificationsManager,
     keyBits,
     fs,
     logger,
   }: {
     vaultsPath: string;
     db: DB;
-    acl: ACL;
     keyManager: KeyManager;
     nodeConnectionManager: NodeConnectionManager;
-    gestaltGraph: GestaltGraph;
     notificationsManager: NotificationsManager;
     keyBits: 128 | 192 | 256;
     fs: FileSystem;
@@ -159,10 +144,8 @@ class VaultManager {
     this.vaultsPath = vaultsPath;
     this.efsPath = path.join(this.vaultsPath, config.defaults.efsBase);
     this.db = db;
-    this.acl = acl;
     this.keyManager = keyManager;
     this.nodeConnectionManager = nodeConnectionManager;
-    this.gestaltGraph = gestaltGraph;
     this.notificationsManager = notificationsManager;
     this.keyBits = keyBits;
     this.fs = fs;
@@ -506,72 +489,6 @@ class VaultManager {
     return metadata?.vaultName;
   }
 
-  /**
-   * Returns a dictionary of VaultActions for each node.
-   * @param vaultId
-   */
-  @ready(new vaultsErrors.ErrorVaultManagerNotRunning())
-  public async getVaultPermission(
-    vaultId: VaultId,
-  ): Promise<Record<NodeId, VaultActions>> {
-    const rawPermissions = await this.acl.getVaultPerm(vaultId);
-    const permissions: Record<NodeId, VaultActions> = {};
-    // Getting the relevant information.
-    for (const nodeId in rawPermissions) {
-      permissions[nodeId] = rawPermissions[nodeId].vaults[vaultId];
-    }
-    return permissions;
-  }
-
-  /**
-   * Sets clone, pull and scan permissions of a vault for a
-   * gestalt and send a notification to this gestalt
-   */
-  @ready(new vaultsErrors.ErrorVaultManagerNotRunning())
-  public async shareVault(vaultId: VaultId, nodeId: NodeId): Promise<void> {
-    const vaultMeta = await this.getVaultMeta(vaultId);
-    if (!vaultMeta) throw new vaultsErrors.ErrorVaultsVaultUndefined();
-    // FIXME: does this need locking?
-    //  We don't mutate the vault and the domains have their own locking
-    await withF([this.getWriteLock(vaultId)], async () => {
-      await this.gestaltGraph._transaction(async () => {
-        await this.acl._transaction(async () => {
-          // Node Id permissions translated to other nodes in
-          // a gestalt by other domains
-          await this.gestaltGraph.setGestaltActionByNode(nodeId, 'scan');
-          await this.acl.setVaultAction(vaultId, nodeId, 'pull');
-          await this.acl.setVaultAction(vaultId, nodeId, 'clone');
-          await this.notificationsManager.sendNotification(nodeId, {
-            type: 'VaultShare',
-            vaultId: vaultsUtils.encodeVaultId(vaultId),
-            vaultName: vaultMeta.vaultName,
-            actions: {
-              clone: null,
-              pull: null,
-            },
-          });
-        });
-      });
-    });
-  }
-
-  /**
-   * Unsets clone, pull and scan permissions of a vault for a
-   * gestalt
-   */
-  @ready(new vaultsErrors.ErrorVaultManagerNotRunning())
-  public async unshareVault(vaultId: VaultId, nodeId: NodeId): Promise<void> {
-    const vaultMeta = await this.getVaultMeta(vaultId);
-    if (!vaultMeta) throw new vaultsErrors.ErrorVaultsVaultUndefined();
-    return await this.gestaltGraph._transaction(async () => {
-      return await this.acl._transaction(async () => {
-        await this.gestaltGraph.unsetGestaltActionByNode(nodeId, 'scan');
-        await this.acl.unsetVaultAction(vaultId, nodeId, 'pull');
-        await this.acl.unsetVaultAction(vaultId, nodeId, 'clone');
-      });
-    });
-  }
-
   /**
    * Clones the contents of a remote vault into a new local
    * vault instance

src/vaults/types.ts

@@ -153,7 +153,6 @@ type VaultName = string; // FIXME, placeholder, remove?
 //   recursive?: boolean;
 // };
 
-// FIXME: temp placeholder
 type VaultActions = Partial<Record<VaultAction, null>>;
 
 export { vaultActions };

tests/agent/GRPCClientAgent.test.ts

@@ -148,8 +148,6 @@ describe(GRPCClientAgent.name, () => {
       vaultsPath: vaultsPath,
       nodeConnectionManager: nodeConnectionManager,
       db: db,
-      acl: acl,
-      gestaltGraph: gestaltGraph,
       notificationsManager: notificationsManager,
       fs: fs,
       logger: logger,