@enbox/dwn-sdk-js 0.0.6 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser.mjs +8 -8
- package/dist/browser.mjs.map +4 -4
- package/dist/esm/generated/precompiled-validators.js +762 -911
- package/dist/esm/generated/precompiled-validators.js.map +1 -1
- package/dist/esm/src/core/abstract-message.js +4 -0
- package/dist/esm/src/core/abstract-message.js.map +1 -1
- package/dist/esm/src/core/auth.js +22 -33
- package/dist/esm/src/core/auth.js.map +1 -1
- package/dist/esm/src/core/constants.js +11 -0
- package/dist/esm/src/core/constants.js.map +1 -0
- package/dist/esm/src/core/core-protocol.js +44 -0
- package/dist/esm/src/core/core-protocol.js.map +1 -0
- package/dist/esm/src/core/dwn-constant.js +7 -7
- package/dist/esm/src/core/dwn-constant.js.map +1 -1
- package/dist/esm/src/core/dwn-error.js +10 -12
- package/dist/esm/src/core/dwn-error.js.map +1 -1
- package/dist/esm/src/core/grant-authorization.js +50 -52
- package/dist/esm/src/core/grant-authorization.js.map +1 -1
- package/dist/esm/src/core/message.js +85 -116
- package/dist/esm/src/core/message.js.map +1 -1
- package/dist/esm/src/core/messages-grant-authorization.js +63 -78
- package/dist/esm/src/core/messages-grant-authorization.js.map +1 -1
- package/dist/esm/src/core/protocol-authorization-action.js +266 -0
- package/dist/esm/src/core/protocol-authorization-action.js.map +1 -0
- package/dist/esm/src/core/protocol-authorization-validation.js +321 -0
- package/dist/esm/src/core/protocol-authorization-validation.js.map +1 -0
- package/dist/esm/src/core/protocol-authorization.js +144 -741
- package/dist/esm/src/core/protocol-authorization.js.map +1 -1
- package/dist/esm/src/core/protocols-grant-authorization.js +24 -38
- package/dist/esm/src/core/protocols-grant-authorization.js.map +1 -1
- package/dist/esm/src/core/record-chain.js +64 -0
- package/dist/esm/src/core/record-chain.js.map +1 -0
- package/dist/esm/src/core/records-grant-authorization.js +53 -72
- package/dist/esm/src/core/records-grant-authorization.js.map +1 -1
- package/dist/esm/src/core/resumable-task-manager.js +50 -65
- package/dist/esm/src/core/resumable-task-manager.js.map +1 -1
- package/dist/esm/src/core/tenant-gate.js +2 -13
- package/dist/esm/src/core/tenant-gate.js.map +1 -1
- package/dist/esm/src/dwn.js +108 -101
- package/dist/esm/src/dwn.js.map +1 -1
- package/dist/esm/src/event-stream/event-emitter-event-log.js +204 -0
- package/dist/esm/src/event-stream/event-emitter-event-log.js.map +1 -0
- package/dist/esm/src/handlers/messages-read.js +67 -81
- package/dist/esm/src/handlers/messages-read.js.map +1 -1
- package/dist/esm/src/handlers/messages-subscribe.js +51 -63
- package/dist/esm/src/handlers/messages-subscribe.js.map +1 -1
- package/dist/esm/src/handlers/messages-sync.js +75 -89
- package/dist/esm/src/handlers/messages-sync.js.map +1 -1
- package/dist/esm/src/handlers/protocols-configure.js +153 -163
- package/dist/esm/src/handlers/protocols-configure.js.map +1 -1
- package/dist/esm/src/handlers/protocols-query.js +52 -55
- package/dist/esm/src/handlers/protocols-query.js.map +1 -1
- package/dist/esm/src/handlers/records-count.js +97 -85
- package/dist/esm/src/handlers/records-count.js.map +1 -1
- package/dist/esm/src/handlers/records-delete.js +75 -93
- package/dist/esm/src/handlers/records-delete.js.map +1 -1
- package/dist/esm/src/handlers/records-query.js +116 -105
- package/dist/esm/src/handlers/records-query.js.map +1 -1
- package/dist/esm/src/handlers/records-read.js +130 -132
- package/dist/esm/src/handlers/records-read.js.map +1 -1
- package/dist/esm/src/handlers/records-subscribe.js +164 -104
- package/dist/esm/src/handlers/records-subscribe.js.map +1 -1
- package/dist/esm/src/handlers/records-write.js +213 -280
- package/dist/esm/src/handlers/records-write.js.map +1 -1
- package/dist/esm/src/index.js +5 -2
- package/dist/esm/src/index.js.map +1 -1
- package/dist/esm/src/interfaces/messages-read.js +24 -32
- package/dist/esm/src/interfaces/messages-read.js.map +1 -1
- package/dist/esm/src/interfaces/messages-subscribe.js +28 -41
- package/dist/esm/src/interfaces/messages-subscribe.js.map +1 -1
- package/dist/esm/src/interfaces/messages-sync.js +26 -40
- package/dist/esm/src/interfaces/messages-sync.js.map +1 -1
- package/dist/esm/src/interfaces/protocols-configure.js +87 -65
- package/dist/esm/src/interfaces/protocols-configure.js.map +1 -1
- package/dist/esm/src/interfaces/protocols-query.js +55 -68
- package/dist/esm/src/interfaces/protocols-query.js.map +1 -1
- package/dist/esm/src/interfaces/records-count.js +50 -66
- package/dist/esm/src/interfaces/records-count.js.map +1 -1
- package/dist/esm/src/interfaces/records-delete.js +45 -55
- package/dist/esm/src/interfaces/records-delete.js.map +1 -1
- package/dist/esm/src/interfaces/records-query.js +60 -76
- package/dist/esm/src/interfaces/records-query.js.map +1 -1
- package/dist/esm/src/interfaces/records-read.js +51 -67
- package/dist/esm/src/interfaces/records-read.js.map +1 -1
- package/dist/esm/src/interfaces/records-subscribe.js +53 -68
- package/dist/esm/src/interfaces/records-subscribe.js.map +1 -1
- package/dist/esm/src/interfaces/records-write-query.js +102 -0
- package/dist/esm/src/interfaces/records-write-query.js.map +1 -0
- package/dist/esm/src/interfaces/records-write-signing.js +81 -0
- package/dist/esm/src/interfaces/records-write-signing.js.map +1 -0
- package/dist/esm/src/interfaces/records-write.js +396 -610
- package/dist/esm/src/interfaces/records-write.js.map +1 -1
- package/dist/esm/src/jose/algorithms/signing/ed25519.js +10 -19
- package/dist/esm/src/jose/algorithms/signing/ed25519.js.map +1 -1
- package/dist/esm/src/jose/jws/general/builder.js +23 -35
- package/dist/esm/src/jose/jws/general/builder.js.map +1 -1
- package/dist/esm/src/jose/jws/general/verifier.js +56 -69
- package/dist/esm/src/jose/jws/general/verifier.js.map +1 -1
- package/dist/esm/src/protocols/permission-grant.js +43 -14
- package/dist/esm/src/protocols/permission-grant.js.map +1 -1
- package/dist/esm/src/protocols/permission-request.js +28 -14
- package/dist/esm/src/protocols/permission-request.js.map +1 -1
- package/dist/esm/src/protocols/permissions.js +325 -227
- package/dist/esm/src/protocols/permissions.js.map +1 -1
- package/dist/esm/src/smt/smt-store-level.js +42 -64
- package/dist/esm/src/smt/smt-store-level.js.map +1 -1
- package/dist/esm/src/smt/smt-store-memory.js +19 -45
- package/dist/esm/src/smt/smt-store-memory.js.map +1 -1
- package/dist/esm/src/smt/smt-utils.js +28 -45
- package/dist/esm/src/smt/smt-utils.js.map +1 -1
- package/dist/esm/src/smt/sparse-merkle-tree.js +426 -471
- package/dist/esm/src/smt/sparse-merkle-tree.js.map +1 -1
- package/dist/esm/src/state-index/state-index-level.js +113 -150
- package/dist/esm/src/state-index/state-index-level.js.map +1 -1
- package/dist/esm/src/store/blockstore-level.js +54 -156
- package/dist/esm/src/store/blockstore-level.js.map +1 -1
- package/dist/esm/src/store/blockstore-mock.js +48 -153
- package/dist/esm/src/store/blockstore-mock.js.map +1 -1
- package/dist/esm/src/store/data-store-level.js +137 -100
- package/dist/esm/src/store/data-store-level.js.map +1 -1
- package/dist/esm/src/store/index-level-compound.js +246 -0
- package/dist/esm/src/store/index-level-compound.js.map +1 -0
- package/dist/esm/src/store/index-level.js +307 -715
- package/dist/esm/src/store/index-level.js.map +1 -1
- package/dist/esm/src/store/level-wrapper.js +143 -244
- package/dist/esm/src/store/level-wrapper.js.map +1 -1
- package/dist/esm/src/store/message-store-level.js +71 -94
- package/dist/esm/src/store/message-store-level.js.map +1 -1
- package/dist/esm/src/store/resumable-task-store-level.js +62 -101
- package/dist/esm/src/store/resumable-task-store-level.js.map +1 -1
- package/dist/esm/src/store/storage-controller.js +131 -146
- package/dist/esm/src/store/storage-controller.js.map +1 -1
- package/dist/esm/src/types/permission-types.js.map +1 -1
- package/dist/esm/src/types/protocols-types.js +10 -0
- package/dist/esm/src/types/protocols-types.js.map +1 -1
- package/dist/esm/src/types/records-types.js.map +1 -1
- package/dist/esm/src/utils/abort.js +8 -19
- package/dist/esm/src/utils/abort.js.map +1 -1
- package/dist/esm/src/utils/array.js +15 -49
- package/dist/esm/src/utils/array.js.map +1 -1
- package/dist/esm/src/utils/cid.js +29 -77
- package/dist/esm/src/utils/cid.js.map +1 -1
- package/dist/esm/src/utils/data-stream.js +37 -65
- package/dist/esm/src/utils/data-stream.js.map +1 -1
- package/dist/esm/src/utils/encryption.js +136 -162
- package/dist/esm/src/utils/encryption.js.map +1 -1
- package/dist/esm/src/utils/filter.js +1 -12
- package/dist/esm/src/utils/filter.js.map +1 -1
- package/dist/esm/src/utils/hd-key.js +45 -71
- package/dist/esm/src/utils/hd-key.js.map +1 -1
- package/dist/esm/src/utils/jws.js +9 -20
- package/dist/esm/src/utils/jws.js.map +1 -1
- package/dist/esm/src/utils/memory-cache.js +12 -23
- package/dist/esm/src/utils/memory-cache.js.map +1 -1
- package/dist/esm/src/utils/messages.js +21 -33
- package/dist/esm/src/utils/messages.js.map +1 -1
- package/dist/esm/src/utils/private-key-signer.js +9 -17
- package/dist/esm/src/utils/private-key-signer.js.map +1 -1
- package/dist/esm/src/utils/protocols.js +62 -70
- package/dist/esm/src/utils/protocols.js.map +1 -1
- package/dist/esm/src/utils/records.js +103 -166
- package/dist/esm/src/utils/records.js.map +1 -1
- package/dist/esm/src/utils/secp256k1.js +60 -96
- package/dist/esm/src/utils/secp256k1.js.map +1 -1
- package/dist/esm/src/utils/secp256r1.js +54 -71
- package/dist/esm/src/utils/secp256r1.js.map +1 -1
- package/dist/esm/src/utils/time.js +5 -18
- package/dist/esm/src/utils/time.js.map +1 -1
- package/dist/esm/src/utils/url.js +3 -3
- package/dist/esm/src/utils/url.js.map +1 -1
- package/dist/esm/tests/core/auth.spec.js +3 -12
- package/dist/esm/tests/core/auth.spec.js.map +1 -1
- package/dist/esm/tests/core/message.spec.js +50 -59
- package/dist/esm/tests/core/message.spec.js.map +1 -1
- package/dist/esm/tests/core/protocol-authorization.spec.js +10 -18
- package/dist/esm/tests/core/protocol-authorization.spec.js.map +1 -1
- package/dist/esm/tests/dwn.spec.js +65 -89
- package/dist/esm/tests/dwn.spec.js.map +1 -1
- package/dist/esm/tests/event-emitter-event-log.spec.js +305 -0
- package/dist/esm/tests/event-emitter-event-log.spec.js.map +1 -0
- package/dist/esm/tests/features/author-delegated-grant.spec.js +337 -347
- package/dist/esm/tests/features/author-delegated-grant.spec.js.map +1 -1
- package/dist/esm/tests/features/owner-delegated-grant.spec.js +160 -172
- package/dist/esm/tests/features/owner-delegated-grant.spec.js.map +1 -1
- package/dist/esm/tests/features/owner-signature.spec.js +78 -82
- package/dist/esm/tests/features/owner-signature.spec.js.map +1 -1
- package/dist/esm/tests/features/permissions.spec.js +449 -184
- package/dist/esm/tests/features/permissions.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-composition.spec.js +981 -360
- package/dist/esm/tests/features/protocol-composition.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-create-action.spec.js +45 -54
- package/dist/esm/tests/features/protocol-create-action.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-delete-action.spec.js +99 -108
- package/dist/esm/tests/features/protocol-delete-action.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-update-action.spec.js +108 -117
- package/dist/esm/tests/features/protocol-update-action.spec.js.map +1 -1
- package/dist/esm/tests/features/records-immutable.spec.js +315 -0
- package/dist/esm/tests/features/records-immutable.spec.js.map +1 -0
- package/dist/esm/tests/features/records-prune.spec.js +178 -194
- package/dist/esm/tests/features/records-prune.spec.js.map +1 -1
- package/dist/esm/tests/features/records-record-limit.spec.js +542 -0
- package/dist/esm/tests/features/records-record-limit.spec.js.map +1 -0
- package/dist/esm/tests/features/records-tags.spec.js +456 -463
- package/dist/esm/tests/features/records-tags.spec.js.map +1 -1
- package/dist/esm/tests/features/resumable-tasks.spec.js +88 -98
- package/dist/esm/tests/features/resumable-tasks.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-read.spec.js +215 -210
- package/dist/esm/tests/handlers/messages-read.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-subscribe.spec.js +309 -171
- package/dist/esm/tests/handlers/messages-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-sync.spec.js +272 -199
- package/dist/esm/tests/handlers/messages-sync.spec.js.map +1 -1
- package/dist/esm/tests/handlers/protocols-configure.spec.js +247 -241
- package/dist/esm/tests/handlers/protocols-configure.spec.js.map +1 -1
- package/dist/esm/tests/handlers/protocols-query.spec.js +159 -172
- package/dist/esm/tests/handlers/protocols-query.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-count.spec.js +101 -105
- package/dist/esm/tests/handlers/records-count.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-delete.spec.js +266 -279
- package/dist/esm/tests/handlers/records-delete.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-query.spec.js +984 -996
- package/dist/esm/tests/handlers/records-query.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-read.spec.js +542 -671
- package/dist/esm/tests/handlers/records-read.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-subscribe.spec.js +433 -302
- package/dist/esm/tests/handlers/records-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-write.spec.js +1216 -1140
- package/dist/esm/tests/handlers/records-write.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/messages-get.spec.js +39 -48
- package/dist/esm/tests/interfaces/messages-get.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/messages-subscribe.spec.js +4 -13
- package/dist/esm/tests/interfaces/messages-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/protocols-configure.spec.js +212 -88
- package/dist/esm/tests/interfaces/protocols-configure.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/protocols-query.spec.js +8 -17
- package/dist/esm/tests/interfaces/protocols-query.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-delete.spec.js +8 -17
- package/dist/esm/tests/interfaces/records-delete.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-query.spec.js +20 -29
- package/dist/esm/tests/interfaces/records-query.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-read.spec.js +42 -51
- package/dist/esm/tests/interfaces/records-read.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-subscribe.spec.js +16 -25
- package/dist/esm/tests/interfaces/records-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-write.spec.js +190 -219
- package/dist/esm/tests/interfaces/records-write.spec.js.map +1 -1
- package/dist/esm/tests/jose/jws/general.spec.js +36 -45
- package/dist/esm/tests/jose/jws/general.spec.js.map +1 -1
- package/dist/esm/tests/protocols/permission-grant.spec.js +44 -50
- package/dist/esm/tests/protocols/permission-grant.spec.js.map +1 -1
- package/dist/esm/tests/protocols/permission-request.spec.js +23 -32
- package/dist/esm/tests/protocols/permission-request.spec.js.map +1 -1
- package/dist/esm/tests/protocols/permissions.spec.js +49 -55
- package/dist/esm/tests/protocols/permissions.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/aggregator.spec.js +127 -138
- package/dist/esm/tests/scenarios/aggregator.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/deleted-record.spec.js +372 -36
- package/dist/esm/tests/scenarios/deleted-record.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/end-to-end-tests.spec.js +55 -64
- package/dist/esm/tests/scenarios/end-to-end-tests.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/nested-roles.spec.js +66 -76
- package/dist/esm/tests/scenarios/nested-roles.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/subscriptions.spec.js +451 -354
- package/dist/esm/tests/scenarios/subscriptions.spec.js.map +1 -1
- package/dist/esm/tests/smt/smt-store-level.spec.js +76 -87
- package/dist/esm/tests/smt/smt-store-level.spec.js.map +1 -1
- package/dist/esm/tests/smt/sparse-merkle-tree.spec.js +344 -353
- package/dist/esm/tests/smt/sparse-merkle-tree.spec.js.map +1 -1
- package/dist/esm/tests/state-index/state-index-level.spec.js +117 -126
- package/dist/esm/tests/state-index/state-index-level.spec.js.map +1 -1
- package/dist/esm/tests/store/blockstore-level.spec.js +44 -99
- package/dist/esm/tests/store/blockstore-level.spec.js.map +1 -1
- package/dist/esm/tests/store/blockstore-mock.spec.js +40 -120
- package/dist/esm/tests/store/blockstore-mock.spec.js.map +1 -1
- package/dist/esm/tests/store/data-store-level.spec.js +160 -108
- package/dist/esm/tests/store/data-store-level.spec.js.map +1 -1
- package/dist/esm/tests/store/index-level.spec.js +404 -414
- package/dist/esm/tests/store/index-level.spec.js.map +1 -1
- package/dist/esm/tests/store/message-store-level.spec.js +13 -22
- package/dist/esm/tests/store/message-store-level.spec.js.map +1 -1
- package/dist/esm/tests/store/message-store.spec.js +229 -238
- package/dist/esm/tests/store/message-store.spec.js.map +1 -1
- package/dist/esm/tests/test-event-stream.js +12 -13
- package/dist/esm/tests/test-event-stream.js.map +1 -1
- package/dist/esm/tests/test-stores.js +16 -13
- package/dist/esm/tests/test-stores.js.map +1 -1
- package/dist/esm/tests/test-suite.js +8 -15
- package/dist/esm/tests/test-suite.js.map +1 -1
- package/dist/esm/tests/utils/cid.spec.js +24 -33
- package/dist/esm/tests/utils/cid.spec.js.map +1 -1
- package/dist/esm/tests/utils/data-stream.spec.js +48 -57
- package/dist/esm/tests/utils/data-stream.spec.js.map +1 -1
- package/dist/esm/tests/utils/encryption-callbacks.spec.js +45 -54
- package/dist/esm/tests/utils/encryption-callbacks.spec.js.map +1 -1
- package/dist/esm/tests/utils/encryption.spec.js +229 -82
- package/dist/esm/tests/utils/encryption.spec.js.map +1 -1
- package/dist/esm/tests/utils/filters.spec.js +46 -55
- package/dist/esm/tests/utils/filters.spec.js.map +1 -1
- package/dist/esm/tests/utils/hd-key.spec.js +10 -19
- package/dist/esm/tests/utils/hd-key.spec.js.map +1 -1
- package/dist/esm/tests/utils/jws.spec.js +3 -12
- package/dist/esm/tests/utils/jws.spec.js.map +1 -1
- package/dist/esm/tests/utils/memory-cache.spec.js +9 -18
- package/dist/esm/tests/utils/memory-cache.spec.js.map +1 -1
- package/dist/esm/tests/utils/messages.spec.js +18 -20
- package/dist/esm/tests/utils/messages.spec.js.map +1 -1
- package/dist/esm/tests/utils/poller.js +22 -33
- package/dist/esm/tests/utils/poller.js.map +1 -1
- package/dist/esm/tests/utils/private-key-signer.spec.js +15 -24
- package/dist/esm/tests/utils/private-key-signer.spec.js.map +1 -1
- package/dist/esm/tests/utils/records.spec.js +14 -27
- package/dist/esm/tests/utils/records.spec.js.map +1 -1
- package/dist/esm/tests/utils/secp256k1.spec.js +16 -25
- package/dist/esm/tests/utils/secp256k1.spec.js.map +1 -1
- package/dist/esm/tests/utils/secp256r1.spec.js +18 -27
- package/dist/esm/tests/utils/secp256r1.spec.js.map +1 -1
- package/dist/esm/tests/utils/test-data-generator.js +446 -467
- package/dist/esm/tests/utils/test-data-generator.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/definitions.spec.js +2 -11
- package/dist/esm/tests/validation/json-schemas/definitions.spec.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/jwk/general-jwk.spec.js +4 -13
- package/dist/esm/tests/validation/json-schemas/jwk/general-jwk.spec.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/jwk/public-jwk.spec.js +8 -17
- package/dist/esm/tests/validation/json-schemas/jwk/public-jwk.spec.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/jwk-verification-method.spec.js +3 -12
- package/dist/esm/tests/validation/json-schemas/jwk-verification-method.spec.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/protocols/protocols-configure.spec.js +4 -13
- package/dist/esm/tests/validation/json-schemas/protocols/protocols-configure.spec.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/records/records-query.spec.js +2 -11
- package/dist/esm/tests/validation/json-schemas/records/records-query.spec.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/records/records-read.spec.js +2 -11
- package/dist/esm/tests/validation/json-schemas/records/records-read.spec.js.map +1 -1
- package/dist/esm/tests/validation/json-schemas/records/records-write.spec.js +44 -24
- package/dist/esm/tests/validation/json-schemas/records/records-write.spec.js.map +1 -1
- package/dist/types/generated/precompiled-validators.d.ts +49 -40
- package/dist/types/generated/precompiled-validators.d.ts.map +1 -1
- package/dist/types/src/core/constants.d.ts +11 -0
- package/dist/types/src/core/constants.d.ts.map +1 -0
- package/dist/types/src/core/core-protocol.d.ts +89 -0
- package/dist/types/src/core/core-protocol.d.ts.map +1 -0
- package/dist/types/src/core/dwn-error.d.ts +9 -12
- package/dist/types/src/core/dwn-error.d.ts.map +1 -1
- package/dist/types/src/core/grant-authorization.d.ts +6 -2
- package/dist/types/src/core/grant-authorization.d.ts.map +1 -1
- package/dist/types/src/core/protocol-authorization-action.d.ts +42 -0
- package/dist/types/src/core/protocol-authorization-action.d.ts.map +1 -0
- package/dist/types/src/core/protocol-authorization-validation.d.ts +81 -0
- package/dist/types/src/core/protocol-authorization-validation.d.ts.map +1 -0
- package/dist/types/src/core/protocol-authorization.d.ts +24 -106
- package/dist/types/src/core/protocol-authorization.d.ts.map +1 -1
- package/dist/types/src/core/record-chain.d.ts +24 -0
- package/dist/types/src/core/record-chain.d.ts.map +1 -0
- package/dist/types/src/core/records-grant-authorization.d.ts.map +1 -1
- package/dist/types/src/dwn.d.ts +19 -7
- package/dist/types/src/dwn.d.ts.map +1 -1
- package/dist/types/src/event-stream/event-emitter-event-log.d.ts +50 -0
- package/dist/types/src/event-stream/event-emitter-event-log.d.ts.map +1 -0
- package/dist/types/src/handlers/messages-read.d.ts +3 -8
- package/dist/types/src/handlers/messages-read.d.ts.map +1 -1
- package/dist/types/src/handlers/messages-subscribe.d.ts +6 -10
- package/dist/types/src/handlers/messages-subscribe.d.ts.map +1 -1
- package/dist/types/src/handlers/messages-sync.d.ts +3 -8
- package/dist/types/src/handlers/messages-sync.d.ts.map +1 -1
- package/dist/types/src/handlers/protocols-configure.d.ts +3 -10
- package/dist/types/src/handlers/protocols-configure.d.ts.map +1 -1
- package/dist/types/src/handlers/protocols-query.d.ts +3 -8
- package/dist/types/src/handlers/protocols-query.d.ts.map +1 -1
- package/dist/types/src/handlers/records-count.d.ts +3 -6
- package/dist/types/src/handlers/records-count.d.ts.map +1 -1
- package/dist/types/src/handlers/records-delete.d.ts +3 -8
- package/dist/types/src/handlers/records-delete.d.ts.map +1 -1
- package/dist/types/src/handlers/records-query.d.ts +3 -8
- package/dist/types/src/handlers/records-query.d.ts.map +1 -1
- package/dist/types/src/handlers/records-read.d.ts +3 -8
- package/dist/types/src/handlers/records-read.d.ts.map +1 -1
- package/dist/types/src/handlers/records-subscribe.d.ts +8 -10
- package/dist/types/src/handlers/records-subscribe.d.ts.map +1 -1
- package/dist/types/src/handlers/records-write.d.ts +4 -24
- package/dist/types/src/handlers/records-write.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +8 -4
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/interfaces/messages-subscribe.d.ts +5 -0
- package/dist/types/src/interfaces/messages-subscribe.d.ts.map +1 -1
- package/dist/types/src/interfaces/protocols-configure.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-subscribe.d.ts +5 -0
- package/dist/types/src/interfaces/records-subscribe.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-write-query.d.ts +33 -0
- package/dist/types/src/interfaces/records-write-query.d.ts.map +1 -0
- package/dist/types/src/interfaces/records-write-signing.d.ts +34 -0
- package/dist/types/src/interfaces/records-write-signing.d.ts.map +1 -0
- package/dist/types/src/interfaces/records-write.d.ts +13 -53
- package/dist/types/src/interfaces/records-write.d.ts.map +1 -1
- package/dist/types/src/protocols/permission-grant.d.ts +1 -1
- package/dist/types/src/protocols/permission-grant.d.ts.map +1 -1
- package/dist/types/src/protocols/permission-request.d.ts +1 -1
- package/dist/types/src/protocols/permission-request.d.ts.map +1 -1
- package/dist/types/src/protocols/permissions.d.ts +40 -3
- package/dist/types/src/protocols/permissions.d.ts.map +1 -1
- package/dist/types/src/state-index/state-index-level.d.ts.map +1 -1
- package/dist/types/src/store/data-store-level.d.ts +20 -4
- package/dist/types/src/store/data-store-level.d.ts.map +1 -1
- package/dist/types/src/store/index-level-compound.d.ts +70 -0
- package/dist/types/src/store/index-level-compound.d.ts.map +1 -0
- package/dist/types/src/store/index-level.d.ts +4 -58
- package/dist/types/src/store/index-level.d.ts.map +1 -1
- package/dist/types/src/store/storage-controller.d.ts +4 -4
- package/dist/types/src/store/storage-controller.d.ts.map +1 -1
- package/dist/types/src/types/message-types.d.ts +3 -3
- package/dist/types/src/types/message-types.d.ts.map +1 -1
- package/dist/types/src/types/messages-types.d.ts +12 -3
- package/dist/types/src/types/messages-types.d.ts.map +1 -1
- package/dist/types/src/types/method-handler.d.ts +24 -3
- package/dist/types/src/types/method-handler.d.ts.map +1 -1
- package/dist/types/src/types/permission-types.d.ts +7 -0
- package/dist/types/src/types/permission-types.d.ts.map +1 -1
- package/dist/types/src/types/protocols-types.d.ts +41 -1
- package/dist/types/src/types/protocols-types.d.ts.map +1 -1
- package/dist/types/src/types/records-types.d.ts +16 -6
- package/dist/types/src/types/records-types.d.ts.map +1 -1
- package/dist/types/src/types/subscriptions.d.ts +151 -13
- package/dist/types/src/types/subscriptions.d.ts.map +1 -1
- package/dist/types/src/utils/hd-key.d.ts +1 -9
- package/dist/types/src/utils/hd-key.d.ts.map +1 -1
- package/dist/types/src/utils/messages.d.ts +7 -5
- package/dist/types/src/utils/messages.d.ts.map +1 -1
- package/dist/types/src/utils/protocols.d.ts +5 -0
- package/dist/types/src/utils/protocols.d.ts.map +1 -1
- package/dist/types/src/utils/records.d.ts +1 -11
- package/dist/types/src/utils/records.d.ts.map +1 -1
- package/dist/types/tests/dwn.spec.d.ts.map +1 -1
- package/dist/types/tests/event-emitter-event-log.spec.d.ts +2 -0
- package/dist/types/tests/event-emitter-event-log.spec.d.ts.map +1 -0
- package/dist/types/tests/features/author-delegated-grant.spec.d.ts.map +1 -1
- package/dist/types/tests/features/owner-delegated-grant.spec.d.ts.map +1 -1
- package/dist/types/tests/features/owner-signature.spec.d.ts.map +1 -1
- package/dist/types/tests/features/permissions.spec.d.ts.map +1 -1
- package/dist/types/tests/features/protocol-composition.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-immutable.spec.d.ts +2 -0
- package/dist/types/tests/features/records-immutable.spec.d.ts.map +1 -0
- package/dist/types/tests/features/records-record-limit.spec.d.ts +2 -0
- package/dist/types/tests/features/records-record-limit.spec.d.ts.map +1 -0
- package/dist/types/tests/features/records-tags.spec.d.ts.map +1 -1
- package/dist/types/tests/features/resumable-tasks.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-read.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-subscribe.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-sync.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-count.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-delete.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-query.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-read.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-subscribe.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-write.spec.d.ts.map +1 -1
- package/dist/types/tests/scenarios/deleted-record.spec.d.ts.map +1 -1
- package/dist/types/tests/scenarios/subscriptions.spec.d.ts.map +1 -1
- package/dist/types/tests/test-event-stream.d.ts +11 -12
- package/dist/types/tests/test-event-stream.d.ts.map +1 -1
- package/dist/types/tests/test-suite.d.ts +2 -2
- package/dist/types/tests/test-suite.d.ts.map +1 -1
- package/dist/types/tests/utils/test-data-generator.d.ts +18 -0
- package/dist/types/tests/utils/test-data-generator.d.ts.map +1 -1
- package/package.json +5 -4
- package/src/core/constants.ts +11 -0
- package/src/core/core-protocol.ts +129 -0
- package/src/core/dwn-error.ts +15 -12
- package/src/core/grant-authorization.ts +20 -3
- package/src/core/protocol-authorization-action.ts +377 -0
- package/src/core/protocol-authorization-validation.ts +487 -0
- package/src/core/protocol-authorization.ts +111 -856
- package/src/core/record-chain.ts +99 -0
- package/src/core/records-grant-authorization.ts +6 -8
- package/src/dwn.ts +58 -73
- package/src/event-stream/event-emitter-event-log.ts +283 -0
- package/src/handlers/messages-read.ts +8 -9
- package/src/handlers/messages-subscribe.ts +24 -28
- package/src/handlers/messages-sync.ts +10 -16
- package/src/handlers/protocols-configure.ts +47 -32
- package/src/handlers/protocols-query.ts +6 -9
- package/src/handlers/records-count.ts +11 -10
- package/src/handlers/records-delete.ts +12 -21
- package/src/handlers/records-query.ts +12 -12
- package/src/handlers/records-read.ts +34 -22
- package/src/handlers/records-subscribe.ts +47 -26
- package/src/handlers/records-write.ts +47 -104
- package/src/index.ts +9 -5
- package/src/interfaces/messages-subscribe.ts +7 -1
- package/src/interfaces/protocols-configure.ts +73 -8
- package/src/interfaces/records-count.ts +1 -1
- package/src/interfaces/records-delete.ts +1 -1
- package/src/interfaces/records-query.ts +1 -1
- package/src/interfaces/records-read.ts +1 -1
- package/src/interfaces/records-subscribe.ts +8 -1
- package/src/interfaces/records-write-query.ts +139 -0
- package/src/interfaces/records-write-signing.ts +123 -0
- package/src/interfaces/records-write.ts +66 -261
- package/src/protocols/permission-grant.ts +1 -1
- package/src/protocols/permission-request.ts +1 -1
- package/src/protocols/permissions.ts +148 -6
- package/src/state-index/state-index-level.ts +5 -7
- package/src/store/data-store-level.ts +124 -34
- package/src/store/index-level-compound.ts +324 -0
- package/src/store/index-level.ts +68 -341
- package/src/store/storage-controller.ts +11 -11
- package/src/types/message-types.ts +3 -3
- package/src/types/messages-types.ts +12 -3
- package/src/types/method-handler.ts +26 -4
- package/src/types/mitt.d.ts +28 -0
- package/src/types/permission-types.ts +7 -0
- package/src/types/protocols-types.ts +46 -0
- package/src/types/records-types.ts +16 -6
- package/src/types/subscriptions.ts +178 -14
- package/src/utils/hd-key.ts +0 -9
- package/src/utils/messages.ts +17 -37
- package/src/utils/protocols.ts +8 -0
- package/src/utils/records.ts +8 -59
- package/dist/esm/src/event-stream/event-emitter-stream.js +0 -60
- package/dist/esm/src/event-stream/event-emitter-stream.js.map +0 -1
- package/dist/esm/tests/event-stream/event-emitter-stream.spec.js +0 -77
- package/dist/esm/tests/event-stream/event-emitter-stream.spec.js.map +0 -1
- package/dist/esm/tests/event-stream/event-stream.spec.js +0 -123
- package/dist/esm/tests/event-stream/event-stream.spec.js.map +0 -1
- package/dist/types/src/event-stream/event-emitter-stream.d.ts +0 -23
- package/dist/types/src/event-stream/event-emitter-stream.d.ts.map +0 -1
- package/dist/types/tests/event-stream/event-emitter-stream.spec.d.ts +0 -2
- package/dist/types/tests/event-stream/event-emitter-stream.spec.d.ts.map +0 -1
- package/dist/types/tests/event-stream/event-stream.spec.d.ts +0 -2
- package/dist/types/tests/event-stream/event-stream.spec.d.ts.map +0 -1
- package/src/event-stream/event-emitter-stream.ts +0 -69
|
@@ -0,0 +1,487 @@
|
|
|
1
|
+
import type { Filter } from '../types/query-types.js';
|
|
2
|
+
import type { MessageStore } from '../types/message-store.js';
|
|
3
|
+
import type { RecordsWriteMessage } from '../types/records-types.js';
|
|
4
|
+
import type { ProtocolDefinition, ProtocolRuleSet, ProtocolType, ProtocolTypes } from '../types/protocols-types.js';
|
|
5
|
+
|
|
6
|
+
import { ProtocolRecordLimitStrategy } from '../types/protocols-types.js';
|
|
7
|
+
|
|
8
|
+
import type { RecordsWrite } from '../interfaces/records-write.js';
|
|
9
|
+
|
|
10
|
+
import Ajv from 'ajv/dist/2020.js';
|
|
11
|
+
import { FilterUtility } from '../utils/filter.js';
|
|
12
|
+
import { Records } from '../utils/records.js';
|
|
13
|
+
import { DwnError, DwnErrorCode } from './dwn-error.js';
|
|
14
|
+
import { DwnInterfaceName, DwnMethodName } from '../enums/dwn-interface-method.js';
|
|
15
|
+
import { getTypeName, parseCrossProtocolRef } from '../utils/protocols.js';
|
|
16
|
+
|
|
17
|
+
import type { FetchProtocolDefinitionFn } from './protocol-authorization.js';
|
|
18
|
+
|
|
19
|
+
/**
|
|
20
|
+
* Verifies the `protocolPath` declared in the given message matches the path of actual record chain.
|
|
21
|
+
* For cross-protocol composition, the parent record may belong to a different protocol (resolved via `$ref` in the composing protocol).
|
|
22
|
+
* @throws {DwnError} if fails verification.
|
|
23
|
+
*/
|
|
24
|
+
export async function verifyProtocolPathAndContextId(
|
|
25
|
+
tenant: string,
|
|
26
|
+
inboundMessage: RecordsWrite,
|
|
27
|
+
messageStore: MessageStore,
|
|
28
|
+
fetchProtocolDefinition: FetchProtocolDefinitionFn,
|
|
29
|
+
governingTimestamp?: string,
|
|
30
|
+
): Promise<void> {
|
|
31
|
+
const declaredProtocolPath = inboundMessage.message.descriptor.protocolPath!;
|
|
32
|
+
const declaredTypeName = getTypeName(declaredProtocolPath);
|
|
33
|
+
|
|
34
|
+
const parentId = inboundMessage.message.descriptor.parentId;
|
|
35
|
+
if (parentId === undefined) {
|
|
36
|
+
if (declaredProtocolPath !== declaredTypeName) {
|
|
37
|
+
throw new DwnError(
|
|
38
|
+
DwnErrorCode.ProtocolAuthorizationParentlessIncorrectProtocolPath,
|
|
39
|
+
`Declared protocol path '${declaredProtocolPath}' is not valid for records with no parent'.`
|
|
40
|
+
);
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
return;
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
// Else `parentId` is defined, so we need to verify both protocolPath and contextId
|
|
47
|
+
|
|
48
|
+
// Determine the protocol URI for the parent query.
|
|
49
|
+
// If the parent path segment has a `$ref` in the composing protocol, the parent lives in a different protocol.
|
|
50
|
+
const childProtocol = inboundMessage.message.descriptor.protocol!;
|
|
51
|
+
const parentProtocolUri = await resolveParentProtocolUri(
|
|
52
|
+
tenant, childProtocol, declaredProtocolPath, messageStore, fetchProtocolDefinition, governingTimestamp
|
|
53
|
+
);
|
|
54
|
+
|
|
55
|
+
// fetch the parent message
|
|
56
|
+
const query: Filter = {
|
|
57
|
+
isLatestBaseState : true, // NOTE: this filter is critical, to ensure are are not returning a deleted parent
|
|
58
|
+
interface : DwnInterfaceName.Records,
|
|
59
|
+
method : DwnMethodName.Write,
|
|
60
|
+
protocol : parentProtocolUri,
|
|
61
|
+
recordId : parentId
|
|
62
|
+
};
|
|
63
|
+
const { messages: parentMessages } = await messageStore.query(tenant, [query]);
|
|
64
|
+
const parentMessage = (parentMessages as RecordsWriteMessage[])[0];
|
|
65
|
+
|
|
66
|
+
if (parentMessage === undefined) {
|
|
67
|
+
// if this is a cross-protocol composition lookup, use a more descriptive error
|
|
68
|
+
if (parentProtocolUri !== childProtocol) {
|
|
69
|
+
throw new DwnError(
|
|
70
|
+
DwnErrorCode.ProtocolAuthorizationCrossProtocolParentNotFound,
|
|
71
|
+
`Could not find parent record '${parentId}' in protocol '${parentProtocolUri}' ` +
|
|
72
|
+
`for cross-protocol child at path '${declaredProtocolPath}'.`
|
|
73
|
+
);
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
throw new DwnError(
|
|
77
|
+
DwnErrorCode.ProtocolAuthorizationIncorrectProtocolPath,
|
|
78
|
+
`Could not find matching parent record to verify declared protocol path '${declaredProtocolPath}'.`
|
|
79
|
+
);
|
|
80
|
+
}
|
|
81
|
+
|
|
82
|
+
// verifying protocolPath of incoming message is a child of the parent message's protocolPath
|
|
83
|
+
const parentProtocolPath = parentMessage.descriptor.protocolPath;
|
|
84
|
+
const expectedProtocolPath = `${parentProtocolPath}/${declaredTypeName}`;
|
|
85
|
+
if (expectedProtocolPath !== declaredProtocolPath) {
|
|
86
|
+
throw new DwnError(
|
|
87
|
+
DwnErrorCode.ProtocolAuthorizationIncorrectProtocolPath,
|
|
88
|
+
`Could not find matching parent record to verify declared protocol path '${declaredProtocolPath}'.`
|
|
89
|
+
);
|
|
90
|
+
}
|
|
91
|
+
|
|
92
|
+
// verifying contextId of incoming message is a child of the parent message's contextId
|
|
93
|
+
const expectedContextId = `${parentMessage.contextId}/${inboundMessage.message.recordId}`;
|
|
94
|
+
const actualContextId = inboundMessage.message.contextId;
|
|
95
|
+
if (actualContextId !== expectedContextId) {
|
|
96
|
+
throw new DwnError(
|
|
97
|
+
DwnErrorCode.ProtocolAuthorizationIncorrectContextId,
|
|
98
|
+
`Declared contextId '${actualContextId}' is not the same as expected: '${expectedContextId}'.`
|
|
99
|
+
);
|
|
100
|
+
}
|
|
101
|
+
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
/**
|
|
105
|
+
* Resolves the protocol URI that should be used when querying for the parent record.
|
|
106
|
+
* For standard (non-composed) records, this is the same as the child's protocol.
|
|
107
|
+
* For cross-protocol composition, the parent may live in a different protocol
|
|
108
|
+
* (resolved via `$ref` in the composing protocol's definition).
|
|
109
|
+
*
|
|
110
|
+
* Logic: Given a child at protocolPath `a/b/c`, the parent is at `a/b`.
|
|
111
|
+
* Walk up the composing protocol's structure from root to `a/b`.
|
|
112
|
+
* If any segment along the way has a `$ref`, the parent (and its ancestors up to the `$ref` boundary)
|
|
113
|
+
* live in the referenced protocol. Specifically, the `$ref` at the topmost ancestor tells us
|
|
114
|
+
* the parent's protocol URI.
|
|
115
|
+
*/
|
|
116
|
+
export async function resolveParentProtocolUri(
|
|
117
|
+
tenant: string,
|
|
118
|
+
childProtocolUri: string,
|
|
119
|
+
childProtocolPath: string,
|
|
120
|
+
messageStore: MessageStore,
|
|
121
|
+
fetchProtocolDefinition: FetchProtocolDefinitionFn,
|
|
122
|
+
governingTimestamp?: string,
|
|
123
|
+
): Promise<string> {
|
|
124
|
+
const segments = childProtocolPath.split('/');
|
|
125
|
+
|
|
126
|
+
// A root-level record (no `/` in path) has no parent or uses the same protocol
|
|
127
|
+
if (segments.length <= 1) {
|
|
128
|
+
return childProtocolUri;
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
// Fetch the composing protocol's definition at the governing timestamp
|
|
132
|
+
const composingDefinition = await fetchProtocolDefinition(
|
|
133
|
+
tenant, childProtocolUri, messageStore, governingTimestamp
|
|
134
|
+
);
|
|
135
|
+
|
|
136
|
+
// Walk the structure to find the parent's path segment
|
|
137
|
+
// The parent's position in the structure is at segments[0..n-2]
|
|
138
|
+
// We check if the first segment has a `$ref`, which means the parent is in a different protocol
|
|
139
|
+
const firstSegmentRuleSet = composingDefinition.structure[segments[0]];
|
|
140
|
+
if (firstSegmentRuleSet?.$ref !== undefined) {
|
|
141
|
+
const parsed = parseCrossProtocolRef(firstSegmentRuleSet.$ref);
|
|
142
|
+
if (parsed !== undefined && composingDefinition.uses !== undefined) {
|
|
143
|
+
const resolvedUri = composingDefinition.uses[parsed.alias];
|
|
144
|
+
if (resolvedUri !== undefined) {
|
|
145
|
+
// The parent path is within the `$ref` boundary — check if the parent IS the `$ref` node
|
|
146
|
+
// or is a descendant of it (which would still be in the composing protocol).
|
|
147
|
+
// If segments.length === 2, parent is at segments[0] which IS the $ref node → parent's protocol is the referenced one.
|
|
148
|
+
// If segments.length > 2, parent is at segments[0..n-2]. If segments[0] is $ref, the parent could be:
|
|
149
|
+
// - Still the $ref node itself (segments.length === 2) → referenced protocol
|
|
150
|
+
// - A child of the $ref node defined in the composing protocol (segments.length > 2) → composing protocol
|
|
151
|
+
if (segments.length === 2) {
|
|
152
|
+
// Parent is the $ref node itself (e.g., child is "thread/comment", parent is "thread")
|
|
153
|
+
return resolvedUri;
|
|
154
|
+
}
|
|
155
|
+
// else: parent is a deeper child defined in the composing protocol
|
|
156
|
+
return childProtocolUri;
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
|
|
161
|
+
return childProtocolUri;
|
|
162
|
+
}
|
|
163
|
+
|
|
164
|
+
/**
|
|
165
|
+
* Verifies the `dataFormat` and `schema` declared in the given message matches the type in the protocol.
|
|
166
|
+
* For cross-protocol composition, if the type is at a `$ref` position in the structure,
|
|
167
|
+
* the type definition is looked up in the referenced protocol's `types` map instead.
|
|
168
|
+
*/
|
|
169
|
+
export async function verifyTypeWithComposition(
|
|
170
|
+
tenant: string,
|
|
171
|
+
inboundMessage: RecordsWriteMessage,
|
|
172
|
+
protocolDefinition: ProtocolDefinition,
|
|
173
|
+
messageStore: MessageStore,
|
|
174
|
+
fetchProtocolDefinition: FetchProtocolDefinitionFn,
|
|
175
|
+
governingTimestamp?: string,
|
|
176
|
+
): Promise<void> {
|
|
177
|
+
const declaredProtocolPath = inboundMessage.descriptor.protocolPath!;
|
|
178
|
+
const declaredTypeName = getTypeName(declaredProtocolPath);
|
|
179
|
+
|
|
180
|
+
// Resolve which protocol types map to use.
|
|
181
|
+
// If the first path segment has `$ref`, this record's type might be defined in a referenced protocol.
|
|
182
|
+
const protocolTypes = await resolveProtocolTypesForPath(
|
|
183
|
+
tenant, declaredProtocolPath, protocolDefinition, messageStore, fetchProtocolDefinition, governingTimestamp
|
|
184
|
+
);
|
|
185
|
+
|
|
186
|
+
verifyType(inboundMessage, protocolTypes, declaredTypeName);
|
|
187
|
+
}
|
|
188
|
+
|
|
189
|
+
/**
|
|
190
|
+
* Resolves the `ProtocolTypes` map that contains the type definition for the given protocol path.
|
|
191
|
+
* For non-composed records, this is the protocol definition's own `types` map.
|
|
192
|
+
* For records at a `$ref` position, this is the referenced protocol's `types` map.
|
|
193
|
+
*/
|
|
194
|
+
export async function resolveProtocolTypesForPath(
|
|
195
|
+
tenant: string,
|
|
196
|
+
protocolPath: string,
|
|
197
|
+
protocolDefinition: ProtocolDefinition,
|
|
198
|
+
messageStore: MessageStore,
|
|
199
|
+
fetchProtocolDefinition: FetchProtocolDefinitionFn,
|
|
200
|
+
governingTimestamp?: string,
|
|
201
|
+
): Promise<ProtocolTypes> {
|
|
202
|
+
const segments = protocolPath.split('/');
|
|
203
|
+
|
|
204
|
+
// Check if the first segment has a `$ref`
|
|
205
|
+
const firstSegmentRuleSet = protocolDefinition.structure[segments[0]];
|
|
206
|
+
if (firstSegmentRuleSet?.$ref !== undefined && segments.length === 1) {
|
|
207
|
+
// This record IS the $ref node itself — its type is defined in the referenced protocol
|
|
208
|
+
const parsed = parseCrossProtocolRef(firstSegmentRuleSet.$ref);
|
|
209
|
+
if (parsed !== undefined && protocolDefinition.uses !== undefined) {
|
|
210
|
+
const refProtocolUri = protocolDefinition.uses[parsed.alias];
|
|
211
|
+
if (refProtocolUri !== undefined) {
|
|
212
|
+
const refDefinition = await fetchProtocolDefinition(
|
|
213
|
+
tenant, refProtocolUri, messageStore, governingTimestamp
|
|
214
|
+
);
|
|
215
|
+
return refDefinition.types;
|
|
216
|
+
}
|
|
217
|
+
}
|
|
218
|
+
}
|
|
219
|
+
|
|
220
|
+
// Default: use the composing protocol's own types
|
|
221
|
+
return protocolDefinition.types;
|
|
222
|
+
}
|
|
223
|
+
|
|
224
|
+
/**
|
|
225
|
+
* Verifies the `dataFormat` and `schema` declared in the given message (if it is a RecordsWrite) matches dataFormat
|
|
226
|
+
* and schema of the type in the given protocol.
|
|
227
|
+
* @throws {DwnError} if fails verification.
|
|
228
|
+
*/
|
|
229
|
+
export function verifyType(
|
|
230
|
+
inboundMessage: RecordsWriteMessage,
|
|
231
|
+
protocolTypes: ProtocolTypes,
|
|
232
|
+
typeName?: string,
|
|
233
|
+
): void {
|
|
234
|
+
const declaredTypeName = typeName ?? getTypeName(inboundMessage.descriptor.protocolPath!);
|
|
235
|
+
const typeNames = Object.keys(protocolTypes);
|
|
236
|
+
|
|
237
|
+
if (!typeNames.includes(declaredTypeName)) {
|
|
238
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationInvalidType,
|
|
239
|
+
`record with type ${declaredTypeName} not allowed in protocol`);
|
|
240
|
+
}
|
|
241
|
+
|
|
242
|
+
const protocolType: ProtocolType = protocolTypes[declaredTypeName];
|
|
243
|
+
|
|
244
|
+
// no `schema` specified in protocol definition means that any schema is allowed
|
|
245
|
+
const { schema } = inboundMessage.descriptor;
|
|
246
|
+
if (protocolType.schema !== undefined && protocolType.schema !== schema) {
|
|
247
|
+
throw new DwnError(
|
|
248
|
+
DwnErrorCode.ProtocolAuthorizationInvalidSchema,
|
|
249
|
+
`type '${declaredTypeName}' must have schema '${protocolType.schema}', \
|
|
250
|
+
instead has '${schema}'`
|
|
251
|
+
);
|
|
252
|
+
}
|
|
253
|
+
|
|
254
|
+
// no `dataFormats` specified in protocol definition means that all dataFormats are allowed
|
|
255
|
+
const { dataFormat } = inboundMessage.descriptor;
|
|
256
|
+
if (protocolType.dataFormats !== undefined && !protocolType.dataFormats.includes(dataFormat)) {
|
|
257
|
+
throw new DwnError(
|
|
258
|
+
DwnErrorCode.ProtocolAuthorizationIncorrectDataFormat,
|
|
259
|
+
`type '${declaredTypeName}' must have data format in (${protocolType.dataFormats}), \
|
|
260
|
+
instead has '${dataFormat}'`
|
|
261
|
+
);
|
|
262
|
+
}
|
|
263
|
+
|
|
264
|
+
// enforce encryption when the protocol type requires it
|
|
265
|
+
if (protocolType.encryptionRequired === true && inboundMessage.encryption === undefined) {
|
|
266
|
+
throw new DwnError(
|
|
267
|
+
DwnErrorCode.ProtocolAuthorizationEncryptionRequired,
|
|
268
|
+
`type '${declaredTypeName}' requires encryption but message has no encryption metadata`
|
|
269
|
+
);
|
|
270
|
+
}
|
|
271
|
+
}
|
|
272
|
+
|
|
273
|
+
/**
|
|
274
|
+
* Verifies that writes adhere to the $size constraints if provided
|
|
275
|
+
* @throws {Error} if size is exceeded.
|
|
276
|
+
*/
|
|
277
|
+
export function verifySizeLimit(
|
|
278
|
+
incomingMessage: RecordsWrite,
|
|
279
|
+
ruleSet: ProtocolRuleSet
|
|
280
|
+
): void {
|
|
281
|
+
const { min = 0, max } = ruleSet.$size || {};
|
|
282
|
+
|
|
283
|
+
const dataSize = incomingMessage.message.descriptor.dataSize;
|
|
284
|
+
|
|
285
|
+
if (dataSize < min) {
|
|
286
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMinSizeInvalid, `data size ${dataSize} is less than allowed ${min}`);
|
|
287
|
+
}
|
|
288
|
+
|
|
289
|
+
if (max === undefined) {
|
|
290
|
+
return;
|
|
291
|
+
}
|
|
292
|
+
|
|
293
|
+
if (dataSize > max) {
|
|
294
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMaxSizeInvalid, `data size ${dataSize} is more than allowed ${max}`);
|
|
295
|
+
}
|
|
296
|
+
}
|
|
297
|
+
|
|
298
|
+
/**
|
|
299
|
+
* Verifies record tags against the `$tags` schema in the rule set using JSON Schema (Ajv).
|
|
300
|
+
* Checks required tags, additional properties, and schema conformance.
|
|
301
|
+
*/
|
|
302
|
+
export function verifyTagsIfNeeded(
|
|
303
|
+
incomingMessage: RecordsWrite,
|
|
304
|
+
ruleSet: ProtocolRuleSet
|
|
305
|
+
): void {
|
|
306
|
+
if (ruleSet.$tags !== undefined) {
|
|
307
|
+
const { tags = {}, protocol, protocolPath } = incomingMessage.message.descriptor;
|
|
308
|
+
|
|
309
|
+
const { $allowUndefinedTags, $requiredTags, ...properties } = ruleSet.$tags;
|
|
310
|
+
|
|
311
|
+
// if $allowUndefinedTags is set to false and there are properties not defined in the schema, an error is thrown
|
|
312
|
+
const additionalProperties = $allowUndefinedTags || false;
|
|
313
|
+
|
|
314
|
+
// if $requiredTags is set, all required tags must be present
|
|
315
|
+
const required = $requiredTags || [];
|
|
316
|
+
|
|
317
|
+
const ajv = new Ajv.default();
|
|
318
|
+
const compiledTags = ajv.compile({
|
|
319
|
+
type: 'object',
|
|
320
|
+
properties,
|
|
321
|
+
required,
|
|
322
|
+
additionalProperties,
|
|
323
|
+
});
|
|
324
|
+
|
|
325
|
+
const validSchema = compiledTags(tags);
|
|
326
|
+
if (!validSchema) {
|
|
327
|
+
// the `dataVar` is used to add a qualifier to the error message.
|
|
328
|
+
// For example. If the error is related to a tag `status` in a protocol `https://example.protocol` with the protocolPath `example/path`
|
|
329
|
+
// the error would be described as `https://example.protocol/example/path/$tags/status'
|
|
330
|
+
// without this decorator it would show up as `data/status` which may be confusing.
|
|
331
|
+
const schemaError = ajv.errorsText(compiledTags.errors, { dataVar: `${protocol}/${protocolPath}/$tags` });
|
|
332
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationTagsInvalidSchema, `tags schema validation error: ${schemaError}`);
|
|
333
|
+
}
|
|
334
|
+
}
|
|
335
|
+
}
|
|
336
|
+
|
|
337
|
+
/**
|
|
338
|
+
* If the given RecordsWrite is not a role record, this method does nothing and succeeds immediately.
|
|
339
|
+
*
|
|
340
|
+
* Else it verifies the validity of the given `RecordsWrite` as a role record, including:
|
|
341
|
+
* 1. The same role has not been assigned to the same entity/recipient.
|
|
342
|
+
*/
|
|
343
|
+
export async function verifyAsRoleRecordIfNeeded(
|
|
344
|
+
tenant: string,
|
|
345
|
+
incomingMessage: RecordsWrite,
|
|
346
|
+
ruleSet: ProtocolRuleSet,
|
|
347
|
+
messageStore: MessageStore,
|
|
348
|
+
): Promise<void> {
|
|
349
|
+
if (!ruleSet.$role) {
|
|
350
|
+
return;
|
|
351
|
+
}
|
|
352
|
+
|
|
353
|
+
// else this is a role record
|
|
354
|
+
|
|
355
|
+
const incomingRecordsWrite = incomingMessage;
|
|
356
|
+
const recipient = incomingRecordsWrite.message.descriptor.recipient;
|
|
357
|
+
if (recipient === undefined) {
|
|
358
|
+
throw new DwnError(
|
|
359
|
+
DwnErrorCode.ProtocolAuthorizationRoleMissingRecipient,
|
|
360
|
+
'Role records must have a recipient'
|
|
361
|
+
);
|
|
362
|
+
}
|
|
363
|
+
|
|
364
|
+
const protocolPath = incomingRecordsWrite.message.descriptor.protocolPath!;
|
|
365
|
+
const filter: Filter = {
|
|
366
|
+
interface : DwnInterfaceName.Records,
|
|
367
|
+
method : DwnMethodName.Write,
|
|
368
|
+
isLatestBaseState : true,
|
|
369
|
+
protocol : incomingRecordsWrite.message.descriptor.protocol!,
|
|
370
|
+
protocolPath,
|
|
371
|
+
recipient,
|
|
372
|
+
};
|
|
373
|
+
|
|
374
|
+
const parentContextId = Records.getParentContextFromOfContextId(incomingRecordsWrite.message.contextId)!;
|
|
375
|
+
|
|
376
|
+
// if this is not the root record, add a prefix filter to the query
|
|
377
|
+
if (parentContextId !== '') {
|
|
378
|
+
const prefixFilter = FilterUtility.constructPrefixFilterAsRangeFilter(parentContextId);
|
|
379
|
+
filter.contextId = prefixFilter;
|
|
380
|
+
}
|
|
381
|
+
|
|
382
|
+
const { messages: matchingMessages } = await messageStore.query(tenant, [filter]);
|
|
383
|
+
const matchingRecords = matchingMessages as RecordsWriteMessage[];
|
|
384
|
+
const matchingRecordsExceptIncomingRecordId = matchingRecords.filter((recordsWriteMessage: RecordsWriteMessage): boolean =>
|
|
385
|
+
recordsWriteMessage.recordId !== incomingRecordsWrite.message.recordId
|
|
386
|
+
);
|
|
387
|
+
if (matchingRecordsExceptIncomingRecordId.length > 0) {
|
|
388
|
+
throw new DwnError(
|
|
389
|
+
DwnErrorCode.ProtocolAuthorizationDuplicateRoleRecipient,
|
|
390
|
+
`DID '${recipient}' is already recipient of a role record at protocol path '${protocolPath} under the parent context ${parentContextId}.`
|
|
391
|
+
);
|
|
392
|
+
}
|
|
393
|
+
}
|
|
394
|
+
|
|
395
|
+
/**
|
|
396
|
+
* Verifies that a new record creation does not exceed the `$recordLimit` defined in the rule set.
|
|
397
|
+
*
|
|
398
|
+
* This check only applies to initial writes (new records). Updates to existing records are not counted.
|
|
399
|
+
* The count is scoped to the same `protocol + protocolPath` within the parent context:
|
|
400
|
+
* - For root-level records: counted across the entire protocol for the tenant.
|
|
401
|
+
* - For nested records: counted within the parent record's context.
|
|
402
|
+
*
|
|
403
|
+
* @throws {DwnError} with `ProtocolAuthorizationRecordLimitExceeded` if the limit is reached and strategy is `reject`.
|
|
404
|
+
* @throws {DwnError} with `ProtocolAuthorizationRecordLimitStrategyNotImplemented` if strategy is not yet implemented.
|
|
405
|
+
*/
|
|
406
|
+
export async function verifyRecordLimit(
|
|
407
|
+
tenant: string,
|
|
408
|
+
incomingMessage: RecordsWrite,
|
|
409
|
+
ruleSet: ProtocolRuleSet,
|
|
410
|
+
messageStore: MessageStore,
|
|
411
|
+
): Promise<void> {
|
|
412
|
+
if (ruleSet.$recordLimit === undefined) {
|
|
413
|
+
return;
|
|
414
|
+
}
|
|
415
|
+
|
|
416
|
+
// Only enforce on initial writes — updates to existing records do not count as new records.
|
|
417
|
+
const isInitialWrite = await incomingMessage.isInitialWrite();
|
|
418
|
+
if (!isInitialWrite) {
|
|
419
|
+
return;
|
|
420
|
+
}
|
|
421
|
+
|
|
422
|
+
const { max, strategy } = ruleSet.$recordLimit;
|
|
423
|
+
|
|
424
|
+
// Build a filter to count existing records at the same protocol path and parent context.
|
|
425
|
+
const protocolPath = incomingMessage.message.descriptor.protocolPath!;
|
|
426
|
+
const filter: Filter = {
|
|
427
|
+
interface : DwnInterfaceName.Records,
|
|
428
|
+
method : DwnMethodName.Write,
|
|
429
|
+
isLatestBaseState : true,
|
|
430
|
+
protocol : incomingMessage.message.descriptor.protocol!,
|
|
431
|
+
protocolPath,
|
|
432
|
+
};
|
|
433
|
+
|
|
434
|
+
// Scope by parent context for nested records.
|
|
435
|
+
const parentContextId = Records.getParentContextFromOfContextId(incomingMessage.message.contextId)!;
|
|
436
|
+
if (parentContextId !== '') {
|
|
437
|
+
const prefixFilter = FilterUtility.constructPrefixFilterAsRangeFilter(parentContextId);
|
|
438
|
+
filter.contextId = prefixFilter;
|
|
439
|
+
}
|
|
440
|
+
|
|
441
|
+
const existingCount = await messageStore.count(tenant, [filter]);
|
|
442
|
+
|
|
443
|
+
if (existingCount >= max) {
|
|
444
|
+
if (strategy === ProtocolRecordLimitStrategy.Reject) {
|
|
445
|
+
throw new DwnError(
|
|
446
|
+
DwnErrorCode.ProtocolAuthorizationRecordLimitExceeded,
|
|
447
|
+
`record limit of ${max} reached at protocol path '${protocolPath}'` +
|
|
448
|
+
`${parentContextId !== '' ? ` under parent context '${parentContextId}'` : ''}` +
|
|
449
|
+
`: new records are rejected until existing records are deleted.`
|
|
450
|
+
);
|
|
451
|
+
}
|
|
452
|
+
|
|
453
|
+
// Future strategies (e.g. purgeOldest) will be implemented here.
|
|
454
|
+
// For now, any non-reject strategy that somehow passes schema validation is rejected.
|
|
455
|
+
throw new DwnError(
|
|
456
|
+
DwnErrorCode.ProtocolAuthorizationRecordLimitStrategyNotImplemented,
|
|
457
|
+
`record limit strategy '${strategy}' is not yet implemented.`
|
|
458
|
+
);
|
|
459
|
+
}
|
|
460
|
+
}
|
|
461
|
+
|
|
462
|
+
/**
|
|
463
|
+
* Verifies that an update is not attempted on a record whose protocol path has `$immutable: true`.
|
|
464
|
+
*
|
|
465
|
+
* Only non-initial writes (updates) are rejected — initial writes are always allowed.
|
|
466
|
+
* `RecordsDelete` is not affected by this check; immutability prevents data mutation, not removal.
|
|
467
|
+
*
|
|
468
|
+
* @throws {DwnError} with `ProtocolAuthorizationImmutableRecord` if an update is attempted on an immutable record.
|
|
469
|
+
*/
|
|
470
|
+
export async function verifyImmutability(
|
|
471
|
+
incomingMessage: RecordsWrite,
|
|
472
|
+
ruleSet: ProtocolRuleSet,
|
|
473
|
+
): Promise<void> {
|
|
474
|
+
if (ruleSet.$immutable !== true) {
|
|
475
|
+
return;
|
|
476
|
+
}
|
|
477
|
+
|
|
478
|
+
const isInitialWrite = await incomingMessage.isInitialWrite();
|
|
479
|
+
if (isInitialWrite) {
|
|
480
|
+
return;
|
|
481
|
+
}
|
|
482
|
+
|
|
483
|
+
throw new DwnError(
|
|
484
|
+
DwnErrorCode.ProtocolAuthorizationImmutableRecord,
|
|
485
|
+
`record at protocol path '${incomingMessage.message.descriptor.protocolPath}' is immutable: updates are not allowed.`
|
|
486
|
+
);
|
|
487
|
+
}
|