npm - cojson - Versions diffs - 0.10.15 → 0.11.0 - Mend

cojson 0.10.15 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (138) hide show

package/.turbo/turbo-build.log +1 -1
package/CHANGELOG.md +14 -0
package/dist/CoValuesStore.d.ts +12 -0
package/dist/CoValuesStore.d.ts.map +1 -0
package/dist/PeerKnownStates.d.ts +38 -0
package/dist/PeerKnownStates.d.ts.map +1 -0
package/dist/PeerState.d.ts +46 -0
package/dist/PeerState.d.ts.map +1 -0
package/dist/PriorityBasedMessageQueue.d.ts +18 -0
package/dist/PriorityBasedMessageQueue.d.ts.map +1 -0
package/dist/SyncStateManager.d.ts +20 -0
package/dist/SyncStateManager.d.ts.map +1 -0
package/dist/base64url.d.ts +3 -0
package/dist/base64url.d.ts.map +1 -0
package/dist/base64url.test.d.ts +2 -0
package/dist/base64url.test.d.ts.map +1 -0
package/dist/coValue.d.ts +52 -0
package/dist/coValue.d.ts.map +1 -0
package/dist/coValueCore.d.ts +143 -0
package/dist/coValueCore.d.ts.map +1 -0
package/dist/coValueState.d.ts +58 -0
package/dist/coValueState.d.ts.map +1 -0
package/dist/coValues/account.d.ts +69 -0
package/dist/coValues/account.d.ts.map +1 -0
package/dist/coValues/coList.d.ts +163 -0
package/dist/coValues/coList.d.ts.map +1 -0
package/dist/coValues/coMap.d.ts +142 -0
package/dist/coValues/coMap.d.ts.map +1 -0
package/dist/coValues/coPlainText.d.ts +33 -0
package/dist/coValues/coPlainText.d.ts.map +1 -0
package/dist/coValues/coStream.d.ts +109 -0
package/dist/coValues/coStream.d.ts.map +1 -0
package/dist/coValues/group.d.ts +143 -0
package/dist/coValues/group.d.ts.map +1 -0
package/dist/coValues/group.js +51 -3
package/dist/coValues/group.js.map +1 -1
package/dist/coreToCoValue.d.ts +15 -0
package/dist/coreToCoValue.d.ts.map +1 -0
package/dist/crypto/PureJSCrypto.d.ts +50 -0
package/dist/crypto/PureJSCrypto.d.ts.map +1 -0
package/dist/crypto/WasmCrypto.d.ts +49 -0
package/dist/crypto/WasmCrypto.d.ts.map +1 -0
package/dist/crypto/crypto.d.ts +142 -0
package/dist/crypto/crypto.d.ts.map +1 -0
package/dist/exports.d.ts +84 -0
package/dist/exports.d.ts.map +1 -0
package/dist/ids.d.ts +23 -0
package/dist/ids.d.ts.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -0
package/dist/jsonStringify.d.ts +7 -0
package/dist/jsonStringify.d.ts.map +1 -0
package/dist/jsonValue.d.ts +45 -0
package/dist/jsonValue.d.ts.map +1 -0
package/dist/localNode.d.ts +111 -0
package/dist/localNode.d.ts.map +1 -0
package/dist/logger.d.ts +33 -0
package/dist/logger.d.ts.map +1 -0
package/dist/media.d.ts +8 -0
package/dist/media.d.ts.map +1 -0
package/dist/permissions.d.ts +24 -0
package/dist/permissions.d.ts.map +1 -0
package/dist/permissions.js +3 -4
package/dist/permissions.js.map +1 -1
package/dist/priority.d.ts +19 -0
package/dist/priority.d.ts.map +1 -0
package/dist/storage/FileSystem.d.ts +37 -0
package/dist/storage/FileSystem.d.ts.map +1 -0
package/dist/storage/chunksAndKnownStates.d.ts +7 -0
package/dist/storage/chunksAndKnownStates.d.ts.map +1 -0
package/dist/storage/index.d.ts +52 -0
package/dist/storage/index.d.ts.map +1 -0
package/dist/streamUtils.d.ts +13 -0
package/dist/streamUtils.d.ts.map +1 -0
package/dist/sync.d.ts +97 -0
package/dist/sync.d.ts.map +1 -0
package/dist/tests/PeerKnownStates.test.d.ts +2 -0
package/dist/tests/PeerKnownStates.test.d.ts.map +1 -0
package/dist/tests/PeerState.test.d.ts +2 -0
package/dist/tests/PeerState.test.d.ts.map +1 -0
package/dist/tests/PriorityBasedMessageQueue.test.d.ts +2 -0
package/dist/tests/PriorityBasedMessageQueue.test.d.ts.map +1 -0
package/dist/tests/SyncStateManager.test.d.ts +2 -0
package/dist/tests/SyncStateManager.test.d.ts.map +1 -0
package/dist/tests/account.test.d.ts +2 -0
package/dist/tests/account.test.d.ts.map +1 -0
package/dist/tests/coList.test.d.ts +2 -0
package/dist/tests/coList.test.d.ts.map +1 -0
package/dist/tests/coMap.test.d.ts +2 -0
package/dist/tests/coMap.test.d.ts.map +1 -0
package/dist/tests/coPlainText.test.d.ts +2 -0
package/dist/tests/coPlainText.test.d.ts.map +1 -0
package/dist/tests/coStream.test.d.ts +2 -0
package/dist/tests/coStream.test.d.ts.map +1 -0
package/dist/tests/coValueCore.test.d.ts +2 -0
package/dist/tests/coValueCore.test.d.ts.map +1 -0
package/dist/tests/coValueState.test.d.ts +2 -0
package/dist/tests/coValueState.test.d.ts.map +1 -0
package/dist/tests/crypto.test.d.ts +2 -0
package/dist/tests/crypto.test.d.ts.map +1 -0
package/dist/tests/cryptoImpl.test.d.ts +2 -0
package/dist/tests/cryptoImpl.test.d.ts.map +1 -0
package/dist/tests/group.test.d.ts +2 -0
package/dist/tests/group.test.d.ts.map +1 -0
package/dist/tests/group.test.js +130 -0
package/dist/tests/group.test.js.map +1 -1
package/dist/tests/logger.test.d.ts +2 -0
package/dist/tests/logger.test.d.ts.map +1 -0
package/dist/tests/permissions.test.d.ts +2 -0
package/dist/tests/permissions.test.d.ts.map +1 -0
package/dist/tests/permissions.test.js +194 -1
package/dist/tests/permissions.test.js.map +1 -1
package/dist/tests/priority.test.d.ts +2 -0
package/dist/tests/priority.test.d.ts.map +1 -0
package/dist/tests/sync.test.d.ts +2 -0
package/dist/tests/sync.test.d.ts.map +1 -0
package/dist/tests/testUtils.d.ts +142 -0
package/dist/tests/testUtils.d.ts.map +1 -0
package/dist/tests/testUtils.js +4 -1
package/dist/tests/testUtils.js.map +1 -1
package/dist/typeUtils/accountOrAgentIDfromSessionID.d.ts +4 -0
package/dist/typeUtils/accountOrAgentIDfromSessionID.d.ts.map +1 -0
package/dist/typeUtils/expectGroup.d.ts +4 -0
package/dist/typeUtils/expectGroup.d.ts.map +1 -0
package/dist/typeUtils/isAccountID.d.ts +4 -0
package/dist/typeUtils/isAccountID.d.ts.map +1 -0
package/dist/typeUtils/isCoValue.d.ts +4 -0
package/dist/typeUtils/isCoValue.d.ts.map +1 -0
package/dist/utils.d.ts +5 -0
package/dist/utils.d.ts.map +1 -0
package/package.json +6 -6
package/src/coValues/group.ts +84 -9
package/src/jsonValue.ts +9 -5
package/src/permissions.ts +3 -4
package/src/tests/group.test.ts +187 -0
package/src/tests/permissions.test.ts +285 -0
package/src/tests/testUtils.ts +4 -1
package/tsconfig.json +3 -1

package/src/tests/permissions.test.ts CHANGED Viewed

@@ -5,6 +5,7 @@ import { WasmCrypto } from "../crypto/WasmCrypto.js";
 import { expectGroup } from "../typeUtils/expectGroup.js";
 import {
   connectTwoPeers,
+  createThreeConnectedNodes,
   createTwoConnectedNodes,
   groupWithTwoAdmins,
   groupWithTwoAdminsHighLevel,
@@ -893,6 +894,26 @@ test("Admins can set group read key, make a private transaction in an owned obje
   expect(childContentAsReader.get("foo2")).toEqual("bar2");
 });
+test("only admins can add agent ids", () => {
+  const { groupCore } = newGroup();
+  const inviteSecret = Crypto.newRandomAgentSecret();
+  const inviteID = Crypto.getAgentID(inviteSecret);
+  const groupAsInvite = expectGroup(
+    groupCore
+      .testWithDifferentAccount(
+        new ControlledAgent(inviteSecret, Crypto),
+        Crypto.newRandomSessionID(inviteID),
+      )
+      .getCurrentContent(),
+  );
+  groupAsInvite.set(inviteID, "adminInvite", "trusting");
+  expect(groupAsInvite.get(inviteID)).toEqual(undefined);
+});
 test("Admins can set group read rey, make a private transaction in an owned object, rotate the read key, add two readers, rotate the read key again to kick out one reader, make another private transaction in the owned object, and only the remaining reader can read both transactions", () => {
   const { node, groupCore, admin } = newGroup();
@@ -2802,6 +2823,270 @@ test("Calling extend to create grand-child groups parent and child references an
   expect(childContentAsReader.get("foo")).toEqual("bar");
 });
+test("revoking access on a child group doesn't block access to that group if a more permissive role is inheritable", async () => {
+  const { node1, node2 } = await createTwoConnectedNodes("server", "server");
+  const group = node1.node.createGroup();
+  const parentGroup = node1.node.createGroup();
+  group.extend(parentGroup);
+  const randomUser = await loadCoValueOrFail(node1.node, node2.accountID);
+  parentGroup.addMember(randomUser, "writer");
+  group.addMember(randomUser, "writer");
+  await group.removeMember(randomUser);
+  const childMap = group.createMap();
+  childMap.set("foo", "bar", "private");
+  const mapOnNode2 = await loadCoValueOrFail(node2.node, childMap.id);
+  mapOnNode2.set("foo", "baz", "private");
+  expect(mapOnNode2.get("foo")).toEqual("baz");
+});
+test("revoking access on a parent group doesn't block access to the child group if the same role is inheritable from a grand-parent group", async () => {
+  const { node1, node2 } = await createTwoConnectedNodes("server", "server");
+  const group = node1.node.createGroup();
+  const parentGroup = node1.node.createGroup();
+  const grandParentGroup = node1.node.createGroup();
+  group.extend(parentGroup);
+  parentGroup.extend(grandParentGroup);
+  const randomUser = await loadCoValueOrFail(node1.node, node2.accountID);
+  grandParentGroup.addMember(randomUser, "writer");
+  parentGroup.addMember(randomUser, "writer");
+  await parentGroup.removeMember(randomUser);
+  const childMap = group.createMap();
+  childMap.set("foo", "bar", "private");
+  const mapOnNode2 = await loadCoValueOrFail(node2.node, childMap.id);
+  mapOnNode2.set("foo", "baz", "private");
+  expect(mapOnNode2.get("foo")).toEqual("baz");
+});
+test("revoking access on a parent group doesn't block access to the child group if the same role is inheritable from another parent group", async () => {
+  const { node1, node2 } = await createTwoConnectedNodes("server", "server");
+  const group = node1.node.createGroup();
+  const parentGroup1 = node1.node.createGroup();
+  const parentGroup2 = node1.node.createGroup();
+  group.extend(parentGroup1);
+  group.extend(parentGroup2);
+  const randomUser = await loadCoValueOrFail(node1.node, node2.accountID);
+  parentGroup1.addMember(randomUser, "writer");
+  parentGroup2.addMember(randomUser, "writer");
+  await parentGroup1.removeMember(randomUser);
+  const childMap = group.createMap();
+  childMap.set("foo", "bar", "private");
+  const mapOnNode2 = await loadCoValueOrFail(node2.node, childMap.id);
+  mapOnNode2.set("foo", "baz", "private");
+  expect(mapOnNode2.get("foo")).toEqual("baz");
+});
+test("revoking write access to parent group", async () => {
+  // Start with a node and a group
+  const { group, node } = newGroupHighLevel();
+  // Create a parent group and relate it to the existing group
+  const parentGroup = node.createGroup();
+  group.extend(parentGroup);
+  // Create an account (`alice`) that can write to the parent group
+  // Create an account (`bob`) that can write to the child group
+  const alice = node.createAccount();
+  const bob = node.createAccount();
+  parentGroup.addMember(alice, "writer");
+  group.addMember(bob, "writer");
+  // The child group has a map that can be written to by `bob`
+  const mapCore = node.createCoValue({
+    type: "comap",
+    ruleset: { type: "ownedByGroup", group: group.id },
+    meta: null,
+    ...Crypto.createdNowUnique(),
+  });
+  const bobMap = expectMap(
+    mapCore
+      .testWithDifferentAccount(bob, Crypto.newRandomSessionID(bob.id))
+      .getCurrentContent(),
+  );
+  // `bob` sets `foo` to `bar`
+  bobMap.set("foo", "bar", "private");
+  // `bob`'s change is made successfully
+  expect(bobMap.get("foo")).toEqual("bar");
+  const aliceMap = expectMap(
+    mapCore
+      .testWithDifferentAccount(alice, Crypto.newRandomSessionID(alice.id))
+      .getCurrentContent(),
+  );
+  // `alice` sets `foo` to `baz`
+  aliceMap.set("foo", "baz", "private");
+  // `alice`'s change is made successfully
+  expect(aliceMap.get("foo")).toEqual("baz");
+  // The two groups are no longer related
+  await group.revokeExtend(parentGroup);
+  // `bob` sets `foo` to `abc`
+  bobMap.set("foo", "abc", "private");
+  // `bob`'s change is made successfully
+  expect(bobMap.get("foo")).toEqual("abc");
+  const aliceMapAfterUnextend = expectMap(
+    mapCore
+      .testWithDifferentAccount(alice, Crypto.newRandomSessionID(alice.id))
+      .getCurrentContent(),
+  );
+  // `alice` attempts to set `foo` to `def`, but fails
+  expect(() => aliceMapAfterUnextend.set("foo", "def", "private")).toThrow(
+    "Can't make transaction without read key secret",
+  );
+  // `alice`'s change is not made successfully
+  expect(aliceMapAfterUnextend.get("foo")).not.toEqual("def");
+});
+test("revoking read access to parent group", async () => {
+  // Start with two nodes
+  const { node1, node2 } = await createTwoConnectedNodes("server", "server");
+  const group = node1.node.createGroup();
+  // Create a parent group and relate it to the existing group
+  const parentGroup = node1.node.createGroup();
+  group.extend(parentGroup);
+  // Create an account (`alice`) that can read from the parent group
+  // Create an account (`bob`) that can write to the child group
+  const alice = await loadCoValueOrFail(node1.node, node2.accountID);
+  const bob = await loadCoValueOrFail(node1.node, node1.accountID);
+  parentGroup.addMember(alice, "reader");
+  group.addMember(bob, "writer");
+  // The child group has a map that can be written to by `bob`
+  const bobMap = group.createMap();
+  // `bob` sets `foo` to `bar`
+  bobMap.set("foo", "bar", "private");
+  // `bob`'s change is made successfully
+  expect(bobMap.get("foo")).toEqual("bar");
+  const aliceMap = await loadCoValueOrFail(node2.node, bobMap.id);
+  // `alice` reads `foo` as `bar`
+  expect(aliceMap.get("foo")).toEqual("bar");
+  // The two groups are no longer related
+  await group.revokeExtend(parentGroup);
+  // `bob` sets `foo` to `abc`
+  bobMap.set("foo", "abc", "private");
+  // `bob`'s change is made successfully
+  expect(bobMap.get("foo")).toEqual("abc");
+  // `alice` reads `foo` as `bar`
+  expect(aliceMap.get("foo")).toEqual("bar");
+});
+test("revoking read access to grandparent group", async () => {
+  // Start with two nodes
+  const { node1, node2, node3 } = await createThreeConnectedNodes(
+    "server",
+    "server",
+    "server",
+  );
+  const group = node1.node.createGroup();
+  // Create group hierarchy
+  const parentGroup = node1.node.createGroup();
+  const grandParentGroup = node1.node.createGroup();
+  group.extend(parentGroup);
+  parentGroup.extend(grandParentGroup);
+  // Create an account (`alice`) that can read from the parent group
+  // Create an account (`bob`) that can write to the child group
+  // Create an account (`charlie`) that can read from the grandparent group
+  const alice = await loadCoValueOrFail(node1.node, node2.accountID);
+  const bob = await loadCoValueOrFail(node1.node, node1.accountID);
+  const charlie = await loadCoValueOrFail(node1.node, node3.accountID);
+  parentGroup.addMember(alice, "reader");
+  group.addMember(bob, "writer");
+  grandParentGroup.addMember(charlie, "reader");
+  // The child group has a map that can be written to by `bob`
+  const bobMap = group.createMap();
+  // `bob` sets `foo` to `bar`
+  bobMap.set("foo", "bar", "private");
+  // `bob`'s change is made successfully
+  expect(bobMap.get("foo")).toEqual("bar");
+  const aliceMap = await loadCoValueOrFail(node2.node, bobMap.id);
+  // `alice` reads `foo` as `bar`
+  expect(aliceMap.get("foo")).toEqual("bar");
+  const charlieMap = await loadCoValueOrFail(node3.node, bobMap.id);
+  // `charlie` reads `foo` as `bar`
+  expect(charlieMap.get("foo")).toEqual("bar");
+  // The groups are no longer related
+  await parentGroup.revokeExtend(grandParentGroup);
+  await group.revokeExtend(parentGroup);
+  // `bob` sets `foo` to `abc`
+  bobMap.set("foo", "abc", "private");
+  // `bob`'s change is made successfully
+  expect(bobMap.get("foo")).toEqual("abc");
+  // `alice` reads `foo` as `bar`
+  expect(aliceMap.get("foo")).toEqual("bar");
+  // `charlie` reads `foo` as `bar`
+  expect(charlieMap.get("foo")).toEqual("bar");
+});
+test("a user should have write access if the parent group has everyone as a writer", async () => {
+  const { node1, node2 } = await createTwoConnectedNodes("server", "server");
+  const group = node1.node.createGroup();
+  const parentGroup = node1.node.createGroup();
+  group.extend(parentGroup);
+  parentGroup.addMember("everyone", "writer");
+  const randomUser = await loadCoValueOrFail(node1.node, node2.accountID);
+  group.addMember(randomUser, "reader");
+  const childMap = group.createMap();
+  childMap.set("foo", "bar", "private");
+  const mapOnNode2 = await loadCoValueOrFail(node2.node, childMap.id);
+  mapOnNode2.set("foo", "baz", "private");
+  expect(mapOnNode2.get("foo")).toEqual("baz");
+});
 test("High-level permissions work correctly when a group is extended", async () => {
   const { group, node } = newGroupHighLevel();
   const parentGroup = node.createGroup();

package/src/tests/testUtils.ts CHANGED Viewed

@@ -5,7 +5,7 @@ import {
   MeterProvider,
   MetricReader,
 } from "@opentelemetry/sdk-metrics";
-import { expect, vi } from "vitest";
+import { expect, onTestFinished, vi } from "vitest";
 import { ControlledAgent } from "../coValues/account.js";
 import { WasmCrypto } from "../crypto/WasmCrypto.js";
 import type { CoID, RawCoValue } from "../exports.js";
@@ -200,6 +200,9 @@ export function newGroupHighLevel() {
   const group = node.createGroup();
+  onTestFinished(() => {
+    node.gracefulShutdown();
+  });
   return { admin, node, group };
 }

package/tsconfig.json CHANGED Viewed

@@ -9,7 +9,9 @@
     "skipLibCheck": true,
     "forceConsistentCasingInFileNames": true,
     "noUncheckedIndexedAccess": true,
-    "esModuleInterop": true
+    "esModuleInterop": true,
+    "declaration": true,
+    "declarationMap": true
   },
   "include": ["./src/**/*.ts"],
   "exclude": ["./node_modules"]