npm - cojson - Versions diffs - 0.18.22 → 0.18.24 - Mend

cojson 0.18.22 → 0.18.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/.turbo/turbo-build.log +1 -1
package/CHANGELOG.md +15 -0
package/dist/coValues/group.d.ts +6 -7
package/dist/coValues/group.d.ts.map +1 -1
package/dist/coValues/group.js +51 -32
package/dist/coValues/group.js.map +1 -1
package/dist/knownState.d.ts +1 -1
package/dist/knownState.d.ts.map +1 -1
package/dist/permissions.d.ts +1 -0
package/dist/permissions.d.ts.map +1 -1
package/dist/permissions.js +6 -0
package/dist/permissions.js.map +1 -1
package/dist/tests/group.inheritance.test.js +111 -3
package/dist/tests/group.inheritance.test.js.map +1 -1
package/dist/tests/testUtils.d.ts +6 -8
package/dist/tests/testUtils.d.ts.map +1 -1
package/dist/tests/testUtils.js +22 -55
package/dist/tests/testUtils.js.map +1 -1
package/package.json +3 -3
package/src/coValues/group.ts +115 -49
package/src/knownState.ts +2 -2
package/src/permissions.ts +9 -0
package/src/tests/group.inheritance.test.ts +212 -8
package/src/tests/testUtils.ts +33 -77

package/src/permissions.ts CHANGED Viewed

@@ -57,6 +57,15 @@ export type Role =
   | "readerInvite"
   | "writeOnlyInvite";
+export function isAccountRole(role?: Role): role is AccountRole {
+  return (
+    role === "admin" ||
+    role === "writer" ||
+    role === "reader" ||
+    role === "writeOnly"
+  );
+}
 type ValidTransactionsResult = { txID: TransactionID; tx: Transaction };
 type MemberState = { [agent: RawAccountID | AgentID]: Role; [EVERYONE]?: Role };

package/src/tests/group.inheritance.test.ts CHANGED Viewed

@@ -3,11 +3,13 @@ import type { CoID, RawGroup } from "../exports";
 import { NewContentMessage } from "../sync";
 import {
   SyncMessagesLog,
+  createNConnectedNodes,
   createThreeConnectedNodes,
   createTwoConnectedNodes,
   loadCoValueOrFail,
   setupTestNode,
 } from "./testUtils";
+import { expectMap } from "../coValue.js";
 let jazzCloud: ReturnType<typeof setupTestNode>;
@@ -21,17 +23,12 @@ describe("extend", () => {
     const { node1, node2 } = await createTwoConnectedNodes("server", "server");
     const group = node1.node.createGroup();
-    group.addMember(
-      await loadCoValueOrFail(node1.node, node2.accountID),
-      "writer",
-    );
+    const node2OnNode1 = await loadCoValueOrFail(node1.node, node2.accountID);
+    group.addMember(node2OnNode1, "writer");
     const childGroup = node1.node.createGroup();
     childGroup.extend(group);
-    childGroup.addMember(
-      await loadCoValueOrFail(node1.node, node2.accountID),
-      "writeOnly",
-    );
+    childGroup.addMember(node2OnNode1, "writeOnly");
     const map = childGroup.createMap();
     map.set("test", "Written from the admin");
@@ -124,6 +121,115 @@ describe("extend", () => {
     expect(mapOnNode2.get("hello")).toEqual("from node 2");
   });
+  test("existing parent groups have access to new writeOnly keys in the child group", async () => {
+    const { node1, node2, node3 } = await createThreeConnectedNodes(
+      "server",
+      "server",
+      "server",
+    );
+    const parentGroup = node1.node.createGroup();
+    const account2OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node2.accountID,
+    );
+    parentGroup.addMember(account2OnNode1, "admin");
+    const childGroup = node1.node.createGroup();
+    const account3OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node3.accountID,
+    );
+    childGroup.extend(parentGroup);
+    // The existing parent group should have access to content written by
+    // an account with writeOnly permission
+    childGroup.addMember(account3OnNode1, "writeOnly");
+    const map = childGroup.createMap();
+    const mapOnNode3 = await loadCoValueOrFail(node3.node, map.id);
+    mapOnNode3.set("test", "Written by writeOnly member");
+    expect(mapOnNode3.get("test")).toEqual("Written by writeOnly member");
+    await mapOnNode3.core.waitForSync();
+    const mapOnNode2 = await loadCoValueOrFail(node2.node, map.id);
+    expect(mapOnNode2.get("test")).toEqual("Written by writeOnly member");
+  });
+  test("new parent groups have access to existing writeOnly keys in the child group", async () => {
+    const { node1, node2, node3 } = await createThreeConnectedNodes(
+      "server",
+      "server",
+      "server",
+    );
+    const parentGroup = node1.node.createGroup();
+    const account2OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node2.accountID,
+    );
+    parentGroup.addMember(account2OnNode1, "admin");
+    const childGroup = node1.node.createGroup();
+    const account3OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node3.accountID,
+    );
+    childGroup.addMember(account3OnNode1, "writeOnly");
+    // The new parent group should have access to content written by
+    // an account with writeOnly permission
+    childGroup.extend(parentGroup);
+    const map = childGroup.createMap();
+    const mapOnNode3 = await loadCoValueOrFail(node3.node, map.id);
+    mapOnNode3.set("test", "Written by writeOnly member");
+    expect(mapOnNode3.get("test")).toEqual("Written by writeOnly member");
+    await mapOnNode3.core.waitForSync();
+    const mapOnNode2 = await loadCoValueOrFail(node2.node, map.id);
+    expect(mapOnNode2.get("test")).toEqual("Written by writeOnly member");
+  });
+  test("writeOnly keys are rotated for parent groups", async () => {
+    const { node1, node2, node3 } = await createThreeConnectedNodes(
+      "server",
+      "server",
+      "server",
+    );
+    const parentGroup = node1.node.createGroup();
+    const account2OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node2.accountID,
+    );
+    parentGroup.addMember(account2OnNode1, "admin");
+    const childGroup = node1.node.createGroup();
+    const account3OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node3.accountID,
+    );
+    childGroup.addMember(account3OnNode1, "writeOnly");
+    childGroup.extend(parentGroup);
+    childGroup.rotateReadKey();
+    const childGroupOnNode3 = await loadCoValueOrFail(
+      node3.node,
+      childGroup.id,
+    );
+    const map = childGroupOnNode3.createMap();
+    map.set("test", "Written by writeOnly member");
+    await map.core.waitForSync();
+    const mapOnNode2 = await loadCoValueOrFail(node2.node, map.id);
+    expect(mapOnNode2.get("test")).toEqual("Written by writeOnly member");
+  });
   test("a user should be able to extend a group when his role on the parent group is writeOnly", async () => {
     const { node1, node2 } = await createTwoConnectedNodes("server", "server");
@@ -344,6 +450,104 @@ describe("extend", () => {
     expect(childGroup.roleOf(alice.id)).toBe("writer");
   });
+  test("group inheritance should work for groups extended without having membership in the parent group", async () => {
+    const { node1, node2, node3 } = await createThreeConnectedNodes(
+      "server",
+      "server",
+      "server",
+    );
+    const parentGroup = node1.node.createGroup();
+    const account2OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node2.accountID,
+    );
+    parentGroup.addMember(account2OnNode1, "admin");
+    const childGroup = node1.node.createGroup();
+    childGroup.extend(parentGroup, "admin");
+    const sharedGroup = node3.node.createGroup();
+    // Account3 does not have permissions over the childGroup being extended
+    const childGroupOnNode3 = await loadCoValueOrFail(
+      node3.node,
+      childGroup.id,
+    );
+    sharedGroup.extend(childGroupOnNode3, "admin");
+    expect(sharedGroup.roleOf(node1.accountID)).toEqual("admin");
+    expect(sharedGroup.roleOf(node2.accountID)).toEqual("admin");
+    expect(sharedGroup.roleOf(node3.accountID)).toEqual("admin");
+    // Create a map owned by sharedGroup
+    const testMap = sharedGroup.createMap();
+    testMap.set("name", "Test");
+    // node1 should be able to access the map because it is admin of the childGroup
+    const testMapOnNode1 = expectMap(
+      await loadCoValueOrFail(node1.node, testMap.id),
+    );
+    expect(testMapOnNode1.get("name")).toEqual("Test");
+    // node2 should also be able to access the map because it is admin of parentGroup
+    const testMapOnNode2 = expectMap(
+      await loadCoValueOrFail(node2.node, testMap.id),
+    );
+    expect(testMapOnNode2.get("name")).toEqual("Test");
+  });
+  test("adding new group members should work for groups extended without having membership in the parent group", async () => {
+    const nodes = await createNConnectedNodes(
+      "server",
+      "server",
+      "server",
+      "server",
+    );
+    const node1 = nodes[0]!;
+    const node2 = nodes[1]!;
+    const node3 = nodes[2]!;
+    const node4 = nodes[3]!;
+    const parentGroup = node1.node.createGroup();
+    const account2OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node2.accountID,
+    );
+    parentGroup.addMember(account2OnNode1, "admin");
+    const childGroup = node1.node.createGroup();
+    childGroup.extend(parentGroup, "admin");
+    const sharedGroup = node3.node.createGroup();
+    // Account3 does not have permissions over the childGroup being extended
+    const childGroupOnNode3 = await loadCoValueOrFail(
+      node3.node,
+      childGroup.id,
+    );
+    sharedGroup.extend(childGroupOnNode3, "admin");
+    // Add a new parent group to the previously extended child group
+    const newParentGroup = node1.node.createGroup();
+    const account4OnNode1 = await loadCoValueOrFail(
+      node1.node,
+      node4.accountID,
+    );
+    newParentGroup.addMember(account4OnNode1, "admin");
+    childGroup.extend(newParentGroup);
+    // Create a map owned by sharedGroup
+    const testMap = sharedGroup.createMap();
+    testMap.set("name", "Test");
+    // Account4 should be able to access the map because it is admin of newParentGroup
+    const testMapOnNode4 = expectMap(
+      await loadCoValueOrFail(node4.node, testMap.id),
+    );
+    expect(testMapOnNode4.get("name")).toEqual("Test");
+  });
   test("should be possible to extend a group after getting revoked from the parent group", async () => {
     const { node1, node2, node3 } = await createThreeConnectedNodes(
       "server",

package/src/tests/testUtils.ts CHANGED Viewed

@@ -70,33 +70,11 @@ export async function createTwoConnectedNodes(
   node1Role: Peer["role"],
   node2Role: Peer["role"],
 ) {
-  // Connect nodes initially
-  const [node1ToNode2Peer, node2ToNode1Peer] = connectedPeers(
-    "node1ToNode2",
-    "node2ToNode1",
-    {
-      peer1role: node2Role,
-      peer2role: node1Role,
-    },
-  );
-  const node1 = await LocalNode.withNewlyCreatedAccount({
-    peersToLoadFrom: [node1ToNode2Peer],
-    crypto: Crypto,
-    creationProps: { name: "Client" },
-  });
-  const node2 = await LocalNode.withNewlyCreatedAccount({
-    peersToLoadFrom: [node2ToNode1Peer],
-    crypto: Crypto,
-    creationProps: { name: "Server" },
-  });
+  const [node1, node2] = await createNConnectedNodes(node1Role, node2Role);
   return {
-    node1,
-    node2,
-    node1ToNode2Peer,
-    node2ToNode1Peer,
+    node1: node1!,
+    node2: node2!,
   };
 }
@@ -105,64 +83,42 @@ export async function createThreeConnectedNodes(
   node2Role: Peer["role"],
   node3Role: Peer["role"],
 ) {
-  const [node1ToNode2Peer, node2ToNode1Peer] = connectedPeers(
-    "node1ToNode2",
-    "node2ToNode1",
-    {
-      peer1role: node2Role,
-      peer2role: node1Role,
-    },
-  );
-  const [node1ToNode3Peer, node3ToNode1Peer] = connectedPeers(
-    "node1ToNode3",
-    "node3ToNode1",
-    {
-      peer1role: node3Role,
-      peer2role: node1Role,
-    },
-  );
-  const [node2ToNode3Peer, node3ToNode2Peer] = connectedPeers(
-    "node2ToNode3",
-    "node3ToNode2",
-    {
-      peer1role: node3Role,
-      peer2role: node2Role,
-    },
+  const [node1, node2, node3] = await createNConnectedNodes(
+    node1Role,
+    node2Role,
+    node3Role,
   );
-  const node1 = await LocalNode.withNewlyCreatedAccount({
-    peersToLoadFrom: [node1ToNode2Peer, node1ToNode3Peer],
-    crypto: Crypto,
-    creationProps: { name: "Node 1" },
-  });
-  const node2 = await LocalNode.withNewlyCreatedAccount({
-    peersToLoadFrom: [node2ToNode1Peer, node2ToNode3Peer],
-    crypto: Crypto,
-    creationProps: { name: "Node 2" },
-  });
-  const node3 = await LocalNode.withNewlyCreatedAccount({
-    peersToLoadFrom: [node3ToNode1Peer, node3ToNode2Peer],
-    crypto: Crypto,
-    creationProps: { name: "Node 3" },
-  });
   return {
-    node1,
-    node2,
-    node3,
-    node1ToNode2Peer,
-    node2ToNode1Peer,
-    node1ToNode3Peer,
-    node3ToNode1Peer,
-    node2ToNode3Peer,
-    node3ToNode2Peer,
+    node1: node1!,
+    node2: node2!,
+    node3: node3!,
   };
 }
+export async function createNConnectedNodes(...nodeRoles: Peer["role"][]) {
+  const nodes = await Promise.all(
+    Array.from({ length: nodeRoles.length }, async (_, i) => {
+      return LocalNode.withNewlyCreatedAccount({
+        peersToLoadFrom: [],
+        crypto: Crypto,
+        creationProps: { name: `Node ${i + 1}` },
+      });
+    }),
+  );
+  for (let i = 0; i < nodes.length; i++) {
+    for (let j = i + 1; j < nodes.length; j++) {
+      connectTwoPeers(
+        nodes[i]!.node,
+        nodes[j]!.node,
+        nodeRoles[i]!,
+        nodeRoles[j]!,
+      );
+    }
+  }
+  return nodes;
+}
 export function connectTwoPeers(
   a: LocalNode,
   b: LocalNode,