cojson 0.8.19-group-inheritance.0 → 0.8.21

package/src/permissions.ts

@@ -2,7 +2,7 @@ import { CoID } from "./coValue.js";
 import { CoValueCore, Transaction } from "./coValueCore.js";
 import { RawAccount, RawAccountID, RawProfile } from "./coValues/account.js";
 import { MapOpPayload } from "./coValues/coMap.js";
-import { EVERYONE, Everyone, RawGroup } from "./coValues/group.js";
+import { EVERYONE, Everyone } from "./coValues/group.js";
 import { KeyID } from "./crypto/crypto.js";
 import { AgentID, RawCoID, SessionID, TransactionID } from "./ids.js";
 import { parseJSON } from "./jsonStringify.js";
@@ -28,12 +28,198 @@ export function determineValidTransactions(
   coValue: CoValueCore,
 ): { txID: TransactionID; tx: Transaction }[] {
   if (coValue.header.ruleset.type === "group") {
+    const allTransactionsSorted = [...coValue.sessionLogs.entries()].flatMap(
+      ([sessionID, sessionLog]) => {
+        return sessionLog.transactions.map((tx, txIndex) => ({
+          sessionID,
+          txIndex,
+          tx,
+        })) as {
+          sessionID: SessionID;
+          txIndex: number;
+          tx: Transaction;
+        }[];
+      },
+    );
+
+    allTransactionsSorted.sort((a, b) => {
+      return a.tx.madeAt - b.tx.madeAt;
+    });
+
     const initialAdmin = coValue.header.ruleset.initialAdmin;
+
     if (!initialAdmin) {
       throw new Error("Group must have initialAdmin");
     }
 
-    return determineValidTransactionsForGroup(coValue, initialAdmin);
+    const memberState: {
+      [agent: RawAccountID | AgentID]: Role;
+      [EVERYONE]?: Role;
+    } = {};
+
+    const validTransactions: { txID: TransactionID; tx: Transaction }[] = [];
+
+    for (const { sessionID, txIndex, tx } of allTransactionsSorted) {
+      // console.log("before", { memberState, validTransactions });
+      const transactor = accountOrAgentIDfromSessionID(sessionID);
+
+      if (tx.privacy === "private") {
+        if (memberState[transactor] === "admin") {
+          validTransactions.push({
+            txID: { sessionID, txIndex },
+            tx,
+          });
+          continue;
+        } else {
+          console.warn("Only admins can make private transactions in groups");
+          continue;
+        }
+      }
+
+      let changes;
+
+      try {
+        changes = parseJSON(tx.changes);
+      } catch (e) {
+        console.warn(
+          coValue.id,
+          "Invalid JSON in transaction",
+          e,
+          tx,
+          JSON.stringify(tx.changes, (k, v) =>
+            k === "changes" || k === "encryptedChanges"
+              ? v.slice(0, 20) + "..."
+              : v,
+          ),
+        );
+        continue;
+      }
+
+      const change = changes[0] as
+        | MapOpPayload<RawAccountID | AgentID | Everyone, Role>
+        | MapOpPayload<"readKey", JsonValue>
+        | MapOpPayload<"profile", CoID<RawProfile>>;
+      if (changes.length !== 1) {
+        console.warn("Group transaction must have exactly one change");
+        continue;
+      }
+
+      if (change.op !== "set") {
+        console.warn("Group transaction must set a role or readKey");
+        continue;
+      }
+
+      if (change.key === "readKey") {
+        if (memberState[transactor] !== "admin") {
+          console.warn("Only admins can set readKeys");
+          continue;
+        }
+
+        validTransactions.push({ txID: { sessionID, txIndex }, tx });
+        continue;
+      } else if (change.key === "profile") {
+        if (memberState[transactor] !== "admin") {
+          console.warn("Only admins can set profile");
+          continue;
+        }
+
+        validTransactions.push({ txID: { sessionID, txIndex }, tx });
+        continue;
+      } else if (
+        isKeyForKeyField(change.key) ||
+        isKeyForAccountField(change.key)
+      ) {
+        if (
+          memberState[transactor] !== "admin" &&
+          memberState[transactor] !== "adminInvite" &&
+          memberState[transactor] !== "writerInvite" &&
+          memberState[transactor] !== "readerInvite"
+        ) {
+          console.warn("Only admins can reveal keys");
+          continue;
+        }
+
+        // TODO: check validity of agents who the key is revealed to?
+
+        validTransactions.push({ txID: { sessionID, txIndex }, tx });
+        continue;
+      }
+
+      const affectedMember = change.key;
+      const assignedRole = change.value;
+
+      if (
+        change.value !== "admin" &&
+        change.value !== "writer" &&
+        change.value !== "reader" &&
+        change.value !== "revoked" &&
+        change.value !== "adminInvite" &&
+        change.value !== "writerInvite" &&
+        change.value !== "readerInvite"
+      ) {
+        console.warn("Group transaction must set a valid role");
+        continue;
+      }
+
+      if (
+        affectedMember === EVERYONE &&
+        !(
+          change.value === "reader" ||
+          change.value === "writer" ||
+          change.value === "revoked"
+        )
+      ) {
+        console.warn("Everyone can only be set to reader, writer or revoked");
+        continue;
+      }
+
+      const isFirstSelfAppointment =
+        !memberState[transactor] &&
+        transactor === initialAdmin &&
+        change.op === "set" &&
+        change.key === transactor &&
+        change.value === "admin";
+
+      if (!isFirstSelfAppointment) {
+        if (memberState[transactor] === "admin") {
+          if (
+            memberState[affectedMember] === "admin" &&
+            affectedMember !== transactor &&
+            assignedRole !== "admin"
+          ) {
+            console.warn("Admins can only demote themselves.");
+            continue;
+          }
+        } else if (memberState[transactor] === "adminInvite") {
+          if (change.value !== "admin") {
+            console.warn("AdminInvites can only create admins.");
+            continue;
+          }
+        } else if (memberState[transactor] === "writerInvite") {
+          if (change.value !== "writer") {
+            console.warn("WriterInvites can only create writers.");
+            continue;
+          }
+        } else if (memberState[transactor] === "readerInvite") {
+          if (change.value !== "reader") {
+            console.warn("ReaderInvites can only create reader.");
+            continue;
+          }
+        } else {
+          console.warn(
+            "Group transaction must be made by current admin or invite",
+          );
+          continue;
+        }
+      }
+
+      memberState[affectedMember] = change.value;
+      validTransactions.push({ txID: { sessionID, txIndex }, tx });
+
+      // console.log("after", { memberState, validTransactions });
+    }
+
+    return validTransactions;
   } else if (coValue.header.ruleset.type === "ownedByGroup") {
     const groupContent = expectGroup(
       coValue.node
@@ -55,18 +241,27 @@ export function determineValidTransactions(
         return sessionLog.transactions
           .filter((tx) => {
             const groupAtTime = groupContent.atTime(tx.madeAt);
-            const effectiveTransactor = agentInAccountOrMemberInGroup(
-              transactor,
-              groupAtTime,
-            );
+            const effectiveTransactor =
+              transactor === groupContent.id &&
+              groupAtTime instanceof RawAccount
+                ? groupAtTime.currentAgentID().match(
+                    (agentID) => agentID,
+                    (e) => {
+                      console.error(
+                        "Error while determining current agent ID in valid transactions",
+                        e,
+                      );
+                      return undefined;
+                    },
+                  )
+                : transactor;
 
             if (!effectiveTransactor) {
               return false;
             }
 
             const transactorRoleAtTxTime =
-              groupAtTime.roleOfInternal(effectiveTransactor)?.role ||
-              groupAtTime.roleOfInternal(EVERYONE)?.role;
+              groupAtTime.get(effectiveTransactor) || groupAtTime.get(EVERYONE);
 
             return (
               transactorRoleAtTxTime === "admin" ||
@@ -96,234 +291,6 @@ export function determineValidTransactions(
   }
 }
 
-function determineValidTransactionsForGroup(
-  coValue: CoValueCore,
-  initialAdmin: RawAccountID | AgentID,
-): { txID: TransactionID; tx: Transaction }[] {
-  const allTransactionsSorted = [...coValue.sessionLogs.entries()].flatMap(
-    ([sessionID, sessionLog]) => {
-      return sessionLog.transactions.map((tx, txIndex) => ({
-        sessionID,
-        txIndex,
-        tx,
-      })) as {
-        sessionID: SessionID;
-        txIndex: number;
-        tx: Transaction;
-      }[];
-    },
-  );
-
-  allTransactionsSorted.sort((a, b) => {
-    return a.tx.madeAt - b.tx.madeAt;
-  });
-
-  const memberState: {
-    [agent: RawAccountID | AgentID]: Role;
-    [EVERYONE]?: Role;
-  } = {};
-
-  const validTransactions: { txID: TransactionID; tx: Transaction }[] = [];
-
-  for (const { sessionID, txIndex, tx } of allTransactionsSorted) {
-    // console.log("before", { memberState, validTransactions });
-    const transactor = accountOrAgentIDfromSessionID(sessionID);
-
-    if (tx.privacy === "private") {
-      if (memberState[transactor] === "admin") {
-        validTransactions.push({
-          txID: { sessionID, txIndex },
-          tx,
-        });
-        continue;
-      } else {
-        console.warn("Only admins can make private transactions in groups");
-        continue;
-      }
-    }
-
-    let changes;
-
-    try {
-      changes = parseJSON(tx.changes);
-    } catch (e) {
-      console.warn(
-        coValue.id,
-        "Invalid JSON in transaction",
-        e,
-        tx,
-        JSON.stringify(tx.changes, (k, v) =>
-          k === "changes" || k === "encryptedChanges"
-            ? v.slice(0, 20) + "..."
-            : v,
-        ),
-      );
-      continue;
-    }
-
-    const change = changes[0] as
-      | MapOpPayload<RawAccountID | AgentID | Everyone, Role>
-      | MapOpPayload<"readKey", JsonValue>
-      | MapOpPayload<"profile", CoID<RawProfile>>
-      | MapOpPayload<`parent_${CoID<RawGroup>}`, CoID<RawGroup>>
-      | MapOpPayload<`child_${CoID<RawGroup>}`, CoID<RawGroup>>;
-
-    if (changes.length !== 1) {
-      console.warn("Group transaction must have exactly one change");
-      continue;
-    }
-
-    if (change.op !== "set") {
-      console.warn("Group transaction must set a role or readKey");
-      continue;
-    }
-
-    if (change.key === "readKey") {
-      if (memberState[transactor] !== "admin") {
-        console.warn("Only admins can set readKeys");
-        continue;
-      }
-
-      validTransactions.push({ txID: { sessionID, txIndex }, tx });
-      continue;
-    } else if (change.key === "profile") {
-      if (memberState[transactor] !== "admin") {
-        console.warn("Only admins can set profile");
-        continue;
-      }
-
-      validTransactions.push({ txID: { sessionID, txIndex }, tx });
-      continue;
-    } else if (
-      isKeyForKeyField(change.key) ||
-      isKeyForAccountField(change.key)
-    ) {
-      if (
-        memberState[transactor] !== "admin" &&
-        memberState[transactor] !== "adminInvite" &&
-        memberState[transactor] !== "writerInvite" &&
-        memberState[transactor] !== "readerInvite"
-      ) {
-        console.warn("Only admins can reveal keys");
-        continue;
-      }
-
-      // TODO: check validity of agents who the key is revealed to?
-
-      validTransactions.push({ txID: { sessionID, txIndex }, tx });
-      continue;
-    } else if (isParentExtension(change.key)) {
-      if (memberState[transactor] !== "admin") {
-        console.warn("Only admins can set parent extensions");
-        continue;
-      }
-      validTransactions.push({ txID: { sessionID, txIndex }, tx });
-      continue;
-    } else if (isChildExtension(change.key)) {
-      if (memberState[transactor] !== "admin") {
-        console.warn("Only admins can set child extensions");
-        continue;
-      }
-      validTransactions.push({ txID: { sessionID, txIndex }, tx });
-      continue;
-    }
-
-    const affectedMember = change.key;
-    const assignedRole = change.value;
-
-    if (
-      change.value !== "admin" &&
-      change.value !== "writer" &&
-      change.value !== "reader" &&
-      change.value !== "revoked" &&
-      change.value !== "adminInvite" &&
-      change.value !== "writerInvite" &&
-      change.value !== "readerInvite"
-    ) {
-      console.warn("Group transaction must set a valid role");
-      continue;
-    }
-
-    if (
-      affectedMember === EVERYONE &&
-      !(
-        change.value === "reader" ||
-        change.value === "writer" ||
-        change.value === "revoked"
-      )
-    ) {
-      console.warn("Everyone can only be set to reader, writer or revoked");
-      continue;
-    }
-
-    const isFirstSelfAppointment =
-      !memberState[transactor] &&
-      transactor === initialAdmin &&
-      change.op === "set" &&
-      change.key === transactor &&
-      change.value === "admin";
-
-    if (!isFirstSelfAppointment) {
-      if (memberState[transactor] === "admin") {
-        if (
-          memberState[affectedMember] === "admin" &&
-          affectedMember !== transactor &&
-          assignedRole !== "admin"
-        ) {
-          console.warn("Admins can only demote themselves.");
-          continue;
-        }
-      } else if (memberState[transactor] === "adminInvite") {
-        if (change.value !== "admin") {
-          console.warn("AdminInvites can only create admins.");
-          continue;
-        }
-      } else if (memberState[transactor] === "writerInvite") {
-        if (change.value !== "writer") {
-          console.warn("WriterInvites can only create writers.");
-          continue;
-        }
-      } else if (memberState[transactor] === "readerInvite") {
-        if (change.value !== "reader") {
-          console.warn("ReaderInvites can only create reader.");
-          continue;
-        }
-      } else {
-        console.warn(
-          "Group transaction must be made by current admin or invite",
-        );
-        continue;
-      }
-    }
-
-    memberState[affectedMember] = change.value;
-    validTransactions.push({ txID: { sessionID, txIndex }, tx });
-
-    // console.log("after", { memberState, validTransactions });
-  }
-
-  return validTransactions;
-}
-
-function agentInAccountOrMemberInGroup(
-  transactor: RawAccountID | AgentID,
-  groupAtTime: RawGroup,
-): RawAccountID | AgentID | undefined {
-  if (transactor === groupAtTime.id && groupAtTime instanceof RawAccount) {
-    return groupAtTime.currentAgentID().match(
-      (agentID) => agentID,
-      (e) => {
-        console.error(
-          "Error while determining current agent ID in valid transactions",
-          e,
-        );
-        return undefined;
-      },
-    );
-  }
-  return transactor;
-}
-
 export function isKeyForKeyField(co: string): co is `${KeyID}_for_${KeyID}` {
   return co.startsWith("key_") && co.includes("_for_key");
 }
@@ -337,11 +304,3 @@ export function isKeyForAccountField(
     co.includes("_for_everyone")
   );
 }
-
-function isParentExtension(key: string): key is `parent_${CoID<RawGroup>}` {
-  return key.startsWith("parent_");
-}
-
-function isChildExtension(key: string): key is `child_${CoID<RawGroup>}` {
-  return key.startsWith("child_");
-}

package/src/storage/index.ts

@@ -146,7 +146,7 @@ export class LSMStorage<WH, RH, FS extends FileSystem<WH, RH>> {
         asDependencyOf || id,
       );
     } else if (!known?.header && coValue.header?.ruleset.type === "group") {
-      const dependedOnAccountsAndGroups = new Set();
+      const dependedOnAccounts = new Set();
       for (const session of Object.values(coValue.sessionEntries)) {
         for (const entry of session) {
           for (const tx of entry.transactions) {
@@ -154,24 +154,16 @@ export class LSMStorage<WH, RH, FS extends FileSystem<WH, RH>> {
               const parsedChanges = JSON.parse(tx.changes);
               for (const change of parsedChanges) {
                 if (change.op === "set" && change.key.startsWith("co_")) {
-                  dependedOnAccountsAndGroups.add(change.key);
-                }
-                if (
-                  change.op === "set" &&
-                  change.key.startsWith("parent_co_")
-                ) {
-                  dependedOnAccountsAndGroups.add(
-                    change.key.replace("parent_", ""),
-                  );
+                  dependedOnAccounts.add(change.key);
                 }
               }
             }
           }
         }
       }
-      for (const accountOrGroup of dependedOnAccountsAndGroups) {
+      for (const account of dependedOnAccounts) {
         await this.sendNewContent(
-          accountOrGroup as CoID<RawCoValue>,
+          account as CoID<RawCoValue>,
           undefined,
           asDependencyOf || id,
         );

package/src/sync.ts

@@ -143,6 +143,12 @@ export class SyncManager {
     const coValueEntry = this.local.coValues[id];
 
     for (const peer of eligiblePeers) {
+      if (peer.erroredCoValues.has(id)) {
+        console.error(
+          `Skipping load on errored coValue ${id} from peer ${peer.id}`,
+        );
+        continue;
+      }
       await peer.pushOutgoingMessage({
         action: "load",
         id: id,
@@ -157,6 +163,12 @@ export class SyncManager {
   }
 
   async handleSyncMessage(msg: SyncMessage, peer: PeerState) {
+    if (peer.erroredCoValues.has(msg.id)) {
+      console.error(
+        `Skipping message ${msg.action} on errored coValue ${msg.id} from peer ${peer.id}`,
+      );
+      return;
+    }
     // TODO: validate
     switch (msg.action) {
       case "load":
@@ -388,7 +400,7 @@ export class SyncManager {
   }
 
   async handleLoad(msg: LoadMessage, peer: PeerState) {
-    peer.optimisticKnownStates.dispatch({
+    peer.dispatchToKnownStates({
       type: "SET",
       id: msg.id,
       value: knownStateIn(msg),
@@ -442,7 +454,7 @@ export class SyncManager {
       const loaded = await entry.state.ready;
 
       if (loaded === "unavailable") {
-        peer.optimisticKnownStates.dispatch({
+        peer.dispatchToKnownStates({
           type: "SET",
           id: msg.id,
           value: knownStateIn(msg),
@@ -469,13 +481,7 @@ export class SyncManager {
   async handleKnownState(msg: KnownStateMessage, peer: PeerState) {
     let entry = this.local.coValues[msg.id];
 
-    peer.optimisticKnownStates.dispatch({
-      type: "COMBINE_WITH",
-      id: msg.id,
-      value: knownStateIn(msg),
-    });
-
-    peer.knownStates.dispatch({
+    peer.dispatchToKnownStates({
       type: "COMBINE_WITH",
       id: msg.id,
       value: knownStateIn(msg),
@@ -540,7 +546,7 @@ export class SyncManager {
         return;
       }
 
-      peer.optimisticKnownStates.dispatch({
+      peer.dispatchToKnownStates({
         type: "UPDATE_HEADER",
         id: msg.id,
         header: true,
@@ -629,10 +635,11 @@ export class SyncManager {
           "our last known tx idx now: " +
             coValue.sessionLogs.get(sessionID)?.transactions.length,
         );
+        peer.erroredCoValues.set(msg.id, result.error);
         continue;
       }
 
-      peer.optimisticKnownStates.dispatch({
+      peer.dispatchToKnownStates({
         type: "UPDATE_SESSION_COUNTER",
         id: msg.id,
         sessionId: sessionID,
@@ -675,7 +682,7 @@ export class SyncManager {
   }
 
   async handleCorrection(msg: KnownStateMessage, peer: PeerState) {
-    peer.optimisticKnownStates.dispatch({
+    peer.dispatchToKnownStates({
       type: "SET",
       id: msg.id,
       value: knownStateIn(msg),
@@ -716,6 +723,7 @@ export class SyncManager {
     // let blockingSince = performance.now();
     for (const peer of this.peersInPriorityOrder()) {
       if (peer.closed) continue;
+      if (peer.erroredCoValues.has(coValue.id)) continue;
       // if (performance.now() - blockingSince > 5) {
       //     await new Promise<void>((resolve) => {
       //         setTimeout(resolve, 0);

package/src/tests/PeerState.test.ts

@@ -1,4 +1,5 @@
 import { describe, expect, test, vi } from "vitest";
+import { PeerKnownStateActions } from "../PeerKnownStates.js";
 import { PeerState } from "../PeerState.js";
 import { CO_VALUE_PRIORITY } from "../priority.js";
 import { Peer, SyncMessage } from "../sync.js";
@@ -15,7 +16,7 @@ function setup() {
       close: vi.fn(),
     },
   };
-  const peerState = new PeerState(mockPeer);
+  const peerState = new PeerState(mockPeer, undefined);
   return { mockPeer, peerState };
 }
 
@@ -115,4 +116,46 @@ describe("PeerState", () => {
       contentMessageMid,
     );
   });
+
+  test("should clone the knownStates into optimisticKnownStates and knownStates when passed as argument", () => {
+    const { peerState, mockPeer } = setup();
+    const action: PeerKnownStateActions = {
+      type: "SET",
+      id: "co_z1",
+      value: {
+        id: "co_z1",
+        header: false,
+        sessions: {},
+      },
+    };
+    peerState.dispatchToKnownStates(action);
+
+    const newPeerState = new PeerState(mockPeer, peerState.knownStates);
+
+    expect(newPeerState.knownStates).toEqual(peerState.knownStates);
+    expect(newPeerState.optimisticKnownStates).toEqual(peerState.knownStates);
+  });
+
+  test("should dispatch to both states", () => {
+    const { peerState } = setup();
+    const knownStatesSpy = vi.spyOn(peerState.knownStates, "dispatch");
+    const optimisticKnownStatesSpy = vi.spyOn(
+      peerState.optimisticKnownStates,
+      "dispatch",
+    );
+
+    const action: PeerKnownStateActions = {
+      type: "SET",
+      id: "co_z1",
+      value: {
+        id: "co_z1",
+        header: false,
+        sessions: {},
+      },
+    };
+    peerState.dispatchToKnownStates(action);
+
+    expect(knownStatesSpy).toHaveBeenCalledWith(action);
+    expect(optimisticKnownStatesSpy).toHaveBeenCalledWith(action);
+  });
 });