From 3ec2e2e74ef6b64059606ac193ccfc1c19546073 Mon Sep 17 00:00:00 2001 From: Travis Vachon Date: Fri, 6 Oct 2023 15:32:29 -0700 Subject: [PATCH 1/2] feat: add a revocations test for a second scope ensure we can store revocations for the same delegation with two different scopes this ensures that we can do "deep revocation" where we (the service, ie the source of authority about what happens on the service) can revoke a "leaf" of the delegation tree without revoking the nodes between our service and the leaf. --- .../test/storage/revocations-storage-tests.js | 37 ++++++++++++++----- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/packages/upload-api/test/storage/revocations-storage-tests.js b/packages/upload-api/test/storage/revocations-storage-tests.js index 540ed4453..db58c7520 100644 --- a/packages/upload-api/test/storage/revocations-storage-tests.js +++ b/packages/upload-api/test/storage/revocations-storage-tests.js @@ -8,30 +8,49 @@ import { createSampleDelegation } from '../../src/utils/ucan.js' export const test = { 'can add and retrieve revocations': async (assert, context) => { const storage = context.revocationsStorage - const badRevocation = await createSampleDelegation() - const proofRevocation = await createSampleDelegation() + const badDelegation = await createSampleDelegation() + const scopeDelegation = await createSampleDelegation() const invocationCID = await randomCID() - const { ok: revoked } = await storage.getAll([proofRevocation.cid, badRevocation.cid]) + const { ok: revoked } = await storage.getAll([scopeDelegation.cid, badDelegation.cid]) assert.deepEqual(revoked, []) - await storage.addAll([{ revoke: badRevocation.cid, scope: proofRevocation.cid, cause: invocationCID }]) + await storage.addAll([{ + revoke: badDelegation.cid, + scope: scopeDelegation.cid, + cause: invocationCID + }]) // it should return revocations that have been recorded - const { ok: revocationsToMeta } = await storage.getAll([badRevocation.cid]) + const { ok: revocationsToMeta } = await storage.getAll([badDelegation.cid]) assert.deepEqual(revocationsToMeta, [ - { revoke: badRevocation.cid, scope: proofRevocation.cid, cause: invocationCID } + { revoke: badDelegation.cid, scope: scopeDelegation.cid, cause: invocationCID } ]) // it should not return revocations that have not been recorded - const { ok: noRevocations } = await storage.getAll([proofRevocation.cid]) + const { ok: noRevocations } = await storage.getAll([scopeDelegation.cid]) assert.deepEqual(noRevocations, []) // it should return revocations that have been recorded - const { ok: someRevocations } = await storage.getAll([badRevocation.cid, proofRevocation.cid]) + const { ok: someRevocations } = await storage.getAll([badDelegation.cid, scopeDelegation.cid]) assert.deepEqual(someRevocations, [ - { revoke: badRevocation.cid, scope: proofRevocation.cid, cause: invocationCID } + { revoke: badDelegation.cid, scope: scopeDelegation.cid, cause: invocationCID } ]) + // if we revoke from and alternate scope + const alternateScopeDelegation = await createSampleDelegation() + const secondInvocationCID = await randomCID() + await storage.addAll([{ + revoke: badDelegation.cid, + scope: alternateScopeDelegation.cid, + cause: secondInvocationCID + }]) + + // it should return both revocations + const { ok: moreRevocations } = await storage.getAll([badDelegation.cid]) + assert.deepEqual(moreRevocations, [ + { revoke: badDelegation.cid, scope: scopeDelegation.cid, cause: invocationCID }, + { revoke: badDelegation.cid, scope: alternateScopeDelegation.cid, cause: secondInvocationCID } + ]) } } From a0ae7866563f9122ac762436f9cdd46932e4f138 Mon Sep 17 00:00:00 2001 From: Travis Vachon Date: Fri, 6 Oct 2023 15:33:32 -0700 Subject: [PATCH 2/2] fix: tpyo --- packages/upload-api/test/storage/revocations-storage-tests.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/upload-api/test/storage/revocations-storage-tests.js b/packages/upload-api/test/storage/revocations-storage-tests.js index db58c7520..f7121cf19 100644 --- a/packages/upload-api/test/storage/revocations-storage-tests.js +++ b/packages/upload-api/test/storage/revocations-storage-tests.js @@ -37,7 +37,7 @@ export const test = { { revoke: badDelegation.cid, scope: scopeDelegation.cid, cause: invocationCID } ]) - // if we revoke from and alternate scope + // if we revoke from an alternate scope const alternateScopeDelegation = await createSampleDelegation() const secondInvocationCID = await randomCID() await storage.addAll([{