feat: add access/delegate capability parser exported from @web3-storage/capabilities #420
Conversation
gobengo
changed the title
packages/capabilities/src/access.js
Outdated
| * | ||
| * @template {Types.Ability} A | ||
| * @template {Types.URI} R | ||
| * @typedef {Types.ParsedCapability<A, R, { delegations?: Types.Failure | Schema.Dictionary<string, Types.Link<unknown, number, number, 0 | 1>> }>} ParsedAccessDelegate |
There was a problem hiding this comment.
I use this below on lines 159, 160. @Gozala lmk if there is some better way of inferring this type. It's possible I can't just infer it from delegate because it's also used in the definition of delegate (derives) so there is a circularity?
There was a problem hiding this comment.
delegations should not be Failure, ucanto will not create parsed capability like that. It will either parse successfully or just fail, it will never partially fail.
There was a problem hiding this comment.
| * @typedef {Types.ParsedCapability<A, R, { delegations?: Types.Failure | Schema.Dictionary<string, Types.Link<unknown, number, number, 0 | 1>> }>} ParsedAccessDelegate | |
| * @typedef {Types.ParsedCapability<A, R, { delegations?: Schema.Dictionary<string, Types.Link<unknown, number, number, 0 | 1>> }>} ParsedAccessDelegate |
Does this not work ?
There was a problem hiding this comment.
@Gozala and I met together, and realized I needed to add this type assertion
There was a problem hiding this comment.
I proposed this in ucanto to make the type assertion unnecessary storacha/ucanto#215
packages/capabilities/src/access.js
Outdated
| function subsetsNbDelegations(claim, proof) { | ||
| /** @param {ParsedAccessDelegate} ucan */ | ||
| const nbDelegationsCids = (ucan) => | ||
| new Set(Object.values(ucan.nb.delegations || {}).map(String)) |
There was a problem hiding this comment.
Nit: can you hoist this function, to the top level since it does not enclose anything
packages/capabilities/src/access.js
Outdated
| const nbDelegationsCids = (ucan) => | ||
| new Set(Object.values(ucan.nb.delegations || {}).map(String)) | ||
| const missingProofs = setDifference( | ||
| new Set(nbDelegationsCids(claim)), |
There was a problem hiding this comment.
You create a set and then pass it into a set constructor, which seems unnecessary
| audience: bob, | ||
| capabilities: [{ can: 'store/*', with: alice.did() }], | ||
| }) | ||
| const validInvocations = [ |
There was a problem hiding this comment.
This is really hard to follow and if one of the cases fails the whole test will fail as well. Could you generate tests instead meaning have loop that calls it ? It would be easier to follow and failure in one case will not fail the whole suite.
| // correct cid | ||
| [bobCanStoreAllWithAlice.cid.toString(), bobCanStoreAllWithAlice.cid], | ||
| // not a cid at all | ||
| ['thisIsNotACid', bobCanStoreAllWithAlice.cid], |
There was a problem hiding this comment.
🤔 I'm starting to wonder if the whole dict is a good idea here, but then if we chose list it also may not be ordered.
… smaller calls to mocha test()
Co-authored-by: Irakli Gozalishvili <contact@gozala.io>
Co-authored-by: Irakli Gozalishvili <contact@gozala.io>
🤖 I have created a release *beep* *boop* --- ## [2.3.0](capabilities-v2.2.0...capabilities-v2.3.0) (2023-02-10) ### Features * add `pre` caveat to `store/list` and `upload/list` ([#423](#423)) ([a0f6d28](a0f6d28)) * add access/delegate capability parser exported from @web3-storage/capabilities ([#420](#420)) ([e8e2b1a](e8e2b1a)) * add support for access/authorize and update ([#392](#392)) ([9c8ca0b](9c8ca0b)), closes [#386](#386) * define access/claim in @web3-storage/capabilities ([#409](#409)) ([4d72ba3](4d72ba3)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
🤖 I have created a release *beep* *boop* --- ## [2.3.0](capabilities-v2.2.0...capabilities-v2.3.0) (2023-02-10) ### Features * add `pre` caveat to `store/list` and `upload/list` ([#423](#423)) ([9cce414](9cce414)) * add access/delegate capability parser exported from @web3-storage/capabilities ([#420](#420)) ([7834cf2](7834cf2)) * add support for access/authorize and update ([#392](#392)) ([bf41071](bf41071)), closes [#386](#386) * define access/claim in @web3-storage/capabilities ([#409](#409)) ([2fb34dd](2fb34dd)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Pass the value of the VITE_W3UP_PROVIDER env variable along to registerSpace. This lets us configure the provider used during space registration at the app level.
Pass the value of the VITE_W3UP_PROVIDER env variable along to registerSpace. This lets us configure the provider used during space registration at the app level.
Motivation:
access/delegatecapability parser from@web3-storage/capabilities#414