···
"tangled.sh/tangled.sh/core/workflow"
28
-
func (h *Handle) processPublicKey(ctx context.Context, did string, record tangled.PublicKey) error {
28
+
func (h *Handle) processPublicKey(ctx context.Context, did string, operation string, record tangled.PublicKey) error {
l := log.FromContext(ctx)
32
+
case models.CommitOperationCreate, models.CommitOperationUpdate:
37
+
if err := h.db.AddPublicKey(pk); err != nil {
38
+
l.Error("failed to add public key", "error", err)
39
+
return fmt.Errorf("failed to add public key: %w", err)
41
+
l.Info("added public key from firehose", "did", did)
43
+
case models.CommitOperationDelete:
44
+
if err := h.db.RemovePublicKey(did); err != nil {
45
+
l.Error("failed to remove public key", "error", err)
46
+
return fmt.Errorf("failed to remove public key: %w", err)
48
+
l.Info("removed public key (delete triggered from firehose)", "did", did)
34
-
if err := h.db.AddPublicKey(pk); err != nil {
35
-
l.Error("failed to add public key", "error", err)
36
-
return fmt.Errorf("failed to add public key: %w", err)
38
-
l.Info("added public key from firehose", "did", did)
42
-
func (h *Handle) processKnotMember(ctx context.Context, did string, record tangled.KnotMember) error {
54
+
func (h *Handle) processKnotMember(ctx context.Context, did string, operation string, record tangled.KnotMember) error {
l := log.FromContext(ctx)
45
-
if record.Domain != h.c.Server.Hostname {
46
-
l.Error("domain mismatch", "domain", record.Domain, "expected", h.c.Server.Hostname)
47
-
return fmt.Errorf("domain mismatch: %s != %s", record.Domain, h.c.Server.Hostname)
58
+
case models.CommitOperationCreate, models.CommitOperationUpdate:
59
+
if record.Domain != h.c.Server.Hostname {
60
+
l.Error("domain mismatch", "domain", record.Domain, "expected", h.c.Server.Hostname)
61
+
return fmt.Errorf("domain mismatch: %s != %s", record.Domain, h.c.Server.Hostname)
50
-
ok, err := h.e.E.Enforce(did, rbac.ThisServer, rbac.ThisServer, "server:invite")
51
-
if err != nil || !ok {
52
-
l.Error("failed to add member", "did", did)
53
-
return fmt.Errorf("failed to enforce permissions: %w", err)
64
+
ok, err := h.e.E.Enforce(did, rbac.ThisServer, rbac.ThisServer, "server:invite")
65
+
if err != nil || !ok {
66
+
l.Error("failed to add member", "did", did)
67
+
return fmt.Errorf("failed to enforce permissions: %w", err)
70
+
if err := h.e.AddKnotMember(rbac.ThisServer, record.Subject); err != nil {
71
+
l.Error("failed to add member", "error", err)
72
+
return fmt.Errorf("failed to add member: %w", err)
74
+
l.Info("added member from firehose", "member", record.Subject)
76
+
if err := h.db.AddDid(did); err != nil {
77
+
l.Error("failed to add did", "error", err)
78
+
return fmt.Errorf("failed to add did: %w", err)
56
-
if err := h.e.AddKnotMember(rbac.ThisServer, record.Subject); err != nil {
57
-
l.Error("failed to add member", "error", err)
58
-
return fmt.Errorf("failed to add member: %w", err)
60
-
l.Info("added member from firehose", "member", record.Subject)
82
+
if err := h.fetchAndAddKeys(ctx, did); err != nil {
83
+
return fmt.Errorf("failed to fetch and add keys: %w", err)
62
-
if err := h.db.AddDid(did); err != nil {
63
-
l.Error("failed to add did", "error", err)
64
-
return fmt.Errorf("failed to add did: %w", err)
86
+
case models.CommitOperationDelete:
87
+
if err := h.e.RemoveKnotMember(rbac.ThisServer, record.Subject); err != nil {
88
+
l.Error("failed to remove member", "error", err)
89
+
return fmt.Errorf("failed to remove member: %w", err)
91
+
l.Info("removed member (delete triggered from firehose)", "member", record.Subject)
68
-
if err := h.fetchAndAddKeys(ctx, did); err != nil {
69
-
return fmt.Errorf("failed to fetch and add keys: %w", err)
93
+
if err := h.db.RemoveDid(record.Subject); err != nil {
94
+
l.Error("failed to remove did", "error", err)
95
+
return fmt.Errorf("failed to remove did: %w", err)
97
+
h.jc.RemoveDid(record.Subject)
···
// duplicated from add collaborator
217
-
func (h *Handle) processCollaborator(ctx context.Context, did string, record tangled.RepoCollaborator) error {
218
-
repoAt, err := syntax.ParseATURI(record.Repo)
245
+
func (h *Handle) processCollaborator(ctx context.Context, did string, operation string, record tangled.RepoCollaborator) error {
246
+
l := log.FromContext(ctx)
247
+
l = l.With("handler", "processCollaborator", "did", did)
223
-
resolver := idresolver.DefaultResolver()
250
+
case models.CommitOperationCreate, models.CommitOperationUpdate:
251
+
repoAt, err := syntax.ParseATURI(record.Repo)
225
-
subjectId, err := resolver.ResolveIdent(ctx, record.Subject)
226
-
if err != nil || subjectId.Handle.IsInvalidHandle() {
256
+
resolver := h.resolver
230
-
// TODO: fix this for good, we need to fetch the record here unfortunately
231
-
// resolve this aturi to extract the repo record
232
-
owner, err := resolver.ResolveIdent(ctx, repoAt.Authority().String())
233
-
if err != nil || owner.Handle.IsInvalidHandle() {
234
-
return fmt.Errorf("failed to resolve handle: %w", err)
258
+
subjectId, err := resolver.ResolveIdent(ctx, record.Subject)
259
+
if err != nil || subjectId.Handle.IsInvalidHandle() {
263
+
// TODO: fix this for good, we need to fetch the record here unfortunately
264
+
// resolve this aturi to extract the repo record
265
+
owner, err := resolver.ResolveIdent(ctx, repoAt.Authority().String())
266
+
if err != nil || owner.Handle.IsInvalidHandle() {
267
+
return fmt.Errorf("failed to resolve handle: %w", err)
270
+
xrpcc := xrpc.Client{
271
+
Host: owner.PDSEndpoint(),
274
+
resp, err := comatproto.RepoGetRecord(ctx, &xrpcc, "", tangled.RepoNSID, repoAt.Authority().String(), repoAt.RecordKey().String())
279
+
repo := resp.Value.Val.(*tangled.Repo)
280
+
didSlashRepo, _ := securejoin.SecureJoin(owner.DID.String(), repo.Name)
282
+
// check perms for this user
283
+
if ok, err := h.e.IsCollaboratorInviteAllowed(owner.DID.String(), rbac.ThisServer, didSlashRepo); !ok || err != nil {
284
+
return fmt.Errorf("insufficient permissions: %w", err)
287
+
if err := h.db.AddDid(subjectId.DID.String()); err != nil {
290
+
h.jc.AddDid(subjectId.DID.String())
292
+
if err := h.e.AddCollaborator(subjectId.DID.String(), rbac.ThisServer, didSlashRepo); err != nil {
296
+
l.Info("added collaborator from firehose", "subject", record.Subject, "repo", record.Repo)
298
+
return h.fetchAndAddKeys(ctx, subjectId.DID.String())
300
+
case models.CommitOperationDelete:
301
+
repoAt, err := syntax.ParseATURI(record.Repo)
306
+
resolver := h.resolver
308
+
subjectId, err := resolver.ResolveIdent(ctx, record.Subject)
309
+
if err != nil || subjectId.Handle.IsInvalidHandle() {
237
-
xrpcc := xrpc.Client{
238
-
Host: owner.PDSEndpoint(),
313
+
owner, err := resolver.ResolveIdent(ctx, repoAt.Authority().String())
314
+
if err != nil || owner.Handle.IsInvalidHandle() {
315
+
return fmt.Errorf("failed to resolve handle: %w", err)
241
-
resp, err := comatproto.RepoGetRecord(ctx, &xrpcc, "", tangled.RepoNSID, repoAt.Authority().String(), repoAt.RecordKey().String())
318
+
xrpcc := xrpc.Client{
319
+
Host: owner.PDSEndpoint(),
246
-
repo := resp.Value.Val.(*tangled.Repo)
247
-
didSlashRepo, _ := securejoin.SecureJoin(owner.DID.String(), repo.Name)
322
+
resp, err := comatproto.RepoGetRecord(ctx, &xrpcc, "", tangled.RepoNSID, repoAt.Authority().String(), repoAt.RecordKey().String())
249
-
// check perms for this user
250
-
if ok, err := h.e.IsCollaboratorInviteAllowed(owner.DID.String(), rbac.ThisServer, didSlashRepo); !ok || err != nil {
251
-
return fmt.Errorf("insufficient permissions: %w", err)
327
+
repo := resp.Value.Val.(*tangled.Repo)
328
+
didSlashRepo, _ := securejoin.SecureJoin(owner.DID.String(), repo.Name)
254
-
if err := h.db.AddDid(subjectId.DID.String()); err != nil {
257
-
h.jc.AddDid(subjectId.DID.String())
330
+
if err := h.e.RemoveCollaborator(subjectId.DID.String(), rbac.ThisServer, didSlashRepo); err != nil {
331
+
l.Error("failed to remove collaborator", "error", err)
332
+
return fmt.Errorf("failed to remove collaborator: %w", err)
259
-
if err := h.e.AddCollaborator(subjectId.DID.String(), rbac.ThisServer, didSlashRepo); err != nil {
335
+
l.Info("removed collaborator from firehose", "subject", record.Subject, "repo", record.Repo)
263
-
return h.fetchAndAddKeys(ctx, subjectId.DID.String())
func (h *Handle) fetchAndAddKeys(ctx context.Context, did string) error {
···
if err := json.Unmarshal(raw, &record); err != nil {
return fmt.Errorf("failed to unmarshal record: %w", err)
332
-
if err := h.processPublicKey(ctx, did, record); err != nil {
407
+
if err := h.processPublicKey(ctx, did, event.Commit.Operation, record); err != nil {
return fmt.Errorf("failed to process public key: %w", err)
···
if err := json.Unmarshal(raw, &record); err != nil {
return fmt.Errorf("failed to unmarshal record: %w", err)
341
-
if err := h.processKnotMember(ctx, did, record); err != nil {
416
+
if err := h.processKnotMember(ctx, did, event.Commit.Operation, record); err != nil {
return fmt.Errorf("failed to process knot member: %w", err)
···
if err := json.Unmarshal(raw, &record); err != nil {
return fmt.Errorf("failed to unmarshal record: %w", err)
359
-
if err := h.processCollaborator(ctx, did, record); err != nil {
360
-
return fmt.Errorf("failed to process knot member: %w", err)
434
+
if err := h.processCollaborator(ctx, did, event.Commit.Operation, record); err != nil {
435
+
return fmt.Errorf("failed to process collaborator: %w", err)
julien.rbrt.fr
anirudh.fi