Fixes #339 - Vaults scanning

src/agent/service/vaultsScan.ts

@@ -1,56 +1,45 @@
 import type * as grpc from '@grpc/grpc-js';
-import type { GestaltGraph } from '../../gestalts';
 import type { VaultManager } from '../../vaults';
-import type * as nodesPB from '../../proto/js/polykey/v1/nodes/nodes_pb';
-import * as validationUtils from '../../validation/utils';
+import type * as utilsPB from '../../proto/js/polykey/v1/utils/utils_pb';
+import type { ConnectionInfoGetter } from 'agent/types';
 import * as vaultsPB from '../../proto/js/polykey/v1/vaults/vaults_pb';
-import { utils as vaultsUtils, errors as vaultsErrors } from '../../vaults';
+import { utils as vaultsUtils } from '../../vaults';
 import { utils as grpcUtils } from '../../grpc';
+import { never } from '../../utils/utils';
 
 function vaultsScan({
   vaultManager,
-  gestaltGraph,
+  connectionInfoGetter,
 }: {
   vaultManager: VaultManager;
-  gestaltGraph: GestaltGraph;
+  connectionInfoGetter: ConnectionInfoGetter;
 }) {
   return async (
-    call: grpc.ServerWritableStream<nodesPB.Node, vaultsPB.List>,
+    call: grpc.ServerWritableStream<utilsPB.EmptyMessage, vaultsPB.List>,
   ): Promise<void> => {
     const genWritable = grpcUtils.generatorWritable(call);
-    const response = new vaultsPB.List();
-    const nodeId = validationUtils.parseNodeId(call.request.getNodeId());
-    const perms = await gestaltGraph.getGestaltActionsByNode(nodeId);
-    if (!perms) {
-      await genWritable.throw(new vaultsErrors.ErrorVaultsPermissionDenied());
-      return;
-    }
-    try {
-      if (perms['scan'] !== null) {
-        await genWritable.throw(new vaultsErrors.ErrorVaultsPermissionDenied());
-        return;
-      }
-    } catch (err) {
-      if (err instanceof TypeError) {
-        await genWritable.throw(new vaultsErrors.ErrorVaultsPermissionDenied());
-        return;
-      }
-      throw err;
-    }
+    const listMessage = new vaultsPB.List();
+    // Getting the NodeId from the ReverseProxy connection info
+    const connectionInfo = connectionInfoGetter(call.getPeer());
+    // If this is getting run the connection exists
+    // It SHOULD exist here
+    if (connectionInfo == null) never();
+    const nodeId = connectionInfo.nodeId;
     try {
-      const listResponse = await vaultManager.listVaults();
-      for (const vault of listResponse) {
-        if (vault !== null) {
-          response.setVaultName(vault[0]);
-          response.setVaultId(vaultsUtils.encodeVaultId(vault[1]));
-          await genWritable.next(response);
-        } else {
-          await genWritable.next(null);
-        }
+      const listResponse = vaultManager.handleScanVaults(nodeId);
+      for await (const {
+        vaultId,
+        vaultName,
+        vaultPermissions,
+      } of listResponse) {
+        listMessage.setVaultId(vaultsUtils.encodeVaultId(vaultId));
+        listMessage.setVaultName(vaultName);
+        listMessage.setVaultPermissionsList(vaultPermissions);
+        await genWritable.next(listMessage);
       }
       await genWritable.next(null);
-    } catch (err) {
-      await genWritable.throw(err);
+    } catch (e) {
+      await genWritable.throw(e);
     }
   };
 }

src/agent/types.ts

@@ -1,7 +1,5 @@
 import type { ConnectionInfo } from 'network/types';
 
-type ConnectionInfoGetter = (
-  peerInfo: string,
-) => ConnectionInfo | undefined;
+type ConnectionInfoGetter = (peerInfo: string) => ConnectionInfo | undefined;
 
 export type { ConnectionInfoGetter };

src/bin/vaults/CommandScan.ts

@@ -9,7 +9,7 @@ class CommandScan extends CommandPolykey {
   constructor(...args: ConstructorParameters<typeof CommandPolykey>) {
     super(...args);
     this.name('scan');
-    this.description('Scans a node to reveal their vaults');
+    this.description('Scans a node to reveal their shared vaults');
     this.argument('<nodeId>', 'Id of the node to scan');
     this.addOption(binOptions.nodeId);
     this.addOption(binOptions.clientHost);
@@ -48,7 +48,10 @@ class CommandScan extends CommandPolykey {
             const data: Array<string> = [];
             const stream = grpcClient.vaultsScan(nodeMessage, meta);
             for await (const vault of stream) {
-              data.push(`${vault.getVaultName()}\t\t${vault.getVaultId()}`);
+              const vaultName = vault.getVaultName();
+              const vaultIdEncoded = vault.getVaultId();
+              const permissions = vault.getVaultPermissionsList().join(',');
+              data.push(`${vaultName}\t\t${vaultIdEncoded}\t\t${permissions}`);
             }
             return data;
           },

src/client/service/vaultsScan.ts

@@ -4,7 +4,6 @@ import type * as nodesPB from '../../proto/js/polykey/v1/nodes/nodes_pb';
 import type * as grpc from '@grpc/grpc-js';
 import type { VaultManager } from '../../vaults';
 import { utils as grpcUtils } from '../../grpc';
-import { utils as vaultsUtils } from '../../vaults';
 import { validateSync, utils as validationUtils } from '../../validation';
 import { matchSync } from '../../utils';
 import * as vaultsPB from '../../proto/js/polykey/v1/vaults/vaults_pb';
@@ -38,11 +37,15 @@ function vaultsScan({
           nodeId: call.request.getNodeId(),
         },
       );
-      const list = await vaultManager.scanNodeVaults(nodeId);
-      for (const vault of list) {
-        const vaultListMessage = new vaultsPB.List();
-        vaultListMessage.setVaultName(vault[0]);
-        vaultListMessage.setVaultId(vaultsUtils.encodeVaultId(vault[1]));
+      const vaultListMessage = new vaultsPB.List();
+      for await (const {
+        vaultIdEncoded,
+        vaultName,
+        vaultPermissions,
+      } of vaultManager.scanVaults(nodeId)) {
+        vaultListMessage.setVaultName(vaultName);
+        vaultListMessage.setVaultId(vaultIdEncoded);
+        vaultListMessage.setVaultPermissionsList(vaultPermissions);
         await genWritable.next(vaultListMessage);
       }
       await genWritable.next(null);

src/proto/js/polykey/v1/agent_service_grpc_pb.d.ts

@@ -51,12 +51,12 @@ interface IAgentServiceService_IVaultsGitPackGet extends grpc.MethodDefinition<p
     responseSerialize: grpc.serialize<polykey_v1_vaults_vaults_pb.PackChunk>;
     responseDeserialize: grpc.deserialize<polykey_v1_vaults_vaults_pb.PackChunk>;
 }
-interface IAgentServiceService_IVaultsScan extends grpc.MethodDefinition<polykey_v1_nodes_nodes_pb.Node, polykey_v1_vaults_vaults_pb.List> {
+interface IAgentServiceService_IVaultsScan extends grpc.MethodDefinition<polykey_v1_utils_utils_pb.EmptyMessage, polykey_v1_vaults_vaults_pb.List> {
     path: "/polykey.v1.AgentService/VaultsScan";
     requestStream: false;
     responseStream: true;
-    requestSerialize: grpc.serialize<polykey_v1_nodes_nodes_pb.Node>;
-    requestDeserialize: grpc.deserialize<polykey_v1_nodes_nodes_pb.Node>;
+    requestSerialize: grpc.serialize<polykey_v1_utils_utils_pb.EmptyMessage>;
+    requestDeserialize: grpc.deserialize<polykey_v1_utils_utils_pb.EmptyMessage>;
     responseSerialize: grpc.serialize<polykey_v1_vaults_vaults_pb.List>;
     responseDeserialize: grpc.deserialize<polykey_v1_vaults_vaults_pb.List>;
 }
@@ -121,7 +121,7 @@ export interface IAgentServiceServer extends grpc.UntypedServiceImplementation {
     echo: grpc.handleUnaryCall<polykey_v1_utils_utils_pb.EchoMessage, polykey_v1_utils_utils_pb.EchoMessage>;
     vaultsGitInfoGet: grpc.handleServerStreamingCall<polykey_v1_vaults_vaults_pb.InfoRequest, polykey_v1_vaults_vaults_pb.PackChunk>;
     vaultsGitPackGet: grpc.handleBidiStreamingCall<polykey_v1_vaults_vaults_pb.PackChunk, polykey_v1_vaults_vaults_pb.PackChunk>;
-    vaultsScan: grpc.handleServerStreamingCall<polykey_v1_nodes_nodes_pb.Node, polykey_v1_vaults_vaults_pb.List>;
+    vaultsScan: grpc.handleServerStreamingCall<polykey_v1_utils_utils_pb.EmptyMessage, polykey_v1_vaults_vaults_pb.List>;
     nodesClosestLocalNodesGet: grpc.handleUnaryCall<polykey_v1_nodes_nodes_pb.Node, polykey_v1_nodes_nodes_pb.NodeTable>;
     nodesClaimsGet: grpc.handleUnaryCall<polykey_v1_nodes_nodes_pb.ClaimType, polykey_v1_nodes_nodes_pb.Claims>;
     nodesChainDataGet: grpc.handleUnaryCall<polykey_v1_utils_utils_pb.EmptyMessage, polykey_v1_nodes_nodes_pb.ChainData>;
@@ -139,8 +139,8 @@ export interface IAgentServiceClient {
     vaultsGitPackGet(): grpc.ClientDuplexStream<polykey_v1_vaults_vaults_pb.PackChunk, polykey_v1_vaults_vaults_pb.PackChunk>;
     vaultsGitPackGet(options: Partial<grpc.CallOptions>): grpc.ClientDuplexStream<polykey_v1_vaults_vaults_pb.PackChunk, polykey_v1_vaults_vaults_pb.PackChunk>;
     vaultsGitPackGet(metadata: grpc.Metadata, options?: Partial<grpc.CallOptions>): grpc.ClientDuplexStream<polykey_v1_vaults_vaults_pb.PackChunk, polykey_v1_vaults_vaults_pb.PackChunk>;
-    vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
-    vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, metadata?: grpc.Metadata, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
+    vaultsScan(request: polykey_v1_utils_utils_pb.EmptyMessage, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
+    vaultsScan(request: polykey_v1_utils_utils_pb.EmptyMessage, metadata?: grpc.Metadata, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
     nodesClosestLocalNodesGet(request: polykey_v1_nodes_nodes_pb.Node, callback: (error: grpc.ServiceError | null, response: polykey_v1_nodes_nodes_pb.NodeTable) => void): grpc.ClientUnaryCall;
     nodesClosestLocalNodesGet(request: polykey_v1_nodes_nodes_pb.Node, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_nodes_nodes_pb.NodeTable) => void): grpc.ClientUnaryCall;
     nodesClosestLocalNodesGet(request: polykey_v1_nodes_nodes_pb.Node, metadata: grpc.Metadata, options: Partial<grpc.CallOptions>, callback: (error: grpc.ServiceError | null, response: polykey_v1_nodes_nodes_pb.NodeTable) => void): grpc.ClientUnaryCall;
@@ -170,8 +170,8 @@ export class AgentServiceClient extends grpc.Client implements IAgentServiceClie
     public vaultsGitInfoGet(request: polykey_v1_vaults_vaults_pb.InfoRequest, metadata?: grpc.Metadata, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.PackChunk>;
     public vaultsGitPackGet(options?: Partial<grpc.CallOptions>): grpc.ClientDuplexStream<polykey_v1_vaults_vaults_pb.PackChunk, polykey_v1_vaults_vaults_pb.PackChunk>;
     public vaultsGitPackGet(metadata?: grpc.Metadata, options?: Partial<grpc.CallOptions>): grpc.ClientDuplexStream<polykey_v1_vaults_vaults_pb.PackChunk, polykey_v1_vaults_vaults_pb.PackChunk>;
-    public vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
-    public vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, metadata?: grpc.Metadata, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
+    public vaultsScan(request: polykey_v1_utils_utils_pb.EmptyMessage, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
+    public vaultsScan(request: polykey_v1_utils_utils_pb.EmptyMessage, metadata?: grpc.Metadata, options?: Partial<grpc.CallOptions>): grpc.ClientReadableStream<polykey_v1_vaults_vaults_pb.List>;
     public nodesClosestLocalNodesGet(request: polykey_v1_nodes_nodes_pb.Node, callback: (error: grpc.ServiceError | null, response: polykey_v1_nodes_nodes_pb.NodeTable) => void): grpc.ClientUnaryCall;
     public nodesClosestLocalNodesGet(request: polykey_v1_nodes_nodes_pb.Node, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_nodes_nodes_pb.NodeTable) => void): grpc.ClientUnaryCall;
     public nodesClosestLocalNodesGet(request: polykey_v1_nodes_nodes_pb.Node, metadata: grpc.Metadata, options: Partial<grpc.CallOptions>, callback: (error: grpc.ServiceError | null, response: polykey_v1_nodes_nodes_pb.NodeTable) => void): grpc.ClientUnaryCall;

src/proto/js/polykey/v1/agent_service_grpc_pb.js

@@ -191,10 +191,10 @@ vaultsGitInfoGet: {
     path: '/polykey.v1.AgentService/VaultsScan',
     requestStream: false,
     responseStream: true,
-    requestType: polykey_v1_nodes_nodes_pb.Node,
+    requestType: polykey_v1_utils_utils_pb.EmptyMessage,
     responseType: polykey_v1_vaults_vaults_pb.List,
-    requestSerialize: serialize_polykey_v1_nodes_Node,
-    requestDeserialize: deserialize_polykey_v1_nodes_Node,
+    requestSerialize: serialize_polykey_v1_utils_EmptyMessage,
+    requestDeserialize: deserialize_polykey_v1_utils_EmptyMessage,
     responseSerialize: serialize_polykey_v1_vaults_List,
     responseDeserialize: deserialize_polykey_v1_vaults_List,
   },

src/proto/js/polykey/v1/vaults/vaults_pb.d.ts

@@ -33,6 +33,10 @@ export class List extends jspb.Message {
     setVaultName(value: string): List;
     getVaultId(): string;
     setVaultId(value: string): List;
+    clearVaultPermissionsList(): void;
+    getVaultPermissionsList(): Array<string>;
+    setVaultPermissionsList(value: Array<string>): List;
+    addVaultPermissions(value: string, index?: number): string;
 
     serializeBinary(): Uint8Array;
     toObject(includeInstance?: boolean): List.AsObject;
@@ -48,6 +52,7 @@ export namespace List {
     export type AsObject = {
         vaultName: string,
         vaultId: string,
+        vaultPermissionsList: Array<string>,
     }
 }
 

src/proto/js/polykey/v1/vaults/vaults_pb.js

@@ -70,7 +70,7 @@ if (goog.DEBUG && !COMPILED) {
  * @constructor
  */
 proto.polykey.v1.vaults.List = function(opt_data) {
-  jspb.Message.initialize(this, opt_data, 0, -1, null, null);
+  jspb.Message.initialize(this, opt_data, 0, -1, proto.polykey.v1.vaults.List.repeatedFields_, null);
 };
 goog.inherits(proto.polykey.v1.vaults.List, jspb.Message);
 if (goog.DEBUG && !COMPILED) {
@@ -589,6 +589,13 @@ proto.polykey.v1.vaults.Vault.prototype.setNameOrId = function(value) {
 
 
 
+/**
+ * List of repeated fields within this message type.
+ * @private {!Array<number>}
+ * @const
+ */
+proto.polykey.v1.vaults.List.repeatedFields_ = [3];
+
 
 
 if (jspb.Message.GENERATE_TO_OBJECT) {
@@ -621,7 +628,8 @@ proto.polykey.v1.vaults.List.prototype.toObject = function(opt_includeInstance)
 proto.polykey.v1.vaults.List.toObject = function(includeInstance, msg) {
   var f, obj = {
     vaultName: jspb.Message.getFieldWithDefault(msg, 1, ""),
-    vaultId: jspb.Message.getFieldWithDefault(msg, 2, "")
+    vaultId: jspb.Message.getFieldWithDefault(msg, 2, ""),
+    vaultPermissionsList: (f = jspb.Message.getRepeatedField(msg, 3)) == null ? undefined : f
   };
 
   if (includeInstance) {
@@ -666,6 +674,10 @@ proto.polykey.v1.vaults.List.deserializeBinaryFromReader = function(msg, reader)
       var value = /** @type {string} */ (reader.readString());
       msg.setVaultId(value);
       break;
+    case 3:
+      var value = /** @type {string} */ (reader.readString());
+      msg.addVaultPermissions(value);
+      break;
     default:
       reader.skipField();
       break;
@@ -709,6 +721,13 @@ proto.polykey.v1.vaults.List.serializeBinaryToWriter = function(message, writer)
       f
     );
   }
+  f = message.getVaultPermissionsList();
+  if (f.length > 0) {
+    writer.writeRepeatedString(
+      3,
+      f
+    );
+  }
 };
 
 
@@ -748,6 +767,43 @@ proto.polykey.v1.vaults.List.prototype.setVaultId = function(value) {
 };
 
 
+/**
+ * repeated string vault_permissions = 3;
+ * @return {!Array<string>}
+ */
+proto.polykey.v1.vaults.List.prototype.getVaultPermissionsList = function() {
+  return /** @type {!Array<string>} */ (jspb.Message.getRepeatedField(this, 3));
+};
+
+
+/**
+ * @param {!Array<string>} value
+ * @return {!proto.polykey.v1.vaults.List} returns this
+ */
+proto.polykey.v1.vaults.List.prototype.setVaultPermissionsList = function(value) {
+  return jspb.Message.setField(this, 3, value || []);
+};
+
+
+/**
+ * @param {string} value
+ * @param {number=} opt_index
+ * @return {!proto.polykey.v1.vaults.List} returns this
+ */
+proto.polykey.v1.vaults.List.prototype.addVaultPermissions = function(value, opt_index) {
+  return jspb.Message.addToRepeatedField(this, 3, value, opt_index);
+};
+
+
+/**
+ * Clears the list making it empty but non-null.
+ * @return {!proto.polykey.v1.vaults.List} returns this
+ */
+proto.polykey.v1.vaults.List.prototype.clearVaultPermissionsList = function() {
+  return this.setVaultPermissionsList([]);
+};
+
+
 
 
 

src/proto/schemas/polykey/v1/agent_service.proto

@@ -15,7 +15,7 @@ service AgentService {
   // Vaults
   rpc VaultsGitInfoGet (polykey.v1.vaults.InfoRequest) returns (stream polykey.v1.vaults.PackChunk);
   rpc VaultsGitPackGet(stream polykey.v1.vaults.PackChunk) returns (stream polykey.v1.vaults.PackChunk);
-  rpc VaultsScan (polykey.v1.nodes.Node) returns (stream polykey.v1.vaults.List);
+  rpc VaultsScan (polykey.v1.utils.EmptyMessage) returns (stream polykey.v1.vaults.List);
 
   // Nodes
   rpc NodesClosestLocalNodesGet (polykey.v1.nodes.Node) returns (polykey.v1.nodes.NodeTable);

src/proto/schemas/polykey/v1/vaults/vaults.proto

@@ -17,6 +17,7 @@ message Vault {
 message List {
   string vault_name = 1;
   string vault_id = 2;
+  repeated string vault_permissions = 3;
 }
 
 message Rename {