Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[venus-auth] remove perm adapt strategy / 删除venus auth中所有关于权限兼容的代码 #5702

Closed
1 of 11 tasks
hunjixin opened this issue Feb 8, 2023 · 2 comments · Fixed by ipfs-force-community/sophon-auth#164
Closed
1 of 11 tasks

[venus-auth] remove perm adapt strategy / 删除venus auth中所有关于权限兼容的代码 #5702

hunjixin opened this issue Feb 8, 2023 · 2 comments · Fixed by ipfs-force-community/sophon-auth#164
Assignees
@simlecode
Labels
C-enhancement Category: feature enhancement C-need-testing Category: Venus testing related P2 Medium - we should get to this soon V-venus-auth
Milestone
Sophon v1.12.0 / ...

Comments

@hunjixin
Copy link
Contributor

hunjixin commented Feb 8, 2023

链服务模块 / Chain Service Components

  • venus
  • venus-auth
  • venus-gateway
  • venus-messager
  • venus-miner
  • 文档 / docs

订单服务模块 / Deal Service Components

  • venus-market
  • 文档 / docs

算力服务模块 / Storage Power Service Components

  • venus-sector-manager
  • venus-worker
  • 文档 / docs

描述 / Description

目前在token验证这一块已经不需要和lotus保持兼容,因此关于权限这块的逻辑可以进行一定程度的简化

venus-auth中关于

func (c *jwtAuthClient) Verify(ctx context.Context, token string) ([]auth.Permission, error) {
	res, err := c.AuthClient.Verify(ctx, token)
	if err != nil {
		return nil, err
	}
	jwtPerms := core.AdaptOldStrategy(res.Perm)
	perms := make([]auth.Permission, len(jwtPerms))
	copy(perms, jwtPerms)
	return perms, nil
}

这里仅需要返回获取到的一个permission即可,无需返回多个兼容的接口。

func WithPerm(ctx context.Context, perms []Permission) context.Context {
	return context.WithValue(ctx, permCtxKey, perms)
}

这里仅需要传入一个从token中解析出来的permission即可

func HasPerm(ctx context.Context, defaultPerms []Permission, perm Permission) bool {
	callerPerms, ok := ctx.Value(permCtxKey).([]Permission)
	if !ok {
		callerPerms = defaultPerms
	}

	for _, callerPerm := range callerPerms {
		if callerPerm == perm {
			return true
		}
	}
	return false
}

吧原来perm adapt的逻辑移动到这里,同意进行权限检查即可。

用途:1)简化代码 2)避免使用客户端的人必须进行rpc库替换

兼容性:因为不涉及到通讯协议的改变,兼容性应当没有问题
@hunjixin hunjixin added C-enhancement Category: feature enhancement P2 Medium - we should get to this soon C-need-testing Category: Venus testing related V-venus-auth labels Feb 8, 2023
@hunjixin
Copy link
Contributor Author

hunjixin commented Feb 8, 2023

@simlecode 请复核

@hunjixin
Copy link
Contributor Author

hunjixin commented Feb 8, 2023

测试部分:

  1. 在老的集群中,替换部分组件不影响工作,验证兼容性问题
  2. 替换完成后各组件能正常验证访问

@simlecode simlecode changed the title [venus-aut] remove perm adapt strategy / 删除venus auth中所有关于权限兼容的代码 [venus-auth] remove perm adapt strategy / 删除venus auth中所有关于权限兼容的代码 Mar 13, 2023
@simlecode simlecode self-assigned this May 8, 2023
@simlecode simlecode moved this to In Progress in Venus Project May 10, 2023
This was referenced May 10, 2023
Merged
Merged
Merged
Merged
Merged
@github-project-automation github-project-automation bot moved this from In Progress to Done in Venus Project May 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simlecode simlecode

Labels
C-enhancement Category: feature enhancement C-need-testing Category: Venus testing related P2 Medium - we should get to this soon V-venus-auth
Projects
Venus Project
Status: Done
Milestone
Sophon v1.12.0 / 智子 v1.12.0
Development

Successfully merging a pull request may close this issue.

opt: remove perm adapt strategy ipfs-force-community/sophon-auth
3 participants
@Fatman13 @hunjixin @simlecode