added versionning support in entity util

narval-xyz · Nov 4, 2024 · 19c08e5 · 19c08e5
1 parent 467a122
commit 19c08e5
Show file tree

Hide file tree

Showing 32 changed files with 618 additions and 262 deletions.
diff --git a/apps/armory/src/managed-data-store/__test__/e2e/data-store.spec.ts b/apps/armory/src/managed-data-store/__test__/e2e/data-store.spec.ts
@@ -81,7 +81,7 @@ describe('Data Store', () => {
 
   const buildEntityStore = async (clientId: string, privateKey: Jwk): Promise<EntityStore> => {
     const entities: Entities = {
-      ...EntityUtil.empty(),
+      ...EntityUtil.emptyV2(),
       users: [
         {
           id: 'test-user-id',
@@ -263,7 +263,7 @@ describe('Data Store', () => {
 
       expect(body).toEqual({
         entity: {
-          data: EntityUtil.empty(),
+          data: EntityUtil.emptyV2(),
           signature: ''
         }
       })

diff --git a/apps/armory/src/managed-data-store/http/rest/controller/data-store.controller.ts b/apps/armory/src/managed-data-store/http/rest/controller/data-store.controller.ts
@@ -43,7 +43,7 @@ export class DataStoreController {
 
     return {
       entity: {
-        data: EntityUtil.empty(),
+        data: EntityUtil.populate({}),
         signature: ''
       }
     }

diff --git a/apps/devtool/src/app/api/data-store/example.json b/apps/devtool/src/app/api/data-store/example.json
@@ -40,7 +40,6 @@
       ],
       "tokens": [],
       "userGroupMembers": [],
-      "userGroups": [],
       "userAccounts": [
         {
           "userId": "61e775a9-5f68-41ab-a775-5806845e6e72",
@@ -62,7 +61,7 @@
         }
       ],
       "accountGroupMembers": [],
-      "accountGroups": [],
+      "groups": [],
       "accounts": [
         {
           "id": "eip155:eoa:0x494042504a8148a6d00ab10ed26043f5579ce00f",

diff --git a/apps/devtool/src/app/entity-manager/_components/EntityManager.tsx b/apps/devtool/src/app/entity-manager/_components/EntityManager.tsx
@@ -94,7 +94,7 @@ export default function EntityManager() {
   } = useDataStoreApi()
 
   const [view, setView] = useState(View.ENTITY)
-  const [entities, setEntities] = useState<Entities>(EntityUtil.empty())
+  const [entities, setEntities] = useState<Entities>(EntityUtil.populate({}))
   const [errors, setErrors] = useState<string[]>([])
 
   const [entityStoreHash, setEntityStoreHash] = useState('')

diff --git a/apps/policy-engine/src/engine/core/service/__test__/integration/data-store.service.spec.ts b/apps/policy-engine/src/engine/core/service/__test__/integration/data-store.service.spec.ts
@@ -1,5 +1,6 @@
 import { HttpModule, LoggerModule } from '@narval/nestjs-shared'
 import {
+  Entities,
   EntityData,
   EntitySignature,
   EntityStore,
@@ -186,7 +187,8 @@ describe(DataStoreService.name, () => {
           id: '1'
         }
       ]
-      const entities = {
+      const entities: Entities = {
+        version: '2',
         groups: duplicateGroups,
         addressBook: [],
         credentials: [],
@@ -231,7 +233,7 @@ describe(DataStoreService.name, () => {
 
     it('throws DataStoreException when entity signature is invalid', async () => {
       const entityStoreOne = await getEntityStore(FIXTURE.ENTITIES, privateKey)
-      const entityStoreTwo = await getEntityStore(EntityUtil.empty(), privateKey)
+      const entityStoreTwo = await getEntityStore(EntityUtil.emptyV2(), privateKey)
 
       await testThrowDataStoreException({
         stores: {
@@ -290,7 +292,7 @@ describe(DataStoreService.name, () => {
 
     it('returns error when signature mismatch', async () => {
       const entityStoreOne = await getEntityStore(FIXTURE.ENTITIES, privateKey)
-      const entityStoreTwo = await getEntityStore(EntityUtil.empty(), privateKey)
+      const entityStoreTwo = await getEntityStore(EntityUtil.emptyV2(), privateKey)
 
       const verification = await service.verifySignature({
         data: entityStoreOne.data,

diff --git a/apps/policy-engine/src/open-policy-agent/core/__test__/unit/open-policy-agent.engine.spec.ts b/apps/policy-engine/src/open-policy-agent/core/__test__/unit/open-policy-agent.engine.spec.ts
@@ -69,6 +69,7 @@ describe('OpenPolicyAgentEngine', () => {
 
       expect(e.getPolicies()).toEqual([])
       expect(e.getEntities()).toEqual({
+        version: '2',
         addressBook: [],
         credentials: [],
         tokens: [],
@@ -409,6 +410,7 @@ describe('OpenPolicyAgentEngine', () => {
       // copy-pasteable as the actual JSON, so it can be e2e tested outside
       // this unit test.
       const entities: Entities = {
+        version: '2',
         addressBook: [
           {
             id: 'eip155:1:0x9f38879167acCf7401351027EE3f9247A71cd0c5',

diff --git a/apps/policy-engine/src/open-policy-agent/core/open-policy-agent.engine.ts b/apps/policy-engine/src/open-policy-agent/core/open-policy-agent.engine.ts
@@ -42,7 +42,7 @@ export class OpenPolicyAgentEngine implements Engine<OpenPolicyAgentEngine> {
 
   static empty(params: { resourcePath: string }): OpenPolicyAgentEngine {
     return new OpenPolicyAgentEngine({
-      entities: EntityUtil.empty(),
+      entities: EntityUtil.populate({}),
       policies: [],
       resourcePath: params.resourcePath
     })

diff --git a/apps/policy-engine/src/open-policy-agent/core/util/__test__/unit/evaluation.util.spec.ts b/apps/policy-engine/src/open-policy-agent/core/util/__test__/unit/evaluation.util.spec.ts
@@ -1,5 +1,6 @@
 import {
   Action,
+  EntitiesV,
   EvaluationRequest,
   FIXTURE,
   GrantPermissionAction,
@@ -360,5 +361,58 @@ describe('toData', () => {
         )
       })
     })
+
+    it('indexes groups with members from deprecated schema by lower case id', () => {
+      const { groups: _groups, version: _version, ...otherEntities } = FIXTURE.ENTITIES
+      const deprecatedEntities: EntitiesV<'1'> = {
+        ...otherEntities,
+        accountGroups: [{ id: 'test-engineering-account-group-uid' }, { id: 'test-treasury-account-group-uid' }],
+        userGroups: [{ id: 'test-engineering-user-group-uid' }, { id: 'test-treasury-user-group-uid' }],
+        accountGroupMembers: [
+          {
+            accountId: FIXTURE.ACCOUNT.Engineering.id,
+            groupId: 'test-engineering-account-group-uid'
+          },
+          {
+            accountId: FIXTURE.ACCOUNT.Treasury.id,
+            groupId: 'test-treasury-account-group-uid'
+          }
+        ],
+        userGroupMembers: [
+          {
+            userId: FIXTURE.USER.Alice.id,
+            groupId: 'test-engineering-user-group-uid'
+          },
+          {
+            userId: FIXTURE.USER.Bob.id,
+            groupId: 'test-treasury-user-group-uid'
+          }
+        ]
+      }
+
+      const { entities } = toData(deprecatedEntities)
+      expect(entities.groups).toEqual({
+        'test-engineering-user-group-uid': {
+          id: 'test-engineering-user-group-uid',
+          users: [FIXTURE.USER.Alice.id],
+          accounts: []
+        },
+        'test-treasury-user-group-uid': {
+          id: 'test-treasury-user-group-uid',
+          users: [FIXTURE.USER.Bob.id],
+          accounts: []
+        },
+        'test-engineering-account-group-uid': {
+          id: 'test-engineering-account-group-uid',
+          users: [],
+          accounts: [FIXTURE.ACCOUNT.Engineering.id.toLowerCase()]
+        },
+        'test-treasury-account-group-uid': {
+          id: 'test-treasury-account-group-uid',
+          users: [],
+          accounts: [FIXTURE.ACCOUNT.Treasury.id.toLowerCase()]
+        }
+      })
+    })
   })
 })
diff --git a/packages/armory-e2e-testing/src/__test__/e2e/criterion/check-approvals.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/criterion/check-approvals.spec.ts
@@ -1,6 +1,6 @@
 import { Action, Decision, entitiesSchema, FIXTURE, Request } from '@narval/policy-engine-shared'
 import { v4 } from 'uuid'
-import defaultEntities from '../../../resource/entity/test.default.json'
+import defaultEntities from '../../../resource/entity/test.v2.default.json'
 import twoAdminApproval from '../../../resource/policy/checkApprovals/2-admin-approval-required.json'
 import adminApproval from '../../../resource/policy/checkApprovals/admin-approval-required.json'
 import adminPermitAll from '../../../resource/policy/checkPrincipalRole/admin-permit-all.json'

diff --git a/packages/armory-e2e-testing/src/__test__/e2e/criterion/check-rate-limit.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/criterion/check-rate-limit.spec.ts
@@ -1,6 +1,6 @@
 import { Action, entitiesSchema, FIXTURE, Request } from '@narval/policy-engine-shared'
 import { v4 } from 'uuid'
-import defaultEntities from '../../../resource/entity/test.default.json'
+import defaultEntities from '../../../resource/entity/test.v2.default.json'
 import adminPermitAll from '../../../resource/policy/checkPrincipalRole/admin-permit-all.json'
 import memberTwoTransferPerDay from '../../../resource/policy/checkRateLimit/members-2-transfer-per-day.json'
 import {

diff --git a/packages/armory-e2e-testing/src/__test__/e2e/criterion/check-spending-limit.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/criterion/check-spending-limit.spec.ts
@@ -1,6 +1,6 @@
 import { Action, entitiesSchema, FIXTURE, Request } from '@narval/policy-engine-shared'
 import { v4 } from 'uuid'
-import defaultEntities from '../../../resource/entity/test.default.json'
+import defaultEntities from '../../../resource/entity/test.v2.default.json'
 import adminPermitAll from '../../../resource/policy/checkPrincipalRole/admin-permit-all.json'
 import treasuryMemberCanTransferOneEthFixed from '../../../resource/policy/checkSpendingLimit/treasury-groupMember-can-transfer-1-eth-fixed.json'
 import treasuryMemberCanTransferOneEthRolling from '../../../resource/policy/checkSpendingLimit/treasury-groupMember-can-transfer-1-eth-rolling.json'

diff --git a/packages/armory-e2e-testing/src/__test__/e2e/scenarii/address-book-management.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/scenarii/address-book-management.spec.ts
@@ -11,7 +11,7 @@ import { AddressBookAddresses } from 'packages/policy-engine-shared/src/lib/dev.
 import { v4 } from 'uuid'
 import { Hex } from 'viem'
 import { generatePrivateKey, privateKeyToAccount } from 'viem/accounts'
-import defaultEntities from '../../../resource/entity/test.default.json'
+import defaultEntities from '../../../resource/entity/test.v2.default.json'
 import addressBookAndRoles from '../../../resource/policy/set/address-book-and-roles.json'
 import { buildAuthClient, createClient, saveDataStore } from '../../../util/setup'
 

diff --git a/packages/armory-e2e-testing/src/__test__/e2e/scenarii/approvals-and-spending-limit.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/scenarii/approvals-and-spending-limit.spec.ts
@@ -1,7 +1,7 @@
 /* eslint-disable jest/consistent-test-it */
 import { Action, Decision, entitiesSchema, FIXTURE, policySchema, Request } from '@narval/policy-engine-shared'
 import { v4 } from 'uuid'
-import defaultEntities from '../../../resource/entity/test.default.json'
+import defaultEntities from '../../../resource/entity/test.v2.default.json'
 import approvalsAndSpendingLimit from '../../../resource/policy/set/approvals-and-spending-limit.json'
 import { buildAuthClient, createClient, saveDataStore } from '../../../util/setup'
 

diff --git a/packages/armory-e2e-testing/src/__test__/e2e/scenarii/defi-interactions.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/scenarii/defi-interactions.spec.ts
@@ -2,10 +2,10 @@ import {
   Action,
   Eip712Domain,
   Eip712TypedData,
-  entitiesSchema,
   FIXTURE,
-  policySchema,
-  Request
+  Request,
+  entitiesSchema,
+  policySchema
 } from '@narval/policy-engine-shared'
 import { v4 } from 'uuid'
 import defiEntities from '../../../resource/entity/defi-interaction.json'
@@ -20,6 +20,7 @@ const systemManagerHexPk = FIXTURE.UNSAFE_PRIVATE_KEY.Root
 
 const getAuthHost = () => 'http://localhost:3005'
 const getAuthAdminApiKey = () => 'armory-admin-api-key'
+
 const ericPrivateKey = FIXTURE.UNSAFE_PRIVATE_KEY.Eric
 
 const genNonce = (request: Request) => ({ ...request, nonce: `${request.nonce}-${v4()}` })

diff --git a/packages/armory-e2e-testing/src/__test__/e2e/scenarii/tiered-eth-transfer-policy.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/scenarii/tiered-eth-transfer-policy.spec.ts
@@ -1,7 +1,7 @@
 /* eslint-disable jest/consistent-test-it */
 import { Action, Decision, entitiesSchema, FIXTURE, policySchema, Request, toHex } from '@narval/policy-engine-shared'
 import { v4 } from 'uuid'
-import defaultEntities from '../../../resource/entity/test.default.json'
+import defaultEntities from '../../../resource/entity/test.v2.default.json'
 import tieredEthTransfer from '../../../resource/policy/set/tiered-eth-transfer.json'
 import { buildAuthClient, createClient, saveDataStore } from '../../../util/setup'
 

diff --git a/packages/armory-e2e-testing/src/__test__/e2e/scenarii/user-journeys.spec.ts b/packages/armory-e2e-testing/src/__test__/e2e/scenarii/user-journeys.spec.ts
@@ -26,7 +26,7 @@ import {
   CreateAuthorizationRequest,
   Criterion,
   Decision,
-  Entities,
+  EntitiesV,
   EntityUtil,
   Policy,
   Then,
@@ -45,7 +45,6 @@ import {
 import { format } from 'date-fns'
 import { v4 as uuid } from 'uuid'
 import { english, generateMnemonic, generatePrivateKey, privateKeyToAccount } from 'viem/accounts'
-import { Origin } from '../../../../../../apps/vault/src/shared/type/domain.type'
 
 const TEST_TIMEOUT_MS = 30_000
 
@@ -111,7 +110,8 @@ describe('User Journeys', () => {
     role: UserRole.ADMIN
   }
 
-  const entities: Partial<Entities> = {
+  const entities: Partial<EntitiesV<'2'>> = {
+    version: '2',
     users: [user],
     credentials: [credential(user, userPublicKey)],
     accounts: [account]
@@ -260,7 +260,7 @@ describe('User Journeys', () => {
       let dataStoreConfig: DataStoreConfig
       let entityStoreClient: EntityStoreClient
 
-      const fullEntities: Entities = { ...EntityUtil.empty(), ...entities }
+      const fullEntities = EntityUtil.populate(entities)
 
       beforeEach(async () => {
         dataStoreConfig = {
@@ -318,7 +318,7 @@ describe('User Journeys', () => {
         expect(store).toEqual({
           entity: {
             data: {
-              ...EntityUtil.empty(),
+              ...EntityUtil.populate(entities),
               ...entities
             },
             signature
@@ -339,7 +339,7 @@ describe('User Journeys', () => {
         expect(store).toEqual({
           entity: {
             data: {
-              ...EntityUtil.empty(),
+              ...EntityUtil.populate(entities),
               ...entities
             },
             signature
@@ -576,7 +576,7 @@ describe('User Journeys', () => {
           id: account.id,
           address: account.address,
           publicKey: viemAccount.publicKey,
-          origin: Origin.IMPORTED
+          origin: 'IMPORTED'
         })
       })
 

diff --git a/packages/armory-e2e-testing/src/resource/entity/defi-interaction.json b/packages/armory-e2e-testing/src/resource/entity/defi-interaction.json
@@ -230,22 +230,30 @@
   ],
   "userGroupMembers": [
     {
-      "groupId": "uniswap-trading",
+      "groupId": "uniswap-traders",
       "userId": "test-eric-user-uid"
     },
     {
-      "groupId": "uniswap-trading",
+      "groupId": "uniswap-traders",
       "userId": "test-bob-user-uid"
     },
     {
-      "groupId": "test-treasury-group-uid",
+      "groupId": "treasury-managers",
       "userId": "test-dave-user-uid"
     },
     {
-      "groupId": "test-treasury-group-uid",
+      "groupId": "treasury-managers",
       "userId": "test-carol-user-uid"
     }
   ],
+  "userGroups": [
+    {
+      "id": "uniswap-traders"
+    },
+    {
+      "id": "treasury-managers"
+    }
+  ],
   "userAccounts": [
     {
       "accountId": "eip155:eoa:0x76d1b7f9b3F69C435eeF76a98A415332084A856F",
@@ -292,28 +300,28 @@
   ],
   "accountGroupMembers": [
     {
-      "groupId": "uniswap-trading",
+      "groupId": "uniswap-trading-accounts",
       "accountId": "eip155:eoa:0x9f38879167acCf7401351027EE3f9247A71cd0c5"
     },
     {
-      "groupId": "uniswap-trading",
+      "groupId": "uniswap-trading-accounts",
       "accountId": "eip155:eoa:0x0f610AC9F0091f8F573c33f15155afE8aD747495"
     },
     {
-      "groupId": "test-treasury-group-uid",
+      "groupId": "test-treasury-account-group-uid",
       "accountId": "eip155:eoa:0x0301e2724a40E934Cce3345928b88956901aA127"
     },
     {
-      "groupId": "test-treasury-group-uid",
+      "groupId": "test-treasury-account-group-uid",
       "accountId": "eip155:eoa:0x76d1b7f9b3F69C435eeF76a98A415332084A856F"
     }
   ],
-  "groups": [
+  "accountGroups": [
     {
-      "id": "uniswap-trading"
+      "id": "uniswap-trading-accounts"
     },
     {
-      "id": "test-treasury-group-uid"
+      "id": "test-treasury-account-group-uid"
     }
   ],
   "accounts": [

diff --git a/packages/armory-e2e-testing/src/resource/entity/test.v1.default.json b/packages/armory-e2e-testing/src/resource/entity/test.v1.default.json
diff --git a/...ing/src/resource/entity/test.default.json → .../src/resource/entity/test.v2.default.json b/...ing/src/resource/entity/test.default.json → .../src/resource/entity/test.v2.default.json
@@ -1,4 +1,5 @@
 {
+  "version": "2",
   "addressBook": [
     {
       "id": "eip155:1:0x1118ee1cbaa1856f4550c6fc24abb16c5c9b2a43",