Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hidden state in Authorizer #194

Open
divarvel opened this issue Oct 30, 2023 · 1 comment
Open

Hidden state in Authorizer #194

divarvel opened this issue Oct 30, 2023 · 1 comment

Comments

@divarvel
Copy link
Collaborator

divarvel commented Oct 30, 2023
edited
Loading

An Authorizer value wraps a datalog::World value, which contains facts and rules used for datalog evaluation. The Authorizer struct also contains an (optional) Vec<Block> representing a token (it is optional because an Authorizer can be created without a token. It also contains a BlockBuilder which contains facts, rules and checks added to the authorizer, as well as a Vec<Policy> containing policies added to the authorizer.

After calling authorize(), the World value contains facts from the token blocks, facts from the authorizer block builder and facts generated by rules.

The issue is that the World value does not always contain facts and rules from the authorizer builder:

  • when adding a token to an authorizer, all facts and rules are loaded in the World
  • when adding a fact or rule to an authorizer, it is added to the BlockBuilder but not the world
  • when calling authorize(), facts and rules from the BlockBuilder are copied to the world, and datalog generation is run
  • when calling query on Authorizer, datalog generation is automatically run on the current state of World (authorizer facts are not taken into account unless authorize() has been called first)

So, depending on whether authorize() and query() have been called, the authorizer world can be in various states:

  • no authorizer facts or rules, no generated facts at all
  • no authorizer facts or rules, but facts generated from the token contents
  • authorizer facts or rules, and facts generated from both the token contents and the authorizer
  • authorizer snapshots take a faithful copy of the inner World value, but only for facts. So taking a snapshot from an authorizer and then re-creating an authorizer from the snapshot will result in an authorizer with no authorizer rules in the datalog world

this makes relying on World contents tricky.

Open questions:

  • what should query() return? would it be possible to avoid running datalog generation in query if we can ensure it's done elsewhere?
  • would it be possible to keep the World value in sync with the BlockBuilder. what would be the cost?
  • does it make sense to continue adding facts and rules to an Authorizer after having called authorize()?

This affects #192 and #193
@divarvel divarvel mentioned this issue Oct 31, 2023
Merged
@divarvel
Copy link
Collaborator Author

divarvel commented Oct 31, 2023
edited
Loading

after thinking things through and experimenting, here's what I think:

  • the datalog world should always be up-to-date wrt facts and rules from the token and authorizer blocks (this might be a bit tricky to do because of the optional scope annotation for the whole authorizer block)
  • datalog generation should be available as an explicit method
  • datalog generation should stay explicit since it is a costly operation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@divarvel