Skip to content

Commit

Permalink
enable delegated agent to update object
Browse files Browse the repository at this point in the history
  • Loading branch information
alexgao001 committed Feb 29, 2024
1 parent b1af560 commit bd63877
Show file tree
Hide file tree
Showing 13 changed files with 2,216 additions and 705 deletions.
3 changes: 3 additions & 0 deletions app/upgrade.go
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,9 @@ func (app *App) registerPawneeUpgradeHandler() {
// todo
app.GashubKeeper.SetMsgGasParams(ctx, *gashubtypes.NewMsgGasParamsWithFixedGas(sdk.MsgTypeURL(&storagemoduletypes.MsgUpdateDelegatedAgent{}), 1.2e3))
app.GashubKeeper.SetMsgGasParams(ctx, *gashubtypes.NewMsgGasParamsWithFixedGas(sdk.MsgTypeURL(&storagemoduletypes.MsgDelegateCreateObject{}), 1.2e3))
app.GashubKeeper.SetMsgGasParams(ctx, *gashubtypes.NewMsgGasParamsWithFixedGas(sdk.MsgTypeURL(&storagemoduletypes.MsgDelegateUpdateObjectContent{}), 1.2e3))
app.GashubKeeper.SetMsgGasParams(ctx, *gashubtypes.NewMsgGasParamsWithFixedGas(sdk.MsgTypeURL(&storagemoduletypes.MsgSealObjectV2{}), 1.2e3))

return app.mm.RunMigrations(ctx, app.configurator, fromVM)
})

Expand Down
67 changes: 65 additions & 2 deletions e2e/tests/storage_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -2537,12 +2537,16 @@ func (s *StorageTestSuite) TestCreateObjectByDelegatedAgents() {
s.SendTxBlockWithExpectErrorString(msgDelegateCreateObject, sp.OperatorKey, "has no CreateObject permission of the bucket")

statement := &permissiontypes.Statement{
Actions: []permissiontypes.ActionType{permissiontypes.ACTION_CREATE_OBJECT},
Effect: permissiontypes.EFFECT_ALLOW,
Actions: []permissiontypes.ActionType{permissiontypes.ACTION_CREATE_OBJECT, permissiontypes.ACTION_UPDATE_OBJECT_CONTENT},
Effect: permissiontypes.EFFECT_ALLOW,
Resources: []string{fmt.Sprintf("grn:o::%s/*", bucketName)},
}

principal := permissiontypes.NewPrincipalWithAccount(user.GetAddr())
msgPutPolicy := storagetypes.NewMsgPutPolicy(bucketOwner.GetAddr(), types2.NewBucketGRN(bucketName).String(),
principal, []*permissiontypes.Statement{statement}, nil)
fmt.Println(types2.NewBucketGRN(bucketName).String())

s.SendTxBlock(bucketOwner, msgPutPolicy)

s.SendTxBlock(sp.OperatorKey, msgDelegateCreateObject)
Expand All @@ -2558,4 +2562,63 @@ func (s *StorageTestSuite) TestCreateObjectByDelegatedAgents() {
s.Require().Equal(bucketOwner.GetAddr().String(), headObjectResp.ObjectInfo.Owner)
s.Require().Equal(0, len(headObjectResp.ObjectInfo.Checksums))

// SP seal object, and update the object checksum
checksum := sdk.Keccak256(buffer.Bytes())
expectChecksum := [][]byte{checksum, checksum, checksum, checksum, checksum, checksum, checksum}

gvgId := gvg.Id
msgSealObject := storagetypes.NewMsgSealObjectV2(sp.SealKey.GetAddr(), bucketName, objectName, gvg.Id, nil, expectChecksum)
secondarySigs := make([][]byte, 0)
secondarySPBlsPubKeys := make([]bls.PublicKey, 0)
blsSignHash := storagetypes.NewSecondarySpSealObjectSignDoc(s.GetChainID(), gvgId, headObjectResp.ObjectInfo.Id, storagetypes.GenerateHash(expectChecksum[:])).GetBlsSignHash()
// every secondary sp signs the checksums
for _, spID := range gvg.SecondarySpIds {
sig, err := core.BlsSignAndVerify(s.StorageProviders[spID], blsSignHash)
s.Require().NoError(err)
secondarySigs = append(secondarySigs, sig)
pk, err := bls.PublicKeyFromBytes(s.StorageProviders[spID].BlsKey.PubKey().Bytes())
s.Require().NoError(err)
secondarySPBlsPubKeys = append(secondarySPBlsPubKeys, pk)
}
aggBlsSig, err := core.BlsAggregateAndVerify(secondarySPBlsPubKeys, blsSignHash, secondarySigs)
s.Require().NoError(err)
msgSealObject.SecondarySpBlsAggSignatures = aggBlsSig
s.T().Logf("msg %s", msgSealObject.String())
s.SendTxBlock(sp.SealKey, msgSealObject)

headObjectResp, err = s.Client.HeadObject(ctx, &headObjectReq)
s.Require().NoError(err)
s.Require().Equal(objectName, headObjectResp.ObjectInfo.ObjectName)
s.Require().Equal(user.GetAddr().String(), headObjectResp.ObjectInfo.Creator)
s.Require().Equal(bucketOwner.GetAddr().String(), headObjectResp.ObjectInfo.Owner)
s.Require().Equal(expectChecksum, headObjectResp.ObjectInfo.Checksums)

// delegate update
var newBuffer bytes.Buffer
for i := 0; i < 2048; i++ {
newBuffer.WriteString(fmt.Sprintf("[%05d] %s\n", i, line))
}
newPayloadSize := uint64(newBuffer.Len())
newChecksum := sdk.Keccak256(newBuffer.Bytes())
newExpectChecksum := [][]byte{newChecksum, newChecksum, newChecksum, newChecksum, newChecksum, newChecksum, newChecksum}

msgUpdateObject := storagetypes.NewMsgDelegateUpdateObjectContent(sp.OperatorKey.GetAddr(),
user.GetAddr(), bucketName, objectName, newPayloadSize, nil)
s.SendTxBlock(sp.OperatorKey, msgUpdateObject)
s.T().Logf("msgUpdateObject %s", msgUpdateObject.String())

// every secondary sp signs the checksums
newSecondarySigs := make([][]byte, 0)
newBlsSignHash := storagetypes.NewSecondarySpSealObjectSignDoc(s.GetChainID(), gvgId, headObjectResp.ObjectInfo.Id, storagetypes.GenerateHash(newExpectChecksum[:])).GetBlsSignHash()
for _, spID := range gvg.SecondarySpIds {
sig, err := core.BlsSignAndVerify(s.StorageProviders[spID], newBlsSignHash)
s.Require().NoError(err)
newSecondarySigs = append(newSecondarySigs, sig)
}
aggBlsSig, err = core.BlsAggregateAndVerify(secondarySPBlsPubKeys, newBlsSignHash, newSecondarySigs)
s.Require().NoError(err)
msgSealObject = storagetypes.NewMsgSealObjectV2(sp.SealKey.GetAddr(), bucketName, objectName, gvg.Id, nil, newExpectChecksum)
msgSealObject.SecondarySpBlsAggSignatures = aggBlsSig
s.T().Logf("msgSealObject %s", msgSealObject.String())
s.SendTxBlock(sp.SealKey, msgSealObject)
}
4 changes: 4 additions & 0 deletions proto/greenfield/storage/events.proto
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,10 @@ message EventSealObject {
uint32 global_virtual_group_id = 7;
// local_virtual_group_id defines the unique id of lvg which the object stored
uint32 local_virtual_group_id = 8;
// checksums define the total checksums of the object which generated by redundancy
// SP might set the checksum of object if it was delegated created by SP, which checksum
// will not be available until sealing object.
repeated bytes checksums = 9;
}

// EventCopyObject is emitted on MsgCopyObject
Expand Down
51 changes: 49 additions & 2 deletions proto/greenfield/storage/tx.proto
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ service Msg {
// basic operation of object
rpc CreateObject(MsgCreateObject) returns (MsgCreateObjectResponse);
rpc SealObject(MsgSealObject) returns (MsgSealObjectResponse);
rpc SealObjectV2(MsgSealObjectV2) returns (MsgSealObjectV2Response);
rpc RejectSealObject(MsgRejectSealObject) returns (MsgRejectSealObjectResponse);
rpc CopyObject(MsgCopyObject) returns (MsgCopyObjectResponse);
rpc DeleteObject(MsgDeleteObject) returns (MsgDeleteObjectResponse);
Expand All @@ -38,6 +39,7 @@ service Msg {
rpc UpdateObjectContent(MsgUpdateObjectContent) returns (MsgUpdateObjectContentResponse);
rpc CancelUpdateObjectContent(MsgCancelUpdateObjectContent) returns (MsgCancelUpdateObjectContentResponse);
rpc DelegateCreateObject(MsgDelegateCreateObject) returns (MsgDelegateCreateObjectResponse);
rpc DelegateUpdateObjectContent(MsgDelegateUpdateObjectContent) returns (MsgDelegateUpdateObjectContentResponse);

// basic operation of group
rpc CreateGroup(MsgCreateGroup) returns (MsgCreateGroupResponse);
Expand Down Expand Up @@ -192,6 +194,33 @@ message MsgSealObject {

message MsgSealObjectResponse {}

message MsgSealObjectV2 {
option (cosmos.msg.v1.signer) = "operator";

// operator defines the account address of primary SP
string operator = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];

// bucket_name defines the name of the bucket where the object is stored.
string bucket_name = 2;

// object_name defines the name of object to be sealed.
string object_name = 3;

// global_virtual_group_id defines the id of global virtual group
uint32 global_virtual_group_id = 4;

// secondary_sp_bls_agg_signatures defines the aggregate bls signature of the secondary sp that can
// acknowledge that the payload data has received and stored.
bytes secondary_sp_bls_agg_signatures = 5;

// (optional) checksums define the total checksums of the object which generated by redundancy
// SP might set the checksum of object if it was delegated created by SP, which checksum
// will not be available until sealing object.
repeated bytes expect_checksums = 6;
}

message MsgSealObjectV2Response {}

message MsgRejectSealObject {
option (cosmos.msg.v1.signer) = "operator";

Expand Down Expand Up @@ -714,6 +743,25 @@ message MsgDelegateCreateObjectResponse {
];
}

message MsgDelegateUpdateObjectContent {
option (cosmos.msg.v1.signer) = "operator";
// operator defines the account address of the operator, it is the delegated agent that allows to creat object under bucket.
string operator = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
// updater defines the account address of the object updater.
string updater = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"];
// bucket_name defines the name of the bucket where the object is stored.
string bucket_name = 3;
// object_name defines the name of object
string object_name = 4;
// payload_size defines size of the object's payload
uint64 payload_size = 5;
// content_type define the format of the object which should be a standard MIME type.
string content_type = 6;
// expect_checksums defines a list of hashes which was generate by redundancy algorithm.
repeated bytes expect_checksums = 7;
}

message MsgDelegateUpdateObjectContentResponse {}

message MsgUpdateDelegatedAgent {
option (cosmos.msg.v1.signer) = "operator";
Expand All @@ -728,5 +776,4 @@ message MsgUpdateDelegatedAgent {
repeated string agents_to_remove = 4 [(cosmos_proto.scalar) = "cosmos.AddressString"];
}

message MsgUpdateDelegatedAgentResponse {
}
message MsgUpdateDelegatedAgentResponse {}
43 changes: 23 additions & 20 deletions x/permission/types/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,37 +28,40 @@ var (
ACTION_UPDATE_BUCKET_INFO: true,
ACTION_DELETE_BUCKET: true,

ACTION_CREATE_OBJECT: true,
ACTION_DELETE_OBJECT: true,
ACTION_GET_OBJECT: true,
ACTION_COPY_OBJECT: true,
ACTION_EXECUTE_OBJECT: true,
ACTION_LIST_OBJECT: true,
ACTION_CREATE_OBJECT: true,
ACTION_DELETE_OBJECT: true,
ACTION_GET_OBJECT: true,
ACTION_COPY_OBJECT: true,
ACTION_EXECUTE_OBJECT: true,
ACTION_LIST_OBJECT: true,
ACTION_UPDATE_OBJECT_CONTENT: true,

ACTION_TYPE_ALL: true,
}
BucketAllowedActionsAfterPampas = map[ActionType]bool{
ACTION_UPDATE_BUCKET_INFO: true,
ACTION_DELETE_BUCKET: true,

ACTION_CREATE_OBJECT: true,
ACTION_DELETE_OBJECT: true,
ACTION_GET_OBJECT: true,
ACTION_COPY_OBJECT: true,
ACTION_EXECUTE_OBJECT: true,
ACTION_LIST_OBJECT: true,
ACTION_UPDATE_OBJECT_INFO: true,
ACTION_CREATE_OBJECT: true,
ACTION_DELETE_OBJECT: true,
ACTION_GET_OBJECT: true,
ACTION_COPY_OBJECT: true,
ACTION_EXECUTE_OBJECT: true,
ACTION_LIST_OBJECT: true,
ACTION_UPDATE_OBJECT_INFO: true,
ACTION_UPDATE_OBJECT_CONTENT: true,

ACTION_TYPE_ALL: true,
}
ObjectAllowedActions = map[ActionType]bool{
ACTION_UPDATE_OBJECT_INFO: true,
ACTION_CREATE_OBJECT: true,
ACTION_DELETE_OBJECT: true,
ACTION_GET_OBJECT: true,
ACTION_COPY_OBJECT: true,
ACTION_EXECUTE_OBJECT: true,
ACTION_LIST_OBJECT: true,
ACTION_UPDATE_OBJECT_INFO: true,
ACTION_CREATE_OBJECT: true,
ACTION_DELETE_OBJECT: true,
ACTION_GET_OBJECT: true,
ACTION_COPY_OBJECT: true,
ACTION_EXECUTE_OBJECT: true,
ACTION_LIST_OBJECT: true,
ACTION_UPDATE_OBJECT_CONTENT: true,

ACTION_TYPE_ALL: true,
}
Expand Down
Loading

0 comments on commit bd63877

Please sign in to comment.