-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplan
126 lines (94 loc) · 3.53 KB
/
plan
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
----------------------------- [ Permission Request ]
scan -> [in_q] rfid reader [out_q] >---- /run/queeriouslabs/auth.sock
-----------------------------
--------------------------------
--> [in_q] authenticator [out_q] >-----+
/ -------------------------------- | [ Authenticated request ]
/run/queeriouslabs/auth.sock --< +------/run/queeriouslabs/latch.sock
\ |
<----------------------------------------+
in_q : one
out_q : many
Authenticator is the only real server, others are clients
Actions can only be performed by the authenticator
transport layers:
- devices (e.g. event system, uarts, i2c WHATEVER)
- unix domain sockets
- networking (zeromq)
rfid_reader is implicitly requesting the /latch/open action
- a successful scan generates the request
- unsuccessful scan doesn't do anything
autheticator decides if that's allowed
- yes: forwards request to /latch/open
- no: rejection
task/server to read input --> place into in_q
task to read in_q --> triggers device.input(msg)
device puts in out_q --> task to send
if server:
- put client into a dict w/ label
- grab client from dict w/ label to send
out_q should be (client, msg) pair -> clients[<client_id>] = client
in_q should be (client, msg) pair -> client = clients[<client_id>]
input task:
- opens listening connections
- Manages input transport, connections, etc and puts messages into in_q
- Adds clients to client dict
output task:
- removes (client, msg) pairs from out_q and sends via clienet's transport
- closes connections
- removes clients from client dict
input:
- binding address
- client callback
connection types:
- unix sockets (server, client)
- tcp socekts (server, client)
- event system (reader, writer)
# Notes
# Specs for a device
- unix sockets for IPC
- zeromq for inter-device communication
- processes over asyncio / threads
- asyncio over threads
- always starts at least one process/task/tread
- encrypted inter-device commuinication
- encrypted disks - but how to boot? maybe not.
# ACL
- nice file format for mapping identifier to bounded permissions
- encrypt on-disk, push to somewhere else
- hash identifier to use with hooks
- cache in memory
- updater which updates restarts services when updated
- stores on disk / sync disk and cache
- logging
- Response from ACL
{
[
perm: "/path/to/device/component/[crud]",
grant: True/False,
context: {'k':'v',}
]
}
- notify other devices (e.g. WWE entrances)?
- Request to ACL:
ID, permission request(s),
- json request format
{
tgt_dev_id: target device
src_dev_id: device uuid making request
requestor_id: permission requested for this id
permissions: {} dict of permissions requested
}
- permission spec
{
perm: "/path/to/device/component/[c|r|u|d]",
context:
{
"key": "value", # any extra information required to compute constraints
}
}
# Testing
## Research
https://promity.com/2020/06/03/testing-asynchronous-code-in-python/
https://asynctest.readthedocs.io/en/latest/tutorial.test_cases.html
https://tonybaloney.github.io/posts/async-test-patterns-for-pytest-and-unittest.html