Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth: miscellaneous #160

Merged
merged 6 commits into from
Jan 31, 2024
Merged

auth: miscellaneous #160

merged 6 commits into from
Jan 31, 2024

Conversation

rvanasa
Copy link
Collaborator

@rvanasa rvanasa commented Jan 30, 2024
edited
Loading

  • Allows controllers to update and unregister providers
  • Improves readability of do_authorize and do_deauthorize
  • Prevents accidentally authorizing the anonymous principal

@rvanasa rvanasa changed the title auth: allow controllers to update and unregister providers auth: miscellaneous Jan 30, 2024
THLO
THLO reviewed Jan 30, 2024
View reviewed changes
src/auth.rs Outdated
let principal = PrincipalStorable(principal);
let mut auth_set = auth_map.get(&principal).unwrap_or_default();
let changed = auth_set.authorize(auth);
auth_map.insert(principal, auth_set);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This insert does nothing really if changed = false, right?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's correct; updated the code for clarity.

THLO
THLO reviewed Jan 30, 2024
View reviewed changes
src/providers.rs
PROVIDERS.with(|providers| {
let mut providers = providers.borrow_mut();
match providers.get(&args.provider_id) {
Some(mut provider) => {
if provider.owner != caller {
if !(provider.owner == caller || is_controller) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The trap message needs to be updated. Shouldn't it simply be "You are not authorized" as above?

Copy link
Collaborator Author

@rvanasa rvanasa Jan 30, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right; thanks. Trying to do too many things at the same time, haha. Updated with additional text to distinguish cases where the owner has authorization.

@rvanasa rvanasa merged commit a180820 into main Jan 31, 2024
3 checks passed
@rvanasa rvanasa deleted the controller-update-unregister-provider branch January 31, 2024 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@THLO THLO THLO approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rvanasa @THLO