status-im
/
status-go
mirror of https://github.com/status-im/status-go.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
status-go/protocol/communities/community_encryption_key_ac...

823 lines
29 KiB
Go
Raw Normal View History

feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
package communities
import (
"crypto/ecdsa"
"sync"
"testing"
"github.com/stretchr/testify/suite"
"github.com/status-im/status-go/eth-node/crypto"
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
"github.com/status-im/status-go/eth-node/types"
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
"github.com/status-im/status-go/protocol/common"
"github.com/status-im/status-go/protocol/protobuf"
)
func createTestCommunity(identity *ecdsa.PrivateKey) *Community {
return &Community{
config: &Config{
PrivateKey: identity,
CommunityDescription: &protobuf.CommunityDescription{
Members: map[string]*protobuf.CommunityMember{},
Permissions: &protobuf.CommunityPermissions{},
Identity: &protobuf.ChatIdentity{},
Chats: map[string]*protobuf.CommunityChat{},
BanList: []string{},
Categories: map[string]*protobuf.CommunityCategory{},
Encrypted: false,
TokenPermissions: map[string]*protobuf.CommunityTokenPermission{},
CommunityTokensMetadata: []*protobuf.CommunityTokenMetadata{},
},
ID: &identity.PublicKey,
Joined: true,
MemberIdentity: &identity.PublicKey,
},
mutex: sync.Mutex{},
}
}
func TestCommunityEncryptionKeyActionSuite(t *testing.T) {
suite.Run(t, new(CommunityEncryptionKeyActionSuite))
}
type CommunityEncryptionKeyActionSuite struct {
suite.Suite
identity *ecdsa.PrivateKey
communityID []byte
member1 *ecdsa.PrivateKey
member2 *ecdsa.PrivateKey
member3 *ecdsa.PrivateKey
member1Key string
member2Key string
member3Key string
}
func (s *CommunityEncryptionKeyActionSuite) SetupTest() {
identity, err := crypto.GenerateKey()
s.Require().NoError(err)
s.identity = identity
s.communityID = crypto.CompressPubkey(&identity.PublicKey)
member1, err := crypto.GenerateKey()
s.Require().NoError(err)
s.member1 = member1
member2, err := crypto.GenerateKey()
s.Require().NoError(err)
s.member2 = member2
member3, err := crypto.GenerateKey()
s.Require().NoError(err)
s.member3 = member3
s.member1Key = common.PubkeyToHex(&s.member1.PublicKey)
s.member2Key = common.PubkeyToHex(&s.member2.PublicKey)
s.member3Key = common.PubkeyToHex(&s.member3.PublicKey)
}
func (s *CommunityEncryptionKeyActionSuite) TestEncryptionKeyNone() {
origin := createTestCommunity(s.identity)
// if there are no changes there should be no actions
actions := EvaluateCommunityEncryptionKeyActions(origin, origin)
s.Require().Equal(actions.CommunityKeyAction.ActionType, EncryptionKeyNone)
s.Require().Len(actions.ChannelKeysActions, 0)
}
func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_PermissionsCombinations() {
testCases := []struct {
name string
originPermissions []*protobuf.CommunityTokenPermission
modifiedPermissions []*protobuf.CommunityTokenPermission
expectedActionType EncryptionKeyActionType
}{
{
name: "add member permission",
originPermissions: []*protobuf.CommunityTokenPermission{},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
expectedActionType: EncryptionKeyAdd,
},
{
name: "add member permissions",
originPermissions: []*protobuf.CommunityTokenPermission{},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
expectedActionType: EncryptionKeyAdd,
},
{
name: "add another member permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
expectedActionType: EncryptionKeyNone,
},
{
name: "add another member permission and remove previous one",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
expectedActionType: EncryptionKeyNone,
},
{
name: "remove member permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{},
expectedActionType: EncryptionKeyRemove,
},
{
name: "remove one of member permissions",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
expectedActionType: EncryptionKeyNone,
},
{
name: "add channel permission",
originPermissions: []*protobuf.CommunityTokenPermission{},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{"some-chat-id"},
},
},
expectedActionType: EncryptionKeyNone,
},
{
name: "remove channel permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{"some-chat-id"},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{},
expectedActionType: EncryptionKeyNone,
},
{
name: "add member permission on top of channel permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{"some-chat-id"},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{"some-chat-id"},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
expectedActionType: EncryptionKeyAdd,
},
{
name: "add channel permission on top of member permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{"some-chat-id"},
},
},
expectedActionType: EncryptionKeyNone,
},
{
name: "change member permission to channel permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
expectedActionType: EncryptionKeyRemove,
},
{
name: "change channel permission to member permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
expectedActionType: EncryptionKeyAdd,
},
{
name: "change channel permission to member permission on top of member permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{""},
},
},
expectedActionType: EncryptionKeyNone,
},
}
for _, tc := range testCases {
s.Run(tc.name, func() {
origin := createTestCommunity(s.identity)
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
modified := origin.CreateDeepCopy()
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
for _, permission := range tc.originPermissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := origin.UpsertTokenPermission(permission)
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
for _, permission := range tc.modifiedPermissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := modified.UpsertTokenPermission(permission)
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
actions := EvaluateCommunityEncryptionKeyActions(origin, modified)
s.Require().Equal(tc.expectedActionType, actions.CommunityKeyAction.ActionType)
})
}
}
func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_MembersCombinations() {
testCases := []struct {
name string
permissions []*protobuf.CommunityTokenPermission
originMembers []*ecdsa.PublicKey
modifiedMembers []*ecdsa.PublicKey
expectedAction EncryptionKeyAction
}{
{
name: "add member to open community",
permissions: []*protobuf.CommunityTokenPermission{},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyNone,
Members: map[string]*protobuf.CommunityMember{},
},
},
{
name: "remove member from open community",
permissions: []*protobuf.CommunityTokenPermission{},
originMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
modifiedMembers: []*ecdsa.PublicKey{},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyNone,
Members: map[string]*protobuf.CommunityMember{},
},
},
{
name: "add member to token-gated community",
permissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeySendToMembers,
Members: map[string]*protobuf.CommunityMember{
s.member1Key: &protobuf.CommunityMember{},
},
},
},
{
name: "add multiple members to token-gated community",
permissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey, &s.member2.PublicKey},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeySendToMembers,
Members: map[string]*protobuf.CommunityMember{
s.member1Key: &protobuf.CommunityMember{},
s.member2Key: &protobuf.CommunityMember{},
},
},
},
{
name: "remove member from token-gated community",
permissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
originMembers: []*ecdsa.PublicKey{&s.member1.PublicKey, &s.member2.PublicKey},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyRekey,
Members: map[string]*protobuf.CommunityMember{
s.member1Key: &protobuf.CommunityMember{},
},
},
},
{
name: "add and remove members from token-gated community",
permissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
originMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
modifiedMembers: []*ecdsa.PublicKey{&s.member2.PublicKey, &s.member3.PublicKey},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyRekey,
Members: map[string]*protobuf.CommunityMember{
s.member2Key: &protobuf.CommunityMember{},
s.member3Key: &protobuf.CommunityMember{},
},
},
},
}
for _, tc := range testCases {
s.Run(tc.name, func() {
origin := createTestCommunity(s.identity)
for _, permission := range tc.permissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := origin.UpsertTokenPermission(permission)
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
modified := origin.CreateDeepCopy()
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
for _, member := range tc.originMembers {
_, err := origin.AddMember(member, []protobuf.CommunityMember_Roles{})
s.Require().NoError(err)
}
for _, member := range tc.modifiedMembers {
_, err := modified.AddMember(member, []protobuf.CommunityMember_Roles{})
s.Require().NoError(err)
}
actions := EvaluateCommunityEncryptionKeyActions(origin, modified)
s.Require().Equal(tc.expectedAction.ActionType, actions.CommunityKeyAction.ActionType)
s.Require().Len(tc.expectedAction.Members, len(actions.CommunityKeyAction.Members))
for memberKey := range tc.expectedAction.Members {
_, exists := actions.CommunityKeyAction.Members[memberKey]
s.Require().True(exists)
}
})
}
}
func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_PermissionsMembersCombinations() {
testCases := []struct {
name string
originPermissions []*protobuf.CommunityTokenPermission
modifiedPermissions []*protobuf.CommunityTokenPermission
originMembers []*ecdsa.PublicKey
modifiedMembers []*ecdsa.PublicKey
expectedActionType EncryptionKeyActionType
}{
{
name: "add member permission, add members",
originPermissions: []*protobuf.CommunityTokenPermission{},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
expectedActionType: EncryptionKeyAdd,
},
{
name: "add member permission, remove members",
originPermissions: []*protobuf.CommunityTokenPermission{},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
originMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
modifiedMembers: []*ecdsa.PublicKey{},
expectedActionType: EncryptionKeyAdd,
},
{
name: "remove member permission, add members",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
expectedActionType: EncryptionKeyRemove,
},
{
name: "remove member permission, remove members",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{},
originMembers: []*ecdsa.PublicKey{&s.member1.PublicKey},
modifiedMembers: []*ecdsa.PublicKey{},
expectedActionType: EncryptionKeyRemove,
},
}
for _, tc := range testCases {
s.Run(tc.name, func() {
origin := createTestCommunity(s.identity)
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
modified := origin.CreateDeepCopy()
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
for _, permission := range tc.originPermissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := origin.UpsertTokenPermission(permission)
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
for _, member := range tc.originMembers {
_, err := origin.AddMember(member, []protobuf.CommunityMember_Roles{})
s.Require().NoError(err)
}
for _, permission := range tc.modifiedPermissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := modified.UpsertTokenPermission(permission)
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
for _, member := range tc.modifiedMembers {
_, err := modified.AddMember(member, []protobuf.CommunityMember_Roles{})
s.Require().NoError(err)
}
actions := EvaluateCommunityEncryptionKeyActions(origin, modified)
s.Require().Equal(tc.expectedActionType, actions.CommunityKeyAction.ActionType)
})
}
}
func (s *CommunityEncryptionKeyActionSuite) TestChannelLevelKeyActions() {
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
channelID := "1234"
chatID := types.EncodeHex(crypto.CompressPubkey(&s.identity.PublicKey)) + channelID
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
testCases := []struct {
name string
originPermissions []*protobuf.CommunityTokenPermission
modifiedPermissions []*protobuf.CommunityTokenPermission
originMembers []*ecdsa.PublicKey
modifiedMembers []*ecdsa.PublicKey
expectedAction EncryptionKeyAction
}{
{
name: "add channel permission",
originPermissions: []*protobuf.CommunityTokenPermission{},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{chatID},
},
},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyAdd,
Members: map[string]*protobuf.CommunityMember{},
},
},
{
name: "remove channel permission",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{chatID},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyRemove,
Members: map[string]*protobuf.CommunityMember{},
},
},
{
name: "add members to token-gated channel",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{chatID},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{chatID},
},
},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey, &s.member2.PublicKey},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeySendToMembers,
Members: map[string]*protobuf.CommunityMember{
s.member1Key: &protobuf.CommunityMember{},
s.member2Key: &protobuf.CommunityMember{},
},
},
},
{
name: "remove members from token-gated channel",
originPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{chatID},
},
},
modifiedPermissions: []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{chatID},
},
},
originMembers: []*ecdsa.PublicKey{&s.member1.PublicKey, &s.member2.PublicKey},
modifiedMembers: []*ecdsa.PublicKey{},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyRekey,
Members: map[string]*protobuf.CommunityMember{},
},
},
{
name: "add members to open channel",
originPermissions: []*protobuf.CommunityTokenPermission{},
modifiedPermissions: []*protobuf.CommunityTokenPermission{},
originMembers: []*ecdsa.PublicKey{},
modifiedMembers: []*ecdsa.PublicKey{&s.member1.PublicKey, &s.member2.PublicKey},
expectedAction: EncryptionKeyAction{
ActionType: EncryptionKeyNone,
Members: map[string]*protobuf.CommunityMember{},
},
},
}
for _, tc := range testCases {
s.Run(tc.name, func() {
origin := createTestCommunity(s.identity)
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
_, err := origin.CreateChat(channelID, &protobuf.CommunityChat{
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
Members: map[string]*protobuf.CommunityMember{},
Permissions: &protobuf.CommunityPermissions{Access: protobuf.CommunityPermissions_NO_MEMBERSHIP},
Identity: &protobuf.ChatIdentity{},
})
s.Require().NoError(err)
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
modified := origin.CreateDeepCopy()
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
for _, permission := range tc.originPermissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := origin.UpsertTokenPermission(permission)
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
for _, member := range tc.originMembers {
_, err := origin.AddMember(member, []protobuf.CommunityMember_Roles{})
s.Require().NoError(err)
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
_, err = origin.AddMemberToChat(channelID, member, []protobuf.CommunityMember_Roles{})
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
for _, permission := range tc.modifiedPermissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := modified.UpsertTokenPermission(permission)
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
for _, member := range tc.modifiedMembers {
_, err := modified.AddMember(member, []protobuf.CommunityMember_Roles{})
s.Require().NoError(err)
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
_, err = modified.AddMemberToChat(channelID, member, []protobuf.CommunityMember_Roles{})
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().NoError(err)
}
actions := EvaluateCommunityEncryptionKeyActions(origin, modified)
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
channelAction, ok := actions.ChannelKeysActions[channelID]
feat: add CommunityEncryptionKeyActions and its evaluation logic Added utility that evaluates necessary encryption key actions based on community changes. part of: status-im/status-desktop#10998
2023-07-13 17:49:19 +00:00
s.Require().True(ok)
s.Require().Equal(tc.expectedAction.ActionType, channelAction.ActionType)
s.Require().Len(tc.expectedAction.Members, len(channelAction.Members))
for memberKey := range tc.expectedAction.Members {
_, exists := channelAction.Members[memberKey]
s.Require().True(exists)
}
})
}
}
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
func (s *CommunityEncryptionKeyActionSuite) TestNilOrigin() {
newCommunity := createTestCommunity(s.identity)
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
channelID := "0x1234"
chatID := types.EncodeHex(crypto.CompressPubkey(&s.identity.PublicKey)) + channelID
_, err := newCommunity.CreateChat(channelID, &protobuf.CommunityChat{
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
Members: map[string]*protobuf.CommunityMember{},
Permissions: &protobuf.CommunityPermissions{Access: protobuf.CommunityPermissions_NO_MEMBERSHIP},
Identity: &protobuf.ChatIdentity{},
})
s.Require().NoError(err)
newCommunityPermissions := []*protobuf.CommunityTokenPermission{
&protobuf.CommunityTokenPermission{
Id: "some-id-1",
Type: protobuf.CommunityTokenPermission_BECOME_MEMBER,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{},
},
&protobuf.CommunityTokenPermission{
Id: "some-id-2",
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
ChatIds: []string{chatID},
},
}
for _, permission := range newCommunityPermissions {
refactor: merge AddTokenPermission and UpdateTokenPermission
2023-08-17 15:19:18 +00:00
_, err := newCommunity.UpsertTokenPermission(permission)
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
s.Require().NoError(err)
}
actions := EvaluateCommunityEncryptionKeyActions(nil, newCommunity)
s.Require().Equal(actions.CommunityKeyAction.ActionType, EncryptionKeyAdd)
s.Require().Len(actions.ChannelKeysActions, 1)
feat: introduce channel-level encryption - distribute ratchet keys at both community and channel levels - use explicit `HashRatchetGroupID` in ecryption layer, instead of inheriting `groupID` from `CommunityID` - populate `HashRatchetGroupID` with `CommunityID+ChannelID` for channels, and `CommunityID` for whole community - hydrate channels with members; channel members are now subset of community members - include channel permissions in periodic permissions check closes: status-im/status-desktop#10998
2023-06-23 10:49:26 +00:00
s.Require().NotNil(actions.ChannelKeysActions[channelID])
s.Require().Equal(actions.ChannelKeysActions[channelID].ActionType, EncryptionKeyAdd)
feat: introduce CommunitiesKeyDistributor This component decouples key distribution from the Messenger, enhancing code maintainability, extensibility and testability. It also alleviates the need to impact all methods potentially affecting encryption keys. Moreover, it allows key distribution inspection for integration tests. part of: status-im/status-desktop#10998
2023-07-17 16:40:09 +00:00
}