feat!: Unify all packages (#327)

* * Separate marine worker as a package * Trying to fix tests * Finalizing test fixes * fix: rename back to Fluence CLI (#320) chore: rename back to Fluence CLI * fix(deps): update dependency @fluencelabs/avm to v0.43.1 (#322) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore: release master (#324) * chore: release master * chore: Regenerate pnpm lock file * feat: use marine-js 0.7.2 (#321) * use marine-js 0.5.0 * increace some timeouts * increace some timeouts * use latest marine + remove larger timeouts * propagate CallParameters type * use marine 0.7.2 * Temp use node 18 and 20 * Comment out node 20.x --------- Co-authored-by: Anatoly Laskaris <github_me@nahsi.dev> * chore: Fix test with node 18/20 error message (#323) * Fix test with node 18/20 error message * Run tests on node 18 and 20 * Enhance description * Fix type and obj property --------- Co-authored-by: Anatoly Laskaris <github_me@nahsi.dev> * * Separate marine worker as a package * Trying to fix tests * Finalizing test fixes * * Refactoring packages. * Using CDN to load .wasm deps. * Setting up tests for new architecture * Fix almost all tests * Fix last strange test * Remove package specific packages * Remove avm class as it looks excessive * marine worker new version * misc refactoring/remove console.log's * Rename package js-peer to js-client * Move service info to marine worker * Change CDN path * Fix worker race confition * Remove buffer type * Remove turned off headless mode in platform tests * Remove async keyword to make tests pass * Remove util package * Make js-client.api package just reexport interface from js-client main package * Update package info in CI * Fix review comments * Remove test entry from marine-worker package * Misc fixes * Fix worker type * Add fetchers * Specify correct versions for js-client package * Set first ver for js-client * Update libp2p and related dep versions to the latest * Build all deps into package itself * Fix review * Refine package * Fix comment * Update packages/core/js-client/src/fetchers/browser.ts * Update packages/core/js-client/src/fetchers/index.ts * Update packages/core/js-client/src/fetchers/node.ts * Update packages/core/js-client/src/jsPeer/FluencePeer.ts * Update packages/core/js-client/src/keypair/__test__/KeyPair.spec.ts * Update packages/core/js-client/src/jsPeer/FluencePeer.ts Co-authored-by: shamsartem <shamsartem@gmail.com> * Delete outdated file * Need types for build to work * Inline func call * Add comments to replacement lines. P.S. we can remove some of them after update libp2p --------- Co-authored-by: shamsartem <shamsartem@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: fluencebot <116741523+fluencebot@users.noreply.github.com> Co-authored-by: Valery Antopol <valery.antopol@gmail.com> Co-authored-by: Anatoly Laskaris <github_me@nahsi.dev>
2025-06-23 12:51:32 +00:00 · 2023-08-25 00:15:49 +07:00
parent 2d2f5591cf
commit 97c24918d8
130 changed files with 3350 additions and 3119 deletions
--- a/packages/core/js-client/src/services/securityGuard.ts
+++ b/packages/core/js-client/src/services/securityGuard.ts
@ -0,0 +1,80 @@
+/*
+ * Copyright 2023 Fluence Labs Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { SecurityTetraplet } from '@fluencelabs/avm';
+import { CallParams, PeerIdB58 } from '@fluencelabs/interfaces';
+
+type ArgName = string | null;
+
+/**
+ * A predicate of call params for sig service's sign method which determines whether signing operation is allowed or not
+ */
+export type SecurityGuard<T extends ArgName> = (params: CallParams<T>) => boolean;
+
+/**
+ * Only allow calls when tetraplet for 'data' argument satisfies the predicate
+ */
+export const allowTetraplet = <T extends ArgName>(
+    pred: (tetraplet: SecurityTetraplet) => boolean,
+): SecurityGuard<T> => {
+    return (params) => {
+        const t = params.tetraplets.data[0];
+        return pred(t);
+    };
+};
+
+/**
+ * Only allow data which comes from the specified serviceId and fnName
+ */
+export const allowServiceFn = <T extends ArgName>(serviceId: string, fnName: string): SecurityGuard<T> => {
+    return allowTetraplet((t) => {
+        return t.service_id === serviceId && t.function_name === fnName;
+    });
+};
+
+/**
+ * Only allow data originated from the specified json_path
+ */
+export const allowExactJsonPath = <T extends ArgName>(jsonPath: string): SecurityGuard<T> => {
+    return allowTetraplet((t) => {
+        return t.json_path === jsonPath;
+    });
+};
+
+/**
+ * Only allow signing when particle is initiated at the specified peer
+ */
+export const allowOnlyParticleOriginatedAt = <T extends ArgName>(peerId: PeerIdB58): SecurityGuard<T> => {
+    return (params) => {
+        return params.initPeerId === peerId;
+    };
+};
+
+/**
+ * Only allow signing when all of the predicates are satisfied.
+ * Useful for predicates reuse
+ */
+export const and = <T extends ArgName>(...predicates: SecurityGuard<T>[]): SecurityGuard<T> => {
+    return (params) => predicates.every((x) => x(params));
+};
+
+/**
+ * Only allow signing when any of the predicates are satisfied.
+ * Useful for predicates reuse
+ */
+export const or = <T extends ArgName>(...predicates: SecurityGuard<T>[]): SecurityGuard<T> => {
+    return (params) => predicates.some((x) => x(params));
+};