New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Synchronise access policies with TrustOracle #1561
Conversation
63c03cf
to
531199d
Compare
Do we really need to poll and cache access policies in node? This could be simply an on-demand call, could it not? @Waldz |
47727e5
to
1ffe2ec
Compare
Codecov Report
@@ Coverage Diff @@
## master #1561 +/- ##
==========================================
+ Coverage 47.37% 47.43% +0.05%
==========================================
Files 285 286 +1
Lines 11007 11091 +84
==========================================
+ Hits 5215 5261 +46
- Misses 5416 5454 +38
Partials 376 376
Continue to review full report at Codecov.
|
1ffe2ec
to
7ffe4f3
Compare
All improvements addressed |
1f4458b
to
2d91355
Compare
core/policy/policy_repository.go
Outdated
// Policy converts given value to valid policy rule | ||
func (pr *PolicyRepository) Policy(policyID string) market.AccessPolicy { | ||
policyURL := pr.policyURL | ||
if !strings.HasSuffix(policyURL, "/") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why should it ends by the /
?
This looks like you are trying to fit existing service.
As a user I'd like to have an option to set any standard URL I want.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It can be 3rd party service, just follows this contract:
- While starting service, provide Policy Oracle via:
--access-policy.address=https://testnet-trust.mysterium.network/api/v1/access-policies/
--access-policy.address:https://testnet-trust.mysterium.network/api/v1/access-policies
- Provider policy IDs via:
--access-policy.list= ipinfo,wikipedia
So yes, provided custom URL still have to match certain contract
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But you don't need to add /
at the end of the user URL.
If you need it for URL https://testnet-trust.mysterium.network/api/v1/access-policies/
you passing it through the command argument.
If I need to pass the URL https://myown-trust.com/policies.json
, it should not become https://myown-trust.com/policies.json/
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a failing test case
core/policy/policy_repository.go
Outdated
} | ||
|
||
// RulesForPolicy gives rules of given policy | ||
func (pr *PolicyRepository) RulesForPolicy(policy market.AccessPolicy) (market.AccessPolicyRuleSet, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It appears there are no differences between RulesForPolicy
and RulesForPolicies
. Perhaps merge into one RulesForPolicies(policies ...market.AccessPolicy)
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually there is difference in return type, multiple retrieve returns list of asked rulesets
ab103b7
to
765225a
Compare
765225a
to
95fe634
Compare
go test -run Test_PolicyRepository_AddPolicies_Race github.com/mysteriumnetwork/node/core/policy
95fe634
to
02b6b7f
Compare
Validates policy name by fetching it's rules from TrustOracle before starting service and subscribes for improvements of rules