Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions as tree #93

Open
rklaehn opened this issue Nov 16, 2021 · 5 comments
Open

Permissions as tree #93

rklaehn opened this issue Nov 16, 2021 · 5 comments
Assignees
@rklaehn

Comments

@rklaehn
Copy link
Contributor

rklaehn commented Nov 16, 2021

When implementing join, I can do many things using very fast radix tree ops. E.g. removing expired from the store can be done with a single tree op instead of a loop.

E.g. this loop

        for buf in causal.store.iter() {
            let path = buf.as_path();
            if !self.expired.contains_prefix(path) && !causal.expired.contains_prefix(path) {
                if !self.can(peer, Permission::Write, path)? {
                    tracing::info!("join: peer is unauthorized to insert {}", path);
                    continue;
                }
                self.store.insert(&path);
            }
        }

can be turned into this:

        let mut store = causal.store.clone();
        store.tree_mut().remove_prefix_with(&self.expired.tree());
        store.tree_mut().remove_prefix_with(causal.expired.tree());
        for buf in store.iter() {
            let path = buf.as_path();
            if !self.can(peer, Permission::Write, path)? {
                tracing::info!("join: peer is unauthorized to insert {}", path);
                continue;
            }
            self.store.insert(&path);
        }

However, operations that involve permissions at present still involve querying permissions for every path.

It would be quite useful if we had a way to produce a tree for a permission and a peer, and then perform bulk operations for that tree. This would not change except when permissions are changed.

E.g.

let writeable = self.writeable(peer, Permission::Write);
store.tree_mut().retain_prefix_with(&writeable);
@rklaehn
Copy link
Contributor Author

rklaehn commented Nov 16, 2021

So the Acl contains all the info to decide permissions questions, and it is already a tree.

Currently it is doc.peer.<path> => Rule, right?

@dvc94ch
Copy link
Contributor

dvc94ch commented Nov 16, 2021

Sounds about right

@rklaehn
Copy link
Contributor Author

rklaehn commented Nov 16, 2021

Any particular reason it is doc.peer and not peer.doc? It seems that peer.doc.path. would be closer to how the paths are modeled in the store.

@dvc94ch
Copy link
Contributor

dvc94ch commented Nov 16, 2021

Don't recall. If there was a reason it needs to be reevaluated now anyway.

@rklaehn
Copy link
Contributor Author

rklaehn commented Nov 16, 2021

So looking at it some more, it seems the reason to have doc first is to be able to subscribe selectively to a doc.

@dvc94ch dvc94ch added this to the m1 milestone Nov 23, 2021
@dvc94ch dvc94ch removed this from the m1 milestone Dec 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rklaehn rklaehn

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rklaehn @dvc94ch