Merge pull request #86 from ucan-wg/test/invocation-verifies-args-vs-pols

test(invocation): verify arguments versus aggregated policies
2024-11-27 14:56:05 -05:00
parent d1d047cd9e 170e597e71
commit 15535d3474
16 changed files with 321 additions and 61 deletions
--- a/pkg/args/builder.go
+++ b/pkg/args/builder.go
@@ -0,0 +1,71 @@
+package args
+
+import (
+	"errors"
+
+	"github.com/ipld/go-ipld-prime"
+)
+
+// Builder allows the fluid construction of an Args.
+type Builder struct {
+	args *Args
+	errs error
+}
+
+// NewBuilder returns a Builder which will assemble the Args.
+func NewBuilder() *Builder {
+	return &Builder{
+		args: New(),
+	}
+}
+
+// Add inserts a new key/val into the Args being assembled while collecting
+// any errors caused by duplicate keys.
+func (b *Builder) Add(key string, val any) *Builder {
+	b.errs = errors.Join(b.errs, b.args.Add(key, val))
+
+	return b
+}
+
+// Build returns the assembled Args or an error containing a list of
+// errors encountered while trying to build the Args.
+func (b *Builder) Build() (*Args, error) {
+	if b.errs != nil {
+		return nil, b.errs
+	}
+
+	return b.args, nil
+}
+
+// BuildIPLD is the same as Build except it takes the additional step of
+// converting the Args to an ipld.Node.
+func (b *Builder) BuildIPLD() (ipld.Node, error) {
+	args, err := b.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	return args.ToIPLD()
+}
+
+// MustBuild is the same as Build except it panics if an error occurs.
+func (b *Builder) MustBuild() *Args {
+	args, err := b.Build()
+
+	if err != nil {
+		panic(b.errs)
+	}
+
+	return args
+}
+
+// MustBuildIPLD is the same as BuildIPLD except it panics if an error
+// occurs.
+func (b *Builder) MustBuildIPLD() ipld.Node {
+	node, err := b.BuildIPLD()
+	if err != nil {
+		panic(err)
+	}
+
+	return node
+}
--- a/pkg/args/builder_test.go
+++ b/pkg/args/builder_test.go
@@ -0,0 +1,81 @@
+package args_test
+
+import (
+	"testing"
+
+	"github.com/ipld/go-ipld-prime"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"github.com/ucan-wg/go-ucan/pkg/args"
+)
+
+func TestBuilder_XXX(t *testing.T) {
+	t.Parallel()
+
+	const (
+		keyOne = "key1"
+		valOne = "string"
+		keyTwo = "key2"
+		valTwo = 42
+	)
+
+	exp := args.New()
+	exp.Add(keyOne, valOne)
+	exp.Add(keyTwo, valTwo)
+
+	expNode, err := exp.ToIPLD()
+	require.NoError(t, err)
+
+	disjointKeys := args.NewBuilder().
+		Add(keyOne, valOne).
+		Add(keyTwo, valTwo)
+
+	duplicateKeys := args.NewBuilder().
+		Add(keyOne, valOne).
+		Add(keyTwo, valTwo).
+		Add(keyOne, "oh no!")
+
+	t.Run("MustBuild succeeds with disjoint keys", func(t *testing.T) {
+		t.Parallel()
+
+		var act *args.Args
+
+		require.NotPanics(t, func() {
+			act = disjointKeys.MustBuild()
+		})
+		assert.Equal(t, exp, act)
+	})
+
+	t.Run("MustBuild fails with duplicate keys", func(t *testing.T) {
+		t.Parallel()
+
+		var act *args.Args
+
+		require.Panics(t, func() {
+			act = duplicateKeys.MustBuild()
+		})
+		assert.Nil(t, act)
+	})
+
+	t.Run("MustBuildIPLD succeeds with disjoint keys", func(t *testing.T) {
+		t.Parallel()
+
+		var act ipld.Node
+
+		require.NotPanics(t, func() {
+			act = disjointKeys.MustBuildIPLD()
+		})
+		assert.Equal(t, expNode, act)
+	})
+
+	t.Run("MustBuildIPLD fails with duplicate keys", func(t *testing.T) {
+		t.Parallel()
+
+		var act ipld.Node
+
+		require.Panics(t, func() {
+			act = duplicateKeys.MustBuildIPLD()
+		})
+		assert.Nil(t, act)
+	})
+}
--- a/pkg/policy/match_test.go
+++ b/pkg/policy/match_test.go
@@ -7,11 +7,8 @@ import (
 	"github.com/ipfs/go-cid"
 	"github.com/ipld/go-ipld-prime"
 	"github.com/ipld/go-ipld-prime/codec/dagjson"
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/fluent/qp"
 	cidlink "github.com/ipld/go-ipld-prime/linking/cid"
 	"github.com/ipld/go-ipld-prime/node/basicnode"
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

 	"github.com/ucan-wg/go-ucan/pkg/policy/literal"
@@ -904,55 +901,3 @@ func TestPartialMatch(t *testing.T) {
 		})
 	}
 }
-
-// TestInvocationValidation applies the example policy to the second
-// example arguments as defined in the [Validation] section of the
-// invocation specification.
-//
-// [Validation]: https://github.com/ucan-wg/delegation/tree/v1_ipld#validation
-func TestInvocationValidationSpecExamples(t *testing.T) {
-	t.Parallel()
-
-	pol := MustConstruct(
-		Equal(".from", literal.String("alice@example.com")),
-		Any(".to", Like(".", "*@example.com")),
-	)
-
-	t.Run("with passing args", func(t *testing.T) {
-		t.Parallel()
-
-		argsNode, err := qp.BuildMap(basicnode.Prototype.Any, 2, func(ma datamodel.MapAssembler) {
-			qp.MapEntry(ma, "from", qp.String("alice@example.com"))
-			qp.MapEntry(ma, "to", qp.List(2, func(la datamodel.ListAssembler) {
-				qp.ListEntry(la, qp.String("bob@example.com"))
-				qp.ListEntry(la, qp.String("carol@not.example.com"))
-			}))
-			qp.MapEntry(ma, "title", qp.String("Coffee"))
-			qp.MapEntry(ma, "body", qp.String("Still on for coffee"))
-		})
-		require.NoError(t, err)
-
-		exec, stmt := pol.Match(argsNode)
-		assert.True(t, exec)
-		assert.Nil(t, stmt)
-	})
-
-	t.Run("fails on recipients (second statement)", func(t *testing.T) {
-		t.Parallel()
-
-		argsNode, err := qp.BuildMap(basicnode.Prototype.Any, 2, func(ma datamodel.MapAssembler) {
-			qp.MapEntry(ma, "from", qp.String("alice@example.com"))
-			qp.MapEntry(ma, "to", qp.List(2, func(la datamodel.ListAssembler) {
-				qp.ListEntry(la, qp.String("bob@null.com"))
-				qp.ListEntry(la, qp.String("carol@elsewhere.example.com"))
-			}))
-			qp.MapEntry(ma, "title", qp.String("Coffee"))
-			qp.MapEntry(ma, "body", qp.String("Still on for coffee"))
-		})
-		require.NoError(t, err)
-
-		exec, stmt := pol.Match(argsNode)
-		assert.False(t, exec)
-		assert.NotNil(t, stmt)
-	})
-}
--- a/pkg/policy/policytest/spec.go
+++ b/pkg/policy/policytest/spec.go
@@ -0,0 +1,67 @@
+package policytest
+
+import (
+	"github.com/ipld/go-ipld-prime"
+	"github.com/ucan-wg/go-ucan/pkg/args"
+	"github.com/ucan-wg/go-ucan/pkg/policy"
+	"github.com/ucan-wg/go-ucan/pkg/policy/literal"
+)
+
+// EmptyPolicy provides a Policy with no statements.
+var EmptyPolicy = policy.Policy{}
+
+// ExampleValidationPolicy provides a instantiated SpecPolicy containing the
+// statements that are included in the second code block of the [Validation]
+// section of the delegation specification.
+//
+// [Validation]: https://github.com/ucan-wg/delegation/tree/v1_ipld#validation
+var SpecPolicy = policy.MustConstruct(
+	policy.Equal(".from", literal.String("alice@example.com")),
+	policy.Any(".to", policy.Like(".", "*@example.com")),
+)
+
+// TODO: Replace the URL for [Validation] above when the delegation
+//       specification has been finished/merged.
+
+// SpecValidArguments provides valid, instantiated Arguments containing
+// the key/value pairs that are included in portion of the the second code
+// block of the [Validation] section of the delegation specification.
+//
+// [Validation]: https://github.com/ucan-wg/delegation/tree/v1_ipld#validation
+var SpecValidArguments = args.NewBuilder().
+	Add("from", "alice@example.com").
+	Add("to", []string{
+		"bob@example.com",
+		"carol@not.example.com",
+	}).
+	Add("title", "Coffee").
+	Add("body", "Still on for coffee").
+	MustBuild()
+
+var specValidArgumentsIPLD = mustIPLD(SpecValidArguments)
+
+// SpecInvalidArguments provides invalid, instantiated Arguments containing
+// the key/value pairs that are included in portion of the the second code
+// block of the [Validation] section of the delegation specification.
+//
+// [Validation]: https://github.com/ucan-wg/delegation/tree/v1_ipld#validation
+var SpecInvalidArguments = args.NewBuilder().
+	Add("from", "alice@example.com").
+	Add("to", []string{
+		"bob@null.com",
+		"carol@elsewhere.example.com",
+	}).
+	Add("title", "Coffee").
+	Add("body", "Still on for coffee").
+	MustBuild()
+
+var specInvalidArgumentsIPLD = mustIPLD(SpecInvalidArguments)
+
+func mustIPLD(args *args.Args) ipld.Node {
+	node, err := args.ToIPLD()
+	if err != nil {
+		panic(err)
+	}
+
+	return node
+}
--- a/pkg/policy/policytest/spec_test.go
+++ b/pkg/policy/policytest/spec_test.go
@@ -0,0 +1,32 @@
+package policytest
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+// TestInvocationValidation applies the example policy to the second
+// example arguments as defined in the [Validation] section of the
+// invocation specification.
+//
+// [Validation]: https://github.com/ucan-wg/delegation/tree/v1_ipld#validation
+func TestInvocationValidationSpecExamples(t *testing.T) {
+	t.Parallel()
+
+	t.Run("with passing args", func(t *testing.T) {
+		t.Parallel()
+
+		exec, stmt := SpecPolicy.Match(specValidArgumentsIPLD)
+		assert.True(t, exec)
+		assert.Nil(t, stmt)
+	})
+
+	t.Run("fails on recipients (second statement)", func(t *testing.T) {
+		t.Parallel()
+
+		exec, stmt := SpecPolicy.Match(specInvalidArgumentsIPLD)
+		assert.False(t, exec)
+		assert.NotNil(t, stmt)
+	})
+}