delegation: add predicates to check if a delegation is a root or powerline
This commit is contained in:
Michael Muré
@@ -83,7 +83,7 @@ func New(iss did.DID, aud did.DID, cmd command.Command, pol policy.Policy, sub d
|
||||
}
|
||||
|
||||
// Root creates a validated UCAN delegation Token from the provided parameters and options.
|
||||
// This is typically used to create and give a power to an agent.
|
||||
// This is typically used to create and give power to an agent.
|
||||
//
|
||||
// You can read it as "(issuer) allows (audience) to perform (cmd+pol) on itself".
|
||||
func Root(iss did.DID, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) {
|
||||
@@ -154,6 +154,16 @@ func (t *Token) Expiration() *time.Time {
|
||||
return t.expiration
|
||||
}
|
||||
|
||||
// IsRoot tells if the token is a root delegation.
|
||||
func (t *Token) IsRoot() bool {
|
||||
return t.issuer == t.subject
|
||||
}
|
||||
|
||||
// IsPowerline tells if the token is a powerline delegation.
|
||||
func (t *Token) IsPowerline() bool {
|
||||
return t.subject == did.Undef
|
||||
}
|
||||
|
||||
// IsValidNow verifies that the token can be used at the current time, based on expiration or "not before" fields.
|
||||
// This does NOT do any other kind of verifications.
|
||||
func (t *Token) IsValidNow() bool {
|
||||
|
||||
@@ -20,39 +20,16 @@ const (
|
||||
subJectCmd = "/foo/bar"
|
||||
subjectPol = `
|
||||
[
|
||||
[
|
||||
"==",
|
||||
".status",
|
||||
"draft"
|
||||
],
|
||||
[
|
||||
"all",
|
||||
".reviewer",
|
||||
[
|
||||
"like",
|
||||
".email",
|
||||
"*@example.com"
|
||||
]
|
||||
],
|
||||
[
|
||||
"any",
|
||||
".tags",
|
||||
[
|
||||
"or",
|
||||
[
|
||||
[
|
||||
"==",
|
||||
".",
|
||||
"news"
|
||||
],
|
||||
[
|
||||
"==",
|
||||
".",
|
||||
"press"
|
||||
]
|
||||
]
|
||||
]
|
||||
]
|
||||
["==", ".status", "draft"],
|
||||
["all", ".reviewer",
|
||||
["like", ".email", "*@example.com"]
|
||||
],
|
||||
["any", ".tags",
|
||||
["or", [
|
||||
["==", ".", "news"],
|
||||
["==", ".", "press"]
|
||||
]]
|
||||
]
|
||||
]
|
||||
`
|
||||
|
||||
@@ -80,6 +57,9 @@ func TestConstructors(t *testing.T) {
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.False(t, tkn.IsRoot())
|
||||
require.False(t, tkn.IsPowerline())
|
||||
|
||||
data, err := tkn.ToDagJson(didtest.PersonaAlice.PrivKey())
|
||||
require.NoError(t, err)
|
||||
|
||||
@@ -97,6 +77,9 @@ func TestConstructors(t *testing.T) {
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.True(t, tkn.IsRoot())
|
||||
require.False(t, tkn.IsPowerline())
|
||||
|
||||
data, err := tkn.ToDagJson(didtest.PersonaAlice.PrivKey())
|
||||
require.NoError(t, err)
|
||||
|
||||
@@ -114,6 +97,9 @@ func TestConstructors(t *testing.T) {
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.False(t, tkn.IsRoot())
|
||||
require.True(t, tkn.IsPowerline())
|
||||
|
||||
data, err := tkn.ToDagJson(didtest.PersonaAlice.PrivKey())
|
||||
require.NoError(t, err)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user