duplicate messages for v1

currently the messages have the same structure as v0, but they will change significantly
2024-09-11 06:15:30 +03:00 · 2021-01-05 15:02:44 +01:00 · 2021-01-05 15:02:44 +01:00 · 51862ad460
commit 51862ad460
parent 43e975e680
18 changed files with 194 additions and 54 deletions
--- a/samples/v1/README.md
+++ b/samples/v1/README.md
@ -12,7 +12,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "write", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read", "write"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read),
@ -25,7 +25,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -61,7 +61,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read)
@ -72,7 +72,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -95,7 +95,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "write", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read", "write"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read),
@ -108,7 +108,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -131,7 +131,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "write", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read", "write"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read),
@ -144,7 +144,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -167,7 +167,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "write", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read", "write"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read),
@ -180,7 +180,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -203,7 +203,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "write", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read", "write"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read),
@ -216,7 +216,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -239,7 +239,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "write", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read)
@ -250,7 +250,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["write", "caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #write)
@ -275,7 +275,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "write", "caveat1", "0"]
    authority: Block[0] {
            symbols: ["read"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read)
@ -286,7 +286,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["write", "caveat1", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#ambient, "file1", #write)
@ -311,7 +311,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "caveat1", "expiration", "date", "time"]
    authority: Block[0] {
            symbols: []
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -320,7 +320,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "expiration", "date", "time"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -357,7 +357,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "1", "read", "owner", "0", "write", "caveat1", "caveat2", "alice"]
    authority: Block[0] {
            symbols: ["1", "read", "owner", "0", "write"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: [
@ -369,7 +369,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["caveat1", "caveat2", "alice"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -409,7 +409,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read"]
    authority: Block[0] {
            symbols: ["read"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read)
@ -446,7 +446,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "caveat1"]
    authority: Block[0] {
            symbols: ["caveat1"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -494,7 +494,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "read", "valid_date", "time", "0", "1", "caveat1"]
    authority: Block[0] {
            symbols: ["read"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                right(#authority, "file1", #read),
@ -506,7 +506,7 @@ Biscuit {
    blocks: [
        Block[1] {
            symbols: ["valid_date", "time", "0", "1", "caveat1"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: [
@ -565,7 +565,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "resource_match", "0"]
    authority: Block[0] {
            symbols: ["resource_match", "0"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -611,7 +611,7 @@ Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "must_be_present"]
    authority: Block[0] {
            symbols: ["must_be_present"]
-            version: 0
+            version: 1
            context: ""
            facts: [
                must_be_present(#authority, "hello")
@ -644,7 +644,7 @@ biscuit: Biscuit {
    symbols: ["authority", "ambient", "resource", "operation", "right", "current_time", "revocation_id", "caveat1", "test", "hello"]
    authority: Block[0] {
            symbols: ["caveat1", "test", "hello"]
-            version: 0
+            version: 1
            context: ""
            facts: []
            rules: []
@ -655,7 +655,7 @@ biscuit: Biscuit {
    blocks: [
        Block[1] {
            symbols: []
-            version: 0
+            version: 1
            context: ""
            facts: [
                caveat1(#test)
--- a/samples/v1/test10_authority_rules.bc
+++ b/samples/v1/test10_authority_rules.bc
--- a/samples/v1/test11_verifier_authority_caveats.bc
+++ b/samples/v1/test11_verifier_authority_caveats.bc
--- a/samples/v1/test12_authority_caveats.bc
+++ b/samples/v1/test12_authority_caveats.bc
--- a/samples/v1/test13_block_rules.bc
+++ b/samples/v1/test13_block_rules.bc
--- a/samples/v1/test14_regex_constraint.bc
+++ b/samples/v1/test14_regex_constraint.bc
--- a/samples/v1/test15_multi_queries_caveats.bc
+++ b/samples/v1/test15_multi_queries_caveats.bc
--- a/samples/v1/test16_caveat_head_name.bc
+++ b/samples/v1/test16_caveat_head_name.bc
--- a/samples/v1/test1_basic.bc
+++ b/samples/v1/test1_basic.bc
--- a/samples/v1/test2_different_root_key.bc
+++ b/samples/v1/test2_different_root_key.bc
--- a/samples/v1/test3_invalid_signature_format.bc
+++ b/samples/v1/test3_invalid_signature_format.bc
--- a/samples/v1/test4_random_block.bc
+++ b/samples/v1/test4_random_block.bc
--- a/samples/v1/test5_invalid_signature.bc
+++ b/samples/v1/test5_invalid_signature.bc
--- a/samples/v1/test6_reordered_blocks.bc
+++ b/samples/v1/test6_reordered_blocks.bc
--- a/samples/v1/test7_invalid_block_fact_authority.bc
+++ b/samples/v1/test7_invalid_block_fact_authority.bc
--- a/samples/v1/test8_invalid_block_fact_ambient.bc
+++ b/samples/v1/test8_invalid_block_fact_ambient.bc
--- a/samples/v1/test9_expired_token.bc
+++ b/samples/v1/test9_expired_token.bc
--- a/schema.proto
+++ b/schema.proto
@ -23,34 +23,36 @@ message Signature {
 message Block {
  required uint32 index = 1;
  repeated string symbols = 2;
-  repeated Fact   facts = 3;
-  repeated Rule   rules = 4;
-  repeated Caveat caveats = 5;
+  repeated FactV0 facts_v0 = 3;
+  repeated RuleV0 rules_v0 = 4;
+  repeated CaveatV0 caveats_v0 = 5;
  optional string context = 6;
  optional uint32 version = 7;
+  repeated FactV1 facts_v1 = 8;
+  repeated RuleV1 rules_v1 = 9;
+  repeated CaveatV1 caveats_v1 = 10;
 }

-message Fact {
-  required Predicate predicate = 1;
+message FactV0 {
+  required PredicateV0 predicate = 1;
 }

-message Rule {
-  required Predicate head = 1;
-  repeated Predicate body = 2;
-  repeated Constraint constraints = 3;
+message RuleV0 {
+  required PredicateV0 head = 1;
+  repeated PredicateV0 body = 2;
+  repeated ConstraintV0 constraints = 3;
 }

-message Caveat {
-  repeated Rule queries = 1;
+message CaveatV0 {
+  repeated RuleV0 queries = 1;
 }

-message Predicate {
+message PredicateV0 {
  required uint64 name = 1;
-  repeated ID ids = 2;
+  repeated IDV0 ids = 2;
 }

-
-message ID {
+message IDV0 {
  enum Kind {
    SYMBOL = 0;
    VARIABLE = 1;
@ -69,7 +71,7 @@ message ID {
  optional bytes bytes = 7;
 }

-message Constraint {
+message ConstraintV0 {
  required uint32 id = 1;

  enum Kind {
@ -82,14 +84,14 @@ message Constraint {

  required Kind kind = 2;

-  optional IntConstraint int = 3;
-  optional StringConstraint str = 4;
-  optional DateConstraint date = 5;
-  optional SymbolConstraint symbol = 6;
-  optional BytesConstraint bytes = 7;
+  optional IntConstraintV0 int = 3;
+  optional StringConstraintV0 str = 4;
+  optional DateConstraintV0 date = 5;
+  optional SymbolConstraintV0 symbol = 6;
+  optional BytesConstraintV0 bytes = 7;
 }

-message IntConstraint {
+message IntConstraintV0 {
  enum Kind {
    LOWER = 0;
    LARGER = 1;
@ -111,7 +113,7 @@ message IntConstraint {
  repeated int64 not_in_set = 8 [packed=true];
 }

-message StringConstraint {
+message StringConstraintV0 {
  enum Kind {
    PREFIX = 0;
    SUFFIX = 1;
@ -131,7 +133,7 @@ message StringConstraint {
  optional string regex = 7;
 }

-message DateConstraint {
+message DateConstraintV0 {
  enum Kind {
    BEFORE = 0;
    AFTER = 1;
@ -143,7 +145,7 @@ message DateConstraint {
  optional uint64 after = 3;
 }

-message SymbolConstraint {
+message SymbolConstraintV0 {
  enum Kind {
    IN = 0;
    NOT_IN = 1;
@ -155,7 +157,145 @@ message SymbolConstraint {
  repeated uint64 not_in_set = 3;
 }

-message BytesConstraint {
+message BytesConstraintV0 {
+  enum Kind {
+    EQUAL = 0;
+    IN = 1;
+    NOT_IN = 2;
+  }
+
+  required Kind kind = 1;
+
+  optional bytes equal = 2;
+  repeated bytes in_set = 3;
+  repeated bytes not_in_set = 4;
+}
+
+message FactV1 {
+  required PredicateV1 predicate = 1;
+}
+
+message RuleV1 {
+  required PredicateV1 head = 1;
+  repeated PredicateV1 body = 2;
+  repeated ConstraintV1 constraints = 3;
+}
+
+message CaveatV1 {
+  repeated RuleV1 queries = 1;
+}
+
+message PredicateV1 {
+  required uint64 name = 1;
+  repeated IDV1 ids = 2;
+}
+
+message IDV1 {
+  enum Kind {
+    SYMBOL = 0;
+    VARIABLE = 1;
+    INTEGER = 2;
+    STR = 3;
+    DATE = 4;
+    BYTES = 5;
+  }
+
+  required Kind kind = 1;
+  optional uint64 symbol = 2;
+  optional uint32 variable = 3;
+  optional int64 integer = 4;
+  optional string str = 5;
+  optional uint64 date = 6;
+  optional bytes bytes = 7;
+}
+
+message ConstraintV1 {
+  required uint32 id = 1;
+
+  enum Kind {
+    INT = 0;
+    STRING = 1;
+    DATE = 2;
+    SYMBOL = 3;
+    BYTES = 4;
+  }
+
+  required Kind kind = 2;
+
+  optional IntConstraintV1 int = 3;
+  optional StringConstraintV1 str = 4;
+  optional DateConstraintV1 date = 5;
+  optional SymbolConstraintV1 symbol = 6;
+  optional BytesConstraintV1 bytes = 7;
+}
+
+message IntConstraintV1 {
+  enum Kind {
+    LOWER = 0;
+    LARGER = 1;
+    LOWER_OR_EQUAL = 2;
+    LARGER_OR_EQUAL = 3;
+    EQUAL = 4;
+    IN = 5;
+    NOT_IN = 6;
+  }
+
+  required Kind kind = 1;
+
+  optional int64 lower = 2;
+  optional int64 larger = 3;
+  optional int64 lower_or_equal = 4;
+  optional int64 larger_or_equal = 5;
+  optional int64 equal = 6;
+  repeated int64 in_set = 7 [packed=true];
+  repeated int64 not_in_set = 8 [packed=true];
+}
+
+message StringConstraintV1 {
+  enum Kind {
+    PREFIX = 0;
+    SUFFIX = 1;
+    EQUAL = 2;
+    IN = 3;
+    NOT_IN = 4;
+    REGEX = 5;
+  }
+
+  required Kind kind = 1;
+
+  optional string prefix = 2;
+  optional string suffix = 3;
+  optional string equal = 4;
+  repeated string in_set = 5;
+  repeated string not_in_set = 6;
+  optional string regex = 7;
+}
+
+message DateConstraintV1 {
+  enum Kind {
+    BEFORE = 0;
+    AFTER = 1;
+  }
+
+  required Kind kind = 1;
+
+  optional uint64 before = 2;
+  optional uint64 after = 3;
+}
+
+message SymbolConstraintV1 {
+  enum Kind {
+    IN = 0;
+    NOT_IN = 1;
+  }
+
+  required Kind kind = 1;
+
+  repeated uint64 in_set = 2;
+  repeated uint64 not_in_set = 3;
+}
+
+message BytesConstraintV1 {
  enum Kind {
    EQUAL = 0;
    IN = 1;