diff --git a/Cargo.lock b/Cargo.lock index 8766ec9..dba3f91 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -401,9 +401,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.19" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7be5744db7978a28d9df86a214130d106a89ce49644cbc4e3f0c22c3fba30615" +checksum = "b97f376d85a664d5837dbae44bf546e6477a679ff6610010f17276f686d867e8" dependencies = [ "clap_builder", "clap_derive", @@ -411,9 +411,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.19" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5fbc17d3ef8278f55b282b2a2e75ae6f6c7d4bb70ed3d0382375104bfafdb4b" +checksum = "19bc80abd44e4bed93ca373a0704ccbd1b710dc5749406201bb018272808dc54" dependencies = [ "anstream", "anstyle", @@ -1323,7 +1323,7 @@ dependencies = [ [[package]] name = "ic-oss" -version = "0.9.0" +version = "0.9.3" dependencies = [ "bytes", "candid", @@ -1340,7 +1340,7 @@ dependencies = [ [[package]] name = "ic-oss-can" -version = "0.9.0" +version = "0.9.3" dependencies = [ "candid", "ciborium", @@ -1353,7 +1353,7 @@ dependencies = [ [[package]] name = "ic-oss-cli" -version = "0.9.0" +version = "0.9.3" dependencies = [ "anyhow", "candid", @@ -1374,7 +1374,7 @@ dependencies = [ [[package]] name = "ic-oss-types" -version = "0.9.0" +version = "0.9.3" dependencies = [ "base64 0.21.7", "candid", @@ -1465,7 +1465,7 @@ dependencies = [ [[package]] name = "ic_oss_bucket" -version = "0.9.0" +version = "0.9.3" dependencies = [ "base64 0.21.7", "candid", @@ -1485,7 +1485,7 @@ dependencies = [ [[package]] name = "ic_oss_cluster" -version = "0.9.0" +version = "0.9.3" dependencies = [ "candid", "ciborium", @@ -1601,9 +1601,9 @@ checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" [[package]] name = "js-sys" -version = "0.3.70" +version = "0.3.72" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1868808506b929d7b0cfa8f75951347aa71bb21144b7791bae35d9bccfcfe37a" +checksum = "6a88f1bda2bd75b0452a14784937d796722fdebfe50df998aeb3f0b7603019a9" dependencies = [ "wasm-bindgen", ] @@ -1991,9 +1991,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.86" +version = "1.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" +checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a" dependencies = [ "unicode-ident", ] @@ -2986,9 +2986,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a82edfc16a6c469f5f44dc7b571814045d60404b55a0ee849f9bcfa2e63dd9b5" +checksum = "128d1e363af62632b8eb57219c8fd7877144af57558fb2ef0368d0087bddeb2e" dependencies = [ "cfg-if", "once_cell", @@ -2997,9 +2997,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9de396da306523044d3302746f1208fa71d7532227f15e347e2d93e4145dd77b" +checksum = "cb6dd4d3ca0ddffd1dd1c9c04f94b868c37ff5fac97c30b97cff2d74fce3a358" dependencies = [ "bumpalo", "log", @@ -3012,9 +3012,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.43" +version = "0.4.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61e9300f63a621e96ed275155c108eb6f843b6a26d053f122ab69724559dc8ed" +checksum = "cc7ec4f8827a71586374db3e87abdb5a2bb3a15afed140221307c3ec06b1f63b" dependencies = [ "cfg-if", "js-sys", @@ -3024,9 +3024,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "585c4c91a46b072c92e908d99cb1dcdf95c5218eeb6f3bf1efa991ee7a68cccf" +checksum = "e79384be7f8f5a9dd5d7167216f022090cf1f9ec128e6e6a482a2cb5c5422c56" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -3034,9 +3034,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "afc340c74d9005395cf9dd098506f7f44e38f2b4a21c6aaacf9a105ea5e1e836" +checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", @@ -3047,9 +3047,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" +checksum = "65fc09f10666a9f147042251e0dda9c18f166ff7de300607007e96bdebc1068d" [[package]] name = "wasm-streams" @@ -3066,9 +3066,9 @@ dependencies = [ [[package]] name = "web-sys" -version = "0.3.70" +version = "0.3.72" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26fdeaafd9bd129f65e7c031593c24d62186301e0c72c8978fa1678be7d532c0" +checksum = "f6488b90108c040df0fe62fa815cbdee25124641df01814dd7282749234c6112" dependencies = [ "js-sys", "wasm-bindgen", diff --git a/Cargo.toml b/Cargo.toml index b08dce7..158d8da 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,7 +17,7 @@ strip = true opt-level = 's' [workspace.package] -version = "0.9.0" +version = "0.9.3" edition = "2021" repository = "https://github.com/ldclabs/ic-oss" keywords = ["file", "storage", "oss", "s3", "icp"] diff --git a/src/declarations/ic_oss_bucket/ic_oss_bucket.did b/src/declarations/ic_oss_bucket/ic_oss_bucket.did index d9378aa..50deea0 100644 --- a/src/declarations/ic_oss_bucket/ic_oss_bucket.did +++ b/src/declarations/ic_oss_bucket/ic_oss_bucket.did @@ -153,6 +153,10 @@ type UpgradeArgs = record { max_folder_depth : opt nat8; }; service : (opt CanisterArgs) -> { + admin_add_auditors : (vec principal) -> (Result); + admin_add_managers : (vec principal) -> (Result); + admin_remove_auditors : (vec principal) -> (Result); + admin_remove_managers : (vec principal) -> (Result); admin_set_auditors : (vec principal) -> (Result); admin_set_managers : (vec principal) -> (Result); admin_update_bucket : (UpdateBucketInput) -> (Result); @@ -180,6 +184,10 @@ service : (opt CanisterArgs) -> { validate2_admin_set_auditors : (vec principal) -> (Result_14); validate2_admin_set_managers : (vec principal) -> (Result_14); validate2_admin_update_bucket : (UpdateBucketInput) -> (Result_14); + validate_admin_add_auditors : (vec principal) -> (Result_14); + validate_admin_add_managers : (vec principal) -> (Result_14); + validate_admin_remove_auditors : (vec principal) -> (Result_14); + validate_admin_remove_managers : (vec principal) -> (Result_14); validate_admin_set_auditors : (vec principal) -> (Result); validate_admin_set_managers : (vec principal) -> (Result); validate_admin_update_bucket : (UpdateBucketInput) -> (Result); diff --git a/src/declarations/ic_oss_bucket/ic_oss_bucket.did.d.ts b/src/declarations/ic_oss_bucket/ic_oss_bucket.did.d.ts index 490a586..c9724ae 100644 --- a/src/declarations/ic_oss_bucket/ic_oss_bucket.did.d.ts +++ b/src/declarations/ic_oss_bucket/ic_oss_bucket.did.d.ts @@ -182,6 +182,10 @@ export interface UpgradeArgs { 'max_folder_depth' : [] | [number], } export interface _SERVICE { + 'admin_add_auditors' : ActorMethod<[Array], Result>, + 'admin_add_managers' : ActorMethod<[Array], Result>, + 'admin_remove_auditors' : ActorMethod<[Array], Result>, + 'admin_remove_managers' : ActorMethod<[Array], Result>, 'admin_set_auditors' : ActorMethod<[Array], Result>, 'admin_set_managers' : ActorMethod<[Array], Result>, 'admin_update_bucket' : ActorMethod<[UpdateBucketInput], Result>, @@ -260,6 +264,10 @@ export interface _SERVICE { 'validate2_admin_set_auditors' : ActorMethod<[Array], Result_14>, 'validate2_admin_set_managers' : ActorMethod<[Array], Result_14>, 'validate2_admin_update_bucket' : ActorMethod<[UpdateBucketInput], Result_14>, + 'validate_admin_add_auditors' : ActorMethod<[Array], Result_14>, + 'validate_admin_add_managers' : ActorMethod<[Array], Result_14>, + 'validate_admin_remove_auditors' : ActorMethod<[Array], Result_14>, + 'validate_admin_remove_managers' : ActorMethod<[Array], Result_14>, 'validate_admin_set_auditors' : ActorMethod<[Array], Result>, 'validate_admin_set_managers' : ActorMethod<[Array], Result>, 'validate_admin_update_bucket' : ActorMethod<[UpdateBucketInput], Result>, diff --git a/src/declarations/ic_oss_bucket/ic_oss_bucket.did.js b/src/declarations/ic_oss_bucket/ic_oss_bucket.did.js index b79e00e..34f2ad3 100644 --- a/src/declarations/ic_oss_bucket/ic_oss_bucket.did.js +++ b/src/declarations/ic_oss_bucket/ic_oss_bucket.did.js @@ -197,6 +197,10 @@ export const idlFactory = ({ IDL }) => { }); const Result_14 = IDL.Variant({ 'Ok' : IDL.Text, 'Err' : IDL.Text }); return IDL.Service({ + 'admin_add_auditors' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), + 'admin_add_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), + 'admin_remove_auditors' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), + 'admin_remove_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), 'admin_set_auditors' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), 'admin_set_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), 'admin_update_bucket' : IDL.Func([UpdateBucketInput], [Result], []), @@ -322,6 +326,26 @@ export const idlFactory = ({ IDL }) => { [Result_14], [], ), + 'validate_admin_add_auditors' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), + 'validate_admin_add_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), + 'validate_admin_remove_auditors' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), + 'validate_admin_remove_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), 'validate_admin_set_auditors' : IDL.Func( [IDL.Vec(IDL.Principal)], [Result], diff --git a/src/declarations/ic_oss_cluster/ic_oss_cluster.did b/src/declarations/ic_oss_cluster/ic_oss_cluster.did index ac28a74..3df08a0 100644 --- a/src/declarations/ic_oss_cluster/ic_oss_cluster.did +++ b/src/declarations/ic_oss_cluster/ic_oss_cluster.did @@ -19,6 +19,7 @@ type ClusterInfo = record { token_expiration : nat64; weak_ed25519_token_public_key : text; bucket_latest_version : blob; + schnorr_key_name : text; bucket_deployment_logs : nat64; subject_authz_total : nat64; }; @@ -61,12 +62,14 @@ type WasmInfo = record { }; service : (opt ChainArgs) -> { access_token : (principal) -> (Result); + admin_add_managers : (vec principal) -> (Result_1); admin_add_wasm : (AddWasmInput, opt blob) -> (Result_1); admin_attach_policies : (Token) -> (Result_1); admin_batch_call_buckets : (vec principal, text, opt blob) -> (Result_2); admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_1); admin_detach_policies : (Token) -> (Result_1); admin_ed25519_access_token : (Token) -> (Result); + admin_remove_managers : (vec principal) -> (Result_1); admin_set_managers : (vec principal) -> (Result_1); admin_sign_access_token : (Token) -> (Result); admin_topup_all_buckets : () -> (Result_3); @@ -87,11 +90,13 @@ service : (opt ChainArgs) -> { validate2_admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_9); validate2_admin_set_managers : (vec principal) -> (Result_9); validate2_admin_upgrade_all_buckets : (opt blob) -> (Result_9); + validate_admin_add_managers : (vec principal) -> (Result_9); validate_admin_add_wasm : (AddWasmInput, opt blob) -> (Result_1); validate_admin_batch_call_buckets : (vec principal, text, opt blob) -> ( Result_2, ); validate_admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_1); + validate_admin_remove_managers : (vec principal) -> (Result_9); validate_admin_set_managers : (vec principal) -> (Result_1); validate_admin_upgrade_all_buckets : (opt blob) -> (Result_1); } diff --git a/src/declarations/ic_oss_cluster/ic_oss_cluster.did.d.ts b/src/declarations/ic_oss_cluster/ic_oss_cluster.did.d.ts index 72871c4..39e7030 100644 --- a/src/declarations/ic_oss_cluster/ic_oss_cluster.did.d.ts +++ b/src/declarations/ic_oss_cluster/ic_oss_cluster.did.d.ts @@ -27,6 +27,7 @@ export interface ClusterInfo { 'token_expiration' : bigint, 'weak_ed25519_token_public_key' : string, 'bucket_latest_version' : Uint8Array | number[], + 'schnorr_key_name' : string, 'bucket_deployment_logs' : bigint, 'subject_authz_total' : bigint, } @@ -82,6 +83,7 @@ export interface WasmInfo { } export interface _SERVICE { 'access_token' : ActorMethod<[Principal], Result>, + 'admin_add_managers' : ActorMethod<[Array], Result_1>, 'admin_add_wasm' : ActorMethod< [AddWasmInput, [] | [Uint8Array | number[]]], Result_1 @@ -97,6 +99,7 @@ export interface _SERVICE { >, 'admin_detach_policies' : ActorMethod<[Token], Result_1>, 'admin_ed25519_access_token' : ActorMethod<[Token], Result>, + 'admin_remove_managers' : ActorMethod<[Array], Result_1>, 'admin_set_managers' : ActorMethod<[Array], Result_1>, 'admin_sign_access_token' : ActorMethod<[Token], Result>, 'admin_topup_all_buckets' : ActorMethod<[], Result_3>, @@ -133,6 +136,7 @@ export interface _SERVICE { [[] | [Uint8Array | number[]]], Result_9 >, + 'validate_admin_add_managers' : ActorMethod<[Array], Result_9>, 'validate_admin_add_wasm' : ActorMethod< [AddWasmInput, [] | [Uint8Array | number[]]], Result_1 @@ -145,6 +149,7 @@ export interface _SERVICE { [DeployWasmInput, [] | [Uint8Array | number[]]], Result_1 >, + 'validate_admin_remove_managers' : ActorMethod<[Array], Result_9>, 'validate_admin_set_managers' : ActorMethod<[Array], Result_1>, 'validate_admin_upgrade_all_buckets' : ActorMethod< [[] | [Uint8Array | number[]]], diff --git a/src/declarations/ic_oss_cluster/ic_oss_cluster.did.js b/src/declarations/ic_oss_cluster/ic_oss_cluster.did.js index 7e4641b..0e183cd 100644 --- a/src/declarations/ic_oss_cluster/ic_oss_cluster.did.js +++ b/src/declarations/ic_oss_cluster/ic_oss_cluster.did.js @@ -15,11 +15,11 @@ export const idlFactory = ({ IDL }) => { }); const ChainArgs = IDL.Variant({ 'Upgrade' : UpgradeArgs, 'Init' : InitArgs }); const Result = IDL.Variant({ 'Ok' : IDL.Vec(IDL.Nat8), 'Err' : IDL.Text }); + const Result_1 = IDL.Variant({ 'Ok' : IDL.Null, 'Err' : IDL.Text }); const AddWasmInput = IDL.Record({ 'wasm' : IDL.Vec(IDL.Nat8), 'description' : IDL.Text, }); - const Result_1 = IDL.Variant({ 'Ok' : IDL.Null, 'Err' : IDL.Text }); const Token = IDL.Record({ 'subject' : IDL.Principal, 'audience' : IDL.Principal, @@ -69,6 +69,7 @@ export const idlFactory = ({ IDL }) => { 'token_expiration' : IDL.Nat64, 'weak_ed25519_token_public_key' : IDL.Text, 'bucket_latest_version' : IDL.Vec(IDL.Nat8), + 'schnorr_key_name' : IDL.Text, 'bucket_deployment_logs' : IDL.Nat64, 'subject_authz_total' : IDL.Nat64, }); @@ -80,6 +81,7 @@ export const idlFactory = ({ IDL }) => { const Result_9 = IDL.Variant({ 'Ok' : IDL.Text, 'Err' : IDL.Text }); return IDL.Service({ 'access_token' : IDL.Func([IDL.Principal], [Result], []), + 'admin_add_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result_1], []), 'admin_add_wasm' : IDL.Func( [AddWasmInput, IDL.Opt(IDL.Vec(IDL.Nat8))], [Result_1], @@ -98,6 +100,11 @@ export const idlFactory = ({ IDL }) => { ), 'admin_detach_policies' : IDL.Func([Token], [Result_1], []), 'admin_ed25519_access_token' : IDL.Func([Token], [Result], []), + 'admin_remove_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_1], + [], + ), 'admin_set_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result_1], []), 'admin_sign_access_token' : IDL.Func([Token], [Result], []), 'admin_topup_all_buckets' : IDL.Func([], [Result_3], []), @@ -152,6 +159,11 @@ export const idlFactory = ({ IDL }) => { [Result_9], [], ), + 'validate_admin_add_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_9], + [], + ), 'validate_admin_add_wasm' : IDL.Func( [AddWasmInput, IDL.Opt(IDL.Vec(IDL.Nat8))], [Result_1], @@ -167,6 +179,11 @@ export const idlFactory = ({ IDL }) => { [Result_1], [], ), + 'validate_admin_remove_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_9], + [], + ), 'validate_admin_set_managers' : IDL.Func( [IDL.Vec(IDL.Principal)], [Result_1], diff --git a/src/ic_oss/src/bucket.rs b/src/ic_oss/src/bucket.rs index 30b1558..ce2f120 100644 --- a/src/ic_oss/src/bucket.rs +++ b/src/ic_oss/src/bucket.rs @@ -480,6 +480,7 @@ impl Client { id, hash: Some(hash.unwrap_or(hash_new.into())), status: if self.set_readonly { Some(1) } else { None }, + size, ..Default::default() }) .await?; diff --git a/src/ic_oss_bucket/ic_oss_bucket.did b/src/ic_oss_bucket/ic_oss_bucket.did index d9378aa..50deea0 100644 --- a/src/ic_oss_bucket/ic_oss_bucket.did +++ b/src/ic_oss_bucket/ic_oss_bucket.did @@ -153,6 +153,10 @@ type UpgradeArgs = record { max_folder_depth : opt nat8; }; service : (opt CanisterArgs) -> { + admin_add_auditors : (vec principal) -> (Result); + admin_add_managers : (vec principal) -> (Result); + admin_remove_auditors : (vec principal) -> (Result); + admin_remove_managers : (vec principal) -> (Result); admin_set_auditors : (vec principal) -> (Result); admin_set_managers : (vec principal) -> (Result); admin_update_bucket : (UpdateBucketInput) -> (Result); @@ -180,6 +184,10 @@ service : (opt CanisterArgs) -> { validate2_admin_set_auditors : (vec principal) -> (Result_14); validate2_admin_set_managers : (vec principal) -> (Result_14); validate2_admin_update_bucket : (UpdateBucketInput) -> (Result_14); + validate_admin_add_auditors : (vec principal) -> (Result_14); + validate_admin_add_managers : (vec principal) -> (Result_14); + validate_admin_remove_auditors : (vec principal) -> (Result_14); + validate_admin_remove_managers : (vec principal) -> (Result_14); validate_admin_set_auditors : (vec principal) -> (Result); validate_admin_set_managers : (vec principal) -> (Result); validate_admin_update_bucket : (UpdateBucketInput) -> (Result); diff --git a/src/ic_oss_bucket/src/api_admin.rs b/src/ic_oss_bucket/src/api_admin.rs index 37a064e..32a02a9 100644 --- a/src/ic_oss_bucket/src/api_admin.rs +++ b/src/ic_oss_bucket/src/api_admin.rs @@ -2,7 +2,7 @@ use candid::Principal; use ic_oss_types::bucket::UpdateBucketInput; use std::collections::BTreeSet; -use crate::{is_controller, store, ANONYMOUS}; +use crate::{is_controller, store, validate_principals}; #[ic_cdk::update(guard = "is_controller")] fn admin_set_managers(args: BTreeSet) -> Result<(), String> { @@ -13,9 +13,45 @@ fn admin_set_managers(args: BTreeSet) -> Result<(), String> { Ok(()) } +#[ic_cdk::update(guard = "is_controller")] +fn admin_add_managers(mut args: BTreeSet) -> Result<(), String> { + validate_principals(&args)?; + store::state::with_mut(|r| { + r.managers.append(&mut args); + Ok(()) + }) +} + +#[ic_cdk::update(guard = "is_controller")] +fn admin_remove_managers(args: BTreeSet) -> Result<(), String> { + validate_principals(&args)?; + store::state::with_mut(|r| { + r.managers.retain(|p| !args.contains(p)); + Ok(()) + }) +} + +#[ic_cdk::update(guard = "is_controller")] +fn admin_add_auditors(mut args: BTreeSet) -> Result<(), String> { + validate_principals(&args)?; + store::state::with_mut(|r| { + r.auditors.append(&mut args); + Ok(()) + }) +} + +#[ic_cdk::update(guard = "is_controller")] +fn admin_remove_auditors(args: BTreeSet) -> Result<(), String> { + validate_principals(&args)?; + store::state::with_mut(|r| { + r.auditors.retain(|p| !args.contains(p)); + Ok(()) + }) +} + #[ic_cdk::update(guard = "is_controller")] fn admin_set_auditors(args: BTreeSet) -> Result<(), String> { - validate_admin_set_auditors(args.clone())?; + validate_principals(&args)?; store::state::with_mut(|r| { r.auditors = args; }); @@ -64,45 +100,25 @@ fn admin_update_bucket(args: UpdateBucketInput) -> Result<(), String> { #[ic_cdk::update] fn validate_admin_set_managers(args: BTreeSet) -> Result<(), String> { - if args.is_empty() { - return Err("managers cannot be empty".to_string()); - } - if args.contains(&ANONYMOUS) { - return Err("anonymous user is not allowed".to_string()); - } + validate_principals(&args)?; Ok(()) } #[ic_cdk::update] fn validate2_admin_set_managers(args: BTreeSet) -> Result { - if args.is_empty() { - return Err("managers cannot be empty".to_string()); - } - if args.contains(&ANONYMOUS) { - return Err("anonymous user is not allowed".to_string()); - } + validate_principals(&args)?; Ok("ok".to_string()) } #[ic_cdk::update] fn validate_admin_set_auditors(args: BTreeSet) -> Result<(), String> { - if args.is_empty() { - return Err("auditors cannot be empty".to_string()); - } - if args.contains(&ANONYMOUS) { - return Err("anonymous user is not allowed".to_string()); - } + validate_principals(&args)?; Ok(()) } #[ic_cdk::update] fn validate2_admin_set_auditors(args: BTreeSet) -> Result { - if args.is_empty() { - return Err("auditors cannot be empty".to_string()); - } - if args.contains(&ANONYMOUS) { - return Err("anonymous user is not allowed".to_string()); - } + validate_principals(&args)?; Ok("ok".to_string()) } @@ -116,3 +132,27 @@ fn validate2_admin_update_bucket(args: UpdateBucketInput) -> Result) -> Result { + validate_principals(&args)?; + Ok("ok".to_string()) +} + +#[ic_cdk::update] +fn validate_admin_remove_managers(args: BTreeSet) -> Result { + validate_principals(&args)?; + Ok("ok".to_string()) +} + +#[ic_cdk::update] +fn validate_admin_add_auditors(args: BTreeSet) -> Result { + validate_principals(&args)?; + Ok("ok".to_string()) +} + +#[ic_cdk::update] +fn validate_admin_remove_auditors(args: BTreeSet) -> Result { + validate_principals(&args)?; + Ok("ok".to_string()) +} diff --git a/src/ic_oss_bucket/src/lib.rs b/src/ic_oss_bucket/src/lib.rs index 6b5f848..61f604a 100644 --- a/src/ic_oss_bucket/src/lib.rs +++ b/src/ic_oss_bucket/src/lib.rs @@ -28,6 +28,16 @@ fn is_controller() -> Result<(), String> { } } +pub fn validate_principals(principals: &BTreeSet) -> Result<(), String> { + if principals.is_empty() { + return Err("principals cannot be empty".to_string()); + } + if principals.contains(&ANONYMOUS) { + return Err("anonymous user is not allowed".to_string()); + } + Ok(()) +} + #[cfg(all( target_arch = "wasm32", target_vendor = "unknown", diff --git a/src/ic_oss_bucket/src/store.rs b/src/ic_oss_bucket/src/store.rs index 234fe3c..a01f61f 100644 --- a/src/ic_oss_bucket/src/store.rs +++ b/src/ic_oss_bucket/src/store.rs @@ -1117,6 +1117,8 @@ pub mod fs { if file.size < file.filled { // the file content will be deleted and should be refilled + file.filled = 0; + file.chunks = 0; FS_CHUNKS_STORE.with(|r| { let mut fs_data = r.borrow_mut(); for i in 0..file.chunks { diff --git a/src/ic_oss_cluster/ic_oss_cluster.did b/src/ic_oss_cluster/ic_oss_cluster.did index ac28a74..3df08a0 100644 --- a/src/ic_oss_cluster/ic_oss_cluster.did +++ b/src/ic_oss_cluster/ic_oss_cluster.did @@ -19,6 +19,7 @@ type ClusterInfo = record { token_expiration : nat64; weak_ed25519_token_public_key : text; bucket_latest_version : blob; + schnorr_key_name : text; bucket_deployment_logs : nat64; subject_authz_total : nat64; }; @@ -61,12 +62,14 @@ type WasmInfo = record { }; service : (opt ChainArgs) -> { access_token : (principal) -> (Result); + admin_add_managers : (vec principal) -> (Result_1); admin_add_wasm : (AddWasmInput, opt blob) -> (Result_1); admin_attach_policies : (Token) -> (Result_1); admin_batch_call_buckets : (vec principal, text, opt blob) -> (Result_2); admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_1); admin_detach_policies : (Token) -> (Result_1); admin_ed25519_access_token : (Token) -> (Result); + admin_remove_managers : (vec principal) -> (Result_1); admin_set_managers : (vec principal) -> (Result_1); admin_sign_access_token : (Token) -> (Result); admin_topup_all_buckets : () -> (Result_3); @@ -87,11 +90,13 @@ service : (opt ChainArgs) -> { validate2_admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_9); validate2_admin_set_managers : (vec principal) -> (Result_9); validate2_admin_upgrade_all_buckets : (opt blob) -> (Result_9); + validate_admin_add_managers : (vec principal) -> (Result_9); validate_admin_add_wasm : (AddWasmInput, opt blob) -> (Result_1); validate_admin_batch_call_buckets : (vec principal, text, opt blob) -> ( Result_2, ); validate_admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_1); + validate_admin_remove_managers : (vec principal) -> (Result_9); validate_admin_set_managers : (vec principal) -> (Result_1); validate_admin_upgrade_all_buckets : (opt blob) -> (Result_1); } diff --git a/src/ic_oss_cluster/src/api_admin.rs b/src/ic_oss_cluster/src/api_admin.rs index d8f5cb4..8f2fe5d 100644 --- a/src/ic_oss_cluster/src/api_admin.rs +++ b/src/ic_oss_cluster/src/api_admin.rs @@ -12,8 +12,8 @@ use std::collections::BTreeSet; use std::time::Duration; use crate::{ - ecdsa, is_controller, is_controller_or_manager, schnorr, store, ANONYMOUS, MILLISECONDS, - SECONDS, TOKEN_KEY_DERIVATION_PATH, + ecdsa, is_controller, is_controller_or_manager, schnorr, store, validate_principals, + MILLISECONDS, SECONDS, TOKEN_KEY_DERIVATION_PATH, }; // encoded candid arguments: () @@ -22,30 +22,55 @@ static EMPTY_CANDID_ARGS: &[u8] = &[68, 73, 68, 76, 0, 0]; #[ic_cdk::update(guard = "is_controller")] fn admin_set_managers(args: BTreeSet) -> Result<(), String> { - validate_admin_set_managers(args.clone())?; + validate_principals(&args)?; store::state::with_mut(|r| { r.managers = args; }); Ok(()) } +#[ic_cdk::update(guard = "is_controller")] +fn admin_add_managers(mut args: BTreeSet) -> Result<(), String> { + validate_principals(&args)?; + store::state::with_mut(|r| { + r.managers.append(&mut args); + Ok(()) + }) +} + +#[ic_cdk::update(guard = "is_controller")] +fn admin_remove_managers(args: BTreeSet) -> Result<(), String> { + validate_principals(&args)?; + store::state::with_mut(|r| { + r.managers.retain(|p| !args.contains(p)); + Ok(()) + }) +} + #[ic_cdk::update] fn validate2_admin_set_managers(args: BTreeSet) -> Result { - validate_admin_set_managers(args)?; + validate_principals(&args)?; Ok("ok".to_string()) } #[ic_cdk::update] fn validate_admin_set_managers(args: BTreeSet) -> Result<(), String> { - if args.is_empty() { - return Err("managers cannot be empty".to_string()); - } - if args.contains(&ANONYMOUS) { - return Err("anonymous user is not allowed".to_string()); - } + validate_principals(&args)?; Ok(()) } +#[ic_cdk::update] +fn validate_admin_add_managers(args: BTreeSet) -> Result { + validate_principals(&args)?; + Ok("ok".to_string()) +} + +#[ic_cdk::update] +fn validate_admin_remove_managers(args: BTreeSet) -> Result { + validate_principals(&args)?; + Ok("ok".to_string()) +} + #[ic_cdk::update(guard = "is_controller_or_manager")] pub async fn admin_sign_access_token(token: Token) -> Result { let now_sec = ic_cdk::api::time() / SECONDS; diff --git a/src/ic_oss_cluster/src/lib.rs b/src/ic_oss_cluster/src/lib.rs index 335e110..aa2b77b 100644 --- a/src/ic_oss_cluster/src/lib.rs +++ b/src/ic_oss_cluster/src/lib.rs @@ -39,6 +39,16 @@ fn is_controller_or_manager() -> Result<(), String> { } } +pub fn validate_principals(principals: &BTreeSet) -> Result<(), String> { + if principals.is_empty() { + return Err("principals cannot be empty".to_string()); + } + if principals.contains(&ANONYMOUS) { + return Err("anonymous user is not allowed".to_string()); + } + Ok(()) +} + #[cfg(all( target_arch = "wasm32", target_vendor = "unknown", diff --git a/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did b/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did index d9378aa..50deea0 100644 --- a/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did +++ b/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did @@ -153,6 +153,10 @@ type UpgradeArgs = record { max_folder_depth : opt nat8; }; service : (opt CanisterArgs) -> { + admin_add_auditors : (vec principal) -> (Result); + admin_add_managers : (vec principal) -> (Result); + admin_remove_auditors : (vec principal) -> (Result); + admin_remove_managers : (vec principal) -> (Result); admin_set_auditors : (vec principal) -> (Result); admin_set_managers : (vec principal) -> (Result); admin_update_bucket : (UpdateBucketInput) -> (Result); @@ -180,6 +184,10 @@ service : (opt CanisterArgs) -> { validate2_admin_set_auditors : (vec principal) -> (Result_14); validate2_admin_set_managers : (vec principal) -> (Result_14); validate2_admin_update_bucket : (UpdateBucketInput) -> (Result_14); + validate_admin_add_auditors : (vec principal) -> (Result_14); + validate_admin_add_managers : (vec principal) -> (Result_14); + validate_admin_remove_auditors : (vec principal) -> (Result_14); + validate_admin_remove_managers : (vec principal) -> (Result_14); validate_admin_set_auditors : (vec principal) -> (Result); validate_admin_set_managers : (vec principal) -> (Result); validate_admin_update_bucket : (UpdateBucketInput) -> (Result); diff --git a/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.d.ts b/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.d.ts index 490a586..c9724ae 100644 --- a/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.d.ts +++ b/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.d.ts @@ -182,6 +182,10 @@ export interface UpgradeArgs { 'max_folder_depth' : [] | [number], } export interface _SERVICE { + 'admin_add_auditors' : ActorMethod<[Array], Result>, + 'admin_add_managers' : ActorMethod<[Array], Result>, + 'admin_remove_auditors' : ActorMethod<[Array], Result>, + 'admin_remove_managers' : ActorMethod<[Array], Result>, 'admin_set_auditors' : ActorMethod<[Array], Result>, 'admin_set_managers' : ActorMethod<[Array], Result>, 'admin_update_bucket' : ActorMethod<[UpdateBucketInput], Result>, @@ -260,6 +264,10 @@ export interface _SERVICE { 'validate2_admin_set_auditors' : ActorMethod<[Array], Result_14>, 'validate2_admin_set_managers' : ActorMethod<[Array], Result_14>, 'validate2_admin_update_bucket' : ActorMethod<[UpdateBucketInput], Result_14>, + 'validate_admin_add_auditors' : ActorMethod<[Array], Result_14>, + 'validate_admin_add_managers' : ActorMethod<[Array], Result_14>, + 'validate_admin_remove_auditors' : ActorMethod<[Array], Result_14>, + 'validate_admin_remove_managers' : ActorMethod<[Array], Result_14>, 'validate_admin_set_auditors' : ActorMethod<[Array], Result>, 'validate_admin_set_managers' : ActorMethod<[Array], Result>, 'validate_admin_update_bucket' : ActorMethod<[UpdateBucketInput], Result>, diff --git a/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.js b/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.js index b79e00e..34f2ad3 100644 --- a/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.js +++ b/src/ic_oss_ts/candid/ic_oss_bucket/ic_oss_bucket.did.js @@ -197,6 +197,10 @@ export const idlFactory = ({ IDL }) => { }); const Result_14 = IDL.Variant({ 'Ok' : IDL.Text, 'Err' : IDL.Text }); return IDL.Service({ + 'admin_add_auditors' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), + 'admin_add_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), + 'admin_remove_auditors' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), + 'admin_remove_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), 'admin_set_auditors' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), 'admin_set_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result], []), 'admin_update_bucket' : IDL.Func([UpdateBucketInput], [Result], []), @@ -322,6 +326,26 @@ export const idlFactory = ({ IDL }) => { [Result_14], [], ), + 'validate_admin_add_auditors' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), + 'validate_admin_add_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), + 'validate_admin_remove_auditors' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), + 'validate_admin_remove_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_14], + [], + ), 'validate_admin_set_auditors' : IDL.Func( [IDL.Vec(IDL.Principal)], [Result], diff --git a/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did b/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did index ac28a74..3df08a0 100644 --- a/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did +++ b/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did @@ -19,6 +19,7 @@ type ClusterInfo = record { token_expiration : nat64; weak_ed25519_token_public_key : text; bucket_latest_version : blob; + schnorr_key_name : text; bucket_deployment_logs : nat64; subject_authz_total : nat64; }; @@ -61,12 +62,14 @@ type WasmInfo = record { }; service : (opt ChainArgs) -> { access_token : (principal) -> (Result); + admin_add_managers : (vec principal) -> (Result_1); admin_add_wasm : (AddWasmInput, opt blob) -> (Result_1); admin_attach_policies : (Token) -> (Result_1); admin_batch_call_buckets : (vec principal, text, opt blob) -> (Result_2); admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_1); admin_detach_policies : (Token) -> (Result_1); admin_ed25519_access_token : (Token) -> (Result); + admin_remove_managers : (vec principal) -> (Result_1); admin_set_managers : (vec principal) -> (Result_1); admin_sign_access_token : (Token) -> (Result); admin_topup_all_buckets : () -> (Result_3); @@ -87,11 +90,13 @@ service : (opt ChainArgs) -> { validate2_admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_9); validate2_admin_set_managers : (vec principal) -> (Result_9); validate2_admin_upgrade_all_buckets : (opt blob) -> (Result_9); + validate_admin_add_managers : (vec principal) -> (Result_9); validate_admin_add_wasm : (AddWasmInput, opt blob) -> (Result_1); validate_admin_batch_call_buckets : (vec principal, text, opt blob) -> ( Result_2, ); validate_admin_deploy_bucket : (DeployWasmInput, opt blob) -> (Result_1); + validate_admin_remove_managers : (vec principal) -> (Result_9); validate_admin_set_managers : (vec principal) -> (Result_1); validate_admin_upgrade_all_buckets : (opt blob) -> (Result_1); } diff --git a/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.d.ts b/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.d.ts index 72871c4..39e7030 100644 --- a/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.d.ts +++ b/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.d.ts @@ -27,6 +27,7 @@ export interface ClusterInfo { 'token_expiration' : bigint, 'weak_ed25519_token_public_key' : string, 'bucket_latest_version' : Uint8Array | number[], + 'schnorr_key_name' : string, 'bucket_deployment_logs' : bigint, 'subject_authz_total' : bigint, } @@ -82,6 +83,7 @@ export interface WasmInfo { } export interface _SERVICE { 'access_token' : ActorMethod<[Principal], Result>, + 'admin_add_managers' : ActorMethod<[Array], Result_1>, 'admin_add_wasm' : ActorMethod< [AddWasmInput, [] | [Uint8Array | number[]]], Result_1 @@ -97,6 +99,7 @@ export interface _SERVICE { >, 'admin_detach_policies' : ActorMethod<[Token], Result_1>, 'admin_ed25519_access_token' : ActorMethod<[Token], Result>, + 'admin_remove_managers' : ActorMethod<[Array], Result_1>, 'admin_set_managers' : ActorMethod<[Array], Result_1>, 'admin_sign_access_token' : ActorMethod<[Token], Result>, 'admin_topup_all_buckets' : ActorMethod<[], Result_3>, @@ -133,6 +136,7 @@ export interface _SERVICE { [[] | [Uint8Array | number[]]], Result_9 >, + 'validate_admin_add_managers' : ActorMethod<[Array], Result_9>, 'validate_admin_add_wasm' : ActorMethod< [AddWasmInput, [] | [Uint8Array | number[]]], Result_1 @@ -145,6 +149,7 @@ export interface _SERVICE { [DeployWasmInput, [] | [Uint8Array | number[]]], Result_1 >, + 'validate_admin_remove_managers' : ActorMethod<[Array], Result_9>, 'validate_admin_set_managers' : ActorMethod<[Array], Result_1>, 'validate_admin_upgrade_all_buckets' : ActorMethod< [[] | [Uint8Array | number[]]], diff --git a/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.js b/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.js index 7e4641b..0e183cd 100644 --- a/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.js +++ b/src/ic_oss_ts/candid/ic_oss_cluster/ic_oss_cluster.did.js @@ -15,11 +15,11 @@ export const idlFactory = ({ IDL }) => { }); const ChainArgs = IDL.Variant({ 'Upgrade' : UpgradeArgs, 'Init' : InitArgs }); const Result = IDL.Variant({ 'Ok' : IDL.Vec(IDL.Nat8), 'Err' : IDL.Text }); + const Result_1 = IDL.Variant({ 'Ok' : IDL.Null, 'Err' : IDL.Text }); const AddWasmInput = IDL.Record({ 'wasm' : IDL.Vec(IDL.Nat8), 'description' : IDL.Text, }); - const Result_1 = IDL.Variant({ 'Ok' : IDL.Null, 'Err' : IDL.Text }); const Token = IDL.Record({ 'subject' : IDL.Principal, 'audience' : IDL.Principal, @@ -69,6 +69,7 @@ export const idlFactory = ({ IDL }) => { 'token_expiration' : IDL.Nat64, 'weak_ed25519_token_public_key' : IDL.Text, 'bucket_latest_version' : IDL.Vec(IDL.Nat8), + 'schnorr_key_name' : IDL.Text, 'bucket_deployment_logs' : IDL.Nat64, 'subject_authz_total' : IDL.Nat64, }); @@ -80,6 +81,7 @@ export const idlFactory = ({ IDL }) => { const Result_9 = IDL.Variant({ 'Ok' : IDL.Text, 'Err' : IDL.Text }); return IDL.Service({ 'access_token' : IDL.Func([IDL.Principal], [Result], []), + 'admin_add_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result_1], []), 'admin_add_wasm' : IDL.Func( [AddWasmInput, IDL.Opt(IDL.Vec(IDL.Nat8))], [Result_1], @@ -98,6 +100,11 @@ export const idlFactory = ({ IDL }) => { ), 'admin_detach_policies' : IDL.Func([Token], [Result_1], []), 'admin_ed25519_access_token' : IDL.Func([Token], [Result], []), + 'admin_remove_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_1], + [], + ), 'admin_set_managers' : IDL.Func([IDL.Vec(IDL.Principal)], [Result_1], []), 'admin_sign_access_token' : IDL.Func([Token], [Result], []), 'admin_topup_all_buckets' : IDL.Func([], [Result_3], []), @@ -152,6 +159,11 @@ export const idlFactory = ({ IDL }) => { [Result_9], [], ), + 'validate_admin_add_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_9], + [], + ), 'validate_admin_add_wasm' : IDL.Func( [AddWasmInput, IDL.Opt(IDL.Vec(IDL.Nat8))], [Result_1], @@ -167,6 +179,11 @@ export const idlFactory = ({ IDL }) => { [Result_1], [], ), + 'validate_admin_remove_managers' : IDL.Func( + [IDL.Vec(IDL.Principal)], + [Result_9], + [], + ), 'validate_admin_set_managers' : IDL.Func( [IDL.Vec(IDL.Principal)], [Result_1], diff --git a/src/ic_oss_ts/package.json b/src/ic_oss_ts/package.json index 571f38d..5989ce8 100644 --- a/src/ic_oss_ts/package.json +++ b/src/ic_oss_ts/package.json @@ -1,6 +1,6 @@ { "name": "@ldclabs/ic_oss_ts", - "version": "0.9.1", + "version": "0.9.3", "type": "module", "description": "The Typescript version of the client SDK for the ic-oss cluster.", "license": "MIT", diff --git a/src/ic_oss_ts/src/uploader.ts b/src/ic_oss_ts/src/uploader.ts index ce493e8..7bd0fa6 100644 --- a/src/ic_oss_ts/src/uploader.ts +++ b/src/ic_oss_ts/src/uploader.ts @@ -151,7 +151,7 @@ export class Uploader { hash: [hash || hasher.digest()], custom: [], name: [], - size: [], + size: [BigInt(size)], content_type: [] }) } catch (err) { diff --git a/src/ic_oss_types/src/file.rs b/src/ic_oss_types/src/file.rs index 8d9ebdd..2833e0d 100644 --- a/src/ic_oss_types/src/file.rs +++ b/src/ic_oss_types/src/file.rs @@ -43,7 +43,7 @@ pub struct CreateFileInput { } pub fn valid_file_name(name: &str) -> bool { - if name.is_empty() || name.trim() != name || name.len() > 64 { + if name.is_empty() || name.trim() != name || name.len() > 96 { return false; }