RecordsPermissionScope Revocation must be scoped to a protocol

TBD54566975 / dwn-sdk-js

Decentralized Web Node (DWN) Reference implementation

https://identity.foundation/decentralized-web-node/spec/

Apache License 2.0

324 stars 95 forks source link

RecordsPermissionScope Revocation must be scoped to a protocol #754

Closed LiranCohen closed 2 months ago

LiranCohen commented 2 months ago

In order to get Permission Revocation messages associated with a specific protocol from the MessageStore it is necessary for the revocation messages to be tagged with the protocol from the grant scope.

In this PR:

added an optional protocol property to the PermissionRevocationCreateOptions which normalizes and adds the provided protocol as a tag.
added a preProcessingForCoreRecordsWrite method to the RecordsWriteHandler where if the incoming message is a revocation message, the original grant will be fetched and the protocol tag from the revocation will be compared to the grant scope protocol.

codecov-commenter commented 2 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 98.57%. Comparing base (94da019) to head (b00b990).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #754 +/- ## ========================================== + Coverage 98.55% 98.57% +0.01% ========================================== Files 73 73 Lines 10929 10986 +57 Branches 1573 1582 +9 ========================================== + Hits 10771 10829 +58 + Misses 152 151 -1 Partials 6 6 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

LiranCohen commented 2 months ago

Do you think passing the message JSON directly for revocation creation is easier as dev-ex?

Yeah I was debating this, but wasn't sure which object the user would have more readily available so i opted with the parsed type.

I'll merge this in and we can improve it a bit in a subsequent PR. 🙏