change TargetATomCheck to ConnectionTargetCheck, it's either checking the target atom or the won node of the target atom
add a test case
add an implicit Authorization: if local atom A has a connection to atom B on a remote node, allow that node to see the key graph of atom A.
Pull request checklist
Please check if your PR fulfills the following requirements:
[x] Affected Tests have been added/altered (for bug fixes / features)
[ ] Docs have been reviewed and added/updated if needed (for bug fixes / features)
[x] Build was run locally and mvn install succeeds
Pull request type
Please check the type of change your PR introduces:
[x] Bugfix
[ ] Feature
[ ] Code style update (formatting, renaming)
[ ] Refactoring (no functional changes, no api changes)
[ ] Build related changes
[ ] Documentation content changes
[ ] Other (please describe):
What is the current behavior?
WoN messaging across WoN nodes is not possible. The receiving node cannot verify the incoming message as it does not (necessarily) have access to the sending atom's public key.
In addition to that, the nodes enter a deadlock trying to verify each other's WebID.
What is the new behavior?
We add the option to allow ACL grants to won nodes, defined as the target WoN node of a connection, and we add an implicit Authorization giving any won node read access to an atom's key if that atom has a connection to any atom on that WoN node.
Access to the node descriptor is possible without checking a WebID first, so as to avoid a deadlock when a node wants to check another node's WebID using its own webID.
Pull request checklist
Please check if your PR fulfills the following requirements:
mvn install
succeedsPull request type
Please check the type of change your PR introduces:
What is the current behavior?
WoN messaging across WoN nodes is not possible. The receiving node cannot verify the incoming message as it does not (necessarily) have access to the sending atom's public key.
In addition to that, the nodes enter a deadlock trying to verify each other's WebID.
What is the new behavior?
We add the option to allow ACL grants to won nodes, defined as the
target WoN node
of aconnection
, and we add an implicit Authorization giving any won node read access to an atom's key if that atom has a connection to any atom on that WoN node.Access to the node descriptor is possible without checking a WebID first, so as to avoid a deadlock when a node wants to check another node's WebID using its own webID.
Does this introduce a breaking change?
Other information
Can be tested with green/blue test system.