squash and rebase: protocol-rule-record-expiry

Bnonni · Bnonni · commit d07a8a4cb371 · 2024-04-24T11:05:06.000-04:00
diff --git a/json-schemas/interface-methods/protocol-rule-set.json b/json-schemas/interface-methods/protocol-rule-set.json
@@ -106,6 +106,11 @@
           "minimum": 0
         }
       }
+    },
+    "$expiry": {
+      "$comment": "Time in milliseconds from dateCreated to wait until the record expires",
+      "type": "number",
+      "minimum": 1
     }
   },
   "patternProperties": {
diff --git a/src/core/dwn-error.ts b/src/core/dwn-error.ts
@@ -55,6 +55,7 @@ export enum DwnErrorCode {
   PrivateKeySignerUnsupportedCurve = 'PrivateKeySignerUnsupportedCurve',
   ProtocolAuthorizationActionNotAllowed = 'ProtocolAuthorizationActionNotAllowed',
   ProtocolAuthorizationActionRulesNotFound = 'ProtocolAuthorizationActionRulesNotFound',
+  ProtocolAuthorizationExpiryReached = 'ProtocolAuthorizationExpiryReached',
   ProtocolAuthorizationIncorrectDataFormat = 'ProtocolAuthorizationIncorrectDataFormat',
   ProtocolAuthorizationIncorrectContextId = 'ProtocolAuthorizationIncorrectContextId',
   ProtocolAuthorizationIncorrectProtocolPath = 'ProtocolAuthorizationIncorrectProtocolPath',
@@ -74,6 +75,7 @@ export enum DwnErrorCode {
   ProtocolAuthorizationRoleMissingRecipient = 'ProtocolAuthorizationRoleMissingRecipient',
   ProtocolsConfigureDuplicateActorInRuleSet = 'ProtocolsConfigureDuplicateActorInRuleSet',
   ProtocolsConfigureDuplicateRoleInRuleSet = 'ProtocolsConfigureDuplicateRoleInRuleSet',
+  ProtocolsConfigureInvalidExpiry = 'ProtocolsConfigureInvalidExpiry',
   ProtocolsConfigureInvalidSize = 'ProtocolsConfigureInvalidSize',
   ProtocolsConfigureInvalidActionMissingOf = 'ProtocolsConfigureInvalidActionMissingOf',
   ProtocolsConfigureInvalidActionOfNotAllowed = 'ProtocolsConfigureInvalidActionOfNotAllowed',
diff --git a/src/core/protocol-authorization.ts b/src/core/protocol-authorization.ts
@@ -157,6 +157,9 @@ export class ProtocolAuthorization {
       ancestorMessageChain,
       messageStore,
     );
+
+    // Verify expiry
+    ProtocolAuthorization.verifyExpiry(incomingMessage, ruleSet)
   }
 
   public static async authorizeQueryOrSubscribe(
@@ -687,6 +690,31 @@ export class ProtocolAuthorization {
     }
   }
 
+  /**
+   * Verifies that reads adhere to the $expiry constraint if provided
+   * @throws {Error} if expiry date is passed.
+   */
+  private static verifyExpiry(
+    incomingMessage: RecordsRead,
+    ruleSet: ProtocolRuleSet
+  ): void {
+    const ruleExpiry = ruleSet.$expiry;
+    if (!ruleExpiry) {
+      return;
+    }
+
+    const dateCreated = incomingMessage.message.descriptor.filter?.dateCreated;
+    if (!dateCreated) {
+      return;
+    }
+
+    const dateExpiry = dateCreated + ruleExpiry;
+    if (Date.now() > dateExpiry) {
+      throw new DwnError(DwnErrorCode.ProtocolAuthorizationExpiryReached, `dateExpiry ${dateExpiry} has passed`);
+    }
+
+  }
+
   /**
    * If the given RecordsWrite is not a role record, this method does nothing and succeeds immediately.
    *
diff --git a/src/interfaces/protocols-configure.ts b/src/interfaces/protocols-configure.ts
@@ -132,7 +132,7 @@ export class ProtocolsConfigure extends AbstractMessage<ProtocolsConfigureMessag
 
     const { ruleSet, ruleSetProtocolPath, recordTypes, roles } = input;
 
-    // Validate $actions in the rule set
+    // Validate $size in the rule set
     if (ruleSet.$size !== undefined) {
       const { min = 0, max } = ruleSet.$size;
 
@@ -144,6 +144,17 @@ export class ProtocolsConfigure extends AbstractMessage<ProtocolsConfigureMessag
       }
     }
 
+    // Validate $expiry in the rule set
+    if (ruleSet.$expiry !== undefined) {
+
+      if (ruleSet.$expiry < 1) {
+        throw new DwnError(
+          DwnErrorCode.ProtocolsConfigureInvalidSize,
+          `Invalid expiry found: expiry ${ruleSet.$expiry} less than minimum 1 at protocol path '${ruleSetProtocolPath}'`
+        );
+      }
+    }
+
     // validate each action rule
     const actionRules = ruleSet.$actions ?? [];
     for (let i = 0; i < actionRules.length; i++) {
diff --git a/src/types/protocols-types.ts b/src/types/protocols-types.ts
@@ -128,6 +128,11 @@ export type ProtocolRuleSet = {
     max?: number
   }
 
+  /**
+   * If $expiry is set, the record expiry in ms.
+   */
+    $expiry?: number;
+
   // JSON Schema verifies that properties other than properties prefixed with $ will actually have type ProtocolRuleSet
   [key: string]: any;
 };

Original file line number	Diff line number	Diff line change
`@@ -106,6 +106,11 @@`
`106`	`106`	`"minimum": 0`
`107`	`107`	`}`
`108`	`108`	`}`
	`109`	`+ },`
	`110`	`+ "$expiry": {`
	`111`	`+ "$comment": "Time in milliseconds from dateCreated to wait until the record expires",`
	`112`	`+ "type": "number",`
	`113`	`+ "minimum": 1`
`109`	`114`	`}`
`110`	`115`	`},`
`111`	`116`	`"patternProperties": {`