Merge remote-tracking branch 'origin/develop' into feature/allow-debug

Author: PierreJeanjacquot

packages/dataprotector-deserializer/CHANGELOG.md

@@ -1 +1,7 @@
+## Next
+
+### Changed
+
+- fixed cryptic TypeError when `@iexec/dataprotector-deserializer` was used in a context without protected data, `getValue()` now rejects with Error "Missing protected data" in such a case.
+
 ## [0.1.0] Initial release

packages/dataprotector-deserializer/src/index.ts

@@ -40,23 +40,31 @@ type Mode = 'optimistic' | 'legacy' | 'borsh';
  * - `protectedDataPath`: overrides the dataset path, by default use the standard dataset path provided in the iExec worker runtime
  */
 class IExecDataProtectorDeserializer {
-  private protectedDataPath: string;
+  private protectedDataPath?: string;
 
   private mode: Mode;
 
-  private zipPromise: Promise<JSZip>;
+  private zipPromise?: Promise<JSZip>;
 
   constructor(options?: { mode?: Mode; protectedDataPath?: string }) {
     this.mode = options?.mode || 'optimistic';
-    this.protectedDataPath =
-      options?.protectedDataPath ||
-      join(process.env.IEXEC_IN, process.env.IEXEC_DATASET_FILENAME);
-    this.zipPromise = readFile(this.protectedDataPath).then((buffer) => {
-      return new JSZip().loadAsync(buffer);
-    });
-    this.zipPromise.catch(() => {
-      /* prevents unhandled promise rejection */
-    });
+    if (options?.protectedDataPath) {
+      this.protectedDataPath = options?.protectedDataPath;
+    } else if (process.env.IEXEC_DATASET_FILENAME && process.env.IEXEC_IN) {
+      this.protectedDataPath = join(
+        process.env.IEXEC_IN,
+        process.env.IEXEC_DATASET_FILENAME
+      );
+    }
+
+    if (this.protectedDataPath) {
+      this.zipPromise = readFile(this.protectedDataPath).then((buffer) => {
+        return new JSZip().loadAsync(buffer);
+      });
+      this.zipPromise.catch(() => {
+        /* prevents unhandled promise rejection */
+      });
+    }
   }
 
   /**
@@ -93,6 +101,9 @@ class IExecDataProtectorDeserializer {
     | StringSchemaFilter<T>
     | BinarySchemaFilter<T>
   > {
+    if (this.zipPromise === undefined) {
+      throw Error('Missing protected data');
+    }
     const zip = await this.zipPromise.catch(() => {
       throw Error('Failed to load protected data');
     });

packages/dataprotector-deserializer/tests/index.test.ts

@@ -2,15 +2,20 @@ import { writeFile } from 'fs/promises';
 import {
   createZipFromObject as legacyCreateZipFromObject,
   extractDataSchema as legacyExtractDataSchema,
-} from '@iexec/dataprotector/dist/utils/data.js'; // run `prepare-test-deps` script before running this test file
-import { describe, it, beforeAll, expect } from '@jest/globals';
+} from '@iexec/dataprotector/dist/utils/data.js'; // run `test:prepare` script before running this test file
+import { describe, it, beforeAll, expect, beforeEach } from '@jest/globals';
 import {
   createZipFromObject,
   extractDataSchema,
 } from '../../sdk/dist/src/utils/data.js';
 import { IExecDataProtectorDeserializer } from '../src/index.js';
 
 describe('IExecDataProtectorDeserializer', () => {
+  beforeEach(() => {
+    // reset env
+    delete process.env.IEXEC_IN;
+    delete process.env.IEXEC_DATASET_FILENAME;
+  });
   describe('constructor', () => {
     it('set default protectedDataPath with iexec envs', () => {
       process.env.IEXEC_IN = 'iexec_in';
@@ -27,6 +32,15 @@ describe('IExecDataProtectorDeserializer', () => {
       expect(protectedDataDeserializer['mode']).toBe('optimistic');
     });
   });
+  describe('when used without protected data', () => {
+    it('getValue() fails with missing protected data', async () => {
+      process.env.IEXEC_IN = 'iexec_in';
+      const protectedDataDeserializer = new IExecDataProtectorDeserializer();
+      await expect(
+        protectedDataDeserializer.getValue('foo', 'string')
+      ).rejects.toThrow(Error('Missing protected data'));
+    });
+  });
   describe('with a file that is not a protected data', () => {
     it('getValue() fails to load the data', async () => {
       const protectedDataDeserializer = new IExecDataProtectorDeserializer({

packages/sdk/CHANGELOG.md

@@ -8,6 +8,10 @@ All notable changes to this project will be documented in this file.
 
 - Added `allowDebug` option for `protectData` to allow using the protected data in TEE debug apps (default `false`)
 
+### Changed
+
+- `processProtectedData` and `getCollectionsByOwner` returns a ValidationError and not a WorkflowError anymore in case of a bad input parameter.
+
 ## [2.0.0-beta.10] (2024-09-20)
 
 ### Changed

packages/sdk/src/lib/dataProtectorCore/getProtectedData.ts

@@ -32,7 +32,7 @@ export const getProtectedData = async ({
 }: GetProtectedDataParams & IExecConsumer & SubgraphConsumer): Promise<
   ProtectedData[]
 > => {
-  const vCreationTimestampGte = positiveNumberSchema()
+  const vCreatedAfterTimestamp = positiveNumberSchema()
     .label('createdAfterTimestamp')
     .validateSync(createdAfterTimestamp);
   const vProtectedDataAddress = addressOrEnsSchema()
@@ -66,8 +66,8 @@ export const getProtectedData = async ({
     if (vOwner) {
       whereFilters.push({ owner: vOwner });
     }
-    if (vCreationTimestampGte) {
-      whereFilters.push({ creationTimestamp_gte: vCreationTimestampGte });
+    if (vCreatedAfterTimestamp) {
+      whereFilters.push({ creationTimestamp_gte: vCreatedAfterTimestamp });
     }
     if (requiredSchemas.length > 0) {
       whereFilters.push({ schema_contains: requiredSchemas });
@@ -145,7 +145,7 @@ function flattenSchema(
           acc.anyOfSchemas.push(value.map((entry) => `${newKey}:${entry}`));
         } else {
           // Array of only one type. Similar to single type.
-          acc.requiredSchemas.push(...value);
+          acc.requiredSchemas.push(`${newKey}:${value[0]}`);
         }
       }
       // nested schema

packages/sdk/src/lib/dataProtectorCore/grantAccess.ts

@@ -1,4 +1,5 @@
 import { ZeroAddress } from 'ethers';
+import { NULL_ADDRESS } from 'iexec/utils';
 import {
   ValidationError,
   WorkflowError,
@@ -98,7 +99,9 @@ export const grantAccess = async ({
     throw new WorkflowError({
       message: grantAccessErrorMessage,
       errorCause: Error(
-        `An access has been already granted to the user: ${vAuthorizedUser} with the app: ${vAuthorizedApp}`
+        `An access has been already granted to the user: ${
+          vAuthorizedUser || NULL_ADDRESS
+        } with the app: ${vAuthorizedApp}`
       ),
     });
   }

packages/sdk/src/lib/dataProtectorCore/processProtectedData.ts

@@ -33,10 +33,12 @@ import { IExecConsumer } from '../types/internalTypes.js';
 import { getWhitelistContract } from './smartContract/getWhitelistContract.js';
 import { isAddressInWhitelist } from './smartContract/whitelistContract.read.js';
 
+export type ProcessProtectedData = typeof processProtectedData;
+
 export const processProtectedData = async ({
   iexec = throwIfMissing(),
-  protectedData = throwIfMissing(),
-  app = throwIfMissing(),
+  protectedData,
+  app,
   userWhitelist,
   maxPrice = DEFAULT_MAX_PRICE,
   args,
@@ -46,30 +48,31 @@ export const processProtectedData = async ({
   onStatusUpdate = () => {},
 }: IExecConsumer &
   ProcessProtectedDataParams): Promise<ProcessProtectedDataResponse> => {
+  const vProtectedData = addressOrEnsSchema()
+    .required()
+    .label('protectedData')
+    .validateSync(protectedData);
+  const vApp = addressOrEnsSchema()
+    .required()
+    .label('authorizedApp')
+    .validateSync(app);
+  const vUserWhitelist = addressSchema()
+    .label('userWhitelist')
+    .validateSync(userWhitelist);
+  const vMaxPrice = positiveNumberSchema()
+    .label('maxPrice')
+    .validateSync(maxPrice);
+  const vInputFiles = urlArraySchema()
+    .label('inputFiles')
+    .validateSync(inputFiles);
+  const vArgs = stringSchema().label('args').validateSync(args);
+  const vSecrets = secretsSchema().label('secrets').validateSync(secrets);
+  const vWorkerpool = addressOrEnsSchema()
+    .default(WORKERPOOL_ADDRESS) // Default workerpool if none is specified
+    .label('workerpool')
+    .validateSync(workerpool);
+
   try {
-    const vApp = addressOrEnsSchema()
-      .required()
-      .label('authorizedApp')
-      .validateSync(app);
-    const vProtectedData = addressOrEnsSchema()
-      .required()
-      .label('protectedData')
-      .validateSync(protectedData);
-    const vUserWhitelist = addressSchema()
-      .label('userWhitelist')
-      .validateSync(userWhitelist);
-    const vMaxPrice = positiveNumberSchema()
-      .label('maxPrice')
-      .validateSync(maxPrice);
-    const vInputFiles = urlArraySchema()
-      .label('inputFiles')
-      .validateSync(inputFiles);
-    const vArgs = stringSchema().label('args').validateSync(args);
-    const vSecrets = secretsSchema().label('secrets').validateSync(secrets);
-    const vWorkerpool = addressOrEnsSchema()
-      .default(WORKERPOOL_ADDRESS) // Default workerpool if none is specified
-      .label('workerpool')
-      .validateSync(workerpool);
     const vOnStatusUpdate =
       validateOnStatusUpdateCallback<
         OnStatusUpdateFn<ProcessProtectedDataStatuses>
@@ -95,7 +98,7 @@ export const processProtectedData = async ({
 
         if (!isRequesterInWhitelist) {
           throw new Error(
-            `As a user, you are not in the whitelist. So you can't access to the protectedData in order process it`
+            "As a user, you are not in the whitelist. You can't access the protectedData so you can't process it."
           );
         }
         requester = vUserWhitelist;
@@ -243,6 +246,7 @@ export const processProtectedData = async ({
       result,
     };
   } catch (error) {
+    console.error('[processProtectedData] ERROR', error);
     handleIfProtocolError(error);
     throw new WorkflowError({
       message: processProtectedDataErrorMessage,

packages/sdk/src/lib/dataProtectorCore/protectData.ts

@@ -36,15 +36,17 @@ import { getDataProtectorCoreContract } from './smartContract/getDataProtectorCo
 
 const logger = getLogger('protectData');
 
+export type ProtectData = typeof protectData;
+
 export const protectData = async ({
   iexec = throwIfMissing(),
   iexecDebug = throwIfMissing(),
   dataprotectorContractAddress,
+  name = DEFAULT_DATA_NAME,
   ipfsNode,
   ipfsGateway,
   allowDebug = false,
   data,
-  name = DEFAULT_DATA_NAME,
   onStatusUpdate = () => {},
 }: IExecConsumer &
   IExecDebugConsumer &

packages/sdk/src/lib/dataProtectorCore/revokeAllAccess.ts

@@ -22,6 +22,7 @@ export const revokeAllAccess = async ({
   onStatusUpdate = () => {},
 }: IExecConsumer & RevokeAllAccessParams): Promise<RevokedAccess[]> => {
   const vProtectedData = addressOrEnsSchema()
+    .required()
     .label('protectedData')
     .validateSync(protectedData);
   const vAuthorizedApp = addressOrEnsSchema()
@@ -46,6 +47,7 @@ export const revokeAllAccess = async ({
     protectedData: vProtectedData,
     authorizedApp: vAuthorizedApp,
     authorizedUser: vAuthorizedUser,
+    pageSize: 1000,
   }).catch((e) => {
     throw new WorkflowError({
       message: 'Failed to retrieve granted access',

packages/sdk/src/lib/dataProtectorCore/transferOwnership.ts

@@ -5,8 +5,8 @@ import { IExecConsumer } from '../types/internalTypes.js';
 
 export const transferOwnership = async ({
   iexec = throwIfMissing(),
-  protectedData = throwIfMissing(),
-  newOwner = throwIfMissing(),
+  protectedData,
+  newOwner,
 }: IExecConsumer & TransferParams): Promise<TransferResponse> => {
   const vProtectedData = addressOrEnsSchema()
     .required()