firewalldb: plug in sql priv map

ellemouton · ellemouton · commit ed31a0abeffc · 2025-04-17T13:08:43.000+02:00
In this commit, we introduce the SQL impl of the privacy mapper store.

The privacy mapper unit tests can now be run against the SQL impl.
diff --git a/firewalldb/privacy_mapper_sql.go b/firewalldb/privacy_mapper_sql.go
@@ -0,0 +1,179 @@
+package firewalldb
+
+import (
+	"context"
+	"database/sql"
+	"errors"
+
+	"github.com/lightninglabs/lightning-terminal/db/sqlc"
+	"github.com/lightninglabs/lightning-terminal/session"
+)
+
+// SQLPrivacyPairQueries is a subset of the sqlc.Queries interface that can be
+// used to interact with the privacy map table.
+//
+//nolint:lll
+type SQLPrivacyPairQueries interface {
+	SQLSessionQueries
+
+	InsertPrivacyPair(ctx context.Context, arg sqlc.InsertPrivacyPairParams) error
+	GetAllPrivacyPairs(ctx context.Context, groupID int64) ([]sqlc.GetAllPrivacyPairsRow, error)
+	GetPseudoForReal(ctx context.Context, arg sqlc.GetPseudoForRealParams) (string, error)
+	GetRealForPseudo(ctx context.Context, arg sqlc.GetRealForPseudoParams) (string, error)
+}
+
+// PrivacyDB constructs a PrivacyMapDB that will be indexed under the given
+// group ID key.
+func (s *SQLDB) PrivacyDB(groupID session.ID) PrivacyMapDB {
+	return &sqlExecutor[PrivacyMapTx]{
+		db: s.db,
+		wrapTx: func(queries SQLQueries) PrivacyMapTx {
+			return &privacyMapSQLTx{
+				queries: queries,
+				groupID: groupID,
+			}
+		},
+	}
+}
+
+// privacyMapSQLTx is an implementation of PrivacyMapTx.
+type privacyMapSQLTx struct {
+	queries SQLQueries
+	groupID session.ID
+}
+
+// NewPair inserts a new real-pseudo pair into the db.
+//
+// NOTE: this is part of the PrivacyMapTx interface.
+func (p *privacyMapSQLTx) NewPair(ctx context.Context, real,
+	pseudo string) error {
+
+	groupID, err := p.getGroupID(ctx)
+	if err != nil {
+		return err
+	}
+
+	_, err = p.queries.GetPseudoForReal(ctx, sqlc.GetPseudoForRealParams{
+		GroupID: groupID,
+		Real:    real,
+	})
+	if err == nil {
+		return ErrDuplicateRealValue
+	} else if !errors.Is(err, sql.ErrNoRows) {
+		return err
+	}
+
+	_, err = p.queries.GetRealForPseudo(ctx, sqlc.GetRealForPseudoParams{
+		GroupID: groupID,
+		Pseudo:  pseudo,
+	})
+	if err == nil {
+		return ErrDuplicatePseudoValue
+	} else if !errors.Is(err, sql.ErrNoRows) {
+		return err
+	}
+
+	return p.queries.InsertPrivacyPair(ctx, sqlc.InsertPrivacyPairParams{
+		GroupID: groupID,
+		Real:    real,
+		Pseudo:  pseudo,
+	})
+}
+
+// PseudoToReal will check the db to see if the given pseudo key exists. If
+// it does then the real value is returned, else an error is returned.
+//
+// NOTE: this is part of the PrivacyMapTx interface.
+func (p *privacyMapSQLTx) PseudoToReal(ctx context.Context,
+	pseudo string) (string, error) {
+
+	groupID, err := p.getGroupID(ctx)
+	if err != nil {
+		return "", err
+	}
+
+	realVal, err := p.queries.GetRealForPseudo(
+		ctx, sqlc.GetRealForPseudoParams{
+			GroupID: groupID,
+			Pseudo:  pseudo,
+		},
+	)
+	if errors.Is(err, sql.ErrNoRows) {
+		return "", ErrNoSuchKeyFound
+	} else if err != nil {
+		return "", err
+	}
+
+	return realVal, nil
+}
+
+// RealToPseudo will check the db to see if the given real key exists. If it
+// does then the pseudo value is returned, else an error is returned.
+//
+// NOTE: this is part of the PrivacyMapTx interface.
+func (p *privacyMapSQLTx) RealToPseudo(ctx context.Context,
+	real string) (string, error) {
+
+	groupID, err := p.getGroupID(ctx)
+	if err != nil {
+		return "", err
+	}
+
+	pseudo, err := p.queries.GetPseudoForReal(
+		ctx, sqlc.GetPseudoForRealParams{
+			GroupID: groupID,
+			Real:    real,
+		},
+	)
+	if errors.Is(err, sql.ErrNoRows) {
+		return "", ErrNoSuchKeyFound
+	} else if err != nil {
+		return "", err
+	}
+
+	return pseudo, nil
+}
+
+// FetchAllPairs loads and returns the real-to-pseudo pairs.
+//
+// NOTE: this is part of the PrivacyMapTx interface.
+func (p *privacyMapSQLTx) FetchAllPairs(ctx context.Context) (*PrivacyMapPairs,
+	error) {
+
+	groupID, err := p.queries.GetSessionIDByAlias(ctx, p.groupID[:])
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, session.ErrUnknownGroup
+	} else if err != nil {
+		return nil, err
+	}
+
+	pairs, err := p.queries.GetAllPrivacyPairs(ctx, groupID)
+	if err != nil {
+		return nil, err
+	}
+
+	privacyPairs := make(map[string]string, len(pairs))
+	for _, pair := range pairs {
+		privacyPairs[pair.Real] = pair.Pseudo
+	}
+
+	return NewPrivacyMapPairs(privacyPairs), nil
+}
+
+// getGroupID is a helper that can be used to get the DB ID for a session group
+// given the group ID alias. If such a group is not found, then
+// session.ErrUnknownGroup is returned.
+func (p *privacyMapSQLTx) getGroupID(ctx context.Context) (int64, error) {
+	groupID, err := p.queries.GetSessionIDByAlias(ctx, p.groupID[:])
+	if errors.Is(err, sql.ErrNoRows) {
+		return 0, session.ErrUnknownGroup
+	} else if err != nil {
+		return 0, err
+	}
+
+	return groupID, nil
+}
+
+// A compile-time constraint to ensure that the privacyMapSQLTx type implements
+// the PrivacyMapTx interface.
+var _ PrivacyMapTx = (*privacyMapSQLTx)(nil)
diff --git a/firewalldb/privacy_mapper_test.go b/firewalldb/privacy_mapper_test.go
@@ -17,17 +17,13 @@ func TestPrivacyMapStorage(t *testing.T) {
 	ctx := context.Background()
 
 	sessions := session.NewTestDB(t, clock.NewDefaultClock())
-	db, err := NewBoltDB(t.TempDir(), "test.db", sessions)
-	require.NoError(t, err)
-	t.Cleanup(func() {
-		_ = db.Close()
-	})
+	db := NewTestDBWithSessions(t, sessions)
 
 	// First up, let's test that the correct error is returned if an
 	// attempt is made to write to a privacy map that is not linked to
 	// an existing session group.
 	pdb := db.PrivacyDB(session.ID{1, 2, 3, 4})
-	err = pdb.Update(ctx,
+	err := pdb.Update(ctx,
 		func(ctx context.Context, tx PrivacyMapTx) error {
 			_, err := tx.RealToPseudo(ctx, "real")
 			require.ErrorIs(t, err, session.ErrUnknownGroup)
@@ -54,7 +50,7 @@ func TestPrivacyMapStorage(t *testing.T) {
 	pdb1 := db.PrivacyDB(sess.GroupID)
 
 	_ = pdb1.Update(ctx, func(ctx context.Context, tx PrivacyMapTx) error {
-		_, err = tx.RealToPseudo(ctx, "real")
+		_, err := tx.RealToPseudo(ctx, "real")
 		require.ErrorIs(t, err, ErrNoSuchKeyFound)
 
 		_, err = tx.PseudoToReal(ctx, "pseudo")
@@ -89,7 +85,7 @@ func TestPrivacyMapStorage(t *testing.T) {
 	pdb2 := db.PrivacyDB(sess2.GroupID)
 
 	_ = pdb2.Update(ctx, func(ctx context.Context, tx PrivacyMapTx) error {
-		_, err = tx.RealToPseudo(ctx, "real")
+		_, err := tx.RealToPseudo(ctx, "real")
 		require.ErrorIs(t, err, ErrNoSuchKeyFound)
 
 		_, err = tx.PseudoToReal(ctx, "pseudo")
@@ -227,11 +223,7 @@ func TestPrivacyMapTxs(t *testing.T) {
 	ctx := context.Background()
 
 	sessions := session.NewTestDB(t, clock.NewDefaultClock())
-	db, err := NewBoltDB(t.TempDir(), "test.db", sessions)
-	require.NoError(t, err)
-	t.Cleanup(func() {
-		_ = db.Close()
-	})
+	db := NewTestDBWithSessions(t, sessions)
 
 	sess, err := sessions.NewSession(
 		ctx, "test", session.TypeAutopilot, time.Unix(1000, 0), "",
diff --git a/firewalldb/sql_store.go b/firewalldb/sql_store.go
@@ -11,6 +11,7 @@ import (
 // interact with various firewalldb tables.
 type SQLQueries interface {
 	SQLKVStoreQueries
+	SQLPrivacyPairQueries
 }
 
 // BatchedSQLQueries is a version of the SQLQueries that's capable of batched

Original file line number	Diff line number	Diff line change
`@@ -11,6 +11,7 @@ import (`
`11`	`11`	`// interact with various firewalldb tables.`
`12`	`12`	`type SQLQueries interface {`
`13`	`13`	`SQLKVStoreQueries`
	`14`	`+ SQLPrivacyPairQueries`
`14`	`15`	`}`
`15`	`16`
`16`	`17`	`// BatchedSQLQueries is a version of the SQLQueries that's capable of batched`