You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@teaclave.apache.org by hs...@apache.org on 2023/06/30 09:35:49 UTC
[incubator-teaclave] 02/03: [Management] Improve get_function code
This is an automated email from the ASF dual-hosted git repository.
hsun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave.git
commit 34a76de80abf53dcfe6e0792a56a0f87e429be3d
Author: sunhe05 <su...@baidu.com>
AuthorDate: Thu Jun 15 09:09:49 2023 +0000
[Management] Improve get_function code
---
services/management/enclave/src/service.rs | 48 +++++--------------------
services/proto/src/teaclave_frontend_service.rs | 19 +++++++++-
2 files changed, 27 insertions(+), 40 deletions(-)
diff --git a/services/management/enclave/src/service.rs b/services/management/enclave/src/service.rs
index 944555ac..9ae71daa 100644
--- a/services/management/enclave/src/service.rs
+++ b/services/management/enclave/src/service.rs
@@ -27,19 +27,7 @@ use teaclave_proto::teaclave_common::i32_from_task_status;
use teaclave_proto::teaclave_frontend_service::{
from_proto_file_ids, from_proto_ownership, to_proto_file_ids, to_proto_ownership,
};
-use teaclave_proto::teaclave_frontend_service::{
- ApproveTaskRequest, AssignDataRequest, CancelTaskRequest, CreateTaskRequest,
- CreateTaskResponse, DeleteFunctionRequest, DisableFunctionRequest, GetFunctionRequest,
- GetFunctionResponse, GetFunctionUsageStatsRequest, GetFunctionUsageStatsResponse,
- GetInputFileRequest, GetInputFileResponse, GetOutputFileRequest, GetOutputFileResponse,
- GetTaskRequest, GetTaskResponse, InvokeTaskRequest, ListFunctionsRequest,
- ListFunctionsResponse, QueryAuditLogsRequest, QueryAuditLogsResponse, RegisterFunctionRequest,
- RegisterFunctionResponse, RegisterFusionOutputRequest, RegisterFusionOutputResponse,
- RegisterInputFileRequest, RegisterInputFileResponse, RegisterInputFromOutputRequest,
- RegisterInputFromOutputResponse, RegisterOutputFileRequest, RegisterOutputFileResponse,
- UpdateFunctionRequest, UpdateFunctionResponse, UpdateInputFileRequest, UpdateInputFileResponse,
- UpdateOutputFileRequest, UpdateOutputFileResponse,
-};
+use teaclave_proto::teaclave_frontend_service::*;
use teaclave_proto::teaclave_management_service::{SaveLogsRequest, TeaclaveManagement};
use teaclave_proto::teaclave_storage_service::{
DeleteRequest, EnqueueRequest, GetKeysByPrefixRequest, GetRequest, PutRequest,
@@ -359,7 +347,9 @@ impl TeaclaveManagement for TeaclaveManagementService {
Ok(Response::new(response))
}
- // access control: function.public || function.owner == user_id || request.role == PlatformAdmin
+ // access control:
+ // function.public || function.owner == user_id || request.role == PlatformAdmin ||
+ // requested user_id in the user_allowlist
async fn get_function(
&self,
request: Request<GetFunctionRequest>,
@@ -377,33 +367,13 @@ impl TeaclaveManagement for TeaclaveManagementService {
.map_err(|_| ManagementServiceError::InvalidFunctionId)?;
if function.public || role == UserRole::PlatformAdmin || function.owner == user_id {
- let response = GetFunctionResponse {
- name: function.name,
- description: function.description,
- owner: function.owner.to_string(),
- executor_type: function.executor_type.to_string(),
- payload: function.payload,
- public: function.public,
- arguments: function.arguments.into_iter().map(|x| x.into()).collect(),
- inputs: function.inputs.into_iter().map(|x| x.into()).collect(),
- outputs: function.outputs.into_iter().map(|x| x.into()).collect(),
- user_allowlist: function.user_allowlist,
- };
+ let response = function.into();
Ok(Response::new(response))
- } else if !function.public && function.user_allowlist.contains(&user_id.into()) {
- let response = GetFunctionResponse {
- name: function.name,
- description: function.description,
- owner: function.owner.to_string(),
- executor_type: function.executor_type.to_string(),
- payload: vec![],
- public: function.public,
- arguments: function.arguments.into_iter().map(|x| x.into()).collect(),
- inputs: function.inputs.into_iter().map(|x| x.into()).collect(),
- outputs: function.outputs.into_iter().map(|x| x.into()).collect(),
- user_allowlist: vec![],
- };
+ } else if function.user_allowlist.contains(&user_id.into()) {
+ let mut response = GetFunctionResponse::from(function);
+ response.payload = vec![];
+ response.user_allowlist = vec![];
Ok(Response::new(response))
} else {
diff --git a/services/proto/src/teaclave_frontend_service.rs b/services/proto/src/teaclave_frontend_service.rs
index 6e45e9cb..d26d40c1 100644
--- a/services/proto/src/teaclave_frontend_service.rs
+++ b/services/proto/src/teaclave_frontend_service.rs
@@ -20,7 +20,7 @@ use anyhow::{Error, Result};
use core::convert::TryInto;
use std::collections::HashMap;
use teaclave_types::{
- Entry, Executor, ExecutorType, ExternalID, FileAuthTag, FileCrypto, FunctionArgument,
+ Entry, Executor, ExecutorType, ExternalID, FileAuthTag, FileCrypto, Function, FunctionArgument,
FunctionArguments, FunctionBuilder, FunctionInput, FunctionOutput, OwnerList, TaskFileOwners,
};
use url::Url;
@@ -615,6 +615,23 @@ impl From<FunctionArgument> for proto::FunctionArgument {
}
}
+impl From<Function> for GetFunctionResponse {
+ fn from(function: Function) -> Self {
+ Self {
+ name: function.name,
+ description: function.description,
+ owner: function.owner.to_string(),
+ executor_type: function.executor_type.to_string(),
+ payload: function.payload,
+ public: function.public,
+ arguments: function.arguments.into_iter().map(|x| x.into()).collect(),
+ inputs: function.inputs.into_iter().map(|x| x.into()).collect(),
+ outputs: function.outputs.into_iter().map(|x| x.into()).collect(),
+ user_allowlist: function.user_allowlist,
+ }
+ }
+}
+
pub fn from_proto_ownership(proto: Vec<proto::OwnerList>) -> TaskFileOwners {
proto
.into_iter()
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@teaclave.apache.org
For additional commands, e-mail: commits-help@teaclave.apache.org