chore(rust): improve privileged portals outputs, status, and persistence

build-trust · Nov 12, 2024 · e02e3f8 · e02e3f8
1 parent 04815e5
commit e02e3f8
Show file tree

Hide file tree

Showing 16 changed files with 192 additions and 79 deletions.
diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/storage/tcp_portals_repository.rs b/implementations/rust/ockam/ockam_api/src/cli_state/storage/tcp_portals_repository.rs
@@ -37,14 +37,21 @@ pub struct TcpInlet {
     bind_addr: SocketAddr,
     outlet_addr: MultiAddr,
     alias: String,
+    privileged: bool,
 }
 
 impl TcpInlet {
-    pub fn new(bind_addr: &SocketAddr, outlet_addr: &MultiAddr, alias: &str) -> TcpInlet {
+    pub fn new(
+        bind_addr: &SocketAddr,
+        outlet_addr: &MultiAddr,
+        alias: &str,
+        privileged: bool,
+    ) -> TcpInlet {
         Self {
             bind_addr: *bind_addr,
             outlet_addr: outlet_addr.clone(),
             alias: alias.to_string(),
+            privileged,
         }
     }
 
@@ -59,4 +66,8 @@ impl TcpInlet {
     pub fn alias(&self) -> String {
         self.alias.clone()
     }
+
+    pub fn privileged(&self) -> bool {
+        self.privileged
+    }
 }
diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/storage/tcp_portals_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/cli_state/storage/tcp_portals_repository_sql.rs
@@ -14,6 +14,7 @@ use ockam_core::Error;
 use ockam_core::Result;
 use ockam_core::{async_trait, Address};
 use ockam_multiaddr::MultiAddr;
+use ockam_node::database::Boolean;
 use ockam_transport_core::HostnamePort;
 
 #[derive(Clone)]
@@ -46,14 +47,15 @@ impl TcpPortalsRepository for TcpPortalsSqlxDatabase {
     ) -> ockam_core::Result<()> {
         let query = query(
             r#"
-            INSERT INTO tcp_inlet (node_name, bind_addr, outlet_addr, alias)
-            VALUES ($1, $2, $3, $4)
+            INSERT INTO tcp_inlet (node_name, bind_addr, outlet_addr, alias, privileged)
+            VALUES ($1, $2, $3, $4, $5)
             ON CONFLICT DO NOTHING"#,
         )
         .bind(node_name)
         .bind(tcp_inlet.bind_addr().to_string())
         .bind(tcp_inlet.outlet_addr().to_string())
-        .bind(tcp_inlet.alias());
+        .bind(tcp_inlet.alias())
+        .bind(tcp_inlet.privileged());
         query.execute(&*self.database.pool).await.void()?;
         Ok(())
     }
@@ -64,7 +66,7 @@ impl TcpPortalsRepository for TcpPortalsSqlxDatabase {
         alias: &str,
     ) -> ockam_core::Result<Option<TcpInlet>> {
         let query = query_as(
-            "SELECT bind_addr, outlet_addr, alias FROM tcp_inlet WHERE node_name = $1 AND alias = $2",
+            "SELECT bind_addr, outlet_addr, alias, privileged FROM tcp_inlet WHERE node_name = $1 AND alias = $2",
         )
         .bind(node_name)
         .bind(alias);
@@ -90,14 +92,15 @@ impl TcpPortalsRepository for TcpPortalsSqlxDatabase {
     ) -> ockam_core::Result<()> {
         let query = query(
             r#"
-            INSERT INTO tcp_outlet_status (node_name, socket_addr, worker_addr, payload)
-            VALUES ($1, $2, $3, $4)
+            INSERT INTO tcp_outlet_status (node_name, socket_addr, worker_addr, payload, privileged)
+            VALUES ($1, $2, $3, $4, $5)
             ON CONFLICT DO NOTHING"#,
         )
         .bind(node_name)
         .bind(tcp_outlet_status.to.to_string())
         .bind(tcp_outlet_status.worker_addr.to_string())
-        .bind(tcp_outlet_status.payload.as_ref());
+        .bind(tcp_outlet_status.payload.as_ref())
+        .bind(tcp_outlet_status.privileged);
         query.execute(&*self.database.pool).await.void()?;
         Ok(())
     }
@@ -107,7 +110,7 @@ impl TcpPortalsRepository for TcpPortalsSqlxDatabase {
         node_name: &str,
         worker_addr: &Address,
     ) -> ockam_core::Result<Option<OutletStatus>> {
-        let query = query_as("SELECT socket_addr, worker_addr, payload FROM tcp_outlet_status WHERE node_name = $1 AND worker_addr = $2")
+        let query = query_as("SELECT socket_addr, worker_addr, payload, privileged FROM tcp_outlet_status WHERE node_name = $1 AND worker_addr = $2")
             .bind(node_name)
             .bind(worker_addr.to_string());
         let result: Option<TcpOutletStatusRow> = query
@@ -139,6 +142,7 @@ struct TcpInletRow {
     bind_addr: String,
     outlet_addr: String,
     alias: String,
+    privileged: Boolean,
 }
 
 impl TcpInletRow {
@@ -157,6 +161,7 @@ impl TcpInletRow {
             &self.bind_addr()?,
             &self.outlet_addr()?,
             &self.alias,
+            self.privileged.to_bool(),
         ))
     }
 }
@@ -167,6 +172,7 @@ struct TcpOutletStatusRow {
     socket_addr: String,
     worker_addr: String,
     payload: Option<String>,
+    privileged: Boolean,
 }
 
 impl TcpOutletStatusRow {
@@ -178,6 +184,7 @@ impl TcpOutletStatusRow {
             to,
             worker_addr,
             payload: self.payload.clone(),
+            privileged: self.privileged.to_bool(),
         })
     }
 }
@@ -197,6 +204,7 @@ mod tests {
                 &SocketAddr::from_str("127.0.0.1:80").unwrap(),
                 &MultiAddr::from_str("/node/outlet").unwrap(),
                 "alias",
+                true,
             );
             repository.store_tcp_inlet("node_name", &tcp_inlet).await?;
             let actual = repository.get_tcp_inlet("node_name", "alias").await?;
@@ -211,6 +219,7 @@ mod tests {
                 HostnamePort::from_str("127.0.0.1:80").unwrap(),
                 worker_addr.clone(),
                 Some("payload".to_string()),
+                true,
             );
             repository
                 .store_tcp_outlet("node_name", &tcp_outlet_status)

diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/tcp_portals.rs b/implementations/rust/ockam/ockam_api/src/cli_state/tcp_portals.rs
@@ -17,8 +17,9 @@ impl CliState {
         bind_addr: &SocketAddr,
         outlet_addr: &MultiAddr,
         alias: &str,
+        privileged: bool,
     ) -> Result<TcpInlet> {
-        let tcp_inlet = TcpInlet::new(bind_addr, outlet_addr, alias);
+        let tcp_inlet = TcpInlet::new(bind_addr, outlet_addr, alias, privileged);
         self.tcp_portals_repository()
             .store_tcp_inlet(node_name, &tcp_inlet)
             .await?;
@@ -56,8 +57,10 @@ impl CliState {
         to: &HostnamePort,
         worker_addr: &Address,
         payload: &Option<String>,
+        privileged: bool,
     ) -> Result<OutletStatus> {
-        let tcp_outlet_status = OutletStatus::new(to.clone(), worker_addr.clone(), payload.clone());
+        let tcp_outlet_status =
+            OutletStatus::new(to.clone(), worker_addr.clone(), payload.clone(), privileged);
 
         self.tcp_portals_repository()
             .store_tcp_outlet(node_name, &tcp_outlet_status)

diff --git a/implementations/rust/ockam/ockam_api/src/nodes/models/portal.rs b/implementations/rust/ockam/ockam_api/src/nodes/models/portal.rs
@@ -12,7 +12,7 @@ use ockam_core::{Address, IncomingAccessControl, OutgoingAccessControl, Route};
 use ockam_multiaddr::MultiAddr;
 use serde::{Deserialize, Serialize};
 
-use crate::colors::color_primary;
+use crate::colors::{color_primary, color_primary_alt};
 use crate::error::ApiError;
 
 use crate::output::Output;
@@ -208,6 +208,7 @@ pub struct InletStatus {
     #[n(5)] pub outlet_route: Option<String>,
     #[n(6)] pub status: ConnectionStatus,
     #[n(7)] pub outlet_addr: String,
+    #[n(8)] pub privileged: bool,
 }
 
 impl InletStatus {
@@ -220,6 +221,7 @@ impl InletStatus {
         outlet_route: impl Into<Option<String>>,
         status: ConnectionStatus,
         outlet_addr: impl Into<String>,
+        privileged: bool,
     ) -> Self {
         Self {
             bind_addr: bind_addr.into(),
@@ -229,6 +231,7 @@ impl InletStatus {
             outlet_route: outlet_route.into(),
             status,
             outlet_addr: outlet_addr.into(),
+            privileged,
         }
     }
 }
@@ -261,6 +264,14 @@ impl Display for InletStatus {
             fmt::INDENTATION,
             color_primary(&self.outlet_addr)
         )?;
+        if self.privileged {
+            writeln!(
+                f,
+                "{}This Inlet is operating in {} mode",
+                fmt::INDENTATION,
+                color_primary_alt("privileged".to_string())
+            )?;
+        }
         Ok(())
     }
 }
@@ -280,14 +291,21 @@ pub struct OutletStatus {
     #[n(2)] pub worker_addr: Address,
     /// An optional status payload
     #[n(3)] pub payload: Option<String>,
+    #[n(4)] pub privileged: bool,
 }
 
 impl OutletStatus {
-    pub fn new(to: HostnamePort, worker_addr: Address, payload: impl Into<Option<String>>) -> Self {
+    pub fn new(
+        to: HostnamePort,
+        worker_addr: Address,
+        payload: impl Into<Option<String>>,
+        privileged: bool,
+    ) -> Self {
         Self {
             to,
             worker_addr,
             payload: payload.into(),
+            privileged,
         }
     }
 
@@ -316,7 +334,18 @@ impl Display for OutletStatus {
                     .to_string()
             ),
             color_primary(self.to.to_string()),
-        )
+        )?;
+
+        if self.privileged {
+            writeln!(
+                f,
+                "{}This Outlet is operating in {} mode",
+                fmt::INDENTATION,
+                color_primary_alt("privileged".to_string())
+            )?;
+        }
+
+        Ok(())
     }
 }
 

diff --git a/implementations/rust/ockam/ockam_api/src/nodes/registry.rs b/implementations/rust/ockam/ockam_api/src/nodes/registry.rs
@@ -127,14 +127,21 @@ pub(crate) struct InletInfo {
     pub(crate) bind_addr: String,
     pub(crate) outlet_addr: MultiAddr,
     pub(crate) session: Arc<Mutex<Session>>,
+    pub(crate) privileged: bool,
 }
 
 impl InletInfo {
-    pub(crate) fn new(bind_addr: &str, outlet_addr: MultiAddr, session: Session) -> Self {
+    pub(crate) fn new(
+        bind_addr: &str,
+        outlet_addr: MultiAddr,
+        session: Session,
+        privileged: bool,
+    ) -> Self {
         Self {
             bind_addr: bind_addr.to_owned(),
             outlet_addr,
             session: Arc::new(Mutex::new(session)),
+            privileged,
         }
     }
 }
@@ -143,15 +150,20 @@ impl InletInfo {
 pub struct OutletInfo {
     pub(crate) to: HostnamePort,
     pub(crate) worker_addr: Address,
+    pub(crate) privileged: bool,
 }
 
 impl OutletInfo {
-    pub(crate) fn new(to: HostnamePort, worker_addr: Option<&Address>) -> Self {
+    pub(crate) fn new(to: HostnamePort, worker_addr: Option<&Address>, privileged: bool) -> Self {
         let worker_addr = match worker_addr {
             Some(addr) => addr.clone(),
             None => Address::from_string(""),
         };
-        Self { to, worker_addr }
+        Self {
+            to,
+            worker_addr,
+            privileged,
+        }
     }
 }
 
@@ -334,6 +346,6 @@ mod tests {
     }
 
     fn outlet_info(worker_addr: Address) -> OutletInfo {
-        OutletInfo::new(HostnamePort::new("127.0.0.1", 0), Some(&worker_addr))
+        OutletInfo::new(HostnamePort::new("127.0.0.1", 0), Some(&worker_addr), true)
     }
 }
diff --git a/implementations/rust/ockam/ockam_api/src/nodes/service/manager.rs b/implementations/rust/ockam/ockam_api/src/nodes/service/manager.rs
@@ -380,7 +380,14 @@ impl NodeManager {
             .entries()
             .await
             .iter()
-            .map(|(_, info)| OutletStatus::new(info.to.clone(), info.worker_addr.clone(), None))
+            .map(|(_, info)| {
+                OutletStatus::new(
+                    info.to.clone(),
+                    info.worker_addr.clone(),
+                    None,
+                    info.privileged,
+                )
+            })
             .collect()
     }