PR fixup

islamaliev · Nov 5, 2024 · 58ee6eb · 58ee6eb
1 parent 688d17b
commit 58ee6eb
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 50 deletions.
diff --git a/internal/db/collection_retriever.go b/internal/db/collection_retriever.go
@@ -75,5 +75,5 @@ func (r *CollectionRetriever) RetrieveCollectionFromDocID(
 		return nil, NewErrCollectionWithSchemaRootNotFound(schema.Root)
 	}
 
-	return cols[0], nil
+	return cols[0], headIterator.Close()
 }
diff --git a/internal/db/db.go b/internal/db/db.go
@@ -228,6 +228,32 @@ func (db *db) AddPolicy(
 	return client.AddPolicyResult{PolicyID: policyID}, nil
 }
 
+func (db *db) publishDocUpdateEvent(ctx context.Context, docID string, collection client.Collection) error {
+	headsIterator, err := NewHeadBlocksIterator(ctx, db.multistore.Headstore(), db.Blockstore(), docID)
+	if err != nil {
+		return err
+	}
+
+	for {
+		hasValue, err := headsIterator.Next()
+		if err != nil {
+			return errors.Join(err, headsIterator.Close())
+		}
+		if !hasValue {
+			break
+		}
+
+		updateEvent := event.Update{
+			DocID:      docID,
+			Cid:        headsIterator.CurrentCid(),
+			SchemaRoot: collection.Schema().Root,
+			Block:      headsIterator.CurrentRawBlock(),
+		}
+		db.events.Publish(event.NewMessage(event.UpdateName, updateEvent))
+	}
+	return headsIterator.Close()
+}
+
 func (db *db) AddDocActorRelationship(
 	ctx context.Context,
 	collectionName string,
@@ -263,38 +289,14 @@ func (db *db) AddDocActorRelationship(
 		return client.AddDocActorRelationshipResult{}, err
 	}
 
-	err = db.publishDocUpdateEvent(ctx, docID, collection)
-	if err != nil {
-		return client.AddDocActorRelationshipResult{}, err
-	}
-
-	return client.AddDocActorRelationshipResult{ExistedAlready: exists}, nil
-}
-
-func (db *db) publishDocUpdateEvent(ctx context.Context, docID string, collection client.Collection) error {
-	headsIterator, err := NewHeadBlocksIterator(ctx, db.multistore.Headstore(), db.Blockstore(), docID)
-	if err != nil {
-		return err
-	}
-
-	for {
-		hasValue, err := headsIterator.Next()
+	if !exists {
+		err = db.publishDocUpdateEvent(ctx, docID, collection)
 		if err != nil {
-			return errors.Join(err, headsIterator.Close())
+			return client.AddDocActorRelationshipResult{}, err
 		}
-		if !hasValue {
-			break
-		}
-
-		updateEvent := event.Update{
-			DocID:      docID,
-			Cid:        headsIterator.CurrentCid(),
-			SchemaRoot: collection.Schema().Root,
-			Block:      headsIterator.CurrentRawBlock(),
-		}
-		db.events.Publish(event.NewMessage(event.UpdateName, updateEvent))
 	}
-	return headsIterator.Close()
+
+	return client.AddDocActorRelationshipResult{ExistedAlready: exists}, nil
 }
 
 func (db *db) DeleteDocActorRelationship(

diff --git a/internal/db/iterator.go b/internal/db/iterator.go
@@ -37,6 +37,7 @@ type DocHeadBlocksIterator struct {
 var _ io.Closer = (*DocHeadBlocksIterator)(nil)
 
 func (h *DocHeadBlocksIterator) Close() error {
+	h.cids = nil
 	return nil
 }
 

diff --git a/internal/kms/pubsub.go b/internal/kms/pubsub.go
@@ -24,12 +24,14 @@ import (
 	grpcpeer "google.golang.org/grpc/peer"
 
 	"github.com/sourcenetwork/defradb/acp"
+	"github.com/sourcenetwork/defradb/acp/identity"
 	"github.com/sourcenetwork/defradb/client"
 	"github.com/sourcenetwork/defradb/crypto"
 	"github.com/sourcenetwork/defradb/datastore"
 	"github.com/sourcenetwork/defradb/errors"
 	"github.com/sourcenetwork/defradb/event"
 	coreblock "github.com/sourcenetwork/defradb/internal/core/block"
+	"github.com/sourcenetwork/defradb/internal/db/permission"
 	"github.com/sourcenetwork/defradb/internal/encryption"
 )
 
@@ -372,26 +374,14 @@ func (s *pubSubService) doesIdentityHaveDocPermission(
 		return false, err
 	}
 
-	policy := collection.Definition().Description.Policy
-	if !policy.HasValue() || policy.Value().ID == "" || policy.Value().ResourceName == "" {
-		return true, nil
-	}
-
-	policyID, resourceName := policy.Value().ID, policy.Value().ResourceName
-
-	isRegistered, err := s.acp.Value().IsDocRegistered(ctx, policyID, resourceName, docID)
-	if err != nil {
-		return false, err
-	}
-
-	if !isRegistered {
-		// Unrestricted access as it is a public document.
-		return true, nil
-	}
-
-	hasPerm, err := s.acp.Value().CheckDocAccess(ctx, acp.ReadPermission, actorIdentity, policyID, resourceName, docID)
-
-	return hasPerm, err
+	return permission.CheckAccessOfDocOnCollectionWithACP(
+		ctx,
+		immutable.Some(identity.Identity{DID: actorIdentity}),
+		s.acp.Value(),
+		collection,
+		acp.ReadPermission,
+		docID,
+	)
 }
 
 func encodeToBase64(data []byte) []byte {