From 1ee314d529f9eae40fa171e1e2d6b0a6d256b355 Mon Sep 17 00:00:00 2001 From: Liran Cohen Date: Tue, 10 Sep 2024 11:54:50 -0400 Subject: [PATCH] review comment updates --- src/core/protocols-grant-authorization.ts | 4 ++++ tests/features/author-delegated-grant.spec.ts | 2 +- tests/handlers/protocols-query.spec.ts | 11 +++++++++++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/core/protocols-grant-authorization.ts b/src/core/protocols-grant-authorization.ts index 4eaa12215..a0ba0fcc7 100644 --- a/src/core/protocols-grant-authorization.ts +++ b/src/core/protocols-grant-authorization.ts @@ -32,6 +32,10 @@ export class ProtocolsGrantAuthorization { ProtocolsGrantAuthorization.verifyScope(protocolsConfigureMessage, permissionGrant.scope as ProtocolPermissionScope); } + /** + * Authorizes the scope of a permission grant for a ProtocolsQuery message. + * @param messageStore Used to check if the grant has been revoked. + */ public static async authorizeQuery(input: { expectedGrantor: string, expectedGrantee: string, diff --git a/tests/features/author-delegated-grant.spec.ts b/tests/features/author-delegated-grant.spec.ts index d9c5dfa66..79469b183 100644 --- a/tests/features/author-delegated-grant.spec.ts +++ b/tests/features/author-delegated-grant.spec.ts @@ -73,7 +73,7 @@ export function testAuthorDelegatedGrant(): void { const alice = await TestDataGenerator.generateDidKeyPersona(); const bob = await TestDataGenerator.generateDidKeyPersona(); - // Alice grants Bob to configure the email protocol + // Alice grants Bob ability to configure any protocol, bob will use it to configure the email protocol const scope: PermissionScope = { interface : DwnInterfaceName.Protocols, method : DwnMethodName.Configure, diff --git a/tests/handlers/protocols-query.spec.ts b/tests/handlers/protocols-query.spec.ts index a8e7bb010..7d7bd20bf 100644 --- a/tests/handlers/protocols-query.spec.ts +++ b/tests/handlers/protocols-query.spec.ts @@ -376,6 +376,17 @@ export function testProtocolsQueryHandler(): void { expect(protocolQueryPublishedReply.status.code).to.equal(200); expect(protocolQueryPublishedReply.entries?.length).to.equal(1); expect(protocolQueryPublishedReply.entries![0].descriptor.definition.protocol).to.deep.equal(publishedProtocol); + + // Bob tries to ProtocolsQuery to Alice's DWN with no filters, using the same grant + const protocolQueryNoFilters = await ProtocolsQuery.create({ + signer : Jws.createSigner(bob), + permissionGrantId : permissionGrant.recordsWrite.message.recordId, + }); + + const protocolQueryNoFiltersReply = await dwn.processMessage(alice.did, protocolQueryNoFilters.message); + expect(protocolQueryNoFiltersReply.status.code).to.equal(200); + expect(protocolQueryNoFiltersReply.entries?.length).to.equal(1); + expect(protocolQueryNoFiltersReply.entries![0].descriptor.definition.protocol).to.deep.equal(publishedProtocol); }); it('rejects with 401 when an external party attempts to ProtocolsQuery if they present an expired grant', async () => {