consento-org · RangerMauve · Jan 19, 2021 · Jan 15, 2021 · Jan 15, 2021 · Jan 15, 2021
diff --git a/src/Permissions.ts b/src/Permissions.ts
@@ -0,0 +1,217 @@
+import { FeedItem, isRequest, isResponse, Request, Response } from './member'
+import { States } from './States'
+import HLC, { Timestamp } from '@consento/hlc'
+
+export type MemberState = 'added' | 'removed'
+export type RequestState = 'finished' | 'denied' | 'active' | 'pending' | 'conflicted' | 'cancelled'
+export type MemberId = string
+export type RequestId = string
+
+function pushToMapped <K, V> (map: Map<K, V[]>, key: K, value: V): number {
+  const list = map.get(key)
+  if (list === undefined) {
+    map.set(key, [value])
+    return 1
+  }
+  return list.push(value)
+}
+
+export class Permissions {
+  readonly members = new States<MemberState>()
+  readonly requests = new States<RequestState>()
+  readonly clock = new HLC()
+  readonly signatures = new Map<RequestId, Set<MemberId>>()
+
+  private readonly memberTime = new Map<MemberId, Timestamp>()
+  private readonly openRequests = new Map<RequestId, Request>()
+  private readonly openRequestsByMember = new Map<MemberId, Request[]>()
+
+  get isLocked (): boolean {
+    if (this.members.byState('removed').size === 0) {
+      // We havn't removed members yet, so the system is still active: case before the first member.
+      return false
+    }
+    // If all members are removed, no new members can be possibly added; The system is locked.
+    return this.members.byState('added').size === 0
+  }
+
+  add <Input extends FeedItem> (item: Input): Input {
+    const members = this.members.byState('added')
+    if (members.size === 0) {
+      if (!isRequest(item)) {
+        throw new Error('First feed-item needs to be a request.')
+      }
+      if (item.who !== item.from) {
+        throw new Error('The first member can only add itself.')
+      }
+      if (item.operation !== 'add') {
+        throw new Error('First request needs to be an add request.')
+      }
+      if (this.isLocked) {
+        throw new Error('All members were removed.')
+      }
+    } else {
+      if (!members.has(item.from)) {
+        throw new Error('unknown member')
+      }
+    }
+    const lastTime = this.memberTime.get(item.from)
+    if (lastTime !== undefined && lastTime.compare(item.timestamp) >= 0) {
+      throw new Error(`Order error: The last item from "${item.from}" is newer than this request.`)
+    }
+    this.memberTime.set(item.from, item.timestamp)
+    this.clock.update(item.timestamp)
+    if (isRequest(item)) {
+      this.handleRequest(item)
+      return item
+    } else if (isResponse(item)) {
+      this.handleResponse(item)
+      return item
+    }
+    throw new Error('todo')
+  }
+
+  private handleResponse (response: Response): void {
+    const state = this.requests.get(response.id)
+    if (state === undefined) {
+      throw new Error(`Response for unknown request ${response.id}`)
+    }
+    if (state === 'finished') {
+      throw new Error(`Received response to the already-finished request "${response.id}".`)
+    }
+    const openRequest = this.openRequests.get(response.id)
+    if (response.response === 'cancel') {
+      return this.handleCancel(response, openRequest)
+    }
+    if (response.response === 'deny') {
+      return this.handleDeny(response, openRequest)
+    }
+    if (response.response === 'accept') {
+      return this.handleAccept(response, openRequest)
+    }
+    throw new Error('todo')
+  }
+
+  private handleAccept (response: Response, openRequest?: Request): void {
+    if (openRequest !== undefined) {
+      if (openRequest.from === response.from) {
+        throw new Error('Cant accept own request.')
+      }
+      const signatures = this.addSignature(response)
+      if (signatures >= this.getRequiredSignatures(openRequest)) {
+        this.finishRequest(openRequest)
+      }
+    }
+    // TODO: should we thrown an error if the request is not active
+  }
+
+  private getRequiredSignatures (request: Request): number {
+    const amountMembers = this.members.byState('added').size
+    // The signature of the member that created the request is not necessary
+    const neededSignatures = amountMembers - 1
+    if (
+      // Remove operations are okay with having one less
+      request.operation === 'remove' &&
+      // Two members can form a majority, to remove one of two members
+      // unilaterally is impossible
+      amountMembers > 2
+    ) {
+      return neededSignatures - 1
+    }
+    return neededSignatures
+  }
+
+  private addSignature (response: Response): number {
+    const signatures = this.signatures.get(response.id)
+    if (signatures === undefined) {
+      this.signatures.set(response.id, new Set(response.from))
+      return 1
+    }
+    if (signatures.has(response.from)) {
+      throw new Error(`${response.from} tried to sign the same request twice`)
+    }
+    signatures.add(response.from)
+    return signatures.size
+  }
+
+  private finishRequest (request: Request): void {
+    if (request.operation === 'merge') {
+      throw new Error('todo')
+    }
+    if (request.operation === 'add') {
+      this.members.set(request.who, 'added')
+    } else {
+      this.members.set(request.who, 'removed')
+    }
+    this.requests.set(request.id, 'finished')
+    this.openRequests.delete(request.id)
+    this.signatures.delete(request.id)
+    const list = this.openRequestsByMember.get(request.from)
+    if (list === undefined) {
+      throw new Error('This may never occur')
+    }
+    if (list.shift() !== request) {
+      throw new Error('This may also never occur')
+    }
+    const entry = list[0]
+    if (entry === undefined) {
+      this.openRequestsByMember.delete(request.from)
+    } else {
+      this.requests.set(entry.id, 'active')
+    }
+  }
+
+  private handleCancel (response: Response, openRequest?: Request): void {
+    if (openRequest !== undefined) {
+      if (openRequest.from !== response.from) {
+        throw new Error(`Member ${response.from} can not cancel the request ${response.id} by ${openRequest.from}.`)
+      }
+      this.requests.set(response.id, 'cancelled')
+      this.openRequests.delete(response.id)
+      this.openRequestsByMember.delete(response.id)
+    }
+    // TODO: Should we throw an error if the request is not active?
+  }
+
+  private handleDeny (response: Response, openRequest?: Request): void {
+    if (openRequest !== undefined) {
+      if (openRequest.from === response.from) {
+        throw new Error(`Member ${response.from} can not deny their own request ${response.id}. Maybe they meant to cancel?`)
+      }
+      this.requests.set(response.id, 'denied')
+      this.openRequests.delete(response.id)
+      this.openRequestsByMember.delete(response.id)
+    }
+    // TODO: Should we throw an error if the request is not active?
+  }
+
+  private handleRequest (request: Request): void {
+    if (request.operation === 'merge') {
+      throw new Error('todo')
+    }
+    if (this.requests.has(request.id)) {
+      throw new Error(`Request ID=${request.id} has already been used.`)
+    }
+    const memberState = this.members.get(request.who)
+    if (request.operation === 'remove') {
+      if (memberState === undefined) {
+        throw new Error(`Cant remove ${request.who} because it is not a member.`)
+      }
+    } else {
+      if (memberState === 'removed') {
+        throw new Error(`Cant add previously removed member ${request.who}`)
+      }
+      if (memberState === 'added') {
+        throw new Error(`Cant add ${request.who} as it is already added`)
+      }
+    }
+    this.openRequests.set(request.id, request)
+    this.requests.set(
+      request.id,
+      pushToMapped(this.openRequestsByMember, request.from, request) === 1 ? 'active' : 'pending'
+    )
+    if (this.requests.get(request.id) === 'active' && this.getRequiredSignatures(request) <= 0) {
+      this.finishRequest(request)
+    }
+  }
+}
diff --git a/src/States.ts b/src/States.ts
@@ -1,11 +1,45 @@
+export interface ReadonlySet <T> {
+  has: (entry: T) => boolean
+  [Symbol.iterator]: () => Iterator<string>
+  size: number
+}
+
+export const EmptySet: ReadonlySet<any> = {
+  has: (_: string) => false,
+  [Symbol.iterator]: function * (): Iterator<string> {},
+  size: 0
+}
+
 export class States <State extends string> implements Iterable<[id: string, state: State]> {
-  readonly byState: Partial<{ [state in State]: Set<string> }> = {}
+  readonly #byState: Partial<{ [state in State]: Set<string> }> = {}
+
+  byState (state: State): ReadonlySet<string> {
+    return this.#byState[state] ?? EmptySet
+  }
+
+  has (id: string): boolean {
+    return this.get(id) !== undefined
+  }
+
+  get (id: string): State | undefined {
+    for (const bucketState in this.#byState) {
+      if (bucketState !== undefined) {
+        const bucket = this.#byState[bucketState]
+        if (bucket?.has(id) ?? false) {
+          return bucketState
+        }
+      }
+    }
+    return undefined
+  }
 
   set (id: string, state: State): void {
-    this.clear(id, state)
-    const bucket = this.byState[state]
+    if (!this.clear(id, state)) {
+      return
+    }
+    const bucket = this.#byState[state]
     if (bucket === undefined) {
-      this.byState[state] = new Set([id])
+      this.#byState[state] = new Set([id])
       return
     }
     bucket.add(id)
@@ -16,8 +50,8 @@ export class States <State extends string> implements Iterable<[id: string, stat
   }
 
   * [Symbol.iterator] (): Iterator<[id: string, state: State]> {
-    for (const bucketState in this.byState) {
-      const bucket = this.byState[bucketState] as Set<string>
+    for (const bucketState in this.#byState) {
+      const bucket = this.#byState[bucketState] as Set<string>
       if (bucket !== undefined) {
         for (const entry of bucket) {
           yield [entry, bucketState]
@@ -26,30 +60,18 @@ export class States <State extends string> implements Iterable<[id: string, stat
     }
   }
 
-  private clear (id: string, unlessState?: State): void {
-    for (const bucketState in this.byState) {
-      if (bucketState === unlessState) return
-      const bucket = this.byState[bucketState]
-      if (bucket !== undefined) {
-        bucket.delete(id)
-        if (bucket.size === 0) {
-          // eslint-disable-next-line @typescript-eslint/no-dynamic-delete
-          delete this.byState[bucketState]
-        }
-        return
+  private clear (id: string, unlessState?: State): boolean {
+    for (const bucketState in this.#byState) {
+      const bucket = this.#byState[bucketState] as Set<string>
+      if (!bucket.has(id)) {
+        continue
       }
-    }
-  }
-
-  get (id: string): State | undefined {
-    for (const bucketState in this.byState) {
-      if (bucketState !== undefined) {
-        const bucket = this.byState[bucketState]
-        if (bucket?.has(id) ?? false) {
-          return bucketState
-        }
+      if (bucketState === unlessState) {
+        return false
       }
+      bucket.delete(id)
+      return true
     }
-    return undefined
+    return true
   }
 }