Skip to content

Commit

Permalink
refacto: apply suggestions
Browse files Browse the repository at this point in the history
  • Loading branch information
Hugo Rosenkranz-Costa committed Sep 22, 2023
1 parent 75aeffb commit 906ee14
Show file tree
Hide file tree
Showing 9 changed files with 110 additions and 113 deletions.
38 changes: 19 additions & 19 deletions src/abe_policy/access_policy.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ use std::{
};

use crate::{
abe_policy::{policy::Policy, Attribute},
abe_policy::{Attribute, Policy},
Error,
};

Expand Down Expand Up @@ -38,7 +38,7 @@ impl AccessPolicy {
///
/// Shortcut for
/// ```ignore
/// AccessPolicy::Attr(Attribute::new(axis, attribute))
/// AccessPolicy::Attr(Attribute::new(dimension, attribute))
/// ```
///
/// Access Policies can easily be created using it
Expand All @@ -48,8 +48,8 @@ impl AccessPolicy {
/// & (AccessPolicy::new("Department", "MKG") | AccessPolicy::new("Department", "FIN"));
/// ```
#[must_use]
pub fn new(axis: &str, attribute: &str) -> Self {
Self::Attr(Attribute::new(axis, attribute))
pub fn new(dimension: &str, attribute: &str) -> Self {
Self::Attr(Attribute::new(dimension, attribute))
}

/// Converts policy to integer value (for comparison).
Expand Down Expand Up @@ -100,7 +100,7 @@ impl AccessPolicy {
}

/// Sanitizes spaces in boolean expression around parenthesis and operators
/// but keep spaces inside axis & attribute names.
/// but keep spaces inside dimension & attribute names.
///
/// Useless spaces are removed:
/// - before and after operator. Example: `A && B` --> `A&&B`
Expand Down Expand Up @@ -291,7 +291,7 @@ impl AccessPolicy {
|| attribute_vec[1].is_empty()
{
return Err(Error::InvalidBooleanExpression(format!(
"'{boolean_expression}' does not respect the format <axis::name>. \
"'{boolean_expression}' does not respect the format <dimension::name>. \
Example: {boolean_expression_example}"
)));
}
Expand Down Expand Up @@ -345,23 +345,23 @@ impl AccessPolicy {
/// Returns the list of attribute combinations that can be built from the
/// given access policy. It is an OR expression of AND expressions.
///
/// - `policy` : global policy
/// - `include_lower_attributes_from_axis` : set to `true` to combine lower attributes
/// from axis with hierarchical order
/// - `policy` : global policy
/// - `include_lower_attributes_from_dim` : set to `true` to combine lower attributes
/// from dimension with hierarchical order
pub fn to_attribute_combinations(
&self,
policy: &Policy,
include_lower_attributes_from_axis: bool,
include_lower_attributes_from_dim: bool,
) -> Result<Vec<Vec<Attribute>>, Error> {
match self {
Self::Attr(attr) => {
let axis_parameters = policy
let dim_parameters = policy
.dimensions
.get(&attr.dimension)
.ok_or_else(|| Error::DimensionNotFound(attr.dimension.to_string()))?;
let mut res = vec![vec![attr.clone()]];
if let Some(order) = axis_parameters.order.as_deref() {
if include_lower_attributes_from_axis {
if let Some(order) = dim_parameters.order.as_deref() {
if include_lower_attributes_from_dim {
// add attribute values for all attributes below the given one
for name in order.iter().take_while(|&name| name != &attr.name) {
res.push(vec![Attribute::new(&attr.dimension, name)]);
Expand All @@ -371,10 +371,10 @@ impl AccessPolicy {
Ok(res)
}
Self::And(ap_left, ap_right) => {
let combinations_left = ap_left
.to_attribute_combinations(policy, include_lower_attributes_from_axis)?;
let combinations_left =
ap_left.to_attribute_combinations(policy, include_lower_attributes_from_dim)?;
let combinations_right = ap_right
.to_attribute_combinations(policy, include_lower_attributes_from_axis)?;
.to_attribute_combinations(policy, include_lower_attributes_from_dim)?;
let mut res =
Vec::with_capacity(combinations_left.len() * combinations_right.len());
for value_left in combinations_left {
Expand All @@ -388,10 +388,10 @@ impl AccessPolicy {
Ok(res)
}
Self::Or(ap_left, ap_right) => {
let combinations_left = ap_left
.to_attribute_combinations(policy, include_lower_attributes_from_axis)?;
let combinations_left =
ap_left.to_attribute_combinations(policy, include_lower_attributes_from_dim)?;
let combinations_right = ap_right
.to_attribute_combinations(policy, include_lower_attributes_from_axis)?;
.to_attribute_combinations(policy, include_lower_attributes_from_dim)?;
let mut res =
Vec::with_capacity(combinations_left.len() + combinations_right.len());
res.extend(combinations_left);
Expand Down
10 changes: 5 additions & 5 deletions src/abe_policy/attribute.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,13 @@ impl BitOr for AttributeStatus {
}

#[derive(Debug, Clone, Serialize, Deserialize)]
/// Attribute representation used to create a Dimension and add it to a Policy.
/// Attribute representation used to create a `Dimension` and add it to a `Policy`.
pub struct AttributeBuilder {
pub name: String,
pub encryption_hint: EncryptionHint,
}
/// An attribute in a policy group is characterized by the axis policy name
/// and its unique name within this axis.
/// An attribute in a policy group is characterized by the dimension policy name
/// and its unique name within this dimension.
#[derive(Hash, PartialEq, Eq, Clone, PartialOrd, Ord, Serialize, Deserialize)]
#[serde(try_from = "&str", into = "String")]
pub struct Attribute {
Expand All @@ -66,8 +66,8 @@ pub struct Attribute {
impl Attribute {
/// Create a Policy Attribute.
///
/// - `axis` : policy axis the attributes belongs to
/// - `name` : unique attribute name within this axis
/// - `dimension` : policy dimension the attributes belongs to
/// - `name` : unique attribute name within this dimension
#[must_use]
pub fn new(dimension: &str, name: &str) -> Self {
Self {
Expand Down
24 changes: 12 additions & 12 deletions src/abe_policy/dimension.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@ use crate::Error;
pub struct DimensionBuilder {
/// Dimension name
pub name: String,
/// Names of the axis attributes and hybridized encryption hints
/// Names of the dimension attributes and hybridized encryption hints
pub attributes_properties: Vec<AttributeBuilder>,
/// `true` if the axis is hierarchical
/// `true` if the dimension is hierarchical
pub hierarchical: bool,
}

Expand All @@ -42,16 +42,16 @@ impl DimensionBuilder {
name: name.to_string(),
attributes_properties: attributes_properties
.into_iter()
.map(|(axis_name, encryption_hint)| AttributeBuilder {
name: axis_name.to_string(),
.map(|(dim_name, encryption_hint)| AttributeBuilder {
name: dim_name.to_string(),
encryption_hint,
})
.collect(),
hierarchical,
}
}

/// Returns the number of attributes belonging to this axis.
/// Returns the number of attributes belonging to this dimension.
#[must_use]
pub fn len(&self) -> usize {
self.attributes_properties.len()
Expand All @@ -65,7 +65,7 @@ impl DimensionBuilder {
}

#[derive(Clone, PartialEq, Eq, Serialize, Deserialize, Debug)]
/// Represents an Attribute inside a Dimension.
/// Represents an `Attribute` inside a `Dimension`.
pub struct AttributeParameters {
pub rotation_values: Vec<u32>,
pub encryption_hint: EncryptionHint,
Expand Down Expand Up @@ -106,7 +106,7 @@ impl AttributeParameters {
type AttributeName = String;

#[derive(Clone, Eq, PartialEq, Serialize, Deserialize, Debug)]
/// A dimension is a space that holds attributes. It can be ordered (an axis) or
/// A dimension is a space that holds attributes. It can be ordered (an dimension) or
/// unordered (a set).
pub struct Dimension {
pub order: Option<Vec<AttributeName>>,
Expand Down Expand Up @@ -194,11 +194,11 @@ impl Dimension {
) -> Result<(), Error> {
if self.order.is_some() {
Err(Error::OperationNotPermitted(
"Hierarchical axis are immutable".to_string(),
"Hierarchical dimension are immutable".to_string(),
))
} else if self.attributes.contains_key(attr_name) {
Err(Error::OperationNotPermitted(
"Attribute already in axis".to_string(),
"Attribute already in dimension".to_string(),
))
} else {
self.attributes.insert(
Expand All @@ -222,7 +222,7 @@ impl Dimension {
pub fn remove_attribute(&mut self, attr_name: &AttributeName) -> Result<(), Error> {
if self.order.is_some() {
Err(Error::OperationNotPermitted(
"Hierarchical axis are immutable".to_string(),
"Hierarchical dimension are immutable".to_string(),
))
} else {
self.attributes
Expand Down Expand Up @@ -258,15 +258,15 @@ impl Dimension {
/// # Errors
///
/// Returns an error if the new attribute name is already used in the same
/// axis or if the attribute is not found.
/// dimension or if the attribute is not found.
pub fn rename_attribute(
&mut self,
attr_name: &AttributeName,
new_name: &str,
) -> Result<(), Error> {
if self.attributes.contains_key(new_name) {
Err(Error::OperationNotPermitted(
"New attribute name is already used in the same axis".to_string(),
"New attribute name is already used in the same dimension".to_string(),
))
} else {
match self.attributes.remove(attr_name) {
Expand Down
11 changes: 5 additions & 6 deletions src/abe_policy/mod.rs
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,24 @@
//! This crate defines the `Policy` logic, the basis for Attribute Based
//! Encryption (ABE).
//!
//! A `Policy` is a set of axes. Each axis is defined by its name and its list
//! A `Policy` is a set of axes. Each dimension is defined by its name and its list
//! of associated attribute names.
//!
//! An `Attribute` is composed by an axis name and an attribute name within
//! this axis.
//! An `Attribute` is composed by an dimension name and an attribute name within
//! this dimension.

mod access_policy;
mod attribute;
mod dimension;
mod legacy_policy;
mod partitions;
mod policy;
mod policy_versions;

pub use access_policy::AccessPolicy;
pub use attribute::{Attribute, AttributeStatus, Attributes, EncryptionHint};
pub use dimension::{AttributeParameters, Dimension, DimensionBuilder};
pub use legacy_policy::{LegacyPolicy, PolicyV1};
pub use partitions::Partition;
pub use policy::Policy;
pub use policy_versions::{LegacyPolicy, PolicyV1, PolicyV2 as Policy};
use serde::{Deserialize, Serialize};

#[cfg(test)]
Expand Down
19 changes: 2 additions & 17 deletions src/abe_policy/policy.rs
View file
Original file line number Diff line number Diff line change
@@ -1,32 +1,17 @@
use std::{
collections::{HashMap, HashSet},
fmt::{Debug, Display},
fmt::Display,
vec,
};

use serde::{Deserialize, Serialize};
use serde_json::Value;

use super::{
AccessPolicy, Attribute, AttributeParameters, AttributeStatus, Dimension, DimensionBuilder,
EncryptionHint, LegacyPolicy, Partition, PolicyV1, PolicyVersion,
EncryptionHint, LegacyPolicy, Partition, Policy, PolicyV1, PolicyVersion,
};
use crate::Error;

/// A policy is a set of policy axes. A fixed number of attribute creations
/// (revocations + additions) is allowed.
#[derive(Clone, PartialEq, Eq, Serialize, Deserialize, Debug)]
pub struct Policy {
/// Version number
pub version: PolicyVersion,
/// Last value taken by the attribute.
pub(crate) last_attribute_id: u32,

/// Policy axes: maps axes name to the list of associated attribute names
/// and a boolean defining whether or not this dim is hierarchical.
pub dimensions: HashMap<String, Dimension>,
}

impl Display for Policy {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{self:?}")
Expand Down
Loading

0 comments on commit 906ee14

Please sign in to comment.