Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add check in WorkflowValidator class.
Browse files Browse the repository at this point in the history
mariacarmina committed Oct 3, 2023
1 parent 81e4586 commit 22da96a
Showing 4 changed files with 46 additions and 31 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/pytest.yml
Original file line number Diff line number Diff line change
@@ -64,7 +64,7 @@ jobs:
cat $HOME/.ocean/ocean-contracts/artifacts/address.json
- name: Test with pytest
run: |
pytest tests/test_compute.py::test_algo_credentials
pytest ocean_provider/validation/test/test_algo_validation.py::test_algo_credentials
- name: docker logs
run: docker logs ocean_aquarius_1 && docker logs ocean_provider_1 && docker logs ocean_provider2_1 && docker logs ocean_ipfs_1
if: ${{ failure() }}
27 changes: 18 additions & 9 deletions ocean_provider/validation/algo.py
Original file line number Diff line number Diff line change
@@ -310,6 +310,16 @@ def preliminary_algo_validation(self):
self.message = "file_unavailable"
return False

try:
AddressCredential(algo_ddo).validate_access(
{"type": "address", "value": self.consumer_address}
)

except Exception:
self.resource += ".credentials"
self.message = "restricted_access_for_algo"
return False

return True


@@ -416,15 +426,14 @@ def validate(self):
self.message = message
return False

# manager = AddressCredential(self.asset)
# code = manager.validate_access(
# {"type": "address", "value": self.consumer_address}
# )
#
# if code != ConsumableCodes.OK:
# self.resource += ".credentials"
# self.message = "restricted_access_for_algo"
# return False
code = AddressCredential(self.asset).validate_access(
{"type": "address", "value": self.consumer_address}
)

if code != ConsumableCodes.OK:
self.resource += ".credentials"
self.message = "restricted_access_for_algo"
return False

if self.service.type not in ["access", "compute"]:
self.resource += ".serviceId"
43 changes: 23 additions & 20 deletions ocean_provider/validation/test/test_algo_validation.py
Original file line number Diff line number Diff line change
@@ -1012,23 +1012,26 @@ def side_effect(*args, **kwargs):
assert validator.message == "file_unavailable"


# def test_algo_credentials(provider_address, consumer_address):
# ddo = Asset(ddo_dict)
# alg_ddo_dict["credentials"] = {"allow": [], "deny": [consumer_address]}
# alg_ddo = Asset(alg_ddo_dict)
# sa_compute = get_first_service_by_type(alg_ddo, ServiceType.ACCESS)
# sa = get_first_service_by_type(ddo, ServiceType.COMPUTE)
#
# data = {
# "dataset": {"documentId": ddo.did, "serviceId": sa.id, "transferTxId": "tx_id"},
# "algorithm": {
# "documentId": alg_ddo.did,
# "serviceId": sa_compute.id,
# "transferTxId": "alg_tx_id",
# },
# }
#
# validator = WorkflowValidator(consumer_address, data)
# assert validator.validate() is False
# assert validator.resource == "credentials"
# assert validator.message == "restricted_access_for_algo"
def test_algo_credentials(provider_address, consumer_address):
ddo = Asset(ddo_dict)
alg_ddo_dict["credentials"] = {
"allow": [],
"deny": {"type": "address", "values": [consumer_address]},
}
alg_ddo = Asset(alg_ddo_dict)
sa_compute = get_first_service_by_type(alg_ddo, ServiceType.ACCESS)
sa = get_first_service_by_type(ddo, ServiceType.COMPUTE)

data = {
"dataset": {"documentId": ddo.did, "serviceId": sa.id, "transferTxId": "tx_id"},
"algorithm": {
"documentId": alg_ddo.did,
"serviceId": sa_compute.id,
"transferTxId": "alg_tx_id",
},
}

validator = WorkflowValidator(consumer_address, data)
assert validator.validate() is False
assert validator.resource == "credentials"
assert validator.message == "restricted_access_for_algo"
5 changes: 4 additions & 1 deletion tests/test_compute.py
Original file line number Diff line number Diff line change
@@ -662,7 +662,10 @@ def test_algo_credentials(
{"from": deployer_wallet.address}
)

algo_credentials = {"allow": [], "deny": {"type": "address", "values": [consumer_wallet.address]}}
algo_credentials = {
"allow": [],
"deny": {"type": "address", "values": [consumer_wallet.address]},
}

ddo, tx_id, alg_ddo, alg_tx_id = build_and_send_ddo_with_compute_service(
client,

0 comments on commit 22da96a

Please sign in to comment.