Update verifier logic

commonspace/acl/aclclient/acjoiningclient.go

@@ -9,6 +9,7 @@ import (
 	"github.com/anyproto/any-sync/app"
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/list"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 	"github.com/anyproto/any-sync/node/nodeclient"
 )
@@ -59,7 +60,7 @@ func (c *aclJoiningClient) getAcl(ctx context.Context, spaceId string) (l list.A
 	if err != nil {
 		return
 	}
-	return list.BuildAclListWithIdentity(c.keys, storage, list.NoOpAcceptorVerifier{})
+	return list.BuildAclListWithIdentity(c.keys, storage, recordverifier.NewValidateFull())
 }
 
 func (c *aclJoiningClient) CancelJoin(ctx context.Context, spaceId string) (err error) {

commonspace/acl/aclwaiter/aclwaiter.go

@@ -14,6 +14,7 @@ import (
 	"github.com/anyproto/any-sync/commonspace/acl/aclclient"
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/list"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/util/periodicsync"
 )
 
@@ -82,7 +83,7 @@ func (a *aclWaiter) loop(ctx context.Context) error {
 		if err != nil {
 			return err
 		}
-		acl, err := list.BuildAclListWithIdentity(a.keys, storage, list.NoOpAcceptorVerifier{})
+		acl, err := list.BuildAclListWithIdentity(a.keys, storage, recordverifier.NewValidateFull())
 		if err != nil {
 			return err
 		}

commonspace/deletion_test.go

@@ -22,7 +22,7 @@ func mockDeps() Deps {
 	return Deps{
 		TreeSyncer:     mockTreeSyncer{},
 		SyncStatus:     syncstatus.NewNoOpSyncStatus(),
-		recordVerifier: recordverifier.NewAlwaysAccept(),
+		recordVerifier: recordverifier.NewValidateFull(),
 	}
 }
 

commonspace/object/acl/list/aclrecordbuilder.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 	"github.com/anyproto/any-sync/util/cidutil"
 	"github.com/anyproto/any-sync/util/crypto"
@@ -105,11 +106,11 @@ type aclRecordBuilder struct {
 	id          string
 	keyStorage  crypto.KeyStorage
 	accountKeys *accountdata.AccountKeys
-	verifier    AcceptorVerifier
+	verifier    recordverifier.AcceptorVerifier
 	state       *AclState
 }
 
-func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage, keys *accountdata.AccountKeys, verifier AcceptorVerifier) AclRecordBuilder {
+func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage, keys *accountdata.AccountKeys, verifier recordverifier.AcceptorVerifier) AclRecordBuilder {
 	return &aclRecordBuilder{
 		id:          id,
 		keyStorage:  keyStorage,

commonspace/object/acl/list/aclstate.go

@@ -9,6 +9,7 @@ import (
 
 	"github.com/anyproto/any-sync/app/logger"
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/util/crypto"
 )
 
@@ -87,7 +88,7 @@ type AclState struct {
 func newAclStateWithKeys(
 	rootRecord *AclRecord,
 	key crypto.PrivKey,
-	verifier AcceptorVerifier) (st *AclState, err error) {
+	verifier recordverifier.AcceptorVerifier) (st *AclState, err error) {
 	st = &AclState{
 		id:              rootRecord.Id,
 		key:             key,
@@ -107,7 +108,7 @@ func newAclStateWithKeys(
 	return st, nil
 }
 
-func newAclState(rootRecord *AclRecord, verifier AcceptorVerifier) (st *AclState, err error) {
+func newAclState(rootRecord *AclRecord, verifier recordverifier.AcceptorVerifier) (st *AclState, err error) {
 	st = &AclState{
 		id:              rootRecord.Id,
 		keys:            make(map[string]AclKeys),

commonspace/object/acl/list/acltestsuite.go

@@ -7,6 +7,7 @@ import (
 
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 	"github.com/anyproto/any-sync/util/crypto"
 )
@@ -86,7 +87,7 @@ func (a *AclTestExecutor) buildBatchRequest(args []string, acl AclList, getPerm
 					return nil, err
 				}
 				ownerAcl := a.actualAccounts[a.owner].Acl.(*aclList)
-				accountAcl, err := BuildAclListWithIdentity(keys, ownerAcl.storage, NoOpAcceptorVerifier{})
+				accountAcl, err := BuildAclListWithIdentity(keys, ownerAcl.storage, recordverifier.NewValidateFull())
 				if err != nil {
 					return nil, err
 				}
@@ -273,7 +274,7 @@ func (a *AclTestExecutor) Execute(cmd string) (err error) {
 		} else {
 			ownerAcl := a.actualAccounts[a.owner].Acl.(*aclList)
 			copyStorage := ownerAcl.storage.(*inMemoryStorage).Copy()
-			accountAcl, err := BuildAclListWithIdentity(keys, copyStorage, NoOpAcceptorVerifier{})
+			accountAcl, err := BuildAclListWithIdentity(keys, copyStorage, recordverifier.NewValidateFull())
 			if err != nil {
 				return err
 			}
@@ -291,7 +292,7 @@ func (a *AclTestExecutor) Execute(cmd string) (err error) {
 		keys := a.actualAccounts[account].Keys
 		ownerAcl := a.actualAccounts[a.owner].Acl.(*aclList)
 		copyStorage := ownerAcl.storage.(*inMemoryStorage).Copy()
-		accountAcl, err := BuildAclListWithIdentity(keys, copyStorage, NoOpAcceptorVerifier{})
+		accountAcl, err := BuildAclListWithIdentity(keys, copyStorage, recordverifier.NewValidateFull())
 		if err != nil {
 			return err
 		}
@@ -458,7 +459,7 @@ func (a *AclTestExecutor) Execute(cmd string) (err error) {
 				return err
 			}
 			ownerAcl := a.actualAccounts[a.owner].Acl.(*aclList)
-			accountAcl, err := BuildAclListWithIdentity(keys, ownerAcl.storage, NoOpAcceptorVerifier{})
+			accountAcl, err := BuildAclListWithIdentity(keys, ownerAcl.storage, recordverifier.NewValidateFull())
 			if err != nil {
 				return err
 			}

commonspace/object/acl/list/list.go

@@ -8,6 +8,7 @@ import (
 	"sync"
 
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 	"github.com/anyproto/any-sync/util/cidutil"
 	"github.com/anyproto/any-sync/util/crypto"
@@ -26,22 +27,6 @@ type RWLocker interface {
 	RUnlock()
 }
 
-type AcceptorVerifier interface {
-	VerifyAcceptor(rec *consensusproto.RawRecord) (err error)
-	ShouldValidate() bool
-}
-
-type NoOpAcceptorVerifier struct {
-}
-
-func (n NoOpAcceptorVerifier) VerifyAcceptor(rec *consensusproto.RawRecord) (err error) {
-	return nil
-}
-
-func (n NoOpAcceptorVerifier) ShouldValidate() bool {
-	return true
-}
-
 type AclList interface {
 	RWLocker
 	Id() string
@@ -80,7 +65,7 @@ type aclList struct {
 	keyStorage    crypto.KeyStorage
 	aclState      *AclState
 	storage       Storage
-	verifier      AcceptorVerifier
+	verifier      recordverifier.AcceptorVerifier
 
 	sync.RWMutex
 }
@@ -90,10 +75,10 @@ type internalDeps struct {
 	keyStorage       crypto.KeyStorage
 	stateBuilder     *aclStateBuilder
 	recordBuilder    AclRecordBuilder
-	acceptorVerifier AcceptorVerifier
+	acceptorVerifier recordverifier.AcceptorVerifier
 }
 
-func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage Storage, verifier AcceptorVerifier) (AclList, error) {
+func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage Storage, verifier recordverifier.AcceptorVerifier) (AclList, error) {
 	keyStorage := crypto.NewKeyStorage()
 	deps := internalDeps{
 		storage:          storage,

commonspace/object/acl/list/list_test.go

@@ -13,6 +13,7 @@ import (
 	"github.com/anyproto/any-sync/commonspace/headsync/headstorage"
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 	"github.com/anyproto/any-sync/util/crypto"
 )
@@ -279,7 +280,7 @@ func TestAclList_FixAcceptPanic(t *testing.T) {
 	fx := newFixture(t)
 	fx.inviteAccount(t, AclPermissions(aclrecordproto.AclUserPermissions_Writer))
 
-	_, err := BuildAclListWithIdentity(fx.accountKeys, fx.ownerAcl.storage, NoOpAcceptorVerifier{})
+	_, err := BuildAclListWithIdentity(fx.accountKeys, fx.ownerAcl.storage, recordverifier.NewValidateFull())
 	require.NoError(t, err)
 }
 

commonspace/object/acl/list/listutils.go

@@ -2,6 +2,7 @@ package list
 
 import (
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 	"github.com/anyproto/any-sync/util/crypto"
 )
@@ -17,7 +18,7 @@ func newAclWithStoreProvider(root *consensusproto.RawRecordWithId, keys *account
 	if err != nil {
 		return nil, err
 	}
-	return BuildAclListWithIdentity(keys, storage, NoOpAcceptorVerifier{})
+	return BuildAclListWithIdentity(keys, storage, recordverifier.NewValidateFull())
 }
 
 func newDerivedAclWithStoreProvider(spaceId string, keys *accountdata.AccountKeys, metadata []byte, storeProvider StorageProvider) (AclList, error) {
@@ -43,11 +44,11 @@ func newInMemoryAclWithRoot(keys *accountdata.AccountKeys, root *consensusproto.
 	if err != nil {
 		return nil, err
 	}
-	return BuildAclListWithIdentity(keys, st, NoOpAcceptorVerifier{})
+	return BuildAclListWithIdentity(keys, st, recordverifier.NewValidateFull())
 }
 
 func buildDerivedRoot(spaceId string, keys *accountdata.AccountKeys, metadata []byte) (root *consensusproto.RawRecordWithId, err error) {
-	builder := NewAclRecordBuilder("", crypto.NewKeyStorage(), keys, NoOpAcceptorVerifier{})
+	builder := NewAclRecordBuilder("", crypto.NewKeyStorage(), keys, recordverifier.NewValidateFull())
 	masterKey, _, err := crypto.GenerateRandomEd25519KeyPair()
 	if err != nil {
 		return nil, err

commonspace/object/acl/list/validator.go

@@ -4,6 +4,7 @@ import (
 	"golang.org/x/exp/slices"
 
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/util/crypto"
 )
 
@@ -27,10 +28,10 @@ type ContentValidator interface {
 type contentValidator struct {
 	keyStore crypto.KeyStorage
 	aclState *AclState
-	verifier AcceptorVerifier
+	verifier recordverifier.AcceptorVerifier
 }
 
-func newContentValidator(keyStore crypto.KeyStorage, aclState *AclState, verifier AcceptorVerifier) ContentValidator {
+func newContentValidator(keyStore crypto.KeyStorage, aclState *AclState, verifier recordverifier.AcceptorVerifier) ContentValidator {
 	return &contentValidator{
 		keyStore: keyStore,
 		aclState: aclState,

commonspace/object/acl/recordverifier/alwaysaccept.go

@@ -1,28 +0,0 @@
-package recordverifier
-
-import (
-	"github.com/anyproto/any-sync/app"
-	"github.com/anyproto/any-sync/consensus/consensusproto"
-)
-
-type AlwaysAccept struct{}
-
-func NewAlwaysAccept() RecordVerifier {
-	return &AlwaysAccept{}
-}
-
-func (a *AlwaysAccept) Init(_ *app.App) error {
-	return nil
-}
-
-func (a *AlwaysAccept) Name() string {
-	return CName
-}
-
-func (a *AlwaysAccept) VerifyAcceptor(_ *consensusproto.RawRecord) error {
-	return nil
-}
-
-func (a *AlwaysAccept) ShouldValidate() bool {
-	return true
-}

commonspace/object/acl/recordverifier/recordverifier.go

@@ -4,7 +4,6 @@ import (
 	"fmt"
 
 	"github.com/anyproto/any-sync/app"
-	"github.com/anyproto/any-sync/commonspace/object/acl/list"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 	"github.com/anyproto/any-sync/nodeconf"
 	"github.com/anyproto/any-sync/util/crypto"
@@ -12,9 +11,14 @@ import (
 
 const CName = "common.acl.recordverifier"
 
+type AcceptorVerifier interface {
+	VerifyAcceptor(rec *consensusproto.RawRecord) (err error)
+	ShouldValidate() bool
+}
+
 type RecordVerifier interface {
 	app.Component
-	list.AcceptorVerifier
+	AcceptorVerifier
 }
 
 func New() RecordVerifier {

commonspace/object/acl/recordverifier/validatefull.go

@@ -0,0 +1,28 @@
+package recordverifier
+
+import (
+	"github.com/anyproto/any-sync/app"
+	"github.com/anyproto/any-sync/consensus/consensusproto"
+)
+
+type ValidateFull struct{}
+
+func NewValidateFull() RecordVerifier {
+	return &ValidateFull{}
+}
+
+func (a *ValidateFull) Init(_ *app.App) error {
+	return nil
+}
+
+func (a *ValidateFull) Name() string {
+	return CName
+}
+
+func (a *ValidateFull) VerifyAcceptor(_ *consensusproto.RawRecord) error {
+	return nil
+}
+
+func (a *ValidateFull) ShouldValidate() bool {
+	return true
+}

commonspace/object/keyvalue/keyvalue_test.go

@@ -17,6 +17,7 @@ import (
 
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/list"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/commonspace/object/keyvalue/keyvaluestorage"
 	"github.com/anyproto/any-sync/commonspace/object/keyvalue/keyvaluestorage/innerstorage"
 	"github.com/anyproto/any-sync/commonspace/spacepayloads"
@@ -280,7 +281,7 @@ func newFixture(t *testing.T, keys *accountdata.AccountKeys, spacePayload spaces
 	require.NoError(t, err)
 	aclStorage, err := storage.AclStorage()
 	require.NoError(t, err)
-	aclList, err := list.BuildAclListWithIdentity(keys, aclStorage, list.NoOpAcceptorVerifier{})
+	aclList, err := list.BuildAclListWithIdentity(keys, aclStorage, recordverifier.NewValidateFull())
 	require.NoError(t, err)
 	storageId := "kv.storage"
 	rpcHandler := rpctest.NewTestServer()

commonspace/object/tree/objecttree/objecttree_test.go

@@ -19,6 +19,7 @@ import (
 	"github.com/anyproto/any-sync/commonspace/headsync/headstorage"
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/list"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto"
 	"github.com/anyproto/any-sync/commonspace/object/tree/treestorage"
 )
@@ -390,7 +391,7 @@ func TestObjectTree(t *testing.T) {
 			require.NoError(t, err)
 			prevId = rec.Id
 		}
-		beforeAcl, err := list.BuildAclListWithIdentity(account.Keys, beforeStorage, list.NoOpAcceptorVerifier{})
+		beforeAcl, err := list.BuildAclListWithIdentity(account.Keys, beforeStorage, recordverifier.NewValidateFull())
 		require.NoError(t, err)
 		err = exec.Execute("a.invite::invId")
 		require.NoError(t, err)
@@ -462,7 +463,7 @@ func TestObjectTree(t *testing.T) {
 		require.NoError(t, err)
 		storage, err := list.NewInMemoryStorage(prevAclRecs[0].Id, prevAclRecs)
 		require.NoError(t, err)
-		acl, err := list.BuildAclListWithIdentity(bAccount.Keys, storage, list.NoOpAcceptorVerifier{})
+		acl, err := list.BuildAclListWithIdentity(bAccount.Keys, storage, recordverifier.NewValidateFull())
 		require.NoError(t, err)
 		// creating tree with old storage which doesn't have a new invite record
 		bTree, err := BuildKeyFilterableObjectTree(bStore, acl)

commonspace/spacepayloads/payloads.go

@@ -12,6 +12,7 @@ import (
 
 	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
 	"github.com/anyproto/any-sync/commonspace/object/acl/list"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/commonspace/object/tree/objecttree"
 	"github.com/anyproto/any-sync/commonspace/object/tree/treechangeproto"
 	"github.com/anyproto/any-sync/commonspace/spacestorage"
@@ -96,7 +97,7 @@ func StoragePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload sp
 
 	// building acl root
 	keyStorage := crypto.NewKeyStorage()
-	aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil, list.NoOpAcceptorVerifier{})
+	aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil, recordverifier.NewValidateFull())
 	aclRoot, err := aclBuilder.BuildRoot(list.RootContent{
 		PrivKey:   payload.SigningKey,
 		MasterKey: payload.MasterKey,
@@ -187,7 +188,7 @@ func StoragePayloadForSpaceDerive(payload SpaceDerivePayload) (storagePayload sp
 
 	// building acl root
 	keyStorage := crypto.NewKeyStorage()
-	aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil, list.NoOpAcceptorVerifier{})
+	aclBuilder := list.NewAclRecordBuilder("", keyStorage, nil, recordverifier.NewValidateFull())
 	aclRoot, err := aclBuilder.BuildRoot(list.RootContent{
 		PrivKey:   payload.SigningKey,
 		MasterKey: payload.MasterKey,

commonspace/spacerpc_test.go

@@ -130,7 +130,7 @@ func (r *RpcServer) getSpace(ctx context.Context, spaceId string) (sp Space, err
 		sp, err = r.spaceService.NewSpace(ctx, spaceId, Deps{
 			TreeSyncer:     NewTreeSyncer(spaceId),
 			SyncStatus:     syncstatus.NewNoOpSyncStatus(),
-			recordVerifier: recordverifier.NewAlwaysAccept(),
+			recordVerifier: recordverifier.NewValidateFull(),
 		})
 		if err != nil {
 			return nil, err

commonspace/spacestorage/migration/aclmigrator.go

@@ -10,6 +10,7 @@ import (
 	"github.com/anyproto/any-sync/commonspace/headsync/headstorage"
 	"github.com/anyproto/any-sync/commonspace/object/accountdata"
 	"github.com/anyproto/any-sync/commonspace/object/acl/list"
+	"github.com/anyproto/any-sync/commonspace/object/acl/recordverifier"
 	"github.com/anyproto/any-sync/commonspace/spacestorage/oldstorage"
 	"github.com/anyproto/any-sync/consensus/consensusproto"
 )
@@ -31,7 +32,7 @@ func migrateAclList(ctx context.Context, oldStorage oldstorage.ListStorage, head
 	if err != nil {
 		return nil, fmt.Errorf("migration: failed to generate keys: %w", err)
 	}
-	aclList, err := list.BuildAclListWithIdentity(keys, aclStorage, &list.NoOpAcceptorVerifier{})
+	aclList, err := list.BuildAclListWithIdentity(keys, aclStorage, recordverifier.NewValidateFull())
 	if err != nil {
 		return nil, fmt.Errorf("migration: failed to build acl list: %w", err)
 	}