Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Contract policy evaluated during catalog request #1331

Closed
ronjaquensel opened this issue May 19, 2022 · 2 comments · Fixed by #1699
Closed

Contract policy evaluated during catalog request #1331

ronjaquensel opened this issue May 19, 2022 · 2 comments · Fixed by #1699
Assignees
@ronjaquensel
Labels
bug Something isn't working
Milestone
Milestone 5

Comments

@ronjaquensel
Copy link
Contributor

Bug Report

Describe the Bug

When the connector responds to a catalog request, it checks both the access and the contract policies for each ContractDefinition. Therefore, the requesting connector will not see contract offers if the contract policy is not fulfilled at the time of the request.

Expected Behavior

During catalog request, the connector evaluates whether the requesting agent fulfils a ContractDefinition's access policy, but not the contract policy, as the contract policy should be advertised to requesting agents.

Observed Behavior

The connector evaluates whether the access and contract policies are fulfilled.

Steps to Reproduce

Steps to reproduce the behavior:

  1. Create an implementation of AtomicConstraintFunction<Permission> that always returns false in sample 04.0's transfer-file module and register it with the PolicyEngine in the TransferFileExtension.
  2. Bind the key used to register the function as well as the action type USE to all scopes using the RuleBindingRegistry.
  3. Create a second policy in the TransferFileExtension, adding an action with type USE and a constraint using the key from steps 1 and 2 as the value for the left operand. Operator and right operand can be chosen arbitrarily.
  4. Add the new policy as the ContractDefinition's contract policy, do not add it as the access policy.
  5. Start both connectors as described in the sample's README.
  6. Make a catalog request from consumer to provider and see an empty array of contract offers in the response: curl -X GET -H 'X-Api-Key: password' "http://localhost:9192/api/v1/data/catalog?providerUrl=http://localhost:8282/api/v1/ids/data"
  7. See in the provider logs that there was a problem evaluating the constraint defined in the contract policy.

Possible Implementation

The ContractDefinitionServiceImpl always evaluates access and contract policies when filtering ContractDefinitions for a ParticipantAgent. Here, only the access policies should be evaluated. The evaluation of the contract policies (e.g. during contract negotiation) should happen separately.

Also, the ContractDefinitionServiceImpl always uses the policy scope contract.negotiation, even though the service is also used during catalog requests.
@ronjaquensel ronjaquensel added the bug Something isn't working label May 19, 2022
@jimmarino
Copy link
Contributor

That's a good point about advertising. We probably should also create a unique scope as well.

@github-actions
Copy link

github-actions bot commented Jun 7, 2022

This issue is stale because it has been open for 14 days with no activity.

@github-actions github-actions bot added the stale Open for x days with no activity label Jun 7, 2022
@ronjaquensel ronjaquensel added this to the Milestone 5 milestone Jun 7, 2022
@ronjaquensel ronjaquensel removed the stale Open for x days with no activity label Jun 7, 2022
@ronjaquensel ronjaquensel self-assigned this Jun 7, 2022
@ronjaquensel ronjaquensel mentioned this issue Jun 30, 2022
Closed
7 tasks
@ronjaquensel ronjaquensel mentioned this issue Jul 15, 2022
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ronjaquensel ronjaquensel

Labels
bug Something isn't working
Projects
None yet
Milestone
Milestone 5
2 participants
@jimmarino @ronjaquensel