peer change

2026-06-22 08:00:14 +02:00
parent cbd2fb1d46
commit f30b56fa34
10 changed files with 653 additions and 1 deletions
@@ -45,6 +45,70 @@ var self *peer.Peer

 func ListenNATS() {
 	tools.NewNATSCaller().ListenNats(map[tools.NATSMethod]func(tools.NATSResponse){
+		// ORG_PARTNER_EVENT is delivered by our local oc-discovery after receiving a
+		// libp2p stream from the remote. The payload "type" field routes to one of two
+		// sub-flows:
+		//   "check"   — we are master: validate candidate, emit confirm via PROPALGATION
+		//   "confirm" — we are requester: upgrade (or discard) the candidate's relation
+		tools.ORG_PARTNER_EVENT: func(resp tools.NATSResponse) {
+			if resp.FromApp == config.GetAppName() {
+				return
+			}
+			var msg struct {
+				Type            string `json:"type"`
+				RequesterID     string `json:"requester_id"`
+				RequesterPeerID string `json:"requester_peer_id"`
+				CandidateID     string `json:"candidate_id"`
+				MasterID        string `json:"master_id"`
+				Confirmed       bool   `json:"confirmed"`
+			}
+			if err := json.Unmarshal(resp.Payload, &msg); err != nil || msg.CandidateID == "" {
+				return
+			}
+			switch msg.Type {
+			case "check":
+				self, _ := oclib.GetMySelf()
+				if self == nil || self.GetID() != msg.MasterID {
+					return
+				}
+				access := oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.PEER), nil)
+				candidate := access.LoadOne(msg.CandidateID)
+				confirmed := candidate.Data != nil && candidate.ToPeer().Relation == peer.ORGANIZATION_MEMBER
+
+				confirmPayload, _ := json.Marshal(map[string]interface{}{
+					"type":              "confirm",
+					"requester_peer_id": msg.RequesterPeerID,
+					"candidate_id":      msg.CandidateID,
+					"confirmed":         confirmed,
+				})
+				propMsg := tools.PropalgationMessage{
+					Action:   tools.PB_ORG_PARTNER,
+					DataType: int(tools.PEER),
+					Payload:  confirmPayload,
+				}
+				b, _ := json.Marshal(propMsg)
+				tools.NewNATSCaller().SetNATSPub(tools.PROPALGATION_EVENT, tools.NATSResponse{
+					FromApp:  config.GetAppName(),
+					Datatype: tools.PEER,
+					User:     resp.User,
+					Groups:   resp.Groups,
+					Method:   int(tools.PROPALGATION_EVENT),
+					Payload:  b,
+				})
+
+			case "confirm":
+				access := oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.PEER), nil)
+				relation := peer.NONE
+				if msg.Confirmed {
+					relation = peer.ORGANIZATION_PARTNER
+				}
+				access.UpdateOne(map[string]interface{}{
+					"relation": relation,
+					"verify":   false,
+				}, msg.CandidateID)
+			}
+		},
+
 		tools.CREATE_RESOURCE: func(resp tools.NATSResponse) {
 			if resp.FromApp == config.GetAppName() || !slices.Contains(ressourceCols, oclib.LibDataEnum(resp.Datatype)) {
 				return
@@ -101,6 +165,12 @@ func ListenNATS() {
 						p.Relation = peer.PENDING_PARTNER
 					}
 					p.IsNano = config.GetConfig().IsNano
+					// If the incoming peer shares our OrganizationMasterID, initiate org partner
+					// verification with our master before accepting them as org partner.
+					if self != nil && self.OrganizationMasterID != "" && p.OrganizationMasterID == self.OrganizationMasterID {
+						go requestOrgPartnerVerification(self, p, resp.User, resp.Groups)
+						return
+					}
 					access.StoreOne(p.Serialize(p))
 				}
 			}
@@ -161,3 +231,37 @@ func ListenNATS() {
 		},
 	})
 }
+
+// requestOrgPartnerVerification stores the candidate as KNOWN and asks our
+// OrganizationMaster (via PROPALGATION_EVENT → oc-discovery → libp2p stream)
+// whether the candidate is really one of its ORGANIZATION_MEMBERs.
+// The ORG_PARTNER_EVENT "confirm" branch upgrades the relation once the master replies.
+func requestOrgPartnerVerification(self *peer.Peer, candidate *peer.Peer, user string, groups []string) {
+	// Store candidate as NONE (path "known") — no privilege until master confirms.
+	access := oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.PEER), nil)
+	candidate.Relation = peer.NONE
+	candidate.Verify = false
+	access.StoreOne(candidate.Serialize(candidate))
+
+	checkPayload, _ := json.Marshal(map[string]interface{}{
+		"type":              "check",
+		"requester_id":      self.GetID(),
+		"requester_peer_id": self.PeerID,
+		"candidate_id":      candidate.GetID(),
+		"master_id":         self.OrganizationMasterID,
+	})
+	propMsg := tools.PropalgationMessage{
+		Action:   tools.PB_ORG_PARTNER,
+		DataType: int(tools.PEER),
+		Payload:  checkPayload,
+	}
+	b, _ := json.Marshal(propMsg)
+	tools.NewNATSCaller().SetNATSPub(tools.PROPALGATION_EVENT, tools.NATSResponse{
+		FromApp:  config.GetAppName(),
+		Datatype: tools.PEER,
+		User:     user,
+		Groups:   groups,
+		Method:   int(tools.PROPALGATION_EVENT),
+		Payload:  b,
+	})
+}