## Description
This PR contains several API changes and bug fixes:
### New APIs and API Updates
I added the following APIs to help with function management and user management.
**TeaclaveFrontend**:
```
service TeaclaveFrontend {
rpc UpdateFunction (UpdateFunctionRequest) returns (UpdateFunctionResponse);
rpc ListFunctions (ListFunctionsRequest) returns (ListFunctionsResponse);
rpc DeleteFunction (DeleteFunctionRequest) returns (DeleteFunctionResponse);
}
```
**TeaclaveAuthenticationApi**:
```
service TeaclaveAuthenticationApi {
rpc UserUpdate(UserUpdateRequest) returns (UserUpdateResponse);
}
```
**TeaclaveAuthenticationApi**
```
service TeaclaveAuthenticationApi {
rpc UserRegister(UserRegisterRequest) returns (UserRegisterResponse);
rpc UserUpdate(UserUpdateRequest) returns (UserUpdateResponse);
}
```
`UserRegisterRequest` now contains role and attribute for role-based access
control in user management.
### Role-based User Management
We introduce four roles:
```
pub enum UserRole {
PlatformAdmin,
FunctionOwner,
DataOwnerManager(String), // Manager of the data owner (attribute can be
the organization name
DataOwner(String), // Data owner (attribute are the organization
name)
Invalid,
}
```
Different roles have different privileges to access API endpoints.
### User Management
Since we have introduced the role-based user management, only
"PlatformAdmin" and "DataOwnerManager" can register new
users with certain privileges.
As a result, `UserRegisterRequest` have two new fields: *role* and *attribute*.
The role is an enum but string encoded. Possible roles are
"PlatformAdmin", "FunctionOwner",
"DataOwnerManager", "DataOwner".
### Bug fixes
- Incorrect toolchain version in CI for Swift SDK
- Change to multithreaded file service
- Fix issue that re-build protobuf in each build
## Type of change (select or add applied and delete the others)
- [x] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [x] Breaking change (fix or feature that would cause existing functionality
to not work as expected)
- [x] API change with a documentation update
## How has this been tested?
CI test.
## Checklist
- [x] Fork the repo and create your branch from `master`.
- [x] If you've added code that should be tested, add tests.
- [x] If you've changed APIs, update the documentation.
- [x] Ensure the tests pass (see CI results).
- [x] Make sure your code lints/format.
You can view, comment on, or merge this pull request online at:
https://github.com/apache/incubator-teaclave/pull/588
-- Commit Summary --
* API updates
-- File Changes --
M .github/workflows/ci.yml (2)
M .gitignore (6)
M common/rusty_leveldb_sgx/src/cache.rs (3)
M config/runtime.config.toml (2)
M examples/c/builtin_echo.c (84)
M examples/c/builtin_ordered_set_intersect.c (65)
A examples/c/utils.h (104)
M examples/python/builtin_echo.py (3)
M examples/python/builtin_face_detection.py (3)
M examples/python/builtin_gbdt_train.py (3)
M examples/python/builtin_online_decrypt.py (3)
M examples/python/builtin_ordered_set_intersect.py (8)
M examples/python/builtin_password_check.py (8)
M examples/python/builtin_private_join_and_compute.py (12)
M examples/python/builtin_rsa_sign.py (9)
M examples/python/mesapy_echo.py (3)
M examples/python/mesapy_logistic_reg.py (4)
M examples/python/utils.py (18)
M examples/python/wasm_c_simple_add.py (3)
M examples/python/wasm_rust_psi.py (8)
M examples/python/wasm_tvm_mnist.py (7)
M examples/python/wasm_tvm_mnist_payload/Makefile (2)
M examples/rust/builtin_echo/Cargo.lock (7)
M examples/rust/builtin_echo/src/main.rs (7)
M examples/rust/builtin_ordered_set_intersect/Cargo.lock (7)
M examples/rust/builtin_ordered_set_intersect/src/main.rs (38)
M executor/src/wamr.rs (2)
M file_agent/Cargo.lock (7)
M sdk/c/teaclave_client_sdk.h (14)
M sdk/python/teaclave.py (124)
M sdk/rust/Cargo.lock (7)
M sdk/rust/src/bindings.rs (34)
M sdk/rust/src/lib.rs (43)
M sdk/swift/TeaclaveClientSDK/TeaclaveClientSDK/TeaclaveClientSDK.swift (19)
M
sdk/swift/TeaclaveClientSDK/TeaclaveClientSDKTests/TeaclaveClientSDKTests.swift
(9)
M services/authentication/enclave/src/api_service.rs (174)
M services/authentication/enclave/src/error.rs (14)
M services/authentication/enclave/src/internal_service.rs (52)
M services/authentication/enclave/src/lib.rs (19)
M services/authentication/enclave/src/user_db.rs (32)
M services/authentication/enclave/src/user_info.rs (23)
M services/execution/enclave/src/service.rs (15)
M services/frontend/enclave/src/lib.rs (11)
M services/frontend/enclave/src/service.rs (257)
M services/management/enclave/src/service.rs (187)
M services/proto/build.rs (23)
M services/proto/src/proto/teaclave_authentication_service.proto (21)
M services/proto/src/proto/teaclave_frontend_service.proto (37)
M services/proto/src/proto/teaclave_management_service.proto (5)
M services/proto/src/teaclave_authentication_service.rs (125)
M services/proto/src/teaclave_frontend_service.rs (318)
M services/proto/src/teaclave_management_service.rs (8)
M tests/functional/enclave/Cargo.toml (2)
M tests/functional/enclave/src/authentication_service.rs (77)
M tests/functional/enclave/src/management_service.rs (134)
M tests/functional/enclave/src/utils.rs (39)
M tests/scripts/simple_http_server.py (11)
M tests/unit/enclave/Cargo.toml (3)
M tests/unit/enclave/src/lib.rs (1)
M types/Cargo.toml (2)
M types/src/function.rs (26)
M types/src/lib.rs (2)
M types/src/staged_function.rs (1)
M types/src/staged_task.rs (7)
M types/src/task.rs (12)
M types/src/task_state.rs (1)
A types/src/user.rs (101)
-- Patch Links --
https://github.com/apache/incubator-teaclave/pull/588.patch
https://github.com/apache/incubator-teaclave/pull/588.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/pull/588
