add allowAllPublishedAlgorithms (#686)

* add allowAllPublishedAlgorithms
2024-11-26 20:39:05 +01:00 · 2021-03-23 21:00:15 +02:00 · 2021-03-23 21:00:15 +02:00 · b1967534e8
commit b1967534e8
parent 79ff76e026
3 changed files with 170 additions and 95 deletions
--- a/src/ddo/interfaces/Service.ts
+++ b/src/ddo/interfaces/Service.ts
@ -33,6 +33,7 @@ export interface publisherTrustedAlgorithm {
 export interface ServiceComputePrivacy {
  allowRawAlgorithm: boolean
  allowNetworkAccess: boolean
+  allowAllPublishedAlgorithms: boolean
  publisherTrustedAlgorithms?: publisherTrustedAlgorithm[]
 }

--- a/src/ocean/Compute.ts
+++ b/src/ocean/Compute.ts
@ -408,17 +408,15 @@ export class Compute extends Instantiable {
      if (algorithmMeta) {
        // check if raw algo is allowed
        if (service.attributes.main.privacy)
-          if (!service.attributes.main.privacy.allowRawAlgorithm) {
+          if (service.attributes.main.privacy.allowRawAlgorithm) return true
        this.logger.error('ERROR: This service does not allow raw algorithm')
        return false
      }
-      }
      if (algorithmDid) {
        // check if did is in trusted list
-        if (service.attributes.main.privacy)
-          if (service.attributes.main.privacy.publisherTrustedAlgorithms)
-            if (service.attributes.main.privacy.publisherTrustedAlgorithms.length > 0) {
-              // loop through all publisherTrustedAlgorithms and see if we have a match
+        if (service.attributes.main.privacy) {
+          if (service.attributes.main.privacy.allowAllPublishedAlgorithms) return true
+          if (!service.attributes.main.privacy.publisherTrustedAlgorithms) return false
          let algo: publisherTrustedAlgorithm
          for (algo of service.attributes.main.privacy.publisherTrustedAlgorithms) {
            if (algo.did === algorithmDid) {
@ -459,7 +457,7 @@ export class Compute extends Instantiable {
        }
      }
    }
-    return true
+    return true // not a compute asset
  }

  /**
@ -563,6 +561,8 @@ export class Compute extends Instantiable {
    if (ddo.service[serviceIndex].type !== 'compute') return null
    ddo.service[serviceIndex].attributes.main.privacy.allowRawAlgorithm =
      computePrivacy.allowRawAlgorithm
+    ddo.service[serviceIndex].attributes.main.privacy.allowAllPublishedAlgorithms =
+      computePrivacy.allowAllPublishedAlgorithms
    ddo.service[serviceIndex].attributes.main.privacy.allowNetworkAccess =
      computePrivacy.allowNetworkAccess
    ddo.service[serviceIndex].attributes.main.privacy.publisherTrustedAlgorithms =
@ -570,6 +570,32 @@ export class Compute extends Instantiable {
    return ddo
  }

+  /**
+   * Toogle allowAllPublishedAlgorithms
+   * @param  {ddo} DDO
+   * @param  {number} serviceIndex Index of the compute service in the DDO. If -1, will try to find it
+   * @param  {boolean} newState
+   * @return {Promise<DDDO>} Returns the new DDO
+   */
+  public async toggleAllowAllPublishedAlgorithms(
+    ddo: DDO,
+    serviceIndex: number,
+    newState: boolean
+  ): Promise<DDO> {
+    if (!ddo) return null
+    if (serviceIndex === -1) {
+      const service = ddo.findServiceByType('compute')
+      if (!service) return null
+      serviceIndex = service.index
+    }
+    if (typeof ddo.service[serviceIndex] === 'undefined') return null
+    if (ddo.service[serviceIndex].type !== 'compute') return null
+    ddo.service[
+      serviceIndex
+    ].attributes.main.privacy.allowAllPublishedAlgorithms = newState
+    return ddo
+  }
+
  /**
   * Generates a publisherTrustedAlgorithm object from a algorithm did
   * @param  {did} string DID. You can leave this empty if you already have the DDO
@ -650,8 +676,8 @@ export class Compute extends Instantiable {
    }
    if (typeof ddo.service[serviceIndex] === 'undefined') return false
    if (ddo.service[serviceIndex].type !== 'compute') return false
-    if (!ddo.service[serviceIndex].attributes.main.privacy.publisherTrustedAlgorithms)
-      return false
+    if (ddo.service[serviceIndex].attributes.main.privacy.allowAllPublishedAlgorithms)
+      return true
    let algo: publisherTrustedAlgorithm
    for (algo of ddo.service[serviceIndex].attributes.main.privacy
      .publisherTrustedAlgorithms)
--- a/test/integration/ComputeFlow.test.ts
+++ b/test/integration/ComputeFlow.test.ts
@ -252,6 +252,7 @@ describe('Compute flow', () => {
    )
    const origComputePrivacy = {
      allowRawAlgorithm: true,
+      allowAllPublishedAlgorithms: false,
      allowNetworkAccess: false,
      publisherTrustedAlgorithms: []
    }
@ -302,6 +303,7 @@ describe('Compute flow', () => {
    )
    const origComputePrivacy2 = {
      allowRawAlgorithm: true,
+      allowAllPublishedAlgorithms: true,
      allowNetworkAccess: false,
      publisherTrustedAlgorithms: []
    }
@ -363,6 +365,7 @@ describe('Compute flow', () => {
    const origComputePrivacy = {
      allowRawAlgorithm: false,
      allowNetworkAccess: false,
+      allowAllPublishedAlgorithms: false,
      publisherTrustedAlgorithms: []
    }

@ -396,6 +399,7 @@ describe('Compute flow', () => {
    const origComputePrivacy = {
      allowRawAlgorithm: false,
      allowNetworkAccess: false,
+      allowAllPublishedAlgorithms: false,
      publisherTrustedAlgorithms: [
        {
          did: 'did:op:1234',
@ -754,6 +758,88 @@ describe('Compute flow', () => {
    )
    assert(order === null, 'Order should be null')
  })
+
+  it('should not allow  a compute job with a published algo because asset does not allow allowAllPublishedAlgorithms', async () => {
+    const output = {}
+    const computeService = ddo.findServiceByType('compute')
+    // get the compute address first
+    computeAddress = await ocean.compute.getComputeAddress(ddo.id, computeService.index)
+    assert(ddo != null, 'ddo should not be null')
+
+    const allowed = await ocean.compute.isOrderable(
+      ddo.id,
+      computeService.index,
+      algorithmAsset.id,
+      undefined
+    )
+    assert(allowed === false)
+    const order = await ocean.compute.orderAsset(
+      bob.getId(),
+      ddo.id,
+      computeService.index,
+      algorithmAsset.id,
+      undefined,
+      null, // no marketplace fee
+      computeAddress // CtD is the consumer of the dataset
+    )
+    assert(order === null, 'Order should be null')
+  })
+  it('Alice updates Compute Privacy', async () => {
+    const newComputePrivacy = {
+      allowRawAlgorithm: false,
+      allowNetworkAccess: true,
+      allowAllPublishedAlgorithms: false, // is false, in order to test enableAllowAllPublishedAlgorithms below
+      publisherTrustedAlgorithms: [
+        {
+          did: 'did:op:1234',
+          filesChecksum: '1234',
+          containerSectionChecksum: '1234'
+        },
+        {
+          did: 'did:op:12345',
+          filesChecksum: '1234',
+          containerSectionChecksum: '1234'
+        }
+      ]
+    }
+    const computeService = ddo.findServiceByType('compute')
+    assert(computeService, 'ComputeIndex should be >0')
+    let newDdo = await ocean.compute.editComputePrivacy(
+      ddo,
+      computeService.index,
+      newComputePrivacy
+    )
+    newDdo = await ocean.compute.toggleAllowAllPublishedAlgorithms(
+      newDdo,
+      computeService.index,
+      true
+    )
+    assert(newDdo !== null, 'newDDO should not be null')
+    const txid = await ocean.onChainMetadata.update(ddo.id, newDdo, alice.getId())
+    assert(txid !== null, 'TxId should not be null')
+    await sleep(aquaSleep)
+    const metaData = await ocean.assets.getServiceByType(ddo.id, 'compute')
+    assert.equal(
+      metaData.attributes.main.privacy.allowRawAlgorithm,
+      newComputePrivacy.allowRawAlgorithm,
+      'allowRawAlgorithm does not match'
+    )
+    assert.equal(
+      metaData.attributes.main.privacy.allowAllPublishedAlgorithms,
+      true,
+      'allowAllPublishedAlgorithms does not match'
+    )
+    assert.equal(
+      metaData.attributes.main.privacy.allowNetworkAccess,
+      newComputePrivacy.allowNetworkAccess,
+      'allowNetworkAccess does not match'
+    )
+    assert.deepEqual(
+      metaData.attributes.main.privacy.publisherTrustedAlgorithms,
+      newComputePrivacy.publisherTrustedAlgorithms,
+      'allowNetworkAccess does not match'
+    )
+  })
  it('should start a compute job with a published algo', async () => {
    const output = {}
    const computeService = ddo.findServiceByType('compute')
@ -973,61 +1059,23 @@ describe('Compute flow', () => {
    assert(response.status >= 1, 'Invalid response.status')
    assert(response.jobId, 'Invalid jobId')
  })
-  it('Alice updates Compute Privacy', async () => {
-    const newComputePrivacy = {
-      allowRawAlgorithm: false,
-      allowNetworkAccess: true,
-      publisherTrustedAlgorithms: [
-        {
-          did: 'did:op:1234',
-          filesChecksum: '1234',
-          containerSectionChecksum: '1234'
-        },
-        {
-          did: 'did:op:12345',
-          filesChecksum: '1234',
-          containerSectionChecksum: '1234'
-        }
-      ]
-    }
-    const computeService = ddo.findServiceByType('compute')
-    assert(computeService, 'ComputeIndex should be >0')
-    const newDdo = await ocean.compute.editComputePrivacy(
-      ddo,
-      computeService.index,
-      newComputePrivacy
-    )
-    assert(newDdo !== null, 'newDDO should not be null')
-    const txid = await ocean.onChainMetadata.update(ddo.id, newDdo, alice.getId())
-    assert(txid !== null, 'TxId should not be null')
-    await sleep(aquaSleep)
-    const metaData = await ocean.assets.getServiceByType(ddo.id, 'compute')
-    assert.equal(
-      metaData.attributes.main.privacy.allowRawAlgorithm,
-      newComputePrivacy.allowRawAlgorithm,
-      'allowRawAlgorithm does not match'
-    )
-    assert.equal(
-      metaData.attributes.main.privacy.allowNetworkAccess,
-      newComputePrivacy.allowNetworkAccess,
-      'allowNetworkAccess does not match'
-    )
-    assert.deepEqual(
-      metaData.attributes.main.privacy.publisherTrustedAlgorithms,
-      newComputePrivacy.publisherTrustedAlgorithms,
-      'allowNetworkAccess does not match'
-    )
-  })
+
  it('Alice updates Compute Privacy, allowing some published algos', async () => {
    const computeService = ddo.findServiceByType('compute')
    assert(computeService, 'ComputeIndex should be >0')
-    // allow algorithmAsset
-    let newDdo = await ocean.compute.addTrustedAlgorithmtoAsset(
+
+    let newDdo = await ocean.compute.toggleAllowAllPublishedAlgorithms(
      ddo,
      computeService.index,
+      false
+    )
+    assert(newDdo !== null, 'newDDO should not be null')
+    // allow algorithmAsset
+    newDdo = await ocean.compute.addTrustedAlgorithmtoAsset(
+      newDdo,
+      computeService.index,
      algorithmAsset.id
    )
-    assert(newDdo !== null, 'newDDO should not be null')
    let isAlgoAllowed = await ocean.compute.isAlgorithmTrusted(
      newDdo,
      computeService.index,