refac: refactering subspace file to the implementation of cip

Author: ai-chen2050

.github/workflows/test.yml .github/workflows/.test.yml.github/workflows/test.yml renamed to .github/workflows/.test.yml

@@ -18,4 +18,4 @@ jobs:
         with:
           go-version-file: ./go.mod
 
-      - run: go test ./... -tags=sonic
+      - run: go test ./... -tags=sonic

cip/auth.go

@@ -0,0 +1,88 @@
+package cip
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+)
+
+// Action represents the permission action type
+type Action uint8
+
+const (
+	ActionRead    Action = 1 << iota // 1
+	ActionWrite                      // 2
+	ActionExecute                    // 4
+)
+
+// AuthTag represents the auth tag structure
+type AuthTag struct {
+	Action Action // Permission mask (1=read, 2=write, 4=execute)
+	Key    uint32 // Causality key ID
+	Exp    uint64 // Expiration clock value
+}
+
+// NewAuthTag creates a new auth tag
+func NewAuthTag(action Action, key uint32, exp uint64) AuthTag {
+	return AuthTag{
+		Action: action,
+		Key:    key,
+		Exp:    exp,
+	}
+}
+
+// ParseAuthTag parses an auth tag string into an AuthTag struct
+func ParseAuthTag(authStr string) (AuthTag, error) {
+	parts := strings.Split(authStr, ",")
+	if len(parts) != 3 {
+		return AuthTag{}, fmt.Errorf("invalid auth tag format: %s", authStr)
+	}
+
+	var auth AuthTag
+	for _, part := range parts {
+		kv := strings.Split(part, "=")
+		if len(kv) != 2 {
+			return AuthTag{}, fmt.Errorf("invalid auth tag part: %s", part)
+		}
+
+		switch kv[0] {
+		case "action":
+			action, err := strconv.ParseUint(kv[1], 10, 8)
+			if err != nil {
+				return AuthTag{}, fmt.Errorf("invalid action value: %s", kv[1])
+			}
+			auth.Action = Action(action)
+		case "key":
+			key, err := strconv.ParseUint(kv[1], 10, 32)
+			if err != nil {
+				return AuthTag{}, fmt.Errorf("invalid key value: %s", kv[1])
+			}
+			auth.Key = uint32(key)
+		case "exp":
+			exp, err := strconv.ParseUint(kv[1], 10, 64)
+			if err != nil {
+				return AuthTag{}, fmt.Errorf("invalid exp value: %s", kv[1])
+			}
+			auth.Exp = exp
+		default:
+			return AuthTag{}, fmt.Errorf("unknown auth tag field: %s", kv[0])
+		}
+	}
+
+	return auth, nil
+}
+
+// String returns the string representation of an AuthTag
+func (a AuthTag) String() string {
+	return fmt.Sprintf("action=%d,key=%d,exp=%d", a.Action, a.Key, a.Exp)
+}
+
+// HasPermission checks if the auth tag has the specified permission
+func (a AuthTag) HasPermission(action Action) bool {
+	return a.Action&action != 0
+}
+
+// IsExpired checks if the auth tag is expired based on the current clock value
+func (a AuthTag) IsExpired(currentClock uint64) bool {
+	return a.Exp <= currentClock
+}

cip/auth_test.go

@@ -0,0 +1,61 @@
+package cip
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAuthTag(t *testing.T) {
+	// Test creating a new auth tag
+	auth := NewAuthTag(ActionRead|ActionWrite, 30300, 1000)
+	assert.Equal(t, ActionRead|ActionWrite, auth.Action)
+	assert.Equal(t, uint32(30300), auth.Key)
+	assert.Equal(t, uint64(1000), auth.Exp)
+
+	// Test permission checks
+	assert.True(t, auth.HasPermission(ActionRead))
+	assert.True(t, auth.HasPermission(ActionWrite))
+	assert.False(t, auth.HasPermission(ActionExecute))
+
+	// Test expiration
+	assert.False(t, auth.IsExpired(999))
+	assert.True(t, auth.IsExpired(1000))
+	assert.True(t, auth.IsExpired(1001))
+
+	// Test string representation
+	assert.Equal(t, "action=3,key=30300,exp=1000", auth.String())
+}
+
+func TestParseAuthTag(t *testing.T) {
+	// Valid cases
+	validTags := []string{
+		"action=1,key=30300,exp=1000",
+		"action=2,key=30301,exp=2000",
+		"action=3,key=30302,exp=3000",
+		"action=4,key=30303,exp=4000",
+		"action=7,key=30304,exp=5000",
+	}
+	for _, tag := range validTags {
+		auth, err := ParseAuthTag(tag)
+		assert.NoError(t, err)
+		assert.NotNil(t, auth)
+	}
+
+	// Invalid cases
+	invalidTags := []string{
+		"",                   // empty
+		"action=1",           // missing fields
+		"action=1,key=30300", // missing exp
+		"action=1,key=30300,exp=1000,extra=value", // extra field
+		"action=invalid,key=30300,exp=1000",       // invalid action
+		"action=1,key=invalid,exp=1000",           // invalid key
+		"action=1,key=30300,exp=invalid",          // invalid exp
+		"action=1,key=30300,exp=1000,",            // trailing comma
+		",action=1,key=30300,exp=1000",            // leading comma
+	}
+	for _, tag := range invalidTags {
+		_, err := ParseAuthTag(tag)
+		assert.Error(t, err)
+	}
+}