Add restricted controller messenger #378
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
Gudahtt
force-pushed
the
controller-messaging
branch
from
159d49e to
756e986
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
30751bd to
d5cb725
Compare
|
My objective with this restricted messaging system was to prevent accidental use of methods beyond the intended access. I'm not protecting against access to private methods/properties, or anything sneaky like that. We have lint rules and types to protect against us doing that. This approach isn't adequate for dealing with untrusted code. I don't think we'll be using the controller messaging system for untrusted code though - at least not directly. The snaps API will likely use the messaging system, but it will use other means to prevent unintended access (e.g. an RPC layer, SES, the permission system, etc.). |
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
d5cb725 to
4433aa7
Compare
Gudahtt
force-pushed
the
controller-messaging
branch
from
756e986 to
5202621
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
3 times, most recently
from
993d382 to
53cc024
Compare
Gudahtt
commented
Mar 8, 2021
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
3 times, most recently
from
4a885cc to
626fd07
Compare
Gudahtt
commented
Mar 9, 2021
| } | ||
| } | ||
|
|
||
| it('should allow messaging between controllers', () => { |
There was a problem hiding this comment.
This is the most complete example so far. It demonstrates calling an action and subscribing to an event in another controller.
Gudahtt
force-pushed
the
controller-messaging
branch
from
c4fb8f4 to
c267a31
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
e8cb578 to
e7bb905
Compare
Gudahtt
force-pushed
the
controller-messaging
branch
from
c267a31 to
1671284
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
e7bb905 to
a97dfe4
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
a97dfe4 to
be56e2b
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
5 times, most recently
from
99cd49d to
2e7b0b6
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
94d73b9 to
e660361
Compare
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
d387679 to
47e0cab
Compare
rekmarks
requested changes
Apr 13, 2021
| } | ||
| } | ||
|
|
||
| it('should allow messaging between controllers', () => { |
A method has been added to the controller messenger that returns a _restricted_ instance of the controller messenger. This instance is restricted to registering actions and events within a particular namespace, typically being the name of the controller. Access to event subscriptions and calling actions is also restricted based on the given allowlist for each. This is meant to address feedback left on the Controller Messaging System proposal[1]. [1]: https://www.notion.so/Controller-Messaging-System-617efb02b9e54bd0a0b0e44c6f776d85
The parameters for `getRestricted` were moved into an object, to improve readability.
The "controllerName" option has been renamed to "name", so as to not assume that the name is of a controller.
All methods now have corresponding JSDoc comments.
Previously the Base Controller would not accept any action types, and it would only accept the single action it used. Now it accepts any types, so long as the required type is present.
There is now a unit test that demonstrates inter-controller communication using the controller messaging system. This is a Base Controller test because it's also testing the Base Controller's messenger integration at the same time.
This requirement was added recently in #422
Comments have been added alongside each `istanbul ignore if` statement explaining why it was required.
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
47e0cab to
d25bb8e
Compare
The new tests cover restricted messenger instances with access to both internal and external events and actions.
Gudahtt
force-pushed
the
restricted-controller-messenger
branch
from
d25bb8e to
d028d1b
Compare
|
This has been rebased, and all comments have been addressed. |
Gudahtt
added a commit
that referenced
this pull request
Apr 15, 2021
- Add restricted controller messenger ([#378](#378)) - **BREAKING:** Update minimum Node.js version to v12 ([#441](#441)) - **BREAKING:** Replace controller context ([#387](#387)) - Bump @metamask/contract-metadata from 1.23.0 to 1.24.0 ([#440](#440)) - Update lint rules ([#442](#442), [#426](#426)) - Don't remove collectibles during auto detection ([#439](#439))
MajorLift
pushed a commit
that referenced
this pull request
Oct 11, 2023
A method has been added to the controller messenger that returns a _restricted_ instance of the controller messenger. This instance is restricted to registering actions and events within a particular namespace, typically being the name of the controller. Access to event subscriptions and calling actions is also restricted based on the given allowlist for each. This is meant to address feedback left on the Controller Messaging System proposal[1]. [1]: https://www.notion.so/Controller-Messaging-System-617efb02b9e54bd0a0b0e44c6f776d85
MajorLift
pushed a commit
that referenced
this pull request
Oct 11, 2023
A method has been added to the controller messenger that returns a _restricted_ instance of the controller messenger. This instance is restricted to registering actions and events within a particular namespace, typically being the name of the controller. Access to event subscriptions and calling actions is also restricted based on the given allowlist for each. This is meant to address feedback left on the Controller Messaging System proposal[1]. [1]: https://www.notion.so/Controller-Messaging-System-617efb02b9e54bd0a0b0e44c6f776d85
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A method has been added to the controller messenger that returns a restricted instance of the controller messenger. This instance is restricted to registering actions and events within a particular namespace, typically being the name of the controller. Access to event subscriptions and calling actions is also restricted based on the given allowlist for each.
This is meant to address feedback left on the Controller Messaging System proposal.