Merge pull request #38 from gatewayd-io/non-strict-verification-policy

Non-strict (permissive) verification policy

Author: mostafa

cmd/config_parser.go

@@ -33,7 +33,7 @@ func getPath(path string) string {
 
 func verificationPolicy() network.Policy {
 	vPolicy := globalConfig.String("plugins.verificationPolicy")
-	verificationPolicy := network.Ignore // default
+	verificationPolicy := network.PassDown // default
 	switch vPolicy {
 	case "ignore":
 		verificationPolicy = network.Ignore

network/hooks.go

@@ -20,9 +20,12 @@ type (
 )
 
 const (
-	Ignore Policy = iota // Ignore errors and continue
-	Abort                // Abort on first error and return results
-	Remove               // Remove the hook from the list on error and continue
+	// Non-strict (permissive) mode.
+	PassDown Policy = iota // Pass down the extra keys/values in result to the next plugins
+	// Strict mode.
+	Ignore // Ignore errors and continue
+	Abort  // Abort on first error and return results
+	Remove // Remove the hook from the list on error and continue
 )
 
 const (
@@ -113,7 +116,9 @@ func (h *HookConfig) Run(
 
 		// This is done to ensure that the return value of the hook is always valid,
 		// and that the hook does not return any unexpected values.
-		if verify(args, result) {
+		// If the verification mode is non-strict (permissive), let the plugin pass
+		// extra keys/values to the next plugin in chain.
+		if verify(args, result) || verification == PassDown {
 			// Update the last return value with the current result
 			returnVal = result
 			continue
@@ -122,6 +127,7 @@ func (h *HookConfig) Run(
 		// At this point, the hook returned an invalid value, so we need to handle it.
 		// The result of the current hook will be ignored, regardless of the policy.
 		switch verification {
+		// Ignore the result of this plugin, log an error and execute the next hook.
 		case Ignore:
 			errMsg := fmt.Sprintf(
 				"Hook %s (Prio %d) returned invalid value, ignoring", hookType, prio)
@@ -134,7 +140,7 @@ func (h *HookConfig) Run(
 			if idx == 0 {
 				returnVal = args
 			}
-			continue
+		// Abort execution of the plugins, log the error and return the result of the last hook.
 		case Abort:
 			errMsg := fmt.Sprintf(
 				"Hook %s (Prio %d) returned invalid value, aborting", hookType, prio)
@@ -147,6 +153,7 @@ func (h *HookConfig) Run(
 				return args
 			}
 			return returnVal
+		// Remove the hook from the registry, log the error and execute the next hook.
 		case Remove:
 			errMsg := fmt.Sprintf(
 				"Hook %s (Prio %d) returned invalid value, removing", hookType, prio)
@@ -159,7 +166,9 @@ func (h *HookConfig) Run(
 			if idx == 0 {
 				returnVal = args
 			}
-			continue
+		case PassDown:
+		default:
+			returnVal = result
 		}
 	}
 

network/hooks_test.go

@@ -99,6 +99,45 @@ func Test_verify_fail(t *testing.T) {
 	}
 }
 
+func Test_HookConfig_Run_PassDown(t *testing.T) {
+	hooks := NewHookConfig()
+	// The result of the hook will be nil and will be passed down to the next hook.
+	hooks.Add(OnNewLogger, 0, func(s Signature) Signature {
+		return nil
+	})
+	// The consolidated result should be Signature{"test": "test"}.
+	hooks.Add(OnNewLogger, 1, func(s Signature) Signature {
+		return Signature{
+			"test": "test",
+		}
+	})
+	// Although the first hook returns nil, and its Signature doesn't match the params,
+	// so its result (nil) is passed down to the next hook in chain (prio 2).
+	// Then the second hook runs and returns a Signature with a "test" key and value.
+	assert.NotNil(t, hooks.Run(OnNewLogger, Signature{"test": "test"}, PassDown))
+}
+
+func Test_HookConfig_Run_PassDown_2(t *testing.T) {
+	hooks := NewHookConfig()
+	// The result of the hook will be nil and will be passed down to the next hook.
+	hooks.Add(OnNewLogger, 0, func(s Signature) Signature {
+		return Signature{
+			"test1": "test1",
+		}
+	})
+	// The consolidated result should be Signature{"test1": "test1", "test2": "test2"}.
+	hooks.Add(OnNewLogger, 1, func(s Signature) Signature {
+		return Signature{
+			"test2": "test2",
+		}
+	})
+	// Although the first hook returns nil, and its Signature doesn't match the params,
+	// so its result (nil) is passed down to the next hook in chain (prio 2).
+	// Then the second hook runs and returns a Signature with a "test1" and "test2" key and value.
+	assert.NotNil(t, hooks.Run(
+		OnNewLogger, Signature{"test1": "test1", "test2": "test2"}, PassDown))
+}
+
 func Test_HookConfig_Run_Ignore(t *testing.T) {
 	hooks := NewHookConfig()
 	// This should not run, because the return value is not the same as the params

network/proxy.go

@@ -131,7 +131,7 @@ func (pr *ProxyImpl) PassThrough(gconn gnet.Conn) error {
 		return ErrClientNotFound
 	}
 
-	// buf contains the data from the client (query)
+	// buf contains the data from the client (<type>, length, query)
 	buf, err := gconn.Next(-1)
 	if err != nil {
 		pr.logger.Error().Err(err).Msgf("Error reading from client: %v", err)