authproofs: Rename methods with proof obligation to "promise"

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/daemon/cmdlistener.rs b/daemon/cmdlistener.rs
index 650a1705f711537bc5de0e5441c9a8eff5d187e9..76f5e43d667e814d26dc1bdd09addffe7abc1c0d 100644 (file)
--- a/daemon/cmdlistener.rs
+++ b/daemon/cmdlistener.rs
@@ -161,7 +161,7 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
       } else {
         let ag = AccountsGuard::lock();
         let auth = authorise_scope_direct(cs, &ag, &AccountScope::Server)?;
-        let auth = auth.therefore_ok();
+        let auth = auth.so_promise();
         cs.authstate = AuthState::Superuser { euid: preserve_euid, auth };
       }
       Fine
@@ -170,7 +170,7 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
       let good_uid = Some(config().ssh_proxy_uid);
       let auth = cs.authorised_uid(good_uid, Some("SetRestrictedScope"))
         .map_err(|_| ME::AuthorisationError)?;
-      let auth = auth.therefore_ok();
+      let auth = auth.so_promise();
       cs.authstate = AuthState::Ssh { key, auth };
       Fine
     },
@@ -229,7 +229,7 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
       cs.account = Some(AccountSpecified {
         cooked: wanted_account.to_string(),
         notional_account: wanted_account,
-        auth: auth.therefore_ok(),
+        auth: auth.so_promise(),
       });
       Fine
     }
@@ -278,7 +278,7 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
       execute_for_game(cs, &mut ag, &mut ig,
                        insns, MgmtGameUpdateMode::Bulk)
         .map_err(|e|{
-          let ig = ig.by(Authorisation::authorise_any());
+          let ig = ig.by(Authorisation::promise_any());
           let name = ig.name.clone();
           let InstanceGuard { c, .. } = ig;
           Instance::destroy_game(&mut games, c, auth)
@@ -352,7 +352,7 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
     MC::ListGames { all } => {
       let ag = AccountsGuard::lock();
       let names = Instance::list_names(
-        None, Authorisation::authorise_any());
+        None, Authorisation::promise_any());
       let auth_all = if all == Some(true) {
         let auth = cs.superuser().ok_or(ME::AuthorisationError)?.into();
         Some(auth)
@@ -722,7 +722,7 @@ fn execute_game_insn<'cs, 'igr, 'ig: 'igr>(
       let (player, update, logentry) =
         ig.player_new(gpl, ipl, arecord.account.clone(), logentry)?;
 
-      let atr = ig.player_access_reset(ag, player, auth.therefore_ok())?;
+      let atr = ig.player_access_reset(ag, player, auth.so_promise())?;
 
       (U{ pcs: vec![],
           log: vec![ logentry ],
@@ -1220,7 +1220,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>(
 
   let who = if_chain! {
     let account = &cs.current_account()?.notional_account;
-    let ig = igu.by_ref(Authorisation::authorise_any());
+    let ig = igu.by_ref(Authorisation::promise_any());
     if let Ok((_, acctid)) = ag.lookup(account);
     if let Some((player,_)) = ig.iplayers.iter()
       .filter(|(_,ipr)| ipr.ipl.acctid == acctid)
@@ -1286,7 +1286,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>(
         execute_game_insn(cs, ag, igu, insn, &who,
                           &mut to_permute)?;
       let st = uh_auth.get_or_insert_with(||{
-        let auth = Authorisation::authorised(&*ig.name);
+        let auth = Authorisation::promise_for(&*ig.name);
         let uh = UpdateHandler::from_how(how);
         St { uh, auth, have_deleted: false }
       });
@@ -1323,7 +1323,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>(
 
     })();
     (r, {
-      let ig = igu.by_mut(Authorisation::authorise_any());
+      let ig = igu.by_mut(Authorisation::promise_any());
       let g = &mut **ig;
       let gs = &mut g.gs;
       to_permute.implement(&mut gs.players,
@@ -1334,7 +1334,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>(
   });
 
   if let Some(uu) = uu {
-    let mut ig = igu.by_mut(Authorisation::authorise_any());
+    let mut ig = igu.by_mut(Authorisation::promise_any());
     let mut prepub = PrepareUpdatesBuffer::new(&mut ig, None);
     uu(&mut prepub);
     prepub.finish();
@@ -1572,7 +1572,7 @@ impl CommandStreamData<'_> {
        client_euid == server_uid ||
        Some(client_euid) == wanted
     {
-      return Authorisation::authorised(&client_euid);
+      return Authorisation::promise_for(&client_euid);
     }
     throw!(anyhow!("{}: euid mismatch: client={:?} server={:?} wanted={:?}{}",
                    &self.desc, client_euid, server_uid, wanted,
@@ -1609,7 +1609,7 @@ impl CommandStreamData<'_> {
         Authorisation<InstanceName>)
   {
     let ipl_unauth = {
-      let ig = ig.by_ref(Authorisation::authorise_any());
+      let ig = ig.by_ref(Authorisation::promise_any());
       ig.iplayers.byid(player)?
     };
     let how = PCH::InstanceOrOnlyAffectedAccount(ipl_unauth.ipl.acctid);
@@ -1660,7 +1660,7 @@ impl CommandStreamData<'_> {
       let subject_is = |object_acctid: AccountId|{
         if subject_acctid == object_acctid {
           let auth: Authorisation<InstanceName>
-            = Authorisation::authorise_any();
+            = Authorisation::promise_any();
           return Some(auth);
         }
         return None;
@@ -1673,7 +1673,7 @@ impl CommandStreamData<'_> {
         PCH::InstanceOrOnlyAffectedPlayer(object_player) => {
           if_chain!{
             if let Some(object_ipr) =
-              ig.by_ref(Authorisation::authorise_any()).iplayers
+              ig.by_ref(Authorisation::promise_any()).iplayers
               .get(object_player);
             then { subject_is(object_ipr.ipl.acctid) }
             else { None }
@@ -1687,7 +1687,7 @@ impl CommandStreamData<'_> {
       let auth = {
         let subject = &current_account.cooked;
         let (acl, owner) = {
-          let ig = ig.by_ref(Authorisation::authorise_any());
+          let ig = ig.by_ref(Authorisation::promise_any());
           (&ig.acl, &ig.name.account)
         };
         let owner_account = owner.to_string();
@@ -1736,7 +1736,7 @@ fn authorise_by_account(cs: &CommandStreamData, ag: &AccountsGuard,
   ag.check(&current.notional_account)?;
 
   if let Some(y) = cs.superuser() {
-    return y.therefore_ok();
+    return y.so_promise();
   }
 
   if &current.notional_account == &wanted.account {
@@ -1796,7 +1796,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard,
       let y: Authorisation<Uid> = {
         cs.authorised_uid(None,None)?
       };
-      y.therefore_ok()
+      y.so_promise()
     }
 
     AccountScope::Ssh{..} => {
@@ -1815,7 +1815,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard,
 
         const SERVER_ONLY: (AuthorisedIf, Authorisation<InUserList>) = (
           AuthorisedIf { authorised_for: None },
-          Authorisation::authorised(&InUserList),
+          Authorisation::promise_for(&InUserList),
         );
 
         let pwent = Passwd::from_name(&wanted)
@@ -1828,7 +1828,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard,
               "requested username {:?} not found", &wanted
             ))
           )?;
-        let pwent_ok = Authorisation::authorised(&pwent);
+        let pwent_ok = Authorisation::promise_for(&pwent);
 
         let ((uid, in_userlist_ok), xinfo) = (||{ <Result<_,AE>>::Ok({
           let allowed = BufReader::new(match File::open(USERLIST) {
@@ -1849,7 +1849,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard,
                   (AuthorisedIf{ authorised_for: Some(
                     Uid::from_raw(pwent.uid)
                   )},
-                   Authorisation::authorised(&InUserList),
+                   Authorisation::promise_for(&InUserList),
                   ),
                   None
                 ))
@@ -1872,7 +1872,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard,
       
         (pwent_ok, uid_ok, in_userlist_ok).combine()
       };
-      y.therefore_ok()
+      y.so_promise()
     },
 
   }

diff --git a/daemon/main.rs b/daemon/main.rs
index 995078fb64ca31a137fd3eb635e03046af08678e..0b997e51a1582d56b16163d0fb8cbc85cb746c6a 100644 (file)
--- a/daemon/main.rs
+++ b/daemon/main.rs
@@ -251,7 +251,7 @@ fn bundle<'r>(instance: Parse<InstanceName>,
     .map_err(|_| BadAssetUrlToken)?;
   let ig = gref.lock().map_err(|_| BadAssetUrlToken)?;
   let auth = {
-    let ig = ig.by_ref(Authorisation::authorise_any());
+    let ig = ig.by_ref(Authorisation::promise_any());
     ig.asset_url_key.check("bundle", &(instance, id), &token)?
   }.map(|(_,id)| id);
   let path = id.path(&ig, auth);

diff --git a/src/accounts.rs b/src/accounts.rs
index 25708d78825dc8b20205def28dd5e62ebf320f10..4351820042441a5558739ad5f73c9ce79313c221 100644 (file)
--- a/src/accounts.rs
+++ b/src/accounts.rs
@@ -559,7 +559,7 @@ pub mod loaded_acl {
         } { continue }
         if needed & deny != 0 { break }
         if allow != 0 { needed &= !(allow | test_existence) }
-        if needed == 0 { return Authorisation::authorise_any() }
+        if needed == 0 { return Authorisation::promise_any() }
       }
       Err(if needed & test_existence != 0 {
         P::NOT_FOUND

diff --git a/src/asseturl.rs b/src/asseturl.rs
index 321dfe12a34e405cb48dfd124837a47d1adae618..33bbabdcbea3ccf1aabe55e76f3a3d5f71d3fc15 100644 (file)
--- a/src/asseturl.rs
+++ b/src/asseturl.rs
@@ -50,7 +50,7 @@ impl AssetUrlKey {
       &exp.0[..],
       &got.0[..],
     )) { throw!(BadAssetUrlToken) }
-    else { Authorisation::authorised(v) }
+    else { Authorisation::promise_for(v) }
   }
 }
 

diff --git a/src/authproofs.rs b/src/authproofs.rs
index 1d9b5041f7926b38ffd2ba8a2d289ed95373d181..541c485a033072b13b913431b37cff71dc8beaf4 100644 (file)
--- a/src/authproofs.rs
+++ b/src/authproofs.rs
@@ -35,22 +35,22 @@ pub type AuthorisationSuperuser = Authorisation<Global>;
 impl<T> Authorisation<T> {
   /// Proof obligation: access to this `T` has been authorised.
   #[inline]
-  pub const fn authorised(_v: &T) -> Authorisation<T> {
+  pub const fn promise_for(_v: &T) -> Authorisation<T> {
     Authorisation(PhantomData)
   }
   #[inline]
   pub fn map<U,F>(self, _f: F) -> Authorisation<U> where F: Fn(&T) -> &U {
-    self.therefore_ok()
+    self.so_promise()
   }
   /// Minor proof obligation: in this case, authorised access to `T`
   /// implies authorised access to `U`.
   #[inline]
-  pub fn therefore_ok<U>(self) -> Authorisation<U> {
+  pub fn so_promise<U>(self) -> Authorisation<U> {
     Authorisation(PhantomData)
   }
   /// Proof obligation: access to `T` has been authorised.
   #[inline]
-  pub const fn authorise_any() -> Authorisation<T> {
+  pub const fn promise_any() -> Authorisation<T> {
     Authorisation(PhantomData)
   }
 }
@@ -59,7 +59,7 @@ impl<T:Serialize> From<Authorisation<Global>> for Authorisation<T> {
   // ^ we need a bound not met by Global or we conflict with From<T> for T
   #[inline]
   fn from(global: Authorisation<Global>) -> Self {
-    global.therefore_ok()
+    global.so_promise()
   }
 }
 

diff --git a/src/bundles.rs b/src/bundles.rs
index 485068373e6098a696249aa5c1dbde271b77aee6..0afce3235e6cbc87e61af874ce698e52a448f047 100644 (file)
--- a/src/bundles.rs
+++ b/src/bundles.rs
@@ -265,7 +265,7 @@ impl Id {
 
   pub fn path(&self, instance: &Unauthorised<InstanceGuard<'_>, InstanceName>,
           auth: Authorisation<Id>) -> String {
-    self.path_(&instance.by_ref(auth.therefore_ok()).name)
+    self.path_(&instance.by_ref(auth.so_promise()).name)
   }
 
   #[throws(IE)]
@@ -284,7 +284,7 @@ impl Id {
   #[throws(IE)]
   pub fn open(&self, instance: &Instance) -> Option<fs::File> {
     let name = &*instance.name;
-    let auth = Authorisation::authorised(name).bundles();
+    let auth = Authorisation::promise_for(name).bundles();
     self.open_by_name(name, auth)?
   }
 
@@ -296,7 +296,7 @@ impl Id {
 //---------- displaing/presenting/authorising ----------
 
 impl Authorisation<InstanceName> {
-  pub fn bundles(self) -> Authorisation<Id> { self.therefore_ok() }
+  pub fn bundles(self) -> Authorisation<Id> { self.so_promise() }
 }
 
 impl Display for State {

diff --git a/src/global.rs b/src/global.rs
index b15ac5fa8f8e495b2ee61ad032e093386b3edc55..354ef4ae32fc0208e4a3bea60394bdfaff0ebfb9 100644 (file)
--- a/src/global.rs
+++ b/src/global.rs
@@ -313,12 +313,12 @@ impl InstanceWeakRef {
 impl<A> Unauthorised<InstanceRef, A> {
   #[throws(GameBeingDestroyed)]
   pub fn lock<'r>(&'r self) -> Unauthorised<InstanceGuard<'r>, A> {
-    let must_not_escape = self.by_ref(Authorisation::authorise_any());
+    let must_not_escape = self.by_ref(Authorisation::promise_any());
     Unauthorised::of(must_not_escape.lock()?)
   }
 
   pub fn lock_even_destroying<'r>(&'r self) -> Unauthorised<InstanceGuard<'r>, A> {
-    let must_not_escape = self.by_ref(Authorisation::authorise_any());
+    let must_not_escape = self.by_ref(Authorisation::promise_any());
     Unauthorised::of(InstanceGuard {
       c: must_not_escape.lock_even_destroying(),
       gref: must_not_escape.clone(),
@@ -326,7 +326,7 @@ impl<A> Unauthorised<InstanceRef, A> {
   }
 
   pub fn lock_bundles<'r>(&'r self) -> Unauthorised<BundlesGuard<'_>, A> {
-    let must_not_escape = self.by_ref(Authorisation::authorise_any());
+    let must_not_escape = self.by_ref(Authorisation::promise_any());
     Unauthorised::of(must_not_escape.lock_bundles())
   }
 }

diff --git a/src/sshkeys.rs b/src/sshkeys.rs
index e1eaca02defc6ad4e1890a3c0c2f7947aaebefaa..f432d7fd826290f4b2ce88a1665d37a6f113f10b 100644 (file)
--- a/src/sshkeys.rs
+++ b/src/sshkeys.rs
@@ -167,7 +167,7 @@ impl PerScope {
         if &want_key.nonce == &authed_key.nonce;
         then {
           // We have checked id and nonce, against those allowed
-          let auth = auth_in.therefore_ok();
+          let auth = auth_in.so_promise();
           return Some(auth);
         }
       }