firewall+firewalldb: move mac ID serialisation to kvdb impl

For our kvdb firewalldb, we use an empty 4 byte array as the macaroon
identifier even if no macaroon was used to create the action. This is so
that we have some sort of "session ID" bucket to store these set of
actions under. For our SQL impl, however, this is not needed and we will
likely just use a nullable field for the macaroon ID. So in preparation
for this, we move the kvdb specific logic to the kvdb impl.

Author: ellemouton

firewall/request_logger.go

@@ -9,6 +9,7 @@ import (
 	"github.com/lightninglabs/lightning-terminal/firewalldb"
 	mid "github.com/lightninglabs/lightning-terminal/rpcmiddleware"
 	"github.com/lightninglabs/lightning-terminal/session"
+	"github.com/lightningnetwork/lnd/fn"
 	"github.com/lightningnetwork/lnd/lnrpc"
 	"github.com/lightningnetwork/lnd/macaroons"
 )
@@ -181,16 +182,15 @@ func (r *RequestLogger) Intercept(ctx context.Context,
 func (r *RequestLogger) addNewAction(ctx context.Context, ri *RequestInfo,
 	withPayloadData bool) error {
 
-	// If no macaroon is provided, then an empty 4-byte array is used as the
-	// macaroon ID. Otherwise, the last 4 bytes of the macaroon's root key
-	// ID are used.
-	var macaroonID [4]byte
+	var macaroonID fn.Option[[4]byte]
 	if ri.Macaroon != nil {
 		var err error
-		macaroonID, err = session.IDFromMacaroon(ri.Macaroon)
+		macID, err := session.IDFromMacaroon(ri.Macaroon)
 		if err != nil {
 			return fmt.Errorf("could not extract ID from macaroon")
 		}
+
+		macaroonID = fn.Some([4]byte(macID))
 	}
 
 	actionReq := &firewalldb.AddActionReq{

firewalldb/actions.go

@@ -36,7 +36,8 @@ const (
 type AddActionReq struct {
 	// MacaroonIdentifier is a 4 byte identifier created from the last 4
 	// bytes of the root key ID of the macaroon used to perform the action.
-	MacaroonIdentifier [4]byte
+	// If no macaroon was used for the action, then this will not be set.
+	MacaroonIdentifier fn.Option[[4]byte]
 
 	// SessionID holds the optional session ID of the session that this
 	// action was performed with.

firewalldb/actions_kvdb.go

@@ -58,6 +58,13 @@ var (
 func (db *BoltDB) AddAction(ctx context.Context,
 	req *AddActionReq) (ActionLocator, error) {
 
+	// If no macaroon is provided, then an empty 4-byte array is used as the
+	// macaroon ID.
+	var macaroonID [4]byte
+	req.MacaroonIdentifier.WhenSome(func(id [4]byte) {
+		macaroonID = id
+	})
+
 	// If the new action links to a session, the session must exist.
 	// For the bbolt impl of the store, this is our best effort attempt
 	// at ensuring each action links to a session. If the session is
@@ -105,7 +112,7 @@ func (db *BoltDB) AddAction(ctx context.Context,
 		}
 
 		sessBucket, err := actionsBucket.CreateBucketIfNotExists(
-			action.MacaroonIdentifier[:],
+			macaroonID[:],
 		)
 		if err != nil {
 			return err
@@ -134,7 +141,7 @@ func (db *BoltDB) AddAction(ctx context.Context,
 		}
 
 		locator = kvdbActionLocator{
-			sessionID: action.MacaroonIdentifier,
+			sessionID: macaroonID,
 			actionID:  nextActionIndex,
 		}
 
@@ -574,7 +581,7 @@ func DeserializeAction(r io.Reader, sessionID session.ID) (*Action, error) {
 		return nil, err
 	}
 
-	action.MacaroonIdentifier = sessionID
+	action.MacaroonIdentifier = fn.Some([4]byte(sessionID))
 	action.SessionID = fn.Some(sessionID)
 	action.ActorName = string(actor)
 	action.FeatureName = string(featureName)

firewalldb/actions_test.go

@@ -67,7 +67,7 @@ func TestActionStorage(t *testing.T) {
 	action1Req := &AddActionReq{
 		SessionID:          fn.Some(sess1.ID),
 		AccountID:          fn.Some(acct1.ID),
-		MacaroonIdentifier: sess1.ID,
+		MacaroonIdentifier: fn.Some([4]byte(sess1.ID)),
 		ActorName:          "Autopilot",
 		FeatureName:        "auto-fees",
 		Trigger:            "fee too low",
@@ -85,7 +85,7 @@ func TestActionStorage(t *testing.T) {
 
 	action2Req := &AddActionReq{
 		SessionID:          fn.Some(sess2.ID),
-		MacaroonIdentifier: sess2.ID,
+		MacaroonIdentifier: fn.Some([4]byte(sess2.ID)),
 		ActorName:          "Autopilot",
 		FeatureName:        "rebalancer",
 		Trigger:            "channels not balanced",
@@ -223,7 +223,7 @@ func TestListActions(t *testing.T) {
 		actionIds++
 
 		actionReq := &AddActionReq{
-			MacaroonIdentifier: sessionID,
+			MacaroonIdentifier: fn.Some(sessionID),
 			ActorName:          "Autopilot",
 			FeatureName:        fmt.Sprintf("%d", actionIds),
 			Trigger:            "fee too low",
@@ -245,9 +245,11 @@ func TestListActions(t *testing.T) {
 	assertActions := func(dbActions []*Action, al []*action) {
 		require.Len(t, dbActions, len(al))
 		for i, a := range al {
-			require.EqualValues(
-				t, a.sessionID, dbActions[i].MacaroonIdentifier,
+			mID, err := dbActions[i].MacaroonIdentifier.UnwrapOrErr(
+				fmt.Errorf("macaroon identifier is none"),
 			)
+			require.NoError(t, err)
+			require.EqualValues(t, a.sessionID, mID)
 			require.Equal(t, a.actionID, dbActions[i].FeatureName)
 		}
 	}
@@ -433,7 +435,7 @@ func TestListGroupActions(t *testing.T) {
 
 	action1Req := &AddActionReq{
 		SessionID:          fn.Some(sess1.ID),
-		MacaroonIdentifier: sess1.ID,
+		MacaroonIdentifier: fn.Some([4]byte(sess1.ID)),
 		ActorName:          "Autopilot",
 		FeatureName:        "auto-fees",
 		Trigger:            "fee too low",
@@ -451,7 +453,7 @@ func TestListGroupActions(t *testing.T) {
 
 	action2Req := &AddActionReq{
 		SessionID:          fn.Some(sess2.ID),
-		MacaroonIdentifier: sess2.ID,
+		MacaroonIdentifier: fn.Some([4]byte(sess2.ID)),
 		ActorName:          "Autopilot",
 		FeatureName:        "rebalancer",
 		Trigger:            "channels not balanced",

session_rpcserver.go

@@ -806,9 +806,14 @@ func (s *sessionRpcServer) ListActions(ctx context.Context,
 			sessionID = id
 		})
 
+		var macID [4]byte
+		a.MacaroonIdentifier.WhenSome(func(id [4]byte) {
+			macID = id
+		})
+
 		resp[i] = &litrpc.Action{
 			SessionId:          sessionID[:],
-			MacaroonIdentifier: a.MacaroonIdentifier[:],
+			MacaroonIdentifier: macID[:],
 			ActorName:          a.ActorName,
 			FeatureName:        a.FeatureName,
 			Trigger:            a.Trigger,