diff --git a/packages/cahn_demo/client/package-lock.json b/packages/cahn_demo/client/package-lock.json index cc3a1b0..80fc717 100644 --- a/packages/cahn_demo/client/package-lock.json +++ b/packages/cahn_demo/client/package-lock.json @@ -18,7 +18,6 @@ "next": "^14.2.5", "react": "^18", "react-dom": "^18", - "schemas": "file:../schemas", "uuid": "^10.0.0" }, "devDependencies": { @@ -33,6 +32,7 @@ }, "../schemas": { "version": "1.0.0", + "extraneous": true, "license": "ISC", "dependencies": { "fs": "^0.0.1-security", @@ -2412,10 +2412,6 @@ "loose-envify": "^1.1.0" } }, - "node_modules/schemas": { - "resolved": "../schemas", - "link": true - }, "node_modules/shebang-command": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", diff --git a/packages/cahn_demo/client/package.json b/packages/cahn_demo/client/package.json index 7dd5dfb..b79c5d5 100644 --- a/packages/cahn_demo/client/package.json +++ b/packages/cahn_demo/client/package.json @@ -19,7 +19,6 @@ "next": "^14.2.5", "react": "^18", "react-dom": "^18", - "schemas": "file:../schemas", "uuid": "^10.0.0" }, "devDependencies": { diff --git a/packages/cahn_demo/client/src/app/device-type/[device_type_id]/page.js b/packages/cahn_demo/client/src/app/device-type/[device_type_id]/page.js index da208ed..3c84924 100644 --- a/packages/cahn_demo/client/src/app/device-type/[device_type_id]/page.js +++ b/packages/cahn_demo/client/src/app/device-type/[device_type_id]/page.js @@ -6,9 +6,10 @@ import DeviceTypeInfoTable from "../../components/DeviceTypeInfoTable"; import withAuth from "@/app/utils/withAuth"; import AppBar from "../../components/AppBar"; import { v4 as uuidv4 } from "uuid"; -import { device_type_trust } from "@/schemas"; +import { device_type_trust, retraction } from "@/schemas"; import TrustSubmissions from "@/app/components/TrustSubmissions"; import initializeWasm from "@/app/utils/initialiseWasm"; +import createUnsignedRetractionVC from "@/app/utils/createUnsignedRetractionVC"; const Page = ({ params }) => { const [deviceTypeData, setDeviceTypeData] = useState({ @@ -98,36 +99,13 @@ const Page = ({ params }) => { ); const idToRevoke = response.data.id; // Assuming the API returns an object with an 'id' field - const retractionClaim = { - type: "retraction", - id: `urn:uuid:${uuidv4()}`, - timestamp: Date.now(), - claim_id: idToRevoke, - }; - - const retractionVC = { - "@context": ["https://www.w3.org/ns/credentials/v2"], - id: `urn:uuid:${uuidv4()}`, - type: ["VerifiableCredential", "UserCredential"], - issuer: `urn:uuid:${uuidv4()}`, // TODO: Use an actual issuer ID? - validFrom: new Date().toISOString(), - credentialSchema: { - id: "https://github.com/nqminds/ClaimCascade/blob/claim_verifier/packages/claim_verifier/user.yaml", - type: "JsonSchema", - }, - credentialSubject: retractionClaim, - }; - - const VC = new window.VerifiableCredential( - retractionVC, - "retraction_schema" - ); + const vcToUpload = createUnsignedRetractionVC(idToRevoke); const privateKeyAsUint8Array = new Uint8Array( Buffer.from(privateKey, "base64") ); - const signedVc = VC.sign(privateKeyAsUint8Array).to_object(); + const signedVc = vcToUpload.sign(privateKeyAsUint8Array).to_object(); const uploadResponse = await axios.post( "http://localhost:3001/upload/verifiable_credential", diff --git a/packages/cahn_demo/client/src/app/device/[device_id]/page.js b/packages/cahn_demo/client/src/app/device/[device_id]/page.js index 2f99cc6..7a1c81a 100644 --- a/packages/cahn_demo/client/src/app/device/[device_id]/page.js +++ b/packages/cahn_demo/client/src/app/device/[device_id]/page.js @@ -6,9 +6,10 @@ import DeviceInfoTable from "../../components/DeviceInfoTable"; import withAuth from "@/app/utils/withAuth"; import { v4 as uuidv4 } from "uuid"; import AppBar from "../../components/AppBar"; -import { device_trust } from "@/schemas"; +import { device_trust, retraction } from "@/schemas"; import TrustSubmissions from "../../components/TrustSubmissions"; import initializeWasm from "@/app/utils/initialiseWasm"; +import createUnsignedRetractionVC from "@/app/utils/createUnsignedRetractionVC"; const Page = ({ params }) => { const [deviceData, setDeviceData] = useState({ @@ -126,36 +127,13 @@ const Page = ({ params }) => { ); const idToRevoke = response.data.id; // Assuming the API returns an object with an 'id' field - const retractionClaim = { - type: "retraction", - id: `urn:uuid:${uuidv4()}`, - timestamp: Date.now(), - claim_id: idToRevoke, - }; - - const retractionVC = { - "@context": ["https://www.w3.org/ns/credentials/v2"], - id: `urn:uuid:${uuidv4()}`, - type: ["VerifiableCredential", "UserCredential"], - issuer: `urn:uuid:${uuidv4()}`, // TODO: Use an actual issuer ID? - validFrom: new Date().toISOString(), - credentialSchema: { - id: "https://github.com/nqminds/ClaimCascade/blob/claim_verifier/packages/claim_verifier/user.yaml", - type: "JsonSchema", - }, - credentialSubject: retractionClaim, - }; - - const VC = new window.VerifiableCredential( - retractionVC, - "retraction_schema" - ); + const vcToUpload = createUnsignedRetractionVC(idToRevoke); const privateKeyAsUint8Array = new Uint8Array( Buffer.from(privateKey, "base64") ); - const signedVc = VC.sign(privateKeyAsUint8Array).to_object(); + const signedVc = vcToUpload.sign(privateKeyAsUint8Array).to_object(); const uploadResponse = await axios.post( "http://localhost:3001/upload/verifiable_credential", diff --git a/packages/cahn_demo/client/src/app/manufacturer/[manufacturer_id]/page.js b/packages/cahn_demo/client/src/app/manufacturer/[manufacturer_id]/page.js index d587b35..d4a0105 100644 --- a/packages/cahn_demo/client/src/app/manufacturer/[manufacturer_id]/page.js +++ b/packages/cahn_demo/client/src/app/manufacturer/[manufacturer_id]/page.js @@ -6,8 +6,10 @@ import ManufacturerInfoTable from "../../components/ManufacturerInfoTable"; import withAuth from "@/app/utils/withAuth"; import AppBar from "../../components/AppBar"; import { v4 as uuidv4 } from "uuid"; -import { manufacturer_trust } from "@/schemas"; +import { manufacturer_trust, retraction } from "@/schemas"; import TrustSubmissions from "@/app/components/TrustSubmissions"; +import initializeWasm from "@/app/utils/initialiseWasm"; +import createUnsignedRetractionVC from "@/app/utils/createUnsignedRetractionVC"; const Page = ({ params }) => { const [manufacturerData, setManufacturerData] = useState({ @@ -123,36 +125,13 @@ const Page = ({ params }) => { ); const idToRevoke = response.data.id; // Assuming the API returns an object with an 'id' field - const retractionClaim = { - type: "retraction", - id: `urn:uuid:${uuidv4()}`, - timestamp: Date.now(), - claim_id: idToRevoke, - }; - - const retractionVC = { - "@context": ["https://www.w3.org/ns/credentials/v2"], - id: `urn:uuid:${uuidv4()}`, - type: ["VerifiableCredential", "UserCredential"], - issuer: `urn:uuid:${uuidv4()}`, // TODO: Use an actual issuer ID? - validFrom: new Date().toISOString(), - credentialSchema: { - id: "https://github.com/nqminds/ClaimCascade/blob/claim_verifier/packages/claim_verifier/user.yaml", - type: "JsonSchema", - }, - credentialSubject: retractionClaim, - }; - - const VC = new window.VerifiableCredential( - retractionVC, - "retraction_schema" - ); + const vcToUpload = createUnsignedRetractionVC(idToRevoke); const privateKeyAsUint8Array = new Uint8Array( Buffer.from(privateKey, "base64") ); - const signedVc = VC.sign(privateKeyAsUint8Array).to_object(); + const signedVc = vcToUpload.sign(privateKeyAsUint8Array).to_object(); const uploadResponse = await axios.post( "http://localhost:3001/upload/verifiable_credential", diff --git a/packages/cahn_demo/client/src/app/utils/createUnsignedRetractionVC.js b/packages/cahn_demo/client/src/app/utils/createUnsignedRetractionVC.js new file mode 100644 index 0000000..2dec8f8 --- /dev/null +++ b/packages/cahn_demo/client/src/app/utils/createUnsignedRetractionVC.js @@ -0,0 +1,25 @@ +import { retraction } from "@/schemas"; +import { v4 as uuidv4 } from "uuid"; + +const createUnsignedRetractionVC = (idToRevoke) => { + const retractionClaim = { + type: "retraction", + id: `urn:uuid:${uuidv4()}`, + timestamp: Date.now(), + claim_id: idToRevoke, + }; + + const vc_data = JSON.parse(JSON.stringify(retraction)); + vc_data.credentialSubject = retractionClaim; + vc_data.credentialSchema.id = + "https://github.com/nqminds/CAHN/blob/main/packages/schemas/src/retraction.v.1.0.0.schema.yaml"; + + const vc = new window.VerifiableCredential( + vc_data, + JSON.stringify(retraction) + ); + + return vc; +}; + +export default createUnsignedRetractionVC; diff --git a/packages/cahn_demo/client/src/schemas/index.js b/packages/cahn_demo/client/src/schemas/index.js index af8b90f..14c9d8f 100644 --- a/packages/cahn_demo/client/src/schemas/index.js +++ b/packages/cahn_demo/client/src/schemas/index.js @@ -12,6 +12,7 @@ const manufacturer_trust = require("./manufacturer_trust.json"); const sbom_vulnerability = require("./sbom_vulnerability.json"); const sbom = require("./sbom.json"); const user = require("./user.json"); +const retraction = require("./retraction.json"); module.exports = { device_trust, @@ -26,4 +27,5 @@ module.exports = { sbom_vulnerability, sbom, user, + retraction, }; diff --git a/packages/cahn_demo/client/src/schemas/retraction.json b/packages/cahn_demo/client/src/schemas/retraction.json new file mode 100644 index 0000000..ac5492e --- /dev/null +++ b/packages/cahn_demo/client/src/schemas/retraction.json @@ -0,0 +1,44 @@ +{ + "@context": ["https://www.w3.org/ns/credentials/v2"], + "id": "urn:uuid:1cb63635-d3d1-47c1-b653-11e9948ea223", + "type": ["VerifiableCredential", "UserCredential"], + "issuer": "urn:uuid:4e3c2a77-beb1-4ad9-aa8a-c93be6004a7b", + "validFrom": "2024-08-28T14:15:50.312133Z", + "credentialSchema": { + "id": "6924ca71-3c53-4e44-ae03-efb15889f3b5", + "type": "JsonSchema" + }, + "credentialSubject": { + "type": "schema", + "id": "f29ba91e-509f-4c87-a239-b1e81afa941c", + "timestamp": 1716131759000, + "schemaName": "retraction", + "schema": { + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://github.com/nqminds/CAHN/blob/main/packages/schemas/src/device.v.1.0.0.schema.yaml", + "title": "retraction", + "description": "retraction", + "type": "object", + "properties": { + "id": { + "description": "id of the device", + "type": "string" + }, + "claim_id": { + "description": "id of the claim that is being retracted", + "type": "string" + }, + "timestamp": { + "description": "timestamp at which the retraction was made in milliseconds", + "type": "string" + }, + "type": { + "description": "which type of claim is being made", + "type": "string", + "const": "retraction" + } + }, + "required": ["id", "claim_id", "timestamp", "type"] + } + } +} diff --git a/packages/cahn_demo/server/emailToPublicKeys.json b/packages/cahn_demo/server/emailToPublicKeys.json index 0bfadfc..517a902 100644 --- a/packages/cahn_demo/server/emailToPublicKeys.json +++ b/packages/cahn_demo/server/emailToPublicKeys.json @@ -1,5 +1,5 @@ { "henry@nquiringminds.com": [ - "9TgqqUgXTTNBuD7qz9vNouf/26IhCucYpivXoUqSvI8=" + "0xcwX2RHPNQo1+vzqZJ7dsq8DhYbuLc2hviAjBqTGjw=" ] } \ No newline at end of file diff --git a/packages/cahn_demo/server/output/output.pl b/packages/cahn_demo/server/output/output.pl index 53bc3f6..de61723 100644 --- a/packages/cahn_demo/server/output/output.pl +++ b/packages/cahn_demo/server/output/output.pl @@ -69,21 +69,108 @@ % type definitions and get, add, remove function definitions generated from schema claims :- persistent - db:device_type_trust(_AuthoriserId, _CreatedAt, _DeviceTypeId). + db:retraction(_ClaimId, _Id, _Timestamp, _Type). -get_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) :- - with_mutex(db, device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId)). +get_retraction(ClaimId, Id, Timestamp, Type) :- + with_mutex(db, retraction(ClaimId, Id, Timestamp, Type)). -get_all_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId, Matches) :- +get_all_retraction(ClaimId, Id, Timestamp, Type, Matches) :- with_mutex(db, - findall(device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId), - device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId), + findall(retraction(ClaimId, Id, Timestamp, Type), + retraction(ClaimId, Id, Timestamp, Type), Matches) ). -add_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) :- +add_retraction(ClaimId, Id, Timestamp, Type) :- % Validate required fields - validate_required(DeviceTypeId, "DeviceTypeId"), + validate_required(Id, "Id"), + validate_required(ClaimId, "ClaimId"), + validate_required(Timestamp, "Timestamp"), + validate_required(Type, "Type"), + % Check unique fields are unique + % Validate and assert ClaimId + validate_type_string(ClaimId, ValidClaimId, "ClaimId"), + % Validate and assert Id + validate_type_string(Id, ValidId, "Id"), + % Validate and assert Timestamp + validate_type_string(Timestamp, ValidTimestamp, "Timestamp"), + % Validate and assert Type + validate_type_string(Type, ValidType, "Type"), + assert_retraction(ValidClaimId, ValidId, ValidTimestamp, ValidType). + +remove_retraction(ClaimId, Id, Timestamp, Type) :- + retraction(ClaimId, Id, Timestamp, Type), + with_mutex(db, ( + retractall_retraction(ClaimId, Id, Timestamp, Type) + )). + +:- persistent + db:device(_CreatedAt, _Id, _Idevid, _Name). + +get_device(CreatedAt, Id, Idevid, Name) :- + with_mutex(db, device(CreatedAt, Id, Idevid, Name)). + +get_all_device(CreatedAt, Id, Idevid, Name, Matches) :- + with_mutex(db, + findall(device(CreatedAt, Id, Idevid, Name), + device(CreatedAt, Id, Idevid, Name), + Matches) +). + +add_device(CreatedAt, Id, Idevid, Name) :- + % Validate required fields + validate_required(Id, "Id"), + validate_required(Name, "Name"), + validate_required(Idevid, "Idevid"), + validate_required(CreatedAt, "CreatedAt"), + % Check unique fields are unique + (device(_,Id,_,_) -> + format(atom(Msg), 'found existing device with Id "~w"', [Id]), + !, + throw(error(Msg)) + ; true), + (device(_,_,_,Name) -> + format(atom(Msg), 'found existing device with Name "~w"', [Name]), + !, + throw(error(Msg)) + ; true), + (device(_,_,Idevid,_) -> + format(atom(Msg), 'found existing device with Idevid "~w"', [Idevid]), + !, + throw(error(Msg)) + ; true), + % Validate and assert CreatedAt + validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), + % Validate and assert Id + validate_type_string(Id, ValidId, "Id"), + % Validate and assert Idevid + validate_type_string(Idevid, ValidIdevid, "Idevid"), + % Validate and assert Name + validate_type_string(Name, ValidName, "Name"), + assert_device(ValidCreatedAt, ValidId, ValidIdevid, ValidName). + +remove_device(CreatedAt, Id, Idevid, Name) :- + device(CreatedAt, Id, Idevid, Name), + with_mutex(db, ( + retractall_device(CreatedAt, Id, Idevid, Name) + )). + +:- persistent + db:device_trust(_AuthoriserId, _CreatedAt, _DeviceId). + +get_device_trust(AuthoriserId, CreatedAt, DeviceId) :- + with_mutex(db, device_trust(AuthoriserId, CreatedAt, DeviceId)). + +get_all_device_trust(AuthoriserId, CreatedAt, DeviceId, Matches) :- + with_mutex(db, + findall(device_trust(AuthoriserId, CreatedAt, DeviceId), + device_trust(AuthoriserId, CreatedAt, DeviceId), + Matches) +). + +add_device_trust(AuthoriserId, CreatedAt, DeviceId) :- + % Validate required fields + validate_required(DeviceId, "DeviceId"), validate_required(AuthoriserId, "AuthoriserId"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique @@ -91,47 +178,57 @@ validate_type_string(AuthoriserId, ValidAuthoriserId, "AuthoriserId"), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert DeviceTypeId - validate_type_string(DeviceTypeId, ValidDeviceTypeId, "DeviceTypeId"), - assert_device_type_trust(ValidAuthoriserId, ValidCreatedAt, ValidDeviceTypeId). + % Validate and assert DeviceId + validate_type_string(DeviceId, ValidDeviceId, "DeviceId"), + assert_device_trust(ValidAuthoriserId, ValidCreatedAt, ValidDeviceId). -remove_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) :- - device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId), +remove_device_trust(AuthoriserId, CreatedAt, DeviceId) :- + device_trust(AuthoriserId, CreatedAt, DeviceId), with_mutex(db, ( - retractall_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) + retractall_device_trust(AuthoriserId, CreatedAt, DeviceId) )). :- persistent - db:sbom_vulnerability(_CreatedAt, _SbomId, _VulnerabilityScore). + db:manufacturer(_CreatedAt, _Id, _Name). -get_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) :- - with_mutex(db, sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore)). +get_manufacturer(CreatedAt, Id, Name) :- + with_mutex(db, manufacturer(CreatedAt, Id, Name)). -get_all_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore, Matches) :- +get_all_manufacturer(CreatedAt, Id, Name, Matches) :- with_mutex(db, - findall(sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore), - sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore), + findall(manufacturer(CreatedAt, Id, Name), + manufacturer(CreatedAt, Id, Name), Matches) ). -add_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) :- +add_manufacturer(CreatedAt, Id, Name) :- % Validate required fields - validate_required(SbomId, "SbomId"), - validate_required(VulnerabilityScore, "VulnerabilityScore"), + validate_required(Id, "Id"), + validate_required(Name, "Name"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique + (manufacturer(_,Id,_) -> + format(atom(Msg), 'found existing manufacturer with Id "~w"', [Id]), + !, + throw(error(Msg)) + ; true), + (manufacturer(_,_,Name) -> + format(atom(Msg), 'found existing manufacturer with Name "~w"', [Name]), + !, + throw(error(Msg)) + ; true), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert SbomId - validate_type_string(SbomId, ValidSbomId, "SbomId"), - % Validate and assert VulnerabilityScore - validate_type_number(VulnerabilityScore, ValidVulnerabilityScore, "VulnerabilityScore"), - assert_sbom_vulnerability(ValidCreatedAt, ValidSbomId, ValidVulnerabilityScore). + % Validate and assert Id + validate_type_string(Id, ValidId, "Id"), + % Validate and assert Name + validate_type_string(Name, ValidName, "Name"), + assert_manufacturer(ValidCreatedAt, ValidId, ValidName). -remove_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) :- - sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore), +remove_manufacturer(CreatedAt, Id, Name) :- + manufacturer(CreatedAt, Id, Name), with_mutex(db, ( - retractall_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) + retractall_manufacturer(CreatedAt, Id, Name) )). :- persistent @@ -184,206 +281,168 @@ )). :- persistent - db:device(_CreatedAt, _Id, _Idevid, _Name). + db:sbom_vulnerability(_CreatedAt, _SbomId, _VulnerabilityScore). -get_device(CreatedAt, Id, Idevid, Name) :- - with_mutex(db, device(CreatedAt, Id, Idevid, Name)). +get_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) :- + with_mutex(db, sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore)). -get_all_device(CreatedAt, Id, Idevid, Name, Matches) :- +get_all_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore, Matches) :- with_mutex(db, - findall(device(CreatedAt, Id, Idevid, Name), - device(CreatedAt, Id, Idevid, Name), + findall(sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore), + sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore), Matches) ). -add_device(CreatedAt, Id, Idevid, Name) :- +add_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) :- % Validate required fields - validate_required(Id, "Id"), - validate_required(Name, "Name"), - validate_required(Idevid, "Idevid"), + validate_required(SbomId, "SbomId"), + validate_required(VulnerabilityScore, "VulnerabilityScore"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique - (device(_,Id,_,_) -> - format(atom(Msg), 'found existing device with Id "~w"', [Id]), - !, - throw(error(Msg)) - ; true), - (device(_,_,_,Name) -> - format(atom(Msg), 'found existing device with Name "~w"', [Name]), - !, - throw(error(Msg)) - ; true), - (device(_,_,Idevid,_) -> - format(atom(Msg), 'found existing device with Idevid "~w"', [Idevid]), - !, - throw(error(Msg)) - ; true), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert Id - validate_type_string(Id, ValidId, "Id"), - % Validate and assert Idevid - validate_type_string(Idevid, ValidIdevid, "Idevid"), - % Validate and assert Name - validate_type_string(Name, ValidName, "Name"), - assert_device(ValidCreatedAt, ValidId, ValidIdevid, ValidName). + % Validate and assert SbomId + validate_type_string(SbomId, ValidSbomId, "SbomId"), + % Validate and assert VulnerabilityScore + validate_type_number(VulnerabilityScore, ValidVulnerabilityScore, "VulnerabilityScore"), + assert_sbom_vulnerability(ValidCreatedAt, ValidSbomId, ValidVulnerabilityScore). -remove_device(CreatedAt, Id, Idevid, Name) :- - device(CreatedAt, Id, Idevid, Name), +remove_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) :- + sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore), with_mutex(db, ( - retractall_device(CreatedAt, Id, Idevid, Name) + retractall_sbom_vulnerability(CreatedAt, SbomId, VulnerabilityScore) )). :- persistent - db:manufactured(_CreatedAt, _DeviceId, _ManufacturerId). + db:manufacturer_trust(_AuthoriserId, _CreatedAt, _ManufacturerId). -get_manufactured(CreatedAt, DeviceId, ManufacturerId) :- - with_mutex(db, manufactured(CreatedAt, DeviceId, ManufacturerId)). +get_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) :- + with_mutex(db, manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId)). -get_all_manufactured(CreatedAt, DeviceId, ManufacturerId, Matches) :- +get_all_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId, Matches) :- with_mutex(db, - findall(manufactured(CreatedAt, DeviceId, ManufacturerId), - manufactured(CreatedAt, DeviceId, ManufacturerId), + findall(manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId), + manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId), Matches) ). -add_manufactured(CreatedAt, DeviceId, ManufacturerId) :- +add_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) :- % Validate required fields - validate_required(DeviceId, "DeviceId"), + validate_required(AuthoriserId, "AuthoriserId"), validate_required(ManufacturerId, "ManufacturerId"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique + % Validate and assert AuthoriserId + validate_type_string(AuthoriserId, ValidAuthoriserId, "AuthoriserId"), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert DeviceId - validate_type_string(DeviceId, ValidDeviceId, "DeviceId"), % Validate and assert ManufacturerId validate_type_string(ManufacturerId, ValidManufacturerId, "ManufacturerId"), - assert_manufactured(ValidCreatedAt, ValidDeviceId, ValidManufacturerId). + assert_manufacturer_trust(ValidAuthoriserId, ValidCreatedAt, ValidManufacturerId). -remove_manufactured(CreatedAt, DeviceId, ManufacturerId) :- - manufactured(CreatedAt, DeviceId, ManufacturerId), +remove_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) :- + manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId), with_mutex(db, ( - retractall_manufactured(CreatedAt, DeviceId, ManufacturerId) + retractall_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) )). :- persistent - db:manufacturer_trust(_AuthoriserId, _CreatedAt, _ManufacturerId). + db:device_type_trust(_AuthoriserId, _CreatedAt, _DeviceTypeId). -get_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) :- - with_mutex(db, manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId)). +get_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) :- + with_mutex(db, device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId)). -get_all_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId, Matches) :- +get_all_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId, Matches) :- with_mutex(db, - findall(manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId), - manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId), + findall(device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId), + device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId), Matches) ). -add_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) :- +add_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) :- % Validate required fields + validate_required(DeviceTypeId, "DeviceTypeId"), validate_required(AuthoriserId, "AuthoriserId"), - validate_required(ManufacturerId, "ManufacturerId"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique % Validate and assert AuthoriserId validate_type_string(AuthoriserId, ValidAuthoriserId, "AuthoriserId"), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert ManufacturerId - validate_type_string(ManufacturerId, ValidManufacturerId, "ManufacturerId"), - assert_manufacturer_trust(ValidAuthoriserId, ValidCreatedAt, ValidManufacturerId). + % Validate and assert DeviceTypeId + validate_type_string(DeviceTypeId, ValidDeviceTypeId, "DeviceTypeId"), + assert_device_type_trust(ValidAuthoriserId, ValidCreatedAt, ValidDeviceTypeId). -remove_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) :- - manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId), +remove_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) :- + device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId), with_mutex(db, ( - retractall_manufacturer_trust(AuthoriserId, CreatedAt, ManufacturerId) + retractall_device_type_trust(AuthoriserId, CreatedAt, DeviceTypeId) )). :- persistent - db:sbom(_CreatedAt, _Id, _Sbom). + db:is_of_device_type(_CreatedAt, _DeviceId, _DeviceTypeId). -get_sbom(CreatedAt, Id, Sbom) :- - with_mutex(db, sbom(CreatedAt, Id, Sbom)). +get_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) :- + with_mutex(db, is_of_device_type(CreatedAt, DeviceId, DeviceTypeId)). -get_all_sbom(CreatedAt, Id, Sbom, Matches) :- +get_all_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId, Matches) :- with_mutex(db, - findall(sbom(CreatedAt, Id, Sbom), - sbom(CreatedAt, Id, Sbom), + findall(is_of_device_type(CreatedAt, DeviceId, DeviceTypeId), + is_of_device_type(CreatedAt, DeviceId, DeviceTypeId), Matches) ). -add_sbom(CreatedAt, Id, Sbom) :- +add_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) :- % Validate required fields - validate_required(Id, "Id"), - validate_required(Sbom, "Sbom"), + validate_required(DeviceId, "DeviceId"), + validate_required(DeviceTypeId, "DeviceTypeId"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique - (sbom(_,Id,_) -> - format(atom(Msg), 'found existing sbom with Id "~w"', [Id]), - !, - throw(error(Msg)) - ; true), - (sbom(_,_,Sbom) -> - format(atom(Msg), 'found existing sbom with Sbom "~w"', [Sbom]), - !, - throw(error(Msg)) - ; true), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert Id - validate_type_string(Id, ValidId, "Id"), - % Validate and assert Sbom - validate_type_string(Sbom, ValidSbom, "Sbom"), - assert_sbom(ValidCreatedAt, ValidId, ValidSbom). + % Validate and assert DeviceId + validate_type_string(DeviceId, ValidDeviceId, "DeviceId"), + % Validate and assert DeviceTypeId + validate_type_string(DeviceTypeId, ValidDeviceTypeId, "DeviceTypeId"), + assert_is_of_device_type(ValidCreatedAt, ValidDeviceId, ValidDeviceTypeId). -remove_sbom(CreatedAt, Id, Sbom) :- - sbom(CreatedAt, Id, Sbom), +remove_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) :- + is_of_device_type(CreatedAt, DeviceId, DeviceTypeId), with_mutex(db, ( - retractall_sbom(CreatedAt, Id, Sbom) + retractall_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) )). :- persistent - db:manufacturer(_CreatedAt, _Id, _Name). + db:has_sbom(_CreatedAt, _DeviceTypeId, _SbomId). -get_manufacturer(CreatedAt, Id, Name) :- - with_mutex(db, manufacturer(CreatedAt, Id, Name)). +get_has_sbom(CreatedAt, DeviceTypeId, SbomId) :- + with_mutex(db, has_sbom(CreatedAt, DeviceTypeId, SbomId)). -get_all_manufacturer(CreatedAt, Id, Name, Matches) :- +get_all_has_sbom(CreatedAt, DeviceTypeId, SbomId, Matches) :- with_mutex(db, - findall(manufacturer(CreatedAt, Id, Name), - manufacturer(CreatedAt, Id, Name), + findall(has_sbom(CreatedAt, DeviceTypeId, SbomId), + has_sbom(CreatedAt, DeviceTypeId, SbomId), Matches) ). -add_manufacturer(CreatedAt, Id, Name) :- +add_has_sbom(CreatedAt, DeviceTypeId, SbomId) :- % Validate required fields - validate_required(Id, "Id"), - validate_required(Name, "Name"), + validate_required(SbomId, "SbomId"), + validate_required(DeviceTypeId, "DeviceTypeId"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique - (manufacturer(_,Id,_) -> - format(atom(Msg), 'found existing manufacturer with Id "~w"', [Id]), - !, - throw(error(Msg)) - ; true), - (manufacturer(_,_,Name) -> - format(atom(Msg), 'found existing manufacturer with Name "~w"', [Name]), - !, - throw(error(Msg)) - ; true), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert Id - validate_type_string(Id, ValidId, "Id"), - % Validate and assert Name - validate_type_string(Name, ValidName, "Name"), - assert_manufacturer(ValidCreatedAt, ValidId, ValidName). + % Validate and assert DeviceTypeId + validate_type_string(DeviceTypeId, ValidDeviceTypeId, "DeviceTypeId"), + % Validate and assert SbomId + validate_type_string(SbomId, ValidSbomId, "SbomId"), + assert_has_sbom(ValidCreatedAt, ValidDeviceTypeId, ValidSbomId). -remove_manufacturer(CreatedAt, Id, Name) :- - manufacturer(CreatedAt, Id, Name), +remove_has_sbom(CreatedAt, DeviceTypeId, SbomId) :- + has_sbom(CreatedAt, DeviceTypeId, SbomId), with_mutex(db, ( - retractall_manufacturer(CreatedAt, Id, Name) + retractall_has_sbom(CreatedAt, DeviceTypeId, SbomId) )). :- persistent @@ -420,69 +479,79 @@ )). :- persistent - db:device_trust(_AuthoriserId, _CreatedAt, _DeviceId). + db:manufactured(_CreatedAt, _DeviceId, _ManufacturerId). -get_device_trust(AuthoriserId, CreatedAt, DeviceId) :- - with_mutex(db, device_trust(AuthoriserId, CreatedAt, DeviceId)). +get_manufactured(CreatedAt, DeviceId, ManufacturerId) :- + with_mutex(db, manufactured(CreatedAt, DeviceId, ManufacturerId)). -get_all_device_trust(AuthoriserId, CreatedAt, DeviceId, Matches) :- +get_all_manufactured(CreatedAt, DeviceId, ManufacturerId, Matches) :- with_mutex(db, - findall(device_trust(AuthoriserId, CreatedAt, DeviceId), - device_trust(AuthoriserId, CreatedAt, DeviceId), + findall(manufactured(CreatedAt, DeviceId, ManufacturerId), + manufactured(CreatedAt, DeviceId, ManufacturerId), Matches) ). -add_device_trust(AuthoriserId, CreatedAt, DeviceId) :- +add_manufactured(CreatedAt, DeviceId, ManufacturerId) :- % Validate required fields validate_required(DeviceId, "DeviceId"), - validate_required(AuthoriserId, "AuthoriserId"), + validate_required(ManufacturerId, "ManufacturerId"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique - % Validate and assert AuthoriserId - validate_type_string(AuthoriserId, ValidAuthoriserId, "AuthoriserId"), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), % Validate and assert DeviceId validate_type_string(DeviceId, ValidDeviceId, "DeviceId"), - assert_device_trust(ValidAuthoriserId, ValidCreatedAt, ValidDeviceId). + % Validate and assert ManufacturerId + validate_type_string(ManufacturerId, ValidManufacturerId, "ManufacturerId"), + assert_manufactured(ValidCreatedAt, ValidDeviceId, ValidManufacturerId). -remove_device_trust(AuthoriserId, CreatedAt, DeviceId) :- - device_trust(AuthoriserId, CreatedAt, DeviceId), +remove_manufactured(CreatedAt, DeviceId, ManufacturerId) :- + manufactured(CreatedAt, DeviceId, ManufacturerId), with_mutex(db, ( - retractall_device_trust(AuthoriserId, CreatedAt, DeviceId) + retractall_manufactured(CreatedAt, DeviceId, ManufacturerId) )). :- persistent - db:has_sbom(_CreatedAt, _DeviceTypeId, _SbomId). + db:sbom(_CreatedAt, _Id, _Sbom). -get_has_sbom(CreatedAt, DeviceTypeId, SbomId) :- - with_mutex(db, has_sbom(CreatedAt, DeviceTypeId, SbomId)). +get_sbom(CreatedAt, Id, Sbom) :- + with_mutex(db, sbom(CreatedAt, Id, Sbom)). -get_all_has_sbom(CreatedAt, DeviceTypeId, SbomId, Matches) :- +get_all_sbom(CreatedAt, Id, Sbom, Matches) :- with_mutex(db, - findall(has_sbom(CreatedAt, DeviceTypeId, SbomId), - has_sbom(CreatedAt, DeviceTypeId, SbomId), + findall(sbom(CreatedAt, Id, Sbom), + sbom(CreatedAt, Id, Sbom), Matches) ). -add_has_sbom(CreatedAt, DeviceTypeId, SbomId) :- +add_sbom(CreatedAt, Id, Sbom) :- % Validate required fields - validate_required(SbomId, "SbomId"), - validate_required(DeviceTypeId, "DeviceTypeId"), + validate_required(Id, "Id"), + validate_required(Sbom, "Sbom"), validate_required(CreatedAt, "CreatedAt"), % Check unique fields are unique + (sbom(_,Id,_) -> + format(atom(Msg), 'found existing sbom with Id "~w"', [Id]), + !, + throw(error(Msg)) + ; true), + (sbom(_,_,Sbom) -> + format(atom(Msg), 'found existing sbom with Sbom "~w"', [Sbom]), + !, + throw(error(Msg)) + ; true), % Validate and assert CreatedAt validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert DeviceTypeId - validate_type_string(DeviceTypeId, ValidDeviceTypeId, "DeviceTypeId"), - % Validate and assert SbomId - validate_type_string(SbomId, ValidSbomId, "SbomId"), - assert_has_sbom(ValidCreatedAt, ValidDeviceTypeId, ValidSbomId). + % Validate and assert Id + validate_type_string(Id, ValidId, "Id"), + % Validate and assert Sbom + validate_type_string(Sbom, ValidSbom, "Sbom"), + assert_sbom(ValidCreatedAt, ValidId, ValidSbom). -remove_has_sbom(CreatedAt, DeviceTypeId, SbomId) :- - has_sbom(CreatedAt, DeviceTypeId, SbomId), +remove_sbom(CreatedAt, Id, Sbom) :- + sbom(CreatedAt, Id, Sbom), with_mutex(db, ( - retractall_has_sbom(CreatedAt, DeviceTypeId, SbomId) + retractall_sbom(CreatedAt, Id, Sbom) )). :- persistent @@ -528,39 +597,6 @@ retractall_device_type(CreatedAt, Id, Name) )). -:- persistent - db:is_of_device_type(_CreatedAt, _DeviceId, _DeviceTypeId). - -get_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) :- - with_mutex(db, is_of_device_type(CreatedAt, DeviceId, DeviceTypeId)). - -get_all_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId, Matches) :- - with_mutex(db, - findall(is_of_device_type(CreatedAt, DeviceId, DeviceTypeId), - is_of_device_type(CreatedAt, DeviceId, DeviceTypeId), - Matches) -). - -add_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) :- - % Validate required fields - validate_required(DeviceId, "DeviceId"), - validate_required(DeviceTypeId, "DeviceTypeId"), - validate_required(CreatedAt, "CreatedAt"), - % Check unique fields are unique - % Validate and assert CreatedAt - validate_type_integer(CreatedAt, ValidCreatedAt, "CreatedAt"), - % Validate and assert DeviceId - validate_type_string(DeviceId, ValidDeviceId, "DeviceId"), - % Validate and assert DeviceTypeId - validate_type_string(DeviceTypeId, ValidDeviceTypeId, "DeviceTypeId"), - assert_is_of_device_type(ValidCreatedAt, ValidDeviceId, ValidDeviceTypeId). - -remove_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) :- - is_of_device_type(CreatedAt, DeviceId, DeviceTypeId), - with_mutex(db, ( - retractall_is_of_device_type(CreatedAt, DeviceId, DeviceTypeId) - )). - % rules from rule claims allowed_to_connect(DeviceId) :- @@ -638,17 +674,6 @@ [CreatedAtDeviceType, DeviceTypeId, DeviceType, SbomData, DeviceDataList, HasTrust]). -output_all_device_data(DeviceDataList) :- - findall(DeviceData, ( - device(CreatedAtDevice, DeviceId, Idevid, Name), - is_of_device_type(CreatedAtDeviceType, DeviceId, DeviceTypeId), - device_type(CreatedAtDeviceType, DeviceTypeId, DeviceType), - manufactured(CreatedAtManufactured, DeviceTypeId, ManufacturerId), - manufacturer(CreatedAtManufacturer, ManufacturerId, Manufacturer), - format(atom(DeviceData), 'ENTRY(CreatedAtDevice: ~w, DeviceId: ~w, Idevid: ~w, Name: ~w, CreatedAtDeviceType: ~w, DeviceTypeId: ~w, DeviceType: ~w, CreatedAtManufactured: ~w, ManufacturerId: ~w, CreatedAtManufacturer: ~w, Manufacturer: ~w)', [CreatedAtDevice, DeviceId, Idevid, Name, CreatedAtDeviceType, DeviceTypeId, DeviceType, CreatedAtManufactured, ManufacturerId, CreatedAtManufacturer, Manufacturer]) - ), DeviceDataList). - - output_device_data(DeviceId, DeviceData) :- device(CreatedAtDevice, DeviceId, Idevid, Name), @@ -674,6 +699,17 @@ [CreatedAtDevice, DeviceId, Idevid, Name, CreatedAtDeviceType, DeviceTypeId, DeviceType, CreatedAtManufactured, ManufacturerId, CreatedAtManufacturer, Manufacturer, CanConnect]). +output_all_device_data(DeviceDataList) :- + findall(DeviceData, ( + device(CreatedAtDevice, DeviceId, Idevid, Name), + is_of_device_type(CreatedAtDeviceType, DeviceId, DeviceTypeId), + device_type(CreatedAtDeviceType, DeviceTypeId, DeviceType), + manufactured(CreatedAtManufactured, DeviceTypeId, ManufacturerId), + manufacturer(CreatedAtManufacturer, ManufacturerId, Manufacturer), + format(atom(DeviceData), 'ENTRY(CreatedAtDevice: ~w, DeviceId: ~w, Idevid: ~w, Name: ~w, CreatedAtDeviceType: ~w, DeviceTypeId: ~w, DeviceType: ~w, CreatedAtManufactured: ~w, ManufacturerId: ~w, CreatedAtManufacturer: ~w, Manufacturer: ~w)', [CreatedAtDevice, DeviceId, Idevid, Name, CreatedAtDeviceType, DeviceTypeId, DeviceType, CreatedAtManufactured, ManufacturerId, CreatedAtManufacturer, Manufacturer]) + ), DeviceDataList). + + output_manufacturer_data(ManufacturerId, ManufacturerData) :- manufacturer(CreatedAtManufacturer, ManufacturerId, Manufacturer), @@ -694,7 +730,7 @@ % Check if there is a user that can issue manufacturer trust ( - once((manufacturer_trust(_, ManufacturerId, UserId), user(_, true, _, _, UserId, _))) -> + once((manufacturer_trust(UserId, _, ManufacturerId), user(_, _, true, _, UserId, _))) -> CanIssueManufacturerTrust = true ; CanIssueManufacturerTrust = false diff --git a/packages/cahn_demo/server/output/output_db.pl b/packages/cahn_demo/server/output/output_db.pl index b9d2554..d5bfa46 100644 --- a/packages/cahn_demo/server/output/output_db.pl +++ b/packages/cahn_demo/server/output/output_db.pl @@ -1,31 +1,31 @@ -created(1725544741.9757743). -assert(device_type(1723716151033,"TrustPhone-id","TrustPhone")). -assert(device_type(1723716151033,"VulnerableCamera-id","VulnerableCamera")). -assert(device_type(1723716151033,"EvilPhone-id","EvilPhone")). -assert(manufacturer_trust("Henry-id",1723716151033,"TrustCorp-id")). +created(1725618720.7430348). +assert(user(false,false,false,1725618378015,"henry@nquiringminds.com","henry-user")). +assert(device(1723716151033,"AshEvilPhone-id","AshEvilPhone-idevid","AshEvilPhone")). +assert(device(1723716151033,"HenryTrustPhone-id","HenryTrustPhone-idevid","HenryTrustPhone")). +assert(device(1723716151033,"HenryVulnerableCamera-id","HenryVulnerableCamera-idevid","HenryVulnerableCamera")). +assert(is_of_device_type(1723716151033,"HenryTrustPhone-id","TrustPhone-id")). +assert(is_of_device_type(1723716151033,"AshEvilPhone-id","EvilPhone-id")). +assert(is_of_device_type(1723716151033,"HenryVulnerableCamera-id","VulnerableCamera-id")). +assert(sbom(1723716151033,"VulnerableCameraSBOM-id","VulnerableCamera SBOM information")). +assert(has_vulnerability(1723716151033,"VulnerableCameraSBOM-id","VulnerableCameraVulnerability-id")). +assert(has_sbom(1723716151033,"VulnerableCamera-id","VulnerableCameraSBOM-id")). +assert(device_type_trust("Henry-id",1723716151033,"VulnerableCamera-id")). +assert(device_type_trust("Ash-id",1723716151033,"EvilPhone-id")). +assert(device_type_trust("Henry-id",1723716151033,"TrustPhone-id")). +assert(device_trust("Henry-id",1723716151033,"HenryTrustPhone-id")). +assert(device_trust("Henry-id",1723716151033,"HenryVulnerableCamera-id")). +assert(device_trust("Ash-id",1723716151033,"AshEvilPhone-id")). assert(manufacturer_trust("Ash-id",1723716151033,"TrustCorp-id")). +assert(manufacturer_trust("Henry-id",1723716151033,"TrustCorp-id")). assert(manufacturer_trust("Ash-id",1723716151033,"EvilInc-id")). -assert(device_type_trust("Henry-id",1723716151033,"TrustPhone-id")). -assert(device_type_trust("Ash-id",1723716151033,"EvilPhone-id")). -assert(device_type_trust("Henry-id",1723716151033,"VulnerableCamera-id")). -assert(user(false,false,false,1723716151033,"Ash-id","ash")). -assert(user(true,true,true,1723716151033,"Henry-id","henry")). -assert(has_vulnerability(1723716151033,"VulnerableCameraSBOM-id","VulnerableCameraVulnerability-id")). assert(manufactured(1723716151033,"EvilPhone-id","EvilInc-id")). assert(manufactured(1723716151033,"TrustPhone-id","TrustCorp-id")). assert(manufactured(1723716151033,"VulnerableCamera-id","EvilInc-id")). +assert(user(true,true,true,1723716151033,"Henry-id","henry")). +assert(user(false,false,false,1723716151033,"Ash-id","ash")). assert(sbom_vulnerability(1723716151033,"VulnerableCameraVulnerability-id",10)). -assert(has_sbom(1723716151033,"VulnerableCamera-id","VulnerableCameraSBOM-id")). -assert(is_of_device_type(1723716151033,"HenryVulnerableCamera-id","VulnerableCamera-id")). -assert(is_of_device_type(1723716151033,"AshEvilPhone-id","EvilPhone-id")). -assert(is_of_device_type(1723716151033,"HenryTrustPhone-id","TrustPhone-id")). -assert(device_trust("Henry-id",1723716151033,"HenryTrustPhone-id")). -assert(device_trust("Henry-id",1723716151033,"HenryVulnerableCamera-id")). -assert(device_trust("Ash-id",1723716151033,"AshEvilPhone-id")). -assert(device(1723716151033,"AshEvilPhone-id","AshEvilPhone-idevid","AshEvilPhone")). -assert(device(1723716151033,"HenryTrustPhone-id","HenryTrustPhone-idevid","HenryTrustPhone")). -assert(device(1723716151033,"HenryVulnerableCamera-id","HenryVulnerableCamera-idevid","HenryVulnerableCamera")). -assert(sbom(1723716151033,"VulnerableCameraSBOM-id","VulnerableCamera SBOM information")). -assert(manufacturer(1723716151033,"EvilInc-id","EvilInc")). assert(manufacturer(1723716151033,"TrustCorp-id","TrustCorp")). -assert(user(false,false,true,1725542453617,"henry@nquiringminds.com","henry-user")). +assert(manufacturer(1723716151033,"EvilInc-id","EvilInc")). +assert(device_type(1723716151033,"VulnerableCamera-id","VulnerableCamera")). +assert(device_type(1723716151033,"TrustPhone-id","TrustPhone")). +assert(device_type(1723716151033,"EvilPhone-id","EvilPhone")). diff --git a/packages/cahn_demo/server/uploads/vcs/custom/User_VC_1725542453617.json b/packages/cahn_demo/server/uploads/vcs/custom/User_VC_1725542453617.json deleted file mode 100644 index a81f5c3..0000000 --- a/packages/cahn_demo/server/uploads/vcs/custom/User_VC_1725542453617.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "@context": [ - "https://www.w3.org/ns/credentials/v2" - ], - "id": "urn:uuid:3a64bb70-5fe7-468c-8027-ac6073ffd96f", - "type": [ - "VerifiableCredential", - "UserCredential" - ], - "name": null, - "description": null, - "issuer": "urn:uuid:5e0d3bf0-f574-46e4-95cf-414b325d59eb", - "validFrom": "2024-09-05T13:20:53.617Z", - "validUntil": null, - "credentialStatus": null, - "credentialSchema": { - "id": "test", - "type": "JsonSchema" - }, - "credentialSubject": { - "type": "fact", - "schemaName": "user", - "id": "396b5d45-92d7-4e41-ba24-30a1fb14a9bf", - "timestamp": 1725542453617, - "fact": { - "can_issue_device_trust": false, - "can_issue_manufacturer_trust": true, - "can_issue_device_type_trust": false, - "created_at": 1725542453617, - "id": "henry@nquiringminds.com", - "username": "henry-user" - } - } -} \ No newline at end of file diff --git a/packages/cahn_demo/server/uploads/vcs/custom/verifiable_credentials_1725618378015.json b/packages/cahn_demo/server/uploads/vcs/custom/verifiable_credentials_1725618378015.json new file mode 100644 index 0000000..cb8bb06 --- /dev/null +++ b/packages/cahn_demo/server/uploads/vcs/custom/verifiable_credentials_1725618378015.json @@ -0,0 +1 @@ +{"@context":["https://www.w3.org/ns/credentials/v2"],"id":"urn:uuid:b7b9132f-d346-4223-9fdd-ab3481c1b361","type":["VerifiableCredential","UserCredential"],"name":null,"description":null,"issuer":"urn:uuid:585df7b5-8891-4630-9f5d-a5659f3abe04","validFrom":"2024-08-28T14:15:50.307579Z","validUntil":null,"credentialStatus":null,"credentialSchema":{"id":"https://github.com/nqminds/ClaimCascade/blob/claim_verifier/packages/claim_verifier/user.yaml","type":"JsonSchema"},"credentialSubject":{"type":"fact","schemaName":"user","id":"7e284f0f-92e4-4a67-9e97-d5b5f5f57420","timestamp":1716287268891,"fact":{"id":"henry@nquiringminds.com","username":"henry-user","created_at":1725618378015,"can_issue_device_type_trust":false,"can_issue_device_trust":false,"can_issue_manufacturer_trust":false}}} diff --git a/packages/cahn_demo/server/uploads/vcs/rules/output_manufacturer_data.json b/packages/cahn_demo/server/uploads/vcs/rules/output_manufacturer_data.json index da5b936..5d520fa 100644 --- a/packages/cahn_demo/server/uploads/vcs/rules/output_manufacturer_data.json +++ b/packages/cahn_demo/server/uploads/vcs/rules/output_manufacturer_data.json @@ -12,6 +12,6 @@ "type": "rule", "id": "b1c3d5e4-f5g6-7h89-i0j1-2k3l4m5n6o7p", "timestamp": 1724315344564, - "rule": "output_manufacturer_data(ManufacturerId, ManufacturerData) :-\n manufacturer(CreatedAtManufacturer, ManufacturerId, Manufacturer),\n\n % Retrieve device type data for devices manufactured by this manufacturer\n findall(DeviceTypeData, (\n manufactured(_CreatedAtManufactured, DeviceTypeId, ManufacturerId),\n\n % Retrieve device type information\n (device_type(CreatedAtDeviceType, DeviceTypeId, DeviceType) ->\n true\n ;\n (CreatedAtDeviceType = unknown, DeviceType = unknown)\n ),\n\n format(atom(DeviceTypeData), '{\"DeviceTypeId\": \"~w\", \"CreatedAtDeviceType\": \"~w\", \"DeviceType\": \"~w\"}', \n [DeviceTypeId, CreatedAtDeviceType, DeviceType])\n ), DeviceTypeDataList),\n\n % Check if there is a user that can issue manufacturer trust\n ( \n once((manufacturer_trust(_, ManufacturerId, UserId), user(_, true, _, _, UserId, _))) ->\n CanIssueManufacturerTrust = true\n ; \n CanIssueManufacturerTrust = false\n ),\n\n % Format the output\n format(atom(ManufacturerData), '{\"CreatedAtManufacturer\": \"~w\", \"ManufacturerId\": \"~w\", \"Manufacturer\": \"~w\", \"DeviceTypes\": ~w, \"HasTrust\": ~w}', \n [CreatedAtManufacturer, ManufacturerId, Manufacturer, DeviceTypeDataList, CanIssueManufacturerTrust])." + "rule": "output_manufacturer_data(ManufacturerId, ManufacturerData) :-\n manufacturer(CreatedAtManufacturer, ManufacturerId, Manufacturer),\n\n % Retrieve device type data for devices manufactured by this manufacturer\n findall(DeviceTypeData, (\n manufactured(_CreatedAtManufactured, DeviceTypeId, ManufacturerId),\n\n % Retrieve device type information\n (device_type(CreatedAtDeviceType, DeviceTypeId, DeviceType) ->\n true\n ;\n (CreatedAtDeviceType = unknown, DeviceType = unknown)\n ),\n\n format(atom(DeviceTypeData), '{\"DeviceTypeId\": \"~w\", \"CreatedAtDeviceType\": \"~w\", \"DeviceType\": \"~w\"}', \n [DeviceTypeId, CreatedAtDeviceType, DeviceType])\n ), DeviceTypeDataList),\n\n % Check if there is a user that can issue manufacturer trust\n ( \n once((manufacturer_trust(UserId, _, ManufacturerId), user(_, _, true, _, UserId, _))) ->\n CanIssueManufacturerTrust = true\n ; \n CanIssueManufacturerTrust = false\n ),\n\n % Format the output\n format(atom(ManufacturerData), '{\"CreatedAtManufacturer\": \"~w\", \"ManufacturerId\": \"~w\", \"Manufacturer\": \"~w\", \"DeviceTypes\": ~w, \"HasTrust\": ~w}', \n [CreatedAtManufacturer, ManufacturerId, Manufacturer, DeviceTypeDataList, CanIssueManufacturerTrust])." } } diff --git a/packages/cahn_demo/server/uploads/vcs/schemas/retraction.json b/packages/cahn_demo/server/uploads/vcs/schemas/retraction.json new file mode 100644 index 0000000..ac5492e --- /dev/null +++ b/packages/cahn_demo/server/uploads/vcs/schemas/retraction.json @@ -0,0 +1,44 @@ +{ + "@context": ["https://www.w3.org/ns/credentials/v2"], + "id": "urn:uuid:1cb63635-d3d1-47c1-b653-11e9948ea223", + "type": ["VerifiableCredential", "UserCredential"], + "issuer": "urn:uuid:4e3c2a77-beb1-4ad9-aa8a-c93be6004a7b", + "validFrom": "2024-08-28T14:15:50.312133Z", + "credentialSchema": { + "id": "6924ca71-3c53-4e44-ae03-efb15889f3b5", + "type": "JsonSchema" + }, + "credentialSubject": { + "type": "schema", + "id": "f29ba91e-509f-4c87-a239-b1e81afa941c", + "timestamp": 1716131759000, + "schemaName": "retraction", + "schema": { + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://github.com/nqminds/CAHN/blob/main/packages/schemas/src/device.v.1.0.0.schema.yaml", + "title": "retraction", + "description": "retraction", + "type": "object", + "properties": { + "id": { + "description": "id of the device", + "type": "string" + }, + "claim_id": { + "description": "id of the claim that is being retracted", + "type": "string" + }, + "timestamp": { + "description": "timestamp at which the retraction was made in milliseconds", + "type": "string" + }, + "type": { + "description": "which type of claim is being made", + "type": "string", + "const": "retraction" + } + }, + "required": ["id", "claim_id", "timestamp", "type"] + } + } +} diff --git a/packages/cahn_demo/server/utils/utils.js b/packages/cahn_demo/server/utils/utils.js index 1afab7c..4050c78 100644 --- a/packages/cahn_demo/server/utils/utils.js +++ b/packages/cahn_demo/server/utils/utils.js @@ -48,6 +48,7 @@ const saveVCForUser = (email) => { id: email, username: `${email.split("@")[0]}-user`, created_at: Date.now(), + can_issue_device_type_trust: false, can_issue_device_trust: false, can_issue_manufacturer_trust: false, },