firewalldb+lit: plug in SQL privacy mapper

Author: ellemouton

firewalldb/db.go

@@ -14,21 +14,28 @@ var (
 	ErrNoSuchKeyFound = fmt.Errorf("no such key found")
 )
 
+// firewallDBs is an interface that groups the RulesDB and PrivacyMapper
+// interfaces.
+type firewallDBs interface {
+	RulesDB
+	PrivacyMapper
+}
+
 // DB manages the firewall rules database.
 type DB struct {
 	started sync.Once
 	stopped sync.Once
 
-	RulesDB
+	firewallDBs
 
 	cancel fn.Option[context.CancelFunc]
 }
 
 // NewDB creates a new firewall database. For now, it only contains the
 // underlying rules' database.
-func NewDB(kvdb RulesDB) *DB {
+func NewDB(dbs firewallDBs) *DB {
 	return &DB{
-		RulesDB: kvdb,
+		firewallDBs: dbs,
 	}
 }
 

firewalldb/interface.go

@@ -92,3 +92,11 @@ type RulesDB interface {
 	// DeleteTempKVStores deletes all temporary kv stores.
 	DeleteTempKVStores(ctx context.Context) error
 }
+
+// PrivacyMapper is an interface that abstracts access to the privacy mapper
+// database.
+type PrivacyMapper interface {
+	// PrivacyDB constructs a PrivacyMapDB that will be indexed under the
+	// given group ID key.
+	PrivacyDB(groupID session.ID) PrivacyMapDB
+}

firewalldb/privacy_mapper_kvdb.go

@@ -30,6 +30,8 @@ var (
 
 // PrivacyDB constructs a PrivacyMapDB that will be indexed under the given
 // group ID key.
+//
+// NOTE: this is part of the PrivacyMapper interface.
 func (db *BoltDB) PrivacyDB(groupID session.ID) PrivacyMapDB {
 	return &kvdbExecutor[PrivacyMapTx]{
 		db: db.DB,

firewalldb/privacy_mapper_sql.go

@@ -24,6 +24,8 @@ type SQLPrivacyPairQueries interface {
 
 // PrivacyDB constructs a PrivacyMapDB that will be indexed under the given
 // group ID key.
+//
+// NOTE: this is part of the PrivacyMapper interface.
 func (s *SQLDB) PrivacyDB(groupID session.ID) PrivacyMapDB {
 	return &sqlExecutor[PrivacyMapTx]{
 		db: s.db,

terminal.go

@@ -534,7 +534,7 @@ func (g *LightningTerminal) start(ctx context.Context) error {
 		actionsDB:               g.stores.firewallBolt,
 		autopilot:               g.autopilotClient,
 		ruleMgrs:                g.ruleMgrs,
-		privMap:                 g.stores.firewallBolt.PrivacyDB,
+		privMap:                 g.stores.firewall.PrivacyDB,
 	})
 	if err != nil {
 		return fmt.Errorf("could not create new session rpc "+
@@ -1100,7 +1100,7 @@ func (g *LightningTerminal) startInternalSubServers(ctx context.Context,
 	}
 
 	privacyMapper := firewall.NewPrivacyMapper(
-		g.stores.firewallBolt.PrivacyDB, firewall.CryptoRandIntn,
+		g.stores.firewall.PrivacyDB, firewall.CryptoRandIntn,
 		g.stores.sessions,
 	)
 
@@ -1123,7 +1123,7 @@ func (g *LightningTerminal) startInternalSubServers(ctx context.Context,
 					reqID, firewalldb.ActionStateError,
 					reason,
 				)
-			}, g.stores.firewallBolt.PrivacyDB,
+			}, g.stores.firewall.PrivacyDB,
 		)
 
 		mw = append(mw, ruleEnforcer)