From 370ecdccf25b83e45d735caafcf57f194d401bd6 Mon Sep 17 00:00:00 2001
From: Emmanuel Leblond <emmanuel.leblond@gmail.com>
Date: Tue, 26 Nov 2024 12:56:40 +0100
Subject: [PATCH] Document a quirk in testbed platform storage behavior

Testbed platform storage always save all certificates in the storage,
this is convenient but doesn't correspond to the actual in-production
behavior where a given user has access of a subset of all realm & shamir
certificates.

In practice this means the higher layers (i.e. `libparsec_client`) are
considered to be aware of this and to implement there code accordingly
(i.e. not crawling over all certificates whithout proper filtering).
---
 libparsec/crates/platform_storage/src/testbed.rs | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/libparsec/crates/platform_storage/src/testbed.rs b/libparsec/crates/platform_storage/src/testbed.rs
index 565dcd7c525..cc4945e792e 100644
--- a/libparsec/crates/platform_storage/src/testbed.rs
+++ b/libparsec/crates/platform_storage/src/testbed.rs
@@ -121,6 +121,11 @@ pub(crate) async fn maybe_populate_certificate_storage(data_base_dir: &Path, dev
                             .add_certificate(certif.deref(), encrypted)
                             .await
                             .unwrap(),
+
+                        // In theory we should skip the certificates related to realm we are not part of,
+                        // but in practice it has no impact since we don't have any operation that crawls
+                        // all the realm in the certificate storage (i.e. we always provide a realm ID when
+                        // querying for realm-related certificates).
                         AnyArcCertificate::RealmRole(certif) => update
                             .add_certificate(certif.deref(), encrypted)
                             .await
@@ -137,6 +142,10 @@ pub(crate) async fn maybe_populate_certificate_storage(data_base_dir: &Path, dev
                             .add_certificate(certif.deref(), encrypted)
                             .await
                             .unwrap(),
+
+                        // Just like for realm, we should in theory skip the shamir certificate not meant to us.
+                        // We do have operations that crawl the whole shamir certificates, but they are aware of
+                        // this shortcoming and deal with them accordingly.
                         AnyArcCertificate::ShamirRecoveryBrief(certif) => update
                             .add_certificate(certif.deref(), encrypted)
                             .await
@@ -149,6 +158,7 @@ pub(crate) async fn maybe_populate_certificate_storage(data_base_dir: &Path, dev
                             .add_certificate(certif.deref(), encrypted)
                             .await
                             .unwrap(),
+
                         AnyArcCertificate::SequesterAuthority(certif) => update
                             .add_certificate(certif.deref(), encrypted)
                             .await