Fix registry

Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>

pkg/registry/common/authorize/ns_client.go

@@ -89,11 +89,13 @@ func (c *authorizeNSClient) Register(ctx context.Context, ns *registry.NetworkSe
 		Index:              path.Index,
 	}
 	if err := c.policies.check(ctx, input); err != nil {
-		unregisterCtx, cancelUnregister := postponeCtxFunc()
-		defer cancelUnregister()
+		if _, load := c.nsPathIdsMap.Load(resp.Name); !load {
+			unregisterCtx, cancelUnregister := postponeCtxFunc()
+			defer cancelUnregister()
 
-		if _, unregisterErr := next.NetworkServiceRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
-			err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			if _, unregisterErr := next.NetworkServiceRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
+				err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			}
 		}
 
 		return nil, err

pkg/registry/common/authorize/ns_client_test.go

@@ -1,4 +1,4 @@
-// Copyright (c) 2022 Cisco and/or its affiliates.
+// Copyright (c) 2022-2023 Cisco and/or its affiliates.
 //
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -25,15 +25,20 @@ import (
 
 	"github.com/networkservicemesh/sdk/pkg/registry/common/authorize"
 	"github.com/networkservicemesh/sdk/pkg/registry/common/grpcmetadata"
+	"github.com/networkservicemesh/sdk/pkg/registry/core/chain"
+	"github.com/networkservicemesh/sdk/pkg/registry/utils/count"
 
 	"go.uber.org/goleak"
 )
 
 func TestNSRegistryAuthorizeClient(t *testing.T) {
 	t.Cleanup(func() { goleak.VerifyNone(t) })
 
-	client := authorize.NewNetworkServiceRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego"))
-	require.NotNil(t, client)
+	var callCounter = &count.CallCounter{}
+	client := chain.NewNetworkServiceRegistryClient(
+		authorize.NewNetworkServiceRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego")),
+		count.NewNetworkServiceRegistryClient(callCounter),
+	)
 
 	ns := &registry.NetworkService{Name: "ns"}
 	path1 := getPath(t, spiffeid1)
@@ -45,20 +50,27 @@ func TestNSRegistryAuthorizeClient(t *testing.T) {
 	ns.PathIds = []string{spiffeid1}
 	_, err := client.Register(ctx1, ns)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 1)
 
 	ns.PathIds = []string{spiffeid2}
 	_, err = client.Register(ctx2, ns)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Registers(), 2)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	ns.PathIds = []string{spiffeid1}
 	_, err = client.Register(ctx1, ns)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 3)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	ns.PathIds = []string{spiffeid2}
 	_, err = client.Unregister(ctx2, ns)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Unregisters(), 1)
 
 	ns.PathIds = []string{spiffeid1}
 	_, err = client.Unregister(ctx1, ns)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Unregisters(), 2)
 }

pkg/registry/common/authorize/nse_client.go

@@ -88,11 +88,13 @@ func (c *authorizeNSEClient) Register(ctx context.Context, nse *registry.Network
 		Index:              path.Index,
 	}
 	if err := c.policies.check(ctx, input); err != nil {
-		unregisterCtx, cancelUnregister := postponeCtxFunc()
-		defer cancelUnregister()
+		if _, load := c.nsePathIdsMap.Load(resp.Name); !load {
+			unregisterCtx, cancelUnregister := postponeCtxFunc()
+			defer cancelUnregister()
 
-		if _, unregisterErr := next.NetworkServiceEndpointRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
-			err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			if _, unregisterErr := next.NetworkServiceEndpointRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
+				err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			}
 		}
 
 		return nil, err

pkg/registry/common/authorize/nse_client_test.go

@@ -1,4 +1,4 @@
-// Copyright (c) 2022 Cisco and/or its affiliates.
+// Copyright (c) 2022-2023 Cisco and/or its affiliates.
 //
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -25,15 +25,20 @@ import (
 
 	"github.com/networkservicemesh/sdk/pkg/registry/common/authorize"
 	"github.com/networkservicemesh/sdk/pkg/registry/common/grpcmetadata"
+	"github.com/networkservicemesh/sdk/pkg/registry/core/chain"
+	"github.com/networkservicemesh/sdk/pkg/registry/utils/count"
 
 	"go.uber.org/goleak"
 )
 
 func TestNSERegistryAuthorizeClient(t *testing.T) {
 	t.Cleanup(func() { goleak.VerifyNone(t) })
 
-	client := authorize.NewNetworkServiceEndpointRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego"))
-	require.NotNil(t, client)
+	var callCounter = &count.CallCounter{}
+	client := chain.NewNetworkServiceEndpointRegistryClient(
+		authorize.NewNetworkServiceEndpointRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego")),
+		count.NewNetworkServiceEndpointRegistryClient(callCounter),
+	)
 
 	nse := &registry.NetworkServiceEndpoint{Name: "nse"}
 	path1 := getPath(t, spiffeid1)
@@ -45,20 +50,27 @@ func TestNSERegistryAuthorizeClient(t *testing.T) {
 	nse.PathIds = []string{spiffeid1}
 	_, err := client.Register(ctx1, nse)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 1)
 
 	nse.PathIds = []string{spiffeid2}
 	_, err = client.Register(ctx2, nse)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Registers(), 2)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	nse.PathIds = []string{spiffeid1}
 	_, err = client.Register(ctx1, nse)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 3)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	nse.PathIds = []string{spiffeid2}
 	_, err = client.Unregister(ctx2, nse)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Unregisters(), 1)
 
 	nse.PathIds = []string{spiffeid1}
 	_, err = client.Unregister(ctx1, nse)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Unregisters(), 2)
 }