From b528f4015411334d8f1af305e0a0f80d301fc3d0 Mon Sep 17 00:00:00 2001
From: Artem Glazychev <artem.glazychev@xored.com>
Date: Tue, 28 Nov 2023 14:07:13 +0700
Subject: [PATCH] Fix registry

Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
---
 pkg/registry/common/authorize/ns_client.go     | 10 ++++++----
 .../common/authorize/ns_client_test.go         | 18 +++++++++++++++---
 pkg/registry/common/authorize/nse_client.go    | 10 ++++++----
 .../common/authorize/nse_client_test.go        | 18 +++++++++++++++---
 4 files changed, 42 insertions(+), 14 deletions(-)

diff --git a/pkg/registry/common/authorize/ns_client.go b/pkg/registry/common/authorize/ns_client.go
index e6b8e7876..7a24454be 100644
--- a/pkg/registry/common/authorize/ns_client.go
+++ b/pkg/registry/common/authorize/ns_client.go
@@ -89,11 +89,13 @@ func (c *authorizeNSClient) Register(ctx context.Context, ns *registry.NetworkSe
 		Index:              path.Index,
 	}
 	if err := c.policies.check(ctx, input); err != nil {
-		unregisterCtx, cancelUnregister := postponeCtxFunc()
-		defer cancelUnregister()
+		if _, load := c.nsPathIdsMap.Load(resp.Name); !load {
+			unregisterCtx, cancelUnregister := postponeCtxFunc()
+			defer cancelUnregister()
 
-		if _, unregisterErr := next.NetworkServiceRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
-			err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			if _, unregisterErr := next.NetworkServiceRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
+				err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			}
 		}
 
 		return nil, err
diff --git a/pkg/registry/common/authorize/ns_client_test.go b/pkg/registry/common/authorize/ns_client_test.go
index cf676a6f5..73d0da7d6 100644
--- a/pkg/registry/common/authorize/ns_client_test.go
+++ b/pkg/registry/common/authorize/ns_client_test.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2022 Cisco and/or its affiliates.
+// Copyright (c) 2022-2023 Cisco and/or its affiliates.
 //
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -25,6 +25,8 @@ import (
 
 	"github.com/networkservicemesh/sdk/pkg/registry/common/authorize"
 	"github.com/networkservicemesh/sdk/pkg/registry/common/grpcmetadata"
+	"github.com/networkservicemesh/sdk/pkg/registry/core/chain"
+	"github.com/networkservicemesh/sdk/pkg/registry/utils/count"
 
 	"go.uber.org/goleak"
 )
@@ -32,8 +34,11 @@ import (
 func TestNSRegistryAuthorizeClient(t *testing.T) {
 	t.Cleanup(func() { goleak.VerifyNone(t) })
 
-	client := authorize.NewNetworkServiceRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego"))
-	require.NotNil(t, client)
+	var callCounter = &count.CallCounter{}
+	client := chain.NewNetworkServiceRegistryClient(
+		authorize.NewNetworkServiceRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego")),
+		count.NewNetworkServiceRegistryClient(callCounter),
+	)
 
 	ns := &registry.NetworkService{Name: "ns"}
 	path1 := getPath(t, spiffeid1)
@@ -45,20 +50,27 @@ func TestNSRegistryAuthorizeClient(t *testing.T) {
 	ns.PathIds = []string{spiffeid1}
 	_, err := client.Register(ctx1, ns)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 1)
 
 	ns.PathIds = []string{spiffeid2}
 	_, err = client.Register(ctx2, ns)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Registers(), 2)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	ns.PathIds = []string{spiffeid1}
 	_, err = client.Register(ctx1, ns)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 3)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	ns.PathIds = []string{spiffeid2}
 	_, err = client.Unregister(ctx2, ns)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Unregisters(), 1)
 
 	ns.PathIds = []string{spiffeid1}
 	_, err = client.Unregister(ctx1, ns)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Unregisters(), 2)
 }
diff --git a/pkg/registry/common/authorize/nse_client.go b/pkg/registry/common/authorize/nse_client.go
index e3a1822d9..70b324462 100644
--- a/pkg/registry/common/authorize/nse_client.go
+++ b/pkg/registry/common/authorize/nse_client.go
@@ -88,11 +88,13 @@ func (c *authorizeNSEClient) Register(ctx context.Context, nse *registry.Network
 		Index:              path.Index,
 	}
 	if err := c.policies.check(ctx, input); err != nil {
-		unregisterCtx, cancelUnregister := postponeCtxFunc()
-		defer cancelUnregister()
+		if _, load := c.nsePathIdsMap.Load(resp.Name); !load {
+			unregisterCtx, cancelUnregister := postponeCtxFunc()
+			defer cancelUnregister()
 
-		if _, unregisterErr := next.NetworkServiceEndpointRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
-			err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			if _, unregisterErr := next.NetworkServiceEndpointRegistryClient(ctx).Unregister(unregisterCtx, resp, opts...); unregisterErr != nil {
+				err = errors.Wrapf(err, "nse unregistered with error: %s", unregisterErr.Error())
+			}
 		}
 
 		return nil, err
diff --git a/pkg/registry/common/authorize/nse_client_test.go b/pkg/registry/common/authorize/nse_client_test.go
index 54b89f87c..595ae9692 100644
--- a/pkg/registry/common/authorize/nse_client_test.go
+++ b/pkg/registry/common/authorize/nse_client_test.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2022 Cisco and/or its affiliates.
+// Copyright (c) 2022-2023 Cisco and/or its affiliates.
 //
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -25,6 +25,8 @@ import (
 
 	"github.com/networkservicemesh/sdk/pkg/registry/common/authorize"
 	"github.com/networkservicemesh/sdk/pkg/registry/common/grpcmetadata"
+	"github.com/networkservicemesh/sdk/pkg/registry/core/chain"
+	"github.com/networkservicemesh/sdk/pkg/registry/utils/count"
 
 	"go.uber.org/goleak"
 )
@@ -32,8 +34,11 @@ import (
 func TestNSERegistryAuthorizeClient(t *testing.T) {
 	t.Cleanup(func() { goleak.VerifyNone(t) })
 
-	client := authorize.NewNetworkServiceEndpointRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego"))
-	require.NotNil(t, client)
+	var callCounter = &count.CallCounter{}
+	client := chain.NewNetworkServiceEndpointRegistryClient(
+		authorize.NewNetworkServiceEndpointRegistryClient(authorize.WithPolicies("etc/nsm/opa/registry/client_allowed.rego")),
+		count.NewNetworkServiceEndpointRegistryClient(callCounter),
+	)
 
 	nse := &registry.NetworkServiceEndpoint{Name: "nse"}
 	path1 := getPath(t, spiffeid1)
@@ -45,20 +50,27 @@ func TestNSERegistryAuthorizeClient(t *testing.T) {
 	nse.PathIds = []string{spiffeid1}
 	_, err := client.Register(ctx1, nse)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 1)
 
 	nse.PathIds = []string{spiffeid2}
 	_, err = client.Register(ctx2, nse)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Registers(), 2)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	nse.PathIds = []string{spiffeid1}
 	_, err = client.Register(ctx1, nse)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Registers(), 3)
+	require.Equal(t, callCounter.Unregisters(), 0)
 
 	nse.PathIds = []string{spiffeid2}
 	_, err = client.Unregister(ctx2, nse)
 	require.Error(t, err)
+	require.Equal(t, callCounter.Unregisters(), 1)
 
 	nse.PathIds = []string{spiffeid1}
 	_, err = client.Unregister(ctx1, nse)
 	require.NoError(t, err)
+	require.Equal(t, callCounter.Unregisters(), 2)
 }