feat: enforce account-scoped remote delivery semantics

2026-02-23 14:36:44 -05:00
parent ec373d36f6
commit 6a05308143
10 changed files with 531 additions and 44 deletions
--- a/tests/NATS.Server.Tests/Gateways/GatewayAccountScopedDeliveryTests.cs
+++ b/tests/NATS.Server.Tests/Gateways/GatewayAccountScopedDeliveryTests.cs
@@ -0,0 +1,140 @@
+using Microsoft.Extensions.Logging.Abstractions;
+using NATS.Client.Core;
+using NATS.Server.Auth;
+using NATS.Server.Configuration;
+
+namespace NATS.Server.Tests.Gateways;
+
+public class GatewayAccountScopedDeliveryTests
+{
+    [Fact]
+    public async Task Remote_message_delivery_uses_target_account_sublist_not_global_sublist()
+    {
+        const string subject = "orders.created";
+        await using var fixture = await GatewayAccountDeliveryFixture.StartAsync();
+
+        await using var remoteAccountA = await fixture.ConnectAsync(fixture.Remote, "a_sub");
+        await using var remoteAccountB = await fixture.ConnectAsync(fixture.Remote, "b_sub");
+        await using var publisher = await fixture.ConnectAsync(fixture.Local, "a_pub");
+
+        await using var subA = await remoteAccountA.SubscribeCoreAsync<string>(subject);
+        await using var subB = await remoteAccountB.SubscribeCoreAsync<string>(subject);
+        await remoteAccountA.PingAsync();
+        await remoteAccountB.PingAsync();
+        await fixture.WaitForRemoteInterestOnLocalAsync("A", subject);
+
+        await publisher.PublishAsync(subject, "from-gateway-a");
+
+        using var receiveTimeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        var msgA = await subA.Msgs.ReadAsync(receiveTimeout.Token);
+        msgA.Data.ShouldBe("from-gateway-a");
+
+        using var leakTimeout = new CancellationTokenSource(TimeSpan.FromMilliseconds(500));
+        await Should.ThrowAsync<OperationCanceledException>(async () =>
+            await subB.Msgs.ReadAsync(leakTimeout.Token));
+    }
+}
+
+internal sealed class GatewayAccountDeliveryFixture : IAsyncDisposable
+{
+    private readonly CancellationTokenSource _localCts;
+    private readonly CancellationTokenSource _remoteCts;
+
+    private GatewayAccountDeliveryFixture(NatsServer local, NatsServer remote, CancellationTokenSource localCts, CancellationTokenSource remoteCts)
+    {
+        Local = local;
+        Remote = remote;
+        _localCts = localCts;
+        _remoteCts = remoteCts;
+    }
+
+    public NatsServer Local { get; }
+    public NatsServer Remote { get; }
+
+    public static async Task<GatewayAccountDeliveryFixture> StartAsync()
+    {
+        var users = new User[]
+        {
+            new() { Username = "a_pub", Password = "pass", Account = "A" },
+            new() { Username = "a_sub", Password = "pass", Account = "A" },
+            new() { Username = "b_sub", Password = "pass", Account = "B" },
+        };
+
+        var localOptions = new NatsOptions
+        {
+            Host = "127.0.0.1",
+            Port = 0,
+            Users = users,
+            Gateway = new GatewayOptions
+            {
+                Name = "LOCAL",
+                Host = "127.0.0.1",
+                Port = 0,
+            },
+        };
+
+        var local = new NatsServer(localOptions, NullLoggerFactory.Instance);
+        var localCts = new CancellationTokenSource();
+        _ = local.StartAsync(localCts.Token);
+        await local.WaitForReadyAsync();
+
+        var remoteOptions = new NatsOptions
+        {
+            Host = "127.0.0.1",
+            Port = 0,
+            Users = users,
+            Gateway = new GatewayOptions
+            {
+                Name = "REMOTE",
+                Host = "127.0.0.1",
+                Port = 0,
+                Remotes = [local.GatewayListen!],
+            },
+        };
+
+        var remote = new NatsServer(remoteOptions, NullLoggerFactory.Instance);
+        var remoteCts = new CancellationTokenSource();
+        _ = remote.StartAsync(remoteCts.Token);
+        await remote.WaitForReadyAsync();
+
+        using var timeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        while (!timeout.IsCancellationRequested && (local.Stats.Gateways == 0 || remote.Stats.Gateways == 0))
+            await Task.Delay(50, timeout.Token).ContinueWith(_ => { }, TaskScheduler.Default);
+
+        return new GatewayAccountDeliveryFixture(local, remote, localCts, remoteCts);
+    }
+
+    public async Task<NatsConnection> ConnectAsync(NatsServer server, string username)
+    {
+        var connection = new NatsConnection(new NatsOpts
+        {
+            Url = $"nats://{username}:pass@127.0.0.1:{server.Port}",
+        });
+        await connection.ConnectAsync();
+        return connection;
+    }
+
+    public async Task WaitForRemoteInterestOnLocalAsync(string account, string subject)
+    {
+        using var timeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        while (!timeout.IsCancellationRequested)
+        {
+            if (Local.HasRemoteInterest(account, subject))
+                return;
+
+            await Task.Delay(50, timeout.Token).ContinueWith(_ => { }, TaskScheduler.Default);
+        }
+
+        throw new TimeoutException($"Timed out waiting for remote interest {account}:{subject}.");
+    }
+
+    public async ValueTask DisposeAsync()
+    {
+        await _localCts.CancelAsync();
+        await _remoteCts.CancelAsync();
+        Local.Dispose();
+        Remote.Dispose();
+        _localCts.Dispose();
+        _remoteCts.Dispose();
+    }
+}
--- a/tests/NATS.Server.Tests/LeafNodes/LeafAccountScopedDeliveryTests.cs
+++ b/tests/NATS.Server.Tests/LeafNodes/LeafAccountScopedDeliveryTests.cs
@@ -0,0 +1,138 @@
+using Microsoft.Extensions.Logging.Abstractions;
+using NATS.Client.Core;
+using NATS.Server.Auth;
+using NATS.Server.Configuration;
+
+namespace NATS.Server.Tests.LeafNodes;
+
+public class LeafAccountScopedDeliveryTests
+{
+    [Fact]
+    public async Task Remote_message_delivery_uses_target_account_sublist_not_global_sublist()
+    {
+        const string subject = "orders.created";
+        await using var fixture = await LeafAccountDeliveryFixture.StartAsync();
+
+        await using var remoteAccountA = await fixture.ConnectAsync(fixture.Spoke, "a_sub");
+        await using var remoteAccountB = await fixture.ConnectAsync(fixture.Spoke, "b_sub");
+        await using var publisher = await fixture.ConnectAsync(fixture.Hub, "a_pub");
+
+        await using var subA = await remoteAccountA.SubscribeCoreAsync<string>(subject);
+        await using var subB = await remoteAccountB.SubscribeCoreAsync<string>(subject);
+        await remoteAccountA.PingAsync();
+        await remoteAccountB.PingAsync();
+        await fixture.WaitForRemoteInterestOnHubAsync("A", subject);
+
+        await publisher.PublishAsync(subject, "from-leaf-a");
+
+        using var receiveTimeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        var msgA = await subA.Msgs.ReadAsync(receiveTimeout.Token);
+        msgA.Data.ShouldBe("from-leaf-a");
+
+        using var leakTimeout = new CancellationTokenSource(TimeSpan.FromMilliseconds(500));
+        await Should.ThrowAsync<OperationCanceledException>(async () =>
+            await subB.Msgs.ReadAsync(leakTimeout.Token));
+    }
+}
+
+internal sealed class LeafAccountDeliveryFixture : IAsyncDisposable
+{
+    private readonly CancellationTokenSource _hubCts;
+    private readonly CancellationTokenSource _spokeCts;
+
+    private LeafAccountDeliveryFixture(NatsServer hub, NatsServer spoke, CancellationTokenSource hubCts, CancellationTokenSource spokeCts)
+    {
+        Hub = hub;
+        Spoke = spoke;
+        _hubCts = hubCts;
+        _spokeCts = spokeCts;
+    }
+
+    public NatsServer Hub { get; }
+    public NatsServer Spoke { get; }
+
+    public static async Task<LeafAccountDeliveryFixture> StartAsync()
+    {
+        var users = new User[]
+        {
+            new() { Username = "a_pub", Password = "pass", Account = "A" },
+            new() { Username = "a_sub", Password = "pass", Account = "A" },
+            new() { Username = "b_sub", Password = "pass", Account = "B" },
+        };
+
+        var hubOptions = new NatsOptions
+        {
+            Host = "127.0.0.1",
+            Port = 0,
+            Users = users,
+            LeafNode = new LeafNodeOptions
+            {
+                Host = "127.0.0.1",
+                Port = 0,
+            },
+        };
+
+        var hub = new NatsServer(hubOptions, NullLoggerFactory.Instance);
+        var hubCts = new CancellationTokenSource();
+        _ = hub.StartAsync(hubCts.Token);
+        await hub.WaitForReadyAsync();
+
+        var spokeOptions = new NatsOptions
+        {
+            Host = "127.0.0.1",
+            Port = 0,
+            Users = users,
+            LeafNode = new LeafNodeOptions
+            {
+                Host = "127.0.0.1",
+                Port = 0,
+                Remotes = [hub.LeafListen!],
+            },
+        };
+
+        var spoke = new NatsServer(spokeOptions, NullLoggerFactory.Instance);
+        var spokeCts = new CancellationTokenSource();
+        _ = spoke.StartAsync(spokeCts.Token);
+        await spoke.WaitForReadyAsync();
+
+        using var timeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        while (!timeout.IsCancellationRequested && (hub.Stats.Leafs == 0 || spoke.Stats.Leafs == 0))
+            await Task.Delay(50, timeout.Token).ContinueWith(_ => { }, TaskScheduler.Default);
+
+        return new LeafAccountDeliveryFixture(hub, spoke, hubCts, spokeCts);
+    }
+
+    public async Task<NatsConnection> ConnectAsync(NatsServer server, string username)
+    {
+        var connection = new NatsConnection(new NatsOpts
+        {
+            Url = $"nats://{username}:pass@127.0.0.1:{server.Port}",
+        });
+        await connection.ConnectAsync();
+        return connection;
+    }
+
+    public async Task WaitForRemoteInterestOnHubAsync(string account, string subject)
+    {
+        using var timeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        while (!timeout.IsCancellationRequested)
+        {
+            if (Hub.HasRemoteInterest(account, subject))
+                return;
+
+            await Task.Delay(50, timeout.Token).ContinueWith(_ => { }, TaskScheduler.Default);
+        }
+
+        throw new TimeoutException($"Timed out waiting for remote interest {account}:{subject}.");
+    }
+
+    public async ValueTask DisposeAsync()
+    {
+        await _hubCts.CancelAsync();
+        await _spokeCts.CancelAsync();
+        Hub.Dispose();
+        Spoke.Dispose();
+        _hubCts.Dispose();
+        _spokeCts.Dispose();
+    }
+}
--- a/tests/NATS.Server.Tests/Routes/RouteAccountScopedDeliveryTests.cs
+++ b/tests/NATS.Server.Tests/Routes/RouteAccountScopedDeliveryTests.cs
@@ -0,0 +1,140 @@
+using Microsoft.Extensions.Logging.Abstractions;
+using NATS.Client.Core;
+using NATS.Server.Auth;
+using NATS.Server.Configuration;
+
+namespace NATS.Server.Tests.Routes;
+
+public class RouteAccountScopedDeliveryTests
+{
+    [Fact]
+    public async Task Remote_message_delivery_uses_target_account_sublist_not_global_sublist()
+    {
+        const string subject = "orders.created";
+        await using var fixture = await RouteAccountDeliveryFixture.StartAsync();
+
+        await using var remoteAccountA = await fixture.ConnectAsync(fixture.ServerB, "a_sub");
+        await using var remoteAccountB = await fixture.ConnectAsync(fixture.ServerB, "b_sub");
+        await using var publisher = await fixture.ConnectAsync(fixture.ServerA, "a_pub");
+
+        await using var subA = await remoteAccountA.SubscribeCoreAsync<string>(subject);
+        await using var subB = await remoteAccountB.SubscribeCoreAsync<string>(subject);
+        await remoteAccountA.PingAsync();
+        await remoteAccountB.PingAsync();
+        await fixture.WaitForRemoteInterestOnServerAAsync("A", subject);
+
+        await publisher.PublishAsync(subject, "from-route-a");
+
+        using var receiveTimeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        var msgA = await subA.Msgs.ReadAsync(receiveTimeout.Token);
+        msgA.Data.ShouldBe("from-route-a");
+
+        using var leakTimeout = new CancellationTokenSource(TimeSpan.FromMilliseconds(500));
+        await Should.ThrowAsync<OperationCanceledException>(async () =>
+            await subB.Msgs.ReadAsync(leakTimeout.Token));
+    }
+}
+
+internal sealed class RouteAccountDeliveryFixture : IAsyncDisposable
+{
+    private readonly CancellationTokenSource _ctsA;
+    private readonly CancellationTokenSource _ctsB;
+
+    private RouteAccountDeliveryFixture(NatsServer serverA, NatsServer serverB, CancellationTokenSource ctsA, CancellationTokenSource ctsB)
+    {
+        ServerA = serverA;
+        ServerB = serverB;
+        _ctsA = ctsA;
+        _ctsB = ctsB;
+    }
+
+    public NatsServer ServerA { get; }
+    public NatsServer ServerB { get; }
+
+    public static async Task<RouteAccountDeliveryFixture> StartAsync()
+    {
+        var users = new User[]
+        {
+            new() { Username = "a_pub", Password = "pass", Account = "A" },
+            new() { Username = "a_sub", Password = "pass", Account = "A" },
+            new() { Username = "b_sub", Password = "pass", Account = "B" },
+        };
+
+        var optsA = new NatsOptions
+        {
+            Host = "127.0.0.1",
+            Port = 0,
+            Users = users,
+            Cluster = new ClusterOptions
+            {
+                Name = Guid.NewGuid().ToString("N"),
+                Host = "127.0.0.1",
+                Port = 0,
+            },
+        };
+
+        var serverA = new NatsServer(optsA, NullLoggerFactory.Instance);
+        var ctsA = new CancellationTokenSource();
+        _ = serverA.StartAsync(ctsA.Token);
+        await serverA.WaitForReadyAsync();
+
+        var optsB = new NatsOptions
+        {
+            Host = "127.0.0.1",
+            Port = 0,
+            Users = users,
+            Cluster = new ClusterOptions
+            {
+                Name = Guid.NewGuid().ToString("N"),
+                Host = "127.0.0.1",
+                Port = 0,
+                Routes = [serverA.ClusterListen!],
+            },
+        };
+
+        var serverB = new NatsServer(optsB, NullLoggerFactory.Instance);
+        var ctsB = new CancellationTokenSource();
+        _ = serverB.StartAsync(ctsB.Token);
+        await serverB.WaitForReadyAsync();
+
+        using var timeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        while (!timeout.IsCancellationRequested && (serverA.Stats.Routes == 0 || serverB.Stats.Routes == 0))
+            await Task.Delay(50, timeout.Token).ContinueWith(_ => { }, TaskScheduler.Default);
+
+        return new RouteAccountDeliveryFixture(serverA, serverB, ctsA, ctsB);
+    }
+
+    public async Task<NatsConnection> ConnectAsync(NatsServer server, string username)
+    {
+        var connection = new NatsConnection(new NatsOpts
+        {
+            Url = $"nats://{username}:pass@127.0.0.1:{server.Port}",
+        });
+        await connection.ConnectAsync();
+        return connection;
+    }
+
+    public async Task WaitForRemoteInterestOnServerAAsync(string account, string subject)
+    {
+        using var timeout = new CancellationTokenSource(TimeSpan.FromSeconds(5));
+        while (!timeout.IsCancellationRequested)
+        {
+            if (ServerA.HasRemoteInterest(account, subject))
+                return;
+
+            await Task.Delay(50, timeout.Token).ContinueWith(_ => { }, TaskScheduler.Default);
+        }
+
+        throw new TimeoutException($"Timed out waiting for remote interest {account}:{subject}.");
+    }
+
+    public async ValueTask DisposeAsync()
+    {
+        await _ctsA.CancelAsync();
+        await _ctsB.CancelAsync();
+        ServerA.Dispose();
+        ServerB.Dispose();
+        _ctsA.Dispose();
+        _ctsB.Dispose();
+    }
+}