From 670f899d2f296fe1b17296bfbe536a011ea063b8 Mon Sep 17 00:00:00 2001
From: Alexander Cyon <alex.cyon@gmail.com>
Date: Mon, 16 Dec 2024 08:53:31 +0100
Subject: [PATCH] [no ci] WIP

---
 .../entity_security_state.rs                  | 23 +++++
 .../unsecured_entity_control.rs               | 13 +++
 .../manifests_access_controller.rs            | 92 +++++++++++++++++++
 3 files changed, 128 insertions(+)

diff --git a/crates/sargon/src/profile/v100/entity_security_state/entity_security_state.rs b/crates/sargon/src/profile/v100/entity_security_state/entity_security_state.rs
index 4bcffaebe..2d67269de 100644
--- a/crates/sargon/src/profile/v100/entity_security_state/entity_security_state.rs
+++ b/crates/sargon/src/profile/v100/entity_security_state/entity_security_state.rs
@@ -24,6 +24,29 @@ pub enum EntitySecurityState {
     },
 }
 
+impl HasProvisionalSecurifiedConfig for EntitySecurityState {
+    fn get_provisional(&self) -> Option<ProvisionalSecurifiedConfig> {
+        match self {
+            Self::Securified { value } => value.get_provisional(),
+            Self::Unsecured { value } => value.get_provisional(),
+        }
+    }
+
+    fn set_provisional_unchecked(
+        &mut self,
+        provisional: impl Into<Option<ProvisionalSecurifiedConfig>>,
+    ) {
+        match self {
+            Self::Securified { value } => {
+                value.set_provisional_unchecked(provisional);
+            }
+            Self::Unsecured { value } => {
+                value.set_provisional_unchecked(provisional);
+            }
+        }
+    }
+}
+
 impl<'de> Deserialize<'de> for EntitySecurityState {
     #[cfg(not(tarpaulin_include))] // false negative
     fn deserialize<D: Deserializer<'de>>(
diff --git a/crates/sargon/src/profile/v100/entity_security_state/unsecured_entity_control.rs b/crates/sargon/src/profile/v100/entity_security_state/unsecured_entity_control.rs
index 385897b53..5b6e95f9a 100644
--- a/crates/sargon/src/profile/v100/entity_security_state/unsecured_entity_control.rs
+++ b/crates/sargon/src/profile/v100/entity_security_state/unsecured_entity_control.rs
@@ -16,6 +16,19 @@ pub struct UnsecuredEntityControl {
     pub provisional: Option<ProvisionalSecurifiedConfig>,
 }
 
+impl HasProvisionalSecurifiedConfig for UnsecuredEntityControl {
+    fn get_provisional(&self) -> Option<ProvisionalSecurifiedConfig> {
+        self.provisional.clone()
+    }
+
+    fn set_provisional_unchecked(
+        &mut self,
+        provisional: impl Into<Option<ProvisionalSecurifiedConfig>>,
+    ) {
+        self.provisional = provisional.into();
+    }
+}
+
 impl HasFactorInstances for UnsecuredEntityControl {
     fn unique_factor_instances(&self) -> IndexSet<FactorInstance> {
         IndexSet::just(self.transaction_signing.factor_instance())
diff --git a/crates/sargon/src/wrapped_radix_engine_toolkit/high_level/manifest_building/manifests_access_controller.rs b/crates/sargon/src/wrapped_radix_engine_toolkit/high_level/manifest_building/manifests_access_controller.rs
index 505931f66..91efe6adc 100644
--- a/crates/sargon/src/wrapped_radix_engine_toolkit/high_level/manifest_building/manifests_access_controller.rs
+++ b/crates/sargon/src/wrapped_radix_engine_toolkit/high_level/manifest_building/manifests_access_controller.rs
@@ -1,3 +1,5 @@
+use std::{future::Future, pin::Pin};
+
 use radix_engine_interface::blueprints::{
     access_controller::AccessControllerCreateManifestInput as ScryptoAccessControllerCreateManifestInput,
     account::ACCOUNT_SECURIFY_IDENT as SCRYPTO_ACCOUNT_SECURIFY_IDENT,
@@ -6,6 +8,96 @@ use radix_engine_interface::blueprints::{
 
 use crate::prelude::*;
 
+pub enum SecurifyEntitiesFailure {
+    FailedToSign,
+}
+pub struct SecurifyEntitiesOutcome {
+    pub failed: IndexMap<AddressOfAccountOrPersona, SecurifyEntitiesFailure>,
+    pub transaction_queued: IndexSet<AddressOfAccountOrPersona>,
+}
+
+pub type AsyncClosure<I, O> =
+    Box<dyn Fn(I) -> Pin<Box<dyn Future<Output = Result<O>>>>>;
+
+pub struct EntitiesSecurifier {
+    load_security_structure_of_factor_ids:
+        AsyncClosure<SecurityStructureID, SecurityStructureOfFactorSourceIDs>,
+        cache_client: Arc<FactorInstancesCacheClient>,
+        profile: Arc<Profile>,
+        // matrix_of_factor_sources: MatrixOfFactorSources,
+        // addresses_of_entities: IndexSet<A>,
+        interactor: Arc<dyn KeyDerivationInteractor>,
+}
+
+impl EntitiesSecurifier {
+    pub async fn securify_entities_of_kind<E: IsEntity>(
+        &self,
+        entities: IndexMap<SecurityStructureID, IndexSet<E>>,
+    ) -> Result<SecurifyEntitiesOutcome> {
+        self.securify_accounts_and_personas(
+            entities
+                .into_iter()
+                .map(|(s, e)| {
+                    (
+                        s,
+                        e.into_iter()
+                            .map(Into::into)
+                            .collect::<IndexSet<AccountOrPersona>>(),
+                    )
+                })
+                .collect(),
+        )
+        .await
+    }
+
+    pub async fn securify_accounts_and_personas(
+        &self,
+        entities: IndexMap<SecurityStructureID, IndexSet<AccountOrPersona>>,
+    ) -> Result<SecurifyEntitiesOutcome> {
+        let mut map = IndexMap::<
+            SecurityStructureOfFactorSourceIDs,
+            IndexSet<AccountOrPersona>,
+        >::new();
+        for (k, xs) in entities.into_iter() {
+            let entities = xs
+                .into_iter()
+                .map(|x| {
+                    if let Some(provisional) =
+                        x.entity_security_state().get_provisional()
+                    {
+                        if let Some(selected_shield) =
+                            provisional.as_shield_selected()
+                        {
+                            if *selected_shield != k {
+                                return Err(CommonError::Unknown);
+                            }
+                        }
+                    }
+                    Ok(x)
+                })
+                .collect::<Result<IndexSet<_>>>()?;
+
+            let structure =
+                (self.load_security_structure_of_factor_ids)(k).await?;
+            map.insert(structure, entities);
+        }
+
+        self.securify_accounts_and_personas_with_factor_source_ids(map)
+            .await
+    }
+
+    pub async fn securify_accounts_and_personas_with_factor_source_ids(
+        &self,
+        entities: IndexMap<
+            SecurityStructureOfFactorSourceIDs,
+            IndexSet<AccountOrPersona>,
+        >,
+    ) -> Result<SecurifyEntitiesOutcome> {
+        // SecurifyEntityFactorInstancesProvider
+        todo!()
+    }
+}
+
 impl TransactionManifest {
     pub fn securify_unsecurified_entity<E: IsEntity>(
         entity: E,