From 1e5555d5977c374f66e407e49118fc4c7bd7fa8e Mon Sep 17 00:00:00 2001
From: Sander Pick <sanderpick@gmail.com>
Date: Wed, 15 Jul 2020 21:20:27 -0700
Subject: [PATCH] net: unprotect net.AddRecord (#405)

Signed-off-by: Sander Pick <sanderpick@gmail.com>
---
 core/net/net.go     | 2 +-
 core/net/options.go | 2 +-
 net/net.go          | 6 +++---
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/net/net.go b/core/net/net.go
index c787d419..af6c807b 100644
--- a/core/net/net.go
+++ b/core/net/net.go
@@ -73,7 +73,7 @@ type API interface {
 
 // Token is used to restrict network APIs to a single app.App.
 // In other words, a net token protects against writes and deletes
-// external to an app.
+// which are external to an app.
 type Token []byte
 
 func (t Token) Equal(b Token) bool {
diff --git a/core/net/options.go b/core/net/options.go
index 439c1470..056f7bf8 100644
--- a/core/net/options.go
+++ b/core/net/options.go
@@ -58,7 +58,7 @@ func WithThreadToken(t thread.Token) ThreadOption {
 // WithAPIToken provides additional authorization for interacting
 // with a thread as an application.
 // For example, this is used by a db.DB to ensure that only it can
-// create/add records or delete the underlying thread.
+// create records or delete the underlying thread.
 func WithAPIToken(t Token) ThreadOption {
 	return func(args *ThreadOptions) {
 		args.APIToken = t
diff --git a/net/net.go b/net/net.go
index e558b934..7dbc0579 100644
--- a/net/net.go
+++ b/net/net.go
@@ -721,9 +721,6 @@ func (n *net) AddRecord(ctx context.Context, id thread.ID, lid peer.ID, rec core
 	if _, err := args.Token.Validate(n.getPrivKey()); err != nil {
 		return err
 	}
-	if !n.validateAPIToken(id, args.APIToken) {
-		return fmt.Errorf("cannot add record: %w", app.ErrThreadInUse)
-	}
 
 	logpk, err := n.store.PubKey(id, lid)
 	if err != nil {
@@ -872,6 +869,9 @@ func (n *net) ConnectApp(a app.App, id thread.ID) (*app.Connector, error) {
 	return con, nil
 }
 
+// validateAPIToken checks if the thread is backing an app,
+// and if so, returns whether or not the token matches the app
+// connector's token.
 func (n *net) validateAPIToken(id thread.ID, token core.Token) bool {
 	t, ok := n.apps[id]
 	if !ok {