From 456b9073f27ca361e8b2b4387685e2d97bae55de Mon Sep 17 00:00:00 2001
From: Michael Jeffrey <michaeldjeffrey@gmail.com>
Date: Fri, 28 Jul 2023 17:02:20 -0700
Subject: [PATCH 1/2] Add stream permission for hpr listing skfs or euis

Allows a sanity check from routing infrastructure to re-request
information for a specific route without requiring reloading
the entire database of routing information.
---
 iot_config/src/route_service.rs | 31 +++++++++++++++++++++++++++----
 1 file changed, 27 insertions(+), 4 deletions(-)

diff --git a/iot_config/src/route_service.rs b/iot_config/src/route_service.rs
index 3ede2c637..6070ee84a 100644
--- a/iot_config/src/route_service.rs
+++ b/iot_config/src/route_service.rs
@@ -122,6 +122,21 @@ impl RouteService {
         }
     }
 
+    async fn verify_request_signature_or_stream<'a, R>(
+        &self,
+        signer: &PublicKey,
+        request: &R,
+        id: OrgId<'a>,
+    ) -> Result<(), Status>
+    where
+        R: MsgVerify,
+    {
+        if let Ok(()) = self.verify_request_signature(signer, request, id).await {
+            return Ok(());
+        }
+        self.verify_stream_request_signature(signer, request)
+    }
+
     fn sign_response(&self, response: &[u8]) -> Result<Vec<u8>, Status> {
         self.signing_key
             .sign(response)
@@ -418,8 +433,12 @@ impl iot_config::Route for RouteService {
         telemetry::count_request("route", "get-euis");
 
         let signer = verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request, OrgId::RouteId(&request.route_id))
-            .await?;
+        self.verify_request_signature_or_stream(
+            &signer,
+            &request,
+            OrgId::RouteId(&request.route_id),
+        )
+        .await?;
 
         let pool = self.pool.clone();
         let (tx, rx) = tokio::sync::mpsc::channel(20);
@@ -739,8 +758,12 @@ impl iot_config::Route for RouteService {
         telemetry::count_request("route", "list-skfs");
 
         let signer = verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request, OrgId::RouteId(&request.route_id))
-            .await?;
+        self.verify_request_signature_or_stream(
+            &signer,
+            &request,
+            OrgId::RouteId(&request.route_id),
+        )
+        .await?;
 
         let pool = self.pool.clone();
         let (tx, rx) = tokio::sync::mpsc::channel(20);

From c76cb180398667a92ee95f876f76c3924339042e Mon Sep 17 00:00:00 2001
From: Michael Jeffrey <michaeldjeffrey@gmail.com>
Date: Tue, 1 Aug 2023 11:40:29 -0700
Subject: [PATCH 2/2] add hpr permission to get_devaddr_rages

allow an hpr to retreive all parts of a route individually
---
 iot_config/src/route_service.rs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/iot_config/src/route_service.rs b/iot_config/src/route_service.rs
index 6070ee84a..ada31fa1a 100644
--- a/iot_config/src/route_service.rs
+++ b/iot_config/src/route_service.rs
@@ -594,8 +594,12 @@ impl iot_config::Route for RouteService {
         telemetry::count_request("route", "get-devaddr-ranges");
 
         let signer = verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request, OrgId::RouteId(&request.route_id))
-            .await?;
+        self.verify_request_signature_or_stream(
+            &signer,
+            &request,
+            OrgId::RouteId(&request.route_id),
+        )
+        .await?;
 
         let (tx, rx) = tokio::sync::mpsc::channel(20);
         let pool = self.pool.clone();