[Server] add code to generate multiple security keys in single request

Author: unit-adm

README.md

@@ -69,11 +69,9 @@ In the future, we intend to enhance the Unitdb with the following features:
 
 - Distributed design: We are working on building out the distributed design of Unitdb, including replication and sharding management to improve its scalability.
 - Developer support and tooling: We are working on building more intuitive tooling, refactoring code structures, and enriching documentation to improve the onboarding experience, enabling developers to quickly integrate Unitdb to their time-series database stack.
-- Expanding feature set: We also plan to expand our query feature set to include functionality such as window functions and nested loop joins.
-- Query engine optimization: We will also be looking into developing more advanced ways to optimize query performance such as GPU memory caching.
 
 ## Contributing
-As Unitdb is under active development and at this time Unitdb is not seeking major changes or new features from new contributors. However, small bugfixes are encouraged.
+As Unitdb is under active development and at this time Unitdb is not seeking major changes or new features; however, small bugfixes are encouraged. Unitdb is seeking contibution to improve test coverage and documentation.
 
 ## Licensing
 This project is licensed under [Apache-2.0 License](https://github.com/unit-io/unitdb/blob/master/LICENSE).

server/internal/hdl_conn.go

@@ -485,26 +485,32 @@ func (c *_Conn) onClientIDRequest() (interface{}, bool) {
 // onKeyGen processes a keygen request.
 func (c *_Conn) onKeyGen(payload []byte) (interface{}, bool) {
 	// Deserialize the payload.
-	msg := types.KeyGenRequest{}
-	if err := json.Unmarshal(payload, &msg); err != nil {
+	req := []types.KeyGenRequest{}
+	if err := json.Unmarshal(payload, &req); err != nil {
 		return types.ErrBadRequest, false
 	}
 
+	var resp []*types.KeyGenResponse
 	// Use the cipher to generate the key
-	key, err := security.GenerateKey(c.clientID.Contract(), []byte(msg.Topic), msg.Access())
-	if err != nil {
-		switch err {
-		case security.ErrTargetTooLong:
-			return types.ErrTargetTooLong, false
-		default:
-			return types.ErrServerError, false
+	for _, m := range req {
+		key, err := security.GenerateKey(c.clientID.Contract(), []byte(m.Topic), m.Access())
+		if err != nil {
+			switch err {
+			case security.ErrTargetTooLong:
+				return types.ErrTargetTooLong, false
+			default:
+				return types.ErrServerError, false
+			}
 		}
+		r := &types.KeyGenResponse{
+			Status: 200,
+			Key:    key,
+			Topic:  m.Topic,
+		}
+
+		resp = append(resp, r)
 	}
 
 	// Success, return the response
-	return &types.KeyGenResponse{
-		Status: 200,
-		Key:    key,
-		Topic:  msg.Topic,
-	}, true
+	return resp, true
 }

server/internal/message/security/key.go

@@ -28,8 +28,10 @@ import (
 // Access types for a security key.
 const (
 	AllowNone      = uint32(0)              // Key has no privileges.
-	AllowRead      = uint32(1 << 1)         // Key should be allowed to subscribe to the topic.
-	AllowWrite     = uint32(1 << 2)         // Key should be allowed to publish to the topic.
+	AllowOwner     = uint32(1 << 1)         // Key should be allowed to generate other keys.
+	AllowAdmin     = uint32(1 << 2)         // Key should be allowed to generate other keys.
+	AllowRead      = uint32(1 << 3)         // Key should be allowed to subscribe to the topic.
+	AllowWrite     = uint32(1 << 4)         // Key should be allowed to publish to the topic.
 	AllowReadWrite = AllowRead | AllowWrite // Key should be allowed to read and write to the topic.
 
 	// Topic types

server/internal/types/types.go

@@ -62,6 +62,10 @@ func (m *KeyGenRequest) Access() uint32 {
 
 	for i := 0; i < len(m.Type); i++ {
 		switch c := m.Type[i]; c {
+		case 'o':
+			required |= security.AllowOwner | security.AllowAdmin | security.AllowReadWrite
+		case 'a':
+			required |= security.AllowAdmin | security.AllowReadWrite
 		case 'r':
 			required |= security.AllowRead
 		case 'w':