Peerplays_Blockchain/peerplays_migrated
1
0
Fork 0
Code Issues 35 Pull requests 4 Projects Releases 20 Packages Wiki Activity Actions

rbac2 - op_type hf checks

Browse source
This commit is contained in:
satyakoneru 2020-05-26 15:48:02 +00:00
parent 2a7c8749d3
commit c74e83d088
8 changed files with 253 additions and 215 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

75
libraries/chain/custom_account_authority_evaluator.cpp
View file

@ -15,28 +15,23 @@ struct rbac_operation_hardfork_visitor
typedef void result_type;
const fc::time_point_sec block_time;
rbac_operation_hardfork_visitor( const fc::time_point_sec bt ) : block_time(bt) {}
template<typename T>
void operator()(const T &v) const {}
void operator()(const custom_permission_create_operation &op) const {
FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_permission_create_operation not allowed yet!" );
}
void operator()(const custom_permission_update_operation &op) const {
FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_permission_update_operation not allowed yet!" );
}
void operator()(const custom_permission_delete_operation &op) const {
FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_permission_delete_operation not allowed yet!" );
}
void operator()(const custom_account_authority_create_operation &op) const {
FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_account_authority_create_operation not allowed yet!" );
}
void operator()(const custom_account_authority_update_operation &op) const {
FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_account_authority_update_operation not allowed yet!" );
}
void operator()(const custom_account_authority_delete_operation &op) const {
FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_account_authority_delete_operation not allowed yet!" );
rbac_operation_hardfork_visitor(const fc::time_point_sec bt) : block_time(bt) {}
void operator()(int op_type) const
{
int first_allowed_op = operation::tag<custom_permission_create_operation>::value;
switch (op_type)
{
case operation::tag<custom_permission_create_operation>::value:
case operation::tag<custom_permission_update_operation>::value:
case operation::tag<custom_permission_delete_operation>::value:
case operation::tag<custom_account_authority_create_operation>::value:
case operation::tag<custom_account_authority_update_operation>::value:
case operation::tag<custom_account_authority_delete_operation>::value:
FC_ASSERT(block_time >= HARDFORK_RBAC_TIME, "Custom permission not allowed on this operation yet!");
break;
default:
FC_ASSERT(op_type < first_allowed_op, "Custom permission not allowed on this operation!");
}
}
};
@ -48,9 +43,11 @@ void_result create_custom_account_authority_evaluator::do_evaluate(const custom_
auto now = d.head_block_time();
FC_ASSERT(now >= HARDFORK_RBAC_TIME, "Not allowed until RBAC HF");
op.owner_account(d);
const custom_permission_object& pobj = op.permission_id(d);
const custom_permission_object &pobj = op.permission_id(d);
FC_ASSERT(pobj.account == op.owner_account, "Only owner account can update account authority object");
FC_ASSERT(op.valid_to > now, "valid_to expiry should be in future");
rbac_operation_hardfork_visitor rvtor(now);
rvtor(op.operation_type);
return void_result();
}
FC_CAPTURE_AND_RETHROW((op))
@ -66,7 +63,8 @@ object_id_type create_custom_account_authority_evaluator::do_apply(const custom_
obj.operation_type = op.operation_type;
obj.valid_from = op.valid_from;
obj.valid_to = op.valid_to;
}).id;
})
.id;
}
FC_CAPTURE_AND_RETHROW((op))
}
@ -79,20 +77,22 @@ void_result update_custom_account_authority_evaluator::do_evaluate(const custom_
auto now = d.head_block_time();
FC_ASSERT(now >= HARDFORK_RBAC_TIME, "Not allowed until RBAC HF");
op.owner_account(d);
const custom_account_authority_object& aobj = op.auth_id(d);
const custom_permission_object& pobj = aobj.permission_id(d);
const custom_account_authority_object &aobj = op.auth_id(d);
const custom_permission_object &pobj = aobj.permission_id(d);
FC_ASSERT(pobj.account == op.owner_account, "Only owner account can update account authority object");
auto valid_from = aobj.valid_from;
auto valid_to = aobj.valid_to;
if (op.new_valid_from) {
if (op.new_valid_from)
{
FC_ASSERT(*op.new_valid_from != aobj.valid_from,
"New valid_from provided is not different from old valid_from");
"New valid_from provided is not different from old valid_from");
valid_from = *op.new_valid_from;
}
if (op.new_valid_to) {
if (op.new_valid_to)
{
FC_ASSERT(*op.new_valid_to != aobj.valid_to,
"New valid_to provided is not different from old valid_to");
"New valid_to provided is not different from old valid_to");
FC_ASSERT(*op.new_valid_to > now, "New valid_to expiry should be in the future");
valid_to = *op.new_valid_to;
}
@ -106,8 +106,8 @@ object_id_type update_custom_account_authority_evaluator::do_apply(const custom_
{
try
{
database& d = db();
const custom_account_authority_object& aobj = op.auth_id(d);
database &d = db();
const custom_account_authority_object &aobj = op.auth_id(d);
d.modify(aobj, [&op](custom_account_authority_object &obj) {
if (op.new_valid_from)
obj.valid_from = *op.new_valid_from;
@ -127,24 +127,25 @@ void_result delete_custom_account_authority_evaluator::do_evaluate(const custom_
auto now = d.head_block_time();
FC_ASSERT(now >= HARDFORK_RBAC_TIME, "Not allowed until RBAC HF");
op.owner_account(d);
const custom_account_authority_object& aobj = op.auth_id(d);
const custom_permission_object& pobj = aobj.permission_id(d);
const custom_account_authority_object &aobj = op.auth_id(d);
const custom_permission_object &pobj = aobj.permission_id(d);
FC_ASSERT(pobj.account == op.owner_account, "Only owner account can delete account authority object");
return void_result();
}
FC_CAPTURE_AND_RETHROW((op))
}
object_id_type delete_custom_account_authority_evaluator::do_apply(const custom_account_authority_delete_operation &op)
void_result delete_custom_account_authority_evaluator::do_apply(const custom_account_authority_delete_operation &op)
{
try
{
database &d = db();
const custom_account_authority_object& aobj = op.auth_id(d);
const custom_account_authority_object &aobj = op.auth_id(d);
d.remove(aobj);
return void_result();
}
FC_CAPTURE_AND_RETHROW((op))
}
} // namespace chain
} // namespace graphene
} // namespace graphene

11
libraries/chain/custom_permission_evaluator.cpp
View file

@ -39,7 +39,8 @@ object_id_type create_custom_permission_evaluator::do_apply(const custom_permiss
obj.account = op.owner_account;
obj.permission_name = op.permission_name;
obj.auth = op.auth;
}).id;
})
.id;
}
FC_CAPTURE_AND_RETHROW((op))
}
@ -52,7 +53,7 @@ void_result update_custom_permission_evaluator::do_evaluate(const custom_permiss
auto now = d.head_block_time();
FC_ASSERT(now >= HARDFORK_RBAC_TIME, "Not allowed until RBAC HF");
op.owner_account(d);
const custom_permission_object& pobj = op.permission_id(d);
const custom_permission_object &pobj = op.permission_id(d);
FC_ASSERT(pobj.account == op.owner_account, "Only owner account can update permission object");
if (op.new_auth)
{
@ -72,7 +73,7 @@ object_id_type update_custom_permission_evaluator::do_apply(const custom_permiss
try
{
database &d = db();
const custom_permission_object& pobj = op.permission_id(d);
const custom_permission_object &pobj = op.permission_id(d);
d.modify(pobj, [&op](custom_permission_object &obj) {
if (op.new_auth)
obj.auth = *op.new_auth;
@ -91,7 +92,7 @@ void_result delete_custom_permission_evaluator::do_evaluate(const custom_permiss
auto now = d.head_block_time();
FC_ASSERT(now >= HARDFORK_RBAC_TIME, "Not allowed until RBAC HF");
op.owner_account(d);
const custom_permission_object& pobj = op.permission_id(d);
const custom_permission_object &pobj = op.permission_id(d);
FC_ASSERT(pobj.account == op.owner_account, "Only owner account can delete permission object");
return void_result();
}
@ -103,7 +104,7 @@ void_result delete_custom_permission_evaluator::do_apply(const custom_permission
try
{
database &d = db();
const custom_permission_object& pobj = op.permission_id(d);
const custom_permission_object &pobj = op.permission_id(d);
// TODO: Remove all the custom_account_authority_object linked to this permission object.
d.remove(pobj);
return void_result();

26
libraries/chain/include/graphene/chain/custom_account_authority_evaluator.hpp
View file

@ -2,33 +2,37 @@
#include <graphene/chain/evaluator.hpp>
#include <graphene/chain/protocol/custom_account_authority.hpp>
namespace graphene { namespace chain {
namespace graphene
{
namespace chain
{
class create_custom_account_authority_evaluator : public evaluator<create_custom_account_authority_evaluator>
{
public:
typedef custom_account_authority_create_operation operation_type;
typedef custom_account_authority_create_operation operation_type;
void_result do_evaluate(const custom_account_authority_create_operation& o);
object_id_type do_apply(const custom_account_authority_create_operation& o);
void_result do_evaluate(const custom_account_authority_create_operation &o);
object_id_type do_apply(const custom_account_authority_create_operation &o);
};
class update_custom_account_authority_evaluator : public evaluator<update_custom_account_authority_evaluator>
{
public:
typedef custom_account_authority_update_operation operation_type;
typedef custom_account_authority_update_operation operation_type;
void_result do_evaluate(const custom_account_authority_update_operation& o);
object_id_type do_apply(const custom_account_authority_update_operation& o);
void_result do_evaluate(const custom_account_authority_update_operation &o);
object_id_type do_apply(const custom_account_authority_update_operation &o);
};
class delete_custom_account_authority_evaluator : public evaluator<delete_custom_account_authority_evaluator>
{
public:
typedef custom_account_authority_delete_operation operation_type;
typedef custom_account_authority_delete_operation operation_type;
void_result do_evaluate(const custom_account_authority_delete_operation& o);
object_id_type do_apply(const custom_account_authority_delete_operation& o);
void_result do_evaluate(const custom_account_authority_delete_operation &o);
void_result do_apply(const custom_account_authority_delete_operation &o);
};
} } // namespace graphene::chain
} // namespace chain
} // namespace graphene

26
libraries/chain/include/graphene/chain/custom_permission_evaluator.hpp
View file

@ -2,33 +2,37 @@
#include <graphene/chain/evaluator.hpp>
#include <graphene/chain/protocol/custom_permission.hpp>
namespace graphene { namespace chain {
namespace graphene
{
namespace chain
{
class create_custom_permission_evaluator : public evaluator<create_custom_permission_evaluator>
{
public:
typedef custom_permission_create_operation operation_type;
typedef custom_permission_create_operation operation_type;
void_result do_evaluate(const custom_permission_create_operation& o);
object_id_type do_apply(const custom_permission_create_operation& o);
void_result do_evaluate(const custom_permission_create_operation &o);
object_id_type do_apply(const custom_permission_create_operation &o);
};
class update_custom_permission_evaluator : public evaluator<update_custom_permission_evaluator>
{
public:
typedef custom_permission_update_operation operation_type;
typedef custom_permission_update_operation operation_type;
void_result do_evaluate(const custom_permission_update_operation& o);
object_id_type do_apply(const custom_permission_update_operation& o);
void_result do_evaluate(const custom_permission_update_operation &o);
object_id_type do_apply(const custom_permission_update_operation &o);
};
class delete_custom_permission_evaluator : public evaluator<delete_custom_permission_evaluator>
{
public:
typedef custom_permission_delete_operation operation_type;
typedef custom_permission_delete_operation operation_type;
void_result do_evaluate(const custom_permission_delete_operation& o);
void_result do_apply(const custom_permission_delete_operation& o);
void_result do_evaluate(const custom_permission_delete_operation &o);
void_result do_apply(const custom_permission_delete_operation &o);
};
} } // namespace graphene::chain
} // namespace chain
} // namespace graphene

99
libraries/chain/include/graphene/chain/protocol/custom_account_authority.hpp
View file

@ -1,59 +1,72 @@
#pragma once
#include <graphene/chain/protocol/base.hpp>
namespace graphene { namespace chain {
namespace graphene
{
namespace chain
{
struct custom_account_authority_create_operation : public base_operation
struct custom_account_authority_create_operation : public base_operation
{
struct fee_parameters_type
{
struct fee_parameters_type { uint64_t fee = 0; };
asset fee;
custom_permission_id_type permission_id;
int operation_type;
time_point_sec valid_from;
time_point_sec valid_to;
account_id_type owner_account;
account_id_type fee_payer()const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type& k)const { return 0; }
uint64_t fee = 0;
};
struct custom_account_authority_update_operation : public base_operation
asset fee;
custom_permission_id_type permission_id;
int operation_type;
time_point_sec valid_from;
time_point_sec valid_to;
account_id_type owner_account;
account_id_type fee_payer() const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
};
struct custom_account_authority_update_operation : public base_operation
{
struct fee_parameters_type
{
struct fee_parameters_type { uint64_t fee = 0; };
asset fee;
custom_account_authority_id_type auth_id;
optional<time_point_sec> new_valid_from;
optional<time_point_sec> new_valid_to;
account_id_type owner_account;
account_id_type fee_payer()const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type& k)const { return 0; }
uint64_t fee = 0;
};
struct custom_account_authority_delete_operation : public base_operation
asset fee;
custom_account_authority_id_type auth_id;
optional<time_point_sec> new_valid_from;
optional<time_point_sec> new_valid_to;
account_id_type owner_account;
account_id_type fee_payer() const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
};
struct custom_account_authority_delete_operation : public base_operation
{
struct fee_parameters_type
{
struct fee_parameters_type { uint64_t fee = 0; };
asset fee;
custom_account_authority_id_type auth_id;
account_id_type owner_account;
account_id_type fee_payer()const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type& k)const { return 0; }
uint64_t fee = 0;
};
} } // namespace graphene::chain
asset fee;
custom_account_authority_id_type auth_id;
account_id_type owner_account;
FC_REFLECT(graphene::chain::custom_account_authority_create_operation::fee_parameters_type, (fee) )
FC_REFLECT(graphene::chain::custom_account_authority_create_operation, (fee)(permission_id)(operation_type)(valid_from)(valid_to)(owner_account) )
account_id_type fee_payer() const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
};
FC_REFLECT(graphene::chain::custom_account_authority_update_operation::fee_parameters_type, (fee) )
FC_REFLECT(graphene::chain::custom_account_authority_update_operation, (fee)(auth_id)(new_valid_from)(new_valid_to)(owner_account) )
} // namespace chain
} // namespace graphene
FC_REFLECT(graphene::chain::custom_account_authority_delete_operation::fee_parameters_type, (fee) )
FC_REFLECT(graphene::chain::custom_account_authority_delete_operation, (fee)(auth_id)(owner_account) )
FC_REFLECT(graphene::chain::custom_account_authority_create_operation::fee_parameters_type, (fee))
FC_REFLECT(graphene::chain::custom_account_authority_create_operation, (fee)(permission_id)(operation_type)(valid_from)(valid_to)(owner_account))
FC_REFLECT(graphene::chain::custom_account_authority_update_operation::fee_parameters_type, (fee))
FC_REFLECT(graphene::chain::custom_account_authority_update_operation, (fee)(auth_id)(new_valid_from)(new_valid_to)(owner_account))
FC_REFLECT(graphene::chain::custom_account_authority_delete_operation::fee_parameters_type, (fee))
FC_REFLECT(graphene::chain::custom_account_authority_delete_operation, (fee)(auth_id)(owner_account))

93
libraries/chain/include/graphene/chain/protocol/custom_permission.hpp
View file

@ -1,56 +1,69 @@
#pragma once
#include <graphene/chain/protocol/base.hpp>
namespace graphene { namespace chain {
namespace graphene
{
namespace chain
{
struct custom_permission_create_operation : public base_operation
struct custom_permission_create_operation : public base_operation
{
struct fee_parameters_type
{
struct fee_parameters_type { uint64_t fee = 0; };
asset fee;
account_id_type owner_account;
string permission_name;
authority auth;
account_id_type fee_payer()const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type& k)const { return 0; }
uint64_t fee = 0;
};
struct custom_permission_update_operation : public base_operation
asset fee;
account_id_type owner_account;
string permission_name;
authority auth;
account_id_type fee_payer() const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
};
struct custom_permission_update_operation : public base_operation
{
struct fee_parameters_type
{
struct fee_parameters_type { uint64_t fee = 0; };
asset fee;
custom_permission_id_type permission_id;
optional<authority> new_auth;
account_id_type owner_account;
account_id_type fee_payer()const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type& k)const { return 0; }
uint64_t fee = 0;
};
struct custom_permission_delete_operation : public base_operation
asset fee;
custom_permission_id_type permission_id;
optional<authority> new_auth;
account_id_type owner_account;
account_id_type fee_payer() const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
};
struct custom_permission_delete_operation : public base_operation
{
struct fee_parameters_type
{
struct fee_parameters_type { uint64_t fee = 0; };
asset fee;
custom_permission_id_type permission_id;
account_id_type owner_account;
account_id_type fee_payer()const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type& k)const { return 0; }
uint64_t fee = 0;
};
} } // namespace graphene::chain
asset fee;
custom_permission_id_type permission_id;
account_id_type owner_account;
FC_REFLECT(graphene::chain::custom_permission_create_operation::fee_parameters_type, (fee) )
FC_REFLECT(graphene::chain::custom_permission_create_operation, (fee)(owner_account)(permission_name)(auth) )
account_id_type fee_payer() const { return owner_account; }
void validate() const;
share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
};
FC_REFLECT(graphene::chain::custom_permission_update_operation::fee_parameters_type, (fee) )
FC_REFLECT(graphene::chain::custom_permission_update_operation, (fee)(permission_id)(new_auth)(owner_account) )
} // namespace chain
} // namespace graphene
FC_REFLECT(graphene::chain::custom_permission_delete_operation::fee_parameters_type, (fee) )
FC_REFLECT(graphene::chain::custom_permission_delete_operation, (fee)(permission_id)(owner_account) )
FC_REFLECT(graphene::chain::custom_permission_create_operation::fee_parameters_type, (fee))
FC_REFLECT(graphene::chain::custom_permission_create_operation, (fee)(owner_account)(permission_name)(auth))
FC_REFLECT(graphene::chain::custom_permission_update_operation::fee_parameters_type, (fee))
FC_REFLECT(graphene::chain::custom_permission_update_operation, (fee)(permission_id)(new_auth)(owner_account))
FC_REFLECT(graphene::chain::custom_permission_delete_operation::fee_parameters_type, (fee))
FC_REFLECT(graphene::chain::custom_permission_delete_operation, (fee)(permission_id)(owner_account))

35
libraries/chain/protocol/custom_account_authority.cpp
View file

@ -1,39 +1,38 @@
#include <graphene/chain/protocol/custom_account_authority.hpp>
#include <graphene/chain/protocol/operations.hpp>
namespace graphene { namespace chain {
namespace graphene
{
namespace chain
{
void custom_account_authority_create_operation::validate()const {
void custom_account_authority_create_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
&& owner_account != GRAPHENE_COMMITTEE_ACCOUNT
&& owner_account != GRAPHENE_WITNESS_ACCOUNT
&& owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
FC_ASSERT(valid_from < valid_to, "valid_from should be earlier than valid_to");
FC_ASSERT(operation_type >= 0 && operation_type < operation::count(), "operation_type is not valid");
}
void custom_account_authority_update_operation::validate()const {
void custom_account_authority_update_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
&& owner_account != GRAPHENE_COMMITTEE_ACCOUNT
&& owner_account != GRAPHENE_WITNESS_ACCOUNT
&& owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
FC_ASSERT(new_valid_from.valid() || new_valid_to.valid(), "Something must be updated");
if (new_valid_from && new_valid_to) {
if (new_valid_from && new_valid_to)
{
FC_ASSERT(*new_valid_from < *new_valid_to, "valid_from should be earlier than valid_to");
}
}
void custom_account_authority_delete_operation::validate()const {
void custom_account_authority_delete_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
&& owner_account != GRAPHENE_COMMITTEE_ACCOUNT
&& owner_account != GRAPHENE_WITNESS_ACCOUNT
&& owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
}
} } // graphene::chain
} // namespace chain
} // namespace graphene

103
libraries/chain/protocol/custom_permission.cpp
View file

@ -1,77 +1,80 @@
#include <graphene/chain/protocol/custom_permission.hpp>
#include <graphene/chain/protocol/operations.hpp>
namespace graphene { namespace chain {
namespace graphene
{
namespace chain
{
bool is_valid_permission_name( const string& name )
{ try {
const size_t len = name.size();
// RBAC_MIN_PERMISSION_NAME_LENGTH <= len minimum length check
if( len < RBAC_MIN_PERMISSION_NAME_LENGTH )
bool is_valid_permission_name(const string &name)
{
try
{
return false;
}
// len <= RBAC_MAX_PERMISSION_NAME_LENGTH max length check
if( len > RBAC_MAX_PERMISSION_NAME_LENGTH )
{
return false;
}
// First character should be a letter between a-z
if( !(name[0] >= 'a' && name[0] <= 'z') )
{
return false;
}
// Any character of a permission name should either be a small case letter a-z or a digit 0-9
for( const auto& ch: name)
{
if( !((ch >= 'a' && ch <= 'z') || (ch >= '0' && ch <= '9')) )
const size_t len = name.size();
// RBAC_MIN_PERMISSION_NAME_LENGTH <= len minimum length check
if (len < RBAC_MIN_PERMISSION_NAME_LENGTH)
{
return false;
}
// len <= RBAC_MAX_PERMISSION_NAME_LENGTH max length check
if (len > RBAC_MAX_PERMISSION_NAME_LENGTH)
{
return false;
}
// First character should be a letter between a-z
if (!(name[0] >= 'a' && name[0] <= 'z'))
{
return false;
}
// Any character of a permission name should either be a small case letter a-z or a digit 0-9
for (const auto &ch : name)
{
if (!((ch >= 'a' && ch <= 'z') || (ch >= '0' && ch <= '9')))
{
return false;
}
}
// Don't accept active and owner permissions as we already have them by default
// This is for removing ambiguity for users, accepting them doesn't create any problems
if (name == "active" || name == "owner")
{
return false;
}
}
// Don't accept active and owner permissions as we already have them by default
// This is for removing ambiguity for users, accepting them doesn't create any problems
if( name == "active" || name == "owner" )
{
return false;
}
return true;
} FC_CAPTURE_AND_RETHROW( (name) ) }
return true;
}
FC_CAPTURE_AND_RETHROW((name))
}
void custom_permission_create_operation::validate()const {
void custom_permission_create_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(is_valid_permission_name( permission_name ), "Invalid permission name provided");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
&& owner_account != GRAPHENE_COMMITTEE_ACCOUNT
&& owner_account != GRAPHENE_WITNESS_ACCOUNT
&& owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
FC_ASSERT(is_valid_permission_name(permission_name), "Invalid permission name provided");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
FC_ASSERT(!auth.is_impossible(), "Impossible authority threshold auth provided");
FC_ASSERT(auth.address_auths.size() == 0, "Only account and key auths supported");
}
void custom_permission_update_operation::validate()const {
void custom_permission_update_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
&& owner_account != GRAPHENE_COMMITTEE_ACCOUNT
&& owner_account != GRAPHENE_WITNESS_ACCOUNT
&& owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
FC_ASSERT( new_auth.valid(), "Something must be updated");
if (new_auth) {
FC_ASSERT(new_auth.valid(), "Something must be updated");
if (new_auth)
{
FC_ASSERT(!new_auth->is_impossible(), "Impossible authority threshold auth provided");
FC_ASSERT(new_auth->address_auths.size() == 0, "Only account and key auths supported");
}
}
void custom_permission_delete_operation::validate()const {
void custom_permission_delete_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
&& owner_account != GRAPHENE_COMMITTEE_ACCOUNT
&& owner_account != GRAPHENE_WITNESS_ACCOUNT
&& owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
}
} } // graphene::chain
} // namespace chain
} // namespace graphene