rbac2 - op_type hf checks

libraries/chain/custom_account_authority_evaluator.cpp

@@ -16,27 +16,22 @@ struct rbac_operation_hardfork_visitor
    const fc::time_point_sec block_time;
 
    rbac_operation_hardfork_visitor(const fc::time_point_sec bt) : block_time(bt) {}
-
+   void operator()(int op_type) const
-   template<typename T>
+   {
-   void operator()(const T &v) const {}
+      int first_allowed_op = operation::tag<custom_permission_create_operation>::value;
-
+      switch (op_type)
-   void operator()(const custom_permission_create_operation &op) const {
+      {
-      FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_permission_create_operation not allowed yet!" );
+      case operation::tag<custom_permission_create_operation>::value:
+      case operation::tag<custom_permission_update_operation>::value:
+      case operation::tag<custom_permission_delete_operation>::value:
+      case operation::tag<custom_account_authority_create_operation>::value:
+      case operation::tag<custom_account_authority_update_operation>::value:
+      case operation::tag<custom_account_authority_delete_operation>::value:
+         FC_ASSERT(block_time >= HARDFORK_RBAC_TIME, "Custom permission not allowed on this operation yet!");
+         break;
+      default:
+         FC_ASSERT(op_type < first_allowed_op, "Custom permission not allowed on this operation!");
       }
-   void operator()(const custom_permission_update_operation &op) const {
-      FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_permission_update_operation not allowed yet!" );
-   }
-   void operator()(const custom_permission_delete_operation &op) const {
-      FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_permission_delete_operation not allowed yet!" );
-   }
-   void operator()(const custom_account_authority_create_operation &op) const {
-      FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_account_authority_create_operation not allowed yet!" );
-   }
-   void operator()(const custom_account_authority_update_operation &op) const {
-      FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_account_authority_update_operation not allowed yet!" );
-   }
-   void operator()(const custom_account_authority_delete_operation &op) const {
-      FC_ASSERT( block_time >= HARDFORK_RBAC_TIME, "custom_account_authority_delete_operation not allowed yet!" );
    }
 };
 
@@ -51,6 +46,8 @@ void_result create_custom_account_authority_evaluator::do_evaluate(const custom_
       const custom_permission_object &pobj = op.permission_id(d);
       FC_ASSERT(pobj.account == op.owner_account, "Only owner account can update account authority object");
       FC_ASSERT(op.valid_to > now, "valid_to expiry should be in future");
+      rbac_operation_hardfork_visitor rvtor(now);
+      rvtor(op.operation_type);
       return void_result();
    }
    FC_CAPTURE_AND_RETHROW((op))
@@ -66,7 +63,8 @@ object_id_type create_custom_account_authority_evaluator::do_apply(const custom_
                  obj.operation_type = op.operation_type;
                  obj.valid_from = op.valid_from;
                  obj.valid_to = op.valid_to;
-              }).id;
+              })
+          .id;
    }
    FC_CAPTURE_AND_RETHROW((op))
 }
@@ -84,13 +82,15 @@ void_result update_custom_account_authority_evaluator::do_evaluate(const custom_
       FC_ASSERT(pobj.account == op.owner_account, "Only owner account can update account authority object");
       auto valid_from = aobj.valid_from;
       auto valid_to = aobj.valid_to;
-      if (op.new_valid_from) {
+      if (op.new_valid_from)
+      {
          FC_ASSERT(*op.new_valid_from != aobj.valid_from,
                    "New valid_from provided is not different from old valid_from");
          valid_from = *op.new_valid_from;
       }
 
-      if (op.new_valid_to) {
+      if (op.new_valid_to)
+      {
          FC_ASSERT(*op.new_valid_to != aobj.valid_to,
                    "New valid_to provided is not different from old valid_to");
          FC_ASSERT(*op.new_valid_to > now, "New valid_to expiry should be in the future");
@@ -135,13 +135,14 @@ void_result delete_custom_account_authority_evaluator::do_evaluate(const custom_
    FC_CAPTURE_AND_RETHROW((op))
 }
 
-object_id_type delete_custom_account_authority_evaluator::do_apply(const custom_account_authority_delete_operation &op)
+void_result delete_custom_account_authority_evaluator::do_apply(const custom_account_authority_delete_operation &op)
 {
    try
    {
       database &d = db();
       const custom_account_authority_object &aobj = op.auth_id(d);
       d.remove(aobj);
+      return void_result();
    }
    FC_CAPTURE_AND_RETHROW((op))
 }

libraries/chain/custom_permission_evaluator.cpp

@@ -39,7 +39,8 @@ object_id_type create_custom_permission_evaluator::do_apply(const custom_permiss
                  obj.account = op.owner_account;
                  obj.permission_name = op.permission_name;
                  obj.auth = op.auth;
-              }).id;
+              })
+          .id;
    }
    FC_CAPTURE_AND_RETHROW((op))
 }

libraries/chain/include/graphene/chain/custom_account_authority_evaluator.hpp

@@ -2,7 +2,10 @@
 #include <graphene/chain/evaluator.hpp>
 #include <graphene/chain/protocol/custom_account_authority.hpp>
 
-namespace graphene { namespace chain {
+namespace graphene
+{
+namespace chain
+{
 
 class create_custom_account_authority_evaluator : public evaluator<create_custom_account_authority_evaluator>
 {
@@ -28,7 +31,8 @@ public:
    typedef custom_account_authority_delete_operation operation_type;
 
    void_result do_evaluate(const custom_account_authority_delete_operation &o);
-    object_id_type do_apply(const custom_account_authority_delete_operation& o);
+   void_result do_apply(const custom_account_authority_delete_operation &o);
 };
 
-} } // namespace graphene::chain
+} // namespace chain
+} // namespace graphene

libraries/chain/include/graphene/chain/custom_permission_evaluator.hpp

@@ -2,7 +2,10 @@
 #include <graphene/chain/evaluator.hpp>
 #include <graphene/chain/protocol/custom_permission.hpp>
 
-namespace graphene { namespace chain {
+namespace graphene
+{
+namespace chain
+{
 
 class create_custom_permission_evaluator : public evaluator<create_custom_permission_evaluator>
 {
@@ -31,4 +34,5 @@ public:
    void_result do_apply(const custom_permission_delete_operation &o);
 };
 
-} } // namespace graphene::chain
+} // namespace chain
+} // namespace graphene

libraries/chain/include/graphene/chain/protocol/custom_account_authority.hpp

@@ -1,11 +1,17 @@
 #pragma once
 #include <graphene/chain/protocol/base.hpp>
 
-namespace graphene { namespace chain {
+namespace graphene
+{
+namespace chain
+{
 
 struct custom_account_authority_create_operation : public base_operation
 {
-      struct fee_parameters_type { uint64_t fee = 0; };
+   struct fee_parameters_type
+   {
+      uint64_t fee = 0;
+   };
 
    asset fee;
    custom_permission_id_type permission_id;
@@ -21,7 +27,10 @@ namespace graphene { namespace chain {
 
 struct custom_account_authority_update_operation : public base_operation
 {
-      struct fee_parameters_type { uint64_t fee = 0; };
+   struct fee_parameters_type
+   {
+      uint64_t fee = 0;
+   };
 
    asset fee;
    custom_account_authority_id_type auth_id;
@@ -36,7 +45,10 @@ namespace graphene { namespace chain {
 
 struct custom_account_authority_delete_operation : public base_operation
 {
-      struct fee_parameters_type { uint64_t fee = 0; };
+   struct fee_parameters_type
+   {
+      uint64_t fee = 0;
+   };
 
    asset fee;
    custom_account_authority_id_type auth_id;
@@ -47,7 +59,8 @@ namespace graphene { namespace chain {
    share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
 };
 
-} } // namespace graphene::chain
+} // namespace chain
+} // namespace graphene
 
 FC_REFLECT(graphene::chain::custom_account_authority_create_operation::fee_parameters_type, (fee))
 FC_REFLECT(graphene::chain::custom_account_authority_create_operation, (fee)(permission_id)(operation_type)(valid_from)(valid_to)(owner_account))

libraries/chain/include/graphene/chain/protocol/custom_permission.hpp

@@ -1,11 +1,17 @@
 #pragma once
 #include <graphene/chain/protocol/base.hpp>
 
-namespace graphene { namespace chain {
+namespace graphene
+{
+namespace chain
+{
 
 struct custom_permission_create_operation : public base_operation
 {
-      struct fee_parameters_type { uint64_t fee = 0; };
+   struct fee_parameters_type
+   {
+      uint64_t fee = 0;
+   };
 
    asset fee;
    account_id_type owner_account;
@@ -19,7 +25,10 @@ namespace graphene { namespace chain {
 
 struct custom_permission_update_operation : public base_operation
 {
-      struct fee_parameters_type { uint64_t fee = 0; };
+   struct fee_parameters_type
+   {
+      uint64_t fee = 0;
+   };
 
    asset fee;
    custom_permission_id_type permission_id;
@@ -33,7 +42,10 @@ namespace graphene { namespace chain {
 
 struct custom_permission_delete_operation : public base_operation
 {
-      struct fee_parameters_type { uint64_t fee = 0; };
+   struct fee_parameters_type
+   {
+      uint64_t fee = 0;
+   };
 
    asset fee;
    custom_permission_id_type permission_id;
@@ -44,7 +56,8 @@ namespace graphene { namespace chain {
    share_type calculate_fee(const fee_parameters_type &k) const { return 0; }
 };
 
-} } // namespace graphene::chain
+} // namespace chain
+} // namespace graphene
 
 FC_REFLECT(graphene::chain::custom_permission_create_operation::fee_parameters_type, (fee))
 FC_REFLECT(graphene::chain::custom_permission_create_operation, (fee)(owner_account)(permission_name)(auth))

libraries/chain/protocol/custom_account_authority.cpp

@@ -1,39 +1,38 @@
 #include <graphene/chain/protocol/custom_account_authority.hpp>
 #include <graphene/chain/protocol/operations.hpp>
 
-namespace graphene { namespace chain {
+namespace graphene
+{
+namespace chain
+{
 
-void custom_account_authority_create_operation::validate()const {
+void custom_account_authority_create_operation::validate() const
+{
    FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
-   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
+   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
-             && owner_account != GRAPHENE_COMMITTEE_ACCOUNT
-             && owner_account != GRAPHENE_WITNESS_ACCOUNT
-             && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
              "Custom permissions and account auths cannot be created for special accounts");
    FC_ASSERT(valid_from < valid_to, "valid_from should be earlier than valid_to");
    FC_ASSERT(operation_type >= 0 && operation_type < operation::count(), "operation_type is not valid");
 }
 
-void custom_account_authority_update_operation::validate()const {
+void custom_account_authority_update_operation::validate() const
+{
    FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
-   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
+   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
-             && owner_account != GRAPHENE_COMMITTEE_ACCOUNT
-             && owner_account != GRAPHENE_WITNESS_ACCOUNT
-             && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
              "Custom permissions and account auths cannot be created for special accounts");
    FC_ASSERT(new_valid_from.valid() || new_valid_to.valid(), "Something must be updated");
-   if (new_valid_from && new_valid_to) {
+   if (new_valid_from && new_valid_to)
+   {
       FC_ASSERT(*new_valid_from < *new_valid_to, "valid_from should be earlier than valid_to");
    }
 }
 
-void custom_account_authority_delete_operation::validate()const {
+void custom_account_authority_delete_operation::validate() const
+{
    FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
-   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
+   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
-             && owner_account != GRAPHENE_COMMITTEE_ACCOUNT
-             && owner_account != GRAPHENE_WITNESS_ACCOUNT
-             && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
              "Custom permissions and account auths cannot be created for special accounts");
 }
 
-} } // graphene::chain
+} // namespace chain
+} // namespace graphene

libraries/chain/protocol/custom_permission.cpp

@@ -1,10 +1,15 @@
 #include <graphene/chain/protocol/custom_permission.hpp>
 #include <graphene/chain/protocol/operations.hpp>
 
-namespace graphene { namespace chain {
+namespace graphene
+{
+namespace chain
+{
 
 bool is_valid_permission_name(const string &name)
-{ try {
+{
+   try
+   {
       const size_t len = name.size();
       // RBAC_MIN_PERMISSION_NAME_LENGTH <= len minimum length check
       if (len < RBAC_MIN_PERMISSION_NAME_LENGTH)
@@ -37,41 +42,39 @@ bool is_valid_permission_name( const string& name )
       }
 
       return true;
-} FC_CAPTURE_AND_RETHROW( (name) ) }
+   }
+   FC_CAPTURE_AND_RETHROW((name))
+}
 
-void custom_permission_create_operation::validate()const {
+void custom_permission_create_operation::validate() const
+{
    FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
    FC_ASSERT(is_valid_permission_name(permission_name), "Invalid permission name provided");
-   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
+   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
-             && owner_account != GRAPHENE_COMMITTEE_ACCOUNT
-             && owner_account != GRAPHENE_WITNESS_ACCOUNT
-             && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
              "Custom permissions and account auths cannot be created for special accounts");
    FC_ASSERT(!auth.is_impossible(), "Impossible authority threshold auth provided");
    FC_ASSERT(auth.address_auths.size() == 0, "Only account and key auths supported");
 }
 
-void custom_permission_update_operation::validate()const {
+void custom_permission_update_operation::validate() const
+{
    FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
-   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
+   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
-             && owner_account != GRAPHENE_COMMITTEE_ACCOUNT
-             && owner_account != GRAPHENE_WITNESS_ACCOUNT
-             && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
              "Custom permissions and account auths cannot be created for special accounts");
    FC_ASSERT(new_auth.valid(), "Something must be updated");
-   if (new_auth) {
+   if (new_auth)
+   {
       FC_ASSERT(!new_auth->is_impossible(), "Impossible authority threshold auth provided");
       FC_ASSERT(new_auth->address_auths.size() == 0, "Only account and key auths supported");
    }
 }
 
-void custom_permission_delete_operation::validate()const {
+void custom_permission_delete_operation::validate() const
+{
    FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
-   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT
+   FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
-             && owner_account != GRAPHENE_COMMITTEE_ACCOUNT
-             && owner_account != GRAPHENE_WITNESS_ACCOUNT
-             && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
              "Custom permissions and account auths cannot be created for special accounts");
 }
 
-} } // graphene::chain
+} // namespace chain
+} // namespace graphene