Peerplays_Blockchain/peerplays_migrated
1
0
Fork 0
Code Issues 35 Pull requests 4 Projects Releases 20 Packages Wiki Activity Actions
peerplays_migrated/libraries/chain/protocol/custom_permission.cpp
obucina 196c2539d9
Marketplace + NFT + RBAC (#368) 
* rbac1 - evaluators and op validators added
* rbac2 - op_type hf checks
* rbac3 - tx auth verify changes
* Update .gitlab-ci.yml
* rbac4 - basic op tests
* rbac5 - clear expired and deleted permission linked auths
* rbac6 - more tests
* rbac7 - more tests
* rbac8 - more tests
* rbac9 - wallet and db api changes
* rbac10 - db api changes for required signature fetch
* rbac11 - add db_api tests
* rbac12 - add missing code for key auths

Co-authored-by: satyakoneru <15652887+satyakoneru@users.noreply.github.com>
Co-authored-by: Roshan Syed <roshan.syed.rs@gmail.com>
Co-authored-by: sierra19XX <15652887+sierra19XX@users.noreply.github.com>
2020-07-21 11:32:53 +02:00

80 lines
3.1 KiB
C++
Raw Blame History

#include <graphene/chain/protocol/custom_permission.hpp>
#include <graphene/chain/protocol/operations.hpp>
namespace graphene
{
namespace chain
{
bool is_valid_permission_name(const string &name)
{
try
{
const size_t len = name.size();
// RBAC_MIN_PERMISSION_NAME_LENGTH <= len minimum length check
if (len < RBAC_MIN_PERMISSION_NAME_LENGTH)
{
return false;
}
// len <= RBAC_MAX_PERMISSION_NAME_LENGTH max length check
if (len > RBAC_MAX_PERMISSION_NAME_LENGTH)
{
return false;
}
// First character should be a letter between a-z
if (!(name[0] >= 'a' && name[0] <= 'z'))
{
return false;
}
// Any character of a permission name should either be a small case letter a-z or a digit 0-9
for (const auto &ch : name)
{
if (!((ch >= 'a' && ch <= 'z') || (ch >= '0' && ch <= '9')))
{
return false;
}
}
// Don't accept active and owner permissions as we already have them by default
// This is for removing ambiguity for users, accepting them doesn't create any problems
if (name == "active" || name == "owner")
{
return false;
}
return true;
}
FC_CAPTURE_AND_RETHROW((name))
}
void custom_permission_create_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(is_valid_permission_name(permission_name), "Invalid permission name provided");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
FC_ASSERT(!auth.is_impossible(), "Impossible authority threshold auth provided");
FC_ASSERT(auth.address_auths.size() == 0, "Only account and key auths supported");
}
void custom_permission_update_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
FC_ASSERT(new_auth.valid(), "Something must be updated");
if (new_auth)
{
FC_ASSERT(!new_auth->is_impossible(), "Impossible authority threshold auth provided");
FC_ASSERT(new_auth->address_auths.size() == 0, "Only account and key auths supported");
}
}
void custom_permission_delete_operation::validate() const
{
FC_ASSERT(fee.amount >= 0, "Fee must not be negative");
FC_ASSERT(owner_account != GRAPHENE_TEMP_ACCOUNT && owner_account != GRAPHENE_COMMITTEE_ACCOUNT && owner_account != GRAPHENE_WITNESS_ACCOUNT && owner_account != GRAPHENE_RELAXED_COMMITTEE_ACCOUNT,
"Custom permissions and account auths cannot be created for special accounts");
}
} // namespace chain
} // namespace graphene
Reference in a new issue View git blame Copy permalink