Search in sources :

Example 1 with Permission

use of com.icodici.universa.contract.permissions.Permission in project universa by UniversaBlockchain.

the class CLIMain method checkContract.

/**
 * Check contract for errors. Print errors if found.
 *
 * @param contract - contract to check.
 */
private static void checkContract(Contract contract) {
    // First, check the sealed state
    if (!contract.isOk()) {
        reporter.message("The capsule is not sealed properly:");
        contract.getErrors().forEach(e -> reporter.error(e.getError().toString(), e.getObjectName(), e.getMessage()));
    }
    Yaml yaml = new Yaml();
    if (reporter.isVerboseMode()) {
        report("api level:   " + contract.getApiLevel());
        report("contract id: " + contract.getId().toBase64String());
        report("issued:      " + contract.getIssuedAt());
        report("revision:    " + contract.getRevision());
        report("created:     " + contract.getCreatedAt());
        report("expires:     " + contract.getExpiresAt());
        System.out.println();
        Set<PublicKey> keys = contract.getSealedByKeys();
        contract.getRevoking().forEach(r -> {
            try {
                ClientNetwork n = getClientNetwork();
                System.out.println();
                report("revoking item exists: " + r.getId().toBase64String());
                report("\tstate: " + n.check(r.getId()));
                HashId origin = r.getOrigin();
                boolean m = origin.equals(contract.getOrigin());
                report("\tOrigin: " + origin);
                report("\t" + (m ? "matches main contract origin" : "does not match main contract origin"));
                if (r.canBeRevoked(keys)) {
                    report("\trevocation is allowed");
                } else
                    reporter.error(Errors.BAD_REVOKE.name(), r.getId().toString(), "revocation not allowed");
            } catch (Exception clientError) {
                clientError.printStackTrace();
            }
        });
        contract.getNewItems().forEach(n -> {
            System.out.println();
            report("New item exists:      " + n.getId().toBase64String());
            Contract nc = (Contract) n;
            boolean m = nc.getOrigin().equals(contract.getOrigin());
            report("\tOrigin: " + ((Contract) n).getOrigin());
            report("\t" + (m ? "matches main contract origin" : "does not match main contract origin"));
        });
        if (keys.size() > 0) {
            report("\nSignature contains " + keys.size() + " valid key(s):\n");
            keys.forEach(k -> {
                KeyInfo i = k.info();
                report("\t✔︎ " + i.getAlgorythm() + ":" + i.getKeyLength() * 8 + ":" + i.getBase64Tag());
            });
            report("\nWhich can play roles:\n");
            contract.getRoles().forEach((name, role) -> {
                String canPlay = role.isAllowedForKeys(keys) ? "✔" : "✘";
                report("\t" + canPlay + " " + role.getName());
            });
            report("\nAnd have permissions:\n");
            contract.getPermissions().values().forEach(perm -> {
                String canPlay = perm.isAllowedForKeys(keys) ? "✔" : "✘";
                report("\t" + canPlay + " " + perm.getName());
                Binder x = DefaultBiMapper.serialize(perm.getParams());
                BufferedReader br = new BufferedReader(new StringReader(yaml.dumpAsMap(x)));
                try {
                    for (String line; (line = br.readLine()) != null; ) {
                        report("\t    " + line);
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                }
            });
            reporter.newLine();
        }
    }
    Multimap<String, Permission> permissions = contract.getPermissions();
    Collection<Permission> sjs = permissions.get("split_join");
    if (sjs != null) {
        sjs.forEach(sj -> checkSj(contract, sj));
    }
    try {
        contract.check();
    } catch (Quantiser.QuantiserException e) {
        addError("QUANTIZER_COST_LIMIT", contract.toString(), e.getMessage());
    } catch (Exception e) {
        addError(Errors.FAILURE.name(), contract.toString(), e.getMessage());
    }
    addErrors(contract.getErrors());
    if (contract.getErrors().size() == 0) {
        report("Contract is valid");
    }
}
Also used : PublicKey(com.icodici.crypto.PublicKey) Quantiser(com.icodici.universa.node2.Quantiser) Yaml(org.yaml.snakeyaml.Yaml) BackingStoreException(java.util.prefs.BackingStoreException) OptionException(joptsimple.OptionException) Binder(net.sergeych.tools.Binder) KeyInfo(com.icodici.crypto.KeyInfo) PosixFilePermission(java.nio.file.attribute.PosixFilePermission) Permission(com.icodici.universa.contract.permissions.Permission) Contract(com.icodici.universa.contract.Contract)

Example 2 with Permission

use of com.icodici.universa.contract.permissions.Permission in project universa by UniversaBlockchain.

the class Wallet method determineWallets.

public static List<Wallet> determineWallets(List<Contract> contracts) {
    Map<Object, Wallet> wallets = new HashMap<>();
    for (Contract contract : contracts) {
        if (contract.getPermissions() == null)
            continue;
        Collection<Permission> splitJoinCollection = contract.getPermissions().get("split_join");
        if (splitJoinCollection == null || splitJoinCollection.size() == 0)
            continue;
        Object split_join = splitJoinCollection.toArray()[0];
        if (!(split_join instanceof SplitJoinPermission))
            continue;
        Object join_match_fields = ((SplitJoinPermission) split_join).getParams().get("join_match_fields");
        Object field;
        if (join_match_fields instanceof List)
            field = ((List) join_match_fields).get(0);
        else
            field = join_match_fields;
        Wallet wallet = wallets.get(field);
        if (wallet == null) {
            wallet = new Wallet();
        }
        wallet.addContract(contract);
        wallets.put(field, wallet);
    }
    return new ArrayList<>(wallets.values());
}
Also used : SplitJoinPermission(com.icodici.universa.contract.permissions.SplitJoinPermission) Permission(com.icodici.universa.contract.permissions.Permission) SplitJoinPermission(com.icodici.universa.contract.permissions.SplitJoinPermission) Contract(com.icodici.universa.contract.Contract)

Example 3 with Permission

use of com.icodici.universa.contract.permissions.Permission in project universa by UniversaBlockchain.

the class Node method checkIfContractContainsNetConfig.

private boolean checkIfContractContainsNetConfig(Contract contract) {
    if (!contract.getStateData().containsKey("net_config")) {
        return false;
    }
    // check if owner is list role
    if (!(contract.getOwner() instanceof ListRole)) {
        return false;
    }
    // TODO: network council criteria here
    // check if quorum matches network concil criteria
    ListRole owner = (ListRole) contract.getOwner();
    if (owner.getQuorum() == 0 || owner.getQuorum() < owner.getRoles().size() - 1) {
        return false;
    }
    // check if owner keys set equals to nodes key set
    Object obj = DefaultBiMapper.getInstance().deserializeObject(contract.getStateData().get("net_config"));
    if (!(obj instanceof List)) {
        return false;
    }
    List contractNodes = (List) obj;
    Set<PublicKey> ownerKeys = contract.getOwner().getKeys();
    if (contractNodes.size() != ownerKeys.size() || !contractNodes.stream().allMatch(nodeInfo -> nodeInfo instanceof NodeInfo && ownerKeys.contains(((NodeInfo) nodeInfo).getPublicKey()))) {
        return false;
    }
    for (Permission permission : contract.getPermissions().values()) {
        if (permission instanceof ChangeOwnerPermission) {
            if (!(permission.getRole() instanceof RoleLink) || ((RoleLink) permission.getRole()).getRole() != contract.getOwner())
                return false;
        }
        if (permission instanceof ModifyDataPermission) {
            if (((ModifyDataPermission) permission).getFields().containsKey("net_config")) {
                if (!(permission.getRole() instanceof RoleLink) || ((RoleLink) permission.getRole()).getRole() != contract.getOwner())
                    return false;
            }
        }
    }
    return true;
}
Also used : RoleLink(com.icodici.universa.contract.roles.RoleLink) ModifyDataPermission(com.icodici.universa.contract.permissions.ModifyDataPermission) PublicKey(com.icodici.crypto.PublicKey) ModifyDataPermission(com.icodici.universa.contract.permissions.ModifyDataPermission) ChangeOwnerPermission(com.icodici.universa.contract.permissions.ChangeOwnerPermission) Permission(com.icodici.universa.contract.permissions.Permission) ChangeOwnerPermission(com.icodici.universa.contract.permissions.ChangeOwnerPermission) ListRole(com.icodici.universa.contract.roles.ListRole)

Example 4 with Permission

use of com.icodici.universa.contract.permissions.Permission in project universa by UniversaBlockchain.

the class ContractDelta method excludePermittedChanges.

private void excludePermittedChanges() throws Quantiser.QuantiserException {
    Set<PublicKey> checkingKeys = changed.getSealedByKeys();
    Set<String> checkingReferences = changed.getReferences().keySet();
    for (String key : existing.getPermissions().keySet()) {
        Collection<Permission> permissions = existing.getPermissions().get(key);
        boolean permissionQuantized = false;
        for (Permission permission : permissions) {
            if (permission.isAllowedFor(checkingKeys, checkingReferences)) {
                if (!permissionQuantized) {
                    changed.checkApplicablePermissionQuantized(permission);
                    permissionQuantized = true;
                }
                permission.checkChanges(existing, changed, stateChanges);
            }
        }
    }
}
Also used : PublicKey(com.icodici.crypto.PublicKey) Permission(com.icodici.universa.contract.permissions.Permission)

Aggregations

Permission (com.icodici.universa.contract.permissions.Permission)4 PublicKey (com.icodici.crypto.PublicKey)3 Contract (com.icodici.universa.contract.Contract)2 KeyInfo (com.icodici.crypto.KeyInfo)1 ChangeOwnerPermission (com.icodici.universa.contract.permissions.ChangeOwnerPermission)1 ModifyDataPermission (com.icodici.universa.contract.permissions.ModifyDataPermission)1 SplitJoinPermission (com.icodici.universa.contract.permissions.SplitJoinPermission)1 ListRole (com.icodici.universa.contract.roles.ListRole)1 RoleLink (com.icodici.universa.contract.roles.RoleLink)1 Quantiser (com.icodici.universa.node2.Quantiser)1 PosixFilePermission (java.nio.file.attribute.PosixFilePermission)1 BackingStoreException (java.util.prefs.BackingStoreException)1 OptionException (joptsimple.OptionException)1 Binder (net.sergeych.tools.Binder)1 Yaml (org.yaml.snakeyaml.Yaml)1