use of com.icodici.universa.contract.roles.Role in project universa by UniversaBlockchain.
the class PermissionsTest method changeOwnerWithReference.
@Test
public void changeOwnerWithReference() throws Exception {
Set<PrivateKey> stepaPrivateKeys = new HashSet<>();
stepaPrivateKeys.add(new PrivateKey(Do.read(rootPath + "keys/stepan_mamontov.private.unikey")));
Set<PublicKey> stepaPublicKeys = new HashSet<>();
for (PrivateKey pk : stepaPrivateKeys) {
stepaPublicKeys.add(pk.getPublicKey());
}
Set<String> references = new HashSet<>();
references.add("certification_contract");
Contract c = Contract.fromDslFile(rootPath + "NotaryWithReferenceDSLTemplate.yml");
c.addSignerKeyFromFile(PRIVATE_KEY_PATH);
Role r = c.getPermissions().getFirst("change_owner").getRole();
assertThat(r, is(instanceOf(ListRole.class)));
assertFalse(r.isAllowedFor(stepaPublicKeys, null));
assertTrue(r.isAllowedFor(stepaPublicKeys, references));
System.out.println("Owner now :" + c.getOwner());
System.out.println("change owner permission :" + c.getPermissions().get("change_owner"));
c.seal();
c.check();
c.traceErrors();
assertTrue(c.isOk());
assertEquals(c, (c.getPermissions().getFirst("change_owner").getRole()).getContract());
// Bad contract change: owner has no right to change owner ;)
Contract c1 = c.createRevision(TestKeys.privateKey(0));
c1.setOwnerKey(ownerKey2);
assertNotEquals(c.getOwner(), c1.getOwner());
c1.seal();
c1.check();
c1.traceErrors();
assertEquals(1, c1.getErrors().size());
ErrorRecord error = c1.getErrors().get(0);
assertEquals(Errors.FORBIDDEN, error.getError());
// bad contract change: good key but bad reference
Contract c2 = c.createRevision(stepaPrivateKeys);
c2.setOwnerKey(ownerKey3);
assertEquals(c2, c2.getPermissions().getFirst("change_owner").getRole().getContract());
assertNotEquals(c.getOwner(), c2.getOwner());
c2.seal();
c2.check();
c2.traceErrors();
assertEquals(1, c2.getErrors().size());
error = c2.getErrors().get(0);
assertEquals(Errors.FORBIDDEN, error.getError());
// good contract change: creator is an owner
Contract c3 = c.createRevision(stepaPrivateKeys);
c3.setOwnerKey(ownerKey3);
Reference ref = new Reference();
ref.name = "certification_contract";
ref.type = Reference.TYPE_EXISTING;
ref.addMatchingItem(new Contract());
c3.getReferences().put(ref.name, ref);
assertEquals(c3, c3.getPermissions().getFirst("change_owner").getRole().getContract());
assertNotEquals(c.getOwner(), c3.getOwner());
sealCheckTrace(c3, true);
}
use of com.icodici.universa.contract.roles.Role in project universa by UniversaBlockchain.
the class PermissionsTest method splitJoinWithReference.
@Test
public void splitJoinWithReference() throws Exception {
Set<PrivateKey> stepaPrivateKeys = new HashSet<>();
stepaPrivateKeys.add(new PrivateKey(Do.read(rootPath + "keys/stepan_mamontov.private.unikey")));
Set<PublicKey> stepaPublicKeys = new HashSet<>();
for (PrivateKey pk : stepaPrivateKeys) {
stepaPublicKeys.add(pk.getPublicKey());
}
Set<String> references = new HashSet<>();
references.add("certification_contract");
Contract c = Contract.fromDslFile(rootPath + "TokenWithReferenceDSLTemplate.yml");
c.addSignerKeyFromFile(PRIVATE_KEY_PATH);
Role r = c.getPermissions().getFirst("split_join").getRole();
assertThat(r, is(instanceOf(ListRole.class)));
assertFalse(r.isAllowedFor(stepaPublicKeys, null));
assertTrue(r.isAllowedFor(stepaPublicKeys, references));
System.out.println("split join permission :" + c.getPermissions().get("split_join"));
c.seal();
c.check();
c.traceErrors();
assertTrue(c.isOk());
assertEquals(c, (c.getPermissions().getFirst("split_join").getRole()).getContract());
// Bad contract change: owner has no right to change owner ;)
Set<PrivateKey> badPrivateKeys = new HashSet<>();
badPrivateKeys.add(TestKeys.privateKey(0));
Contract c1 = ContractsService.createSplit(c, 1, "amount", badPrivateKeys);
c1.seal();
c1.check();
c1.traceErrors();
// assertEquals(1, c1.getErrors().size());
// ErrorRecord error = c1.getErrors().get(0);
// assertEquals(Errors.FORBIDDEN, error.getError());
assertFalse(c1.isOk());
// bad contract change: good key but no reference
Contract c2 = ContractsService.createSplit(c, 1, "amount", stepaPrivateKeys);
c2.createRole("creator", c2.getRole("owner"));
c2.getNew().get(0).createRole("creator", c2.getNew().get(0).getRole("owner"));
assertEquals(c2, c2.getPermissions().getFirst("split_join").getRole().getContract());
System.out.println("-------------");
c1.seal();
c1.check();
c1.traceErrors();
// assertEquals(1, c1.getErrors().size());
// ErrorRecord error = c1.getErrors().get(0);
// assertEquals(Errors.FORBIDDEN, error.getError());
assertFalse(c1.isOk());
// good contract change: creator is an owner
Contract c3 = ContractsService.createSplit(c, 1, "amount", stepaPrivateKeys);
c3.createRole("creator", c3.getRole("owner"));
c3.getNew().get(0).createRole("creator", c3.getNew().get(0).getRole("owner"));
Reference ref = new Reference();
ref.name = "certification_contract";
ref.type = Reference.TYPE_EXISTING;
ref.addMatchingItem(new Contract());
c3.getReferences().put(ref.name, ref);
c3.getNew().get(0).getReferences().put(ref.name, ref);
assertEquals(c3, c3.getPermissions().getFirst("split_join").getRole().getContract());
System.out.println("-------------");
sealCheckTrace(c3, true);
}
use of com.icodici.universa.contract.roles.Role in project universa by UniversaBlockchain.
the class Contract method basicCheck.
private void basicCheck() throws Quantiser.QuantiserException {
if (definition.createdAt == null) {
addError(BAD_VALUE, "definition.created_at", "invalid");
}
if (state.origin == null) {
if (definition.createdAt.isAfter(ZonedDateTime.now()) || definition.createdAt.isBefore(getEarliestCreationTime())) {
addError(BAD_VALUE, "definition.created_at", "invalid");
}
}
boolean stateExpiredAt = state.expiresAt == null || state.expiresAt.isBefore(ZonedDateTime.now());
boolean definitionExpiredAt = definition.expiresAt == null || definition.expiresAt.isBefore(ZonedDateTime.now());
if (stateExpiredAt) {
if (definitionExpiredAt) {
addError(EXPIRED, "state.expires_at");
}
}
if (state.createdAt == null || state.createdAt.isAfter(ZonedDateTime.now()) || state.createdAt.isBefore(getEarliestCreationTime())) {
addError(BAD_VALUE, "state.created_at");
}
if (apiLevel < 1)
addError(BAD_VALUE, "api_level");
Role owner = getRole("owner");
if (owner == null || !owner.isValid())
addError(MISSING_OWNER, "state.owner");
Role issuer = getRole("issuer");
if (issuer == null || !issuer.isValid())
addError(MISSING_ISSUER, "state.issuer");
if (state.revision < 1)
addError(BAD_VALUE, "state.revision");
Role createdBy = getRole("creator");
if (createdBy == null || !createdBy.isValid())
addError(BAD_VALUE, "state.created_by");
if (!isSignedBy(createdBy))
addError(NOT_SIGNED, "", "missing creator signature(s)");
}
use of com.icodici.universa.contract.roles.Role in project universa by UniversaBlockchain.
the class Contract method checkOneReference.
private boolean checkOneReference(final Reference rm, final Contract refContract) throws Quantiser.QuantiserException {
boolean res = true;
if (rm.type == Reference.TYPE_EXISTING) {
// res = false;
// addError(Errors.UNKNOWN_COMMAND, "Reference.TYPE_EXISTING not implemented");
} else if (rm.type == Reference.TYPE_TRANSACTIONAL) {
if ((rm.transactional_id == null) || (refContract.transactional == null) || (refContract.transactional.getId() == null) || "".equals(rm.transactional_id) || "".equals(refContract.transactional.id)) {
res = false;
addError(Errors.BAD_REF, "transactional is missing");
} else {
if (rm.transactional_id != null && refContract.transactional == null) {
res = false;
addError(Errors.BAD_REF, "transactional not found");
} else if (!rm.transactional_id.equals(refContract.transactional.id)) {
res = false;
addError(Errors.BAD_REF, "transactional_id mismatch");
}
}
}
if (rm.contract_id != null) {
if (!rm.contract_id.equals(refContract.id)) {
res = false;
addError(Errors.BAD_REF, "contract_id mismatch");
}
}
if (rm.origin != null) {
if (!rm.origin.equals(refContract.getOrigin())) {
res = false;
addError(Errors.BAD_REF, "origin mismatch");
}
}
for (Role refRole : rm.signed_by) {
if (!refContract.isSignedBy(refRole)) {
res = false;
addError(Errors.BAD_SIGNATURE, "fingerprint mismatch");
}
}
return res;
}
use of com.icodici.universa.contract.roles.Role in project universa by UniversaBlockchain.
the class Reference method isMatchingWith.
/**
* Check if given item matching with current reference criteria
* @param a item to check for matching
* @param contracts contract list to check for matching
* @param iteration check inside references iteration number
* @return true if match or false
*/
public boolean isMatchingWith(Approvable a, Collection<Contract> contracts, int iteration) {
if (iteration > 16)
throw new IllegalArgumentException("Recursive checking references have more 16 iterations");
boolean result = true;
if (a instanceof Contract) {
// check roles
Contract contract = (Contract) a;
if (result) {
Map<String, Role> contractRoles = contract.getRoles();
result = roles.isEmpty() || roles.stream().anyMatch(role -> contractRoles.containsKey(role));
}
// check origin
if (result) {
result = (origin == null || !(contract.getOrigin().equals(origin)));
}
// check fields
if (result) {
Binder stateData = contract.getStateData();
result = fields.isEmpty() || fields.stream().anyMatch(field -> stateData.get(field) != null);
}
// check conditions
if (result) {
result = checkConditions(conditions, contract, contracts, iteration);
}
}
return result;
}
Aggregations