Search in sources :

Example 1 with AccountDataPermission

use of com.jd.blockchain.ledger.AccountDataPermission in project jdchain-core by blockchain-jd-com.

the class PermissionAccountDecorator method setRole.

@Override
public void setRole(String role) {
    DataPermission permission = getPermission();
    if (null == permission) {
        permission = new AccountDataPermission(new AccountModeBits(accountType), null, role);
    } else {
        permission = new AccountDataPermission(new AccountModeBits(accountType), permission.getOwners(), role);
    }
    setPermission(permission);
}
Also used : AccountModeBits(com.jd.blockchain.ledger.AccountModeBits) DataPermission(com.jd.blockchain.ledger.DataPermission) AccountDataPermission(com.jd.blockchain.ledger.AccountDataPermission) AccountDataPermission(com.jd.blockchain.ledger.AccountDataPermission)

Example 2 with AccountDataPermission

use of com.jd.blockchain.ledger.AccountDataPermission in project jdchain-core by blockchain-jd-com.

the class AccountPermissionOperationHandle method doProcess.

@Override
protected void doProcess(AccountPermissionSetOperation op, LedgerTransactionContext transactionContext, TransactionRequestExtension requestContext, LedgerQuery ledger, OperationHandleContext handleContext, EventManager manager) {
    PermissionAccount account = null;
    // 查找账户
    switch(op.getAccountType()) {
        case DATA:
            account = transactionContext.getDataset().getDataAccountSet().getAccount(op.getAddress());
            if (null == account) {
                throw new DataAccountDoesNotExistException(String.format("Data account doesn't exist! --[Address=%s]", op.getAddress()));
            }
            break;
        case EVENT:
            account = transactionContext.getEventSet().getEventAccountSet().getAccount(op.getAddress());
            if (null == account) {
                throw new EventAccountDoesNotExistException(String.format("Event account doesn't exist! --[Address=%s]", op.getAddress()));
            }
            break;
        case CONTRACT:
            account = transactionContext.getDataset().getContractAccountSet().getAccount(op.getAddress());
            if (null == account) {
                throw new ContractDoesNotExistException(String.format("Contract doesn't exist! --[Address=%s]", op.getAddress()));
            }
            break;
    }
    if (!StringUtils.isEmpty(op.getRole()) && !transactionContext.getDataset().getAdminDataset().getAdminSettings().getRolePrivileges().contains(op.getRole())) {
        throw new RoleDoesNotExistException(String.format("Role doesn't exist! --[Role=%s]", op.getRole()));
    }
    // 写权限校验
    SecurityPolicy securityPolicy = SecurityContext.getContextUsersPolicy();
    securityPolicy.checkDataOwners(account.getPermission(), MultiIDsPolicy.AT_LEAST_ONE);
    // 更新权限信息
    DataPermission originPermission = account.getPermission();
    AccountModeBits modeBits = op.getMode() > -1 ? new AccountModeBits(op.getAccountType(), op.getMode()) : originPermission.getModeBits();
    String rols = !StringUtils.isEmpty(op.getRole()) ? op.getRole().toUpperCase() : originPermission.getRole();
    account.setPermission(new AccountDataPermission(modeBits, originPermission.getOwners(), rols));
}
Also used : DataAccountDoesNotExistException(com.jd.blockchain.ledger.DataAccountDoesNotExistException) AccountModeBits(com.jd.blockchain.ledger.AccountModeBits) DataPermission(com.jd.blockchain.ledger.DataPermission) AccountDataPermission(com.jd.blockchain.ledger.AccountDataPermission) SecurityPolicy(com.jd.blockchain.ledger.SecurityPolicy) PermissionAccount(com.jd.blockchain.ledger.PermissionAccount) EventAccountDoesNotExistException(com.jd.blockchain.ledger.EventAccountDoesNotExistException) RoleDoesNotExistException(com.jd.blockchain.ledger.RoleDoesNotExistException) ContractDoesNotExistException(com.jd.blockchain.ledger.ContractDoesNotExistException) AccountDataPermission(com.jd.blockchain.ledger.AccountDataPermission)

Example 3 with AccountDataPermission

use of com.jd.blockchain.ledger.AccountDataPermission in project jdchain-core by blockchain-jd-com.

the class DataAccountRegisterOperationHandle method doProcess.

@Override
protected void doProcess(DataAccountRegisterOperation op, LedgerTransactionContext transactionContext, TransactionRequestExtension requestContext, LedgerQuery ledger, OperationHandleContext handleContext, EventManager manager) {
    // TODO: 请求者应该提供数据账户的公钥签名,以更好地确保注册人对该地址和公钥具有合法使用权;
    // 权限校验;
    SecurityPolicy securityPolicy = SecurityContext.getContextUsersPolicy();
    securityPolicy.checkEndpointPermission(LedgerPermission.REGISTER_DATA_ACCOUNT, MultiIDsPolicy.AT_LEAST_ONE);
    // 操作账本;
    BlockchainIdentity bid = op.getAccountID();
    DataAccount account = ((DataAccountSetEditor) (transactionContext.getDataset().getDataAccountSet())).register(bid.getAddress(), bid.getPubKey(), null);
    account.setPermission(new AccountDataPermission(AccountType.DATA, requestContext.getEndpointAddresses().toArray(new Bytes[0])));
}
Also used : DataAccount(com.jd.blockchain.ledger.core.DataAccount) SecurityPolicy(com.jd.blockchain.ledger.SecurityPolicy) BlockchainIdentity(com.jd.blockchain.ledger.BlockchainIdentity) AccountDataPermission(com.jd.blockchain.ledger.AccountDataPermission) DataAccountSetEditor(com.jd.blockchain.ledger.core.DataAccountSetEditor)

Example 4 with AccountDataPermission

use of com.jd.blockchain.ledger.AccountDataPermission in project jdchain-core by blockchain-jd-com.

the class PermissionAccountDecorator method setModeBits.

@Override
public void setModeBits(AccountModeBits modeBits) {
    DataPermission permission = getPermission();
    if (null == permission) {
        permission = new AccountDataPermission(modeBits, null, null);
    } else {
        permission = new AccountDataPermission(modeBits, permission.getOwners(), permission.getRole());
    }
    setPermission(permission);
}
Also used : DataPermission(com.jd.blockchain.ledger.DataPermission) AccountDataPermission(com.jd.blockchain.ledger.AccountDataPermission) AccountDataPermission(com.jd.blockchain.ledger.AccountDataPermission)

Aggregations

AccountDataPermission (com.jd.blockchain.ledger.AccountDataPermission)4 DataPermission (com.jd.blockchain.ledger.DataPermission)3 AccountModeBits (com.jd.blockchain.ledger.AccountModeBits)2 SecurityPolicy (com.jd.blockchain.ledger.SecurityPolicy)2 BlockchainIdentity (com.jd.blockchain.ledger.BlockchainIdentity)1 ContractDoesNotExistException (com.jd.blockchain.ledger.ContractDoesNotExistException)1 DataAccountDoesNotExistException (com.jd.blockchain.ledger.DataAccountDoesNotExistException)1 EventAccountDoesNotExistException (com.jd.blockchain.ledger.EventAccountDoesNotExistException)1 PermissionAccount (com.jd.blockchain.ledger.PermissionAccount)1 RoleDoesNotExistException (com.jd.blockchain.ledger.RoleDoesNotExistException)1 DataAccount (com.jd.blockchain.ledger.core.DataAccount)1 DataAccountSetEditor (com.jd.blockchain.ledger.core.DataAccountSetEditor)1