Search in sources :

Example 1 with GenesisUser

use of com.jd.blockchain.ledger.GenesisUser in project jdchain-core by blockchain-jd-com.

the class LedgerInitConfiguration method createSecurityInitSettings.

private static SecurityInitData createSecurityInitSettings(LedgerInitProperties ledgerInitProps) {
    // 设置角色;
    SecurityInitData securityInitData = new SecurityInitData();
    securityInitData.setRoles(ledgerInitProps.getRoles());
    // 如果没有默认角色,则创建“默认”角色;
    if (securityInitData.getRolesCount() == 0) {
        securityInitData.addRole(LedgerSecurityManager.DEFAULT_ROLE, LedgerPermission.values(), TransactionPermission.values());
    } else if (!securityInitData.containsRole(LedgerSecurityManager.DEFAULT_ROLE)) {
        // 如果定义了角色,则必须显式地定义“默认”角色;
        throw new LedgerInitException("Miss definition of role[DEFAULT]!");
    }
    // 设置授权;
    for (GenesisUser u : ledgerInitProps.getGenesisUsers()) {
        String[] roles = u.getRoles();
        for (String role : roles) {
            if (!securityInitData.containsRole(role)) {
                throw new LedgerInitException(String.format("The role[%s] authenticated to user[%s] is not defined!", role, AddressEncoding.generateAddress(u.getPubKey())));
            }
        }
        // 去掉对默认角色的授权;
        securityInitData.addUserAuthencation(AddressEncoding.generateAddress(u.getPubKey()), roles, u.getRolesPolicy());
    }
    return securityInitData;
}
Also used : SecurityInitData(com.jd.blockchain.ledger.SecurityInitData) LedgerInitException(com.jd.blockchain.ledger.LedgerInitException) GenesisUser(com.jd.blockchain.ledger.GenesisUser)

Example 2 with GenesisUser

use of com.jd.blockchain.ledger.GenesisUser in project jdchain-core by blockchain-jd-com.

the class LedgerInitializer method buildGenesisTransaction.

/**
 * 根据初始化配置,生成创始交易;
 * <p>
 *
 * “创世交易”按顺序由以下操作组成:<br>
 * (1) 账本初始化 {@link LedgerInitOperation}:此操作仅用于锚定了原始的交易配置,对应的
 * {@link OperationHandle} 执行空操作,由“创世交易”其余的操作来表达对账本的实际修改;<br>
 * (2) 注册用户 {@link UserRegisterOperation}:有一项或者多项;<br>
 * (3) 配置角色 {@link RolesConfigureOperation}:有一项或者多项;<br>
 * (4) 授权用户 {@link UserAuthorizeOperation}:有一项或者多项;<br>
 *
 * @param initSetting
 * @param securityInitSettings
 * @return
 */
public static TransactionContent buildGenesisTransaction(LedgerInitSetting initSetting, SecurityInitSettings securityInitSettings) {
    // 账本初始化交易的账本 hash 为 null;
    TransactionBuilder initTxBuilder = new TxBuilder(null, initSetting.getCryptoSetting().getHashAlgorithm());
    // 定义账本初始化操作;
    initTxBuilder.ledgers().create(initSetting);
    // 注册用户
    for (GenesisUser u : initSetting.getGenesisUsers()) {
        if (initSetting.getIdentityMode() == IdentityMode.CA) {
            X509Certificate cert = CertificateUtils.parseCertificate(u.getCertificate());
            initTxBuilder.users().register(cert);
        } else {
            initTxBuilder.users().register(new BlockchainIdentityData(u.getPubKey()));
        }
    }
    // 配置角色;
    for (RoleInitSettings roleSettings : securityInitSettings.getRoles()) {
        initTxBuilder.security().roles().configure(roleSettings.getRoleName()).enable(roleSettings.getLedgerPermissions()).enable(roleSettings.getTransactionPermissions());
    }
    // 授权用户;
    for (UserAuthInitSettings userAuthSettings : securityInitSettings.getUserAuthorizations()) {
        initTxBuilder.security().authorziations().forUser(userAuthSettings.getUserAddress()).authorize(userAuthSettings.getRoles()).setPolicy(userAuthSettings.getPolicy());
    }
    // 账本初始化配置声明的创建时间来初始化交易时间戳;注:不能用本地时间,因为共识节点之间的本地时间系统不一致;
    return initTxBuilder.prepareContent(initSetting.getCreatedTime());
}
Also used : RoleInitSettings(com.jd.blockchain.ledger.RoleInitSettings) TransactionBuilder(com.jd.blockchain.ledger.TransactionBuilder) UserAuthInitSettings(com.jd.blockchain.ledger.UserAuthInitSettings) TxBuilder(com.jd.blockchain.transaction.TxBuilder) BlockchainIdentityData(com.jd.blockchain.ledger.BlockchainIdentityData) X509Certificate(java.security.cert.X509Certificate) GenesisUser(com.jd.blockchain.ledger.GenesisUser)

Aggregations

GenesisUser (com.jd.blockchain.ledger.GenesisUser)2 BlockchainIdentityData (com.jd.blockchain.ledger.BlockchainIdentityData)1 LedgerInitException (com.jd.blockchain.ledger.LedgerInitException)1 RoleInitSettings (com.jd.blockchain.ledger.RoleInitSettings)1 SecurityInitData (com.jd.blockchain.ledger.SecurityInitData)1 TransactionBuilder (com.jd.blockchain.ledger.TransactionBuilder)1 UserAuthInitSettings (com.jd.blockchain.ledger.UserAuthInitSettings)1 TxBuilder (com.jd.blockchain.transaction.TxBuilder)1 X509Certificate (java.security.cert.X509Certificate)1