use of com.jd.blockchain.ledger.GenesisUser in project jdchain-core by blockchain-jd-com.
the class LedgerInitConfiguration method createSecurityInitSettings.
private static SecurityInitData createSecurityInitSettings(LedgerInitProperties ledgerInitProps) {
// 设置角色;
SecurityInitData securityInitData = new SecurityInitData();
securityInitData.setRoles(ledgerInitProps.getRoles());
// 如果没有默认角色,则创建“默认”角色;
if (securityInitData.getRolesCount() == 0) {
securityInitData.addRole(LedgerSecurityManager.DEFAULT_ROLE, LedgerPermission.values(), TransactionPermission.values());
} else if (!securityInitData.containsRole(LedgerSecurityManager.DEFAULT_ROLE)) {
// 如果定义了角色,则必须显式地定义“默认”角色;
throw new LedgerInitException("Miss definition of role[DEFAULT]!");
}
// 设置授权;
for (GenesisUser u : ledgerInitProps.getGenesisUsers()) {
String[] roles = u.getRoles();
for (String role : roles) {
if (!securityInitData.containsRole(role)) {
throw new LedgerInitException(String.format("The role[%s] authenticated to user[%s] is not defined!", role, AddressEncoding.generateAddress(u.getPubKey())));
}
}
// 去掉对默认角色的授权;
securityInitData.addUserAuthencation(AddressEncoding.generateAddress(u.getPubKey()), roles, u.getRolesPolicy());
}
return securityInitData;
}
use of com.jd.blockchain.ledger.GenesisUser in project jdchain-core by blockchain-jd-com.
the class LedgerInitializer method buildGenesisTransaction.
/**
* 根据初始化配置,生成创始交易;
* <p>
*
* “创世交易”按顺序由以下操作组成:<br>
* (1) 账本初始化 {@link LedgerInitOperation}:此操作仅用于锚定了原始的交易配置,对应的
* {@link OperationHandle} 执行空操作,由“创世交易”其余的操作来表达对账本的实际修改;<br>
* (2) 注册用户 {@link UserRegisterOperation}:有一项或者多项;<br>
* (3) 配置角色 {@link RolesConfigureOperation}:有一项或者多项;<br>
* (4) 授权用户 {@link UserAuthorizeOperation}:有一项或者多项;<br>
*
* @param initSetting
* @param securityInitSettings
* @return
*/
public static TransactionContent buildGenesisTransaction(LedgerInitSetting initSetting, SecurityInitSettings securityInitSettings) {
// 账本初始化交易的账本 hash 为 null;
TransactionBuilder initTxBuilder = new TxBuilder(null, initSetting.getCryptoSetting().getHashAlgorithm());
// 定义账本初始化操作;
initTxBuilder.ledgers().create(initSetting);
// 注册用户
for (GenesisUser u : initSetting.getGenesisUsers()) {
if (initSetting.getIdentityMode() == IdentityMode.CA) {
X509Certificate cert = CertificateUtils.parseCertificate(u.getCertificate());
initTxBuilder.users().register(cert);
} else {
initTxBuilder.users().register(new BlockchainIdentityData(u.getPubKey()));
}
}
// 配置角色;
for (RoleInitSettings roleSettings : securityInitSettings.getRoles()) {
initTxBuilder.security().roles().configure(roleSettings.getRoleName()).enable(roleSettings.getLedgerPermissions()).enable(roleSettings.getTransactionPermissions());
}
// 授权用户;
for (UserAuthInitSettings userAuthSettings : securityInitSettings.getUserAuthorizations()) {
initTxBuilder.security().authorziations().forUser(userAuthSettings.getUserAddress()).authorize(userAuthSettings.getRoles()).setPolicy(userAuthSettings.getPolicy());
}
// 账本初始化配置声明的创建时间来初始化交易时间戳;注:不能用本地时间,因为共识节点之间的本地时间系统不一致;
return initTxBuilder.prepareContent(initSetting.getCreatedTime());
}
Aggregations