use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.
the class ContractLedgerQueryService method getUserPrivileges.
@Override
public UserPrivilegeSet getUserPrivileges(String userAddress) {
LedgerDataSet ledgerDataQuery = ledgerQuery.getLedgerDataSet();
LedgerAdminDataSet previousAdminDataset = ledgerDataQuery.getAdminDataset();
LedgerSecurityManager securityManager = new LedgerSecurityManagerImpl(previousAdminDataset.getAdminSettings().getRolePrivileges(), previousAdminDataset.getAdminSettings().getAuthorizations(), previousAdminDataset.getParticipantDataset(), ledgerDataQuery.getUserAccountSet());
UserPrivilegeSet userPrivilegeSet = securityManager.getUserRolesPrivilegs(Bytes.fromBase58(userAddress));
return userPrivilegeSet;
}
use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.
the class UncommittedLedgerQueryService method getUserPrivileges.
@Override
public UserPrivilegeSet getUserPrivileges(String userAddress) {
LedgerDataSet ledgerDataQuery = transactionContext.getDataset();
LedgerAdminDataSet previousAdminDataset = ledgerDataQuery.getAdminDataset();
LedgerSecurityManager securityManager = new LedgerSecurityManagerImpl(previousAdminDataset.getAdminSettings().getRolePrivileges(), previousAdminDataset.getAdminSettings().getAuthorizations(), previousAdminDataset.getParticipantDataset(), ledgerDataQuery.getUserAccountSet());
UserPrivilegeSet userPrivilegeSet = securityManager.getUserRolesPrivilegs(Bytes.fromBase58(userAddress));
return userPrivilegeSet;
}
use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.
the class ParticipantStateUpdateOperationHandle method doProcess.
@Override
protected void doProcess(ParticipantStateUpdateOperation op, LedgerTransactionContext transactionContext, TransactionRequestExtension requestContext, LedgerQuery previousBlockDataset, OperationHandleContext handleContext, EventManager manager) {
// 权限校验;
SecurityPolicy securityPolicy = SecurityContext.getContextUsersPolicy();
securityPolicy.checkEndpointPermission(LedgerPermission.REGISTER_PARTICIPANT, MultiIDsPolicy.AT_LEAST_ONE);
LedgerAdminDataSet adminAccountDataSet = transactionContext.getDataset().getAdminDataset();
ParticipantNode[] participants = null;
participants = ((LedgerAdminDataSetEditor) adminAccountDataSet).getParticipants();
ParticipantNode participantNode = null;
for (int i = 0; i < participants.length; i++) {
if (op.getParticipantID().getPubKey().equals(participants[i].getPubKey())) {
participantNode = new PartNode(participants[i].getId(), participants[i].getName(), participants[i].getPubKey(), op.getState());
break;
}
}
if (null == participantNode) {
throw new ParticipantDoesNotExistException(String.format("Participant doesn't exist! --[Address=%s]", op.getParticipantID().getAddress()));
}
// 激活新参与方的共识状态
((LedgerAdminDataSetEditor) adminAccountDataSet).updateParticipant(participantNode);
}
use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.
the class RootCAUpdateOperationHandle method doProcess.
@Override
protected void doProcess(RootCAUpdateOperation op, LedgerTransactionContext transactionContext, TransactionRequestExtension requestContext, LedgerQuery ledger, OperationHandleContext handleContext, EventManager manager) {
// 权限校验;
SecurityPolicy securityPolicy = SecurityContext.getContextUsersPolicy();
securityPolicy.checkEndpointPermission(LedgerPermission.UPDATE_ROOT_CA, MultiIDsPolicy.AT_LEAST_ONE);
LedgerAdminDataSet adminDataset = transactionContext.getDataset().getAdminDataset();
if (adminDataset.getAdminSettings().getMetadata().getIdentityMode() == IdentityMode.CA) {
String[] ledgerCAs = adminDataset.getAdminSettings().getMetadata().getLedgerCertificates();
Map<PublicKey, String> ledgerCAMap = new HashMap<>();
for (int i = 0; i < ledgerCAs.length; i++) {
X509Certificate cert = CertificateUtils.parseCertificate(ledgerCAs[i]);
PublicKey publicKey = cert.getPublicKey();
ledgerCAMap.put(publicKey, ledgerCAs[i]);
}
String[] certificatesAdd = op.getCertificatesAdd();
for (String cert : certificatesAdd) {
X509Certificate certificate = CertificateUtils.parseCertificate(cert);
CertificateUtils.checkCACertificate(certificate);
CertificateUtils.checkValidity(certificate);
if (!ledgerCAMap.containsKey(certificate.getPublicKey())) {
ledgerCAMap.put(certificate.getPublicKey(), cert);
} else {
throw new LedgerException("Certificate [" + CertificateUtils.toPEMString(certificate) + "] already exists in the ledger!");
}
}
String[] certificatesUpdate = op.getCertificatesUpdate();
for (String cert : certificatesUpdate) {
X509Certificate certificate = CertificateUtils.parseCertificate(cert);
CertificateUtils.checkCACertificate(certificate);
CertificateUtils.checkValidity(certificate);
if (ledgerCAMap.containsKey(certificate.getPublicKey())) {
ledgerCAMap.put(certificate.getPublicKey(), cert);
} else {
throw new LedgerException("Certificate [" + CertificateUtils.toPEMString(certificate) + "] not exists in the ledger!");
}
}
String[] certificatesRemove = op.getCertificatesRemove();
for (String cert : certificatesRemove) {
X509Certificate certificate = CertificateUtils.parseCertificate(cert);
CertificateUtils.checkCACertificate(certificate);
if (ledgerCAMap.containsKey(certificate.getPublicKey())) {
ledgerCAMap.remove(certificate.getPublicKey(), cert);
} else {
throw new LedgerException("Certificate [" + CertificateUtils.toPEMString(certificate) + "] not exists in the ledger!");
}
}
if (ledgerCAMap.size() == 0) {
throw new LedgerException("At least one root certificate is required!");
}
((LedgerAdminDataSetEditor) adminDataset).updateLedgerCA(ledgerCAMap.values().toArray(new String[0]));
} else {
throw new LedgerException("Not in CA identity mode!");
}
}
Aggregations