Search in sources :

Example 1 with LedgerAdminDataSet

use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.

the class ContractLedgerQueryService method getUserPrivileges.

@Override
public UserPrivilegeSet getUserPrivileges(String userAddress) {
    LedgerDataSet ledgerDataQuery = ledgerQuery.getLedgerDataSet();
    LedgerAdminDataSet previousAdminDataset = ledgerDataQuery.getAdminDataset();
    LedgerSecurityManager securityManager = new LedgerSecurityManagerImpl(previousAdminDataset.getAdminSettings().getRolePrivileges(), previousAdminDataset.getAdminSettings().getAuthorizations(), previousAdminDataset.getParticipantDataset(), ledgerDataQuery.getUserAccountSet());
    UserPrivilegeSet userPrivilegeSet = securityManager.getUserRolesPrivilegs(Bytes.fromBase58(userAddress));
    return userPrivilegeSet;
}
Also used : LedgerSecurityManager(com.jd.blockchain.ledger.core.LedgerSecurityManager) UserPrivilegeSet(com.jd.blockchain.ledger.UserPrivilegeSet) LedgerAdminDataSet(com.jd.blockchain.ledger.core.LedgerAdminDataSet) LedgerSecurityManagerImpl(com.jd.blockchain.ledger.core.LedgerSecurityManagerImpl) LedgerDataSet(com.jd.blockchain.ledger.core.LedgerDataSet)

Example 2 with LedgerAdminDataSet

use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.

the class UncommittedLedgerQueryService method getUserPrivileges.

@Override
public UserPrivilegeSet getUserPrivileges(String userAddress) {
    LedgerDataSet ledgerDataQuery = transactionContext.getDataset();
    LedgerAdminDataSet previousAdminDataset = ledgerDataQuery.getAdminDataset();
    LedgerSecurityManager securityManager = new LedgerSecurityManagerImpl(previousAdminDataset.getAdminSettings().getRolePrivileges(), previousAdminDataset.getAdminSettings().getAuthorizations(), previousAdminDataset.getParticipantDataset(), ledgerDataQuery.getUserAccountSet());
    UserPrivilegeSet userPrivilegeSet = securityManager.getUserRolesPrivilegs(Bytes.fromBase58(userAddress));
    return userPrivilegeSet;
}
Also used : LedgerSecurityManager(com.jd.blockchain.ledger.core.LedgerSecurityManager) UserPrivilegeSet(com.jd.blockchain.ledger.UserPrivilegeSet) LedgerAdminDataSet(com.jd.blockchain.ledger.core.LedgerAdminDataSet) LedgerSecurityManagerImpl(com.jd.blockchain.ledger.core.LedgerSecurityManagerImpl) LedgerDataSet(com.jd.blockchain.ledger.core.LedgerDataSet)

Example 3 with LedgerAdminDataSet

use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.

the class ParticipantStateUpdateOperationHandle method doProcess.

@Override
protected void doProcess(ParticipantStateUpdateOperation op, LedgerTransactionContext transactionContext, TransactionRequestExtension requestContext, LedgerQuery previousBlockDataset, OperationHandleContext handleContext, EventManager manager) {
    // 权限校验;
    SecurityPolicy securityPolicy = SecurityContext.getContextUsersPolicy();
    securityPolicy.checkEndpointPermission(LedgerPermission.REGISTER_PARTICIPANT, MultiIDsPolicy.AT_LEAST_ONE);
    LedgerAdminDataSet adminAccountDataSet = transactionContext.getDataset().getAdminDataset();
    ParticipantNode[] participants = null;
    participants = ((LedgerAdminDataSetEditor) adminAccountDataSet).getParticipants();
    ParticipantNode participantNode = null;
    for (int i = 0; i < participants.length; i++) {
        if (op.getParticipantID().getPubKey().equals(participants[i].getPubKey())) {
            participantNode = new PartNode(participants[i].getId(), participants[i].getName(), participants[i].getPubKey(), op.getState());
            break;
        }
    }
    if (null == participantNode) {
        throw new ParticipantDoesNotExistException(String.format("Participant doesn't exist! --[Address=%s]", op.getParticipantID().getAddress()));
    }
    // 激活新参与方的共识状态
    ((LedgerAdminDataSetEditor) adminAccountDataSet).updateParticipant(participantNode);
}
Also used : LedgerAdminDataSet(com.jd.blockchain.ledger.core.LedgerAdminDataSet) SecurityPolicy(com.jd.blockchain.ledger.SecurityPolicy) LedgerAdminDataSetEditor(com.jd.blockchain.ledger.core.LedgerAdminDataSetEditor)

Example 4 with LedgerAdminDataSet

use of com.jd.blockchain.ledger.core.LedgerAdminDataSet in project jdchain-core by blockchain-jd-com.

the class RootCAUpdateOperationHandle method doProcess.

@Override
protected void doProcess(RootCAUpdateOperation op, LedgerTransactionContext transactionContext, TransactionRequestExtension requestContext, LedgerQuery ledger, OperationHandleContext handleContext, EventManager manager) {
    // 权限校验;
    SecurityPolicy securityPolicy = SecurityContext.getContextUsersPolicy();
    securityPolicy.checkEndpointPermission(LedgerPermission.UPDATE_ROOT_CA, MultiIDsPolicy.AT_LEAST_ONE);
    LedgerAdminDataSet adminDataset = transactionContext.getDataset().getAdminDataset();
    if (adminDataset.getAdminSettings().getMetadata().getIdentityMode() == IdentityMode.CA) {
        String[] ledgerCAs = adminDataset.getAdminSettings().getMetadata().getLedgerCertificates();
        Map<PublicKey, String> ledgerCAMap = new HashMap<>();
        for (int i = 0; i < ledgerCAs.length; i++) {
            X509Certificate cert = CertificateUtils.parseCertificate(ledgerCAs[i]);
            PublicKey publicKey = cert.getPublicKey();
            ledgerCAMap.put(publicKey, ledgerCAs[i]);
        }
        String[] certificatesAdd = op.getCertificatesAdd();
        for (String cert : certificatesAdd) {
            X509Certificate certificate = CertificateUtils.parseCertificate(cert);
            CertificateUtils.checkCACertificate(certificate);
            CertificateUtils.checkValidity(certificate);
            if (!ledgerCAMap.containsKey(certificate.getPublicKey())) {
                ledgerCAMap.put(certificate.getPublicKey(), cert);
            } else {
                throw new LedgerException("Certificate [" + CertificateUtils.toPEMString(certificate) + "] already exists in the ledger!");
            }
        }
        String[] certificatesUpdate = op.getCertificatesUpdate();
        for (String cert : certificatesUpdate) {
            X509Certificate certificate = CertificateUtils.parseCertificate(cert);
            CertificateUtils.checkCACertificate(certificate);
            CertificateUtils.checkValidity(certificate);
            if (ledgerCAMap.containsKey(certificate.getPublicKey())) {
                ledgerCAMap.put(certificate.getPublicKey(), cert);
            } else {
                throw new LedgerException("Certificate [" + CertificateUtils.toPEMString(certificate) + "] not exists in the ledger!");
            }
        }
        String[] certificatesRemove = op.getCertificatesRemove();
        for (String cert : certificatesRemove) {
            X509Certificate certificate = CertificateUtils.parseCertificate(cert);
            CertificateUtils.checkCACertificate(certificate);
            if (ledgerCAMap.containsKey(certificate.getPublicKey())) {
                ledgerCAMap.remove(certificate.getPublicKey(), cert);
            } else {
                throw new LedgerException("Certificate [" + CertificateUtils.toPEMString(certificate) + "] not exists in the ledger!");
            }
        }
        if (ledgerCAMap.size() == 0) {
            throw new LedgerException("At least one root certificate is required!");
        }
        ((LedgerAdminDataSetEditor) adminDataset).updateLedgerCA(ledgerCAMap.values().toArray(new String[0]));
    } else {
        throw new LedgerException("Not in CA identity mode!");
    }
}
Also used : LedgerAdminDataSet(com.jd.blockchain.ledger.core.LedgerAdminDataSet) HashMap(java.util.HashMap) PublicKey(java.security.PublicKey) SecurityPolicy(com.jd.blockchain.ledger.SecurityPolicy) LedgerException(com.jd.blockchain.ledger.LedgerException) X509Certificate(java.security.cert.X509Certificate) LedgerAdminDataSetEditor(com.jd.blockchain.ledger.core.LedgerAdminDataSetEditor)

Aggregations

LedgerAdminDataSet (com.jd.blockchain.ledger.core.LedgerAdminDataSet)4 SecurityPolicy (com.jd.blockchain.ledger.SecurityPolicy)2 UserPrivilegeSet (com.jd.blockchain.ledger.UserPrivilegeSet)2 LedgerAdminDataSetEditor (com.jd.blockchain.ledger.core.LedgerAdminDataSetEditor)2 LedgerDataSet (com.jd.blockchain.ledger.core.LedgerDataSet)2 LedgerSecurityManager (com.jd.blockchain.ledger.core.LedgerSecurityManager)2 LedgerSecurityManagerImpl (com.jd.blockchain.ledger.core.LedgerSecurityManagerImpl)2 LedgerException (com.jd.blockchain.ledger.LedgerException)1 PublicKey (java.security.PublicKey)1 X509Certificate (java.security.cert.X509Certificate)1 HashMap (java.util.HashMap)1