Merge pull request #4 from vsmk98/temp-Perm-188

changes to incorporate map and refactoring of code
chris-j-h · Aug 13, 2018 · 5ba6b29 · 5ba6b29
2 parents 3cc3978 + 7038131
commit 5ba6b29
Show file tree

Hide file tree

Showing 5 changed files with 253 additions and 214 deletions.
diff --git a/core/tx_pool.go b/core/tx_pool.go
@@ -618,7 +618,7 @@ func (pool *TxPool) validateTx(tx *types.Transaction, local bool) error {
 	// Check if the sender account is authorized to perform the transaction
 	if isQuorum {
 		log.Info("Inside if before checkAccount")
-		if err := checkAccount(from); err != nil {
+		if err := checkAccount(from, tx.To()); err != nil {
 			return ErrUnAuthorizedAccount
 		}
 	}
@@ -1208,13 +1208,37 @@ func (as *accountSet) add(addr common.Address) {
 
 
 // checks if the account is permissioned for transaction
-func checkAccount(acctId common.Address) error {
+func checkAccount(fromAcct common.Address, toAcct *common.Address) error {
 	log.Info("Inside checkAccount to validate")
-	access := types.GetAcctAccess(acctId)
-	if access != 99 {
-		err := errors.New("Account not permissioned")
+	access := types.GetAcctAccess(fromAcct)
+
+	switch access {
+	case types.FullAccess:
+		log.Info("Full Access so no issue")
+		return nil
+
+	case types.ReadOnly:
+		log.Info("Read only access cannot transact")
+		err := errors.New("Account Does not have transaction permissions")
 		return err
+
+	case types.Transact:
+		if toAcct == nil {
+			log.Info("Not entitled for contract create call ")
+			err := errors.New("Account Does not have contract create permissions")
+			return err
+		}else {
+			return nil
+		}
+	case types.ContractDeploy:
+		if toAcct != nil {
+			log.Info("Not entitled for transaction call ")
+			err := errors.New("Account Does not have transacte permissions")
+			return err
+		}else {
+			return nil
+		}
 	}
-	log.Info("returning null")
+	log.Info("returning nil")
 	return nil
 }
diff --git a/core/types/permissions_cache.go b/core/types/permissions_cache.go
@@ -6,9 +6,18 @@ import (
 	"github.com/ethereum/go-ethereum/log"
 )
 
+type AccessType uint8
+
+const (
+	FullAccess AccessType = iota
+	ReadOnly
+	Transact
+	ContractDeploy
+)
+
 type PermStruct struct {
 	AcctId common.Address
-	Access uint8
+	AcctAccess AccessType
 }
 
 type PermAccountsMap map[common.Address][] *PermStruct
@@ -21,23 +30,23 @@ func AddAccountAccess(acctId common.Address, access uint8)  {
 	mu := sync.RWMutex{}
 
 	mu.Lock()
-    AcctMap[acctId] = &PermStruct {AcctId : acctId, Access : access}
+    AcctMap[acctId] = &PermStruct {AcctId : acctId, AcctAccess : AccessType(access)}
 	mu.Unlock()
 }
 
-func GetAcctAccess(acctId common.Address) uint8 {
+func GetAcctAccess(acctId common.Address) AccessType {
 	mu := sync.RWMutex{}
 
 	if len(AcctMap) != 0 {
 		if _, ok := AcctMap[acctId]; ok {
-			log.Info("Inside GetAcct sending :", "acctId", AcctMap[acctId].AcctId, "access", AcctMap[acctId].Access)
+			log.Info("Inside GetAcct sending :", "acctId", AcctMap[acctId].AcctId, "access", AcctMap[acctId].AcctAccess)
 
 			mu.RLock()
-			access := AcctMap[acctId].Access
+			acctAccess := AcctMap[acctId].AcctAccess
 			mu.RUnlock()
 
-			return access
+			return acctAccess
 		}
 	}
-	return 99
+	return FullAccess
 }
diff --git a/permissions/Permissions.sol b/permissions/Permissions.sol
@@ -4,10 +4,14 @@ contract Permissions {
 
   enum NodeStatus { NotInList, PendingApproval, Approved, PendingDeactivation, Deactivated }
 
-  enum AccountAccess { FullAccess, ReadOnly, Transact, ContractDeploy, NoAccess }
+  enum AccountAccess {FullAccess, ReadOnly, Transact, ContractDeploy}
 
   struct nodeDetails {
     string enodeId;
+    //e.g. 127.0.0.1:20005
+    string ipAddrPort;
+    string discPort;
+    string raftPort;
     bool canWrite;
     bool canLead;
     NodeStatus status;
@@ -20,15 +24,15 @@ contract Permissions {
   }
   mapping (address => acctAccess) acctAccessList;
 
-  event NewNodeProposed (string _enodeId, bool _canWrite, bool _canLead);
-  event NodeApproved(string _enodeId);
+  event NewNodeProposed (string _enodeId);
+  event NodeApproved(string _enodeId, string _ipAddrPort, string _discPort, string _raftPort);
   event NodePendingDeactivation (string _enodeId);
-  event NodeDeactivated (string _enodeId);
+  event NodeDeactivated(string _enodeId, string _ipAddrPort, string _discPort, string _raftPort);
   event AcctAccessModified (address acctId, AccountAccess access);
 
   // Checks if the Node is already added. If yes then returns true
   function updateAcctAccess (address _acctId, AccountAccess access) public {
-    acctAccessList[_acctId] = acctAccess (_acctId, access);
+    acctAccessList[_acctId] = acctAccess(_acctId, access);
     emit AcctAccessModified(_acctId, access);
   }
   // Checks if the Node is already added. If yes then returns true
@@ -39,14 +43,17 @@ contract Permissions {
   // Adds a node to the nodeList mapping and emits node added event if successfully and node exists event of node is already present
   function ApproveNode(string _enodeId) public {
     require(getNodeStatus(_enodeId) != NodeStatus.NotInList, "Node is already in the list");
-    nodeList[keccak256(_enodeId)].status = NodeStatus.Approved;
-    emit NodeApproved(_enodeId);
+
+    bytes32 i;
+    i = keccak256(_enodeId);
+    nodeList[i].status = NodeStatus.Approved;
+    emit NodeApproved(nodeList[i].enodeId, nodeList[i].ipAddrPort, nodeList[i].discPort, nodeList[i].raftPort);
   }
 
-  function ProposeNode(string _enodeId, bool _canWrite, bool _canLead) public {
+  function ProposeNode(string _enodeId, bool _canWrite, bool _canLead, string _ipAddrPort, string _discPort, string _raftPort) public {
     require(getNodeStatus(_enodeId) == NodeStatus.NotInList, "New node cannot be in the list");
-    nodeList[keccak256(_enodeId)] = nodeDetails(_enodeId, _canWrite, _canLead, NodeStatus.PendingApproval);
-    emit NewNodeProposed (_enodeId, _canWrite, _canLead);
+    nodeList[keccak256(_enodeId)] = nodeDetails(_enodeId, _ipAddrPort,_discPort, _raftPort,  _canWrite, _canLead, NodeStatus.PendingApproval);
+    emit NewNodeProposed (_enodeId);
   }
 
   function ProposeDeactivation(string _enodeId) public {
@@ -58,8 +65,11 @@ contract Permissions {
   //deactivates a given Enode and emits the decativation event
   function DeactivateNode (string _enodeId) public {
     require(getNodeStatus(_enodeId) == NodeStatus.PendingDeactivation, "Node need to be in PendingDeactivation status");
-    nodeList[keccak256(_enodeId)].status = NodeStatus.Deactivated;
-    emit NodeDeactivated(_enodeId);
+
+    bytes32 i;
+    i = keccak256(_enodeId);
+    nodeList[i].status = NodeStatus.Deactivated;
+    emit NodeDeactivated(nodeList[i].enodeId, nodeList[i].ipAddrPort, nodeList[i].discPort, nodeList[i].raftPort);
   }
 
 }