登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 0 Fork 0

艾鸥科技 / go-aiou

代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
authority.go 4.11 KB
一键复制 编辑 原始数据 按行查看 历史
张卓 提交于 2020-05-10 14:55 . init
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180
package host



import (

	"encoding/json"

	"strings"



	"gitee.com/aiou-official/go-aiou/account"

	"gitee.com/aiou-official/go-aiou/core/contract"

	"gitee.com/aiou-official/go-aiou/vm/database"

)



// Authority module of ...

type Authority struct {

	h *Host

}



func (h *Authority) requireContractAuth(id, p string) (bool, contract.Cost) {

	if i, ok := h.h.ctx.Value("number").(int64); ok && i == 0 {

		return true, contract.Cost0()

	}

	cost := CommonOpCost(1)

	authContractList := h.h.ctx.Value("auth_contract_list").(map[string]int)

	if h.h.IsFork3_1_0 {

		if _, ok := authContractList[id]; ok {

			return true, cost

		}

	} else {

		if _, ok := authContractList[id]; ok || h.h.ctx.Value("contract_name").(string) == id {

			return true, cost

		}

	}

	return false, cost

}



func (h *Authority) requireAuth(id, p string, authType int) (bool, contract.Cost) {

	if i, ok := h.h.ctx.Value("number").(int64); ok && i == 0 {

		return true, contract.Cost0()

	}

	if h.IsContract(id) {

		return h.requireContractAuth(id, p)

	}

	authList := h.h.ctx.Value("auth_list")

	authMap := authList.(map[string]int)



	signerList := h.h.ctx.Value("signer_list")

	signerMap := signerList.(map[string]bool)



	reenterMap := make(map[string]int)



	return auth(h.h.db, id, p, authMap, reenterMap, signerMap, authType)

}



// RequireAuth check auth

func (h *Authority) RequireAuth(id, p string) (bool, contract.Cost) {

	if h.h.IsFork3_3_0 {

		return h.requireAuth(id, p, authNormal)

	}

	return h.requireAuth(id, p, authSigner)

}



// RequireSignerAuth check signer auth

func (h *Authority) RequireSignerAuth(id, p string) (bool, contract.Cost) {

	return h.requireAuth(id, p, authSigner)

}



// RequirePublisherAuth check publisher auth

func (h *Authority) RequirePublisherAuth(id string) (bool, contract.Cost) {

	return h.requireAuth(id, "active", authPublisher)

}



// IsContract to judge the id is contract format

func (h *Authority) IsContract(id string) bool {

	// todo tell apart contractid and accountid

	if strings.HasPrefix(id, "Contract") || strings.Contains(id, ".") {

		return true

	}

	return false

}



// ReadAuth read auth

func ReadAuth(vi *database.Visitor, id string) (*account.Account, contract.Cost) {

	sa := vi.MGet("auth.aiou"+"-auth", id)

	acc := database.MustUnmarshal(sa)

	c := contract.NewCost(0, 0, int64(len(sa)))

	if acc == nil {

		return nil, c

	}

	var a account.Account

	err := json.Unmarshal([]byte(acc.(string)), &a)

	if err != nil {

		panic(err)

	}

	return &a, c

}



const (

	authNormal int = iota

	authSigner

	authPublisher

)



func auth(vi *database.Visitor, id, permission string, authMap, reenter map[string]int, signerMap map[string]bool, authType int) (bool, contract.Cost) { // nolint

	if _, ok := reenter[id+"@"+permission]; ok {

		return false, CommonErrorCost(1)

	}

	reenter[id+"@"+permission] = 1



	if authType == authNormal && signerMap[id+"@"+permission] {

		return true, CommonOpCost(1)

	}



	a, c := ReadAuth(vi, id)



	if a == nil {

		return false, c

	}



	p, ok := a.Permissions[permission]

	if !ok {

		if permission == "owner" || permission == "active" {

			return false, c

		}

		return auth(vi, id, "active", authMap, reenter, signerMap, authType)

	}



	u := p.Items

	for _, g := range p.Groups {

		grp, ok := a.Groups[g]

		if !ok {

			continue

		}

		u = append(u, grp.Items...)

	}



	var atype int

	if authType == authPublisher {

		atype = 1

	} else {

		atype = 0

	}



	var weight int

	for _, user := range u {

		if user.IsKeyPair {

			if authType == authNormal {

				continue

			}

			if i, ok := authMap[user.ID]; ok && i > atype {

				weight += user.Weight

				if weight >= p.Threshold {

					return true, c

				}

			}

		} else {

			ok, cost := auth(vi, user.ID, user.Permission, authMap, reenter, signerMap, authType)

			c.AddAssign(cost)

			if ok {

				weight += user.Weight

				if weight >= p.Threshold {

					return true, c

				}

			}

		}

	}



	if weight >= p.Threshold {

		return true, c

	}

	if permission == "active" {

		ok, c2 := auth(vi, id, "owner", authMap, reenter, signerMap, authType)

		c.AddAssign(c2)

		return ok, c

	} else if permission == "owner" {

		return false, c

	} else {

		ok, c2 := auth(vi, id, "active", authMap, reenter, signerMap, authType)

		c.AddAssign(c2)

		return ok, c

	}

}
1
https://gitee.com/aiou-official/go-aiou.git
git@gitee.com:aiou-official/go-aiou.git
aiou-official
go-aiou
go-aiou
376a44096468
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部