This repository has been archived by the owner on May 13, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 346
/
perm_flag.go
191 lines (178 loc) · 6.12 KB
/
perm_flag.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
package permission
import (
"fmt"
"strings"
)
// Base permission references are like unix (the index is already bit shifted)
const (
// Chain permissions.
// These permissions grant the ability for accounts to perform certain transition within the execution package
// Root is a reserved permission currently unused that may be used in the future to grant super-user privileges
// for instance to a governance contract
Root PermFlag = 1 << iota // 1
// Send permits an account to issue a SendTx to transfer value from one account to another. Note that value can
// still be transferred with a CallTx by specifying an Amount in the InputTx. Funding an account is the basic
// prerequisite for an account to act in the system so is often used as a surrogate for 'account creation' when
// sending to a unknown account - in order for this to be permitted the input account needs the CreateAccount
// permission in addition.
Send // 2
// Call permits and account to issue a CallTx, which can be used to call (run) the code of an existing
// account/contract (these are synonymous in Burrow/EVM). A CallTx can be used to create an account if it points to
// a nil address - in order for an account to be permitted to do this the input (calling) account needs the
// CreateContract permission in addition.
Call // 4
// CreateContract permits the input account of a CallTx to create a new contract/account when CallTx.Address is nil
// and permits an executing contract in the EVM to create a new contract programmatically.
CreateContract // 8
// CreateAccount permits an input account of a SendTx to add value to non-existing (unfunded) accounts
CreateAccount // 16
// Bond is a reserved permission for making changes to the validator set - currently unused
Bond // 32
// Name permits manipulation of the name registry by allowing an account to issue a NameTx
Name // 64
// Propose permits creating proposals and voting for them
Proposal // 128
// Input allows account to sign transactions
Input // 256
// Permission to execute batch transactins
Batch // 512
// Allows account to associate new blockchain nodes
Identify // 1028
// Moderator permissions.
// These permissions concern the alteration of the chain permissions listed above. Each permission relates to a
// particular canonical permission mutation or query function. When an account is granted a moderation permission
// it is permitted to call that function. See contract.go for a marked-up description of what each function does.
HasBase
SetBase
UnsetBase
SetGlobal
HasRole
AddRole
RemoveRole
NumPermissions uint = 18 // NOTE Adjust this too. We can support upto 64
// To allow an operation with no permission flags set at all
None PermFlag = 0
TopPermFlag PermFlag = 1 << (NumPermissions - 1)
AllPermFlags PermFlag = TopPermFlag | (TopPermFlag - 1)
DefaultPermFlags PermFlag = Send | Call | CreateContract | CreateAccount | Bond | Name | HasBase | HasRole | Proposal | Input | Batch
// Chain permissions strings
RootString = "root"
SendString = "send"
CallString = "call"
CreateContractString = "createContract"
CreateAccountString = "createAccount"
BondString = "bond"
IdentifyString = "identify"
NameString = "name"
ProposalString = "proposal"
InputString = "input"
BatchString = "batch"
// Moderator permissions strings
HasBaseString = "hasBase"
SetBaseString = "setBase"
UnsetBaseString = "unsetBase"
SetGlobalString = "setGlobal"
HasRoleString = "hasRole"
AddRoleString = "addRole"
RemoveRoleString = "removeRole"
UnknownString = "#-UNKNOWN-#"
AllString = "all"
)
// A particular permission
type PermFlag uint64
// Checks if a permission flag is valid (a known base chain or native contract permission)
func (pf PermFlag) IsValid() bool {
return pf <= AllPermFlags
}
// Returns the string name of a single bit non-composite PermFlag, or otherwise UnknownString
// See BasePermissionsToStringList to generate a string representation of a composite PermFlag
func (pf PermFlag) String() string {
switch pf {
case AllPermFlags:
return AllString
case Root:
return RootString
case Send:
return SendString
case Call:
return CallString
case CreateContract:
return CreateContractString
case CreateAccount:
return CreateAccountString
case Bond:
return BondString
case Identify:
return IdentifyString
case Name:
return NameString
case Proposal:
return ProposalString
case Input:
return InputString
case Batch:
return BatchString
case HasBase:
return HasBaseString
case SetBase:
return SetBaseString
case UnsetBase:
return UnsetBaseString
case SetGlobal:
return SetGlobalString
case HasRole:
return HasRoleString
case AddRole:
return AddRoleString
case RemoveRole:
return RemoveRoleString
default:
return UnknownString
}
}
// PermStringToFlag maps camel- and snake case strings to the
// the corresponding permission flag.
func PermStringToFlag(perm string) (PermFlag, error) {
switch strings.ToLower(perm) {
case AllString:
return AllPermFlags, nil
case RootString:
return Root, nil
case SendString:
return Send, nil
case CallString:
return Call, nil
case CreateContractString, "createcontract", "create_contract":
return CreateContract, nil
case CreateAccountString, "createaccount", "create_account":
return CreateAccount, nil
case BondString:
return Bond, nil
case IdentifyString:
return Identify, nil
case NameString:
return Name, nil
case ProposalString:
return Proposal, nil
case InputString:
return Input, nil
case BatchString:
return Batch, nil
case HasBaseString, "hasbase", "has_base":
return HasBase, nil
case SetBaseString, "setbase", "set_base":
return SetBase, nil
case UnsetBaseString, "unsetbase", "unset_base":
return UnsetBase, nil
case SetGlobalString, "setglobal", "set_global":
return SetGlobal, nil
case HasRoleString, "hasrole", "has_role":
return HasRole, nil
case AddRoleString, "addrole", "add_role":
return AddRole, nil
case RemoveRoleString, "removerole", "rmrole", "rm_role":
return RemoveRole, nil
default:
return 0, fmt.Errorf("unknown permission %s", perm)
}
}