-
Notifications
You must be signed in to change notification settings - Fork 0
/
multi_admin_better_errors.mo
90 lines (64 loc) · 2.98 KB
/
multi_admin_better_errors.mo
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
// When this canister is called the first time, it will place the
// caller of the canister in the creator var, which will in turn
// be saved in the admins list
//this demonstrates how to check is the user us aithorized
//but instead of using assert() to throw an error, we're using a Result
//this is a preffered way to return errors
import Debug "mo:base/Debug";
import Array "mo:base/Array";
import Option "mo:base/Option";
import Result "mo:base/Result";
shared ({ caller = creator }) actor class AuthCanister () = {
//holds list of principals who can admin the canister
stable var admins : [Principal] = [creator];
//error type
type Errors = {
#Unauthorized;
};
//list principals who are admins
public query func getAdmins(): async [Principal]{
admins;
};
//true if the principal is admin. we use this to assert
//in protected methods
private func isUnathorized(principal: Principal): Bool {
//find the principal in the admins list
//return true if found and false if not
switch (Array.find<Principal>(admins, func (x) { x == principal})){
case (?a) false;
case _ true;
};
};
//add the list of principals to admins
//dfx canister call multi_admin addAdmins "(vec { principal \"$principal\"; })";
// WHERE: $principal is the principal of admin we're adding
public shared ({caller}) func addAdmins(newAdmins: [Principal]): async Result.Result<(), Errors>{
//make sure the user is admin
if (isUnathorized(caller)){ return #err(#Unauthorized) };
//filter out admins who are already in the list (so we don't add them twice)
//
admins := Array.append(admins, Array.filter<Principal>(newAdmins, func (x){
Option.isNull(Array.find<Principal>(admins, func (y) { x == y }));
}));
//able to add an admin
#ok();
};
//remove the list of principals from admins
//dfx canister call multi_admin removeAdmins "(vec { principal \"$principal\"; })";
public shared ({caller}) func removeAdmins(removals: [Principal]): async Result.Result<(), Errors>{
//make sure the user is admin
if (isUnathorized(caller)){ return #err(#Unauthorized) };
admins := Array.filter<Principal>(admins, func (admin){
Option.isNull(Array.find<Principal>(removals, func (x) { x == admin }));
});
#ok();
};
//show a secret, but only to an owner
public shared query ({caller})func getSecret(): async Result.Result<Text, Errors>{
//only let the admins call this canister. if the
//caller is not on the admin list, this will fail
if (isUnathorized(caller)){ return #err(#Unauthorized) };
//return the secret that only owner (the creator of the canister can call
#ok("The Ultimate Answer to Life, The Universe and Everything is...42!");
};
};