poanetwork
/
quorum
mirror of https://github.com/poanetwork/quorum.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

permission: allow sub orgs to be added to orgs

This commit is contained in:
amalraj.manigmail.com 2019-04-03 22:25:01 +08:00
parent ec650d97a4
commit 2bd92a2622
3 changed files with 110 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
controls/permission/OrgManager.sol
View File

@ -11,7 +11,11 @@ contract OrgManager {
struct OrgDetails {
string orgId;
uint status;
string parentId;
uint pindex;
uint level;
}
OrgDetails [] private orgList;
mapping(bytes32 => uint) private OrgIndex;
uint private orgNum = 0;
@ -51,16 +55,32 @@ contract OrgManager {
function addAdminOrg(string calldata _orgId) external
onlyImpl
{
addNewOrg(_orgId, 2);
addNewOrg("", _orgId, 1, 2);
emit OrgApproved(_orgId);
}
function addNewOrg(string memory _orgId, uint _status) internal
function addNewOrg(string memory _pOrg, string memory _orgId, uint _level, uint _status) internal
{
bytes32 pid = "";
bytes32 oid = "";
if (_level == 1) {//root
oid = keccak256(abi.encodePacked(_orgId));
} else {
pid = keccak256(abi.encodePacked(_pOrg));
oid = keccak256(abi.encodePacked(_pOrg, ".", _orgId));
}
orgNum++;
OrgIndex[keccak256(abi.encodePacked(_orgId))] = orgNum;
OrgIndex[oid] = orgNum;
uint id = orgList.length++;
if (_level == 1) {
orgList[id].level = _level;
orgList[id].pindex = 0;
} else {
orgList[id].level = orgList[OrgIndex[pid]-1].level + 1;
orgList[id].pindex = OrgIndex[pid];
}
orgList[id].orgId = _orgId;
orgList[id].parentId = _pOrg;
orgList[id].status = _status;
}
@ -86,7 +106,16 @@ contract OrgManager {
onlyImpl
orgNotExists(_orgId)
{
addNewOrg(_orgId, 1);
addNewOrg("", _orgId, 1, 1);
emit OrgPendingApproval(_orgId, 1);
}
// function for adding a new master org
function addSubOrg(string calldata _pOrg, string calldata _orgId) external
onlyImpl
orgNotExists(string(abi.encodePacked(_pOrg, ".", _orgId)))
{
addNewOrg(_pOrg, _orgId, 2, 1);
emit OrgPendingApproval(_orgId, 1);
}
@ -95,7 +124,7 @@ contract OrgManager {
orgExists(_orgId)
returns (uint)
{
require ((_status == 3 || _status == 5), "Operation not allowed");
require((_status == 3 || _status == 5), "Operation not allowed");
uint reqStatus;
uint pendingOp;
if (_status == 3) {
@ -183,9 +212,15 @@ contract OrgManager {
return (!(OrgIndex[keccak256(abi.encodePacked(_orgId))] == 0));
}
// returns org and master org details based on org index
function getOrgInfo(uint _orgIndex) external view returns (string memory, uint)
// function to check if morg exists
function checkNodeExists(string memory _pOrg, string memory _orgId) public view returns (bool)
{
return (orgList[_orgIndex].orgId, orgList[_orgIndex].status);
return (!(OrgIndex[keccak256(abi.encodePacked(_pOrg, _orgId))] == 0));
}
// returns org and master org details based on org index
function getOrgInfo(uint _orgIndex) external view returns (string memory, uint, uint, string memory, uint)
{
return (orgList[_orgIndex].parentId, orgList[_orgIndex].pindex,orgList[_orgIndex].level, orgList[_orgIndex].orgId, orgList[_orgIndex].status);
}
}

69
controls/permission/PermissionsImplementation.sol
View File

@ -44,7 +44,7 @@ contract PermissionsImplementation {
}
modifier orgAdmin(address _account, string memory _orgId) {
require(isOrgAdmin(_account, _orgId) == true, "Not an org admin");
//require(isOrgAdmin(_account, _orgId) == true, "Not an org admin");
_;
}
@ -53,6 +53,7 @@ contract PermissionsImplementation {
_;
}
modifier orgExists(string memory _orgId) {
require(checkOrgExists(_orgId) == true, "Org does not exists");
_;
@ -118,7 +119,7 @@ contract PermissionsImplementation {
return networkBoot;
}
// Get network boot status
// Get network boot status
function getNetworkBootStatus() external view
returns (bool)
{
@ -126,10 +127,9 @@ contract PermissionsImplementation {
}
// function for adding a new master org
function addOrg(string calldata _orgId, string calldata _enodeId, address _caller) external
function addOrg(string calldata _orgId, string calldata _enodeId, address _caller) external
onlyProxy
networkBootStatus(true)
orgNotExists(_orgId)
networkAdmin(_caller)
{
voter.addVotingItem(adminOrg, _orgId, _enodeId, address(0), 1);
@ -137,6 +137,19 @@ contract PermissionsImplementation {
nodes.addNode(_enodeId, _orgId);
}
// function for adding a new master org
function addSubOrg(string calldata _pOrg, string calldata _orgId, string calldata _enodeId, address _caller) external
onlyProxy
networkBootStatus(true)
orgExists(_pOrg)
networkAdmin(_caller)
{
string memory pid = string(abi.encodePacked(_pOrg, ".", _orgId));
voter.addVotingItem(adminOrg, pid, _enodeId, address(0), 1);
org.addSubOrg(_pOrg, _orgId);
nodes.addNode(_enodeId, pid);
}
function approveOrg(string calldata _orgId, string calldata _enodeId, address _caller) external
onlyProxy
networkAdmin(_caller)
@ -149,6 +162,19 @@ contract PermissionsImplementation {
}
}
function approveSubOrg(string calldata _pOrg, string calldata _orgId, string calldata _enodeId, address _caller) external
onlyProxy
networkAdmin(_caller)
{
string memory pid = string(abi.encodePacked(_pOrg, ".", _orgId));
require(checkOrgStatus(pid, 1) == true, "Nothing to approve");
if ((processVote(adminOrg, _caller, 1))) {
org.approveOrg(pid);
roles.addRole(orgAdminRole, pid, fullAccess, true);
nodes.approveNode(_enodeId, pid);
}
}
function updateOrgStatus(string calldata _orgId, uint _status, address _caller) external
onlyProxy
orgExists(_orgId)
@ -164,7 +190,7 @@ contract PermissionsImplementation {
orgExists(_orgId)
networkAdmin(_caller)
{
require ((_status == 3 || _status == 5), "Operation not allowed");
require((_status == 3 || _status == 5), "Operation not allowed");
uint pendingOp;
if (_status == 3) {
pendingOp = 2;
@ -179,14 +205,14 @@ contract PermissionsImplementation {
}
// returns org and master org details based on org index
function getOrgInfo(uint _orgIndex) external view
returns (string memory, uint)
returns (string memory, uint, uint, string memory, uint)
{
return org.getOrgInfo(_orgIndex);
}
// Role related functions
function addNewRole(string calldata _roleId, string calldata _orgId, uint _access, bool _voter, address _caller) external
/*function addNewRole(string calldata _roleId, string calldata _orgId, uint _access, bool _voter, address _caller) external
onlyProxy
orgApproved(_orgId)
orgAdmin(_caller, _orgId)
@ -195,13 +221,13 @@ contract PermissionsImplementation {
roles.addRole(_roleId, _orgId, _access, _voter);
}
function removeRole(string calldata _roleId, string calldata _orgId, address _caller) external
function removeRole(string calldata _roleId, string calldata _orgId, address _caller) external
onlyProxy
orgApproved(_orgId)
orgAdmin(_caller, _orgId)
{
roles.removeRole(_roleId, _orgId);
}
}*/
function getRoleDetails(string calldata _roleId, string calldata _orgId) external view
returns (string memory, string memory, uint, bool, bool)
@ -259,18 +285,18 @@ contract PermissionsImplementation {
}
function assignAccountRole(address _acct, string memory _orgId, string memory _roleId, address _caller) public
/* function assignAccountRole(address _acct, string memory _orgId, string memory _roleId, address _caller) public
onlyProxy
orgAdmin(_caller, _orgId)
orgApproved(_orgId)
{
// // check if the account is part of another org. If yes then op cannot be done
// // check if the account is part of another org. If yes then op cannot be done
require(validateAccount(_acct, _orgId) == true, "Operation cannot be performed");
// // check if role is existing for the org. if yes the op can be done
// // check if role is existing for the org. if yes the op can be done
require(roleExists(_roleId, _orgId) == true, "role does not exists");
bool newRoleVoter = isVoterRole(_roleId, _orgId);
// // check the role of the account. if the current role is voter and new role is also voter
// // voterlist change is not required. else voter list needs to be changed
// // check the role of the account. if the current role is voter and new role is also voter
// // voterlist change is not required. else voter list needs to be changed
string memory acctRole = accounts.getAccountRole(_acct);
if (keccak256(abi.encodePacked(acctRole)) == keccak256(abi.encodePacked("NONE"))) {
//new account
@ -293,7 +319,7 @@ contract PermissionsImplementation {
}
}
accounts.assignAccountRole(_acct, _orgId, _roleId);
}
}*/
function addNode(string calldata _orgId, string calldata _enodeId, address _caller) external
onlyProxy
@ -317,7 +343,7 @@ contract PermissionsImplementation {
return (keccak256(abi.encodePacked(accounts.getAccountRole(_account))) == keccak256(abi.encodePacked(adminRole)));
}
function isOrgAdmin(address _account, string memory _orgId) public view
/*function isOrgAdmin(address _account, string memory _orgId) public view
returns (bool)
{
return (accounts.checkOrgAdmin(_account, _orgId));
@ -327,7 +353,7 @@ contract PermissionsImplementation {
returns (bool)
{
return (accounts.valAcctAccessChange(_account, _orgId));
}
}*/
function checkOrgExists(string memory _orgId) internal view
returns (bool)
@ -335,6 +361,7 @@ contract PermissionsImplementation {
return org.checkOrgExists(_orgId);
}
function checkOrgApproved(string memory _orgId) internal view
returns (bool)
{
@ -346,6 +373,7 @@ contract PermissionsImplementation {
{
return org.checkOrgStatus(_orgId, _status);
}
function checkOrgAdminExists(string memory _orgId) internal view
returns (bool)
{
@ -357,6 +385,7 @@ contract PermissionsImplementation {
{
return (roles.roleExists(_roleId, _orgId));
}
function isVoterRole(string memory _roleId, string memory _orgId) internal view
returns (bool)
{
@ -379,11 +408,11 @@ contract PermissionsImplementation {
}
}
function getAccountDetails(address _acct) external view
/* function getAccountDetails(address _acct) external view
returns (address, string memory, string memory, uint, bool)
{
return accounts.getAccountDetails(_acct);
}
return accounts.getAccountDetails(_acct);
}*/
function updateNodeStatus(string calldata _orgId, string calldata _enodeId, uint _status, address _caller) external
onlyProxy

25
controls/permission/PermissionsInterface.sol
View File

@ -70,11 +70,22 @@ contract PermissionsInterface {
permImplementation.addOrg(_orgId, _enodeId, msg.sender);
}
// function for adding a new master org
function addSubOrg(string calldata _pOrg, string calldata _orgId, string calldata _enodeId) external
{
permImplementation.addSubOrg(_pOrg, _orgId, _enodeId, msg.sender);
}
function approveOrg(string calldata _orgId, string calldata _enodeId) external
{
permImplementation.approveOrg(_orgId, _enodeId, msg.sender);
}
function approveSubOrg(string calldata _pOrg, string calldata _orgId, string calldata _enodeId) external
{
permImplementation.approveSubOrg(_pOrg, _orgId, _enodeId, msg.sender);
}
function updateOrgStatus(string calldata _orgId, uint _status) external
{
permImplementation.updateOrgStatus(_orgId, _status, msg.sender);
@ -85,13 +96,13 @@ contract PermissionsInterface {
permImplementation.approveOrgStatus(_orgId, _status, msg.sender);
}
// returns org and master org details based on org index
function getOrgInfo(uint _orgIndex) external view returns (string memory, uint)
function getOrgInfo(uint _orgIndex) external view returns (string memory, uint, uint, string memory, uint)
{
return permImplementation.getOrgInfo(_orgIndex);
}
// Role related functions
function addNewRole(string calldata _roleId, string calldata _orgId, uint _access, bool _voter) external
/*function addNewRole(string calldata _roleId, string calldata _orgId, uint _access, bool _voter) external
{
permImplementation.addNewRole(_roleId, _orgId, _access, _voter, msg.sender);
}
@ -99,7 +110,7 @@ contract PermissionsInterface {
function removeRole(string calldata _roleId, string calldata _orgId) external
{
permImplementation.removeRole(_roleId, _orgId, msg.sender);
}
}*/
function getRoleDetails(string calldata _roleId, string calldata _orgId) external view returns (string memory, string memory, uint, bool, bool)
{
@ -141,12 +152,12 @@ contract PermissionsInterface {
}
function assignAccountRole(address _acct, string memory _orgId, string memory _roleId) public
/*function assignAccountRole(address _acct, string memory _orgId, string memory _roleId) public
{
permImplementation.assignAccountRole(_acct, _orgId, _roleId, msg.sender);
}
*/
function addNode(string calldata _orgId, string calldata _enodeId) external
{
permImplementation.addNode(_orgId, _enodeId, msg.sender);
@ -163,7 +174,7 @@ contract PermissionsInterface {
return permImplementation.getNodeStatus(_enodeId);
}
function isNetworkAdmin(address _account) public view returns (bool)
/*function isNetworkAdmin(address _account) public view returns (bool)
{
return permImplementation.isNetworkAdmin(_account);
}
@ -182,5 +193,5 @@ contract PermissionsInterface {
{
return permImplementation.getAccountDetails(_acct);
}
*/
}