mirror of https://github.com/poanetwork/quorum.git
permissions: changes to incorporate security review feedback
This commit is contained in:
parent
bc90e6f8af
commit
34957af299
|
@ -28,7 +28,7 @@ var (
|
||||||
)
|
)
|
||||||
|
|
||||||
// AcctManagerABI is the input ABI used to generate the binding from.
|
// AcctManagerABI is the input ABI used to generate the binding from.
|
||||||
const AcctManagerABI = "[{\"constant\":false,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_roleId\",\"type\":\"string\"},{\"name\":\"_adminRole\",\"type\":\"bool\"}],\"name\":\"assignAccountRole\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"}],\"name\":\"removeExistingAdmin\",\"outputs\":[{\"name\":\"voterUpdate\",\"type\":\"bool\"},{\"name\":\"account\",\"type\":\"address\"}],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"}],\"name\":\"getAccountDetails\",\"outputs\":[{\"name\":\"\",\"type\":\"address\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"uint256\"},{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[],\"name\":\"getNumberOfAccounts\",\"outputs\":[{\"name\":\"\",\"type\":\"uint256\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"}],\"name\":\"validateAccount\",\"outputs\":[{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"}],\"name\":\"getAccountRole\",\"outputs\":[{\"name\":\"\",\"type\":\"string\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_status\",\"type\":\"uint256\"}],\"name\":\"updateAccountStatus\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"}],\"name\":\"orgAdminExists\",\"outputs\":[{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_aIndex\",\"type\":\"uint256\"}],\"name\":\"getAccountDetailsFromIndex\",\"outputs\":[{\"name\":\"\",\"type\":\"address\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"uint256\"},{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_account\",\"type\":\"address\"}],\"name\":\"addNewAdmin\",\"outputs\":[{\"name\":\"voterUpdate\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_nwAdminRole\",\"type\":\"string\"},{\"name\":\"_oAdminRole\",\"type\":\"string\"}],\"name\":\"setDefaults\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_roleId\",\"type\":\"string\"},{\"name\":\"_status\",\"type\":\"uint256\"}],\"name\":\"assignAdminRole\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_ultParent\",\"type\":\"string\"}],\"name\":\"checkOrgAdmin\",\"outputs\":[{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"name\":\"_permUpgradable\",\"type\":\"address\"}],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"name\":\"_account\",\"type\":\"address\"},{\"indexed\":false,\"name\":\"_orgId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_roleId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_orgAdmin\",\"type\":\"bool\"},{\"indexed\":false,\"name\":\"_status\",\"type\":\"uint256\"}],\"name\":\"AccountAccessModified\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"name\":\"_account\",\"type\":\"address\"},{\"indexed\":false,\"name\":\"_orgId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_roleId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_orgAdmin\",\"type\":\"bool\"}],\"name\":\"AccountAccessRevoked\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"name\":\"_account\",\"type\":\"address\"},{\"indexed\":false,\"name\":\"_orgId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_status\",\"type\":\"uint256\"}],\"name\":\"AccountStatusChanged\",\"type\":\"event\"}]"
|
const AcctManagerABI = "[{\"constant\":false,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_roleId\",\"type\":\"string\"},{\"name\":\"_adminRole\",\"type\":\"bool\"}],\"name\":\"assignAccountRole\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"}],\"name\":\"removeExistingAdmin\",\"outputs\":[{\"name\":\"voterUpdate\",\"type\":\"bool\"},{\"name\":\"account\",\"type\":\"address\"}],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"}],\"name\":\"getAccountDetails\",\"outputs\":[{\"name\":\"\",\"type\":\"address\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"uint256\"},{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[],\"name\":\"getNumberOfAccounts\",\"outputs\":[{\"name\":\"\",\"type\":\"uint256\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"}],\"name\":\"validateAccount\",\"outputs\":[{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"}],\"name\":\"getAccountRole\",\"outputs\":[{\"name\":\"\",\"type\":\"string\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_action\",\"type\":\"uint256\"}],\"name\":\"updateAccountStatus\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"}],\"name\":\"orgAdminExists\",\"outputs\":[{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_aIndex\",\"type\":\"uint256\"}],\"name\":\"getAccountDetailsFromIndex\",\"outputs\":[{\"name\":\"\",\"type\":\"address\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"string\"},{\"name\":\"\",\"type\":\"uint256\"},{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_account\",\"type\":\"address\"}],\"name\":\"addNewAdmin\",\"outputs\":[{\"name\":\"voterUpdate\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_nwAdminRole\",\"type\":\"string\"},{\"name\":\"_oAdminRole\",\"type\":\"string\"}],\"name\":\"setDefaults\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":false,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_roleId\",\"type\":\"string\"},{\"name\":\"_status\",\"type\":\"uint256\"}],\"name\":\"assignAdminRole\",\"outputs\":[],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"constant\":true,\"inputs\":[{\"name\":\"_account\",\"type\":\"address\"},{\"name\":\"_orgId\",\"type\":\"string\"},{\"name\":\"_ultParent\",\"type\":\"string\"}],\"name\":\"checkOrgAdmin\",\"outputs\":[{\"name\":\"\",\"type\":\"bool\"}],\"payable\":false,\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"name\":\"_permUpgradable\",\"type\":\"address\"}],\"payable\":false,\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"name\":\"_account\",\"type\":\"address\"},{\"indexed\":false,\"name\":\"_orgId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_roleId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_orgAdmin\",\"type\":\"bool\"},{\"indexed\":false,\"name\":\"_status\",\"type\":\"uint256\"}],\"name\":\"AccountAccessModified\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"name\":\"_account\",\"type\":\"address\"},{\"indexed\":false,\"name\":\"_orgId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_roleId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_orgAdmin\",\"type\":\"bool\"}],\"name\":\"AccountAccessRevoked\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"name\":\"_account\",\"type\":\"address\"},{\"indexed\":false,\"name\":\"_orgId\",\"type\":\"string\"},{\"indexed\":false,\"name\":\"_status\",\"type\":\"uint256\"}],\"name\":\"AccountStatusChanged\",\"type\":\"event\"}]"
|
||||||
|
|
||||||
// AcctManager is an auto generated Go binding around an Ethereum contract.
|
// AcctManager is an auto generated Go binding around an Ethereum contract.
|
||||||
type AcctManager struct {
|
type AcctManager struct {
|
||||||
|
@ -481,23 +481,23 @@ func (_AcctManager *AcctManagerTransactorSession) SetDefaults(_nwAdminRole strin
|
||||||
|
|
||||||
// UpdateAccountStatus is a paid mutator transaction binding the contract method 0x84b7a84a.
|
// UpdateAccountStatus is a paid mutator transaction binding the contract method 0x84b7a84a.
|
||||||
//
|
//
|
||||||
// Solidity: function updateAccountStatus(_orgId string, _account address, _status uint256) returns()
|
// Solidity: function updateAccountStatus(_orgId string, _account address, _action uint256) returns()
|
||||||
func (_AcctManager *AcctManagerTransactor) UpdateAccountStatus(opts *bind.TransactOpts, _orgId string, _account common.Address, _status *big.Int) (*types.Transaction, error) {
|
func (_AcctManager *AcctManagerTransactor) UpdateAccountStatus(opts *bind.TransactOpts, _orgId string, _account common.Address, _action *big.Int) (*types.Transaction, error) {
|
||||||
return _AcctManager.contract.Transact(opts, "updateAccountStatus", _orgId, _account, _status)
|
return _AcctManager.contract.Transact(opts, "updateAccountStatus", _orgId, _account, _action)
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateAccountStatus is a paid mutator transaction binding the contract method 0x84b7a84a.
|
// UpdateAccountStatus is a paid mutator transaction binding the contract method 0x84b7a84a.
|
||||||
//
|
//
|
||||||
// Solidity: function updateAccountStatus(_orgId string, _account address, _status uint256) returns()
|
// Solidity: function updateAccountStatus(_orgId string, _account address, _action uint256) returns()
|
||||||
func (_AcctManager *AcctManagerSession) UpdateAccountStatus(_orgId string, _account common.Address, _status *big.Int) (*types.Transaction, error) {
|
func (_AcctManager *AcctManagerSession) UpdateAccountStatus(_orgId string, _account common.Address, _action *big.Int) (*types.Transaction, error) {
|
||||||
return _AcctManager.Contract.UpdateAccountStatus(&_AcctManager.TransactOpts, _orgId, _account, _status)
|
return _AcctManager.Contract.UpdateAccountStatus(&_AcctManager.TransactOpts, _orgId, _account, _action)
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateAccountStatus is a paid mutator transaction binding the contract method 0x84b7a84a.
|
// UpdateAccountStatus is a paid mutator transaction binding the contract method 0x84b7a84a.
|
||||||
//
|
//
|
||||||
// Solidity: function updateAccountStatus(_orgId string, _account address, _status uint256) returns()
|
// Solidity: function updateAccountStatus(_orgId string, _account address, _action uint256) returns()
|
||||||
func (_AcctManager *AcctManagerTransactorSession) UpdateAccountStatus(_orgId string, _account common.Address, _status *big.Int) (*types.Transaction, error) {
|
func (_AcctManager *AcctManagerTransactorSession) UpdateAccountStatus(_orgId string, _account common.Address, _action *big.Int) (*types.Transaction, error) {
|
||||||
return _AcctManager.Contract.UpdateAccountStatus(&_AcctManager.TransactOpts, _orgId, _account, _status)
|
return _AcctManager.Contract.UpdateAccountStatus(&_AcctManager.TransactOpts, _orgId, _account, _action)
|
||||||
}
|
}
|
||||||
|
|
||||||
// AcctManagerAccountAccessModifiedIterator is returned from FilterAccountAccessModified and is used to iterate over the raw logs and unpacked data for AccountAccessModified events raised by the AcctManager contract.
|
// AcctManagerAccountAccessModifiedIterator is returned from FilterAccountAccessModified and is used to iterate over the raw logs and unpacked data for AccountAccessModified events raised by the AcctManager contract.
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -47,7 +47,6 @@ contract AccountManager {
|
||||||
/// @param _account - account id
|
/// @param _account - account id
|
||||||
modifier accountExists(string memory _orgId, address _account){
|
modifier accountExists(string memory _orgId, address _account){
|
||||||
require((accountIndex[_account]) != 0, "account does not exists");
|
require((accountIndex[_account]) != 0, "account does not exists");
|
||||||
// if account exists it should belong to the same orgAdminIndex
|
|
||||||
require(keccak256(abi.encode(accountAccessList[_getAccountIndex(_account)].orgId)) == keccak256(abi.encode(_orgId)), "account in different org");
|
require(keccak256(abi.encode(accountAccessList[_getAccountIndex(_account)].orgId)) == keccak256(abi.encode(_orgId)), "account in different org");
|
||||||
_;
|
_;
|
||||||
}
|
}
|
||||||
|
@ -113,7 +112,8 @@ contract AccountManager {
|
||||||
function assignAdminRole(address _account, string calldata _orgId,
|
function assignAdminRole(address _account, string calldata _orgId,
|
||||||
string calldata _roleId, uint _status) external onlyImplementation {
|
string calldata _roleId, uint _status) external onlyImplementation {
|
||||||
require(((keccak256(abi.encode(_roleId)) == keccak256(abi.encode(orgAdminRole))) ||
|
require(((keccak256(abi.encode(_roleId)) == keccak256(abi.encode(orgAdminRole))) ||
|
||||||
(keccak256(abi.encode(_roleId)) == keccak256(abi.encode(adminRole)))), "can be called to assign admin roles only");
|
(keccak256(abi.encode(_roleId)) == keccak256(abi.encode(adminRole)))),
|
||||||
|
"can be called to assign admin roles only");
|
||||||
|
|
||||||
_setAccountRole(_account, _orgId, _roleId, _status, true);
|
_setAccountRole(_account, _orgId, _roleId, _status, true);
|
||||||
|
|
||||||
|
@ -182,34 +182,34 @@ contract AccountManager {
|
||||||
/// @notice updates the account status to the passed status value
|
/// @notice updates the account status to the passed status value
|
||||||
/// @param _orgId - org id
|
/// @param _orgId - org id
|
||||||
/// @param _account - account id
|
/// @param _account - account id
|
||||||
/// @param _status - new status of the account
|
/// @param _action - new status of the account
|
||||||
function updateAccountStatus(string calldata _orgId, address _account, uint _status) external
|
function updateAccountStatus(string calldata _orgId, address _account, uint _action) external
|
||||||
onlyImplementation
|
onlyImplementation
|
||||||
accountExists(_orgId, _account) {
|
accountExists(_orgId, _account) {
|
||||||
// operations that can be done 1-Suspend account, 2-Unsuspend Account, 3-Blacklist account
|
// operations that can be done 1-Suspend account, 2-Unsuspend Account, 3-Blacklist account
|
||||||
require((_status == 1 || _status == 2 || _status == 3), "invalid status change request");
|
require((_action == 1 || _action == 2 || _action == 3), "invalid status change request");
|
||||||
// check if the account is org admin. if yes then do not allow any status change
|
// check if the account is org admin. if yes then do not allow any status change
|
||||||
require(checkOrgAdmin(_account, _orgId, "") != true, "org admin account status change cannot be done");
|
require(checkOrgAdmin(_account, _orgId, "") != true, "status change not possible for org admin accounts");
|
||||||
uint newStat;
|
uint newStatus;
|
||||||
if (_status == 1) {
|
if (_action == 1) {
|
||||||
// account current status should be active
|
// for suspending an account current status should be active
|
||||||
require(accountAccessList[_getAccountIndex(_account)].status == 2,
|
require(accountAccessList[_getAccountIndex(_account)].status == 2,
|
||||||
"account is not in active status. operation cannot be done");
|
"account is not in active status. operation cannot be done");
|
||||||
newStat = 4;
|
newStatus = 4;
|
||||||
}
|
}
|
||||||
else if (_status == 2) {
|
else if (_action == 2) {
|
||||||
// account current status should be suspended
|
// for reactivating a suspended account, current status should be suspended
|
||||||
require(accountAccessList[_getAccountIndex(_account)].status == 4,
|
require(accountAccessList[_getAccountIndex(_account)].status == 4,
|
||||||
"account is not in suspended status. operation cannot be done");
|
"account is not in suspended status. operation cannot be done");
|
||||||
newStat = 2;
|
newStatus = 2;
|
||||||
}
|
}
|
||||||
else if (_status == 3) {
|
else if (_action == 3) {
|
||||||
require(accountAccessList[_getAccountIndex(_account)].status != 5,
|
require(accountAccessList[_getAccountIndex(_account)].status != 5,
|
||||||
"account is already blacklisted. operation cannot be done");
|
"account is already blacklisted. operation cannot be done");
|
||||||
newStat = 5;
|
newStatus = 5;
|
||||||
}
|
}
|
||||||
accountAccessList[_getAccountIndex(_account)].status = newStat;
|
accountAccessList[_getAccountIndex(_account)].status = newStatus;
|
||||||
emit AccountStatusChanged(_account, _orgId, newStat);
|
emit AccountStatusChanged(_account, _orgId, newStatus);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// @notice checks if the passed account exists and if exists does it
|
/// @notice checks if the passed account exists and if exists does it
|
||||||
|
@ -223,7 +223,6 @@ contract AccountManager {
|
||||||
if (accountIndex[_account] == 0) {
|
if (accountIndex[_account] == 0) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
// check if the acount is part of this org else return false
|
|
||||||
uint id = _getAccountIndex(_account);
|
uint id = _getAccountIndex(_account);
|
||||||
return (keccak256(abi.encode(accountAccessList[id].orgId)) == keccak256(abi.encode(_orgId)));
|
return (keccak256(abi.encode(accountAccessList[id].orgId)) == keccak256(abi.encode(_orgId)));
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,6 +7,7 @@ import "./PermissionsUpgradable.sol";
|
||||||
/// @notice contract only. there are few view functions exposed as public and
|
/// @notice contract only. there are few view functions exposed as public and
|
||||||
/// @notice can be called directly. these are invoked by quorum for populating
|
/// @notice can be called directly. these are invoked by quorum for populating
|
||||||
/// @notice permissions data in cache
|
/// @notice permissions data in cache
|
||||||
|
|
||||||
contract NodeManager {
|
contract NodeManager {
|
||||||
PermissionsUpgradable private permUpgradable;
|
PermissionsUpgradable private permUpgradable;
|
||||||
struct NodeDetails {
|
struct NodeDetails {
|
||||||
|
@ -17,9 +18,9 @@ contract NodeManager {
|
||||||
// use an array to store node details
|
// use an array to store node details
|
||||||
// if we want to list all node one day, mapping is not capable
|
// if we want to list all node one day, mapping is not capable
|
||||||
NodeDetails[] private nodeList;
|
NodeDetails[] private nodeList;
|
||||||
// use a mapping of enodeid to array index to track node
|
// mapping of enodeid to array index to track node
|
||||||
mapping(bytes32 => uint) private nodeIdToIndex;
|
mapping(bytes32 => uint) private nodeIdToIndex;
|
||||||
// keep track of node number
|
// tracking total number of nodes in network
|
||||||
uint private numberOfNodes;
|
uint private numberOfNodes;
|
||||||
|
|
||||||
|
|
||||||
|
@ -140,7 +141,6 @@ contract NodeManager {
|
||||||
require(_checkOrg(_enodeId, _orgId), "enode id does not belong to the passed org id");
|
require(_checkOrg(_enodeId, _orgId), "enode id does not belong to the passed org id");
|
||||||
require(_getNodeStatus(_enodeId) == 1, "nothing pending for approval");
|
require(_getNodeStatus(_enodeId) == 1, "nothing pending for approval");
|
||||||
uint nodeIndex = _getNodeIndex(_enodeId);
|
uint nodeIndex = _getNodeIndex(_enodeId);
|
||||||
// vote node
|
|
||||||
nodeList[nodeIndex].status = 2;
|
nodeList[nodeIndex].status = 2;
|
||||||
emit NodeApproved(nodeList[nodeIndex].enodeId, nodeList[nodeIndex].orgId);
|
emit NodeApproved(nodeList[nodeIndex].enodeId, nodeList[nodeIndex].orgId);
|
||||||
}
|
}
|
||||||
|
@ -155,10 +155,6 @@ contract NodeManager {
|
||||||
enodeExists(_enodeId) {
|
enodeExists(_enodeId) {
|
||||||
// node should belong to the org
|
// node should belong to the org
|
||||||
require(_checkOrg(_enodeId, _orgId), "enode id does not belong to the passed org");
|
require(_checkOrg(_enodeId, _orgId), "enode id does not belong to the passed org");
|
||||||
// changing node status to integer (0-NotInList, 1- PendingApproval,
|
|
||||||
// 2-Approved, 3-Deactivated, 4-Blacklisted)
|
|
||||||
// operations that can be done 3-Deactivate Node,
|
|
||||||
// 4-ActivateNode, 5-Blacklist nodeList
|
|
||||||
require((_action == 1 || _action == 2 || _action == 3),
|
require((_action == 1 || _action == 2 || _action == 3),
|
||||||
"invalid operation. wrong action passed");
|
"invalid operation. wrong action passed");
|
||||||
|
|
||||||
|
|
|
@ -7,6 +7,8 @@ import "./PermissionsUpgradable.sol";
|
||||||
/// @notice contract only. there are few view functions exposed as public and
|
/// @notice contract only. there are few view functions exposed as public and
|
||||||
/// @notice can be called directly. these are invoked by quorum for populating
|
/// @notice can be called directly. these are invoked by quorum for populating
|
||||||
/// @notice permissions data in cache
|
/// @notice permissions data in cache
|
||||||
|
/// @dev possible values of org status are - 0- NotInList, 1- Proposed,
|
||||||
|
/// @dev 2- Approved, 3- PendingSuspension, 4- Suspended, 5- RevokeSuspension
|
||||||
contract OrgManager {
|
contract OrgManager {
|
||||||
string private adminOrgId;
|
string private adminOrgId;
|
||||||
PermissionsUpgradable private permUpgradable;
|
PermissionsUpgradable private permUpgradable;
|
||||||
|
|
|
@ -342,11 +342,11 @@ contract PermissionsImplementation {
|
||||||
/// @notice account only.
|
/// @notice account only.
|
||||||
/// @param _orgId unique id of the organization to which the account belongs
|
/// @param _orgId unique id of the organization to which the account belongs
|
||||||
/// @param _account account id
|
/// @param _account account id
|
||||||
/// @param _status 1-suspending 2-activating back 3-blacklisting
|
/// @param _action 1-suspend 2-activate back 3-blacklist
|
||||||
function updateAccountStatus(string calldata _orgId, address _account,
|
function updateAccountStatus(string calldata _orgId, address _account,
|
||||||
uint _status, address _caller) external onlyInterface
|
uint _action, address _caller) external onlyInterface
|
||||||
orgAdmin(_caller, _orgId) {
|
orgAdmin(_caller, _orgId) {
|
||||||
accounts.updateAccountStatus(_orgId, _account, _status);
|
accounts.updateAccountStatus(_orgId, _account, _action);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Node related functions
|
// Node related functions
|
||||||
|
@ -397,7 +397,7 @@ contract PermissionsImplementation {
|
||||||
onlyInterface
|
onlyInterface
|
||||||
orgAdmin(_caller, _orgId)
|
orgAdmin(_caller, _orgId)
|
||||||
orgApproved(_orgId) {
|
orgApproved(_orgId) {
|
||||||
require(validateAccount(_account, _orgId) == true, "Operation cannot be performed");
|
require(validateAccount(_account, _orgId) == true, "operation cannot be performed");
|
||||||
require(_roleExists(_roleId, _orgId) == true, "role does not exists");
|
require(_roleExists(_roleId, _orgId) == true, "role does not exists");
|
||||||
bool admin = roles.isAdminRole(_roleId, _orgId, _getUltimateParent(_orgId));
|
bool admin = roles.isAdminRole(_roleId, _orgId, _getUltimateParent(_orgId));
|
||||||
accounts.assignAccountRole(_account, _orgId, _roleId, admin);
|
accounts.assignAccountRole(_account, _orgId, _roleId, admin);
|
||||||
|
|
|
@ -149,10 +149,10 @@ contract PermissionsInterface {
|
||||||
/// @notice this can be executed by org admin accounts only
|
/// @notice this can be executed by org admin accounts only
|
||||||
/// @param _orgId unique id of the organization to which the account belongs
|
/// @param _orgId unique id of the organization to which the account belongs
|
||||||
/// @param _account account id
|
/// @param _account account id
|
||||||
/// @param _status 1-suspending 2-activating back 3-blacklisting
|
/// @param _action 1-suspending 2-activating back 3-blacklisting
|
||||||
function updateAccountStatus(string calldata _orgId, address _account,
|
function updateAccountStatus(string calldata _orgId, address _account,
|
||||||
uint _status) external {
|
uint _action) external {
|
||||||
permImplementation.updateAccountStatus(_orgId, _account, _status, msg.sender);
|
permImplementation.updateAccountStatus(_orgId, _account, _action, msg.sender);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// @notice interface to add a new node to the organization
|
/// @notice interface to add a new node to the organization
|
||||||
|
|
|
@ -12,6 +12,7 @@ contract PermissionsUpgradable {
|
||||||
address private guardian;
|
address private guardian;
|
||||||
address private permImpl;
|
address private permImpl;
|
||||||
address private permInterface;
|
address private permInterface;
|
||||||
|
// initDone ensures that init can be called only once
|
||||||
bool private initDone;
|
bool private initDone;
|
||||||
|
|
||||||
/// @notice constructor
|
/// @notice constructor
|
||||||
|
@ -65,7 +66,7 @@ contract PermissionsUpgradable {
|
||||||
return permImpl;
|
return permImpl;
|
||||||
}
|
}
|
||||||
/// @notice function to fetch the interface address
|
/// @notice function to fetch the interface address
|
||||||
/// @return defpermissions interface contract address
|
/// @return permissions interface contract address
|
||||||
function getPermInterface() public view returns (address) {
|
function getPermInterface() public view returns (address) {
|
||||||
return permInterface;
|
return permInterface;
|
||||||
}
|
}
|
||||||
|
|
|
@ -92,7 +92,7 @@ contract VoterManager {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
uint id = _getVoterOrgIndex(_orgId);
|
uint id = _getVoterOrgIndex(_orgId);
|
||||||
// check of the voter already present in the list
|
// check if the voter is already present in the list
|
||||||
if (orgVoterList[id].voterIndex[_vAccount] == 0) {
|
if (orgVoterList[id].voterIndex[_vAccount] == 0) {
|
||||||
orgVoterList[id].voterCount++;
|
orgVoterList[id].voterCount++;
|
||||||
orgVoterList[id].voterIndex[_vAccount] = orgVoterList[id].voterCount;
|
orgVoterList[id].voterIndex[_vAccount] = orgVoterList[id].voterCount;
|
||||||
|
@ -126,7 +126,7 @@ contract VoterManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// @notice function to a voting item for network admin accounts to vote
|
/// @notice function to a voting item for network admin accounts to vote
|
||||||
/// @param _authOrg org id of the authirizing org. it will be network admin org
|
/// @param _authOrg org id of the authorizing org. it will be network admin org
|
||||||
/// @param _orgId - org id for which the voting record is being created
|
/// @param _orgId - org id for which the voting record is being created
|
||||||
/// @param _enodeId - enode id for which the voting record is being created
|
/// @param _enodeId - enode id for which the voting record is being created
|
||||||
/// @param _account - account id for which the voting record is being created
|
/// @param _account - account id for which the voting record is being created
|
||||||
|
@ -137,7 +137,7 @@ contract VoterManager {
|
||||||
// check if anything is pending approval for the org.
|
// check if anything is pending approval for the org.
|
||||||
// If yes another item cannot be added
|
// If yes another item cannot be added
|
||||||
require((_checkPendingOp(_authOrg, 0)),
|
require((_checkPendingOp(_authOrg, 0)),
|
||||||
"items pending approval. new item cannot be added");
|
"items pending for approval. new item cannot be added");
|
||||||
uint id = _getVoterOrgIndex(_authOrg);
|
uint id = _getVoterOrgIndex(_authOrg);
|
||||||
orgVoterList[id].pendingOp.orgId = _orgId;
|
orgVoterList[id].pendingOp.orgId = _orgId;
|
||||||
orgVoterList[id].pendingOp.enodeId = _enodeId;
|
orgVoterList[id].pendingOp.enodeId = _enodeId;
|
||||||
|
@ -162,10 +162,10 @@ contract VoterManager {
|
||||||
/// @return success of the voter process. either true or false
|
/// @return success of the voter process. either true or false
|
||||||
function processVote(string calldata _authOrg, address _vAccount, uint _pendingOp)
|
function processVote(string calldata _authOrg, address _vAccount, uint _pendingOp)
|
||||||
external onlyImplementation voterExists(_authOrg, _vAccount) returns (bool) {
|
external onlyImplementation voterExists(_authOrg, _vAccount) returns (bool) {
|
||||||
// check something is pending approval
|
// check something if anything is pending approval
|
||||||
require(_checkPendingOp(_authOrg, _pendingOp) == true, "nothing to approve");
|
require(_checkPendingOp(_authOrg, _pendingOp) == true, "nothing to approve");
|
||||||
uint id = _getVoterOrgIndex(_authOrg);
|
uint id = _getVoterOrgIndex(_authOrg);
|
||||||
// check if vote already processed
|
// check if vote is already processed
|
||||||
require(orgVoterList[id].votingStatus[id][_vAccount] != true, "cannot double vote");
|
require(orgVoterList[id].votingStatus[id][_vAccount] != true, "cannot double vote");
|
||||||
orgVoterList[id].voteCount++;
|
orgVoterList[id].voteCount++;
|
||||||
orgVoterList[id].votingStatus[id][_vAccount] = true;
|
orgVoterList[id].votingStatus[id][_vAccount] = true;
|
||||||
|
@ -181,7 +181,7 @@ contract VoterManager {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// @notice returns the details of any pending oepration to be approved
|
/// @notice returns the details of any pending operation to be approved
|
||||||
/// @param _orgId org id. this will be the org id of network admin org
|
/// @param _orgId org id. this will be the org id of network admin org
|
||||||
function getPendingOpDetails(string calldata _orgId) external view
|
function getPendingOpDetails(string calldata _orgId) external view
|
||||||
onlyImplementation returns (string memory, string memory, address, uint){
|
onlyImplementation returns (string memory, string memory, address, uint){
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
[{"constant":false,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"},{"name":"_roleId","type":"string"},{"name":"_adminRole","type":"bool"}],"name":"assignAccountRole","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"_orgId","type":"string"}],"name":"removeExistingAdmin","outputs":[{"name":"voterUpdate","type":"bool"},{"name":"account","type":"address"}],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"}],"name":"getAccountDetails","outputs":[{"name":"","type":"address"},{"name":"","type":"string"},{"name":"","type":"string"},{"name":"","type":"uint256"},{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"getNumberOfAccounts","outputs":[{"name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"}],"name":"validateAccount","outputs":[{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"}],"name":"getAccountRole","outputs":[{"name":"","type":"string"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"name":"_orgId","type":"string"},{"name":"_account","type":"address"},{"name":"_status","type":"uint256"}],"name":"updateAccountStatus","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[{"name":"_orgId","type":"string"}],"name":"orgAdminExists","outputs":[{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"name":"_aIndex","type":"uint256"}],"name":"getAccountDetailsFromIndex","outputs":[{"name":"","type":"address"},{"name":"","type":"string"},{"name":"","type":"string"},{"name":"","type":"uint256"},{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"name":"_orgId","type":"string"},{"name":"_account","type":"address"}],"name":"addNewAdmin","outputs":[{"name":"voterUpdate","type":"bool"}],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"_nwAdminRole","type":"string"},{"name":"_oAdminRole","type":"string"}],"name":"setDefaults","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"},{"name":"_roleId","type":"string"},{"name":"_status","type":"uint256"}],"name":"assignAdminRole","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"},{"name":"_ultParent","type":"string"}],"name":"checkOrgAdmin","outputs":[{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"inputs":[{"name":"_permUpgradable","type":"address"}],"payable":false,"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":false,"name":"_account","type":"address"},{"indexed":false,"name":"_orgId","type":"string"},{"indexed":false,"name":"_roleId","type":"string"},{"indexed":false,"name":"_orgAdmin","type":"bool"},{"indexed":false,"name":"_status","type":"uint256"}],"name":"AccountAccessModified","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"_account","type":"address"},{"indexed":false,"name":"_orgId","type":"string"},{"indexed":false,"name":"_roleId","type":"string"},{"indexed":false,"name":"_orgAdmin","type":"bool"}],"name":"AccountAccessRevoked","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"_account","type":"address"},{"indexed":false,"name":"_orgId","type":"string"},{"indexed":false,"name":"_status","type":"uint256"}],"name":"AccountStatusChanged","type":"event"}]
|
[{"constant":false,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"},{"name":"_roleId","type":"string"},{"name":"_adminRole","type":"bool"}],"name":"assignAccountRole","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"_orgId","type":"string"}],"name":"removeExistingAdmin","outputs":[{"name":"voterUpdate","type":"bool"},{"name":"account","type":"address"}],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"}],"name":"getAccountDetails","outputs":[{"name":"","type":"address"},{"name":"","type":"string"},{"name":"","type":"string"},{"name":"","type":"uint256"},{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"getNumberOfAccounts","outputs":[{"name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"}],"name":"validateAccount","outputs":[{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"}],"name":"getAccountRole","outputs":[{"name":"","type":"string"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"name":"_orgId","type":"string"},{"name":"_account","type":"address"},{"name":"_action","type":"uint256"}],"name":"updateAccountStatus","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[{"name":"_orgId","type":"string"}],"name":"orgAdminExists","outputs":[{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"name":"_aIndex","type":"uint256"}],"name":"getAccountDetailsFromIndex","outputs":[{"name":"","type":"address"},{"name":"","type":"string"},{"name":"","type":"string"},{"name":"","type":"uint256"},{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"name":"_orgId","type":"string"},{"name":"_account","type":"address"}],"name":"addNewAdmin","outputs":[{"name":"voterUpdate","type":"bool"}],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"_nwAdminRole","type":"string"},{"name":"_oAdminRole","type":"string"}],"name":"setDefaults","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"},{"name":"_roleId","type":"string"},{"name":"_status","type":"uint256"}],"name":"assignAdminRole","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[{"name":"_account","type":"address"},{"name":"_orgId","type":"string"},{"name":"_ultParent","type":"string"}],"name":"checkOrgAdmin","outputs":[{"name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"inputs":[{"name":"_permUpgradable","type":"address"}],"payable":false,"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":false,"name":"_account","type":"address"},{"indexed":false,"name":"_orgId","type":"string"},{"indexed":false,"name":"_roleId","type":"string"},{"indexed":false,"name":"_orgAdmin","type":"bool"},{"indexed":false,"name":"_status","type":"uint256"}],"name":"AccountAccessModified","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"_account","type":"address"},{"indexed":false,"name":"_orgId","type":"string"},{"indexed":false,"name":"_roleId","type":"string"},{"indexed":false,"name":"_orgAdmin","type":"bool"}],"name":"AccountAccessRevoked","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"_account","type":"address"},{"indexed":false,"name":"_orgId","type":"string"},{"indexed":false,"name":"_status","type":"uint256"}],"name":"AccountStatusChanged","type":"event"}]
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue