poanetwork
/
quorum
mirror of https://github.com/poanetwork/quorum.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add apis for org key management

This commit is contained in:
amalraj.manigmail.com 2018-10-30 15:59:08 +08:00
parent 1f2504ff08
commit 46cf4ddfb6
7 changed files with 97 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
controls/cluster/clusterkey_binding.go → controls/bind/clusterkey_binding.go
View File

@ -1,7 +1,7 @@
// Code generated - DO NOT EDIT.
// This file is a generated binding and any manual changes will be lost.
package cluster
package bind
import (
"strings"

2
controls/permbind/permission_binding.go → controls/bind/permission_binding.go
View File

@ -1,7 +1,7 @@
// Code generated - DO NOT EDIT.
// This file is a generated binding and any manual changes will be lost.
package permbind
package bind
import (
"math/big"

17
controls/cluster/cluster.go
View File

@ -8,6 +8,7 @@ import (
"github.com/ethereum/go-ethereum/log"
"github.com/ethereum/go-ethereum/node"
"github.com/ethereum/go-ethereum/controls"
pbind "github.com/ethereum/go-ethereum/controls/bind"
)
type OrgKeyCtrl struct {
@ -27,7 +28,7 @@ func NewOrgKeyCtrl(node *node.Node) (*OrgKeyCtrl, error) {
// the permissiones contract deployed as a precompile via genesis.json
func (k *OrgKeyCtrl) Start() error {
_, err := NewClusterFilterer(params.PrivateKeyManagementContract, k.ethClient)
_, err := pbind.NewClusterFilterer(params.QuorumPrivateKeyManagementContract, k.ethClient)
// check if permissioning contract is there at address. If not return from here
if err != nil {
log.Error("Cluster not enabled for the network : ", "err", err)
@ -49,7 +50,7 @@ func (k *OrgKeyCtrl) manageClusterKeys() error {
}
func (k *OrgKeyCtrl) populatePrivateKeys() error {
cluster, err := NewClusterFilterer(params.PrivateKeyManagementContract, k.ethClient)
cluster, err := pbind.NewClusterFilterer(params.QuorumPrivateKeyManagementContract, k.ethClient)
if err != nil {
log.Error("Failed to monitor node delete: ", "err", err)
return err
@ -86,16 +87,16 @@ func (k *OrgKeyCtrl) monitorKeyChanges() {
}
func (k *OrgKeyCtrl) monitorKeyAdd() {
cluster, err := NewClusterFilterer(params.PrivateKeyManagementContract, k.ethClient)
cluster, err := pbind.NewClusterFilterer(params.QuorumPrivateKeyManagementContract, k.ethClient)
if err != nil {
log.Error("Failed to monitor Account cluster : ", "err", err)
}
ch := make(chan *ClusterOrgKeyAdded)
ch := make(chan *pbind.ClusterOrgKeyAdded)
opts := &bind.WatchOpts{}
var blockNumber uint64 = 1
opts.Start = &blockNumber
var newEvent *ClusterOrgKeyAdded
var newEvent *pbind.ClusterOrgKeyAdded
_, err = cluster.WatchOrgKeyAdded(opts, ch)
if err != nil {
@ -111,16 +112,16 @@ func (k *OrgKeyCtrl) monitorKeyAdd() {
}
func (k *OrgKeyCtrl) monitorKeyDelete() {
cluster, err := NewClusterFilterer(params.PrivateKeyManagementContract, k.ethClient)
cluster, err := pbind.NewClusterFilterer(params.QuorumPrivateKeyManagementContract, k.ethClient)
if err != nil {
log.Error("Failed to monitor Account cluster : ", "err", err)
}
ch := make(chan *ClusterOrgKeyDeleted)
ch := make(chan *pbind.ClusterOrgKeyDeleted)
opts := &bind.WatchOpts{}
var blockNumber uint64 = 1
opts.Start = &blockNumber
var newEvent *ClusterOrgKeyDeleted
var newEvent *pbind.ClusterOrgKeyDeleted
_, err = cluster.WatchOrgKeyDeleted(opts, ch)
if err != nil {

38
controls/permission/permission.go
View File

@ -23,7 +23,7 @@ import (
"github.com/ethereum/go-ethereum/cmd/utils"
"github.com/ethereum/go-ethereum/raft"
"gopkg.in/urfave/cli.v1"
"github.com/ethereum/go-ethereum/controls/permbind"
pbind "github.com/ethereum/go-ethereum/controls/bind"
)
const (
@ -67,7 +67,7 @@ func NewQuorumPermissionCtrl(ctx *cli.Context, stack *node.Node) (*PermissionCtr
func (p *PermissionCtrl) Start() error {
// check if permissioning contract is there at address. If not return from here
if _, err := permbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt); err != nil {
if _, err := pbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt); err != nil {
log.Error("Permissions not enabled for the network : ", "err", err)
return nil
}
@ -121,17 +121,17 @@ func (p *PermissionCtrl) manageNodePermissions() {
// This functions listens on the channel for new node approval via smart contract and
// adds the same into permissioned-nodes.json
func (p *PermissionCtrl) monitorNewNodeAdd() {
permissions, err := permbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
permissions, err := pbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
log.Error("failed to monitor new node add : ", "err", err)
}
ch := make(chan *permbind.PermissionsNodeApproved, 1)
ch := make(chan *pbind.PermissionsNodeApproved, 1)
opts := &bind.WatchOpts{}
var blockNumber uint64 = 1
opts.Start = &blockNumber
var nodeAddEvent *permbind.PermissionsNodeApproved
var nodeAddEvent *pbind.PermissionsNodeApproved
_, err = permissions.WatchNodeApproved(opts, ch)
if err != nil {
@ -149,17 +149,17 @@ func (p *PermissionCtrl) monitorNewNodeAdd() {
// This functions listens on the channel for new node approval via smart contract and
// adds the same into permissioned-nodes.json
func (p *PermissionCtrl) monitorNodeDeactivation() {
permissions, err := permbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
permissions, err := pbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
log.Error("Failed to monitor node delete: ", "err", err)
}
ch := make(chan *permbind.PermissionsNodeDeactivated)
ch := make(chan *pbind.PermissionsNodeDeactivated)
opts := &bind.WatchOpts{}
var blockNumber uint64 = 1
opts.Start = &blockNumber
var newNodeDeleteEvent *permbind.PermissionsNodeDeactivated
var newNodeDeleteEvent *pbind.PermissionsNodeDeactivated
_, err = permissions.WatchNodeDeactivated(opts, ch)
if err != nil {
@ -178,16 +178,16 @@ func (p *PermissionCtrl) monitorNodeDeactivation() {
// This function listnes on the channel for any node blacklisting event via smart contract
// and adds the same disallowed-nodes.json
func (p *PermissionCtrl) monitorNodeBlacklisting() {
permissions, err := permbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
permissions, err := pbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
log.Error("failed to monitor new node add : ", "err", err)
}
ch := make(chan *permbind.PermissionsNodeBlacklisted, 1)
ch := make(chan *pbind.PermissionsNodeBlacklisted, 1)
opts := &bind.WatchOpts{}
var blockNumber uint64 = 1
opts.Start = &blockNumber
var nodeBlacklistEvent *permbind.PermissionsNodeBlacklisted
var nodeBlacklistEvent *pbind.PermissionsNodeBlacklisted
_, err = permissions.WatchNodeBlacklisted(opts, ch)
if err != nil {
@ -231,7 +231,7 @@ func (p *PermissionCtrl) updatePermissionedNodes(enodeId, ipAddrPort, discPort,
}
//this function populates the new node information into the permissioned-nodes.json file
func (p *PermissionCtrl) updateDisallowedNodes(nodeBlacklistEvent *permbind.PermissionsNodeBlacklisted) {
func (p *PermissionCtrl) updateDisallowedNodes(nodeBlacklistEvent *pbind.PermissionsNodeBlacklisted) {
dataDir := p.node.InstanceDir()
log.Debug("updateDisallowedNodes", "DataDir", dataDir, "file", BLACKLIST_CONFIG)
@ -287,7 +287,7 @@ func (p *PermissionCtrl) manageAccountPermissions() error {
// populates the nodes list from permissioned-nodes.json into the permissions
// smart contract
func (p *PermissionCtrl) populatePermissionedNodes() error {
permissions, err := permbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
permissions, err := pbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
log.Error("Failed to monitor node delete: ", "err", err)
return err
@ -320,7 +320,7 @@ func (p *PermissionCtrl) populatePermissionedNodes() error {
// populates the nodes list from permissioned-nodes.json into the permissions
// smart contract
func (p *PermissionCtrl) populateAcctPermissions() error {
permissions, err := permbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
permissions, err := pbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
log.Error("Failed to monitor node delete: ", "err", err)
return err
@ -342,16 +342,16 @@ func (p *PermissionCtrl) populateAcctPermissions() error {
// Monitors permissions changes at acount level and uodate the global permissions
// map with the same
func (p *PermissionCtrl) monitorAccountPermissions() {
permissions, err := permbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
permissions, err := pbind.NewPermissionsFilterer(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
log.Error("Failed to monitor Account permissions : ", "err", err)
}
ch := make(chan *permbind.PermissionsAccountAccessModified)
ch := make(chan *pbind.PermissionsAccountAccessModified)
opts := &bind.WatchOpts{}
var blockNumber uint64 = 1
opts.Start = &blockNumber
var newEvent *permbind.PermissionsAccountAccessModified
var newEvent *pbind.PermissionsAccountAccessModified
_, err = permissions.WatchAccountAccessModified(opts, ch)
if err != nil {
@ -405,7 +405,7 @@ func formatEnodeId(enodeId, ipAddrPort, discPort, raftPort string, isRaft bool)
//smart contract
func (p *PermissionCtrl) populateStaticNodesToContract() {
permissionsContract, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
permissionsContract, err := pbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
utils.Fatalf("Failed to instantiate a Permissions contract: %v", err)
@ -415,7 +415,7 @@ func (p *PermissionCtrl) populateStaticNodesToContract() {
utils.Fatalf("Failed to create authorized transactor: %v", err)
}
permissionsSession := &permbind.PermissionsSession{
permissionsSession := &pbind.PermissionsSession{
Contract: permissionsContract,
CallOpts: bind.CallOpts{
Pending: true,

59
core/quorum/permission_api.go → core/quorum/api.go
View File

@ -12,7 +12,7 @@ import (
"fmt"
"math/big"
"github.com/ethereum/go-ethereum/log"
"github.com/ethereum/go-ethereum/controls/permbind"
pbind "github.com/ethereum/go-ethereum/controls/bind"
"github.com/ethereum/go-ethereum/common"
)
@ -22,12 +22,13 @@ var defaultGasPrice = big.NewInt(0)
type PermissionAPI struct {
txPool *core.TxPool
ethClnt *ethclient.Client
permContr *permbind.Permissions
transOpts *bind.TransactOpts
permContr *pbind.Permissions
clustContr *pbind.Cluster
}
func NewPermissionAPI(tp *core.TxPool) *PermissionAPI {
pa := &PermissionAPI{tp, nil, nil, nil}
pa := &PermissionAPI{tp, nil, nil, nil, nil}
return pa
}
@ -38,11 +39,16 @@ func (p *PermissionAPI) Init(ethClnt *ethclient.Client, datadir string) error {
log.Error("error reading key file", "err", kerr)
return kerr
}
permContr, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
permContr, err := pbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
if err != nil {
return err
}
p.permContr = permContr
clustContr, err := pbind.NewCluster(params.QuorumPrivateKeyManagementContract, p.ethClnt)
if err != nil {
return err
}
p.clustContr = clustContr
auth, err := bind.NewTransactor(strings.NewReader(key), "")
if err != nil {
return err
@ -171,8 +177,8 @@ func (s *PermissionAPI) ApproveDeactivateNode(nodeId string) bool {
}
func (s *PermissionAPI) newPermSession() *permbind.PermissionsSession {
return &permbind.PermissionsSession{
func (s *PermissionAPI) newPermSession() *pbind.PermissionsSession {
return &pbind.PermissionsSession{
Contract: s.permContr,
CallOpts: bind.CallOpts{
Pending: true,
@ -186,6 +192,47 @@ func (s *PermissionAPI) newPermSession() *permbind.PermissionsSession {
}
}
func (s *PermissionAPI) newClusterSession() *pbind.ClusterSession {
return &pbind.ClusterSession{
Contract: s.clustContr,
CallOpts: bind.CallOpts{
Pending: true,
},
TransactOpts: bind.TransactOpts{
From: s.transOpts.From,
Signer: s.transOpts.Signer,
GasLimit: defaultGasLimit,
GasPrice: defaultGasPrice,
},
}
}
func (s *PermissionAPI) AddOrgKey(orgId string, pvtKey string) bool {
cs := s.newClusterSession()
tx, err := cs.AddOrgKey(orgId, pvtKey)
if err != nil {
log.Warn("Failed to add org key", "err", err)
return false
}
txHash := tx.Hash()
log.Info("Transaction pending", "tx hash", string(txHash[:]))
return true
}
func (s *PermissionAPI) RemoveOrgKey(orgId string, pvtKey string) bool {
cs := s.newClusterSession()
tx, err := cs.DeleteOrgKey(orgId, pvtKey)
if err != nil {
log.Warn("Failed to remove org key", "err", err)
return false
}
txHash := tx.Hash()
log.Info("Transaction pending", "tx hash", string(txHash[:]))
return true
}
func getKeyFromKeyStore(datadir string) (string, error) {
files, err := ioutil.ReadDir(filepath.Join(datadir, "keystore"))

14
internal/web3ext/web3ext.go
View File

@ -32,7 +32,7 @@ var Modules = map[string]string{
"txpool": TxPool_JS,
"raft": Raft_JS,
"istanbul": Istanbul_JS,
"quorum": PermissionsNode_JS,
"quorum": QUORUM_JS,
}
const Chequebook_JS = `
@ -675,7 +675,7 @@ web3._extend({
})
`
const PermissionsNode_JS = `
const QUORUM_JS = `
web3._extend({
property: 'quorum',
methods:
@ -715,6 +715,16 @@ web3._extend({
call: 'quorum_approveDeactivateNode',
params: 1
}),
new web3._extend.Method({
name: 'addOrgKey',
call: 'quorum_addOrgKey',
params: 2
}),
new web3._extend.Method({
name: 'removeOrgKey',
call: 'quorum_removeOrgKey',
params: 2
}),
]
})
`

4
params/quorum.go
View File

@ -3,6 +3,6 @@ package params
import "github.com/ethereum/go-ethereum/common"
var (
QuorumPermissionsContract = common.Address{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32}
PrivateKeyManagementContract = common.Address{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 34}
QuorumPermissionsContract = common.Address{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32}
QuorumPrivateKeyManagementContract = common.Address{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 34}
)