From 51cb1e30445f3f21d35710704fa77d2cef3764c1 Mon Sep 17 00:00:00 2001 From: "amalraj.manigmail.com" Date: Fri, 12 Apr 2019 20:28:22 +0800 Subject: [PATCH] permission: fix bugs in validations and org manager event raised --- controls/permission/OrgManager.sol | 14 +++++++------- core/quorum/api.go | 4 +++- core/types/permissions_cache.go | 23 +++++++++++++++++------ 3 files changed, 27 insertions(+), 14 deletions(-) diff --git a/controls/permission/OrgManager.sol b/controls/permission/OrgManager.sol index 11ef18008..715b46c18 100644 --- a/controls/permission/OrgManager.sol +++ b/controls/permission/OrgManager.sol @@ -98,10 +98,10 @@ contract OrgManager { orgList[id].parentId = _pOrg; orgList[id].status = _status; if (_status == 1) { - emit OrgPendingApproval(_orgId, _pOrg, orgList[id].ultParent, orgList[id].level, 1); + emit OrgPendingApproval(orgList[id].orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 1); } else { - emit OrgApproved(_orgId, _pOrg, orgList[id].ultParent, orgList[id].level, 2); + emit OrgApproved(orgList[id].orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 2); } } @@ -183,7 +183,7 @@ contract OrgManager { require(checkOrgStatus(_orgId, 2) == true, "Org not in approved state"); uint id = getOrgIndex(_orgId); orgList[id].status = 3; - emit OrgPendingApproval(_orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 3); + emit OrgPendingApproval(orgList[id].orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 3); } function revokeOrgSuspension(string memory _orgId) internal @@ -192,7 +192,7 @@ contract OrgManager { require(checkOrgStatus(_orgId, 4) == true, "Org not in suspended state"); uint id = getOrgIndex(_orgId); orgList[id].status = 5; - emit OrgPendingApproval(_orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 5); + emit OrgPendingApproval(orgList[id].orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 5); } function approveOrg(string calldata _orgId) external @@ -201,7 +201,7 @@ contract OrgManager { require(checkOrgStatus(_orgId, 1) == true, "Nothing to approve"); uint id = getOrgIndex(_orgId); orgList[id].status = 2; - emit OrgApproved(_orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 2); + emit OrgApproved(orgList[id].orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level, 2); } function approveOrgSuspension(string memory _orgId) internal @@ -209,7 +209,7 @@ contract OrgManager { require(checkOrgStatus(_orgId, 3) == true, "Nothing to approve"); uint id = getOrgIndex(_orgId); orgList[id].status = 4; - emit OrgSuspended(_orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level); + emit OrgSuspended(orgList[id].orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level); } function approveOrgRevokeSuspension(string memory _orgId) internal @@ -217,7 +217,7 @@ contract OrgManager { require(checkOrgStatus(_orgId, 5) == true, "Nothing to approve"); uint id = getOrgIndex(_orgId); orgList[id].status = 2; - emit OrgSuspensionRevoked(_orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level); + emit OrgSuspensionRevoked(orgList[id].orgId, orgList[id].parentId, orgList[id].ultParent, orgList[id].level); } function checkOrgStatus(string memory _orgId, uint _orgStatus) public view returns (bool){ diff --git a/core/quorum/api.go b/core/quorum/api.go index 0eea0f792..bbb35e905 100644 --- a/core/quorum/api.go +++ b/core/quorum/api.go @@ -250,9 +250,11 @@ func (s *QuorumControlsAPI) isNetworkAdmin(account common.Address) bool { return ac != nil && ac.RoleId == s.permConfig.NwAdminRole } +//TODO (Amal) get it reviewed by Sai func (s *QuorumControlsAPI) isOrgAdmin(account common.Address, orgId string) bool { ac := types.AcctInfoMap.GetAccount(account) - return ac != nil && (ac.RoleId == s.permConfig.OrgAdminRole && strings.Contains(orgId, ac.OrgId)) + return ac != nil && ((ac.OrgId == s.permConfig.NwAdminOrg && ac.RoleId == s.permConfig.NwAdminRole) || + (ac.RoleId == s.permConfig.OrgAdminRole && strings.Contains(orgId, ac.OrgId))) } func (s *QuorumControlsAPI) validateOrg(orgId, pOrgId string) (ExecStatus, error) { diff --git a/core/types/permissions_cache.go b/core/types/permissions_cache.go index 00a68f5d1..d8c7f68eb 100644 --- a/core/types/permissions_cache.go +++ b/core/types/permissions_cache.go @@ -77,10 +77,10 @@ type AccountInfo struct { } type OrgDetailInfo struct { - NodeList []NodeInfo `json:"nodeList"` - RoleList []RoleInfo `json:"roleList"` - AcctList []AccountInfo `json:"acctList"` - SubOrgList []string `json:"subOrgList"` + NodeList []NodeInfo `json:"nodeList"` + RoleList []RoleInfo `json:"roleList"` + AcctList []AccountInfo `json:"acctList"` + SubOrgList []string `json:"subOrgList"` } type OrgStruct struct { @@ -198,8 +198,10 @@ func (o *OrgCache) UpsertOrg(orgId, parentOrg, ultimateParent string, level *big pkey := OrgKey{OrgId: parentOrg} if ent, ok := o.c.Get(pkey); ok { porg := ent.(*OrgInfo) - porg.SubOrgList = append(porg.SubOrgList, key.OrgId) - o.c.Add(pkey, porg) + if !containsKey(porg.SubOrgList, key.OrgId) { + porg.SubOrgList = append(porg.SubOrgList, key.OrgId) + o.c.Add(pkey, porg) + } } } @@ -207,6 +209,15 @@ func (o *OrgCache) UpsertOrg(orgId, parentOrg, ultimateParent string, level *big o.c.Add(key, norg) } +func containsKey(s []string, e string) bool { + for _, a := range s { + if a == e { + return true + } + } + return false +} + func (o *OrgCache) GetOrg(orgId string) *OrgInfo { defer o.mux.Unlock() o.mux.Lock()