frostfs-contract/policy/policy_contract.go
Airat Arifullin 1d4deffb7d
Some checks failed
DCO action / DCO (pull_request) Successful in 1m53s
Tests / Tests (1.19) (pull_request) Failing after 2m11s
Tests / Tests (1.20) (pull_request) Failing after 2m13s
[#78] policy: Introduce ListTargets method for Policy contract
* Introduce a new method ListTargets that lists targets by kind.
* Slightly fix key mapping - also concatenate kind to prefix.
* Write unit-tests.
* Regenerate rpcclient.

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-02-16 18:11:00 +03:00

282 lines
7.3 KiB
Go

package policy
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
)
// Kind represents the object the chain is attached to.
// Currently only namespace and container are supported.
type Kind byte
const (
Namespace = 'n'
Container = 'c'
IAM = 'i'
)
const (
ownerKeyPrefix = 'o'
)
const (
activeRulesCounterKeyPrefix = "rc"
mappingKeyPrefix = 'm'
counterKey = "counter"
)
const (
// ErrNotAuthorized is returned when the none of the transaction signers
// belongs to the list of autorized keys.
ErrNotAuthorized = "none of the signers is authorized to change the contract"
)
// _deploy function sets up initial list of inner ring public keys.
func _deploy(data any, isUpdate bool) {
if isUpdate {
return
}
args := data.(struct {
Admin interop.Hash160
})
ctx := storage.GetContext()
if args.Admin != nil {
if len(args.Admin) != 20 {
panic("invaliad admin hash length")
}
storage.Put(ctx, []byte{ownerKeyPrefix}, args.Admin)
}
storage.Put(ctx, counterKey, 0)
}
func checkAuthorization(ctx storage.Context) {
admin := getAdmin(ctx)
if admin != nil && runtime.CheckWitness(admin) {
return
}
if runtime.CheckWitness(common.AlphabetAddress()) {
return
}
panic(ErrNotAuthorized)
}
// Version returns the version of the contract.
func Version() int {
return common.Version
}
func SetAdmin(addr interop.Hash160) {
common.CheckAlphabetWitness()
ctx := storage.GetContext()
storage.Put(ctx, []byte{ownerKeyPrefix}, addr)
}
func GetAdmin() interop.Hash160 {
ctx := storage.GetReadOnlyContext()
return getAdmin(ctx)
}
func getAdmin(ctx storage.Context) interop.Hash160 {
return storage.Get(ctx, []byte{ownerKeyPrefix}).(interop.Hash160)
}
func storageKey(prefix Kind, counter int, name []byte) []byte {
key := append([]byte{byte(prefix)}, common.ToFixedWidth64(counter)...)
return append(key, name...)
}
func numericMapKeyPrefix(kind Kind) []byte {
return []byte{mappingKeyPrefix, byte(kind)}
}
// mapToNumeric maps a name to a number. That allows to keep more space in
// a storage key shortening long names. Short entity
// names are also mapped to prevent collisions in the map.
func mapToNumeric(ctx storage.Context, kind Kind, name []byte) (mapped int, mappingExists bool) {
mKey := append(numericMapKeyPrefix(kind), name...)
numericID := storage.Get(ctx, mKey)
if numericID == nil {
return
}
mapped = numericID.(int)
mappingExists = true
return
}
// mapToNumericCreateIfNotExists maps a name to a number. That allows to keep
// more space in a storage key shortening long names. Short entity
// names are also mapped to prevent collisions in the map.
// If a mapping cannot be found, then the method creates and returns it.
// mapToNumericCreateIfNotExists is NOT applicable for a read-only context.
func mapToNumericCreateIfNotExists(ctx storage.Context, kind Kind, name []byte) int {
mKey := append(numericMapKeyPrefix(kind), name...)
numericID := storage.Get(ctx, mKey)
if numericID == nil {
counter := storage.Get(ctx, counterKey).(int)
counter++
storage.Put(ctx, counterKey, counter)
storage.Put(ctx, mKey, counter)
return counter
}
return numericID.(int)
}
func AddChain(entity Kind, entityName string, name []byte, chain []byte) {
ctx := storage.GetContext()
checkAuthorization(ctx)
entityNameBytes := mapToNumericCreateIfNotExists(ctx, entity, []byte(entityName))
key := storageKey(entity, entityNameBytes, name)
storage.Put(ctx, key, chain)
incTargetRulesCount(ctx, append(numericMapKeyPrefix(entity), entityName...))
}
func GetChain(entity Kind, entityName string, name []byte) []byte {
ctx := storage.GetReadOnlyContext()
entityNameBytes, exists := mapToNumeric(ctx, entity, []byte(entityName))
if !exists {
panic("not found")
}
key := storageKey(entity, entityNameBytes, name)
data := storage.Get(ctx, key).([]byte)
if data == nil {
panic("not found")
}
return data
}
func RemoveChain(entity Kind, entityName string, name []byte) {
ctx := storage.GetContext()
checkAuthorization(ctx)
entityNameBytes, exists := mapToNumeric(ctx, entity, []byte(entityName))
if !exists {
return
}
key := storageKey(entity, entityNameBytes, name)
storage.Delete(ctx, key)
decTargetRulesCount(ctx, append(numericMapKeyPrefix(entity), entityName...))
}
func RemoveChainsByPrefix(entity Kind, entityName string, name []byte) {
ctx := storage.GetContext()
checkAuthorization(ctx)
entityNameBytes, exists := mapToNumeric(ctx, entity, []byte(entityName))
if !exists {
return
}
key := storageKey(entity, entityNameBytes, name)
it := storage.Find(ctx, key, storage.KeysOnly)
for iterator.Next(it) {
storage.Delete(ctx, iterator.Value(it).([]byte))
decTargetRulesCount(ctx, key)
}
}
// ListChains lists all chains for the namespace by prefix.
// container may be empty.
func ListChains(namespace, container string, name []byte) [][]byte {
result := ListChainsByPrefix(Namespace, namespace, name)
if container != "" {
result = append(result, ListChainsByPrefix(Container, container, name)...)
}
return result
}
// ListChainsByPrefix list all chains for the provided kind and entity by prefix.
func ListChainsByPrefix(entity Kind, entityName string, prefix []byte) [][]byte {
ctx := storage.GetReadOnlyContext()
result := [][]byte{}
entityNameBytes, exists := mapToNumeric(ctx, entity, []byte(entityName))
if !exists {
return result
}
keyPrefix := storageKey(entity, entityNameBytes, prefix)
it := storage.Find(ctx, keyPrefix, storage.ValuesOnly)
for iterator.Next(it) {
result = append(result, iterator.Value(it).([]byte))
}
return result
}
func IteratorChainsByPrefix(entity Kind, entityName string, prefix []byte) iterator.Iterator {
ctx := storage.GetReadOnlyContext()
id, _ := mapToNumeric(ctx, entity, []byte(entityName))
keyPrefix := storageKey(entity, id, prefix)
return storage.Find(ctx, keyPrefix, storage.ValuesOnly)
}
// ListTargets lists targets for which rules are defined by kind.
func ListTargets(entity Kind) [][]byte {
ctx := storage.GetReadOnlyContext()
targetNames := [][]byte{}
keyPrefix := numericMapKeyPrefix(entity)
it := storage.Find(ctx, keyPrefix, storage.KeysOnly)
for iterator.Next(it) {
key := iterator.Value(it).([]byte)
entityName := key[len(keyPrefix):]
if getTargetRulesCount(ctx, key) == 0 {
continue
}
targetNames = append(targetNames, entityName)
}
return targetNames
}
func incTargetRulesCount(ctx storage.Context, key []byte) {
ruleCounterKey := append([]byte(activeRulesCounterKeyPrefix), key...)
counter := storage.Get(ctx, ruleCounterKey)
if counter == nil {
storage.Put(ctx, ruleCounterKey, 1)
} else {
val := counter.(int)
val++
storage.Put(ctx, ruleCounterKey, val)
}
}
func decTargetRulesCount(ctx storage.Context, key []byte) {
ruleCounterKey := append([]byte(activeRulesCounterKeyPrefix), key...)
counter := storage.Get(ctx, ruleCounterKey)
if counter != nil {
val := counter.(int)
if val == 0 {
return
}
val--
storage.Put(ctx, ruleCounterKey, val)
}
}
func getTargetRulesCount(ctx storage.Context, key []byte) int {
ruleCounterKey := append([]byte(activeRulesCounterKeyPrefix), key...)
counter := storage.Get(ctx, ruleCounterKey)
if counter != nil {
return counter.(int)
}
return 0
}