frostfs-contract/policy/policy_contract.go

148 lines
3.5 KiB
Go
Raw Normal View History

package policy
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
)
// Kind represents the object the chain is attached to.
// Currently only namespace and container are supported.
type Kind byte
const (
Namespace = 'n'
Container = 'c'
IAM = 'i'
)
const (
ownerKeyPrefix = 'o'
)
const (
// ErrNotAutorized is returned when the none of the transaction signers
// belongs to the list of autorized keys.
ErrNotAutorized = "none of the signers is not autorized to change the contract"
)
// _deploy function sets up initial list of inner ring public keys.
func _deploy(data any, isUpdate bool) {
if isUpdate {
return
}
args := data.(struct {
Admin interop.Hash160
})
ctx := storage.GetContext()
if args.Admin != nil {
if len(args.Admin) != 20 {
panic("invaliad admin hash length")
}
storage.Put(ctx, []byte{ownerKeyPrefix}, args.Admin)
}
}
func checkAuthorization(ctx storage.Context) {
admin := getAdmin(ctx)
if admin != nil && runtime.CheckWitness(admin) {
return
}
if runtime.CheckWitness(common.AlphabetAddress()) {
return
}
panic(ErrNotAutorized)
}
func SetAdmin(addr interop.Hash160) {
common.CheckAlphabetWitness()
ctx := storage.GetContext()
storage.Put(ctx, []byte{ownerKeyPrefix}, addr)
}
func GetAdmin() interop.Hash160 {
ctx := storage.GetReadOnlyContext()
return getAdmin(ctx)
}
func getAdmin(ctx storage.Context) interop.Hash160 {
return storage.Get(ctx, []byte{ownerKeyPrefix}).(interop.Hash160)
}
func storageKey(prefix Kind, entityName, name string) []byte {
ln := len(entityName)
key := append([]byte{byte(prefix)}, byte(ln&0xFF), byte(ln>>8))
key = append(key, entityName...)
return append(key, name...)
}
func AddChain(entity Kind, entityName, name string, chain []byte) {
ctx := storage.GetContext()
checkAuthorization(ctx)
key := storageKey(entity, entityName, name)
storage.Put(ctx, key, chain)
}
func GetChain(entity Kind, entityName, name string) []byte {
ctx := storage.GetReadOnlyContext()
key := storageKey(entity, entityName, name)
data := storage.Get(ctx, key).([]byte)
if data == nil {
panic("not found")
}
return data
}
func RemoveChain(entity Kind, entityName string, name string) {
ctx := storage.GetContext()
checkAuthorization(ctx)
key := storageKey(entity, entityName, name)
storage.Delete(ctx, key)
}
func RemoveChainsByPrefix(entity Kind, entityName string, name string) {
ctx := storage.GetContext()
checkAuthorization(ctx)
key := storageKey(entity, entityName, name)
it := storage.Find(ctx, key, storage.KeysOnly)
for iterator.Next(it) {
storage.Delete(ctx, iterator.Value(it).([]byte))
}
}
// ListChains lists all chains for the namespace by prefix.
// container may be empty.
func ListChains(namespace, container, name string) [][]byte {
result := ListChainsByPrefix(Namespace, namespace, name)
if container != "" {
result = append(result, ListChainsByPrefix(Container, container, name)...)
}
return result
}
// ListChainsByPrefix list all chains for the provided kind and entity by prefix.
func ListChainsByPrefix(entity Kind, entityName, prefix string) [][]byte {
ctx := storage.GetReadOnlyContext()
result := [][]byte{}
keyPrefix := storageKey(entity, entityName, prefix)
it := storage.Find(ctx, keyPrefix, storage.ValuesOnly)
for iterator.Next(it) {
result = append(result, iterator.Value(it).([]byte))
}
return result
}