forked from TrueCloudLab/frostfs-node
[#793] adm: Always use committee as FrostFS ID owner
Committee should be able to authorize everything, there are no other usecases for the frostfs-adm currently. Also, it somewhat eases configuration, because committee hash depends on the protocol configuration. Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
This commit is contained in:
parent
f871f5cc6c
commit
c1ec6e33b4
3 changed files with 12 additions and 7 deletions
|
@ -13,8 +13,9 @@ import (
|
|||
// neo-go doesn't support []util.Uint160 type:
|
||||
// https://github.com/nspcc-dev/neo-go/blob/v0.103.0/pkg/smartcontract/parameter.go#L262
|
||||
// Thus, return []smartcontract.Parameter.
|
||||
func getFrostfsIDAuthorizedKeys(v *viper.Viper) ([]smartcontract.Parameter, error) {
|
||||
func getFrostfsIDAuthorizedKeys(v *viper.Viper, defaultOwner util.Uint160) ([]smartcontract.Parameter, error) {
|
||||
var res []smartcontract.Parameter
|
||||
res = append(res, smartcontract.Parameter{Type: smartcontract.Hash160Type, Value: defaultOwner})
|
||||
|
||||
ks := v.GetStringSlice(frostfsIDAuthorizedKeysConfigKey)
|
||||
for i := range ks {
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
|
||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
||||
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
@ -27,19 +28,22 @@ func TestFrostfsIDConfig(t *testing.T) {
|
|||
hex.EncodeToString(pks[3].PublicKey().Bytes()),
|
||||
})
|
||||
|
||||
actual, err := getFrostfsIDAuthorizedKeys(v)
|
||||
comm := util.Uint160{1, 2, 3}
|
||||
actual, err := getFrostfsIDAuthorizedKeys(v, comm)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, len(pks), len(actual))
|
||||
require.Equal(t, len(pks)+1, len(actual))
|
||||
require.Equal(t, smartcontract.Hash160Type, actual[0].Type)
|
||||
require.Equal(t, comm, actual[0].Value)
|
||||
for i := range pks {
|
||||
require.Equal(t, smartcontract.Hash160Type, actual[i].Type)
|
||||
require.Equal(t, pks[i].GetScriptHash(), actual[i].Value)
|
||||
require.Equal(t, smartcontract.Hash160Type, actual[i+1].Type)
|
||||
require.Equal(t, pks[i].GetScriptHash(), actual[i+1].Value)
|
||||
}
|
||||
|
||||
t.Run("bad key", func(t *testing.T) {
|
||||
v := viper.New()
|
||||
v.Set("frostfsid.authorized_keys", []string{"abc"})
|
||||
|
||||
_, err := getFrostfsIDAuthorizedKeys(v)
|
||||
_, err := getFrostfsIDAuthorizedKeys(v, comm)
|
||||
require.Error(t, err)
|
||||
})
|
||||
}
|
||||
|
|
|
@ -538,7 +538,7 @@ func (c *initializeContext) getContractDeployData(ctrName string, keysParam []an
|
|||
nnsCs.Hash,
|
||||
"container")
|
||||
case frostfsIDContract:
|
||||
hs, err := getFrostfsIDAuthorizedKeys(viper.GetViper())
|
||||
hs, err := getFrostfsIDAuthorizedKeys(viper.GetViper(), c.CommitteeAcc.PublicKey().GetScriptHash())
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue