Documentation

Index

Constants

View Source
const (
	// Chain permissions.
	// These permissions grant the ability for accounts to perform certain transition within the execution package
	// Root is a reserved permission currently unused that may be used in the future to grant super-user privileges
	// for instance to a governance contract
	Root PermFlag = 1 << iota // 1
	// Send permits an account to issue a SendTx to transfer value from one account to another. Note that value can
	// still be transferred with a CallTx by specifying an Amount in the InputTx. Funding an account is the basic
	// prerequisite for an account to act in the system so is often used as a surrogate for 'account creation' when
	// sending to a unknown account - in order for this to be permitted the input account needs the CreateAccount
	// permission in addition.
	Send // 2
	// Call permits and account to issue a CallTx, which can be used to call (run) the code of an existing
	// account/contract (these are synonymous in Burrow/EVM). A CallTx can be used to create an account if it points to
	// a nil address - in order for an account to be permitted to do this the input (calling) account needs the
	// CreateContract permission in addition.
	Call // 4
	// CreateContract permits the input account of a CallTx to create a new contract/account when CallTx.Address is nil
	// and permits an executing contract in the EVM to create a new contract programmatically.
	CreateContract // 8
	// CreateAccount permits an input account of a SendTx to add value to non-existing (unfunded) accounts
	CreateAccount // 16
	// Bond is a reserved permission for making changes to the validator set - currently unused
	Bond // 32
	// Name permits manipulation of the name registry by allowing an account to issue a NameTx
	Name // 64
	// Propose permits creating proposals and voting for them
	Proposal // 128
	// Input allows account to sign transactions
	Input // 256
	// Permission to execute batch transactins
	Batch // 512
	// Allows account to associate new blockchain nodes
	Identify // 1028

	// Moderator permissions.
	// These permissions concern the alteration of the chain permissions listed above. Each permission relates to a
	// particular canonical permission mutation or query function. When an account is granted a moderation permission
	// it is permitted to call that function. See contract.go for a marked-up description of what each function does.
	HasBase
	SetBase
	UnsetBase
	SetGlobal
	HasRole
	AddRole
	RemoveRole

	NumPermissions uint = 18 // NOTE Adjust this too. We can support upto 64

	// To allow an operation with no permission flags set at all
	None PermFlag = 0

	TopPermFlag      PermFlag = 1 << (NumPermissions - 1)
	AllPermFlags     PermFlag = TopPermFlag | (TopPermFlag - 1)
	DefaultPermFlags PermFlag = Send | Call | CreateContract | CreateAccount | Bond | Name | HasBase | HasRole | Proposal | Input | Batch

	// Chain permissions strings
	RootString           = "root"
	SendString           = "send"
	CallString           = "call"
	CreateContractString = "createContract"
	CreateAccountString  = "createAccount"
	BondString           = "bond"
	IdentifyString       = "identify"
	NameString           = "name"
	ProposalString       = "proposal"
	InputString          = "input"
	BatchString          = "batch"

	// Moderator permissions strings
	HasBaseString    = "hasBase"
	SetBaseString    = "setBase"
	UnsetBaseString  = "unsetBase"
	SetGlobalString  = "setGlobal"
	HasRoleString    = "hasRole"
	AddRoleString    = "addRole"
	RemoveRoleString = "removeRole"
	UnknownString    = "#-UNKNOWN-#"

	AllString = "all"
)

Base permission references are like unix (the index is already bit shifted)

Variables

View Source
var (
	ErrInvalidLengthPermission        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowPermission          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupPermission = fmt.Errorf("proto: unexpected end of group")
)
View Source
var (
	ZeroBasePermissions = BasePermissions{
		Perms:  0,
		SetBit: 0,
	}
	ZeroAccountPermissions = AccountPermissions{
		Base: ZeroBasePermissions,
	}
	DefaultAccountPermissions = AccountPermissions{
		Base: BasePermissions{
			Perms:  DefaultPermFlags,
			SetBit: AllPermFlags,
		},
		Roles: []string{},
	}
	AllAccountPermissions = AccountPermissions{
		Base: BasePermissions{
			Perms:  AllPermFlags,
			SetBit: AllPermFlags,
		},
		Roles: []string{},
	}
)

Functions

func BasePermissionsString

func BasePermissionsString(basePermissions BasePermissions) string

Generates a human readable string from the resultant permissions of basePermission

func BasePermissionsToStringList

func BasePermissionsToStringList(basePermissions BasePermissions) []string

Builds a list of set permissions from a BasePermission by creating a list of permissions strings from the resultant permissions of basePermissions

func PermFlagToStringList

func PermFlagToStringList(permFlag PermFlag) []string

Creates a list of individual permission flag strings from a possibly composite PermFlag by projecting out each bit and adding its permission string if it is set

func String

func String(permFlag PermFlag) string

Types

type AccountPermissions

type AccountPermissions struct {
	Base             BasePermissions `protobuf:"bytes,1,opt,name=Base" json:"Base"`
	Roles            []string        `protobuf:"bytes,2,rep,name=Roles" json:"Roles,omitempty"`
	XXX_unrecognized []byte          `json:"-"`
}

func ConvertPermissionsMapAndRolesToAccountPermissions

func ConvertPermissionsMapAndRolesToAccountPermissions(permissions map[string]bool,
	roles []string) (*AccountPermissions, error)

ConvertMapStringIntToPermissions converts a map of string-bool pairs and a slice of strings for the roles to an AccountPermissions type. If the value in the permissions map is true for a particular permission string then the permission will be set in the AccountsPermissions. For all unmentioned permissions the ZeroBasePermissions is defaulted to.

func NewAccountPermissions

func NewAccountPermissions(pss ...PermFlag) AccountPermissions

func (*AccountPermissions) AddRole

func (ap *AccountPermissions) AddRole(role string) bool

Returns true if the role is added, and false if it already exists

func (*AccountPermissions) Clone

Clone clones the account permissions

func (*AccountPermissions) Descriptor

func (*AccountPermissions) Descriptor() ([]byte, []int)

func (*AccountPermissions) GetBase

func (m *AccountPermissions) GetBase() BasePermissions

func (*AccountPermissions) GetRoles

func (m *AccountPermissions) GetRoles() []string

func (AccountPermissions) HasRole

func (ap AccountPermissions) HasRole(role string) bool

Returns true if the role is found

func (*AccountPermissions) Marshal

func (m *AccountPermissions) Marshal() (dAtA []byte, err error)

func (*AccountPermissions) MarshalTo

func (m *AccountPermissions) MarshalTo(dAtA []byte) (int, error)

func (*AccountPermissions) MarshalToSizedBuffer

func (m *AccountPermissions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccountPermissions) ProtoMessage

func (*AccountPermissions) ProtoMessage()

func (*AccountPermissions) RemoveRole

func (ap *AccountPermissions) RemoveRole(role string) bool

Returns true if the role is removed, and false if it is not found

func (*AccountPermissions) Reset

func (m *AccountPermissions) Reset()

func (*AccountPermissions) Size

func (m *AccountPermissions) Size() (n int)

func (*AccountPermissions) String

func (m *AccountPermissions) String() string

func (*AccountPermissions) Unmarshal

func (m *AccountPermissions) Unmarshal(dAtA []byte) error

func (*AccountPermissions) XXX_DiscardUnknown

func (m *AccountPermissions) XXX_DiscardUnknown()

func (*AccountPermissions) XXX_Marshal

func (m *AccountPermissions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccountPermissions) XXX_Merge

func (m *AccountPermissions) XXX_Merge(src proto.Message)

func (*AccountPermissions) XXX_MessageName

func (*AccountPermissions) XXX_MessageName() string

func (*AccountPermissions) XXX_Size

func (m *AccountPermissions) XXX_Size() int

func (*AccountPermissions) XXX_Unmarshal

func (m *AccountPermissions) XXX_Unmarshal(b []byte) error

type BasePermissions

type BasePermissions struct {
	Perms            PermFlag `protobuf:"varint,1,opt,name=Perms,casttype=PermFlag" json:"Perms"`
	SetBit           PermFlag `protobuf:"varint,2,opt,name=SetBit,casttype=PermFlag" json:"SetBit"`
	XXX_unrecognized []byte   `json:"-"`
}

func BasePermissionsFromStringList

func BasePermissionsFromStringList(permissions []string) (BasePermissions, error)

Builds a composite BasePermission by creating a PermFlag from permissions strings and setting them all

func (BasePermissions) Compose

func (bp BasePermissions) Compose(bpFallthrough BasePermissions) BasePermissions

Returns a BasePermission that matches any permissions set on this BasePermission and falls through to any permissions set on the bpFallthrough

func (*BasePermissions) Descriptor

func (*BasePermissions) Descriptor() ([]byte, []int)

func (BasePermissions) Get

func (bp BasePermissions) Get(ty PermFlag) (bool, error)

Gets the permission value. ErrValueNotSet is returned if the permission's set bits are not all on, and should be caught by caller so the global permission can be fetched

func (*BasePermissions) GetPerms

func (m *BasePermissions) GetPerms() PermFlag

func (*BasePermissions) GetSetBit

func (m *BasePermissions) GetSetBit() PermFlag

func (BasePermissions) IsSet

func (bp BasePermissions) IsSet(ty PermFlag) bool

Check if the permission is set

func (*BasePermissions) Marshal

func (m *BasePermissions) Marshal() (dAtA []byte, err error)

func (*BasePermissions) MarshalTo

func (m *BasePermissions) MarshalTo(dAtA []byte) (int, error)

func (*BasePermissions) MarshalToSizedBuffer

func (m *BasePermissions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*BasePermissions) ProtoMessage

func (*BasePermissions) ProtoMessage()

func (*BasePermissions) Reset

func (m *BasePermissions) Reset()

func (BasePermissions) ResultantPerms

func (bp BasePermissions) ResultantPerms() PermFlag

Returns the Perms PermFlag masked with SetBit bit field to give the resultant permissions enabled by this BasePermissions

func (*BasePermissions) Set

func (bp *BasePermissions) Set(ty PermFlag, value bool) error

Set a permission bit. Will set the permission's set bit to true.

func (*BasePermissions) Size

func (m *BasePermissions) Size() (n int)

func (BasePermissions) String

func (bp BasePermissions) String() string

func (*BasePermissions) Unmarshal

func (m *BasePermissions) Unmarshal(dAtA []byte) error

func (*BasePermissions) Unset

func (bp *BasePermissions) Unset(ty PermFlag) error

Set the permission's set bits to false

func (*BasePermissions) XXX_DiscardUnknown

func (m *BasePermissions) XXX_DiscardUnknown()

func (*BasePermissions) XXX_Marshal

func (m *BasePermissions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*BasePermissions) XXX_Merge

func (m *BasePermissions) XXX_Merge(src proto.Message)

func (*BasePermissions) XXX_MessageName

func (*BasePermissions) XXX_MessageName() string

func (*BasePermissions) XXX_Size

func (m *BasePermissions) XXX_Size() int

func (*BasePermissions) XXX_Unmarshal

func (m *BasePermissions) XXX_Unmarshal(b []byte) error

type ErrInvalidPermission

type ErrInvalidPermission PermFlag

func (ErrInvalidPermission) Error

func (e ErrInvalidPermission) Error() string

type ErrValueNotSet

type ErrValueNotSet PermFlag

set=false. This error should be caught and the global value fetched for the permission by the caller

func (ErrValueNotSet) Error

func (e ErrValueNotSet) Error() string

type PermArgs

type PermArgs struct {
	// The permission function
	Action PermFlag `protobuf:"varint,1,opt,name=Action,casttype=PermFlag" json:"Action"`
	// The target of the action
	Target *github_com_hyperledger_burrow_crypto.Address `protobuf:"bytes,2,opt,name=Target,customtype=github.com/hyperledger/burrow/crypto.Address" json:"Target,omitempty"`
	// Possible arguments
	Permission           *PermFlag `protobuf:"varint,3,opt,name=Permission,casttype=PermFlag" json:"Permission,omitempty"`
	Role                 *string   `protobuf:"bytes,4,opt,name=Role" json:"Role,omitempty"`
	Value                *bool     `protobuf:"varint,5,opt,name=Value" json:"Value,omitempty"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

func AddRoleArgs

func AddRoleArgs(address crypto.Address, role string) PermArgs

func HasBaseArgs

func HasBaseArgs(address crypto.Address, permFlag PermFlag) PermArgs

func HasRoleArgs

func HasRoleArgs(address crypto.Address, role string) PermArgs

func RemoveRoleArgs

func RemoveRoleArgs(address crypto.Address, role string) PermArgs

func SetBaseArgs

func SetBaseArgs(address crypto.Address, permFlag PermFlag, value bool) PermArgs

func SetGlobalArgs

func SetGlobalArgs(permFlag PermFlag, value bool) PermArgs

func UnsetBaseArgs

func UnsetBaseArgs(address crypto.Address, permFlag PermFlag) PermArgs

func (*PermArgs) Descriptor

func (*PermArgs) Descriptor() ([]byte, []int)

func (PermArgs) EnsureValid

func (pa PermArgs) EnsureValid() error

func (*PermArgs) GetAction

func (m *PermArgs) GetAction() PermFlag

func (*PermArgs) GetPermission

func (m *PermArgs) GetPermission() PermFlag

func (*PermArgs) GetRole

func (m *PermArgs) GetRole() string

func (*PermArgs) GetValue

func (m *PermArgs) GetValue() bool

func (*PermArgs) Marshal

func (m *PermArgs) Marshal() (dAtA []byte, err error)

func (*PermArgs) MarshalTo

func (m *PermArgs) MarshalTo(dAtA []byte) (int, error)

func (*PermArgs) MarshalToSizedBuffer

func (m *PermArgs) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PermArgs) ProtoMessage

func (*PermArgs) ProtoMessage()

func (*PermArgs) Reset

func (m *PermArgs) Reset()

func (*PermArgs) Size

func (m *PermArgs) Size() (n int)

func (PermArgs) String

func (pa PermArgs) String() string

func (*PermArgs) Unmarshal

func (m *PermArgs) Unmarshal(dAtA []byte) error

func (*PermArgs) XXX_DiscardUnknown

func (m *PermArgs) XXX_DiscardUnknown()

func (*PermArgs) XXX_Marshal

func (m *PermArgs) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PermArgs) XXX_Merge

func (m *PermArgs) XXX_Merge(src proto.Message)

func (*PermArgs) XXX_MessageName

func (*PermArgs) XXX_MessageName() string

func (*PermArgs) XXX_Size

func (m *PermArgs) XXX_Size() int

func (*PermArgs) XXX_Unmarshal

func (m *PermArgs) XXX_Unmarshal(b []byte) error

type PermFlag

type PermFlag uint64

A particular permission

func PermFlagFromStringList

func PermFlagFromStringList(permissions []string) (PermFlag, error)

Builds a composite PermFlag by mapping each permission string in permissions to its flag and composing them with binary or

func PermStringToFlag

func PermStringToFlag(perm string) (PermFlag, error)

PermStringToFlag maps camel- and snake case strings to the the corresponding permission flag.

func (PermFlag) IsValid

func (pf PermFlag) IsValid() bool

Checks if a permission flag is valid (a known base chain or native contract permission)

func (PermFlag) MarshalText

func (pf PermFlag) MarshalText() ([]byte, error)

func (PermFlag) String

func (pf PermFlag) String() string

Returns the string name of a single bit non-composite PermFlag, or otherwise UnknownString See BasePermissionsToStringList to generate a string representation of a composite PermFlag

func (*PermFlag) UnmarshalText

func (pf *PermFlag) UnmarshalText(s []byte) (err error)