burrow: github.com/hyperledger/burrow/permission Index | Files

package permission

import "github.com/hyperledger/burrow/permission"

Index

Package Files

account_permissions.go base_permissions.go errors.go perm_flag.go permission.pb.go permissions.go snatives.go util.go

Constants

const (
    // Chain permissions.
    // These permissions grant the ability for accounts to perform certain transition within the execution package
    // Root is a reserved permission currently unused that may be used in the future to grant super-user privileges
    // for instance to a governance contract
    Root PermFlag = 1 << iota // 1
    // Send permits an account to issue a SendTx to transfer value from one account to another. Note that value can
    // still be transferred with a CallTx by specifying an Amount in the InputTx. Funding an account is the basic
    // prerequisite for an account to act in the system so is often used as a surrogate for 'account creation' when
    // sending to a unknown account - in order for this to be permitted the input account needs the CreateAccount
    // permission in addition.
    Send // 2
    // Call permits and account to issue a CallTx, which can be used to call (run) the code of an existing
    // account/contract (these are synonymous in Burrow/EVM). A CallTx can be used to create an account if it points to
    // a nil address - in order for an account to be permitted to do this the input (calling) account needs the
    // CreateContract permission in addition.
    Call // 4
    // CreateContract permits the input account of a CallTx to create a new contract/account when CallTx.Address is nil
    // and permits an executing contract in the EVM to create a new contract programmatically.
    CreateContract // 8
    // CreateAccount permits an input account of a SendTx to add value to non-existing (unfunded) accounts
    CreateAccount // 16
    // Bond is a reserved permission for making changes to the validator set - currently unused
    Bond // 32
    // Name permits manipulation of the name registry by allowing an account to issue a NameTx
    Name // 64
    // Propose permits creating proposals and voting for them
    Proposal // 128
    // Input allows account to sign transactions
    Input // 256
    // Permission to execute batch transactins
    Batch // 512
    // Allows account to associate new blockchain nodes
    Identify // 1028

    // Moderator permissions.
    // These permissions concern the alteration of the chain permissions listed above. Each permission relates to a
    // particular canonical permission mutation or query function. When an account is granted a moderation permission
    // it is permitted to call that function. See contract.go for a marked-up description of what each function does.
    HasBase
    SetBase
    UnsetBase
    SetGlobal
    HasRole
    AddRole
    RemoveRole

    NumPermissions uint = 18 // NOTE Adjust this too. We can support upto 64

    // To allow an operation with no permission flags set at all
    None PermFlag = 0

    TopPermFlag      PermFlag = 1 << (NumPermissions - 1)
    AllPermFlags     PermFlag = TopPermFlag | (TopPermFlag - 1)
    DefaultPermFlags PermFlag = Send | Call | CreateContract | CreateAccount | Bond | Name | HasBase | HasRole | Proposal | Input | Batch

    // Chain permissions strings
    RootString           = "root"
    SendString           = "send"
    CallString           = "call"
    CreateContractString = "createContract"
    CreateAccountString  = "createAccount"
    BondString           = "bond"
    IdentifyString       = "identify"
    NameString           = "name"
    ProposalString       = "proposal"
    InputString          = "input"
    BatchString          = "batch"

    // Moderator permissions strings
    HasBaseString    = "hasBase"
    SetBaseString    = "setBase"
    UnsetBaseString  = "unsetBase"
    SetGlobalString  = "setGlobal"
    HasRoleString    = "hasRole"
    AddRoleString    = "addRole"
    RemoveRoleString = "removeRole"
    UnknownString    = "#-UNKNOWN-#"

    AllString = "all"
)

Base permission references are like unix (the index is already bit shifted)

Variables

var (
    ErrInvalidLengthPermission        = fmt.Errorf("proto: negative length found during unmarshaling")
    ErrIntOverflowPermission          = fmt.Errorf("proto: integer overflow")
    ErrUnexpectedEndOfGroupPermission = fmt.Errorf("proto: unexpected end of group")
)
var (
    ZeroBasePermissions = BasePermissions{
        Perms:  0,
        SetBit: 0,
    }
    ZeroAccountPermissions = AccountPermissions{
        Base: ZeroBasePermissions,
    }
    DefaultAccountPermissions = AccountPermissions{
        Base: BasePermissions{
            Perms:  DefaultPermFlags,
            SetBit: AllPermFlags,
        },
        Roles: []string{},
    }
    AllAccountPermissions = AccountPermissions{
        Base: BasePermissions{
            Perms:  AllPermFlags,
            SetBit: AllPermFlags,
        },
        Roles: []string{},
    }
)

func BasePermissionsString Uses

func BasePermissionsString(basePermissions BasePermissions) string

Generates a human readable string from the resultant permissions of basePermission

func BasePermissionsToStringList Uses

func BasePermissionsToStringList(basePermissions BasePermissions) []string

Builds a list of set permissions from a BasePermission by creating a list of permissions strings from the resultant permissions of basePermissions

func PermFlagToStringList Uses

func PermFlagToStringList(permFlag PermFlag) []string

Creates a list of individual permission flag strings from a possibly composite PermFlag by projecting out each bit and adding its permission string if it is set

func String Uses

func String(permFlag PermFlag) string

type AccountPermissions Uses

type AccountPermissions struct {
    Base             BasePermissions `protobuf:"bytes,1,opt,name=Base" json:"Base"`
    Roles            []string        `protobuf:"bytes,2,rep,name=Roles" json:"Roles,omitempty"`
    XXX_unrecognized []byte          `json:"-"`
}

func ConvertPermissionsMapAndRolesToAccountPermissions Uses

func ConvertPermissionsMapAndRolesToAccountPermissions(permissions map[string]bool,
    roles []string) (*AccountPermissions, error)

ConvertMapStringIntToPermissions converts a map of string-bool pairs and a slice of strings for the roles to an AccountPermissions type. If the value in the permissions map is true for a particular permission string then the permission will be set in the AccountsPermissions. For all unmentioned permissions the ZeroBasePermissions is defaulted to.

func NewAccountPermissions Uses

func NewAccountPermissions(pss ...PermFlag) AccountPermissions

func (*AccountPermissions) AddRole Uses

func (ap *AccountPermissions) AddRole(role string) bool

Returns true if the role is added, and false if it already exists

func (*AccountPermissions) Clone Uses

func (ap *AccountPermissions) Clone() AccountPermissions

Clone clones the account permissions

func (*AccountPermissions) Descriptor Uses

func (*AccountPermissions) Descriptor() ([]byte, []int)

func (*AccountPermissions) GetBase Uses

func (m *AccountPermissions) GetBase() BasePermissions

func (*AccountPermissions) GetRoles Uses

func (m *AccountPermissions) GetRoles() []string

func (AccountPermissions) HasRole Uses

func (ap AccountPermissions) HasRole(role string) bool

Returns true if the role is found

func (*AccountPermissions) Marshal Uses

func (m *AccountPermissions) Marshal() (dAtA []byte, err error)

func (*AccountPermissions) MarshalTo Uses

func (m *AccountPermissions) MarshalTo(dAtA []byte) (int, error)

func (*AccountPermissions) MarshalToSizedBuffer Uses

func (m *AccountPermissions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccountPermissions) ProtoMessage Uses

func (*AccountPermissions) ProtoMessage()

func (*AccountPermissions) RemoveRole Uses

func (ap *AccountPermissions) RemoveRole(role string) bool

Returns true if the role is removed, and false if it is not found

func (*AccountPermissions) Reset Uses

func (m *AccountPermissions) Reset()

func (*AccountPermissions) Size Uses

func (m *AccountPermissions) Size() (n int)

func (*AccountPermissions) String Uses

func (m *AccountPermissions) String() string

func (*AccountPermissions) Unmarshal Uses

func (m *AccountPermissions) Unmarshal(dAtA []byte) error

func (*AccountPermissions) XXX_DiscardUnknown Uses

func (m *AccountPermissions) XXX_DiscardUnknown()

func (*AccountPermissions) XXX_Marshal Uses

func (m *AccountPermissions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccountPermissions) XXX_Merge Uses

func (m *AccountPermissions) XXX_Merge(src proto.Message)

func (*AccountPermissions) XXX_MessageName Uses

func (*AccountPermissions) XXX_MessageName() string

func (*AccountPermissions) XXX_Size Uses

func (m *AccountPermissions) XXX_Size() int

func (*AccountPermissions) XXX_Unmarshal Uses

func (m *AccountPermissions) XXX_Unmarshal(b []byte) error

type BasePermissions Uses

type BasePermissions struct {
    Perms            PermFlag `protobuf:"varint,1,opt,name=Perms,casttype=PermFlag" json:"Perms"`
    SetBit           PermFlag `protobuf:"varint,2,opt,name=SetBit,casttype=PermFlag" json:"SetBit"`
    XXX_unrecognized []byte   `json:"-"`
}

func BasePermissionsFromStringList Uses

func BasePermissionsFromStringList(permissions []string) (BasePermissions, error)

Builds a composite BasePermission by creating a PermFlag from permissions strings and setting them all

func (BasePermissions) Compose Uses

func (bp BasePermissions) Compose(bpFallthrough BasePermissions) BasePermissions

Returns a BasePermission that matches any permissions set on this BasePermission and falls through to any permissions set on the bpFallthrough

func (*BasePermissions) Descriptor Uses

func (*BasePermissions) Descriptor() ([]byte, []int)

func (BasePermissions) Get Uses

func (bp BasePermissions) Get(ty PermFlag) (bool, error)

Gets the permission value. ErrValueNotSet is returned if the permission's set bits are not all on, and should be caught by caller so the global permission can be fetched

func (*BasePermissions) GetPerms Uses

func (m *BasePermissions) GetPerms() PermFlag

func (*BasePermissions) GetSetBit Uses

func (m *BasePermissions) GetSetBit() PermFlag

func (BasePermissions) IsSet Uses

func (bp BasePermissions) IsSet(ty PermFlag) bool

Check if the permission is set

func (*BasePermissions) Marshal Uses

func (m *BasePermissions) Marshal() (dAtA []byte, err error)

func (*BasePermissions) MarshalTo Uses

func (m *BasePermissions) MarshalTo(dAtA []byte) (int, error)

func (*BasePermissions) MarshalToSizedBuffer Uses

func (m *BasePermissions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*BasePermissions) ProtoMessage Uses

func (*BasePermissions) ProtoMessage()

func (*BasePermissions) Reset Uses

func (m *BasePermissions) Reset()

func (BasePermissions) ResultantPerms Uses

func (bp BasePermissions) ResultantPerms() PermFlag

Returns the Perms PermFlag masked with SetBit bit field to give the resultant permissions enabled by this BasePermissions

func (*BasePermissions) Set Uses

func (bp *BasePermissions) Set(ty PermFlag, value bool) error

Set a permission bit. Will set the permission's set bit to true.

func (*BasePermissions) Size Uses

func (m *BasePermissions) Size() (n int)

func (BasePermissions) String Uses

func (bp BasePermissions) String() string

func (*BasePermissions) Unmarshal Uses

func (m *BasePermissions) Unmarshal(dAtA []byte) error

func (*BasePermissions) Unset Uses

func (bp *BasePermissions) Unset(ty PermFlag) error

Set the permission's set bits to false

func (*BasePermissions) XXX_DiscardUnknown Uses

func (m *BasePermissions) XXX_DiscardUnknown()

func (*BasePermissions) XXX_Marshal Uses

func (m *BasePermissions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*BasePermissions) XXX_Merge Uses

func (m *BasePermissions) XXX_Merge(src proto.Message)

func (*BasePermissions) XXX_MessageName Uses

func (*BasePermissions) XXX_MessageName() string

func (*BasePermissions) XXX_Size Uses

func (m *BasePermissions) XXX_Size() int

func (*BasePermissions) XXX_Unmarshal Uses

func (m *BasePermissions) XXX_Unmarshal(b []byte) error

type ErrInvalidPermission Uses

type ErrInvalidPermission PermFlag

func (ErrInvalidPermission) Error Uses

func (e ErrInvalidPermission) Error() string

type ErrValueNotSet Uses

type ErrValueNotSet PermFlag

set=false. This error should be caught and the global value fetched for the permission by the caller

func (ErrValueNotSet) Error Uses

func (e ErrValueNotSet) Error() string

type PermArgs Uses

type PermArgs struct {
    // The permission function
    Action PermFlag `protobuf:"varint,1,opt,name=Action,casttype=PermFlag" json:"Action"`
    // The target of the action
    Target *github_com_hyperledger_burrow_crypto.Address `protobuf:"bytes,2,opt,name=Target,customtype=github.com/hyperledger/burrow/crypto.Address" json:"Target,omitempty"`
    // Possible arguments
    Permission           *PermFlag `protobuf:"varint,3,opt,name=Permission,casttype=PermFlag" json:"Permission,omitempty"`
    Role                 *string   `protobuf:"bytes,4,opt,name=Role" json:"Role,omitempty"`
    Value                *bool     `protobuf:"varint,5,opt,name=Value" json:"Value,omitempty"`
    XXX_NoUnkeyedLiteral struct{}  `json:"-"`
    XXX_sizecache        int32     `json:"-"`
}

func AddRoleArgs Uses

func AddRoleArgs(address crypto.Address, role string) PermArgs

func HasBaseArgs Uses

func HasBaseArgs(address crypto.Address, permFlag PermFlag) PermArgs

func HasRoleArgs Uses

func HasRoleArgs(address crypto.Address, role string) PermArgs

func RemoveRoleArgs Uses

func RemoveRoleArgs(address crypto.Address, role string) PermArgs

func SetBaseArgs Uses

func SetBaseArgs(address crypto.Address, permFlag PermFlag, value bool) PermArgs

func SetGlobalArgs Uses

func SetGlobalArgs(permFlag PermFlag, value bool) PermArgs

func UnsetBaseArgs Uses

func UnsetBaseArgs(address crypto.Address, permFlag PermFlag) PermArgs

func (*PermArgs) Descriptor Uses

func (*PermArgs) Descriptor() ([]byte, []int)

func (PermArgs) EnsureValid Uses

func (pa PermArgs) EnsureValid() error

func (*PermArgs) GetAction Uses

func (m *PermArgs) GetAction() PermFlag

func (*PermArgs) GetPermission Uses

func (m *PermArgs) GetPermission() PermFlag

func (*PermArgs) GetRole Uses

func (m *PermArgs) GetRole() string

func (*PermArgs) GetValue Uses

func (m *PermArgs) GetValue() bool

func (*PermArgs) Marshal Uses

func (m *PermArgs) Marshal() (dAtA []byte, err error)

func (*PermArgs) MarshalTo Uses

func (m *PermArgs) MarshalTo(dAtA []byte) (int, error)

func (*PermArgs) MarshalToSizedBuffer Uses

func (m *PermArgs) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PermArgs) ProtoMessage Uses

func (*PermArgs) ProtoMessage()

func (*PermArgs) Reset Uses

func (m *PermArgs) Reset()

func (*PermArgs) Size Uses

func (m *PermArgs) Size() (n int)

func (PermArgs) String Uses

func (pa PermArgs) String() string

func (*PermArgs) Unmarshal Uses

func (m *PermArgs) Unmarshal(dAtA []byte) error

func (*PermArgs) XXX_DiscardUnknown Uses

func (m *PermArgs) XXX_DiscardUnknown()

func (*PermArgs) XXX_Marshal Uses

func (m *PermArgs) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PermArgs) XXX_Merge Uses

func (m *PermArgs) XXX_Merge(src proto.Message)

func (*PermArgs) XXX_MessageName Uses

func (*PermArgs) XXX_MessageName() string

func (*PermArgs) XXX_Size Uses

func (m *PermArgs) XXX_Size() int

func (*PermArgs) XXX_Unmarshal Uses

func (m *PermArgs) XXX_Unmarshal(b []byte) error

type PermFlag Uses

type PermFlag uint64

A particular permission

func PermFlagFromStringList Uses

func PermFlagFromStringList(permissions []string) (PermFlag, error)

Builds a composite PermFlag by mapping each permission string in permissions to its flag and composing them with binary or

func PermStringToFlag Uses

func PermStringToFlag(perm string) (PermFlag, error)

PermStringToFlag maps camel- and snake case strings to the the corresponding permission flag.

func (PermFlag) IsValid Uses

func (pf PermFlag) IsValid() bool

Checks if a permission flag is valid (a known base chain or native contract permission)

func (PermFlag) MarshalText Uses

func (pf PermFlag) MarshalText() ([]byte, error)

func (PermFlag) String Uses

func (pf PermFlag) String() string

Returns the string name of a single bit non-composite PermFlag, or otherwise UnknownString See BasePermissionsToStringList to generate a string representation of a composite PermFlag

func (*PermFlag) UnmarshalText Uses

func (pf *PermFlag) UnmarshalText(s []byte) (err error)

Package permission imports 10 packages (graph) and is imported by 61 packages. Updated 2020-05-03. Refresh now. Tools for package owners.