Ref #123: Implement lookup_minimum_permission

Add docs on some of the types, register the index, and implement chain_controller::lookup_minimum_permission.
EOSIO · Aug 2, 2017 · fcd5a0c · fcd5a0c
1 parent 0aac664
commit fcd5a0c
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 7 deletions.
diff --git a/libraries/chain/chain_controller.cpp b/libraries/chain/chain_controller.cpp
@@ -31,6 +31,7 @@
 #include <eos/chain/action_objects.hpp>
 #include <eos/chain/transaction_object.hpp>
 #include <eos/chain/producer_object.hpp>
+#include <eos/chain/permission_link_object.hpp>
 
 #include <eos/chain/wasm_interface.hpp>
 
@@ -533,9 +534,20 @@ const permission_object& chain_controller::lookup_minimum_permission(types::Acco
                                                                     types::AccountName code_account,
                                                                     types::FuncName type) const {
    try {
-#warning TODO: Define messages/contracts/index for users to specify which authority levels correspond to which message types
-      // ... and look up the real minimum permission
-      return _db.get<permission_object, by_owner>(boost::make_tuple(authorizer_account, "active"));
+      // First look up a specific link for this message type
+      auto key = boost::make_tuple(authorizer_account, code_account, type);
+      auto link = _db.find<permission_link_object, by_message_type>(key);
+      // If no specific link found, check for a contract-wide default
+      if (link == nullptr) {
+         get<2>(key) = "";
+         link = _db.find<permission_link_object, by_message_type>(key);
+      }
+
+      // If no specific or default link found, use active permission
+      auto permissionKey = boost::make_tuple<AccountName, PermissionName>(authorizer_account, "active");
+      if (link != nullptr)
+         get<1>(permissionKey) = link->required_permission;
+      return _db.get<permission_object, by_owner>(permissionKey);
    } FC_CAPTURE_AND_RETHROW((authorizer_account)(code_account)(type))
 }
 
@@ -799,6 +811,7 @@ uint32_t chain_controller::last_irreversible_block_num() const {
 void chain_controller::initialize_indexes() {
    _db.add_index<account_index>();
    _db.add_index<permission_index>();
+   _db.add_index<permission_link_index>();
    _db.add_index<action_permission_index>();
    _db.add_index<key_value_index>();
    _db.add_index<key128x128_value_index>();

diff --git a/libraries/chain/include/eos/chain/permission_link_object.hpp b/libraries/chain/include/eos/chain/permission_link_object.hpp
@@ -38,14 +38,26 @@ namespace eos { namespace chain {
     * permission_link_object for his account with "currency" as the code account, "transfer" as the message_type, and
     * "money" as the required_permission. After this, in order to validate, any message to "currency" of type
     * "transfer" that requires joe's approval would require signatures sufficient to satisfy joe's "money" authority.
+    *
+    * Accounts may set links to individual message types, or may set default permission requirements for all messages
+    * to a given contract. To set the default for all messages to a given contract, set @ref message_type to the empty
+    * string. When looking up which permission to use, if a link is found for a particular {account, code,
+    * message_type} triplet, then the required_permission from that link is used. If no such link is found, but a link
+    * is found for {account, code, ""}, then the required_permission from that link is used. If no such link is found,
+    * account's active authority is used.
     */
    class permission_link_object : public chainbase::object<permission_link_object_type, permission_link_object> {
       OBJECT_CTOR(permission_link_object)
 
       id_type        id;
+      /// The account which is defining its permission requirements
       AccountName    account;
+      /// The contract which account requires @ref required_permission to invoke
       AccountName    code;
+      /// The message type which account requires @ref required_permission to invoke
+      /// May be empty; if so, it sets a default @ref required_permission for all messages to @ref code
       FuncName       message_type;
+      /// The permission level which @ref account requires for the specified message types
       PermissionName required_permission;
    };
 

diff --git a/libraries/types/types.eos b/libraries/types/types.eos
@@ -127,7 +127,7 @@ struct DeletePermission
    permission PermissionName
 
 struct requirepermission
-   account     AccountName
-   code        AccountName
-   type        FuncName
-   requirement PermissionName
+   account     AccountName # The account to require permissions for
+   code        AccountName # The contract to require permissions to invoke
+   type        FuncName # The message type to require permissions to invoke (if empty, all message types for contract)
+   requirement PermissionName # The permission name to require