public Task <PermissionSet> GetPermissions(IReadOnlyList <SignatureEvidence> authentication, LedgerPath path, bool recursiveOnly, string recordName)
        {
            HashSet <string> identities = new HashSet <string>(authentication.Select(evidence => keyEncoder.GetPubKeyHash(evidence.PublicKey)), StringComparer.Ordinal);
            LedgerPath       pathRecordName;

            // If the path is root and the record name is a tird-party asset owned by the current identity,
            // arbitrary modification of the balance is allowed
            if (LedgerPath.TryParse(recordName, out pathRecordName) &&
                thirdPartyAssetPath.IsStrictParentOf(pathRecordName) &&
                path.Segments.Count == 0 &&
                identities.Contains(pathRecordName.Segments[thirdPartyAssetPath.Segments.Count]))
            {
                return(Task.FromResult(new PermissionSet(accountNegative: Access.Permit)));
            }

            // Account /asset/p2pkh/[addr]/
            if (thirdPartyAssetPath.IsStrictParentOf(path) &&
                path.Segments.Count == thirdPartyAssetPath.Segments.Count + 1 &&
                keyEncoder.IsP2pkh(path.Segments[path.Segments.Count - 1]))
            {
                Access ownAccount = identities.Contains(path.Segments[path.Segments.Count - 1]) && recordName != DynamicPermissionLayout.AclResourceName
                    ? Access.Permit : Access.Unset;

                return(Task.FromResult(new PermissionSet(
                                           accountModify: Access.Permit,
                                           accountCreate: Access.Permit,
                                           accountSpend: ownAccount,
                                           dataModify: ownAccount)));
            }
            else
            {
                return(Task.FromResult(new PermissionSet()));
            }
        }
Beispiel #2
0
        public void IsStrictParentOf_Success()
        {
            LedgerPath parent = LedgerPath.Parse("/the/parent/");

            Assert.True(parent.IsStrictParentOf(LedgerPath.Parse("/the/parent/child/")));
            Assert.True(parent.IsStrictParentOf(LedgerPath.Parse("/the/parent/child/child/")));
            Assert.False(parent.IsStrictParentOf(LedgerPath.Parse("/the/parent/")));
            Assert.False(parent.IsStrictParentOf(LedgerPath.Parse("/the/")));
            Assert.False(parent.IsStrictParentOf(LedgerPath.Parse("/not/related/")));
        }
Beispiel #3
0
        public Task <PermissionSet> GetPermissions(IReadOnlyList <SignatureEvidence> authentication, LedgerPath path, bool recursiveOnly, string recordName)
        {
            HashSet <string> identities = new HashSet <string>(authentication.Select(evidence => keyEncoder.GetPubKeyHash(evidence.PublicKey)), StringComparer.Ordinal);

            // Account /p2pkh/[addr]/
            if (p2pkhAccountPath.IsStrictParentOf(path) &&
                path.Segments.Count == p2pkhAccountPath.Segments.Count + 1 &&
                keyEncoder.IsP2pkh(path.Segments[path.Segments.Count - 1]))
            {
                Access ownAccount = identities.Contains(path.Segments[path.Segments.Count - 1]) && recordName != DynamicPermissionLayout.AclResourceName
                    ? Access.Permit : Access.Unset;

                return(Task.FromResult(new PermissionSet(
                                           accountModify: Access.Permit,
                                           accountSpend: ownAccount,
                                           dataModify: ownAccount)));
            }
            else
            {
                return(Task.FromResult(new PermissionSet()));
            }
        }