public Task <PermissionSet> GetPermissions(IReadOnlyList <SignatureEvidence> authentication, LedgerPath path, bool recursiveOnly, string recordName) { HashSet <string> identities = new HashSet <string>(authentication.Select(evidence => keyEncoder.GetPubKeyHash(evidence.PublicKey)), StringComparer.Ordinal); LedgerPath pathRecordName; // If the path is root and the record name is a tird-party asset owned by the current identity, // arbitrary modification of the balance is allowed if (LedgerPath.TryParse(recordName, out pathRecordName) && thirdPartyAssetPath.IsStrictParentOf(pathRecordName) && path.Segments.Count == 0 && identities.Contains(pathRecordName.Segments[thirdPartyAssetPath.Segments.Count])) { return(Task.FromResult(new PermissionSet(accountNegative: Access.Permit))); } // Account /asset/p2pkh/[addr]/ if (thirdPartyAssetPath.IsStrictParentOf(path) && path.Segments.Count == thirdPartyAssetPath.Segments.Count + 1 && keyEncoder.IsP2pkh(path.Segments[path.Segments.Count - 1])) { Access ownAccount = identities.Contains(path.Segments[path.Segments.Count - 1]) && recordName != DynamicPermissionLayout.AclResourceName ? Access.Permit : Access.Unset; return(Task.FromResult(new PermissionSet( accountModify: Access.Permit, accountCreate: Access.Permit, accountSpend: ownAccount, dataModify: ownAccount))); } else { return(Task.FromResult(new PermissionSet())); } }
public Task <PermissionSet> GetPermissions(IReadOnlyList <SignatureEvidence> authentication, LedgerPath path, bool recursiveOnly, string recordName) { HashSet <string> identities = new HashSet <string>(authentication.Select(evidence => keyEncoder.GetPubKeyHash(evidence.PublicKey)), StringComparer.Ordinal); // Account /p2pkh/[addr]/ if (p2pkhAccountPath.IsStrictParentOf(path) && path.Segments.Count == p2pkhAccountPath.Segments.Count + 1 && keyEncoder.IsP2pkh(path.Segments[path.Segments.Count - 1])) { Access ownAccount = identities.Contains(path.Segments[path.Segments.Count - 1]) && recordName != DynamicPermissionLayout.AclResourceName ? Access.Permit : Access.Unset; return(Task.FromResult(new PermissionSet( accountModify: Access.Permit, accountCreate: Access.Permit, accountSpend: ownAccount, dataModify: ownAccount))); } else { return(Task.FromResult(new PermissionSet())); } }