def _static_validation_for_rule(self, operation, identifier, req_id):
try:
ConstraintCreator.create_constraint(operation.get(CONSTRAINT))
except (ValueError, KeyError) as exp:
raise InvalidClientRequest(identifier, req_id, exp)
StaticAuthRuleHelper.check_auth_key(operation, identifier, req_id,
self.write_req_validator.auth_map)
def test_get_all_auth_rule_transactions_after_write(looper,
sdk_wallet_trustee,
sdk_pool_handle):
auth_action = ADD_PREFIX
auth_type = NYM
field = ROLE
new_value = ENDORSER
auth_constraint = generate_constraint_list(auth_constraints=[generate_constraint_entity(role=TRUSTEE),
generate_constraint_entity(role=STEWARD)])
resp = sdk_send_and_check_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
auth_action=auth_action, auth_type=auth_type,
field=field, new_value=new_value,
constraint=auth_constraint)
auth_key = StaticAuthRuleHelper.get_auth_key(resp[0][0][OPERATION])
resp = sdk_send_and_check_get_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee)
result = resp[0][1]["result"][DATA]
full_auth_map = OrderedDict(auth_map)
full_auth_map.update(sovtoken_auth_map)
full_auth_map.update(sovtokenfees_auth_map)
full_auth_map[auth_key] = ConstraintCreator.create_constraint(auth_constraint)
for i, (auth_key, constraint) in enumerate(full_auth_map.items()):
rule = result[i]
assert auth_key == StaticAuthRuleHelper.get_auth_key(rule)
if constraint is None:
assert {} == rule[CONSTRAINT]
else:
assert constraint.as_dict == rule[CONSTRAINT]
def test_get_all_auth_rule_transactions_after_write(looper,
sdk_wallet_trustee,
sdk_pool_handle):
auth_action = ADD_PREFIX
auth_type = NYM
field = ROLE
new_value = ENDORSER
constraint = generate_constraint_list(auth_constraints=[generate_constraint_entity(role=TRUSTEE),
generate_constraint_entity(role=STEWARD)])
resp = sdk_send_and_check_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
auth_action=auth_action,
auth_type=auth_type,
field=field,
new_value=new_value,
constraint=constraint)
str_auth_key = StaticAuthRuleHelper.get_auth_key(resp[0][0][OPERATION])
resp = sdk_send_and_check_get_auth_rule_request(
looper, sdk_pool_handle, sdk_wallet_trustee
)
result = resp[0][1]["result"][DATA]
for rule in result:
key = StaticAuthRuleHelper.get_auth_key(rule)
if key == str_auth_key:
assert constraint == rule[CONSTRAINT]
else:
assert auth_map[key].as_dict == rule[CONSTRAINT]
def test_update_state(auth_rule_request, auth_rule_handler: AuthRuleHandler):
txn = reqToTxn(auth_rule_request)
payload = get_payload_data(txn)
constraint = StaticAuthRuleHelper.get_auth_constraint(payload)
auth_key = StaticAuthRuleHelper.get_auth_key(payload)
path = AbstractAuthRuleHandler.make_state_path_for_auth_rule(auth_key)
auth_rule_handler.update_state(txn, None, auth_rule_request)
assert auth_rule_handler.get_from_state(path) == constraint.as_dict
def static_validation(self, request: Request):
self._validate_request_type(request)
identifier, req_id, operation = get_request_data(request)
required_fields = list(dict(ClientGetAuthRuleOperation.schema).keys())
required_fields.remove(OLD_VALUE)
if len(operation) > 1:
if not set(required_fields).issubset(set(operation.keys())):
raise InvalidClientRequest(
identifier, req_id,
"Not enough fields to build an auth key.")
StaticAuthRuleHelper.check_auth_key(
operation, identifier, req_id,
self.write_req_validator.auth_map)
def test_auth_mint(helpers, addresses, looper, sdk_wallet_trustee,
sdk_pool_handle):
"""
1. Send a MINT_PUBLIC txn from 3 TRUSTEE
2. Change the auth rule for adding MINT_PUBLIC to 1 STEWARD signature
3. Send a transfer from 3 TRUSTEE, check that auth validation failed.
4. Send and check that a MINT_PUBLIC request with STEWARD signature pass.
5. Change the auth rule to a default value.
6. Send and check a MINT_PUBLIC txn from 3 TRUSTEE.
"""
outputs = [{ADDRESS: addresses[0], AMOUNT: 1000}]
helpers.general.do_mint(outputs)
sdk_send_and_check_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
auth_action=ADD_PREFIX,
auth_type=MINT_PUBLIC,
field='*',
new_value='*',
constraint=AuthConstraint(
role=STEWARD,
sig_count=1,
need_to_be_owner=False).as_dict)
outputs = [{ADDRESS: addresses[0], AMOUNT: 1000}]
with pytest.raises(RequestRejectedException,
match="Not enough STEWARD signatures"):
helpers.general.do_mint(outputs)
steward_do_mint(helpers, outputs)
sdk_send_and_check_auth_rule_request(
looper,
sdk_pool_handle,
sdk_wallet_trustee,
auth_action=ADD_PREFIX,
auth_type=MINT_PUBLIC,
field='*',
new_value='*',
constraint=sovtoken_auth_map[add_mint.get_action_id()].as_dict)
helpers.general.do_mint(outputs)
resp = sdk_send_and_check_get_auth_rule_request(looper, sdk_pool_handle,
sdk_wallet_trustee)
full_auth_map = OrderedDict(auth_map)
full_auth_map.update(sovtoken_auth_map)
result = resp[0][1]["result"][DATA]
for i, (auth_key, constraint) in enumerate(full_auth_map.items()):
rule = result[i]
assert auth_key == StaticAuthRuleHelper.get_auth_key(rule)
if constraint is None:
assert {} == rule[CONSTRAINT]
else:
assert constraint.as_dict == rule[CONSTRAINT]
def get_result(self, request: Request):
self._validate_request_type(request)
operation = request.operation
proof = None
if len(operation) >= len(ClientGetAuthRuleOperation.schema) - 1:
path = StaticAuthRuleHelper.get_auth_key(operation)
data, proof = self._get_auth_rule(path)
else:
data = self._get_all_auth_rules()
result = self.make_result(request=request, data=data, proof=proof)
result.update(operation)
return result
def test_get_one_auth_rule_transaction(looper,
sdk_wallet_trustee,
sdk_pool_handle):
key = generate_key()
str_key = StaticAuthRuleHelper.get_auth_key(key)
req, resp = sdk_send_and_check_get_auth_rule_request(
looper, sdk_pool_handle, sdk_wallet_trustee, **key
)[0]
for resp_rule in resp[RESULT][DATA]:
_check_key(key, resp_rule)
assert auth_map.get(str_key).as_dict == resp_rule[CONSTRAINT]
def fees_specific_validation(self, request: Request):
operation = request.operation
current_fees = self._get_fees_handler.get_fees()
constraint = StaticAuthRuleHelper.get_auth_constraint(operation)
wrong_aliases = []
AuthRuleFeeHandler.validate_metadata(current_fees, constraint,
wrong_aliases)
if len(wrong_aliases) > 0:
raise InvalidClientMessageException(
request.identifier, request.reqId,
"Fees alias(es) {} does not exist in current fees {}. "
"Please add the alias(es) via SET_FEES transaction first.".
format(", ".join(wrong_aliases), current_fees))
def test_get_one_auth_rule_transaction(looper,
sdk_wallet_trustee,
sdk_pool_handle):
key = generate_key()
str_key = StaticAuthRuleHelper.get_auth_key(key)
req, resp = sdk_send_and_check_get_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
**key)[0]
result = resp["result"][DATA][0]
assert len(resp["result"][DATA]) == 1
_check_key(key, result)
assert result[CONSTRAINT] == auth_map.get(str_key).as_dict
def test_get_all_auth_rule_transactions(looper,
sdk_wallet_trustee,
sdk_pool_handle):
resp = sdk_send_and_check_get_auth_rule_request(
looper, sdk_pool_handle, sdk_wallet_trustee
)
result = resp[0][1]["result"][DATA]
for i, (auth_key, constraint) in enumerate(auth_map.items()):
rule = result[i]
assert auth_key == StaticAuthRuleHelper.get_auth_key(rule)
if constraint is None:
assert {} == rule[CONSTRAINT]
else:
assert constraint.as_dict == rule[CONSTRAINT]
def test_auth_rule_state_format(looper, sdk_pool_handle, sdk_wallet_trustee,
txnPoolNodeSet, off_ledger_signature):
auth_action = ADD_PREFIX
auth_type = NYM
field = ROLE
new_value = ENDORSER
constraint = {
CONSTRAINT_ID: ConstraintsEnum.ROLE_CONSTRAINT_ID,
ROLE: "*",
SIG_COUNT: 1,
NEED_TO_BE_OWNER: False,
METADATA: {}
}
if off_ledger_signature:
constraint[OFF_LEDGER_SIGNATURE] = off_ledger_signature
sdk_send_and_check_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
auth_action=auth_action,
auth_type=auth_type,
field=field,
new_value=new_value,
constraint=constraint)
state = txnPoolNodeSet[0].db_manager.get_database(CONFIG_LEDGER_ID).state
key = generate_key(auth_action, auth_type, field, new_value)
path = config.make_state_path_for_auth_rule(
StaticAuthRuleHelper.get_auth_key(key))
state_constraint = config_state_serializer.deserialize(state.get(path))
assert state_constraint == constraint
_, before_resp = sdk_send_and_check_get_auth_rule_request(
looper,
sdk_pool_handle,
sdk_wallet_trustee,
auth_type=auth_type,
auth_action=auth_action,
field=field,
new_value=new_value)[0]
for rule in before_resp["result"][DATA]:
if rule[CONSTRAINT][CONSTRAINT_ID] == 'ROLE' and off_ledger_signature:
assert OFF_LEDGER_SIGNATURE in rule[CONSTRAINT]
def update_state(self, txn, prev_result, request=None, is_committed=False):
payload = get_payload_data(txn)
constraint = StaticAuthRuleHelper.get_auth_constraint(payload)
auth_key = StaticAuthRuleHelper.get_auth_key(payload)
self._update_auth_constraint(auth_key, constraint)
def update_state(self, txn, prev_result, request=None, is_committed=False):
payload = get_payload_data(txn)
for rule in payload.get(RULES, []):
constraint = StaticAuthRuleHelper.get_auth_constraint(rule)
auth_key = StaticAuthRuleHelper.get_auth_key(rule)
self._update_auth_constraint(auth_key, constraint)