def _validateNewNym(self, req: Request, op, originRole):
role = op.get(ROLE)
r, msg = Authoriser.authorised(NYM, ROLE, originRole,
oldVal=None, newVal=role)
if not r:
raise UnauthorizedClientRequest(
req.identifier,
req.reqId,
"{} cannot add {}".format(
Roles.nameFromValue(originRole),
Roles.nameFromValue(role))
)
def _validateNewNym(self, req: Request, op, originRole):
role = op.get(ROLE)
r, msg = Authoriser.authorised(NYM,
ROLE,
originRole,
oldVal=None,
newVal=role)
if not r:
raise UnauthorizedClientRequest(
req.identifier, req.reqId,
"{} cannot add {}".format(Roles.nameFromValue(originRole),
Roles.nameFromValue(role)))
def validate(self, req: Request, config=None):
operation = req.operation
if operation.get(TXN_TYPE) == POOL_UPGRADE:
origin = req.identifier
try:
originRole = self.idrCache.getRole(origin, isCommitted=False)
except:
raise UnauthorizedClientRequest(
req.identifier,
req.reqId,
"Nym {} not added to the ledger yet".format(origin))
action = operation.get(ACTION)
# TODO: Some validation needed for making sure name and version
# present
status = self.upgrader.statusInLedger(req.operation.get(NAME),
req.operation.get(VERSION))
if status == START and action == START:
raise InvalidClientRequest(
req.identifier,
req.reqId,
"Upgrade '{}' is already scheduled".format(
req.operation.get(NAME)))
r, msg = Authoriser.authorised(POOL_UPGRADE, ACTION, originRole,
oldVal=status, newVal=action)
if not r:
raise UnauthorizedClientRequest(
req.identifier,
req.reqId,
"{} cannot do {}".format(
Roles.nameFromValue(originRole),
SovrinTransactions.POOL_UPGRADE.name))
def validate(self, req: Request, config=None):
status = None
operation = req.operation
typ = operation.get(TXN_TYPE)
if typ not in [POOL_UPGRADE, POOL_CONFIG]:
return
origin = req.identifier
try:
originRole = self.idrCache.getRole(origin, isCommitted=False)
except BaseException:
raise UnauthorizedClientRequest(
req.identifier,
req.reqId,
"Nym {} not added to the ledger yet".format(origin))
if typ == POOL_UPGRADE:
trname = SovrinTransactions.POOL_UPGRADE.name
action = operation.get(ACTION)
# TODO: Some validation needed for making sure name and version
# present
txn = self.upgrader.get_upgrade_txn(
lambda txn: txn.get(
NAME,
None) == req.operation.get(
NAME,
None) and txn.get(VERSION) == req.operation.get(VERSION),
reverse=True)
if txn:
status = txn.get(ACTION, None)
if status == START and action == START:
raise InvalidClientRequest(
req.identifier,
req.reqId,
"Upgrade '{}' is already scheduled".format(
req.operation.get(NAME)))
elif typ == POOL_CONFIG:
trname = SovrinTransactions.POOL_CONFIG.name
action = None
status = None
r, msg = Authoriser.authorised(
typ, ACTION, originRole, oldVal=status, newVal=action)
if not r:
raise UnauthorizedClientRequest(
req.identifier, req.reqId, "{} cannot do {}".format(
Roles.nameFromValue(originRole), trname))
def _validateExistingNym(self, req: Request, op, originRole, nymData):
origin = req.identifier
owner = self.idrCache.getOwnerFor(op[TARGET_NYM], isCommitted=False)
isOwner = origin == owner
updateKeys = [ROLE, VERKEY]
for key in updateKeys:
if key in op:
newVal = op[key]
oldVal = nymData.get(key)
if oldVal != newVal:
r, msg = Authoriser.authorised(NYM, key, originRole,
oldVal=oldVal,
newVal=newVal,
isActorOwnerOfSubject=isOwner)
if not r:
raise UnauthorizedClientRequest(
req.identifier,
req.reqId,
"{} cannot update {}".format(Roles.nameFromValue(originRole),
key))
def _validateExistingNym(self, req: Request, op, originRole, nymData):
origin = req.identifier
owner = self.idrCache.getOwnerFor(op[TARGET_NYM], isCommitted=False)
isOwner = origin == owner
updateKeys = [ROLE, VERKEY]
for key in updateKeys:
if key in op:
newVal = op[key]
oldVal = nymData.get(key)
if oldVal != newVal:
r, msg = Authoriser.authorised(
NYM,
key,
originRole,
oldVal=oldVal,
newVal=newVal,
isActorOwnerOfSubject=isOwner)
if not r:
raise UnauthorizedClientRequest(
req.identifier, req.reqId,
"{} cannot update {}".format(
Roles.nameFromValue(originRole), key))
def format_data(data, indent_level: int = 0, field_type: str = "") -> str:
"""
Format recursively the content of a Sovrin transaction data. Formatting is based on the type of transaction
and is specific to the data provided in that transaction.
Some cases might be missing.
:param field_type: Type of data field. See field_explanation.
:param data: Dictionary structure containing the data.
:param indent_level: Level of indentation at which should start the print-out of the data provided.
:return: None
"""
formatted_data_string = ""
if data is None:
return "None," + SEPARATOR
if type(data) == bytes:
data = data.decode()
if type(data) == str:
data = eval_string(data)
if type(data) in [str, int, float, tuple]:
value = data
if field_type != "":
if field_type.endswith(OPERATION + "_" + TXN_TYPE) or \
field_type.endswith("result" + "_" + TXN_TYPE) or \
field_type.endswith(OPERATION + "_" + f.RESULT.nm):
value = (SovrinTransactions(str(data)).name if data else "")
elif field_type.endswith(ATTR_NAMES):
value = (data.replace(",", ", "))
elif field_type.endswith(TXN_TIME) or field_type.endswith(
f.PP_TIME.nm):
try:
value = time.ctime(float(data))
except ValueError:
value = str(data)
elif field_type.endswith(ROLE):
value = SovrinRoles(str(data)).name if data else ""
else:
for field, explanation in field_explanation.items():
if re.search(field, field_type):
value = format_random_value(explanation, data)
break
if type(value) is str:
value = "'" + value.replace("\n", "") + "'"
else:
value = str(value)
else:
value = (INDENT * indent_level) + str(data)
if SHOW_FIELD_TYPE:
formatted_data_string += "{} ({}),{}".format(
value, field_type, SEPARATOR)
else:
formatted_data_string += "{},{}".format(value, SEPARATOR)
elif type(data) in [list, set, tuple]:
formatted_data_string += SEPARATOR + (INDENT *
indent_level) + "[" + SEPARATOR
for element in data:
formatted_data_string += INDENT * (indent_level + 1) + format_data(
element, indent_level + 1, field_type)
formatted_data_string += (INDENT * indent_level) + "]"
if indent_level > 0:
formatted_data_string += "," + SEPARATOR
elif isinstance(data, dict):
formatted_data_string += SEPARATOR + (INDENT *
indent_level) + "{" + SEPARATOR
for key, value in data.items():
formatted_data_string += INDENT * (
indent_level + 1) + apply_colour("'{}': ".format(key),
Colours.RED)
formatted_data_string += format_data(value, indent_level + 2,
field_type + "_" + str(key))
formatted_data_string += (INDENT * indent_level + "}")
if indent_level > 0:
formatted_data_string += "," + SEPARATOR
else:
formatted_data_string = data
return formatted_data_string
def testNameFromValue():
assert Roles.nameFromValue("2") == "STEWARD"
assert Roles.nameFromValue("0") == "TRUSTEE"
assert Roles.nameFromValue("100") == "TGB"
assert Roles.nameFromValue("101") == "TRUST_ANCHOR"
assert Roles.nameFromValue(None) == "None role"