def apply_propose_remove(header, payload, state):
proposal_payload = role_transaction_pb2.ProposeRemoveRoleMember()
proposal_payload.ParseFromString(payload.content)
role_members_address = addresser.make_role_members_address(
role_id=proposal_payload.role_id, user_id=proposal_payload.user_id)
proposal_address = addresser.make_proposal_address(
object_id=proposal_payload.role_id,
related_id=proposal_payload.user_id)
state_entries = validate_role_rel_proposal(header, proposal_payload,
role_members_address, state,
True)
if not no_open_proposal(
state_entries=state_entries,
object_id=proposal_payload.role_id,
related_id=proposal_payload.user_id,
proposal_address=proposal_address,
proposal_type=proposal_state_pb2.Proposal.REMOVE_ROLE_MEMBERS):
raise InvalidTransaction(
"There is already an open proposal for REMOVE_ROLE_MEMBERS "
"with role id {} and user id {}".format(proposal_payload.role_id,
proposal_payload.user_id))
handle_propose_state_set(
state_entries=state_entries,
header=header,
payload=proposal_payload,
address=proposal_address,
proposal_type=proposal_state_pb2.Proposal.REMOVE_ROLE_MEMBERS,
state=state)
def confirm_remove_role_members(txn_key, batch_key, proposal_id, role_id,
user_id, reason):
confirm_payload = role_transaction_pb2.ConfirmRemoveRoleMember(
proposal_id=proposal_id,
role_id=role_id,
user_id=user_id,
reason=reason)
inputs = [
addresser.make_proposal_address(role_id, user_id),
addresser.make_role_owners_address(role_id, txn_key.public_key)
]
outputs = [
addresser.make_proposal_address(role_id, user_id),
addresser.make_role_members_address(role_id, user_id)
]
rbac_payload = rbac_payload_pb2.RBACPayload(
content=confirm_payload.SerializeToString(),
message_type=rbac_payload_pb2.RBACPayload.CONFIRM_REMOVE_ROLE_MEMBERS)
return make_header_and_batch(rbac_payload, inputs, outputs, txn_key,
batch_key)
def test_generated_role_member_addr(self):
"""Tests the role member address creation function as well as the
address_is function.
"""
role_id = uuid4().hex
member_id = uuid4().hex
address = addresser.make_role_members_address(role_id, member_id)
self.assertEqual(len(address), addresser.ADDRESS_LENGTH,
"The address is 70 characters")
self.assertTrue(addresser.is_address(address),
"The address is 70 character hexidecimal")
self.assertTrue(addresser.namespace_ok(address),
"The address has correct namespace prefix")
self.assertTrue(
addresser.is_family_address(address),
"The address is 70 character hexidecimal with family prefix")
self.assertEqual(
addresser.address_is(address), AddressSpace.ROLES_MEMBERS,
"The address created must be a Role Attributes address.")
def test_determine_role_member_addr(self):
"""Tests that a specific role_id and member_id generates the
expected role member address, and thus is probably deterministic.
"""
role_id = '99968acb8f1a48b3a4bc21e2cd252e67'
member_id = '966ab67317234df489adb4bc1f517b88'
expected_address = '9f444809326a1713a905b26359fc8d\
a2817c1a5f67de6f464701f0c10042da345d2833'
address = addresser.make_role_members_address(role_id, member_id)
self.assertEqual(len(address), addresser.ADDRESS_LENGTH,
"The address is 70 characters")
self.assertTrue(addresser.is_address(address),
"The address is 70 character hexidecimal")
self.assertTrue(addresser.namespace_ok(address),
"The address has correct namespace prefix")
self.assertTrue(
addresser.is_family_address(address),
"The address is 70 character hexidecimal with family prefix")
self.assertEqual(address, expected_address,
"The address is the one we expected it to be")
self.assertEqual(
addresser.address_is(address), AddressSpace.ROLES_MEMBERS,
"The address created must be a Role Attributes address.")
def apply_confirm(header, payload, state):
confirm_payload = role_transaction_pb2.ConfirmAddRoleAdmin()
confirm_payload.ParseFromString(payload.content)
role_members_address = addresser.make_role_members_address(
role_id=confirm_payload.role_id, user_id=confirm_payload.user_id)
txn_signer_owners_address = addresser.make_role_owners_address(
role_id=confirm_payload.role_id, user_id=header.signer_public_key)
state_entries = validate_role_admin_or_owner(
header=header,
confirm=confirm_payload,
txn_signer_rel_address=txn_signer_owners_address,
state=state)
handle_confirm_add(state_entries=state_entries,
header=header,
confirm=confirm_payload,
role_rel_address=role_members_address,
state=state)
def propose_remove_role_members(txn_key, batch_key, proposal_id, role_id,
user_id, reason, metadata):
propose = role_transaction_pb2.ProposeRemoveRoleMember(
proposal_id=proposal_id,
role_id=role_id,
user_id=user_id,
reason=reason,
metadata=metadata)
inputs = [
addresser.make_role_members_address(role_id, user_id),
addresser.make_role_attributes_address(role_id=role_id),
addresser.make_user_address(user_id=user_id),
addresser.make_proposal_address(role_id, user_id)
]
outputs = [addresser.make_proposal_address(role_id, user_id)]
rbac_payload = rbac_payload_pb2.RBACPayload(
content=propose.SerializeToString(),
message_type=rbac_payload_pb2.RBACPayload.PROPOSE_REMOVE_ROLE_MEMBERS)
return make_header_and_batch(rbac_payload, inputs, outputs, txn_key,
batch_key)
def test_role_addresses(self):
"""Tests the Role address creation functions as well as the
address_is function.
Notes:
1. Create an address of a particular type:
- Role Attributes
- Role Members
- Role Owners
- Role Admins
- Role Tasks
2. Assert that address_is returns the correct address type.
"""
role_address = addresser.make_role_attributes_address(
role_id=uuid4().hex)
self.assertEqual(len(role_address), 70,
"The address is a well-formed address.")
self.assertEqual(
addresser.address_is(role_address),
AddressSpace.ROLES_ATTRIBUTES,
"The Role Attributes address created must "
"be found to be a Role Attributes address.")
role_members_address = addresser.make_role_members_address(
role_id=uuid4().hex,
user_id=uuid4().hex)
self.assertEqual(len(role_members_address), 70,
"The address is a well-formed address.")
self.assertEqual(
addresser.address_is(role_members_address),
AddressSpace.ROLES_MEMBERS,
"The Role Members address created must be "
"found to be a Role Members address.")
role_owners_address = addresser.make_role_owners_address(
role_id=uuid4().hex,
user_id=uuid4().hex)
self.assertEqual(len(role_owners_address), 70,
"The address is a well-formed address.")
self.assertEqual(
addresser.address_is(role_owners_address),
AddressSpace.ROLES_OWNERS,
"The Role Owners address created must be found to be "
"a Role Members address.")
role_admins_address = addresser.make_role_admins_address(
role_id=uuid4().hex,
user_id=uuid4().hex)
self.assertEqual(len(role_admins_address), 70,
"The address is a well-formed address.")
self.assertEqual(
addresser.address_is(role_admins_address),
AddressSpace.ROLES_ADMINS,
"The Role Admins address created must be "
"found to be a Role Admins address.")
role_tasks_address = addresser.make_role_tasks_address(
role_id=uuid4().hex,
task_id=uuid4().hex)
self.assertEqual(len(role_tasks_address), 70,
"The address is a well-formed address.")
self.assertEqual(
addresser.address_is(role_tasks_address),
AddressSpace.ROLES_TASKS,
"The Role Tasks address created must be "
"found to be a Role Tasks address.")
