def validate_role_rel_proposal(header, propose, rel_address, state): """Validates that the User exists, the Role exists, and the User is not in the Role's relationship specified by rel_address. Args: header (TransactionHeader): The transaction header. propose (ProposeAddRole_____): The role relationship proposal. rel_address (str): The Role relationship address produced by the Role and the User. state (sawtooth_sdk.Context): The way to communicate to the validator the state gets and sets. Returns: (dict of addresses) """ user_address = addresser.make_user_address(propose.user_id) role_address = addresser.make_role_attributes_address(propose.role_id) proposal_address = addresser.make_proposal_address( object_id=propose.role_id, related_id=propose.user_id) state_entries = get_state( state, [user_address, role_address, proposal_address, rel_address]) validate_identifier_is_user(state_entries, identifier=propose.user_id, address=user_address) user_entry = get_state_entry(state_entries, user_address) user = get_user_from_container(return_user_container(user_entry), propose.user_id) if header.signer_public_key not in [user.user_id, user.manager_id]: raise InvalidTransaction( "Txn signer {} is not the user or the user's " "manager {}".format(header.signer_public_key, [user.user_id, user.manager_id])) validate_identifier_is_role(state_entries, identifier=propose.role_id, address=role_address) try: role_admins_entry = get_state_entry(state_entries, rel_address) role_rel_container = return_role_rel_container(role_admins_entry) if is_in_role_rel_container(role_rel_container, propose.role_id, propose.user_id): raise InvalidTransaction("User {} is already in the Role {} " "relationship".format( propose.user_id, propose.role_id)) except KeyError: # The role rel container doesn't exist so no role relationship exists pass return state_entries
def validate_role_admin_or_owner(header, confirm, txn_signer_rel_address, state): """Validate a [ Confirm | Reject }_____Role[ Admin | Owner } transaction. Args: header (TransactionHeader): The transaction header protobuf class.: confirm: ConfirmAddRoleAdmin, RejectAddRoleAdmin, ... state (Context): The class responsible for gets and sets of state. Returns: (dict of addresses) """ proposal_address = addresser.make_proposal_address( object_id=confirm.role_id, related_id=confirm.user_id) state_entries = get_state( state, [txn_signer_rel_address, proposal_address]) if not proposal_exists_and_open( state_entries, proposal_address, confirm.proposal_id): raise InvalidTransaction("The proposal {} does not exist or " "is not open".format(confirm.proposal_id)) try: entry = get_state_entry(state_entries, txn_signer_rel_address) role_rel_container = return_role_rel_container(entry) except KeyError: raise InvalidTransaction( "Signer {} does not have the Role permissions " "to close the proposal".format(header.signer_public_key)) if not is_in_role_rel_container( role_rel_container, role_id=confirm.role_id, identifier=header.signer_public_key): raise InvalidTransaction("Signer {} does not have the Role " "permissions to close the " "proposal".format(header.signer_public_key)) return state_entries
def handle_confirm_add(state_entries, header, confirm, role_rel_address, state, rel_type='user_id'): proposal_address = addresser.make_proposal_address( object_id=confirm.role_id, related_id=getattr(confirm, rel_type)) proposal_entry = get_state_entry(state_entries, proposal_address) proposal_container = return_prop_container(proposal_entry) proposal = get_prop_from_container(proposal_container, proposal_id=confirm.proposal_id) proposal.status = proposal_state_pb2.Proposal.CONFIRMED proposal.closer = header.signer_pubkey proposal.close_reason = confirm.reason address_values = [ StateEntry(address=proposal_address, data=proposal_container.SerializeToString()) ] try: role_rel_entry = get_state_entry(state_entries, role_rel_address) role_rel_container = return_role_rel_container(role_rel_entry) except KeyError: role_rel_container = role_state_pb2.RoleRelationshipContainer() try: role_rel = get_role_rel(role_rel_container, confirm.role_id) except KeyError: role_rel = role_rel_container.relationships.add() role_rel.role_id = confirm.role_id role_rel.identifiers.append(getattr(confirm, rel_type)) address_values.append( StateEntry(address=role_rel_address, data=role_rel_container.SerializeToString())) set_state(state, address_values)