code.vegaprotocol.io/vega@v0.79.0/wallet/api/admin_revoke_permissions.go

code.vegaprotocol.io/vega@v0.79.0/wallet/api/admin_revoke_permissions.go (about)

     1  // Copyright (C) 2023 Gobalsky Labs Limited
     2  //
     3  // This program is free software: you can redistribute it and/or modify
     4  // it under the terms of the GNU Affero General Public License as
     5  // published by the Free Software Foundation, either version 3 of the
     6  // License, or (at your option) any later version.
     7  //
     8  // This program is distributed in the hope that it will be useful,
     9  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    10  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    11  // GNU Affero General Public License for more details.
    12  //
    13  // You should have received a copy of the GNU Affero General Public License
    14  // along with this program.  If not, see <http://www.gnu.org/licenses/>.
    15  
    16  package api
    17  
    18  import (
    19  	"context"
    20  	"fmt"
    21  
    22  	"code.vegaprotocol.io/vega/libs/jsonrpc"
    23  
    24  	"github.com/mitchellh/mapstructure"
    25  )
    26  
    27  type AdminRevokePermissionsParams struct {
    28  	Wallet   string `json:"wallet"`
    29  	Hostname string `json:"hostname"`
    30  }
    31  type AdminRevokePermissions struct {
    32  	walletStore WalletStore
    33  }
    34  
    35  // Handle revokes the permissions set on the specified hostname.
    36  func (h *AdminRevokePermissions) Handle(ctx context.Context, rawParams jsonrpc.Params) (jsonrpc.Result, *jsonrpc.ErrorDetails) {
    37  	params, err := validateRevokePermissionsParams(rawParams)
    38  	if err != nil {
    39  		return nil, InvalidParams(err)
    40  	}
    41  
    42  	if exist, err := h.walletStore.WalletExists(ctx, params.Wallet); err != nil {
    43  		return nil, InternalError(fmt.Errorf("could not verify the wallet exists: %w", err))
    44  	} else if !exist {
    45  		return nil, InvalidParams(ErrWalletDoesNotExist)
    46  	}
    47  
    48  	alreadyUnlocked, err := h.walletStore.IsWalletAlreadyUnlocked(ctx, params.Wallet)
    49  	if err != nil {
    50  		return nil, InternalError(fmt.Errorf("could not verify whether the wallet is already unlock or not: %w", err))
    51  	}
    52  	if !alreadyUnlocked {
    53  		return nil, RequestNotPermittedError(ErrWalletIsLocked)
    54  	}
    55  
    56  	w, err := h.walletStore.GetWallet(ctx, params.Wallet)
    57  	if err != nil {
    58  		return nil, InternalError(fmt.Errorf("could not retrieve the wallet: %w", err))
    59  	}
    60  
    61  	w.RevokePermissions(params.Hostname)
    62  
    63  	if err := h.walletStore.UpdateWallet(ctx, w); err != nil {
    64  		return nil, InternalError(fmt.Errorf("could not save the wallet: %w", err))
    65  	}
    66  
    67  	return nil, nil
    68  }
    69  
    70  func validateRevokePermissionsParams(rawParams jsonrpc.Params) (AdminRevokePermissionsParams, error) {
    71  	if rawParams == nil {
    72  		return AdminRevokePermissionsParams{}, ErrParamsRequired
    73  	}
    74  
    75  	params := AdminRevokePermissionsParams{}
    76  	if err := mapstructure.Decode(rawParams, &params); err != nil {
    77  		return AdminRevokePermissionsParams{}, ErrParamsDoNotMatch
    78  	}
    79  
    80  	if params.Wallet == "" {
    81  		return AdminRevokePermissionsParams{}, ErrWalletIsRequired
    82  	}
    83  
    84  	if params.Hostname == "" {
    85  		return AdminRevokePermissionsParams{}, ErrHostnameIsRequired
    86  	}
    87  
    88  	return params, nil
    89  }
    90  
    91  func NewAdminRevokePermissions(
    92  	walletStore WalletStore,
    93  ) *AdminRevokePermissions {
    94  	return &AdminRevokePermissions{
    95  		walletStore: walletStore,
    96  	}
    97  }