github.com/Night-mk/quorum@v21.1.0+incompatible/multitenancy/types.go (about) 1 package multitenancy 2 3 import ( 4 "context" 5 "fmt" 6 7 "github.com/ethereum/go-ethereum/common" 8 "github.com/jpmorganchase/quorum-security-plugin-sdk-go/proto" 9 ) 10 11 type ContractVisibility string 12 type ContractAction string 13 14 const ( 15 VisibilityPublic ContractVisibility = "public" 16 VisibilityPrivate ContractVisibility = "private" 17 ActionRead ContractAction = "read" 18 ActionWrite ContractAction = "write" 19 ActionCreate ContractAction = "create" 20 21 // QueryOwnedEOA query parameter is to capture the EOA address 22 // For value transfer, it represents the account owner 23 // For message call, it represents the EOA that signed the contract creation transaction 24 // in other words, the EOA that owns the contract 25 QueryOwnedEOA = "owned.eoa" 26 // QueryToEOA query parameter is to capture the EOA address which is the 27 // target account in value transfer scenarios 28 QueryToEOA = "to.eoa" 29 // QueryFromTM query parameter is to capture the Tessera Public Key 30 // which indicates the sender of a private transaction or participant of a private contract 31 QueryFromTM = "from.tm" 32 33 // AnyEOAAddress represents wild card for EOA address 34 AnyEOAAddress = "0x0" 35 ) 36 37 // Multitenancy support 38 type ContextAware interface { 39 SupportsMultitenancy(ctx context.Context) (*proto.PreAuthenticatedAuthenticationToken, bool) 40 } 41 42 // AuthorizationProvider specifies APIs to be implemented to provide multitenancy capability 43 type AuthorizationProvider interface { 44 ContextAware 45 ContractAuthorizationProvider 46 } 47 48 // AccountStateSecurityAttribute contains security configuration ask 49 // which are defined for a secure account state 50 type AccountStateSecurityAttribute struct { 51 From common.Address // Ethereum Account Address 52 To common.Address 53 } 54 55 func (assa *AccountStateSecurityAttribute) String() string { 56 return fmt.Sprintf("from=%s to=%s", assa.From.Hex(), assa.To.Hex()) 57 } 58 59 // ContractSecurityAttribute contains security configuration ask 60 // which are defined for a secure contract account 61 type ContractSecurityAttribute struct { 62 *AccountStateSecurityAttribute 63 Visibility ContractVisibility // public/private 64 Action ContractAction // create/read/write 65 PrivateFrom string // TM Key, only if Visibility is private, for write/create 66 Parties []string // TM Keys, only if Visibility is private, for read 67 } 68 69 func (csa *ContractSecurityAttribute) String() string { 70 return fmt.Sprintf("%v visibility=%s action=%s privateFrom=%s parties=%v", csa.AccountStateSecurityAttribute, csa.Visibility, csa.Action, csa.PrivateFrom, csa.Parties) 71 } 72 73 type ContractSecurityAttributeBuilder struct { 74 secAttr ContractSecurityAttribute 75 } 76 77 func NewContractSecurityAttributeBuilder() *ContractSecurityAttributeBuilder { 78 return &ContractSecurityAttributeBuilder{ 79 secAttr: ContractSecurityAttribute{ 80 AccountStateSecurityAttribute: &AccountStateSecurityAttribute{}, 81 Parties: make([]string, 0), 82 }, 83 } 84 } 85 86 func (csab *ContractSecurityAttributeBuilder) FromEOA(eoa common.Address) *ContractSecurityAttributeBuilder { 87 csab.secAttr.AccountStateSecurityAttribute.From = eoa 88 return csab 89 } 90 91 // ethereum account destination 92 func (csab *ContractSecurityAttributeBuilder) ToEOA(eoa common.Address) *ContractSecurityAttributeBuilder { 93 csab.secAttr.AccountStateSecurityAttribute.To = eoa 94 return csab 95 } 96 97 func (csab *ContractSecurityAttributeBuilder) PrivateFrom(tmPubKey string) *ContractSecurityAttributeBuilder { 98 csab.secAttr.PrivateFrom = tmPubKey 99 return csab 100 } 101 102 // set privateFrom only if b is true, ignore otherwise 103 func (csab *ContractSecurityAttributeBuilder) PrivateFromOnlyIf(b bool, tmPubKey string) *ContractSecurityAttributeBuilder { 104 if b { 105 csab.secAttr.PrivateFrom = tmPubKey 106 } 107 return csab 108 } 109 110 func (csab *ContractSecurityAttributeBuilder) Visibility(v ContractVisibility) *ContractSecurityAttributeBuilder { 111 csab.secAttr.Visibility = v 112 return csab 113 } 114 115 func (csab *ContractSecurityAttributeBuilder) Private() *ContractSecurityAttributeBuilder { 116 return csab.Visibility(VisibilityPrivate) 117 } 118 119 // set VisibilityPrivate if b is true, VisibilityPublic otherwise 120 func (csab *ContractSecurityAttributeBuilder) PrivateIf(b bool) *ContractSecurityAttributeBuilder { 121 if b { 122 return csab.Visibility(VisibilityPrivate) 123 } else { 124 return csab.Visibility(VisibilityPublic) 125 } 126 } 127 128 func (csab *ContractSecurityAttributeBuilder) Public() *ContractSecurityAttributeBuilder { 129 return csab.Visibility(VisibilityPublic) 130 } 131 132 func (csab *ContractSecurityAttributeBuilder) Action(a ContractAction) *ContractSecurityAttributeBuilder { 133 csab.secAttr.Action = a 134 return csab 135 } 136 137 func (csab *ContractSecurityAttributeBuilder) Create() *ContractSecurityAttributeBuilder { 138 return csab.Action(ActionCreate) 139 } 140 141 func (csab *ContractSecurityAttributeBuilder) Read() *ContractSecurityAttributeBuilder { 142 return csab.Action(ActionRead) 143 } 144 145 func (csab *ContractSecurityAttributeBuilder) Write() *ContractSecurityAttributeBuilder { 146 return csab.Action(ActionWrite) 147 } 148 149 // set ActionRead only if b is true, ignore otherwise 150 func (csab *ContractSecurityAttributeBuilder) ReadOnlyIf(b bool) *ContractSecurityAttributeBuilder { 151 if b { 152 return csab.Action(ActionRead) 153 } else { 154 return csab 155 } 156 } 157 158 // set ActionWrite only if b is true, ignore otherwise 159 func (csab *ContractSecurityAttributeBuilder) WriteOnlyIf(b bool) *ContractSecurityAttributeBuilder { 160 if b { 161 return csab.Action(ActionWrite) 162 } else { 163 return csab 164 } 165 } 166 167 // set Parties only if b is true, ignore otherwise 168 func (csab *ContractSecurityAttributeBuilder) PartiesOnlyIf(b bool, tmPubKeys []string) *ContractSecurityAttributeBuilder { 169 if b { 170 return csab.Parties(tmPubKeys) 171 } 172 return csab 173 } 174 175 func (csab *ContractSecurityAttributeBuilder) Parties(tmPubKeys []string) *ContractSecurityAttributeBuilder { 176 parties := make([]string, len(tmPubKeys)) 177 copy(parties, tmPubKeys) 178 csab.secAttr.Parties = parties 179 return csab 180 } 181 182 func (csab *ContractSecurityAttributeBuilder) Party(tmPubKey string) *ContractSecurityAttributeBuilder { 183 csab.secAttr.Parties = append(csab.secAttr.Parties, tmPubKey) 184 return csab 185 } 186 187 func (csab *ContractSecurityAttributeBuilder) Build() *ContractSecurityAttribute { 188 return &csab.secAttr 189 } 190 191 // FullAccessContractSecurityAttributes returns a list of contract security attributes. 192 // The attributes are used to verify ownership of a TM key which is going to be used 193 // to send a private transaction. 194 func FullAccessContractSecurityAttributes(fromEOA common.Address, privateFrom string) []*ContractSecurityAttribute { 195 return []*ContractSecurityAttribute{ 196 NewContractSecurityAttributeBuilder().FromEOA(fromEOA).Private().Create().PrivateFrom(privateFrom).Build(), 197 NewContractSecurityAttributeBuilder().FromEOA(fromEOA).Private().Write().Party(privateFrom).Build(), 198 NewContractSecurityAttributeBuilder().FromEOA(fromEOA).Private().Read().Party(privateFrom).Build(), 199 } 200 }