github.com/kisexp/xdchain@v0.0.0-20211206025815-490d6b732aa7/permission/connection.go

github.com/kisexp/xdchain@v0.0.0-20211206025815-490d6b732aa7/permission/connection.go (about)

     1  package permission
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/kisexp/xdchain/log"
     7  	"github.com/kisexp/xdchain/p2p/enode"
     8  	"github.com/kisexp/xdchain/params"
     9  	"github.com/kisexp/xdchain/permission/core"
    10  )
    11  
    12  func isNodePermissionedV1(enodeId string, nodename string, currentNode string, direction string) bool {
    13  	permissionedList := core.NodeInfoMap.GetNodeList()
    14  
    15  	log.Debug("isNodePermissionedV1", "permissionedList", permissionedList)
    16  	for _, n := range permissionedList {
    17  		if strings.Contains(n.Url, enodeId) && n.Status == core.NodeApproved {
    18  			log.Debug("isNodePermissionedV1", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "ALLOWED-BY", currentNode[:params.NODE_NAME_LENGTH])
    19  			return true
    20  		}
    21  	}
    22  	log.Debug("isNodePermissionedV1", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "DENIED-BY", currentNode[:params.NODE_NAME_LENGTH])
    23  	return false
    24  }
    25  
    26  func isNodePermissionedV2(node *enode.Node, nodename string, currentNode string, direction string) bool {
    27  	if permissionService == nil {
    28  		log.Debug("isNodePermissionedV2 connection not allowed - permissionService is not set")
    29  		return false
    30  	}
    31  	allowed, err := permissionService.ConnectionAllowed(node.EnodeID(), node.IP().String(), uint16(node.TCP()), uint16(node.RaftPort()))
    32  	log.Debug("isNodePermissionedV2 V2", "allowed", allowed, "url", node.String())
    33  	if err != nil {
    34  		log.Error("isNodePermissionedV2 connection not allowed", "err", err)
    35  		return false
    36  	}
    37  	if allowed {
    38  		log.Debug("isNodePermissionedV2", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "ALLOWED-BY", currentNode[:params.NODE_NAME_LENGTH])
    39  	} else {
    40  		log.Debug("isNodePermissionedV2", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "DENIED-BY", currentNode[:params.NODE_NAME_LENGTH])
    41  
    42  	}
    43  	return allowed
    44  
    45  }
    46  
    47  func IsNodePermissioned(node *enode.Node, nodename string, currentNode string, datadir string, direction string) bool {
    48  
    49  	//if we have not reached QIP714 block return full access
    50  	if !core.PermissionsEnabled() {
    51  		return core.IsNodePermissioned(nodename, currentNode, datadir, direction)
    52  	}
    53  
    54  	switch core.PermissionModel {
    55  	case core.Default:
    56  		return core.IsNodePermissioned(nodename, currentNode, datadir, direction)
    57  
    58  	case core.V1:
    59  		return isNodePermissionedV1(node.EnodeID(), nodename, currentNode, direction)
    60  
    61  	case core.V2:
    62  		return isNodePermissionedV2(node, nodename, currentNode, direction)
    63  	}
    64  	return false
    65  }