diff --git a/pallets/certification/src/lib.rs b/pallets/certification/src/lib.rs
index 13209fea45827b47443ec0f59e7fc09ce3091c15..cd09e397aba562bbfef3cae86f0d1087ef7638d1 100644
--- a/pallets/certification/src/lib.rs
+++ b/pallets/certification/src/lib.rs
@@ -282,8 +282,13 @@ pub mod pallet {
) -> DispatchResultWithPostInfo {
let who = ensure_signed(origin)?;
+ // Verify caller ownership
+ let issuer_owner_key =
+ T::OwnerKeyOf::convert(issuer).ok_or(Error::<T>::IssuerNotFound)?;
+ ensure!(issuer_owner_key == who, DispatchError::BadOrigin);
+
let block_number = frame_system::pallet::Pallet::<T>::block_number();
- Self::check_cert_allowed(who, issuer, receiver, block_number)?;
+ Self::check_add_cert(issuer, receiver, block_number)?;
Self::do_add_cert(block_number, issuer, receiver);
Ok(().into())
@@ -326,37 +331,18 @@ pub mod pallet {
receiver: T::IdtyIndex,
verify_rules: bool,
) -> DispatchResultWithPostInfo {
- // Verify rule (1.) Forbid self cert
- ensure!(issuer != receiver, Error::<T>::CannotCertifySelf);
-
let block_number = frame_system::pallet::Pallet::<T>::block_number();
if verify_rules {
- // Verify rule (3.) MinReceivedCertToBeAbleToIssueCert
- let issuer_idty_cert_meta = StorageIdtyCertMeta::<T>::get(issuer);
- ensure!(
- issuer_idty_cert_meta.received_count
- >= T::MinReceivedCertToBeAbleToIssueCert::get(),
- Error::<T>::NotEnoughCertReceived
- );
-
- // Verify rule (4.) MaxByIssuer
- ensure!(
- issuer_idty_cert_meta.issued_count < T::MaxByIssuer::get(),
- Error::<T>::IssuedTooManyCert
- );
-
- // Verify rule (5.) CertPeriod
- ensure!(
- block_number >= issuer_idty_cert_meta.next_issuable_on,
- Error::<T>::NotRespectCertPeriod
- );
+ // only verify internal rules if asked
+ Self::check_add_cert_internal(issuer, receiver, block_number)?;
};
Self::do_add_cert(block_number, issuer, receiver);
Ok(().into())
}
+
/// perform cert addition or renewal
fn do_add_cert(block_number: T::BlockNumber, issuer: T::IdtyIndex, receiver: T::IdtyIndex) {
// Write CertsRemovableOn
@@ -416,6 +402,7 @@ pub mod pallet {
Self::deposit_event(Event::CertRenewed { issuer, receiver });
};
}
+
/// remove the certifications due to expire on the given block
// (run at on_initialize step)
fn prune_certifications(block_number: T::BlockNumber) -> Weight {
@@ -430,6 +417,7 @@ pub mod pallet {
total_weight
}
+
/// perform the certification removal
/// if block number is given only remove cert if still set to expire at this block number
pub fn do_remove_cert(
@@ -493,24 +481,19 @@ pub mod pallet {
}
/// check cert allowed
- // first internal checks
- // then external checks
- fn check_cert_allowed(
- caller_key: T::AccountId,
+ // 1. no self cert
+ // 2. issuer received cert count
+ // 3. issuer max emitted cert
+ // 4. issuer cert period
+ fn check_add_cert_internal(
issuer: T::IdtyIndex,
receiver: T::IdtyIndex,
block_number: T::BlockNumber,
) -> DispatchResult {
- // --- first internal checks
// 1. Forbid self cert
ensure!(issuer != receiver, Error::<T>::CannotCertifySelf);
- // 2. Verify caller ownership
- let issuer_owner_key =
- T::OwnerKeyOf::convert(issuer).ok_or(Error::<T>::IssuerNotFound)?;
- ensure!(issuer_owner_key == caller_key, DispatchError::BadOrigin);
-
- // 3. Verify rule MinReceivedCertToBeAbleToIssueCert
+ // 2. Verify rule MinReceivedCertToBeAbleToIssueCert
// (this number can differ from the one necessary to be member)
let issuer_idty_cert_meta = <StorageIdtyCertMeta<T>>::get(issuer);
ensure!(
@@ -519,18 +502,32 @@ pub mod pallet {
Error::<T>::NotEnoughCertReceived
);
- // 4. Verify rule MaxByIssuer
+ // 3. Verify rule MaxByIssuer
ensure!(
issuer_idty_cert_meta.issued_count < T::MaxByIssuer::get(),
Error::<T>::IssuedTooManyCert
);
- // 5. Verify rule CertPeriod
+ // 4. Verify rule CertPeriod
ensure!(
block_number >= issuer_idty_cert_meta.next_issuable_on,
Error::<T>::NotRespectCertPeriod
);
+ Ok(())
+ }
+
+ /// check cert allowed
+ // first internal checks
+ // then external checks
+ fn check_add_cert(
+ issuer: T::IdtyIndex,
+ receiver: T::IdtyIndex,
+ block_number: T::BlockNumber,
+ ) -> DispatchResult {
+ // internal checks
+ Self::check_add_cert_internal(issuer, receiver, block_number)?;
+
// --- then external checks
// - issuer is member
// - receiver is confirmed