diff --git a/node/src/chain_spec/gdev.rs b/node/src/chain_spec/gdev.rs
index 5e458c803cde655236db715967b75865da3a809b..aeb45dfd21511480a43a8765387d01e7703c2f5c 100644
--- a/node/src/chain_spec/gdev.rs
+++ b/node/src/chain_spec/gdev.rs
@@ -111,9 +111,11 @@ fn devnet_genesis(
identities: initial_identities
.iter()
.map(|(name, account)| IdtyValue {
- name: name.clone(),
+ data: Default::default(),
expire_on: gdev_runtime::MaxInactivityPeriod::get(),
owner_key: account.clone(),
+ name: name.clone(),
+ next_creatable_identity_on: Default::default(),
removable_on: 0,
renewable_on: gdev_runtime::StrongCertRenewablePeriod::get(),
rights: vec![
@@ -122,7 +124,6 @@ fn devnet_genesis(
(IdtyRight::Ud, None),
],
status: gdev_runtime::IdtyStatus::Validated,
- data: Default::default(),
})
.collect(),
},
diff --git a/pallets/identity/src/lib.rs b/pallets/identity/src/lib.rs
index 4ab1afa758bb37e7b6608917168f226f54c33536..c7da9310720a2be4862a0d94ff3c1726e2be6dea 100644
--- a/pallets/identity/src/lib.rs
+++ b/pallets/identity/src/lib.rs
@@ -60,6 +60,8 @@ pub mod pallet {
type DelRightOrigin: EnsureOrigin<Self::Origin>;
/// Management of the authorizations of the different calls. (The default implementation only allows root)
type EnsureIdtyCallAllowed: EnsureIdtyCallAllowed<Self>;
+ /// Minimum duration between the creation of 2 identities by the same creator
+ type IdtyCreationPeriod: Get<Self::BlockNumber>;
/// Identity custom data
type IdtyData: Parameter + Member + MaybeSerializeDeserialize + Debug + Default;
/// Identity custom data provider
@@ -280,7 +282,25 @@ pub mod pallet {
idty_name: IdtyName,
owner_key: T::AccountId,
) -> DispatchResultWithPostInfo {
- T::EnsureIdtyCallAllowed::can_create_identity(origin, creator, &idty_name, &owner_key)?;
+ let creator_idty_val =
+ Identities::<T>::try_get(&creator).map_err(|_| Error::<T>::CreatorNotExist)?;
+
+ let block_number = frame_system::pallet::Pallet::<T>::block_number();
+
+ if creator_idty_val.next_creatable_identity_on
+ > block_number + T::IdtyCreationPeriod::get()
+ {
+ return Err(Error::<T>::NotRespectIdtyCreationPeriod.into());
+ }
+
+ T::EnsureIdtyCallAllowed::can_create_identity(
+ origin,
+ creator,
+ creator_idty_val,
+ &idty_name,
+ &owner_key,
+ )?;
+
if !T::IdtyNameValidator::validate(&idty_name) {
return Err(Error::<T>::IdtyNameInvalid.into());
}
@@ -290,15 +310,15 @@ pub mod pallet {
return Err(Error::<T>::IdtyNameAlreadyExist.into());
}
- let block_number = frame_system::pallet::Pallet::<T>::block_number();
let removable_on = block_number + T::ConfirmPeriod::get();
let idty_index = Self::get_next_idty_index();
<Identities<T>>::insert(
idty_index,
IdtyValue {
- name: idty_name.clone(),
expire_on: T::BlockNumber::zero(),
+ name: idty_name.clone(),
+ next_creatable_identity_on: T::BlockNumber::zero(),
owner_key: owner_key.clone(),
removable_on,
renewable_on: T::BlockNumber::zero(),
@@ -625,6 +645,8 @@ pub mod pallet {
#[pallet::error]
pub enum Error<T> {
+ /// Creator not exist
+ CreatorNotExist,
/// Identity already confirmed
IdtyAlreadyConfirmed,
/// Identity already validated
@@ -649,6 +671,8 @@ pub mod pallet {
RightAlreadyAdded,
/// Right not exist
RightNotExist,
+ /// Not respect IdtyCreationPeriod
+ NotRespectIdtyCreationPeriod,
}
// PUBLIC FUNCTIONS //
@@ -672,7 +696,7 @@ pub mod pallet {
} else {
panic!("storage corrupted")
}
- } //NextIdtyIndex
+ }
fn get_next_idty_index() -> T::IdtyIndex {
if let Ok(next_index) = <NextIdtyIndex<T>>::try_get() {
<NextIdtyIndex<T>>::put(next_index.saturating_add(T::IdtyIndex::one()));
diff --git a/pallets/identity/src/mock.rs b/pallets/identity/src/mock.rs
index 0dfaf06f01176921df6f7ba54b7f418b1ca8c25a..d7b9ed028e0aae8c63bbf5b4af49e9eee143deb1 100644
--- a/pallets/identity/src/mock.rs
+++ b/pallets/identity/src/mock.rs
@@ -114,6 +114,7 @@ impl system::Config for Test {
parameter_types! {
pub const ConfirmPeriod: u64 = 2;
+ pub const IdtyCreationPeriod: u64 = 3;
pub const MaxInactivityPeriod: u64 = 5;
pub const MaxNoRightPeriod: u64 = 4;
pub const RenewablePeriod: u64 = 3;
@@ -133,6 +134,7 @@ impl pallet_identity::Config for Test {
type AddRightOrigin = system::EnsureRoot<AccountId>;
type DelRightOrigin = system::EnsureRoot<AccountId>;
type EnsureIdtyCallAllowed = ();
+ type IdtyCreationPeriod = IdtyCreationPeriod;
type IdtyData = ();
type IdtyDataProvider = ();
type IdtyNameValidator = IdtyNameValidatorTestImpl;
diff --git a/pallets/identity/src/tests.rs b/pallets/identity/src/tests.rs
index 0748a04726b7cbf15ae5ed33f73125590849d54f..7b976305e0a9cfab16ea3501bdff334833ffd4a5 100644
--- a/pallets/identity/src/tests.rs
+++ b/pallets/identity/src/tests.rs
@@ -33,24 +33,26 @@ fn test_no_identity() {
fn test_two_identities() {
let identities = vec![
crate::IdtyValue {
- name: IdtyName(vec![0]),
+ data: (),
expire_on: 5,
owner_key: 1,
+ name: IdtyName(vec![0]),
+ next_creatable_identity_on: 0,
removable_on: 0,
renewable_on: 3,
rights: vec![(Right::Right2, Some(10))],
status: crate::IdtyStatus::Validated,
- data: (),
},
crate::IdtyValue {
- name: IdtyName(vec![1]),
+ data: (),
expire_on: 5,
owner_key: 2,
+ name: IdtyName(vec![1]),
+ next_creatable_identity_on: 0,
removable_on: 0,
renewable_on: 3,
rights: vec![(Right::Right1, Some(20))],
status: crate::IdtyStatus::Validated,
- data: (),
},
];
diff --git a/pallets/identity/src/traits.rs b/pallets/identity/src/traits.rs
index 44862c5e4e27ebac430728cffccdd3aa4cf31922..caa9c2446b811c733bdd037c832e5b298f0b6e6d 100644
--- a/pallets/identity/src/traits.rs
+++ b/pallets/identity/src/traits.rs
@@ -24,6 +24,7 @@ pub trait EnsureIdtyCallAllowed<T: Config> {
fn can_create_identity(
origin: T::Origin,
creator: T::IdtyIndex,
+ creator_idty: IdtyValue<T::AccountId, T::BlockNumber, T::IdtyData, T::IdtyRight>,
idty_name: &IdtyName,
idty_owner_key: &T::AccountId,
) -> Result<(), DispatchError>;
@@ -33,6 +34,7 @@ impl<T: Config> EnsureIdtyCallAllowed<T> for () {
fn can_create_identity(
origin: T::Origin,
_creator: T::IdtyIndex,
+ _creator_idty: IdtyValue<T::AccountId, T::BlockNumber, T::IdtyData, T::IdtyRight>,
_idty_name: &IdtyName,
_idty_owner_key: &T::AccountId,
) -> Result<(), DispatchError> {
diff --git a/pallets/identity/src/types.rs b/pallets/identity/src/types.rs
index 147cbd1abd22d97973674b66e689ae347b6cdcf6..dcca75ea962926705929c001bd7d0abf353a363f 100644
--- a/pallets/identity/src/types.rs
+++ b/pallets/identity/src/types.rs
@@ -79,14 +79,15 @@ pub struct IdtyValue<
IdtyData: Decode + Encode + TypeInfo,
IdtyRight: Decode + Encode + TypeInfo,
> {
- pub name: IdtyName,
+ pub data: IdtyData,
pub expire_on: BlockNumber,
pub owner_key: AccountId,
+ pub name: IdtyName,
+ pub next_creatable_identity_on: BlockNumber,
pub removable_on: BlockNumber,
pub renewable_on: BlockNumber,
pub rights: Vec<(IdtyRight, Option<AccountId>)>,
pub status: IdtyStatus,
- pub data: IdtyData,
}
impl<AccountId, BlockNumber, IdtyData, IdtyRight>
diff --git a/pallets/membership/src/lib.rs b/pallets/membership/src/lib.rs
index 7ecfdec32ec56ae4188ca808e38d3c841602b425..951ad411c340fc5c0c5dd47e8563bc24ba8d7dbf 100644
--- a/pallets/membership/src/lib.rs
+++ b/pallets/membership/src/lib.rs
@@ -479,7 +479,7 @@ impl<T: Config<I>, I: 'static> IsInPendingMemberships<T::IdtyId> for Pallet<T, I
impl<T: Config<I>, I: 'static> IsMember<T::IdtyId> for Pallet<T, I> {
fn is_member(idty_id: &T::IdtyId) -> bool {
- Self::is_member_inner(&idty_id)
+ Self::is_member_inner(idty_id)
}
}
diff --git a/runtime/common/src/authorizations.rs b/runtime/common/src/authorizations.rs
index febd81ecc096add7a392aa38069acc3101e3f2cd..1c2ef413e85715ab5ed204c81a5219206ed246a8 100644
--- a/runtime/common/src/authorizations.rs
+++ b/runtime/common/src/authorizations.rs
@@ -38,38 +38,38 @@ impl<
fn can_create_identity(
origin: Runtime::Origin,
creator: IdtyIndex,
+ creator_idty: pallet_identity::IdtyValue<
+ Runtime::AccountId,
+ BlockNumber,
+ IdtyData,
+ IdtyRight,
+ >,
_idty_name: &pallet_identity::IdtyName,
_idty_owner_key: &Runtime::AccountId,
) -> Result<(), DispatchError> {
match origin.into() {
Ok(frame_system::RawOrigin::Root) => Ok(()),
Ok(frame_system::RawOrigin::Signed(signer)) => {
- if let Some(creator_idty) = pallet_identity::Pallet::<Runtime>::identity(creator) {
- if let Some(authorized_key) = creator_idty.get_right_key(IdtyRight::CreateIdty)
+ if let Some(authorized_key) = creator_idty.get_right_key(IdtyRight::CreateIdty) {
+ if signer != authorized_key {
+ frame_support::runtime_print!("signer != authorized_key");
+ Err(DispatchError::Other("signer != authorized_key"))
+ } else if !IsIdtyAllowedToCreateCertImpl::is_idty_allowed_to_create_cert(
+ creator,
+ ) {
+ frame_support::runtime_print!("not allowed to create cert");
+ Err(DispatchError::Other("not allowed to create cert"))
+ } else if creator_idty.data.can_create_on
+ > frame_system::Pallet::<Runtime>::block_number()
{
- if signer != authorized_key {
- frame_support::runtime_print!("signer != authorized_key");
- Err(DispatchError::Other("signer != authorized_key"))
- } else if !IsIdtyAllowedToCreateCertImpl::is_idty_allowed_to_create_cert(
- creator,
- ) {
- frame_support::runtime_print!("not allowed to create cert");
- Err(DispatchError::Other("not allowed to create cert"))
- } else if creator_idty.data.can_create_on
- > frame_system::Pallet::<Runtime>::block_number()
- {
- frame_support::runtime_print!("Not respect IdtyCreatePeriod");
- Err(DispatchError::Other("Not respect IdtyCreatePeriod"))
- } else {
- Ok(())
- }
+ frame_support::runtime_print!("Not respect IdtyCreatePeriod");
+ Err(DispatchError::Other("Not respect IdtyCreatePeriod"))
} else {
- frame_support::runtime_print!("Idty not have right CreateIdty");
- Err(DispatchError::Other("Idty not have right CreateIdty"))
+ Ok(())
}
} else {
- frame_support::runtime_print!("Idty not found");
- Err(DispatchError::Other("Idty not found"))
+ frame_support::runtime_print!("Idty not have right CreateIdty");
+ Err(DispatchError::Other("Idty not have right CreateIdty"))
}
}
_ => {
diff --git a/runtime/common/src/lib.rs b/runtime/common/src/lib.rs
index 6f15bcaeb9f81ca9c44716176e60b87a37ef324b..ac789e56f56dcb857e087794291f4a95751808d7 100644
--- a/runtime/common/src/lib.rs
+++ b/runtime/common/src/lib.rs
@@ -53,7 +53,7 @@ pub type Hash = sp_core::H256;
pub type Header = sp_runtime::generic::Header<BlockNumber, sp_runtime::traits::BlakeTwo256>;
/// Index of an identity
-pub type IdtyIndex = u64;
+pub type IdtyIndex = u32;
/// Index of a transaction in the chain.
pub type Index = u32;
diff --git a/runtime/common/src/pallets_config.rs b/runtime/common/src/pallets_config.rs
index 77101f901229d834e7c69e4151a3365b95870231..3bb3e44fd4f473ca89e482368483732d0859d0fb 100644
--- a/runtime/common/src/pallets_config.rs
+++ b/runtime/common/src/pallets_config.rs
@@ -190,6 +190,7 @@ macro_rules! pallets_config {
type AddRightOrigin = EnsureRoot<Self::AccountId>;
type DelRightOrigin = EnsureRoot<Self::AccountId>;
type EnsureIdtyCallAllowed = EnsureIdtyCallAllowedImpl<Runtime, StrongCert>;
+ type IdtyCreationPeriod = IdtyCreationPeriod;
type IdtyDataProvider = IdtyDataProvider<Runtime, IDTY_CREATE_PERIOD>;
type IdtyData = IdtyData;
type IdtyNameValidator = IdtyNameValidatorImpl;
diff --git a/runtime/g1/src/parameters.rs b/runtime/g1/src/parameters.rs
index 03a91519c6ed2d1b13c2b3025fd03644d006ac2e..2a1eea4d603c738bf5a414fe8847b43737bfe8de 100644
--- a/runtime/g1/src/parameters.rs
+++ b/runtime/g1/src/parameters.rs
@@ -95,8 +95,9 @@ parameter_types! {
// Identity
pub const IDTY_CREATE_PERIOD: BlockNumber = 100;
frame_support::parameter_types! {
- pub const ConfirmPeriod: BlockNumber = 3 * DAYS;
+ pub const ConfirmPeriod: BlockNumber = 14 * DAYS;
pub const FirstIssuableOn: BlockNumber = 30* DAYS;
+ pub const IdtyCreationPeriod: BlockNumber = MONTHS;
pub const IdtyRenewablePeriod: BlockNumber = 6 * MONTHS;
pub const MaxInactivityPeriod: BlockNumber = YEARS;
pub const MaxNoRightPeriod: BlockNumber = YEARS;
diff --git a/runtime/gdev/src/parameters.rs b/runtime/gdev/src/parameters.rs
index 87ba20d7c2761adcc1c3321a618da86aed5375ea..e51875d38cb65d46c4c061f85db72302d8e89080 100644
--- a/runtime/gdev/src/parameters.rs
+++ b/runtime/gdev/src/parameters.rs
@@ -49,12 +49,13 @@ frame_support::parameter_types! {
// Identity
pub const IDTY_CREATE_PERIOD: BlockNumber = 100;
frame_support::parameter_types! {
- pub const ConfirmPeriod: BlockNumber = 12 * HOURS;
- pub const FirstIssuableOn: BlockNumber = 10;
- pub const IdtyRenewablePeriod: BlockNumber = 6 * MONTHS;
- pub const MaxInactivityPeriod: BlockNumber = YEARS;
- pub const MaxNoRightPeriod: BlockNumber = YEARS;
- pub const ValidationPeriod: BlockNumber = 2 * MONTHS;
+ pub const ConfirmPeriod: BlockNumber = 40;
+ pub const FirstIssuableOn: BlockNumber = 20;
+ pub const IdtyCreationPeriod: BlockNumber = 50;
+ pub const IdtyRenewablePeriod: BlockNumber = 50;
+ pub const MaxInactivityPeriod: BlockNumber = 1_000;
+ pub const MaxNoRightPeriod: BlockNumber = 1_000;
+ pub const ValidationPeriod: BlockNumber = 500;
}
// Certification
diff --git a/runtime/gtest/src/parameters.rs b/runtime/gtest/src/parameters.rs
index 73dddb1b3a43ccd668e67ea74ada1582354c0e78..44f287dfde8ef904b62b7c55c8f459b18eb9f7b3 100644
--- a/runtime/gtest/src/parameters.rs
+++ b/runtime/gtest/src/parameters.rs
@@ -94,8 +94,9 @@ parameter_types! {
// Identity
pub const IDTY_CREATE_PERIOD: BlockNumber = 100;
frame_support::parameter_types! {
- pub const ConfirmPeriod: BlockNumber = DAYS;
+ pub const ConfirmPeriod: BlockNumber = 8 * HOURS;
pub const FirstIssuableOn: BlockNumber = DAYS;
+ pub const IdtyCreationPeriod: BlockNumber = DAYS;
pub const IdtyRenewablePeriod: BlockNumber = 12 * DAYS;
pub const MaxInactivityPeriod: BlockNumber = 73 * DAYS;
pub const MaxNoRightPeriod: BlockNumber = 73 * DAYS;