Skip to content
Snippets Groups Projects

feat(identity): explicit revocation

Merged feat(identity): explicit revocation
idty_revoke into master
All threads resolved!
Merged Pascal Engélibert requested to merge idty_revoke into master
All threads resolved!
Compare
and
4 files
+ 145
3
Compare changes
  • Side-by-side
  • Inline

Files

pallets/identity/src/lib.rs
+ 68
3
@@ -36,7 +36,7 @@ use crate::traits::*;
use codec::Codec;
use frame_support::dispatch::Weight;
use frame_system::RawOrigin;
use sp_runtime::traits::{AtLeast32BitUnsigned, One, Saturating, Zero};
use sp_runtime::traits::{AtLeast32BitUnsigned, IdentifyAccount, One, Saturating, Zero};
use sp_std::fmt::Debug;
use sp_std::prelude::*;
@@ -45,6 +45,7 @@ pub mod pallet {
use super::*;
use frame_support::pallet_prelude::*;
use frame_support::traits::StorageVersion;
use frame_system::offchain::SignedPayload;
use frame_system::pallet_prelude::*;
use sp_membership::traits::MembershipAction as _;
@@ -59,7 +60,7 @@ pub mod pallet {
// CONFIG //
#[pallet::config]
pub trait Config: frame_system::Config {
pub trait Config: frame_system::Config + frame_system::offchain::SigningTypes {
#[pallet::constant]
/// Period during which the owner can confirm the new identity.
type ConfirmPeriod: Get<Self::BlockNumber>;
@@ -251,7 +252,11 @@ pub mod pallet {
// These functions materialize as "extrinsics", which are often compared to transactions.
// Dispatchable functions must be annotated with a weight and must return a DispatchResult.
#[pallet::call]
impl<T: Config> Pallet<T> {
impl<T: Config> Pallet<T>
where
<T as frame_system::offchain::SigningTypes>::Public:
IdentifyAccount<AccountId = T::AccountId>,
{
#[pallet::weight(0)]
pub fn create_identity(
origin: OriginFor<T>,
@@ -549,6 +554,65 @@ pub mod pallet {
}
}
#[pallet::weight(0)]
pub fn revoke_identity(
origin: OriginFor<T>,
payload: RevocationPayload<
<T as frame_system::offchain::SigningTypes>::Public,
T::IdtyIndex,
>,
payload_sig: <T as frame_system::offchain::SigningTypes>::Signature,
) -> DispatchResultWithPostInfo {
let who = ensure_signed(origin)?;
if !payload.verify(payload_sig) {
return Err(Error::<T>::BadProof.into());
}
let idty_index = payload.idty;
if let Ok(mut idty_value) = <Identities<T>>::try_get(idty_index) {
if idty_value.owner_key != payload.owner_key.into_account() {
return Err(Error::<T>::RequireToBeOwner.into());
}
if idty_value.status != IdtyStatus::Validated {
return Err(Error::<T>::IdtyNotValidated.into());
}
for (right, subkey_opt) in idty_value.rights.drain(..) {
let name = idty_value.name.clone();
let old_key_opt = if let Some(ref subkey) = subkey_opt {
Some(subkey.clone())
} else if right.allow_owner_key() {
Some(idty_value.owner_key.clone())
} else {
None
};
Self::deposit_event(Event::<T>::IdtyLostRight(name, right));
if old_key_opt.is_some() {
T::OnRightKeyChange::on_right_key_change(
idty_index,
right,
old_key_opt,
None,
);
}
}
let block_number = frame_system::pallet::Pallet::<T>::block_number();
let removable_on = block_number + T::MaxNoRightPeriod::get();
idty_value.removable_on = removable_on;
<IdentitiesRemovableOn<T>>::append(
removable_on,
(idty_index, IdtyStatus::Validated),
);
<Identities<T>>::insert(idty_index, idty_value);
Ok(().into())
} else {
Err(Error::<T>::IdtyNotFound.into())
}
}
#[pallet::weight(0)]
pub fn set_right_subkey(
origin: OriginFor<T>,
idty_index: T::IdtyIndex,
@@ -608,6 +672,7 @@ pub mod pallet {
#[pallet::error]
pub enum Error<T> {
BadProof,
/// Creator not exist
CreatorNotExist,
/// Creator not allowed to create identities