rippled
Loading...
Searching...
No Matches
DepositAuthorized.cpp
1//------------------------------------------------------------------------------
2/*
3 This file is part of rippled: https://github.com/ripple/rippled
4 Copyright (c) 2018 Ripple Labs Inc.
5
6 Permission to use, copy, modify, and/or distribute this software for any
7 purpose with or without fee is hereby granted, provided that the above
8 copyright notice and this permission notice appear in all copies.
9
10 THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17*/
18//==============================================================================
19
20#include <xrpld/app/misc/CredentialHelpers.h>
21#include <xrpld/ledger/ReadView.h>
22#include <xrpld/rpc/Context.h>
23#include <xrpld/rpc/detail/RPCHelpers.h>
24
25#include <xrpl/protocol/ErrorCodes.h>
26#include <xrpl/protocol/Indexes.h>
27#include <xrpl/protocol/RPCErr.h>
28#include <xrpl/protocol/jss.h>
29
30namespace ripple {
31
32// {
33// source_account : <ident>
34// destination_account : <ident>
35// ledger_hash : <ledger>
36// ledger_index : <ledger_index>
37// credentials : [<credentialID>,...]
38// }
39
40Json::Value
41doDepositAuthorized(RPC::JsonContext& context)
42{
43 Json::Value const& params = context.params;
44
45 // Validate source_account.
46 if (!params.isMember(jss::source_account))
47 return RPC::missing_field_error(jss::source_account);
48 if (!params[jss::source_account].isString())
49 return RPC::make_error(
50 rpcINVALID_PARAMS,
51 RPC::expected_field_message(jss::source_account, "a string"));
52
53 auto srcID = parseBase58<AccountID>(params[jss::source_account].asString());
54 if (!srcID)
55 return rpcError(rpcACT_MALFORMED);
56 auto const srcAcct{std::move(srcID.value())};
57
58 // Validate destination_account.
59 if (!params.isMember(jss::destination_account))
60 return RPC::missing_field_error(jss::destination_account);
61 if (!params[jss::destination_account].isString())
62 return RPC::make_error(
63 rpcINVALID_PARAMS,
64 RPC::expected_field_message(jss::destination_account, "a string"));
65
66 auto dstID =
67 parseBase58<AccountID>(params[jss::destination_account].asString());
68 if (!dstID)
69 return rpcError(rpcACT_MALFORMED);
70 auto const dstAcct{std::move(dstID.value())};
71
72 // Validate ledger.
73 std::shared_ptr<ReadView const> ledger;
74 Json::Value result = RPC::lookupLedger(ledger, context);
75
76 if (!ledger)
77 return result;
78
79 // If source account is not in the ledger it can't be authorized.
80 if (!ledger->exists(keylet::account(srcAcct)))
81 {
82 RPC::inject_error(rpcSRC_ACT_NOT_FOUND, result);
83 return result;
84 }
85
86 // If destination account is not in the ledger you can't deposit to it, eh?
87 auto const sleDest = ledger->read(keylet::account(dstAcct));
88 if (!sleDest)
89 {
90 RPC::inject_error(rpcDST_ACT_NOT_FOUND, result);
91 return result;
92 }
93
94 bool const reqAuth =
95 (sleDest->getFlags() & lsfDepositAuth) && (srcAcct != dstAcct);
96 bool const credentialsPresent = params.isMember(jss::credentials);
97
98 std::set<std::pair<AccountID, Slice>> sorted;
99 std::vector<std::shared_ptr<SLE const>> lifeExtender;
100 if (credentialsPresent)
101 {
102 auto const& creds(params[jss::credentials]);
103 if (!creds.isArray() || !creds)
104 {
105 return RPC::make_error(
106 rpcINVALID_PARAMS,
107 RPC::expected_field_message(
108 jss::credentials,
109 "is non-empty array of CredentialID(hash256)"));
110 }
111 else if (creds.size() > maxCredentialsArraySize)
112 {
113 return RPC::make_error(
114 rpcINVALID_PARAMS,
115 RPC::expected_field_message(
116 jss::credentials, "array too long"));
117 }
118
119 lifeExtender.reserve(creds.size());
120 for (auto const& jo : creds)
121 {
122 if (!jo.isString())
123 {
124 return RPC::make_error(
125 rpcINVALID_PARAMS,
126 RPC::expected_field_message(
127 jss::credentials, "an array of CredentialID(hash256)"));
128 }
129
130 uint256 credH;
131 auto const credS = jo.asString();
132 if (!credH.parseHex(credS))
133 {
134 return RPC::make_error(
135 rpcINVALID_PARAMS,
136 RPC::expected_field_message(
137 jss::credentials, "an array of CredentialID(hash256)"));
138 }
139
140 std::shared_ptr<SLE const> sleCred =
141 ledger->read(keylet::credential(credH));
142 if (!sleCred)
143 {
144 RPC::inject_error(
145 rpcBAD_CREDENTIALS, "credentials don't exist", result);
146 return result;
147 }
148
149 if (!(sleCred->getFlags() & lsfAccepted))
150 {
151 RPC::inject_error(
152 rpcBAD_CREDENTIALS, "credentials aren't accepted", result);
153 return result;
154 }
155
156 if (credentials::checkExpired(
157 sleCred, ledger->info().parentCloseTime))
158 {
159 RPC::inject_error(
160 rpcBAD_CREDENTIALS, "credentials are expired", result);
161 return result;
162 }
163
164 if ((*sleCred)[sfSubject] != srcAcct)
165 {
166 RPC::inject_error(
167 rpcBAD_CREDENTIALS,
168 "credentials doesn't belong to the root account",
169 result);
170 return result;
171 }
172
173 auto [it, ins] = sorted.emplace(
174 (*sleCred)[sfIssuer], (*sleCred)[sfCredentialType]);
175 if (!ins)
176 {
177 RPC::inject_error(
178 rpcBAD_CREDENTIALS, "duplicates in credentials", result);
179 return result;
180 }
181 lifeExtender.push_back(std::move(sleCred));
182 }
183 }
184
185 // If the two accounts are the same OR if that flag is
186 // not set, then the deposit should be fine.
187 bool depositAuthorized = true;
188 if (reqAuth)
189 depositAuthorized =
190 ledger->exists(keylet::depositPreauth(dstAcct, srcAcct)) ||
191 (credentialsPresent &&
192 ledger->exists(keylet::depositPreauth(dstAcct, sorted)));
193
194 result[jss::source_account] = params[jss::source_account].asString();
195 result[jss::destination_account] =
196 params[jss::destination_account].asString();
197 if (credentialsPresent)
198 result[jss::credentials] = params[jss::credentials];
199
200 result[jss::deposit_authorized] = depositAuthorized;
201 return result;
202}
203
204} // namespace ripple
Json::Value
Represents a JSON value.
Definition: json_value.h:148
Json::Value::asString
std::string asString() const
Returns the unquoted string value.
Definition: json_value.cpp:475
Json::Value::isMember
bool isMember(const char *key) const
Return true if the object has a member named key.
Definition: json_value.cpp:949
ripple::base_uint< 256 >
ripple::base_uint::parseHex
constexpr bool parseHex(std::string_view sv)
Parse a hex string into a base_uint.
Definition: base_uint.h:503
std::set::emplace
T emplace(T... args)
ripple::RPC::make_error
Json::Value make_error(error_code_i code)
Returns a new json object that reflects the error code.
Definition: ErrorCodes.cpp:185
ripple::RPC::inject_error
void inject_error(error_code_i code, JsonValue &json)
Add or update the json update to reflect the error code.
Definition: ErrorCodes.h:223
ripple::RPC::expected_field_message
std::string expected_field_message(std::string const &name, std::string const &type)
Definition: ErrorCodes.h:327
ripple::RPC::lookupLedger
Status lookupLedger(std::shared_ptr< ReadView const > &ledger, JsonContext &context, Json::Value &result)
Look up a ledger from a request and fill a Json::Result with the data representing a ledger.
Definition: RPCHelpers.cpp:622
ripple::RPC::missing_field_error
Json::Value missing_field_error(std::string const &name)
Definition: ErrorCodes.h:273
ripple::credentials::checkExpired
bool checkExpired(std::shared_ptr< SLE const > const &sleCredential, NetClock::time_point const &closed)
Definition: CredentialHelpers.cpp:31
ripple::keylet::credential
Keylet credential(AccountID const &subject, AccountID const &issuer, Slice const &credType) noexcept
Definition: Indexes.cpp:536
ripple::keylet::account
Keylet account(AccountID const &id) noexcept
AccountID root.
Definition: Indexes.cpp:175
ripple::keylet::depositPreauth
Keylet depositPreauth(AccountID const &owner, AccountID const &preauthorized) noexcept
A DepositPreauth.
Definition: Indexes.cpp:333
ripple
Use hash_* containers for keys that do not need a cryptographically secure hashing algorithm.
Definition: algorithm.h:26
ripple::rpcSRC_ACT_NOT_FOUND
@ rpcSRC_ACT_NOT_FOUND
Definition: ErrorCodes.h:122
ripple::rpcACT_MALFORMED
@ rpcACT_MALFORMED
Definition: ErrorCodes.h:90
ripple::rpcBAD_CREDENTIALS
@ rpcBAD_CREDENTIALS
Definition: ErrorCodes.h:152
ripple::rpcINVALID_PARAMS
@ rpcINVALID_PARAMS
Definition: ErrorCodes.h:84
ripple::rpcDST_ACT_NOT_FOUND
@ rpcDST_ACT_NOT_FOUND
Definition: ErrorCodes.h:105
ripple::lsfDepositAuth
@ lsfDepositAuth
Definition: LedgerFormats.h:136
ripple::rpcError
Json::Value rpcError(int iError)
Definition: RPCErr.cpp:31
ripple::doDepositAuthorized
Json::Value doDepositAuthorized(RPC::JsonContext &context)
Definition: DepositAuthorized.cpp:41
ripple::maxCredentialsArraySize
std::size_t constexpr maxCredentialsArraySize
The maximum number of credentials can be passed in array.
Definition: Protocol.h:107
std::vector::push_back
T push_back(T... args)
std::vector::reserve
T reserve(T... args)
ripple::RPC::JsonContext::params
Json::Value params
Definition: Context.h:63
Generated by doxygen 1.9.5