rippled
Loading...
Searching...
No Matches
DepositAuthorized.cpp
1//------------------------------------------------------------------------------
2/*
3 This file is part of rippled: https://github.com/ripple/rippled
4 Copyright (c) 2018 Ripple Labs Inc.
5
6 Permission to use, copy, modify, and/or distribute this software for any
7 purpose with or without fee is hereby granted, provided that the above
8 copyright notice and this permission notice appear in all copies.
9
10 THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17*/
18//==============================================================================
19
20#include <xrpld/app/misc/CredentialHelpers.h>
21#include <xrpld/ledger/ReadView.h>
22#include <xrpld/rpc/Context.h>
23#include <xrpld/rpc/detail/RPCHelpers.h>
24#include <xrpl/protocol/ErrorCodes.h>
25#include <xrpl/protocol/Indexes.h>
26#include <xrpl/protocol/RPCErr.h>
27#include <xrpl/protocol/jss.h>
28
29namespace ripple {
30
31// {
32// source_account : <ident>
33// destination_account : <ident>
34// ledger_hash : <ledger>
35// ledger_index : <ledger_index>
36// credentials : [<credentialID>,...]
37// }
38
39Json::Value
40doDepositAuthorized(RPC::JsonContext& context)
41{
42 Json::Value const& params = context.params;
43
44 // Validate source_account.
45 if (!params.isMember(jss::source_account))
46 return RPC::missing_field_error(jss::source_account);
47 if (!params[jss::source_account].isString())
48 return RPC::make_error(
49 rpcINVALID_PARAMS,
50 RPC::expected_field_message(jss::source_account, "a string"));
51
52 auto srcID = parseBase58<AccountID>(params[jss::source_account].asString());
53 if (!srcID)
54 return rpcError(rpcACT_MALFORMED);
55 auto const srcAcct{std::move(srcID.value())};
56
57 // Validate destination_account.
58 if (!params.isMember(jss::destination_account))
59 return RPC::missing_field_error(jss::destination_account);
60 if (!params[jss::destination_account].isString())
61 return RPC::make_error(
62 rpcINVALID_PARAMS,
63 RPC::expected_field_message(jss::destination_account, "a string"));
64
65 auto dstID =
66 parseBase58<AccountID>(params[jss::destination_account].asString());
67 if (!dstID)
68 return rpcError(rpcACT_MALFORMED);
69 auto const dstAcct{std::move(dstID.value())};
70
71 // Validate ledger.
72 std::shared_ptr<ReadView const> ledger;
73 Json::Value result = RPC::lookupLedger(ledger, context);
74
75 if (!ledger)
76 return result;
77
78 // If source account is not in the ledger it can't be authorized.
79 if (!ledger->exists(keylet::account(srcAcct)))
80 {
81 RPC::inject_error(rpcSRC_ACT_NOT_FOUND, result);
82 return result;
83 }
84
85 // If destination account is not in the ledger you can't deposit to it, eh?
86 auto const sleDest = ledger->read(keylet::account(dstAcct));
87 if (!sleDest)
88 {
89 RPC::inject_error(rpcDST_ACT_NOT_FOUND, result);
90 return result;
91 }
92
93 bool const reqAuth =
94 (sleDest->getFlags() & lsfDepositAuth) && (srcAcct != dstAcct);
95 bool const credentialsPresent = params.isMember(jss::credentials);
96
97 std::set<std::pair<AccountID, Slice>> sorted;
98 std::vector<std::shared_ptr<SLE const>> lifeExtender;
99 if (credentialsPresent)
100 {
101 auto const& creds(params[jss::credentials]);
102 if (!creds.isArray() || !creds)
103 {
104 return RPC::make_error(
105 rpcINVALID_PARAMS,
106 RPC::expected_field_message(
107 jss::credentials,
108 "is non-empty array of CredentialID(hash256)"));
109 }
110 else if (creds.size() > maxCredentialsArraySize)
111 {
112 return RPC::make_error(
113 rpcINVALID_PARAMS,
114 RPC::expected_field_message(
115 jss::credentials, "array too long"));
116 }
117
118 lifeExtender.reserve(creds.size());
119 for (auto const& jo : creds)
120 {
121 if (!jo.isString())
122 {
123 return RPC::make_error(
124 rpcINVALID_PARAMS,
125 RPC::expected_field_message(
126 jss::credentials, "an array of CredentialID(hash256)"));
127 }
128
129 uint256 credH;
130 auto const credS = jo.asString();
131 if (!credH.parseHex(credS))
132 {
133 return RPC::make_error(
134 rpcINVALID_PARAMS,
135 RPC::expected_field_message(
136 jss::credentials, "an array of CredentialID(hash256)"));
137 }
138
139 std::shared_ptr<SLE const> sleCred =
140 ledger->read(keylet::credential(credH));
141 if (!sleCred)
142 {
143 RPC::inject_error(
144 rpcBAD_CREDENTIALS, "credentials don't exist", result);
145 return result;
146 }
147
148 if (!(sleCred->getFlags() & lsfAccepted))
149 {
150 RPC::inject_error(
151 rpcBAD_CREDENTIALS, "credentials aren't accepted", result);
152 return result;
153 }
154
155 if (credentials::checkExpired(
156 sleCred, ledger->info().parentCloseTime))
157 {
158 RPC::inject_error(
159 rpcBAD_CREDENTIALS, "credentials are expired", result);
160 return result;
161 }
162
163 if ((*sleCred)[sfSubject] != srcAcct)
164 {
165 RPC::inject_error(
166 rpcBAD_CREDENTIALS,
167 "credentials doesn't belong to the root account",
168 result);
169 return result;
170 }
171
172 auto [it, ins] = sorted.emplace(
173 (*sleCred)[sfIssuer], (*sleCred)[sfCredentialType]);
174 if (!ins)
175 {
176 RPC::inject_error(
177 rpcBAD_CREDENTIALS, "duplicates in credentials", result);
178 return result;
179 }
180 lifeExtender.push_back(std::move(sleCred));
181 }
182 }
183
184 // If the two accounts are the same OR if that flag is
185 // not set, then the deposit should be fine.
186 bool depositAuthorized = true;
187 if (reqAuth)
188 depositAuthorized =
189 ledger->exists(keylet::depositPreauth(dstAcct, srcAcct)) ||
190 (credentialsPresent &&
191 ledger->exists(keylet::depositPreauth(dstAcct, sorted)));
192
193 result[jss::source_account] = params[jss::source_account].asString();
194 result[jss::destination_account] =
195 params[jss::destination_account].asString();
196 if (credentialsPresent)
197 result[jss::credentials] = params[jss::credentials];
198
199 result[jss::deposit_authorized] = depositAuthorized;
200 return result;
201}
202
203} // namespace ripple
Json::Value
Represents a JSON value.
Definition: json_value.h:147
Json::Value::asString
std::string asString() const
Returns the unquoted string value.
Definition: json_value.cpp:469
Json::Value::isMember
bool isMember(const char *key) const
Return true if the object has a member named key.
Definition: json_value.cpp:943
ripple::base_uint< 256 >
ripple::base_uint::parseHex
constexpr bool parseHex(std::string_view sv)
Parse a hex string into a base_uint.
Definition: base_uint.h:502
std::set::emplace
T emplace(T... args)
ripple::RPC::make_error
Json::Value make_error(error_code_i code)
Returns a new json object that reflects the error code.
Definition: ErrorCodes.cpp:180
ripple::RPC::inject_error
void inject_error(error_code_i code, JsonValue &json)
Add or update the json update to reflect the error code.
Definition: ErrorCodes.h:220
ripple::RPC::expected_field_message
std::string expected_field_message(std::string const &name, std::string const &type)
Definition: ErrorCodes.h:324
ripple::RPC::lookupLedger
Status lookupLedger(std::shared_ptr< ReadView const > &ledger, JsonContext &context, Json::Value &result)
Look up a ledger from a request and fill a Json::Result with the data representing a ledger.
Definition: RPCHelpers.cpp:623
ripple::RPC::missing_field_error
Json::Value missing_field_error(std::string const &name)
Definition: ErrorCodes.h:270
ripple::credentials::checkExpired
bool checkExpired(std::shared_ptr< SLE const > const &sleCredential, NetClock::time_point const &closed)
Definition: CredentialHelpers.cpp:30
ripple::keylet::credential
Keylet credential(AccountID const &subject, AccountID const &issuer, Slice const &credType) noexcept
Definition: Indexes.cpp:521
ripple::keylet::account
Keylet account(AccountID const &id) noexcept
AccountID root.
Definition: Indexes.cpp:160
ripple::keylet::depositPreauth
Keylet depositPreauth(AccountID const &owner, AccountID const &preauthorized) noexcept
A DepositPreauth.
Definition: Indexes.cpp:318
ripple
Use hash_* containers for keys that do not need a cryptographically secure hashing algorithm.
Definition: algorithm.h:26
ripple::rpcSRC_ACT_NOT_FOUND
@ rpcSRC_ACT_NOT_FOUND
Definition: ErrorCodes.h:122
ripple::rpcACT_MALFORMED
@ rpcACT_MALFORMED
Definition: ErrorCodes.h:90
ripple::rpcBAD_CREDENTIALS
@ rpcBAD_CREDENTIALS
Definition: ErrorCodes.h:152
ripple::rpcINVALID_PARAMS
@ rpcINVALID_PARAMS
Definition: ErrorCodes.h:84
ripple::rpcDST_ACT_NOT_FOUND
@ rpcDST_ACT_NOT_FOUND
Definition: ErrorCodes.h:105
ripple::lsfDepositAuth
@ lsfDepositAuth
Definition: LedgerFormats.h:136
ripple::rpcError
Json::Value rpcError(int iError)
Definition: RPCErr.cpp:29
ripple::doDepositAuthorized
Json::Value doDepositAuthorized(RPC::JsonContext &context)
Definition: DepositAuthorized.cpp:40
ripple::maxCredentialsArraySize
std::size_t constexpr maxCredentialsArraySize
The maximum number of credentials can be passed in array.
Definition: Protocol.h:106
std::vector::push_back
T push_back(T... args)
std::vector::reserve
T reserve(T... args)
ripple::RPC::JsonContext::params
Json::Value params
Definition: Context.h:64
Generated by doxygen 1.9.5