CCF
Loading...
Searching...
No Matches
permissions_checks.h
Go to the documentation of this file.
1// Copyright (c) Microsoft Corporation. All rights reserved.
2// Licensed under the Apache 2.0 License.
3#pragma once
4
5#include "ccf/js/kv_access_permissions.h"
6#include "ccf/js/namespace_restrictions.h"
7#include "ccf/js/tx_access.h"
8#include "kv/kv_types.h"
9
10namespace ccf::js
11{
12 static KVAccessPermissions check_kv_map_access(
13 TxAccess execution_context, const std::string& table_name)
14 {
15 // Enforce the restrictions described in the read_write_restrictions page in
16 // the docs. Note that table is more readable, so should be considered the
17 // source of truth for these restrictions. This code is formatted to attempt
18 // to make it clear how it maps directly to that table.
19 const auto [privacy_of_table, namespace_of_table] =
20 ccf::kv::parse_map_name(table_name);
21
22 switch (privacy_of_table)
23 {
24 case (ccf::kv::SecurityDomain::PRIVATE):
25 {
26 // The only time private tables can be used, is on private application
27 // tables in an application context. Governance should neither read from
28 // nor write to private tables, and if private governance or internal
29 // tables exist then applications should not be able to read them.
30 if (
31 execution_context == TxAccess::APP_RW &&
32 namespace_of_table == ccf::kv::AccessCategory::APPLICATION)
33 {
34 return KVAccessPermissions::READ_WRITE;
35 }
36 else if (
37 execution_context == TxAccess::APP_RO &&
38 namespace_of_table == ccf::kv::AccessCategory::APPLICATION)
39 {
40 return KVAccessPermissions::READ_ONLY;
41 }
42 else
43 {
44 return KVAccessPermissions::ILLEGAL;
45 }
46 }
47
48 case (ccf::kv::SecurityDomain::PUBLIC):
49 {
50 switch (namespace_of_table)
51 {
52 case ccf::kv::AccessCategory::INTERNAL:
53 {
54 return KVAccessPermissions::READ_ONLY;
55 }
56
57 case ccf::kv::AccessCategory::GOVERNANCE:
58 {
59 if (execution_context == TxAccess::GOV_RW)
60 {
61 return KVAccessPermissions::READ_WRITE;
62 }
63 else
64 {
65 return KVAccessPermissions::READ_ONLY;
66 }
67 }
68
69 case ccf::kv::AccessCategory::APPLICATION:
70 {
71 switch (execution_context)
72 {
73 case (TxAccess::APP_RW):
74 {
75 return KVAccessPermissions::READ_WRITE;
76 }
77 case (TxAccess::APP_RO):
78 {
79 return KVAccessPermissions::READ_ONLY;
80 }
81 default:
82 {
83 return KVAccessPermissions::ILLEGAL;
84 }
85 }
86 }
87 }
88 }
89
90 case (ccf::kv::SecurityDomain::SECURITY_DOMAIN_MAX):
91 {
92 throw std::logic_error(fmt::format(
93 "Unexpected security domain (max) for table {}", table_name));
94 }
95 }
96 }
97 static std::string explain_kv_map_access(
98 ccf::js::KVAccessPermissions permission, ccf::js::TxAccess access)
99 {
100 char const* table_kind = permission == KVAccessPermissions::READ_ONLY ?
101 "read-only" :
102 "inaccessible";
103
104 char const* exec_context = "unknown";
105 switch (access)
106 {
107 case (TxAccess::APP_RW):
108 {
109 exec_context = "application";
110 break;
111 }
112 case (TxAccess::APP_RO):
113 {
114 exec_context = "read-only application";
115 break;
116 }
117 case (TxAccess::GOV_RO):
118 {
119 exec_context = "read-only governance";
120 break;
121 }
122 case (TxAccess::GOV_RW):
123 {
124 exec_context = "read-write governance";
125 break;
126 }
127 }
128
129 static constexpr char const* access_permissions_explanation_url =
130 "https://microsoft.github.io/CCF/main/audit/"
131 "read_write_restrictions.html";
132
133 return fmt::format(
134 "This table is {} in current ({}) execution context. See {} for more "
135 "detail.",
136 table_kind,
137 exec_context,
138 access_permissions_explanation_url);
139 }
140}
kv_access_permissions.h
kv_types.h
namespace_restrictions.h
ccf::js
Definition bundle.h:12
ccf::js::TxAccess
TxAccess
Definition tx_access.h:10
ccf::js::KVAccessPermissions
KVAccessPermissions
Definition kv_access_permissions.h:10
ccf::kv::SECURITY_DOMAIN_MAX
@ SECURITY_DOMAIN_MAX
Definition kv_types.h:256
ccf::kv::PRIVATE
@ PRIVATE
Definition kv_types.h:255
ccf::kv::PUBLIC
@ PUBLIC
Definition kv_types.h:254
ccf::kv::INTERNAL
@ INTERNAL
Definition kv_types.h:261
ccf::kv::APPLICATION
@ APPLICATION
Definition kv_types.h:263
ccf::kv::GOVERNANCE
@ GOVERNANCE
Definition kv_types.h:262
tx_access.h
Generated by doxygen 1.9.8