Skip to content

Commit c5a7f6e

Browse files
satiracodesatiracode
committed
Add missing permissions
1 parent d3e1a7a commit c5a7f6e

File tree

6 files changed

+22
-15
lines changed

6 files changed

+22
-15
lines changed

src/main/kotlin/org/exploit/keeper/constant/Permission.kt

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,15 +2,16 @@ package org.exploit.keeper.constant
22

33
object Permission {
44
private const val KEY_GET_PUBLICKEY = "bitkeeper.key.%s.public"
5+
56
private const val KEY_SIGN = "bitkeeper.key.%s.sign"
7+
private const val KEY_VERIFY = "bitkeeper.key.%s.verify"
68

79
private const val SYSTEM_UNSEAL = "bitkeeper.system.unseal"
810
private const val SYSTEM_SEAL = "bitkeeper.system.seal"
911
private const val SYSTEM_INIT = "bitkeeper.system.init"
12+
private const val SYSTEM_STATUS = "bitkeeper.system.status"
1013

1114
private const val STORE_WRITE = "bitkeeper.storage.write"
12-
private const val STORE_READ = "bitkeeper.storage.read"
13-
1415
private const val GENERATE_KEY = "bitkeeper.dkg.generate"
1516

1617
fun systemUnseal(): String = SYSTEM_UNSEAL
@@ -21,11 +22,13 @@ object Permission {
2122

2223
fun storageWrite(): String = STORE_WRITE
2324

24-
fun storageRead(): String = STORE_READ
25-
2625
fun generateKey() = GENERATE_KEY
2726

27+
fun systemStatus(): String = SYSTEM_STATUS
28+
2829
fun keyGetPublicKey(key: String): String = KEY_GET_PUBLICKEY.format(key)
2930

3031
fun keySign(key: String): String = KEY_SIGN.format(key)
32+
33+
fun keyVerify(key: String): String = KEY_VERIFY.format(key)
3134
}

src/main/kotlin/org/exploit/keeper/controller/core/CentralController.kt renamed to src/main/kotlin/org/exploit/keeper/controller/keeper/CentralController.kt

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
package org.exploit.keeper.controller.core
1+
package org.exploit.keeper.controller.keeper
22

33
import io.smallrye.mutiny.Uni
44
import jakarta.ws.rs.GET
@@ -28,11 +28,11 @@ class CentralController(
2828
@GET
2929
@Path("/publicKey")
3030
fun publicKey(@QueryParam("keyId") keyId: String): Uni<PublicKeyDto> {
31+
policyChecker.ensureHasPermission(ctx, Permission.keyGetPublicKey(keyId))
32+
3133
if (!keeper.initialized())
3234
throw SealedException()
3335

34-
policyChecker.ensureHasPermission(ctx, Permission.keyGetPublicKey(keyId))
35-
3636
return pub.getPublicKey(keyId).toUni()
3737
}
3838
}

src/main/kotlin/org/exploit/keeper/controller/keygen/KeyGenController.kt renamed to src/main/kotlin/org/exploit/keeper/controller/keeper/KeyGenController.kt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
package org.exploit.keeper.controller.keygen
1+
package org.exploit.keeper.controller.keeper
22

33
import io.smallrye.mutiny.Uni
44
import jakarta.ws.rs.POST

src/main/kotlin/org/exploit/keeper/controller/core/SignatureController.kt renamed to src/main/kotlin/org/exploit/keeper/controller/keeper/SignatureController.kt

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
package org.exploit.keeper.controller.core
1+
package org.exploit.keeper.controller.keeper
22

33
import io.quarkus.arc.All
44
import io.smallrye.mutiny.Uni
@@ -36,11 +36,11 @@ class SignatureController(
3636
@POST
3737
@Path("/sign")
3838
fun sign(body: Sign): Uni<TSSResult> {
39+
policyChecker.ensureHasPermission(ctx, Permission.keySign(body.keyId))
40+
3941
if (!keeper.initialized() || keeper.sealed())
4042
throw SealedException()
4143

42-
policyChecker.ensureHasPermission(ctx, Permission.keySign(body.keyId))
43-
4444
return when (body.type) {
4545
SessionType.GG20 -> gg20.sign(
4646
sessionId = body.sessionId,
@@ -61,6 +61,8 @@ class SignatureController(
6161
@POST
6262
@Path("/sign/verify")
6363
fun verify(body: Verify): Uni<VerifyResult> {
64+
policyChecker.ensureHasPermission(ctx, Permission.keyVerify(body.keyId))
65+
6466
if (!keeper.initialized() || keeper.sealed())
6567
throw SealedException()
6668

src/main/kotlin/org/exploit/keeper/controller/core/StorageController.kt renamed to src/main/kotlin/org/exploit/keeper/controller/keeper/StorageController.kt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
package org.exploit.keeper.controller.core
1+
package org.exploit.keeper.controller.keeper
22

33
import jakarta.ws.rs.Path
44
import jakarta.ws.rs.container.ContainerRequestContext

src/main/kotlin/org/exploit/keeper/controller/core/SystemController.kt renamed to src/main/kotlin/org/exploit/keeper/controller/keeper/SystemController.kt

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
package org.exploit.keeper.controller.core
1+
package org.exploit.keeper.controller.keeper
22

33
import jakarta.ws.rs.GET
44
import jakarta.ws.rs.POST
@@ -28,8 +28,10 @@ class SystemController(
2828

2929
@GET
3030
@Path("/status")
31-
fun status(): StatusResponse =
32-
keeper.status()
31+
fun status(): StatusResponse {
32+
policyChecker.ensureHasPermission(ctx, Permission.systemStatus())
33+
return keeper.status()
34+
}
3335

3436
@PUT
3537
@Path("/unseal")

0 commit comments

Comments
 (0)