Add special permission for overwriting keys via DKG

Author: satiracode

src/main/kotlin/org/exploit/keeper/constant/Permission.kt

@@ -13,6 +13,7 @@ object Permission {
 
     private const val STORE_WRITE = "bitkeeper.storage.write"
     private const val GENERATE_KEY = "bitkeeper.dkg.generate"
+    private const val GENERATE_KEY_OVERWRITE = "bitkeeper.dkg.generate.overwrite"
 
     fun systemUnseal(): String = SYSTEM_UNSEAL
 
@@ -24,6 +25,8 @@ object Permission {
 
     fun generateKey() = GENERATE_KEY
 
+    fun generateKeyOverwrite() = GENERATE_KEY_OVERWRITE
+
     fun systemStatus(): String = SYSTEM_STATUS
 
     fun keyGetPublicKey(key: String): String = KEY_GET_PUBLICKEY.format(key)

src/main/kotlin/org/exploit/keeper/controller/keeper/KeyGenController.kt

@@ -22,6 +22,9 @@ class KeyGenController(
     fun generate(@NotNull body: Generate): Uni<Void> {
         policyChecker.ensureHasPermission(ctx, Permission.generateKey())
 
+        if (body.overwrite) {
+            policyChecker.ensureHasPermission(ctx, Permission.generateKeyOverwrite())
+        }
         return dkg.generateKey(
             keyId = body.keyId,
             curve = KeeperCurve.fromName(body.curve),

src/main/kotlin/org/exploit/keeper/model/key/KeyData.kt

@@ -8,7 +8,5 @@ data class KeyData(val name: String? = null, val permissions: List<String> = emp
     }
 
     fun hasPermission(permission: String): Boolean =
-        antPermissions.any {
-            it.matches(permission)
-        }
+        antPermissions.any { it.matches(permission) } && antPermissions.none { it.matches("-$permission") }
 }