(tx *types.UpdatePermission)
| 803 | } |
| 804 | |
| 805 | func (s *metaState) updatePermission(tx *types.UpdatePermission) (err error) { |
| 806 | log.WithFields(log.Fields{ |
| 807 | "tx_hash": tx.Hash(), |
| 808 | "sender": tx.GetAccountAddress(), |
| 809 | "db_id": tx.TargetSQLChain, |
| 810 | "target_user": tx.TargetUser, |
| 811 | }).Debug("in updatePermission") |
| 812 | sender, err := crypto.PubKeyHash(tx.Signee) |
| 813 | if err != nil { |
| 814 | log.WithFields(log.Fields{ |
| 815 | "tx": tx.Hash(), |
| 816 | }).WithError(err).Error("unexpected err") |
| 817 | return |
| 818 | } |
| 819 | so, loaded := s.loadSQLChainObject(tx.TargetSQLChain.DatabaseID()) |
| 820 | if !loaded { |
| 821 | log.WithFields(log.Fields{ |
| 822 | "dbID": tx.TargetSQLChain.DatabaseID(), |
| 823 | }).WithError(ErrDatabaseNotFound).Error("unexpected error in updatePermission") |
| 824 | return ErrDatabaseNotFound |
| 825 | } |
| 826 | |
| 827 | // check whether sender has super privilege and find targetUser |
| 828 | numOfSuperUsers := 0 |
| 829 | targetUserIndex := -1 |
| 830 | for i, u := range so.Users { |
| 831 | if sender == u.Address && !u.Permission.HasSuperPermission() { |
| 832 | log.WithFields(log.Fields{ |
| 833 | "sender": sender, |
| 834 | "dbID": tx.TargetSQLChain, |
| 835 | }).WithError(ErrAccountPermissionDeny).Error("unexpected error in updatePermission") |
| 836 | return ErrAccountPermissionDeny |
| 837 | } |
| 838 | if u.Permission.HasSuperPermission() { |
| 839 | numOfSuperUsers++ |
| 840 | } |
| 841 | if tx.TargetUser == u.Address { |
| 842 | targetUserIndex = i |
| 843 | } |
| 844 | } |
| 845 | |
| 846 | // return error if number of Admin <= 1 and Admin want to revoke permission of itself |
| 847 | if numOfSuperUsers <= 1 && tx.TargetUser == sender && !tx.Permission.HasSuperPermission() { |
| 848 | err = ErrNoSuperUserLeft |
| 849 | log.WithFields(log.Fields{ |
| 850 | "sender": sender, |
| 851 | "dbID": tx.TargetSQLChain, |
| 852 | "targetUser": tx.TargetUser, |
| 853 | }).WithError(err).Warning("in updatePermission") |
| 854 | return |
| 855 | } |
| 856 | |
| 857 | // update targetUser's permission |
| 858 | if targetUserIndex == -1 { |
| 859 | u := types.SQLChainUser{ |
| 860 | Address: tx.TargetUser, |
| 861 | Permission: tx.Permission, |
| 862 | Status: types.UnknownStatus, |
no test coverage detected