verifier.gno

1.96 Kb ยท 67 lines 
 1// Package names provides functionality for checking of package deployments
 2// by users registered in r/sys/users are done to proper namespaces.
 3package names
 4
 5import (
 6	"std"
 7	"strings"
 8
 9	"gno.land/p/demo/ownable"
10
11	"gno.land/r/sys/users"
12)
13
14var (
15	Ownable = ownable.NewWithAddress("g1manfred47kzduec920z88wfr64ylksmdcedlf5") // dropped in genesis via Enable. XXX We should switch to something better once the GovDAO situation is stabilized.
16
17	enabled = false
18)
19
20// IsAuthorizedAddressForNamespace ensures that the given address has ownership of the given name.
21// A user's name found in r/sys/users is equivalent to their namespace.
22func IsAuthorizedAddressForNamespace(address std.Address, namespace string) bool {
23	return verifier(enabled, address, namespace)
24}
25
26// Enable enables the namespace check and drops centralized ownership of this realm.
27// The namespace check is disabled initially to ease txtar and other testing contexts,
28// but this function is meant to be called in the genesis of a chain.
29func Enable() {
30	Ownable.AssertCallerIsOwner()
31	enabled = true
32	Ownable.DropOwnership()
33}
34
35func IsEnabled() bool {
36	return enabled
37}
38
39// verifier checks the store to see that the
40// user has properly registered a given name/namespace.
41// This function considers as valid an `address` that matches the `namespace` (PA namespaces)
42func verifier(enabled bool, address std.Address, namespace string) bool {
43	if !enabled {
44		return true // only in pre-genesis cases
45	}
46
47	if strings.TrimSpace(address.String()) == "" || strings.TrimSpace(namespace) == "" {
48		return false
49	}
50
51	// Allow user with their own address as namespace
52	// This enables pseudo-anon namespaces
53	// ie gno.land/{p,r}/{ADDRESS}/**
54	if address.String() == namespace {
55		return true
56	}
57
58	// Can be a registered namespace or an alias
59	userData, _ := users.ResolveName(namespace)
60	if userData == nil || userData.IsDeleted() {
61		return false
62	}
63
64	/// XXX: add check for r/sys/teams down the line
65
66	return userData.Addr() == address
67}