/
AccessToken.sol
176 lines (137 loc) · 6.52 KB
/
AccessToken.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
pragma solidity ^0.4.19;
contract AccessToken{
//UserTokenContainer which is a list of accessDetails by account
struct UserTokenContainer{
//is this asset is permisible or not
bool flag;
address owner;
//list of permissioned asset to view by another owner.
//SecOwnerList secownerlist;
bytes32 assetKey;
}
struct SecOwnerList{
//address of orginal asset owner
address owner;
// address of secondry ownner
address secOwner;
// asset orginal key
bytes32 assetKey;
// flag to set this asset is readable by secOwner
bool flag;
}
//one to one mapping , this is not suitable for number of permissible key are distributed to n>1
//List of secondary owner address - which make the list of permissiable address index as asset key
mapping(
bytes32 => mapping(
address => bool
)
)public ListOfSecOwnAdd;
//mapping address of UserTokenContainer with the corrosponding data
//this is used for register asset with its corrosponding data
//utc is the list of transactions -> User Token Container
//address= address of owner and bytes32=asset key
mapping(
address => mapping(
bytes32 => UserTokenContainer
)
) public utc;
//sowl-> Secondary OWner List
mapping(
address => mapping(
address => SecOwnerList
)
)sowl;
/**
*remaining work with BDB
*address of user who push the data into both bigchaindb and titan blockchain .
*address public AssetCreaterAddress;
*address of user who wants to view the data from bigchaindb.
*address public TransactionViewerAddres;
*inorder to view the transation , 'TransactionViewerAddres' must have the private key of the bigchiandb.
*bytes32 public BdbKey;
*
*
*to move the address when ever needed like implements for function argument override
*/
address public TempAddress;
//Inorder to restrict the replication of asset and missuse of asset.
modifier isAdmin(bytes32 _assetkey){
require(!(utc[msg.sender][_assetkey].assetKey == _assetkey));
_;
}
event GetAssetDone(address, bytes32);
event RegisteredAsset(address, bytes32, bool);
event AssetPermissiable(address _owner_address, address _secowner_address, bytes32 _assetkey, bool flag);
event DeleteAcessSucceed(address _owner_address,address _secowner_address, bytes32 _assetkey);
/**
*registerAsset
*Description: registers asset so owner (account) can be identified for subsequent operations
*input variables: asset_key
*returns: type: boolean Description: success status
*Flow
*Checks to see if caller is owner of asset
*if owner then registers the asset associated with owner name
*returns true for success or false for failure
*/
function registerAsset(bytes32 _assetkey, bool _flag) public isAdmin(_assetkey) constant returns (bool){
utc[msg.sender][_assetkey] = UserTokenContainer(_flag, msg.sender, _assetkey);
/**
*utc[msg.sender][_assetkey].owner = msg.sender;
*utc[msg.sender][_assetkey].assetKey = _assetkey;
*default must be false
*utc[msg.sender][_assetkey].flag = _flag;
*/
RegisteredAsset(msg.sender, _assetkey, _flag);
return true;
}
//Give access to vew the asset to other users
function giveAccess(address _owner_address, bytes32 _assetkey, address _secowner_address){
UserTokenContainer currentUserTokenContainer ;
currentUserTokenContainer = utc[_owner_address][_assetkey];
// need to be owner of asset
assert(currentUserTokenContainer.owner == _owner_address);
assert(currentUserTokenContainer.assetKey == _assetkey);
if (currentUserTokenContainer.flag==false){
//this asset is now view by other users.
utc[_owner_address][_assetkey].flag=true;
}
// specific to users who want to view the asset must have the permision
//which permission is given by owner of the asset.
sowl[_owner_address][_secowner_address].owner=msg.sender;
sowl[_owner_address][_secowner_address].secOwner=_secowner_address;
// this is the condition of only one asset can be permissiable to one user.
sowl[_owner_address][_secowner_address].assetKey=_assetkey;
//for this individual asset there must be in and out scope .
sowl[_owner_address][_secowner_address].flag=true;
ListOfSecOwnAdd[_assetkey][_secowner_address]=true;
//event for success
AssetPermissiable(_owner_address, _secowner_address, _assetkey,true);
}
/**
*deleteAccess (only for owner of asset): Revokes access to a specified asset
*/
function deleteAccess(address _owner_address, address _secowner_address, bytes32 _assetkey)private {
SecOwnerList currentSecOwnerList ;
currentSecOwnerList = sowl[_owner_address][_secowner_address];
// need to match both addresses and asset key
assert(currentSecOwnerList.owner== _owner_address);
assert(currentSecOwnerList.assetKey==_assetkey);
//flag in the SecOwnerList must be 'true'.if flag is 'false' then it is not permissible.
assert(sowl[_owner_address][_secowner_address].flag);
//set flag to false
sowl[_owner_address][_secowner_address].flag=false;
DeleteAcessSucceed(_owner_address,_secowner_address,_assetkey);
}
function getAsset(bytes32 _assetkey)public returns(bool) {
//if msg.sender is not the owner of the asset then we have to look whether this
//msg.sender has permission to read.
if(utc[msg.sender][_assetkey].assetKey != _assetkey){
//(assetKey,msg.sender)->(n,n) .
//number of assetkey have number of secondry address.
//if true then it means that, asset have permissoin to see by the requester.
assert(ListOfSecOwnAdd[_assetkey][msg.sender] == true);
}
GetAssetDone(msg.sender,_assetkey);
return true;
}
}