#5 Feat: implement whitelist

GolosChain · Feb 1, 2019 · 9d87cf2 · 9d87cf2
1 parent 8e670fe
commit 9d87cf2
Show file tree

Hide file tree

Showing 7 changed files with 130 additions and 5 deletions.
diff --git a/.env.example b/.env.example
@@ -2,3 +2,4 @@ GLS_CONNECTOR_HOST=
 GLS_CONNECTOR_PORT=
 GLS_WIF=
 GLS_LOGIN=
+GLS_MONGO_CONNECT=mongodb://bandwidth_mongo:27017/admin
diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -13,5 +13,19 @@ services:
         env_file:
             - .env
 
+    mongo:
+        container_name: bandwidth_mongo
+        image: mongo
+        restart: always
+        volumes:
+            - badwidth_mongodb_vol:/data/db
+        ports:
+            - 127.0.0.1:27017:27017
+        networks:
+            - services-tier
+
 networks:
     services-tier:
+
+volumes:
+    badwidth_mongodb_vol:
diff --git a/src/Main.js b/src/Main.js
@@ -1,6 +1,5 @@
 const core = require('gls-core-service');
 const stats = core.utils.statsClient;
-const InnerGate = core.services.Connector;
 const BasicMain = core.services.BasicMain;
 const env = require('./data/env');
 const Connector = require('./services/Connector');

diff --git a/src/controllers/BandwidthProvider.js b/src/controllers/BandwidthProvider.js
@@ -2,10 +2,13 @@ const core = require('gls-core-service');
 const Basic = core.controllers.Basic;
 const env = require('../data/env');
 const { GLS_WIF, GLS_LOGIN } = env;
+
 class BandwidthProvider extends Basic {
-    constructor({ connector }) {
+    constructor({ connector, whitelist }) {
         super({ connector });
 
+        this.whitelist = whitelist;
+
         this._WIF = GLS_WIF;
         this._login = GLS_LOGIN;
 
@@ -41,11 +44,20 @@ class BandwidthProvider extends Basic {
         }
     }
 
-    async provideBandwidth() {
+    async provideBandwidth({ username, channelId, transaction }) {
         if (!this.serviceReady) {
             await this.authorize();
         }
 
+        const isAllowed = await this.whitelist.isAllowed({ channelId, username });
+
+        if (!isAllowed) {
+            throw {
+                code: 1103,
+                message: 'This user is not allowed to require bandwidth',
+            };
+        }
+
         /*
         Контракт: eosio
 Действие: providebw

diff --git a/src/controllers/Whitelist.js b/src/controllers/Whitelist.js
@@ -0,0 +1,79 @@
+const core = require('gls-core-service');
+const BasicController = core.controllers.Basic;
+const Whitelist = require('../model/Whitelist');
+
+class WhitelistController extends BasicController {
+    constructor({ connector }) {
+        super({ connector });
+
+        this._whitelistMap = new Map(); // username -> set of cids
+        this._cidSet = new Set(); // set of cids
+    }
+
+    async _askRegService({ username }) {
+        // TODO: implement call to service
+        return true;
+    }
+
+    _addInMem({ username, channelId }) {
+        this._cidSet.add(channelId);
+
+        let userCids = this._whitelistMap.get(username);
+
+        if (userCids) {
+            userCids.add(channelId);
+        } else {
+            userCids = new Set(channelId);
+        }
+
+        this._whitelistMap.set(username, userCids);
+    }
+
+    _removeFromMem(username) {
+        const cids = this._whitelistMap.get(username);
+        if (cids) {
+            cids.forEach(cid => {
+                this._cidSet.delete(cid);
+            });
+        }
+    }
+
+    async isAllowed({ channelId, username }) {
+        // in memory -> allowed
+        if (this._cidSet.has(channelId)) return true;
+
+        const user = await Whitelist.findOne({ username });
+
+        // explicitly banned -> not allowed
+        if (user && user.banned) {
+            return false;
+        }
+
+        // in db -> allowed and should be stored in memory
+        if (user && !user.banned) {
+            this._addInMem({ username, channelId });
+
+            return true;
+        }
+
+        const inRegService = await this._askRegService({ username });
+
+        if (!inRegService) {
+            return false;
+        }
+
+        // in reg service -> add to mongo and to in-mem
+        await Whitelist.create({ username });
+        this._addInMem({ username, channelId });
+
+        return true;
+    }
+
+    async banUser(username) {
+        await Whitelist.findOneAndRemove({ username });
+
+        this._removeFromMem(username);
+    }
+}
+
+module.exports = WhitelistController;
diff --git a/src/model/Whitelist.js b/src/model/Whitelist.js
@@ -0,0 +1,14 @@
+const core = require('gls-core-service');
+const MongoDB = core.services.MongoDB;
+
+module.exports = MongoDB.makeModel('Whitelist', {
+    username: {
+        type: String,
+        required: true,
+    },
+    banned: {
+        type: Boolean,
+        required: true,
+        default: false,
+    },
+});
diff --git a/src/services/Connector.js b/src/services/Connector.js
@@ -1,20 +1,26 @@
 const core = require('gls-core-service');
 const BasicConnector = core.services.Connector;
 const BandwidthProvider = require('../controllers/BandwidthProvider');
+const Whitelist = require('../controllers/Whitelist');
 
 class Connector extends BasicConnector {
     constructor() {
         super();
-
-        this._bandwidthProvider = new BandwidthProvider({ connector: this });
+        this._whitelistController = new Whitelist({ connector: this });
+        this._bandwidthProvider = new BandwidthProvider({
+            connector: this,
+            whitelist: this._whitelistController,
+        });
     }
 
     async start() {
         const provider = this._bandwidthProvider;
+        const whitelist = this._whitelistController;
 
         await super.start({
             serverRoutes: {
                 'bandwidth.Provide': provider.provideBandwidth.bind(provider),
+                'bandwidth.BanUser': whitelist.banUser.bind(provider),
             },
         });
     }