Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat!: remove deprecated command-line option -platform-user
Browse files Browse the repository at this point in the history
@knst
knst committed Dec 12, 2024
1 parent c07073d commit dcb4a00
Showing 4 changed files with 7 additions and 98 deletions.
2 changes: 0 additions & 2 deletions src/init.cpp
View file
Original file line number Diff line number Diff line change
@@ -1515,8 +1515,6 @@ bool AppInitMain(NodeContext& node, interfaces::BlockAndHeaderTipInfo* tip_info)

GetMainSignals().RegisterBackgroundSignalScheduler(*node.scheduler);

tableRPC.InitPlatformRestrictions();

/* Register RPC commands regardless of -server setting so they will be
* available in the GUI RPC console even if external calls are disabled.
*/
2 changes: 1 addition & 1 deletion src/rpc/protocol.h
View file
Original file line number Diff line number Diff line change
@@ -48,7 +48,7 @@ enum RPCErrorCode
RPC_VERIFY_ALREADY_IN_CHAIN = -27, //!< Transaction already in chain
RPC_IN_WARMUP = -28, //!< Client still warming up
RPC_METHOD_DEPRECATED = -32, //!< RPC method is deprecated
RPC_PLATFORM_RESTRICTION = -33, //!< This RPC command cannot be run by platform-user
RPC_RESERVED_UNUSED = -33, //!< This RPC code has been used in past, let it be reserved

//! Aliases for backward compatibility
RPC_TRANSACTION_ERROR = RPC_VERIFY_ERROR,
98 changes: 6 additions & 92 deletions src/rpc/server.cpp
View file
Original file line number Diff line number Diff line change
@@ -6,10 +6,6 @@

#include <rpc/server.h>

#include <chainparams.h>
#include <node/context.h>
#include <rpc/blockchain.h>
#include <rpc/server_util.h>
#include <rpc/util.h>
#include <shutdown.h>
#include <sync.h>
@@ -20,7 +16,6 @@

#include <boost/signals2/signal.hpp>

#include <algorithm>
#include <atomic>
#include <cassert>
#include <chrono>
@@ -37,10 +32,7 @@ static RPCTimerInterface* timerInterface = nullptr;
/* Map of name to timer. */
static Mutex g_deadline_timers_mutex;
static std::map<std::string, std::unique_ptr<RPCTimerBase> > deadlineTimers GUARDED_BY(g_deadline_timers_mutex);
static bool ExecuteCommand(const CRPCCommand& command, const JSONRPCRequest& request, UniValue& result, bool last_handler, const std::multimap<std::string, std::vector<UniValue>>& mapPlatformRestrictions);

// Any commands submitted by this user will have their commands filtered based on the mapPlatformRestrictions
static const std::string defaultPlatformUser = "platform-user";
static bool ExecuteCommand(const CRPCCommand& command, const JSONRPCRequest& request, UniValue& result, bool last_handler);

struct RPCCommandExecutionInfo
{
@@ -150,21 +142,6 @@ std::string CRPCTable::help(const std::string& strCommand, const JSONRPCRequest&
return strRet;
}

void CRPCTable::InitPlatformRestrictions()
{
mapPlatformRestrictions = {
{"getassetunlockstatuses", {}},
{"getbestblockhash", {}},
{"getblockhash", {}},
{"getblockcount", {}},
{"getbestchainlock", {}},
{"quorum sign", {static_cast<uint8_t>(Params().GetConsensus().llmqTypePlatform)}},
{"quorum verify", {}},
{"submitchainlock", {}},
{"verifyislock", {}},
};
}

static RPCHelpMan help()
{
return RPCHelpMan{"help",
@@ -507,10 +484,10 @@ static inline JSONRPCRequest transformNamedArguments(const JSONRPCRequest& in, c
return out;
}

static bool ExecuteCommands(const std::vector<const CRPCCommand*>& commands, const JSONRPCRequest& request, UniValue& result, const std::multimap<std::string, std::vector<UniValue>>& mapPlatformRestrictions)
static bool ExecuteCommands(const std::vector<const CRPCCommand*>& commands, const JSONRPCRequest& request, UniValue& result)
{
for (const auto& command : commands) {
if (ExecuteCommand(*command, request, result, &command == &commands.back(), mapPlatformRestrictions)) {
if (ExecuteCommand(*command, request, result, &command == &commands.back())) {
return true;
}
}
@@ -542,78 +519,15 @@ UniValue CRPCTable::execute(const JSONRPCRequest &request) const
if (it != mapCommands.end()) {
UniValue result;
const JSONRPCRequest new_request{subcommand.empty() ? request : request.squashed() };
if (ExecuteCommands(it->second, new_request, result, mapPlatformRestrictions)) {
if (ExecuteCommands(it->second, new_request, result)) {
return result;
}
}
throw JSONRPCError(RPC_METHOD_NOT_FOUND, "Method not found");
}

static bool ExecuteCommand(const CRPCCommand& command, const JSONRPCRequest& request, UniValue& result, bool last_handler, const std::multimap<std::string, std::vector<UniValue>>& mapPlatformRestrictions)
{
const NodeContext& node = EnsureAnyNodeContext(request.context);
// Before executing the RPC Command, filter commands from platform rpc user
if (node.mn_activeman && request.authUser == gArgs.GetArg("-deprecated-platform-user", defaultPlatformUser)) {
// replace this with structured binding in c++20
std::string command_name = command.name;
const auto& it = mapPlatformRestrictions.equal_range(command_name);
const auto& allowed_begin = it.first;
const auto& allowed_end = it.second;
/**
* allowed_begin and allowed_end are iterators that represent a range of [method_name, vec_params]
* For example, assume allowed = `quorum sign platformLlmqType`, `quorum verify` and `verifyislock`
* this range will look like:
*
* if request.strMethod == "quorum":
* [
* "quorum sign", [platformLlmqType],
* "quorum verify", []
* ]
* if request.strMethod == "verifyislock"
* [
* "verifyislock", []
* ]
*/

// If the requested method is not available in mapPlatformRestrictions
if (allowed_begin == allowed_end) {
throw JSONRPCError(RPC_PLATFORM_RESTRICTION, strprintf("Method \"%s\" prohibited", request.strMethod));
}

auto isValidRequest = [&request, &allowed_begin, &allowed_end]() {
for (auto itRequest = allowed_begin; itRequest != allowed_end; ++itRequest) {
// This is an individual group of parameters that is valid
// This will look something like `["sign", platformLlmqType]` from above.
const auto& vecAllowedParam = itRequest->second;
// An empty vector of allowed parameters represents that any parameter is allowed.
if (vecAllowedParam.empty()) {
return true;
}
if (request.params.empty()) {
throw JSONRPCError(RPC_PLATFORM_RESTRICTION, strprintf("Method \"%s\" has parameter restrictions.", request.strMethod));
}

if (request.params.size() < vecAllowedParam.size()) {
continue;
}

if (std::equal(vecAllowedParam.begin(), vecAllowedParam.end(),
request.params.getValues().begin(),
[](const UniValue& left, const UniValue& right) {
return left.type() == right.type() && left.getValStr() == right.getValStr();
})) {
return true;
}
}
return false;
};

// Try if any of the mapPlatformRestrictions entries matches the current request
if (!isValidRequest()) {
throw JSONRPCError(RPC_PLATFORM_RESTRICTION, "Request doesn't comply with the parameter restrictions.");
}
}

static bool ExecuteCommand(const CRPCCommand& command, const JSONRPCRequest& request, UniValue& result, bool last_handler)
{
try
{
RPCCommandExecution execution(request.strMethod);
3 changes: 0 additions & 3 deletions src/rpc/server.h
View file
Original file line number Diff line number Diff line change
@@ -124,13 +124,10 @@ class CRPCTable
{
private:
std::map<std::string, std::vector<const CRPCCommand*>> mapCommands;
std::multimap<std::string, std::vector<UniValue>> mapPlatformRestrictions;
public:
CRPCTable();
std::string help(const std::string& name, const JSONRPCRequest& helpreq) const;

void InitPlatformRestrictions();

/**
* Execute a method.
* @param request The JSONRPCRequest to execute

0 comments on commit dcb4a00

Please sign in to comment.