NOTICK Properly merge the two RPCPermissionResolver classes as they diverged

2025-01-18 10:46:38 +00:00 · 2020-09-22 20:57:49 +01:00 · 2020-09-22 20:57:49 +01:00 · 60309114ec
commit 60309114ec
parent 5ff95efbce
1 changed files with 16 additions and 12 deletions
--- a/node/src/main/kotlin/net/corda/node/internal/security/RPCPermissionResolver.kt
+++ b/node/src/main/kotlin/net/corda/node/internal/security/RPCPermissionResolver.kt
@ -41,30 +41,34 @@ internal object RPCPermissionResolver : PermissionResolver {
    private const val ACTION_INVOKE_RPC = "invokerpc"
    private const val ACTION_ALL = "all"
    private val FLOW_RPC_CALLS = setOf(
-            "startFlowDynamic",
-            "startTrackedFlowDynamic",
-            "startFlow",
-            "startTrackedFlow")
+        "startFlowDynamic",
+        "startTrackedFlowDynamic",
+        "startFlowDynamicWithClientId",
+        "startFlow",
+        "startTrackedFlow",
+        "startFlowWithClientId"
+    )
+
+    private val FLOW_RPC_PERMITTED_START_FLOW_CALLS = setOf("startFlow", "startFlowDynamic")
+    private val FLOW_RPC_PERMITTED_TRACKED_START_FLOW_CALLS = setOf("startTrackedFlow", "startTrackedFlowDynamic")
+    private val FLOW_RPC_PERMITTED_START_FLOW_WITH_CLIENT_ID_CALLS = setOf("startFlowWithClientId", "startFlowDynamicWithClientId")

    override fun resolvePermission(representation: String): Permission {
        when (representation.substringBefore(SEPARATOR).toLowerCase()) {
            ACTION_INVOKE_RPC -> {
                val rpcCall = representation.substringAfter(SEPARATOR, "")
-                require(representation.count { it == SEPARATOR } == 1 && rpcCall.isNotEmpty()) {
-                    "Malformed permission string"
-                }
+                require(representation.count { it == SEPARATOR } == 1 && rpcCall.isNotEmpty()) { "Malformed permission string" }
                val legacyPermitted = when (rpcCall) {
-                    "startFlow" -> setOf("startFlowDynamic", rpcCall)
-                    "startTrackedFlow" -> setOf("startTrackedFlowDynamic", rpcCall)
+                    "startFlow" -> FLOW_RPC_PERMITTED_START_FLOW_CALLS
+                    "startTrackedFlow" -> FLOW_RPC_PERMITTED_TRACKED_START_FLOW_CALLS
+                    "startFlowWithClientId" -> FLOW_RPC_PERMITTED_START_FLOW_WITH_CLIENT_ID_CALLS
                    else -> setOf(rpcCall)
                }
                return RPCPermission(legacyPermitted.toFullyQualified())
            }
            ACTION_START_FLOW -> {
                val targetFlow = representation.substringAfter(SEPARATOR, "")
-                require(targetFlow.isNotEmpty()) {
-                    "Missing target flow after StartFlow"
-                }
+                require(targetFlow.isNotEmpty()) { "Missing target flow after StartFlow" }
                return RPCPermission(FLOW_RPC_CALLS.toFullyQualified(), targetFlow)
            }
            ACTION_ALL -> {