Refactored ;

source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerSecurityManagerImpl.java

@@ -7,6 +7,7 @@ import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 
+import com.jd.blockchain.ledger.LedgerInitSetting;
 import com.jd.blockchain.ledger.LedgerPermission;
 import com.jd.blockchain.ledger.LedgerSecurityException;
 import com.jd.blockchain.ledger.RolePrivilegeSettings;
@@ -29,9 +30,9 @@ public class LedgerSecurityManagerImpl implements LedgerSecurityManager {
 
 	private UserRoleSettings userRolesSettings;
 
-	//用户的权限配置
+	// 用户的权限配置
 	private Map<Bytes, UserRolesPrivileges> userPrivilegesCache = new ConcurrentHashMap<>();
-	
+
 	private Map<Bytes, UserRoles> userRolesCache = new ConcurrentHashMap<>();
 	private Map<String, RolePrivileges> rolesPrivilegeCache = new ConcurrentHashMap<>();
 
@@ -39,7 +40,13 @@ public class LedgerSecurityManagerImpl implements LedgerSecurityManager {
 		this.rolePrivilegeSettings = rolePrivilegeSettings;
 		this.userRolesSettings = userRolesSettings;
 	}
-
+	
+	
+	public static void initSecuritySettings(LedgerInitSetting initSettings, LedgerEditor editor) {
+		
+	}
+	
+	
 	@Override
 	public SecurityPolicy createSecurityPolicy(Set<Bytes> endpoints, Set<Bytes> nodes) {
 		Map<Bytes, UserRolesPrivileges> endpointPrivilegeMap = new HashMap<>();

source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerTransactionalEditor.java

@@ -8,7 +8,6 @@ import com.jd.blockchain.crypto.HashDigest;
 import com.jd.blockchain.ledger.BlockBody;
 import com.jd.blockchain.ledger.BlockRollbackException;
 import com.jd.blockchain.ledger.CryptoSetting;
-import com.jd.blockchain.ledger.DigitalSignature;
 import com.jd.blockchain.ledger.IllegalTransactionException;
 import com.jd.blockchain.ledger.LedgerBlock;
 import com.jd.blockchain.ledger.LedgerDataSnapshot;
@@ -16,15 +15,12 @@ import com.jd.blockchain.ledger.LedgerInitSetting;
 import com.jd.blockchain.ledger.LedgerSettings;
 import com.jd.blockchain.ledger.LedgerTransaction;
 import com.jd.blockchain.ledger.OperationResult;
-import com.jd.blockchain.ledger.TransactionContent;
 import com.jd.blockchain.ledger.TransactionRequest;
 import com.jd.blockchain.ledger.TransactionRollbackException;
 import com.jd.blockchain.ledger.TransactionState;
 import com.jd.blockchain.storage.service.ExPolicyKVStorage;
 import com.jd.blockchain.storage.service.VersioningKVStorage;
 import com.jd.blockchain.storage.service.utils.BufferedKVStorage;
-import com.jd.blockchain.transaction.SignatureUtils;
-import com.jd.blockchain.transaction.TxBuilder;
 import com.jd.blockchain.utils.Bytes;
 import com.jd.blockchain.utils.codec.Base58Utils;
 

source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/RolePrivilegeDataset.java

@@ -92,7 +92,7 @@ public class RolePrivilegeDataset implements Transactional, MerkleProvable, Role
 	}
 
 	/**
-	 * 设置角色授权； <br>
+	 * 设置角色权限； <br>
 	 * 如果版本校验不匹配，则返回 -1；
 	 * 
 	 * @param roleAuth
@@ -108,7 +108,7 @@ public class RolePrivilegeDataset implements Transactional, MerkleProvable, Role
 	}
 
 	/**
-	 * 更新角色授权； <br>
+	 * 更新角色权限； <br>
 	 * 如果指定的角色不存在，或者版本不匹配，则引发 {@link LedgerException} 异常；
 	 * 
 	 * @param participant
@@ -242,7 +242,7 @@ public class RolePrivilegeDataset implements Transactional, MerkleProvable, Role
 	}
 
 	/**
-	 * 查询角色授权；
+	 * 查询角色权限；
 	 * 
 	 * <br>
 	 * 如果不存在，则返回 null；
@@ -279,4 +279,8 @@ public class RolePrivilegeDataset implements Transactional, MerkleProvable, Role
 		return getRolePrivileges(0, (int) getRoleCount());
 	}
 
+	@Override
+	public boolean isReadonly() {
+		return dataset.isReadonly();
+	}
 }

source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/UserRoleDataset.java

@@ -166,4 +166,9 @@ public class UserRoleDataset implements Transactional, MerkleProvable, UserRoleS
 		return pns;
 	}
 
+	@Override
+	public boolean isReadonly() {
+		return dataset.isReadonly();
+	}
+
 }

source/ledger/ledger-core/src/test/java/test/com/jd/blockchain/ledger/core/LedgerAdminDatasetTest.java

@@ -88,45 +88,45 @@ public class LedgerAdminDatasetTest {
 		MemoryKVStorage testStorage = new MemoryKVStorage();
 
 		// Create intance with init setting;
-		LedgerAdminDataset ledgerAdminAccount = new LedgerAdminDataset(initSetting, keyPrefix, testStorage,
+		LedgerAdminDataset ledgerAdminDataset = new LedgerAdminDataset(initSetting, keyPrefix, testStorage,
 				testStorage);
 
-		ledgerAdminAccount.getRolePrivileges().addRolePrivilege("DEFAULT",
+		ledgerAdminDataset.getRolePrivileges().addRolePrivilege("DEFAULT",
 				new LedgerPermission[] { LedgerPermission.AUTHORIZE_ROLES, LedgerPermission.REGISTER_USER,
 						LedgerPermission.APPROVE_TX },
 				new TransactionPermission[] { TransactionPermission.DIRECT_OPERATION,
 						TransactionPermission.CONTRACT_OPERATION });
 
-		ledgerAdminAccount.getUserRoles().addUserRoles(parties[0].getAddress(), RolesPolicy.UNION, "DEFAULT");
+		ledgerAdminDataset.getUserRoles().addUserRoles(parties[0].getAddress(), RolesPolicy.UNION, "DEFAULT");
 
 		// New created instance is updated until being committed;
-		assertTrue(ledgerAdminAccount.isUpdated());
+		assertTrue(ledgerAdminDataset.isUpdated());
 		// Hash of account is null until being committed;
-		assertNull(ledgerAdminAccount.getHash());
+		assertNull(ledgerAdminDataset.getHash());
 
-		LedgerMetadata_V2 meta = ledgerAdminAccount.getMetadata();
+		LedgerMetadata_V2 meta = ledgerAdminDataset.getMetadata();
 		assertNull(meta.getParticipantsHash());
 
 		// Commit, and check the storage keys;
-		ledgerAdminAccount.commit();
+		ledgerAdminDataset.commit();
 
 		// New created instance isn't updated after being committed;
-		assertFalse(ledgerAdminAccount.isUpdated());
+		assertFalse(ledgerAdminDataset.isUpdated());
 		// Hash of account isn't null after being committed;
-		assertNotNull(ledgerAdminAccount.getHash());
+		assertNotNull(ledgerAdminDataset.getHash());
 
-		meta = ledgerAdminAccount.getMetadata();
+		meta = ledgerAdminDataset.getMetadata();
 		assertNotNull(meta.getParticipantsHash());
 		assertNotNull(meta.getSettingsHash());
 		assertNotNull(meta.getRolePrivilegesHash());
 		assertNotNull(meta.getUserRolesHash());
 		
-		assertNotNull(ledgerAdminAccount.getRolePrivileges().getRolePrivilege("DEFAULT"));
+		assertNotNull(ledgerAdminDataset.getRolePrivileges().getRolePrivilege("DEFAULT"));
 
 		// ----------------------
 		// Reload account from storage with readonly mode, and check the integrity of
 		// data;
-		HashDigest adminAccHash = ledgerAdminAccount.getHash();
+		HashDigest adminAccHash = ledgerAdminDataset.getHash();
 		LedgerAdminDataset reloadAdminAccount1 = new LedgerAdminDataset(adminAccHash, keyPrefix, testStorage,
 				testStorage, true);
 		
@@ -137,15 +137,15 @@ public class LedgerAdminDatasetTest {
 		assertNotNull(meta2.getUserRolesHash());
 		
 		// verify realod settings of admin account;
-		verifyRealoadingSettings(reloadAdminAccount1, adminAccHash, ledgerAdminAccount.getMetadata(),
-				ledgerAdminAccount.getSettings());
+		verifyRealoadingSettings(reloadAdminAccount1, adminAccHash, ledgerAdminDataset.getMetadata(),
+				ledgerAdminDataset.getSettings());
 		// verify the consensus participant list；
 		verifyRealoadingParities(reloadAdminAccount1, parties1);
 		// It will throw exeception because of this account is readonly;
 		verifyReadonlyState(reloadAdminAccount1);
 
-		verifyRealoadingRoleAuthorizations(reloadAdminAccount1, ledgerAdminAccount.getRolePrivileges(),
-				ledgerAdminAccount.getUserRoles());
+		verifyRealoadingRoleAuthorizations(reloadAdminAccount1, ledgerAdminDataset.getRolePrivileges(),
+				ledgerAdminDataset.getUserRoles());
 
 		// --------------
 		// 重新加载，并进行修改;
@@ -178,8 +178,8 @@ public class LedgerAdminDatasetTest {
 		// load the last version of account and verify again;
 		LedgerAdminDataset previousAdminAccount = new LedgerAdminDataset(adminAccHash, keyPrefix, testStorage,
 				testStorage, true);
-		verifyRealoadingSettings(previousAdminAccount, adminAccHash, ledgerAdminAccount.getMetadata(),
-				ledgerAdminAccount.getSettings());
+		verifyRealoadingSettings(previousAdminAccount, adminAccHash, ledgerAdminDataset.getMetadata(),
+				ledgerAdminDataset.getSettings());
 		verifyRealoadingParities(previousAdminAccount, parties1);
 		verifyReadonlyState(previousAdminAccount);
 

source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/RolePrivilegeSettings.java

@@ -1,16 +1,55 @@
 package com.jd.blockchain.ledger;
 
 public interface RolePrivilegeSettings {
-	
+
 	/**
 	 * 角色名称的最大 Unicode 字符数；
 	 */
 	public static final int MAX_ROLE_NAME_LENGTH = 20;
 
+	/**
+	 * 角色的数量；
+	 * 
+	 * @return
+	 */
 	long getRoleCount();
-	
+
+	/**
+	 * 查询角色权限；
+	 * 
+	 * <br>
+	 * 如果不存在，则返回 null；
+	 * 
+	 * @param address
+	 * @return
+	 */
+	RolePrivileges getRolePrivilege(String roleName);
+
+	/**
+	 * 返回指定位置的角色权限；
+	 * 
+	 * @param index
+	 * @param count
+	 * @return
+	 */
+	RolePrivileges[] getRolePrivileges(int index, int count);
+
 	/**
-	 * 加入新的角色授权； <br>
+	 * 返回所有的角色权限；
+	 * 
+	 * @return
+	 */
+	RolePrivileges[] getRolePrivileges();
+
+	/**
+	 * 是否只读；
+	 * 
+	 * @return
+	 */
+	boolean isReadonly();
+
+	/**
+	 * 加入新的角色权限； <br>
 	 * 
 	 * 如果指定的角色已经存在，则引发 {@link LedgerException} 异常；
 	 * 
@@ -21,7 +60,7 @@ public interface RolePrivilegeSettings {
 	long addRolePrivilege(String roleName, Privileges privileges);
 
 	/**
-	 * 加入新的角色授权； <br>
+	 * 加入新的角色权限； <br>
 	 * 
 	 * 如果指定的角色已经存在，则引发 {@link LedgerException} 异常；
 	 * 
@@ -32,7 +71,7 @@ public interface RolePrivilegeSettings {
 	long addRolePrivilege(String roleName, LedgerPrivilege ledgerPrivilege, TransactionPrivilege txPrivilege);
 
 	/**
-	 * 加入新的角色授权； <br>
+	 * 加入新的角色权限； <br>
 	 * 
 	 * 如果指定的角色已经存在，则引发 {@link LedgerException} 异常；
 	 * 
@@ -45,7 +84,7 @@ public interface RolePrivilegeSettings {
 	long addRolePrivilege(String roleName, LedgerPermission[] ledgerPermissions, TransactionPermission[] txPermissions);
 
 	/**
-	 * 更新角色授权； <br>
+	 * 更新角色权限； <br>
 	 * 如果指定的角色不存在，或者版本不匹配，则引发 {@link LedgerException} 异常；
 	 * 
 	 * @param participant
@@ -116,19 +155,4 @@ public interface RolePrivilegeSettings {
 	long disablePermissions(String roleName, LedgerPermission[] ledgerPermissions,
 			TransactionPermission[] txPermissions);
 
-	/**
-	 * 查询角色授权；
-	 * 
-	 * <br>
-	 * 如果不存在，则返回 null；
-	 * 
-	 * @param address
-	 * @return
-	 */
-	RolePrivileges getRolePrivilege(String roleName);
-
-	RolePrivileges[] getRolePrivileges(int index, int count);
-
-	RolePrivileges[] getRolePrivileges();
-
 }

source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/UserRoleSettings.java

@@ -16,6 +16,31 @@ public interface UserRoleSettings {
 	 */
 	long getUserCount();
 
+	/**
+	 * 查询角色授权；
+	 * 
+	 * <br>
+	 * 如果不存在，则返回 null；
+	 * 
+	 * @param address
+	 * @return
+	 */
+	UserRoles getUserRoles(Bytes userAddress);
+
+	/**
+	 * 返回全部的用户授权；
+	 * 
+	 * @return
+	 */
+	UserRoles[] getUserRoles();
+
+	/**
+	 * 是否只读；
+	 * 
+	 * @return
+	 */
+	boolean isReadonly();
+
 	/**
 	 * 加入新的用户角色授权； <br>
 	 * 
@@ -46,22 +71,4 @@ public interface UserRoleSettings {
 	 */
 	long setRoles(Bytes userAddress, RolesPolicy policy, String... roles);
 
-	/**
-	 * 查询角色授权；
-	 * 
-	 * <br>
-	 * 如果不存在，则返回 null；
-	 * 
-	 * @param address
-	 * @return
-	 */
-	UserRoles getUserRoles(Bytes userAddress);
-
-	/**
-	 * 返回全部的用户授权；
-	 * 
-	 * @return
-	 */
-	UserRoles[] getUserRoles();
-
 }