peaq
Search…
Role-Based Access Control for Machines
Smart contract based on Substrate INK!
Implementation of Roles bases access control
Contract Source Code
The ink! CLI works with the source code for the "RBAC" contract for Role Based Access Control.
The RBAC contract have below mentioned facilities; User can be added to the Groups
1
Roles can be assigned to Users/Groups
2
3
Permission is given based on Roles.
4
5
Check Access if particular User have certain permission
Copied!
Testing Your Contract
You will see at the bottom of the source code there are simple test cases which verify the functionality of the contract. We can quickly test this code is functioning as expected using the off-chain test environment that ink! provides.
In your project folder run in which you should see a successful test completion:
1
cargo +nightly test
Copied!
Building Your Contract
Run the following command to compile your smart contract in the RBAC project directory:
1
cargo +nightly contract build
Copied!
Information If you run into a call to unsafe function error, run cargo install --force cargo-contract && rustup update to make sure everything is up to date.
This command will build a Wasm binary for the ink! project, a metadata file (which contains the contract's ABI) and a .contract file which bundles both. This .contract file can be used for deploying your contract to your chain. If all goes well, you should see a target folder which contains these files
1
Let's take a look at the structure of metadata.json:
2
{
3
"metadataVersion": "0.1.0",
4
"source": {...},
5
"contract": {...},
6
"spec": {
7
"constructors": [...],
8
"docs": [],
9
"events": [],
10
"messages": [...],
11
},
12
"storage": {...},
13
"types": [...]
14
}
Copied!
This file describes all the interfaces that can be used to interact with your contract:
1
**types** provides the custom data types used throughout the rest of the JSON.
2
**storage** defines all the storage items managed by your contract and how to ultimately access them.
3
**spec** stores information about the callable functions like constructors and messages a user can call to interact with the contract. It also has helpful information like the events that are emitted by the contract or any docs.
4
If you look closely at the **constructors** and **messages**, you will also notice a selector which contains a 4-byte hash of the function name and is used to route your contract calls to the correct functions.
Copied!
Running a contract on Node:
Start a Substrate Smart Contracts node and configure the Canvas UI to interact with it.
1
https://docs.substrate.io/tutorials/v3/ink-workshop/pt1/#running-a-substrate-smart-contracts-node
Copied!
Deploying a Smart Contract:
1
https://docs.substrate.io/tutorials/v3/ink-workshop/pt1/#deploying-your-contract
Copied!
Docker
We can use Docker image to build and test this contract; please follow the below commands. The contract files are under the folder,
target/ink/.1
# Build
2
docker run --rm -it -v $(pwd):/sources rust-stable:ubuntu-20.04 cargo +nightly contract build --manifest-path=/sources/Cargo.toml
3
# Test
4
docker run --rm -it -v $(pwd):/sources rust-stable:ubuntu-20.04 cargo +nightly contract test --manifest-path=/sources/Cargo.toml
Copied!
Testing
We can run the behavior test in the test folder to check RBAC can work efficiently. Please follow the below instruction.
1
cd test
2
npm install
3
4
npm run test
Copied!
However, before you run the scripts, you have to generate the ink contract file in advance.
Seed Data
Another script in the test folder is the rbac_deploy script. It'll help to deploy the fake data for checking on polkadot.js UI.
1
cd test
2
npm install
3
4
npm run deploy
Copied!
However, before you run the scripts, you have to generate the ink contract file in advance.
The deployed data and the relationship are below
Type
Name
DID
group
PeaqOffice
0x1122334455667788990011223344556677889900112233445566778899000010
user
Tanisha
0x1122334455667788990011223344556677889900112233445566778899000000
user
Leo
0x1122334455667788990011223344556677889900112233445566778899000001
user
Anton
0x1122334455667788990011223344556677889900112233445566778899000002
user
Maryna
0x1122334455667788990011223344556677889900112233445566778899000003
role
AccessToOffice
0x1122334455667788990011223344556677889900112233445566778899000020
permission
GrantMainDoorUnlock
0x1122334455667788990011223344556677889900112233445566778899000031
1
`PeaqOffice` has two users, `Tanisha` and `Anton`.
2
`Leo` and `PeaqOffice` are assigned to the role, `AccessToOffice`.
3
`AccessToOffice` has the `GrantMainDoorUnlock` permission.
Copied!
Last modified 2mo ago