DAML: authorize every party to see contracts of a certain template - daml

So i got this problem with with authorization. I made a small voting system that contains an amount of actors contracts that are given in scenario (see actor template below). I need every party that I have defined in my yaml file to be able to see these contracts. However only the party that created the contract, can see it. DAML is built around authorization so only those specified are able to see and use a contract (party is signatory or observer). But then how would i make every contract of a certain template visible to all parties? I can't specify them as a observer. Is it maybe possible to define a template containing a observer list that has all parties inputted and i can forward to every actor contract instance as observer?
template Actor
with
created_by : Party
username : Text
name : Text
email : Text
bankIban : Text
role : Text
where
signatory created_by

I think the idiomatic way to achieve this is not to model it within DAML itself.
You instead codify this logic in an external auth system by hooking it up to something like auth0 as explained in https://blog.daml.com/daml-driven/easy-authentication-for-your-distributed-app-with-daml-and-auth0. Eg think how you'd normally do it in a RDBMS. You'd have users table, they have a role, a role can have permissions etc.
You can then introduce a generic party called ActorAccess (Role) and make it an observer of the Actor contract. You then configure auth0 to give Alice and Bob this grant to actAs this party or something like this.
https://docs.daml.com/app-dev/authentication.html, has a couple of fields in the token called readAs, actAs which achieve different goals based on the table in the docs.
auth0 will then issue a JWT token with these details and you can subscribe to the ledger api event stream and observe the events by this template type now that Alice and Bob are stakeholders of whatever contracts have ActorAccess party on it.
No idea if that is correct but worth a go.

So i figured it out. For those struggling with this in the future. My suggestion for possible solution worked. I created a template Observer which i inputted the parties in scenario. I then created another template called Create_actor allowing to create an Actor template with a choice inputting the observer template as datatype and referencing to observer:
template Observers
with
superuser : Party
observers : Set Party
where
signatory superuser
template Create_Actor
with
current_login : Party
username : Text
name : Text
email : Text
bankIban : Text
role : Text
observers_list_id : ContractId Observers
where
signatory current_login
choice Load_all_actor_observers : ContractId Actor
controller current_login
do
observers_list <- fetch observers_list_id
create Actor with created_by = current_login; username = username; name = name; email = email; observers_list_id = observers_list_id; observers = observers_list.observers, bankIban = bankIban; role = role
template Actor
with
created_by : Party
username : Text
name : Text
email : Text
bankIban : Text
role : Text
observers_list_id : ContractId Observers
observers : Set Party
where
signatory created_by
observer observers

Related

What means a Party being a ‘Witness’ of a contract and what are its implications?

I'm making some exercises to get to know Daml and one of the exercises involves the transfer of an Asset from a Party to another Party. Everything works correctly, but I’ve noticed that the owner of the previous Asset contract is marked as ‘Witness’ of the new Asset contract (At Assets.Asset:Asset, the contract with ID #8:2 has Alice marked with a W, Witness).
I was intrigued with that. What does it means a Party being a ‘Witness’ of a contract and what are its implications? I didn’t found an answer for it in the documentation…
Here is some of the code I’ve used. I’ve applied the propose-accept pattern.
template HolderRole
with
operator : Party
holder : Party
where
signatory operator, holder
key (operator, holder) : (Party, Party)
maintainer key._1
controller holder can
nonconsuming ProposeAssetTransfer : ContractId AssetTransferProposal
with
receiver : Party
assetCid : ContractId Asset
do
exercise assetCid ProposeTransfer with receiver
nonconsuming AcceptAssetTransfer : ContractId Asset
with
assetTransferProposalCid : ContractId AssetTransferProposal
do
exercise assetTransferProposalCid AssetTransferProposal_Accept
template Asset
with
issuer : Party
owner : Party
symbol : Text
quantity : Decimal
where
signatory issuer, owner
controller owner can
ProposeTransfer : ContractId AssetTransferProposal
with
receiver : Party
do
create AssetTransferProposal with receiver, asset = this, assetCid = self
template AssetTransferProposal
with
receiver : Party
asset : Asset
assetCid : ContractId Asset
where
signatory asset.owner, asset.issuer
controller receiver can
AssetTransferProposal_Accept : ContractId Asset
do
create asset with owner = receiver
assetTransferTest = script do
...
-- Transfer an Asset to another Party
assetTransferProposalCid <- submit alice do
exerciseByKeyCmd #HolderRole (operator, alice) ProposeAssetTransfer
with receiver = bob, assetCid = assetCid
-- Accept a transfer
submit bob do
exerciseByKeyCmd #HolderRole (operator, bob) AcceptAssetTransfer
with assetTransferProposalCid = assetTransferProposalCid
This means that Alice saw the creation of the new contract (#8:2) because she was a party to the old contract (#6:2) at the time it was consumed by Bob exercising AcceptAssetTransfer on HolderRole. The implications are that Alice could see that Bob became the new owner of Asset but will not see any future events that involve Asset such as it being archived as a result of sending the asset to another Party.
Additionally even though Alice saw/witnessed the creation of the new contract she cannot query for it after the one time event where she witnessed it.
Sometimes the docs are a bit hard to search so here's some relevant links:
A simple overview of the meaning of S, O, W, and D in the Script output
The ledger privacy model
A more detailed explanation on witnessing and divulgence
An explanation of contract consumption in general
As this question was also asked simultaneously on our forum further discussion may be located here.

Is there any built-in function to validate digital signature in Daml?

I want to look at libraries that can implement crypto functions to validate digital signatures.
There's no built-in function to validate signatures in Daml. All signature validation happens through the signatory declaration on templates which should be flexible enough via various patterns to handle signatures validation however you need.
It would be helpful to understand what you're trying to achieve with signature verification.
In cryptocurrencies, public cryptographic primitives are needed since public keys define the identity, in other words the signatures need to be verifiable publicly. In Daml this is usually not needed, since party defines the identity and most information is inherently private to some group. As such, public verification isn't a common use case.
One way to use cryptographic primitives alongside Daml is to have clients of the Ledger API(s) sign and verify signatures. For example, if I want to authenticate that a specific human is performing an action based on a smart card in their possession, part of the workflow could include:
a party verifier create a random nonce as a challenge which is written to a contract
a party alice use her smart card to sign the nonce and submitting the signature as a choice parameter
party verifier validate the signature in order to progress the workflow
If you are using DAML, below is the code to accept crypto coin issued, here you can add your conditional verify or check coinAgreement.issuer go here
For e.g. verify he is both issuer and owner
coinIssuerVerify <- queryFilter #coinIssuerVerify issuer
(\cI -> (cI.issuer == issuer) && (cI.owner == owner))
template CoinIssue
with
coinAgreement: CoinIssueAgreement
where
signatory coinAgreement.issuer
controller coinAgreement.owner can
AcceptCoinProposal
: ContractId CoinIssueAgreement
do create coinAgreement

In feathers.js, how do I create an associated object after creating the initial object?

In a feathersjs project, I have two models: user and company. I'm using Sequelize/MySQL.
Every user has one company. Every company belongs to one user.
When a user signs up (is created) I want to create the company object at the same time (with just blank data that can be edited later but with the correct association).
How do I do this with a user after:create hook?
Problem solved. The hook object has access to the app. So the solution:
generate an after:create hook on the user service ("feathers generate hook")
in the hook that is generated, create a company with:
return hook.app.service('companies').create({userId:
hook.result.id}).then(()=> {return hook});

MVC Validate Sensitive information like ProjectId,UserIs etc?

I am creating one application using ASP.NET MVC 4.5/5.4.
i had model
public class user
{
prop string userId{ get; set;}
prop string email{ get; set;}
}
i am use it to view and taking userId in hidden field
#Html.HiddenFor(x => x.userId)
and submit it back to server,and then after i m updating user email
but mean a while if user change hidden field value of userid then its obviously going to do some adverse effect in server side.
So my question is how to prevent those kind of attack and store sensitive information in view ?
Appriciate guys,
Thanks&Regards
and store sensitive information in view ?
By not storing any sensitive information in your views. Sensitive information should live on the server. For example in a database or something.
Another possibility is to validate on the server that the ProjectId belongs to the currently authenticated user by querying your database. Obviously the currently authenticated user should be retrieved from the forms authentication module and absolutely never be part of any hidden fields. That's the only thing you could trust -> the currently authenticated user which is retrieved from the forms authentication cookie in a secure way. Once you know the user you could query your database to verify whether the input he provided (things like ProjectIds, etc...) really belong to him. This way if the user attempts to tamper with this information the validation will fail and you will greet him with the corresponding error message.

Django ForeignKey(User), autocomplete

When some user create an object in the admin panel, I want that the author field of that object to be the user's name (The user that created it). How can I do it ?
I have something like this :
author = models.ForeignKey(User)
I want to know what user created each object.
Sounds like you want to do what James Bennett (one of the Django core contributors) describes how to do here.