1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

// This file is part of Substrate.

// Copyright (C) Parity Technologies (UK) Ltd.
// SPDX-License-Identifier: GPL-3.0-or-later WITH Classpath-exception-2.0

// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.

// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.

//! Policy-related types.
//!
//! Contains a `DenyUnsafe` type that can be used to deny potentially unsafe
//! RPC when accessed externally.

use jsonrpsee::types::{error::ErrorCode, ErrorObject, ErrorObjectOwned};

/// Checks if the RPC call is safe to be called externally.
pub fn check_if_safe(ext: &jsonrpsee::Extensions) -> Result<(), UnsafeRpcError> {
	match ext.get::<DenyUnsafe>().map(|deny_unsafe| deny_unsafe.check_if_safe()) {
		Some(Ok(())) => Ok(()),
		Some(Err(e)) => Err(e),
		None => unreachable!("DenyUnsafe extension is always set by the substrate rpc server; qed"),
	}
}

/// Signifies whether a potentially unsafe RPC should be denied.
#[derive(Clone, Copy, Debug)]
pub enum DenyUnsafe {
	/// Denies only potentially unsafe RPCs.
	Yes,
	/// Allows calling every RPCs.
	No,
}

impl DenyUnsafe {
	/// Returns `Ok(())` if the RPCs considered unsafe are safe to call,
	/// otherwise returns `Err(UnsafeRpcError)`.
	pub fn check_if_safe(self) -> Result<(), UnsafeRpcError> {
		match self {
			DenyUnsafe::Yes => Err(UnsafeRpcError),
			DenyUnsafe::No => Ok(()),
		}
	}
}

/// Signifies whether an RPC considered unsafe is denied to be called externally.
#[derive(Debug)]
pub struct UnsafeRpcError;

impl std::fmt::Display for UnsafeRpcError {
	fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
		write!(f, "RPC call is unsafe to be called externally")
	}
}

impl std::error::Error for UnsafeRpcError {}

impl From<UnsafeRpcError> for ErrorObjectOwned {
	fn from(e: UnsafeRpcError) -> ErrorObjectOwned {
		ErrorObject::owned(ErrorCode::MethodNotFound.code(), e.to_string(), None::<()>)
	}
}