MESH-1767 - Add secondary key and permissions length checks to `cdd_r…

…egister_did` (#1221) * modified base_cdd_register_did function * minor change * minor change * minor change and formatting * minor changes and comments Co-authored-by: Adam Dossa <adam.dossa@gmail.com> Co-authored-by: Robert Gabriel Jakabosky <rjakabosky+neopallium@neoawareness.com>
PolymeshAssociation · Mar 28, 2022 · d41d232 · d41d232
1 parent a91fe20
commit d41d232
Showing 1 changed file with 18 additions and 1 deletion.
diff --git a/pallets/identity/src/claims.rs b/pallets/identity/src/claims.rs
@@ -13,7 +13,7 @@
 // You should have received a copy of the GNU General Public License
 // along with this program. If not, see <http://www.gnu.org/licenses/>.
 
-use crate::{Claim1stKey, Claim2ndKey, Claims, DidRecords, Error, Module};
+use crate::{Claim1stKey, Claim2ndKey, Claims, DidRecord, DidRecords, Error, Module};
 use core::convert::From;
 use frame_support::{
     dispatch::{DispatchError, DispatchResult},
@@ -481,6 +481,23 @@ impl<T: Config> Module<T> {
         // Sender has to be part of CDDProviders
         Self::ensure_authorized_cdd_provider(cdd_did)?;
 
+        let record = DidRecord {
+            ..Default::default()
+        };
+
+        // Calculates the cost complexity of the SK's permissions.
+        let cost =
+            secondary_keys
+                .iter()
+                .try_fold(0, |cost, auth| -> Result<usize, DispatchError> {
+                    // Check limit for this SK's permissions.
+                    Self::ensure_perms_length_limited(&auth.permissions)?;
+                    Ok(cost.saturating_add(auth.permissions.complexity()))
+                })?;
+
+        // Check secondary key limits.
+        Self::ensure_secondary_keys_limited(&record, secondary_keys.len(), cost)?;
+
         // Register Identity
         let target_did = Self::_register_did(
             target_account,