forked from Qortal/qortal
Use public key as parameter instead of address, since we can obtain the address from the public key in all cases.
This commit is contained in:
parent
bb5b62466e
commit
cb4203b6db
@ -26,6 +26,7 @@ import org.apache.logging.log4j.Logger;
|
|||||||
import org.qortal.api.*;
|
import org.qortal.api.*;
|
||||||
import org.qortal.api.resource.TransactionsResource.ConfirmationStatus;
|
import org.qortal.api.resource.TransactionsResource.ConfirmationStatus;
|
||||||
import org.qortal.block.BlockChain;
|
import org.qortal.block.BlockChain;
|
||||||
|
import org.qortal.crypto.Crypto;
|
||||||
import org.qortal.data.PaymentData;
|
import org.qortal.data.PaymentData;
|
||||||
import org.qortal.data.account.AccountData;
|
import org.qortal.data.account.AccountData;
|
||||||
import org.qortal.data.transaction.ArbitraryTransactionData;
|
import org.qortal.data.transaction.ArbitraryTransactionData;
|
||||||
@ -225,7 +226,7 @@ public class ArbitraryResource {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@POST
|
@POST
|
||||||
@Path("/upload/creator/{address}")
|
@Path("/upload/creator/{publickey}")
|
||||||
@Operation(
|
@Operation(
|
||||||
summary = "Build raw, unsigned, ARBITRARY transaction, based on a user-supplied path to a single file",
|
summary = "Build raw, unsigned, ARBITRARY transaction, based on a user-supplied path to a single file",
|
||||||
requestBody = @RequestBody(
|
requestBody = @RequestBody(
|
||||||
@ -250,12 +251,18 @@ public class ArbitraryResource {
|
|||||||
}
|
}
|
||||||
)
|
)
|
||||||
@ApiErrors({ApiError.REPOSITORY_ISSUE})
|
@ApiErrors({ApiError.REPOSITORY_ISSUE})
|
||||||
public String uploadFileAtPath(@PathParam("address") String creatorAddress, String path) {
|
public String uploadFileAtPath(@PathParam("publickey") String creatorPublicKeyBase58, String path) {
|
||||||
Security.checkApiCallAllowed(request);
|
Security.checkApiCallAllowed(request);
|
||||||
|
|
||||||
// It's too dangerous to allow user-supplied filenames in weaker security contexts
|
// It's too dangerous to allow user-supplied filenames in weaker security contexts
|
||||||
if (Settings.getInstance().isApiRestricted())
|
if (Settings.getInstance().isApiRestricted()) {
|
||||||
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.NON_PRODUCTION);
|
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.NON_PRODUCTION);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (creatorPublicKeyBase58 == null || path == null) {
|
||||||
|
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_CRITERIA);
|
||||||
|
}
|
||||||
|
byte[] creatorPublicKey = Base58.decode(creatorPublicKeyBase58);
|
||||||
|
|
||||||
// Check if a file or directory has been supplied
|
// Check if a file or directory has been supplied
|
||||||
File file = new File(path);
|
File file = new File(path);
|
||||||
@ -291,13 +298,8 @@ public class ArbitraryResource {
|
|||||||
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_DATA);
|
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_DATA);
|
||||||
}
|
}
|
||||||
|
|
||||||
AccountData accountData = repository.getAccountRepository().getAccount(creatorAddress);
|
String creatorAddress = Crypto.toAddress(creatorPublicKey);
|
||||||
if (accountData == null || accountData.getPublicKey() == null) {
|
byte[] lastReference = repository.getAccountRepository().getLastReference(creatorAddress);
|
||||||
dataFile.deleteAll();
|
|
||||||
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.ADDRESS_UNKNOWN);
|
|
||||||
}
|
|
||||||
byte[] creatorPublicKey = accountData.getPublicKey();
|
|
||||||
byte[] lastReference = accountData.getReference();
|
|
||||||
|
|
||||||
BaseTransactionData baseTransactionData = new BaseTransactionData(NTP.getTime(), Group.NO_GROUP,
|
BaseTransactionData baseTransactionData = new BaseTransactionData(NTP.getTime(), Group.NO_GROUP,
|
||||||
lastReference, creatorPublicKey, BlockChain.getInstance().getUnitFee(), null);
|
lastReference, creatorPublicKey, BlockChain.getInstance().getUnitFee(), null);
|
||||||
|
@ -28,6 +28,7 @@ import org.qortal.api.ApiError;
|
|||||||
import org.qortal.api.ApiExceptionFactory;
|
import org.qortal.api.ApiExceptionFactory;
|
||||||
import org.qortal.api.Security;
|
import org.qortal.api.Security;
|
||||||
import org.qortal.block.BlockChain;
|
import org.qortal.block.BlockChain;
|
||||||
|
import org.qortal.crypto.Crypto;
|
||||||
import org.qortal.data.PaymentData;
|
import org.qortal.data.PaymentData;
|
||||||
import org.qortal.data.account.AccountData;
|
import org.qortal.data.account.AccountData;
|
||||||
import org.qortal.data.transaction.ArbitraryTransactionData;
|
import org.qortal.data.transaction.ArbitraryTransactionData;
|
||||||
@ -58,7 +59,7 @@ public class WebsiteResource {
|
|||||||
@Context ServletContext context;
|
@Context ServletContext context;
|
||||||
|
|
||||||
@POST
|
@POST
|
||||||
@Path("/upload/creator/{address}")
|
@Path("/upload/creator/{publickey}")
|
||||||
@Operation(
|
@Operation(
|
||||||
summary = "Build raw, unsigned, ARBITRARY transaction, based on a user-supplied path to a static website",
|
summary = "Build raw, unsigned, ARBITRARY transaction, based on a user-supplied path to a static website",
|
||||||
requestBody = @RequestBody(
|
requestBody = @RequestBody(
|
||||||
@ -82,7 +83,7 @@ public class WebsiteResource {
|
|||||||
)
|
)
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
public String uploadWebsite(@PathParam("address") String creatorAddress, String path) {
|
public String uploadWebsite(@PathParam("publickey") String creatorPublicKeyBase58, String path) {
|
||||||
Security.checkApiCallAllowed(request);
|
Security.checkApiCallAllowed(request);
|
||||||
|
|
||||||
// It's too dangerous to allow user-supplied filenames in weaker security contexts
|
// It's too dangerous to allow user-supplied filenames in weaker security contexts
|
||||||
@ -90,9 +91,10 @@ public class WebsiteResource {
|
|||||||
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.NON_PRODUCTION);
|
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.NON_PRODUCTION);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (creatorAddress == null || path == null) {
|
if (creatorPublicKeyBase58 == null || path == null) {
|
||||||
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_CRITERIA);
|
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_CRITERIA);
|
||||||
}
|
}
|
||||||
|
byte[] creatorPublicKey = Base58.decode(creatorPublicKeyBase58);
|
||||||
|
|
||||||
DataFile dataFile = this.hostWebsite(path);
|
DataFile dataFile = this.hostWebsite(path);
|
||||||
if (dataFile == null) {
|
if (dataFile == null) {
|
||||||
@ -107,13 +109,8 @@ public class WebsiteResource {
|
|||||||
|
|
||||||
try (final Repository repository = RepositoryManager.getRepository()) {
|
try (final Repository repository = RepositoryManager.getRepository()) {
|
||||||
|
|
||||||
AccountData accountData = repository.getAccountRepository().getAccount(creatorAddress);
|
String creatorAddress = Crypto.toAddress(creatorPublicKey);
|
||||||
if (accountData == null || accountData.getPublicKey() == null) {
|
byte[] lastReference = repository.getAccountRepository().getLastReference(creatorAddress);
|
||||||
dataFile.deleteAll();
|
|
||||||
throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.ADDRESS_UNKNOWN);
|
|
||||||
}
|
|
||||||
byte[] creatorPublicKey = accountData.getPublicKey();
|
|
||||||
byte[] lastReference = accountData.getReference();
|
|
||||||
|
|
||||||
BaseTransactionData baseTransactionData = new BaseTransactionData(NTP.getTime(), Group.NO_GROUP,
|
BaseTransactionData baseTransactionData = new BaseTransactionData(NTP.getTime(), Group.NO_GROUP,
|
||||||
lastReference, creatorPublicKey, BlockChain.getInstance().getUnitFee(), null);
|
lastReference, creatorPublicKey, BlockChain.getInstance().getUnitFee(), null);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user