[INDY-1916] trustee can add NYM with role NETWORK_MONITOR

Signed-off-by: Andrew Nikitin <[email protected]>
haniavis · Jan 9, 2019 · 38dec05 · 38dec05
1 parent 5850ee4
commit 38dec05
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/indy_common/authorize/auth_map.py b/indy_common/authorize/auth_map.py
@@ -184,14 +184,16 @@
            addNewSteward.get_action_id(): AuthConstraint(TRUSTEE, 1),
            addNewTrustAnchor.get_action_id(): AuthConstraintOr([AuthConstraint(TRUSTEE, 1),
                                                                 AuthConstraint(STEWARD, 1)]),
-           addNewNetworkMonitor.get_action_id(): AuthConstraint(STEWARD, 1),
+           addNewNetworkMonitor.get_action_id(): AuthConstraintOr([AuthConstraint(STEWARD, 1),
+                                                                   AuthConstraint(TRUSTEE, 1)]),
            addNewIdentityOwner.get_action_id(): AuthConstraintOr([AuthConstraint(TRUSTEE, 1),
                                                                   AuthConstraint(STEWARD, 1),
                                                                   AuthConstraint(TRUST_ANCHOR, 1)]),
            blacklistingTrustee.get_action_id(): AuthConstraint(TRUSTEE, 1),
            blacklistingSteward.get_action_id(): AuthConstraint(TRUSTEE, 1),
            blacklistingTrustAnchor.get_action_id(): AuthConstraint(TRUSTEE, 1),
-           blacklistingNetworkMonitor.get_action_id(): AuthConstraint(STEWARD, 1),
+           blacklistingNetworkMonitor.get_action_id(): AuthConstraintOr([AuthConstraint(STEWARD, 1),
+                                                                         AuthConstraint(TRUSTEE, 1)]),
            sameRoleTrustee.get_action_id(): AuthConstraint(role='*',
                                                            sig_count=1,
                                                            need_to_be_owner=True),

diff --git a/indy_common/test/auth/test_auth_nym_with_new_auth_map.py b/indy_common/test/auth/test_auth_nym_with_new_auth_map.py
@@ -38,7 +38,7 @@ def test_make_trust_anchor(write_request_validation, req, is_owner):
 
 
 def test_make_network_monitor(write_request_validation, req, is_owner):
-    authorized = (req.identifier == "steward_identifier")
+    authorized = req.identifier in ("trustee_identifier", "steward_identifier")
     assert authorized == write_request_validation(req,
                                                   [AuthActionAdd(txn_type=NYM,
                                                                  field=ROLE,
@@ -77,7 +77,7 @@ def test_remove_trust_anchor(write_request_validation, req, is_owner):
 
 
 def test_remove_network_monitor(write_request_validation, req, is_owner):
-    authorized = (req.identifier == "steward_identifier")
+    authorized = req.identifier in ("trustee_identifier", "steward_identifier")
     assert authorized == write_request_validation(req,
                                                   [AuthActionEdit(txn_type=NYM,
                                                                   field=ROLE,