EOS 帐户权限操作--你找不到的干货 (原创) 续集-EOS 3.0
https://eosfans.io/topics/372
关于2.0权限问题请移步https://eosfans.io/topics/28
目录
- 查看权限
- 改变权限
- 增加权限
- 删除权限
查看权限
有人说查看权限非常简单,不就是看看用户信息嘛!
其实不然,EOS用户的权限是与key相关联的,所以确定你有没有全县的其实是要看你有没有这些公匙对应的私匙:
- 查看自己帐户的详细信息:
cleos get account lome
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS8FbfG31mJELxUS4Jj9Xv3tsNRzFMg2uP2h9b5hCkvHomsatVYw",
"weight": 1
}
],
"accounts": []
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV",
"weight": 1
}
],
"accounts": []
}
}
]
}
更改授权
更改权限的key
初始化的帐户是有两种权限的,这一步我们来给帐户加一个权限(群组)。
1.这里我就拿我在测试的公网上的一个帐户,
初始化的帐户是这样的:
- 下面讲解一下命令:
cleos set account permission ${account_name} ${permission} ${JSON} ${permission}
cleos set account permission lome active '{"threshold": 1, "keys": [{"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg", "weight": 1}], "accounts": []}' owner
更改以后的账号如下:
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg",
"weight": 1
}
],
"accounts": []
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV",
"weight": 1
}
],
"accounts": []
}
}
]
}
参数说明:
threshold权限阀值,权限等于阀值才能获取该权限,否则授权失败
keys 是该权限已授权的密匙 : keys中的key为授权的密匙对的公匙,weight 为授权密匙对的权重 ps: 若阀值是2,权重是1,是不能够完成授权的,操作将失败.
accounts 是该权限已授权的帐户: permission是被授权用户的权限这里指的就是lome的active权限,weight指的也是权重。
ps:重要:授权用户权限其实跟授权key是一个道理,其实授权帐户权限,实质上就是授权该权限的密匙对权限。
最后owner是权限,只有owner权限才能改变用户的权限
值得一提的是:EOS3.0对权限及权重做了校验。如果我的命令是这样的:
cleos set account permission lome active '{"threshold":2,"keys":[{"key":"EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg","weight":1}],"accounts":[]}' owner
该操作将会失败,因为这个权限根本就达不到伐值,2.0在这里是没有校验的,错误提示如下:
Error 3040000: message validation exception
Error Details:
Invalid authority: {"threshold":2,"keys":[{"key":"EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg","weight":1}],"accounts":[]}
增加权限的授权账户
cleos set account permission lome active '{"threshold":2,"keys":[{"key":"EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg","weight":1}],"accounts":[{"permission":{"actor":"eosio","permission":"active"},"weight":1}]}' owner
这里更改的是lome账户权限的accounts权限,下面看一下更改完成后我的账户:
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 2,
"keys": [{
"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg",
"weight": 1
}
],
"accounts": [{
"permission": {
"actor": "eosio",
"permission": "active"
},
"weight": 1
}
]
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV",
"weight": 1
}
],
"accounts": []
}
}
]
}
在这里我的权重伐值为2,key的权重为1,eosio@active
的权重为1.那么要使用lome@active权限就需要key和eosio@active所对应的key的权限。
增加多个授权key
增加授权的命令如下:
cleos set account permission lome active '{"threshold":1,"keys":[{"key":"EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg","weight":1},{"key":"EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV","weight":1}],"accounts":[]}' owner
结果如下:
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg",
"weight": 1
},{
"key": "EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV",
"weight": 1
}
],
"accounts": []
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5hepJxGjP3X93wVmXZeBSNavGWeJvwWtev5ak8oARqwrXjehXd",
"weight": 1
}
],
"accounts": []
}
}
]
}
增加权限多个授权账户
增加授权的命令如下:
cleos set account permission lome active '{"threshold":1,"keys":[],"accounts":[{"permission":{"actor":"test","permission":"active"},"weight":1},{"permission":{"actor":"eosio","permission":"active"},"weight":1}]}' owner
结果如下:
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 1,
"keys": [],
"accounts": [{
"permission": {
"actor": "test",
"permission": "active"
},
"weight": 1
},{
"permission": {
"actor": "eosio",
"permission": "active"
},
"weight": 1
}
]
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5hepJxGjP3X93wVmXZeBSNavGWeJvwWtev5ak8oARqwrXjehXd",
"weight": 1
}
],
"accounts": []
}
}
]
}
增加多个授权key && 增加权限多个授权账户
增加授权的命令如下:
cleos set account permission lome active '{"threshold":1,"keys":[{"key":"EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg","weight":1},{"key":"EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV","weight":1}],"accounts":[{"permission":{"actor":"test","permission":"active"},"weight":1},{"permission":{"actor":"eosio","permission":"active"},"weight":1}]}' owner
结果如下:
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg",
"weight": 1
},{
"key": "EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV",
"weight": 1
}
],
"accounts": [{
"permission": {
"actor": "test",
"permission": "active"
},
"weight": 1
},{
"permission": {
"actor": "eosio",
"permission": "active"
},
"weight": 1
}
]
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5hepJxGjP3X93wVmXZeBSNavGWeJvwWtev5ak8oARqwrXjehXd",
"weight": 1
}
],
"accounts": []
}
}
]
}
增加权限
代码如下:
cleos set account permission lome test '{"threshold":1,"keys":[{"key":"EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg","weight":1}],"accounts":[]}' active
结果如下:
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg",
"weight": 1
},{
"key": "EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV",
"weight": 1
}
],
"accounts": [{
"permission": {
"actor": "test",
"permission": "active"
},
"weight": 1
},{
"permission": {
"actor": "eosio",
"permission": "active"
},
"weight": 1
}
]
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5hepJxGjP3X93wVmXZeBSNavGWeJvwWtev5ak8oARqwrXjehXd",
"weight": 1
}
],
"accounts": []
}
},{
"perm_name": "test",
"parent": "active",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg",
"weight": 1
}
],
"accounts": []
}
}
]
}
删除权限
终于来到了最后一节,恭喜你!
有人会说这个权限或者群组没用了怎么办?这节我就来教你,我们来删除它:
执行代码如下
cleos set account permission lome test 'NULL' active
命令就不再多赘述什么意思。这个命令中只有NULL前面没见过,这里是用来专门删除权限或者群组用的。执行结果如下:
{
"account_name": "lome",
"permissions": [{
"perm_name": "active",
"parent": "owner",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS6ePVMSdSkGn4wDMqcCSTSN3GnRgEPxDPEioQQXUkfYxT8jrudg",
"weight": 1
},{
"key": "EOS5wMFMPiD6qbKSZQpJFdEpzvY2yC2o6XLsg97gPPrYHbW4KovjV",
"weight": 1
}
],
"accounts": [{
"permission": {
"actor": "test",
"permission": "active"
},
"weight": 1
},{
"permission": {
"actor": "eosio",
"permission": "active"
},
"weight": 1
}
]
}
},{
"perm_name": "owner",
"parent": "",
"required_auth": {
"threshold": 1,
"keys": [{
"key": "EOS5hepJxGjP3X93wVmXZeBSNavGWeJvwWtev5ak8oARqwrXjehXd",
"weight": 1
}
],
"accounts": []
}
}
]
}
EOS 帐户权限操作--你找不到的干货 (原创) 续集-EOS 3.0的更多相关文章
- Linux运维人员共用root帐户权限审计
Linux运维人员共用root帐户权限审计 2016-11-02 运维部落 一.应用场景 在中小型企业,公司不同运维人员基本都是以root 账户进行服务器的登陆管理,缺少了账户权限审计制度.不出问题还 ...
- 如何有效管理Windows系统帐户权限
权限是Windows管理的基础,当然与Windows用户关系最密切,平时接触最多的是与帐户相关的权限.对于Windows帐户权限的管理,你是否完全了解呢?下面,笔者以Winsows XP为例进行相关测 ...
- EOS帐户交易的构建命令
EOS版本:4.0 系统:Ubuntu 16.04 LTS 1.创建两对密匙 cleos create key Private key:5JeTwSwKfpVRHGLqysakTXfk ...
- 使用tcpdump抓取EOS帐户创建与交易数据
基本环境配置 EOS 版本:1.0.1(2018-06-04更新) 节点nodeos http监听端口:127.0.0.1:8888 本地钱包keosd http监听端口:127.0.0.1:89 ...
- Linux运维人员共用root帐户权限审计(转至马哥Linux运维)
一.应用场景 在中小型企业,公司不同运维人员基本都是以root 账户进行服务器的登陆管理,缺少了账户权限审计制度.不出问题还好, 出了问题,就很难找出源头.这里介绍下,如何利用编译bash 使不同的客 ...
- AX2012服务器配置--Windows Server 2012 配置远程桌面同一帐户允许多session同时登录
网上找了很多关于设置远程桌面最大连接数的文章,大都是说先要到控制面板的管理工具中设置远程桌面会话主机等,大体和我之前的文章<设置WINDOWS SERVER 2008修改远程桌面连接数>里 ...
- Windows Server 2012 配置远程桌面帐户允许多用户同时登录
网上找了很多关于设置远程桌面最大连接数的文章,大都是说先要到控制面板的管理工具中设置远程桌面会话主机等,大体和我之前的文章<设置WINDOWS SERVER 2008修改远程桌面连接数>里 ...
- AD帐户操作C#示例代码(一)——导入用户信息
最近写了一个AD帐户导入的小工具(为啥写作“帐”户呢?),跟大家分享下相关代码,欢迎各位高手指教! 首先,我准备一个这样的Excel文件作为导入模版,并添加了一些测试数据. 然后,我打开Visual ...
- 如何在C#程序中模拟域帐户进行登录操作 (转载)
.NET Core .NET Core也支持用PInvoke来调用操作系统底层的Win32函数 首先要在项目中下载Nuget包:System.Security.Principal.Windows 代码 ...
随机推荐
- 《转载》spring定时任务详解(@Scheduled注解)
本文转载自爱如指间沙 //每一个小时执行一次 @Scheduled(cron = "0 0 * * * ?") public void saveDailyScoreSchedule ...
- 【netcore基础】MVC API全局异常捕捉中间件ExceptionHandlerMiddleWare
项目中想通过统一的接口格式返回异常信息,而不是404 500等HTTP协议层的异常响应 例如 { , , "message":"用户名或密码不正确", &quo ...
- IDEA导入springboot项目不能启动
由于工具没有识别到项目的pom.xml文件,所以需要在右侧的Maven栏目中点击 + 号,选中项目的pom.xml文件,则导入成功.
- springboot集成rabbitmq的一些坑
一.默认管理页面地址是 http://127.0.0.1:15672 但是spring配置连接里面要把端口改成5672,如果不配置的话默认就是端口5672 spring.rabbitmq.host=1 ...
- day_4_24 py
''' 函数的嵌套调用应用 ''' # def print_line(): # print("="*50) # def print_5_line(): # i = 0 # whil ...
- url自动补全index.php
location / { index index.html index.htm index.php l.php; autoindex on; if (!-e $request_filename) { ...
- js的with语句,和debugger语句
减少操作,速度及慢, 严格模式无法使用 debugger 在程序中打断点 'use strict' var name = 'global'; var obj = { name: "ajanu ...
- AngularJS基础02 神奇的数据绑定(Binding)
作者:arccosxy 转载请注明出处:http://www.cnblogs.com/arccosxy/ 上一节,我们在JS中声明一个scope变量然后在HTML直接访问它,这非常的酷.但是Angu ...
- 评估分类器性能的度量,像混淆矩阵、ROC、AUC等
评估分类器性能的度量,像混淆矩阵.ROC.AUC等 内容概要¶ 模型评估的目的及一般评估流程 分类准确率的用处及其限制 混淆矩阵(confusion matrix)是如何表示一个分类器的性能 混淆矩阵 ...
- 网络通信协议三之TCP/IP模型详解
TCP/IP模型 注:PDU:Protocol Date Unit:表示对等层之间传递的数据单位 TCP:Transmission Control Protocol:传输控制协议 UDP:User D ...