verity_ic/owner/
mod.rs

1//! This submodule manages the owner of a canister and provides
2//! functionality for authenticated/guarded canister methods.
3
4use candid::Principal;
5use ic_cdk::caller;
6use std::cell::RefCell;
7
8thread_local! {
9    // Stores the owner of the canister as an optional Principal.
10    static OWNER: RefCell<Option<Principal>> = RefCell::default();
11}
12
13/// Ensures that the caller of a canister method is the owner.
14/// Panics if the caller is not the owner.
15pub fn only_owner() {
16    let caller_principal_id = caller();
17    if !OWNER.with(|owner| owner.borrow().expect("NO_OWNER") == caller_principal_id) {
18        panic!("NOT_ALLOWED");
19    }
20}
21
22/// Initializes the owner variable during the canister's init hook.
23/// Sets the deployer of the canister as the owner.
24pub fn init_owner() {
25    let caller_principal_id = caller();
26    OWNER.with(|token| {
27        token.replace(Some(caller_principal_id));
28    });
29}
30
31/// Retrieves the owner of the canister as a string.
32/// Panics if the owner has not been set.
33pub fn get_owner() -> String {
34    OWNER.with(|owner| owner.borrow().clone().expect("NO_OWNER").to_string())
35}