This repository has been archived by the owner on Jan 16, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 55
/
test-account-rules-permissioning.js
174 lines (133 loc) · 7.17 KB
/
test-account-rules-permissioning.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
const IngressContract = artifacts.require('AccountIngress.sol');
const RulesContract = artifacts.require('AccountRules.sol');
const AdminContract = artifacts.require('Admin.sol');
const RulesStorage = artifacts.require('AccountStorage.sol');
// Contract keys
const RULES_NAME = "0x72756c6573000000000000000000000000000000000000000000000000000000";
const ADMIN_NAME = "0x61646d696e697374726174696f6e000000000000000000000000000000000000";
var address1 = "0xde3422671d38ecdd7a75702db7f54d4b30c022ea";
var address2 = "0x470f4787c58eeec8be0282e1cdf7534b1a095201";
var address3 = "0xfe3b557e8fb62b89f4916b721be55ceb828dbd73";
var address4 = "0xc8381e432a2840308697029c23bb0a2d81563b94";
const newAdmin = "f17f52151EbEF6C7334FAD080c5704D77216b732";
var txValue = 12345;
var txGasLimit = 3000;
var txGasPrice = 1200;
var txPayload = "0xfe3b557e8fb62b89f4916b721be55ceb828dbd73";
contract("Account Rules (Permissioning)", (accounts) => {
let ingressContract;
let rulesContract;
let adminContract;
let storageContract;
before(async () => {
ingressContract = await IngressContract.new();
adminContract = await AdminContract.new();
await ingressContract.setContractAddress(ADMIN_NAME, adminContract.address);
// initialize the storage
storageContract = await RulesStorage.new(ingressContract.address);
console.log(" >>> Storage contract deployed with address = " + storageContract.address);
// set rules -> storage
rulesContract = await RulesContract.new(ingressContract.address, storageContract.address);
// set storage -> rules
await storageContract.upgradeVersion(rulesContract.address);
console.log(" >>> Set storage owner to Rules.address " + rulesContract.address);
await ingressContract.setContractAddress(RULES_NAME, rulesContract.address);
// TODO this is duplicated in event test file
// assert initial state
let size = await rulesContract.getSize();
assert.equal(size, 1, "Allowlist initializes with 1 account");
let initialAccount = await rulesContract.getByIndex(0);
assert.equal(initialAccount, accounts[0], "Allowlist initializes allowing deploying account");
await rulesContract.removeAccount(initialAccount);
});
it('should NOT permit account when allowlist is empty', async () => {
let size = await rulesContract.getSize();
assert.equal(size, 0, "expected empty allowlist");
let permitted = await rulesContract.accountPermitted(address1);
assert.notOk(permitted, 'expected node NOT permitted');
});
it('Should NOT fail when removing account from empty list', async () => {
let size = await rulesContract.getSize();
assert.equal(size, 0, "expected empty allowlist");
let tx = await rulesContract.removeAccount(address1);
assert.ok(tx.receipt.status);
});
it('should add multiple accounts to allowlist', async () => {
await rulesContract.addAccount(address1);
await rulesContract.addAccount(address2);
await rulesContract.addAccount(address3);
permitted = await rulesContract.accountPermitted(address1);
assert.ok(permitted, 'expected account 1 added to be in allowlist');
permitted = await rulesContract.accountPermitted(address2);
assert.ok(permitted, 'expected account 2 added to be in allowlist');
permitted = await rulesContract.accountPermitted(address3);
assert.ok(permitted, 'expected account 3 added to be in allowlist');
});
it("getByIndex returns expected order", async () => {
let result = await rulesContract.getByIndex(0);
assert.equal(result.toLowerCase(), address1.toLowerCase());
result = await rulesContract.getByIndex(1);
assert.equal(result.toLowerCase(), address2.toLowerCase());
result = await rulesContract.getByIndex(2);
assert.equal(result.toLowerCase(), address3.toLowerCase());
});
it('should allow a transaction from account added to the allowlist', async () => {
let permitted = await rulesContract.transactionAllowed(address1, address2, txValue, txGasPrice, txGasLimit, txPayload);
assert.equal(permitted, true, 'expected permitted address1');
permitted = await rulesContract.transactionAllowed(address2, address1, txValue, txGasPrice, txGasLimit, txPayload);
assert.equal(permitted, true, 'expected permitted address2');
});
it('should NOT allow transaction from account removed from allowlist', async () => {
await rulesContract.removeAccount(address3);
let permitted = await rulesContract.accountPermitted(address3);
assert.notOk(permitted, 'expected removed account NOT permitted');
permitted = await rulesContract.transactionAllowed(address3, address1, txValue, txGasPrice, txGasLimit, txPayload);
assert.equal(permitted, false, 'expected source disallowed since it was removed');
let result = await rulesContract.getSize();
assert.equal(result, 2, "expected number of nodes");
});
it('should permit an account added back to the allowlist', async () => {
let permitted = await rulesContract.accountPermitted(address3);
assert.notOk(permitted, 'expected removed account NOT permitted');
await rulesContract.addAccount(address3);
permitted = await rulesContract.accountPermitted(address3);
assert.ok(permitted, 'expected added account permitted');
permitted = await rulesContract.transactionAllowed(address3, address2, txValue, txGasPrice, txGasLimit, txPayload);
assert.equal(permitted, true, 'expected transaction allowed since account was added back to allowlist');
});
it('should not allow non-admin account to add to allowlist', async () => {
try {
await rulesContract.addAccount(address1, { from: accounts[1] });
expect.fail(null, null, "Modifier was not enforced")
} catch(err) {
expect(err.reason).to.contain('Sender not authorized');
}
});
it('should not allow non-admin account to remove from allowlist', async () => {
try {
await rulesContract.addAccount(address1, { from: accounts[1] });
expect.fail(null, null, "Modifier was not enforced")
} catch(err) {
expect(err.reason).to.contain('Sender not authorized');
}
});
it('should allow new admin account to remove from allowlist', async () => {
await adminContract.addAdmin(accounts[1]);
await rulesContract.removeAccount(address1, { from: accounts[1] });
let permitted = await rulesContract.accountPermitted(address1);
assert.notOk(permitted, 'expected added node NOT permitted');
});
it('should allow new admin account to add to allowlist', async () => {
await adminContract.addAdmin(accounts[2]);
await rulesContract.addAccount(address1, { from: accounts[2] });
let permitted = await rulesContract.accountPermitted(address1);
assert.ok(permitted, 'expected added account permitted');
});
it('should allow transactions from an admin account that is not on the allow list', async () => {
await adminContract.addAdmin(address4);
let permitted = await rulesContract.accountPermitted(address4);
assert.notOk(permitted, 'expected account not permitted since it is not on the allow list');
permitted = await rulesContract.transactionAllowed(address4, address2, txValue, txGasPrice, txGasLimit, txPayload);
assert.ok(permitted, 'expected transaction allowed since account is an admin');
});
});