-
Notifications
You must be signed in to change notification settings - Fork 201
/
keeper.go
149 lines (129 loc) · 4.15 KB
/
keeper.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
package keeper
import (
"context"
"fmt"
"github.com/NibiruChain/collections"
"github.com/cosmos/cosmos-sdk/codec"
"github.com/cosmos/cosmos-sdk/store/types"
sdk "github.com/cosmos/cosmos-sdk/types"
"github.com/NibiruChain/nibiru/x/common/set"
sudotypes "github.com/NibiruChain/nibiru/x/sudo/types"
)
type Keeper struct {
Sudoers collections.Item[sudotypes.Sudoers]
}
func NewKeeper(
cdc codec.BinaryCodec,
storeKey types.StoreKey,
) Keeper {
return Keeper{
Sudoers: collections.NewItem(storeKey, 1, SudoersValueEncoder(cdc)),
}
}
// Returns the root address of the sudo module.
func (k Keeper) GetRoot(ctx sdk.Context) (sdk.AccAddress, error) {
sudoers, err := k.Sudoers.Get(ctx)
if err != nil {
return nil, err
}
addr, err := sdk.AccAddressFromBech32(sudoers.Root)
if err != nil {
return nil, err
}
return addr, nil
}
func (k Keeper) senderHasPermission(sender string, root string) error {
if sender != root {
return fmt.Errorf(`message must be sent by root user. root: "%s", sender: "%s"`,
root, sender,
)
}
return nil
}
// AddContracts executes a MsgEditSudoers message with action type
// "add_contracts". This adds contract addresses to the sudoer set.
func (k Keeper) AddContracts(
goCtx context.Context, msg *sudotypes.MsgEditSudoers,
) (msgResp *sudotypes.MsgEditSudoersResponse, err error) {
if msg.RootAction() != sudotypes.AddContracts {
err = fmt.Errorf("invalid action type %s for msg add contracts", msg.Action)
return
}
// Read state
ctx := sdk.UnwrapSDKContext(goCtx)
pbSudoersBefore, err := k.Sudoers.Get(ctx)
if err != nil {
return
}
sudoersBefore := SudoersFromPb(pbSudoersBefore)
err = k.senderHasPermission(msg.Sender, sudoersBefore.Root)
if err != nil {
return
}
// Update state
contracts, err := sudoersBefore.AddContracts(msg.Contracts)
if err != nil {
return
}
pbSudoers := Sudoers{Root: sudoersBefore.Root, Contracts: contracts}.ToPb()
k.Sudoers.Set(ctx, pbSudoers)
msgResp = new(sudotypes.MsgEditSudoersResponse)
return msgResp, ctx.EventManager().EmitTypedEvent(&sudotypes.EventUpdateSudoers{
Sudoers: pbSudoers,
Action: msg.Action,
})
}
// ————————————————————————————————————————————————————————————————————————————
// RemoveContracts
// ————————————————————————————————————————————————————————————————————————————
func (k Keeper) RemoveContracts(
goCtx context.Context, msg *sudotypes.MsgEditSudoers,
) (msgResp *sudotypes.MsgEditSudoersResponse, err error) {
if msg.RootAction() != sudotypes.RemoveContracts {
err = fmt.Errorf("invalid action type %s for msg add contracts", msg.Action)
return
}
// Skip "msg.ValidateBasic" since this is a remove' operation. That means we
// can only remove from state but can't write anything invalid that would
// corrupt it.
// Read state
ctx := sdk.UnwrapSDKContext(goCtx)
pbSudoers, err := k.Sudoers.Get(ctx)
if err != nil {
return
}
sudoers := SudoersFromPb(pbSudoers)
err = k.senderHasPermission(msg.Sender, sudoers.Root)
if err != nil {
return
}
// Update state
sudoers.RemoveContracts(msg.Contracts)
pbSudoers = sudoers.ToPb()
k.Sudoers.Set(ctx, pbSudoers)
msgResp = new(sudotypes.MsgEditSudoersResponse)
return msgResp, ctx.EventManager().EmitTypedEvent(&sudotypes.EventUpdateSudoers{
Sudoers: pbSudoers,
Action: msg.Action,
})
}
// CheckPermissions Checks if a contract is contained within the set of sudo
// contracts defined in the x/sudo module. These smart contracts are able to
// execute certain permissioned functions.
func (k Keeper) CheckPermissions(
contract sdk.AccAddress, ctx sdk.Context,
) error {
state, err := k.Sudoers.Get(ctx)
if err != nil {
return err
}
contracts := state.Contracts
hasPermission := set.New(contracts...).Has(contract.String())
if !hasPermission {
return fmt.Errorf(
"insufficient permissions on smart contract: %s. The sudo contracts are: %s",
contract, contracts,
)
}
return nil
}