feat: validate just the PIA can call issue and redeem token

src/api/entities/Identity/__tests__/index.ts

@@ -13,8 +13,8 @@ import {
   Role,
   RoleType,
   TickerOwnerRole,
-  TokenOwnerOrPiaRole,
   TokenOwnerRole,
+  TokenPiaRole,
   VenueOwnerRole,
 } from '~/types';
 import * as utilsConversionModule from '~/utils/conversion';
@@ -133,18 +133,12 @@ describe('Identity class', () => {
       expect(hasRole).toBe(false);
     });
 
-    test('hasRole should check whether the Identity has the Token Owner role or the PIA role', async () => {
+    test('hasRole should check whether the Identity has the Token PIA role', async () => {
       const identity = new Identity({ did: 'someDid' }, context);
-      const role: TokenOwnerOrPiaRole = { type: RoleType.TokenOwnerOrPia, ticker: 'someTicker' };
+      const role: TokenPiaRole = { type: RoleType.TokenPia, ticker: 'someTicker' };
 
       let hasRole = await identity.hasRole(role);
 
-      expect(hasRole).toBe(true);
-
-      identity.did = 'otherDid';
-
-      hasRole = await identity.hasRole(role);
-
       expect(hasRole).toBe(false);
 
       entityMockUtils.configureMocks({

src/api/entities/Identity/index.ts

@@ -20,8 +20,8 @@ import {
   isCddProviderRole,
   isPortfolioCustodianRole,
   isTickerOwnerRole,
-  isTokenOwnerOrPiaRole,
   isTokenOwnerRole,
+  isTokenPiaRole,
   isVenueOwnerRole,
   Order,
   ResultSet,
@@ -106,13 +106,16 @@ export class Identity extends Entity<UniqueIdentifiers> {
       const { owner } = await token.details();
 
       return owner.did === did;
-    } else if (isTokenOwnerOrPiaRole(role)) {
+    } else if (isTokenPiaRole(role)) {
       const { ticker } = role;
 
       const token = new SecurityToken({ ticker }, context);
-      const { owner, primaryIssuanceAgent } = await token.details();
+      const { primaryIssuanceAgent } = await token.details();
 
-      return (primaryIssuanceAgent && primaryIssuanceAgent.did === did) || owner.did === did;
+      if (primaryIssuanceAgent) {
+        return primaryIssuanceAgent.did === did;
+      }
+      return false;
     } else if (isCddProviderRole(role)) {
       const {
         polymeshApi: {

src/api/procedures/__tests__/issueTokens.ts

@@ -130,7 +130,7 @@ describe('issueTokens procedure', () => {
       } as IssueTokensParams;
 
       expect(boundFunc(args)).toEqual({
-        identityRoles: [{ type: RoleType.TokenOwner, ticker }],
+        identityRoles: [{ type: RoleType.TokenPia, ticker }],
         signerPermissions: {
           transactions: [TxTags.asset.Issue],
           tokens: [entityMockUtils.getSecurityTokenInstance({ ticker })],

src/api/procedures/__tests__/redeemToken.ts

@@ -171,7 +171,7 @@ describe('redeemToken procedure', () => {
       let result = await boundFunc(params);
 
       expect(result).toEqual({
-        identityRoles: [{ type: RoleType.TokenOwnerOrPia, ticker }],
+        identityRoles: [{ type: RoleType.TokenPia, ticker }],
         signerPermissions: {
           transactions: [TxTags.asset.Redeem],
           tokens: [new SecurityToken({ ticker }, mockContext)],
@@ -190,7 +190,7 @@ describe('redeemToken procedure', () => {
       result = await boundFunc(params);
 
       expect(result).toEqual({
-        identityRoles: [{ type: RoleType.TokenOwnerOrPia, ticker }],
+        identityRoles: [{ type: RoleType.TokenPia, ticker }],
         signerPermissions: {
           transactions: [TxTags.asset.Redeem],
           tokens: [new SecurityToken({ ticker }, mockContext)],

src/api/procedures/issueTokens.ts

@@ -62,7 +62,7 @@ export function getAuthorization(
 ): ProcedureAuthorization {
   const { context } = this;
   return {
-    identityRoles: [{ type: RoleType.TokenOwner, ticker }],
+    identityRoles: [{ type: RoleType.TokenPia, ticker }],
     signerPermissions: {
       transactions: [TxTags.asset.Issue],
       tokens: [new SecurityToken({ ticker }, context)],

src/api/procedures/redeemToken.ts

@@ -73,7 +73,7 @@ export async function getAuthorization(
   const { owner, primaryIssuanceAgent } = await securityToken.details();
 
   return {
-    identityRoles: [{ type: RoleType.TokenOwnerOrPia, ticker }],
+    identityRoles: [{ type: RoleType.TokenPia, ticker }],
     signerPermissions: {
       transactions: [TxTags.asset.Redeem],
       tokens: [new SecurityToken({ ticker }, context)],

src/types/index.ts

@@ -77,7 +77,7 @@ export enum TransactionQueueStatus {
 export enum RoleType {
   TickerOwner = 'TickerOwner',
   TokenOwner = 'TokenOwner',
-  TokenOwnerOrPia = 'TokenOwnerOrPia',
+  TokenPia = 'TokenPia',
   CddProvider = 'CddProvider',
   VenueOwner = 'VenueOwner',
   PortfolioCustodian = 'PortfolioCustodian',
@@ -107,16 +107,16 @@ export function isTokenOwnerRole(role: Role): role is TokenOwnerRole {
   return role.type === RoleType.TokenOwner;
 }
 
-export interface TokenOwnerOrPiaRole {
-  type: RoleType.TokenOwnerOrPia;
+export interface TokenPiaRole {
+  type: RoleType.TokenPia;
   ticker: string;
 }
 
 /**
  * @hidden
  */
-export function isTokenOwnerOrPiaRole(role: Role): role is TokenOwnerOrPiaRole {
-  return role.type === RoleType.TokenOwnerOrPia;
+export function isTokenPiaRole(role: Role): role is TokenPiaRole {
+  return role.type === RoleType.TokenPia;
 }
 
 export interface CddProviderRole {
@@ -157,7 +157,7 @@ export function isPortfolioCustodianRole(role: Role): role is PortfolioCustodian
 export type Role =
   | TickerOwnerRole
   | TokenOwnerRole
-  | TokenOwnerOrPiaRole
+  | TokenPiaRole
   | CddProviderRole
   | VenueOwnerRole
   | PortfolioCustodianRole;