/
authz.go
99 lines (84 loc) · 2.94 KB
/
authz.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
package types
import (
sdk "github.com/cosmos/cosmos-sdk/types"
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
"github.com/cosmos/cosmos-sdk/x/authz"
)
var (
_ authz.Authorization = &MarkerTransferAuthorization{}
)
// NewMarkerTransferAuthorization creates a new MarkerTransferAuthorization object.
func NewMarkerTransferAuthorization(transferLimit sdk.Coins, allowed []sdk.AccAddress) *MarkerTransferAuthorization {
allowedAddrs := toBech32Addresses(allowed)
return &MarkerTransferAuthorization{
TransferLimit: transferLimit,
AllowList: allowedAddrs,
}
}
// MsgTypeURL implements Authorization.MsgTypeURL.
func (a MarkerTransferAuthorization) MsgTypeURL() string {
return sdk.MsgTypeURL(&MsgTransferRequest{})
}
// Accept implements Authorization.Accept.
func (a MarkerTransferAuthorization) Accept(_ sdk.Context, msg sdk.Msg) (authz.AcceptResponse, error) {
switch msg := msg.(type) {
case *MsgTransferRequest:
toAddress := msg.ToAddress
limitLeft, isNegative := a.DecreaseTransferLimit(msg.Amount)
if isNegative {
return authz.AcceptResponse{}, sdkerrors.ErrInsufficientFunds.Wrap("requested amount is more than spend limit")
}
shouldDelete := false
if limitLeft.IsZero() {
shouldDelete = true
}
isAddrExists := false
allowedList := a.GetAllowList()
for _, addr := range allowedList {
if addr == toAddress {
isAddrExists = true
break
}
}
if len(allowedList) > 0 && !isAddrExists {
return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrapf("cannot send to %s address", toAddress)
}
return authz.AcceptResponse{Accept: true, Delete: shouldDelete, Updated: &MarkerTransferAuthorization{TransferLimit: limitLeft}}, nil
default:
return authz.AcceptResponse{}, sdkerrors.ErrInvalidType.Wrap("type mismatch")
}
}
// ValidateBasic implements Authorization.ValidateBasic.
func (a MarkerTransferAuthorization) ValidateBasic() error {
if err := a.TransferLimit.Validate(); err != nil {
return sdkerrors.ErrInvalidCoins.Wrapf("invalid transfer limit: %v", err)
}
if a.TransferLimit.IsZero() {
return sdkerrors.ErrInvalidCoins.Wrap("invalid transfer limit: cannot be zero")
}
found := make(map[string]bool, 0)
for i, addr := range a.AllowList {
if _, err := sdk.AccAddressFromBech32(addr); err != nil {
return sdkerrors.ErrInvalidAddress.Wrapf("invalid allow list entry [%d] %q: %v", i, addr, err)
}
if found[addr] {
return ErrDuplicateEntry.Wrapf("invalid allow list entry [%d] %s", i, addr)
}
found[addr] = true
}
return nil
}
// DecreaseTransferLimit will return the decreased transfer limit and if it is negative
func (a MarkerTransferAuthorization) DecreaseTransferLimit(amount sdk.Coin) (sdk.Coins, bool) {
return a.TransferLimit.SafeSub(amount)
}
func toBech32Addresses(allowed []sdk.AccAddress) []string {
if len(allowed) == 0 {
return nil
}
allowedAddrs := make([]string, len(allowed))
for i, addr := range allowed {
allowedAddrs[i] = addr.String()
}
return allowedAddrs
}