Skip to content

Injective Refactor #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 1 commit into
base: audit_v2_fmt
Choose a base branch
from
Draft

Injective Refactor #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 0 additions & 11 deletions .editorconfig
View file
Open in desktop

This file was deleted.

3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,8 @@ Cargo.lock
# Text file backups
**/*.rs.bk

# Code Editors
.editorconfig

# macOS
.DS_Store
2 changes: 1 addition & 1 deletion Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "neptune-auth"
version = "0.1.0"
version = "0.1.1"
authors = [
"Eric Woolsey<[email protected]>",
"Francisco Inacio<[email protected]>",
Expand Down
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ pub enum Config {
Then you should impl GetPermissionGroup for the Config.
```rust
impl GetPermissionGroup for Config {
fn get_permission_group(&self, deps: Deps, _env: &Env) -> Result<PermissionGroup, NeptAuthError> {
fn get_permission_group(&self, deps: Deps<impl CustomQuery>, _env: &Env) -> Result<PermissionGroup, NeptAuthError> {
// How your config accesses storage is up to you
// Here we use a map from cw_storage_plus
Ok(vec![self.load(deps).unwrap()].into())
Expand Down Expand Up @@ -48,7 +48,7 @@ impl NeptuneAuth for ExecuteMsg {
And finally you place the authorization check inside the execute entry point (or wherever else you'd like to verify authorization).
```rust
#[cfg_attr(not(feature = "library"), entry_point)]
pub fn execute(deps: DepsMut, env: Env, info: MessageInfo, msg: ExecuteMsg) -> Result<Response, MyError> {
pub fn execute(deps: DepsMut<impl CustomQuery>, env: Env, info: MessageInfo, msg: ExecuteMsg) -> Result<Response, MyError> {
// This is the line that checks the permissions
// It will return an error if the caller does not have the required permissions
msg.neptune_authorize(deps.as_ref(), &env, &info.sender)?;
Expand Down
33 changes: 22 additions & 11 deletions src/authorization.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use std::fmt::Debug;

use cosmwasm_std::{Addr, Deps, Env};
use cosmwasm_std::{Addr, CustomQuery, Deps, Empty, Env};

use crate::error::{NeptAuthError, NeptAuthResult};

Expand All @@ -17,23 +17,31 @@ impl From<Vec<Addr>> for PermissionGroup {
}
}

pub type PermissionGroupList<'a> = Vec<&'a dyn GetPermissionGroup>;
pub type PermissionGroupList<'a, C> = Vec<&'a dyn GetPermissionGroup<C>>;

/// This trait should be derived for any type that requires authorization.
pub trait NeptuneAuth {
fn permissions(&self) -> NeptAuthResult<PermissionGroupList>;
fn permissions<C: CustomQuery>(&self) -> NeptAuthResult<PermissionGroupList<C>>;

/// This function is placed inside the contracts' execute function.
fn neptune_authorize(&self, deps: Deps, env: &Env, address: &Addr) -> NeptAuthResult<()> {
fn neptune_authorize(
&self,
deps: Deps<impl CustomQuery>,
env: &Env,
address: &Addr,
) -> NeptAuthResult<()> {
let permissions = self.permissions()?;
authorize_permissions(deps, env, address, &permissions)
}
}

/// This trait determines how a permission group is retrieved.
/// It will usually be derived for your config type.
pub trait GetPermissionGroup: Debug {
fn get_permission_group(&self, deps: Deps, env: &Env) -> NeptAuthResult<PermissionGroup>;
pub trait GetPermissionGroup<C = Empty>: Debug
where
C: CustomQuery,
{
fn get_permission_group(&self, deps: Deps<C>, env: &Env) -> NeptAuthResult<PermissionGroup>;
}

/// These base permission groups are starting points.
Expand All @@ -45,8 +53,11 @@ pub enum BasePermissionGroups {
}

/// This is an example of how to implement the GetPermissionGroup trait.
impl GetPermissionGroup for BasePermissionGroups {
fn get_permission_group(&self, _deps: Deps, env: &Env) -> NeptAuthResult<PermissionGroup> {
impl<C> GetPermissionGroup<C> for BasePermissionGroups
where
C: CustomQuery,
{
fn get_permission_group(&self, _deps: Deps<C>, env: &Env) -> NeptAuthResult<PermissionGroup> {
Ok(match self {
Self::Internal => PermissionGroup::Restricted(vec![env.contract.address.clone()]),
Self::Public => PermissionGroup::Public,
Expand All @@ -55,11 +66,11 @@ impl GetPermissionGroup for BasePermissionGroups {
}

/// Verifies that the given address is contained within the given permission group list.
pub fn authorize_permissions(
deps: Deps,
pub fn authorize_permissions<C: CustomQuery>(
deps: Deps<C>,
env: &Env,
addr: &Addr,
permissions: &PermissionGroupList,
permissions: &PermissionGroupList<C>,
) -> NeptAuthResult<()> {
let collected_permissions = permissions
.iter()
Expand Down